Hello,
PHP and Apache are not being able to track which users are sending out mail through the PHP mail function from the nobody user causing leaks in formmail scripts and malicious users to spam from your server without you knowing who or where.

Monitiring exim_mainlog doesn’t exactly help, you see th email going out but you can’t track from which user or script is sending it. This is a quick and dirty way to get around the nobody spam problem on your Linux server.

If you check out your PHP.ini file you’ll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail
Requirements:

We assume you’re using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we’re only tested it on a
Cpanel/WHM Red Hat Enterprise system.

Step 1:

Login to your server with root.

Step 2:
Turn off exim before proceeding
service exim stop

Step 3:
Take the Backup of  your original /usr/sbin/sendmail file

mv /usr/sbin/sendmail /usr/sbin/sendmail_bak

Step 4:

You need to  Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:

#!/usr/local/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, “>>/var/log/spam_log”) || die “Failed to open file ::$!”;
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO “$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n”;
}
else {

print INFO “$date - $PWD -  @infon”;

}
my $mailprog = ‘/usr/sbin/sendmail.hidden’;
foreach  (@ARGV) {
$arg=”$arg” . ” $_”;
}

open (MAIL,”|$mailprog $arg”) || die “cannot open $mailprog: $!n”;
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

save and close

Step 5:
Now change the new sendmail permissions
chmod a+x /usr/sbin/sendmail

Step 6:

Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7:
Start Exim up again.
/etc/init.d/exim start

Step 8:
You can Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log

Reference taken from : webhostgear.com

Hello,

For taking backup of you database you have to make sure that you database is good enough. with shell access you can take the database backup in .sql format with following command

#mysqldump user_databasename > database.sql

As you are having database backup and want to restore it then use following command

#mysql user_databasename < database.sql

Hello,

To get the apache version on linux server we have to use following command.

# /usr/local/apache/bin/httpd -v

To get the php version on linux server we have to use following command.

#php -v

you can get the php modules install on server with command #php -m
To get the mysql version on linux server we have to use following command.

#mysql -v

How to install and configure the CSF (configserver) firewall.

CSF can be used on a wide range of Linux systems, including those running cPanel. Following are the steps to install and configure the CSF.

Installation is quite straightforward:

rm -fv csf.tgz

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

To configure CSF modify the config files in /etc/csf/ - or if you are running WHM you can modify the CSF settings in WHM itself.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

See the readme.txt file for more information.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh

Note: Please don’t disable the Windows Firewall unless and until you have the other appropriate firewall software installed on your system

There are mainly three methods for disabling the Windows Firewall. The first method is for any user with administrative privileges on an individual machine not remotely or collectively managed in any way. The other two methods are for use windows Administrators on fully managed systems or windows servers.

1) Using the Control Panel

This method is for any user with administrative access to unmanaged systems

1. From the Start menu, select Control Panel, then select Windows Firewall.
2. Select Off, then click Ok.

2) Using Local Policy

This method is for administrators with administrative access to unmanaged systems or locally managed systems where the machine is not part of a Windows 2000 or higher domain.

Go to Start menu >> select Run, here enter gpedit.msc.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.

3) Using Group Policy

This method is for administrators with administrative access to managed machines that are part of a Windows 2000 or 2003 Active Directory domain.

Create a new Group Policy object, and give the object a descriptive name (for example, ITS-Turn off Windows Firewall).
Select the newly created group policy.
Right-click on the newly created policy and select Edit.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.
In the Security Filter section, click Add.
Search for the objects that this group policy will be applied to, then click OK.
Close the Group Policy editor.

Virtuozzo is a proprietary operating system for virtualization developed by SWsoft, Inc. Ideally the virtuozoo technology is opt towards routine performance which make Virtual Private Servers isolated from each other. Virtuozzo creates multiple isolated Virtual Private Servers on a single physical server to share hardware, which maximize efficiency, in addition the low-overhead and fast-performance makes it exceptional from any other VPS operating system. It creates a better return of investment as everything you need using virtuozzo is automated by their portal system, that significantly cut down on your overall expenses.

Virtuozzo technology is time tested and security built up, it all have friendly residents and are protected from hackers. It’s user friendly and the network is superb. You can monitor from remote locations to check the status of your servers whenever it is required without downtime. Each VE can flawlessly scale up to the resources of an entire physical server. It is nothing but excellent tools to work with on VPS environment.

How to hide the PHP version to remote requests :

In order to prevent PHP from exposing the fact that it is installed on the server, by adding to the web server header we need to locate in php.ini the variable expose_php and turn it off.

By default expose_php is set to ‘On’

In your php.ini locate the line containing “expose_php On” and set it to Off ;

expose_php = Off

After making this change PHP will no longer add it’s signature to the web server header. Doing this, will not make your server more secure but,it will just prevent remote hosts to easily see that you have PHP installed on the system and what version you are running.

unable to load iptables module (ip_tables), aborting

If you are getting the above mentioned error while installing apf on your server then your kernel is compiled with iptables statically instead of as a module, and you will need to change this in the conf.apf

MONOKERN=”0″ Set it to “1″

So open your conf.apf file in writable mode and modify it then restart the apf service and you wont see that error.

Web Hosting UK offers cheap cpanel vps hosting:

Hello,

As per the customer needs and demands and the growing vps market Webhosting UK has also decided to step in VPS hosting Market. We have recently uploaded three vps plans on our website. Webhosting UK has decided to engage with Linux VPS only and not Windows VPS. Like cPanel hosting, reseller hosting, semi-dedicated hosting and dedicated hosting we are ready to provide VPS hosting with same level of quality and uninterrupted support and service.

To check out our vps hosting plans click here.