Hello,

For taking backup of you database you have to make sure that you database is good enough. with shell access you can take the database backup in .sql format with following command

#mysqldump user_databasename > database.sql

As you are having database backup and want to restore it then use following command

#mysql user_databasename < database.sql

Hello,

To get the apache version on linux server we have to use following command.

# /usr/local/apache/bin/httpd -v

To get the php version on linux server we have to use following command.

#php -v

you can get the php modules install on server with command #php -m
To get the mysql version on linux server we have to use following command.

#mysql -v

How to install and configure the CSF (configserver) firewall.

CSF can be used on a wide range of Linux systems, including those running cPanel. Following are the steps to install and configure the CSF.

Installation is quite straightforward:

rm -fv csf.tgz

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

To configure CSF modify the config files in /etc/csf/ - or if you are running WHM you can modify the CSF settings in WHM itself.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

See the readme.txt file for more information.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

For installing the SSL certificate you need to have a dedicated IP Address, and make sure that your domain is registred domain name and resolving perfectly

Step 1: You need to generate CSR (certificate signing request ) from your webhost nameger. which required following information.

———————————–
- Host to make cert for:
- Country(2 letter Abbreviation):
- State:
- City:
- Company Name:
- Company Division:
- Email:
- Password:
———————————–
Also please create webmaster@yourdomain.com (replace yourdomain.com with the domain that you want the SSL certificate to be setup for) and provide us with its password so we can complete the installation process.

After CSR generation you will get the CSR and RSA key

step 2: With the help of RSA key you need to purchase SSL certificate from any of SSL provider such as COMODO ,instant SSL

step 3: Once you got the SSL cerificate then you need to provide that certificate to hosting provider so the hosting provider will install SSL cerificate from WHM >> SSL/TLS >> Install a SSL Certificate and Setup the Domain option.

Note: Please don’t disable the Windows Firewall unless and until you have the other appropriate firewall software installed on your system

There are mainly three methods for disabling the Windows Firewall. The first method is for any user with administrative privileges on an individual machine not remotely or collectively managed in any way. The other two methods are for use windows Administrators on fully managed systems or windows servers.

1) Using the Control Panel

This method is for any user with administrative access to unmanaged systems

1. From the Start menu, select Control Panel, then select Windows Firewall.
2. Select Off, then click Ok.

2) Using Local Policy

This method is for administrators with administrative access to unmanaged systems or locally managed systems where the machine is not part of a Windows 2000 or higher domain.

Go to Start menu >> select Run, here enter gpedit.msc.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.

3) Using Group Policy

This method is for administrators with administrative access to managed machines that are part of a Windows 2000 or 2003 Active Directory domain.

Create a new Group Policy object, and give the object a descriptive name (for example, ITS-Turn off Windows Firewall).
Select the newly created group policy.
Right-click on the newly created policy and select Edit.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.
In the Security Filter section, click Add.
Search for the objects that this group policy will be applied to, then click OK.
Close the Group Policy editor.

Hello,

The process of booting a Linux system consists of a number of stages as follows

1) BIOS

2) Master Boot Record (MBR)

3) LILO or GRUB

4) Kernel

5) init

6) Run Levels

The process of booting a Linux system consists of a number of stages

1)BIOS: Basic Input/Output System is the lowest level interface between the computer and peripherals which load boot sector from one of following devices

Floppy
CDROM
Hard drive

The boot order can be changed from within the BIOS. BIOS setup can be entered by pressing a del ,F1 , F2, or F10 key during bootup.

2)MBR:
The first sector of the hard disk is reserved master boot record (MBR).

When we the Operating booting from a hard disk, the PC system BIOS loads and executes the boot loader code in the MBR. Here MBR needs to know which partitions on the disk have boot loader code specific to their operating systems in their boot sectors and then attempts to boot one of them.

Fedora Linux is supplied with the GRUB boot loader which is fairly sophisticated and therefore cannot entirely fit in the 512 bytes of the MBR.
The GRUB MBR boot loader merely searches for a special boot partition and loads a second stage boot loader.

This then reads the data in the /boot/grub/grub.conf configuration file, which lists all the available operating systems and their booting parameters. When this is complete, the second stage boot loader then displays the familiar Fedora branded splash screen that lists all the configured operating system kernels for your choice.

3)Boot loader (GRUB or LILO)

Lilo and Grub are installed or at the MBR (Master Boot Record), or at the first sector of the active partition.

Boot loader will ask for the OS label which will identify which kernel to run and where it is located (hard drive and partition specified). The installation process requires to creation/identification of partitions and where to install the OS. GRUB/LILO are also configured during this process. The boot loader then loads the Linux operating system.

LILO: (Linux Loader)
In case of a multi-boot config, LiLo permits the user two choose an operating system from the menu. The LiLo settings are stored at /etc/lilo.conf
-LILO does not understand filesystems
- code and kernel image to be loaded is stored as raw disk offsets
-uses the BIOS routines to load

Grub (GNU Grub Unified Boot Loader)
- Understands file systems
- config lives in /boot/grub/menu.lst or /boot/boot/menu.lst

4)Kernel
-The kernel verifies hardware configuration and initialise devices.
(optionally loads initrd, )
-The kernel tries to mount the file system and the system filesmounts root filesystem specified by lilo or loadin with root= parameter

The file system type is automatically detected. The most used file systems on Linux are ext2 and ext3. If the mount fails, a so-called kernel panic will occur, and the system will “freeze”.
System files are usually mounted in read-only mode, to permit a verification of them during the mount. This verification isn’t indicated if the files were mounted in read-write mode.

-kernel prints: VFS: Mounted root (ext2 filesystem) readonly.
* runs /sbin/init which is process number 1 (PID=1)
- init prints: INIT: version 2.76 booting
- can be changed with boot= parameter to lilo, eg boot=/bin/sh can be useful to rescue a system which is having trouble booting.

After these steps, the kernel will start init, which will become process number 1, and will start the rest of the system.

5) init process
The init process is the last step in the boot procedure and parent of all the other processes. This process is the first running process on any Linux/UNIX system, and is started directly by the kernel. It is what loads the rest of the system, and always has a PID of 1.

Init is responsible for starting system processes as defined in the /etc/inittab file.

The init process is never shut down. It is a user process and not a kernel system process although it does run as root.

Run Levels

0 halt
1 single user
2 Not used (user-definable)

3 Full multi-user mode (no GUI interface)

4 Not used (user-definable)
5 X11 Full multiuser mode (with GUI interface)
6 Reboot

Based on the selected runlevel, the init process then executes startup scripts located in subdirectories of the /etc/rc.d directory. Scripts used for runlevels 0 to 6 are located in subdirectories /etc/rc.d/rc0.d through /etc/rc.d/rc6.d, respectively.

Default is defined in /etc/inittab, eg:
o id:3:initdefault:
The current runlevel can be changed by running /sbin/telinit # where # is the new runlevel, eg typing telinit 6 will reboot.

CGI Scripts :
An acronym for Common Gateway Interface, CGI is an interface that enables you to run external programs on your server for performing specific functions.
CGI is executed in real-time, it output dynamic information instantly so CGI can be considered as a way of interfacing your custom programs with HTTP or WWW servers, so that a server can offer interactive sites instead of just static text and images. CGI programs can be written in Perl, Java, Visual Basic and C.

How it works :
The Common Gateway Interface (CGI) allows information to pass between a Web site’s server and a program usually written in Perl or Java that lives in the “CGI bin” on that server. You send information from your browser to the server; the server passes the information through the CGI gateway to the Perl/Java program; the Perl/Java program does its thing to the information (perhaps conducting a query of a database and creating an HTML page that lists the results), then sends the information back through the CGI gateway to the server, and the server returns the information to your browser.

Uploading CGI scripts :
All CGI programs must be uploaded to your cgi-bin directory. You should be sure to use ASCII mode when uploading Perl scripts.

Calling CGI scripts :
In your HTML documents, reference your CGI script using following path: http://www[DOT]yourdomain[DOT]com/cgi-bin/script.

Precautions to be taken while developing customized CGI scripts :
You should take atmost care while using CGI scripts as they area more vulnerable to attacks, a buggy CGI script can leak sufficient system information to compromise the host.
Quite a number of widely distributed CGI scripts contain known security holes. Many of the ones that are identified here have since been caught and fixed, but if you are running an older version of the script you may still be vulnerable. Get rid of it and obtain the latest version. If there is no fix for a script, just get rid of it.

While you are developing custom CGI scripts avoid
*) Giving out too much information about your site and server host. ( eg : For example, the “finger” command often prints out the physical path to the fingered user’s home directory and scripts that invoke finger leak this information )
*) If you’re coding using some compiled language like C, avoid making assumptions about the size of user input.
(While coding if you made the assumption that user input provided by a POST request will never exceed the size of the static input buffer then a wily hacker can break this type of program by providing input many times that size. The buffer overflows and crashes the program; in some circumstances the crash can be exploited by the hacker to execute commands remotely.

Every other day we see some new bot crawling our site, but most of the time they are useless for us. Some of them are just sent out for some special purpose of either spamming or some type of content theft so you have to be careful and should be able to identify such unnecessary guest who have a bad purpose.

What are are Bad Robots ?
Bots who ignore robots.txt file.
Follow links through cgi scripts
Traverse the whole web site in seconds, which affect website speed.
Revisit the web site too often, even when there is no update in site.

How to prevent them for crawling your site?
You can ban all identified bad robots from getting into your site by inserting few lines at .htaccess
You can ban such bad bots by two ways
*) by banning all accesses from a particular site
*) Banning all accesses that use a specific id to access the server.

Usually having a search engine bot on your site is good for your site as they crawl and index your website faster but you should take care that you don’t allow bad bots crawling your site.

Sometimes you face the problem of bandwidth leakage, even you don’t see much traffic for your site your controlpanel shows heavy bandwidth usage. So you must check what is going wrong with your bandwidth.
There can be many reasons for this but first of all you should check for your images/video and take care for not being compromised or hotlinked. Some blackhat webmaster tries to save their bandwidth by hotlinking files at other sites.

What is Hotlink :
When you link to an image/video on someone else’s server instead of saving that image to your computer and uploading it to your blog/site. When you do this you are stealing bandwidth of the other linking site.
When your visitor loads the page with those images, they are actually loading image/video from the other site eating up the bandwidth of that site.

Some webmaster do such unethical practices as to save their bandwidth, as they have limited amount of bandwidth allowed each month and if it get exceeded then their host may suspend their account so they play such tricks. As a webmaster we should be aware of such illegal practices and should protect us.

How to Detect The Bandwidth Thieves :
Most effective way to check who are the culprits is through checking your web server logs for referrals to the images on your website. Trace the referrers in the logs to the actual referring website and check the offending web page. If you find your graphics displayed on their page, check the HTML source for that page and find out where the graphic files are hosted. If the IMG tag points to your website, it means they are using your bandwidth for their website.

How to protect yourself :
Using .htaccess, you can disallow hot linking on your server, so those attempting to link to your images are either blocked (failed request, such as a broken image) or served with different content may be with some funny image.
Note that mod_rewrite needs to be enabled on your server in order for this aspect of .htaccess to work. If you are using Wordpress, there is a hotlink protection plugin that you can install which fights bandwidth theft.

For few reasons it becomes necessary to change IP address on your linux Server. You need to change your IP address if you are changing your Host, getting dedicated IP or anything alike.

Following instruction will help you to change IP address.

Login to your server (preferably via console or SSH) and switch to the root user
Open network configuration file and update it accordingly.
#root: vi /etc/sysconfig/network-scripts/ifcfg-eth0
Press “i” ( for insert ) and change the file once updated press ESC and save setting with (:w) also you have to change the host name and the default gateway of the machine.
For this you have to edit one more file
#root: vi /etc/sysconfig/network modify the configuration by using the “i” ( insert ) to change your new hostname and gateway information. After completion hit “ ESC ” and save setting using (:w )

Reboot machine using : #root : reboot or restart network by #root: service network restart.

You can now see the new IP address and host name that you had assigned.