Archives

All posts for the month February, 2010

FTP Jailing or Chroot users – Limit users to only their home directory Using VSFTP

Published February 27, 2010 by Siva

Open vsftpd configuration file – /etc/vsftpd/vsftpd.conf

# vi /etc/vsftpd/vsftpd.conf

Made the Following changing in the File

chroot_list_enable=YES

chroot_list_file=/etc/vsftpd/vsftpd.chroot_list

chroot_local_user=YES

Save and close the file. Restart vsftpd.

# /etc/init.d/vsftpd restart

Now all users of VSFTPD/FTP will be limited to accessing only files in their own home directory.

They will not able to see /, /etc, /root and /tmp and all other directories.

This is an essential security feature.

How to install DNS server on CentOS 5.

Published February 18, 2010 by Siva

In the first time, you must download core software of this service, that are

  1. bind
  2. caching-nameserver
  3. bind-chroot

You can download this software by this command,

# yum -y install bind caching-nameserver bind-chroot

After you downloaded , you can setup follow this instruction :

1. Check your hostname by this command :

# uname -n
dns.aoddy.com

2. Edit /etc/named.conf

options {
directory “/var/named”;
forwarders {WWW.XXX.YYY.ZZZ;}; // IP of ISP
// query-source address * port 53;
allow-query { localhost; 192.168.0.0/24;};
// query range
allow-transfer { localhost; 192.168.0.0/24;};
// transfer range
allow-recursion { localhost; 192.168.0.0/24;};
// recursion range
};
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
// here is the section for internal informationsview “internal” {
match-clients {
localhost;
192.168.0.0/24;
};
zone “.” IN {
type hint;
file “named.ca”;
};
zone “mysite.com” IN {
// for common resolving
type master;
file “mysite.com.fwd”;
allow-update { none; };
};
zone “0.168.192.in-addr.arpa” IN {
// for reverse resolving *note
type master;
file “mysite.com.rev”;
allow-update { none; };
};
zone “localdomain” IN {
type master;
file “localdomain.zone”;
allow-update { none; };
};

zone “localhost” IN {
type master;
file “localhost.zone”;
allow-update { none; };
};

zone “0.0.127.in-addr.arpa” IN {
type master;
file “named.local”;
allow-update { none; };
};

zone “255.in-addr.arpa” IN {
type master;
file “named.broadcast”;
allow-update { none; };
};

zone “0.in-addr.arpa” IN {
type master;
file “named.zero”;
allow-update { none; };
};

};

// here is the section for external informations
view “external” {
match-clients {
any;
};

zone “.” IN {
type hint;
file “named.ca”;
};

zone “server-linux.info” IN {
// for common resolvin
type master;
file “server-linux.info.wan”;
allow-update { none; };

};

zone “80.0.16.172.in-addr.arpa” IN {
// for reverse resolving *note
type master;
file “80.0.16.172.db”;
allow-update { none; };
};
};
include “/etc/rndc.key”;

2. Create /var/named/mysite.com.fwd


$TTL 86400
@ IN SOA dns.mysite.com. root.aoddy.com.(
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.mysite.com.
IN MX 10 dns.mysite.com.
IN MX 20 web.mysite.com.
IN A 192.168.0.2
dns IN A 192.168.0.2
web IN A 192.168.0.3

3. Create file /var/named/aoddy.com.rev


$TTL 86400
@ IN SOA dns.aoddy.com. root.mysite.com.(
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.aoddy.com.
IN MX 10 dns.mysite.com.
IN MX 20 web.mysite.com

IN PTR dns.mysite.com.
2 IN PTR dns.mysite.com.
3 IN PTR web.mysite.com.

4. Start service

# service named restart

5. Test this server can resolve domain&ip

[root@dns named]# nslookup
> dns.mysite.com
Server: 192.168.0.2
Address: 192.168.0.2#53
Name: dns.mysite.com
Address: 192.168.0.2
> 192.168.0.2
Server: 192.168.0.2
Address: 192.168.0.2#53

2.0.168.192.in-addr.arpa name = dns.mysite.com.
>

6. If your service can’t resolve , you can check on your file config by this command :

# named-checkconf

How to Back Up and Restore a MySQL Database

Published February 8, 2010 by Siva

If you’re storing anything in MySQL databases that you do not want to lose, it is very important to make regular backups of your data to protect it from loss. This tutorial will show you two easy ways to backup and restore the data in your MySQL database. You can also use this process to move your data to a new web server.

Back up From the Command Line (using mysqldump)

If you have shell or telnet access to your web server, you can backup your MySQL data by using the mysqldump command. This command connects to the MySQL server and creates an SQL dump file. The dump file contains the SQL statements necessary to re-create the database. Here is the proper syntax:

$ mysqldump –opt -u [uname] -p[pass] [dbname] > [backupfile.sql]
  • [uname] Your database username
  • [pass] The password for your database (note there is no space between -p and the password)
  • [dbname] The name of your database
  • [backupfile.sql] The filename for your database backup
  • [–opt] The mysqldump option

For example, to backup a database named ‘Tutorials’ with the username ‘root’ and with no password to a file tut_backup.sql, you should accomplish this command:

$ mysqldump -u root -p Tutorials > tut_backup.sql

This command will backup the ‘Tutorials’ database into a file called tut_backup.sql which will contain all the SQL statements needed to re-create the database.

With mysqldump command you can specify certain tables of your database you want to backup. For example, to back up only php_tutorials and asp_tutorials tables from the ‘Tutorials’ database accomplish the command below. Each table name has to be separated by space.

$ mysqldump -u root -p Tutorials php_tutorials asp_tutorials > tut_backup.sql

Sometimes it is necessary to back up more that one database at once. In this case you can use the –database option followed by the list of databases you would like to backup. Each database name has to be separated by space.

$ mysqldump -u root -p –databases Tutorials Articles Comments > content_backup.sql

If you want to back up all the databases in the server at one time you should use the –all-databases option. It tells MySQL to dump all the databases it has in storage.

$ mysqldump -u root -p –all-databases > alldb_backup.sql

The mysqldump command has also some other useful options:

–add-drop-table: Tells MySQL to add a DROP TABLE statement before each CREATE TABLE in the dump.

–no-data: Dumps only the database structure, not the contents.

–add-locks: Adds the LOCK TABLES and UNLOCK TABLES statements you can see in the dump file.

The mysqldump command has advantages and disadvantages. The advantages of using mysqldump are that it is simple to use and it takes care of table locking issues for you. The disadvantage is that the command locks tables. If the size of your tables is very big mysqldump can lock out users for a long period of time.

Back up your MySQL Database with Compress

If your mysql database is very big, you might want to compress the output of mysqldump. Just use the mysql backup command below and pipe the output to gzip, then you will get the output as gzip file.

$ mysqldump -u [uname] -p[pass] [dbname] | gzip -9 > [backupfile.sql.gz]

If you want to extract the .gz file, use the command below:

$ gunzip [backupfile.sql.gz]

Restoring your MySQL Database

Above we backup the Tutorials database into tut_backup.sql file. To re-create the Tutorials database you should follow two steps:

  • Create an appropriately named database on the target machine
  • Load the file using the mysql command:
$ mysql -u [uname] -p[pass] [db_to_restore] < [backupfile.sql]

Have a look how you can restore your tut_backup.sql file to the Tutorials database.

$ mysql -u root -p Tutorials < tut_backup.sql

To restore compressed backup files you can do the following:

gunzip < [backupfile.sql.gz] | mysql -u [uname] -p[pass] [dbname]

If you need to restore a database that already exists, you’ll need to use mysqlimport command. The syntax for mysqlimport is as follows:

mysqlimport -u [uname] -p[pass] [dbname] [backupfile.sql]

Backing Up and Restoring using PHPMyAdmin

It is assumed that you have phpMyAdmin installed since a lot of web service providers use it. To backup your MySQL database using PHPMyAdmin just follow a couple of steps:

  • Open phpMyAdmin.
  • Select your database by clicking the database name in the list on the left of the screen.
  • Click the Export link. This should bring up a new screen that says View dump of database (or something similar).
  • In the Export area, click the Select All link to choose all of the tables in your database.
  • In the SQL options area, click the right options.
  • Click on the Save as file option and the corresponding compression option and then click the ‘Go’ button. A dialog box should appear prompting you to save the file locally.

Restoring your database is easy as well as backing it up. Make the following:

  • Open phpMyAdmin.
  • Create an appropriately named database and select it by clicking the database name in the list on the left of the screen. If you would like to rewrite the backup over an existing database then click on the database name, select all the check boxes next to the table names and select Drop to delete all existing tables in the database.
  • Click the SQL link. This should bring up a new screen where you can either type in SQL commands, or upload your SQL file.
  • Use the browse button to find the database file.
  • Click Go button. This will upload the backup, execute the SQL commands and re-create your database.

Courtesy : http://www.webcheatsheet.com/SQL/mysql_backup_restore.php

Backup/Restore IIS Metabase.

Published February 1, 2010 by Siva

What is IIS Metabase

The metabase is a structure for storing Internet Information Server (IIS) configuration settings. The metabase is a plaintext XML file. The IIS Metabase is optimized for IIS and provides a hierarchal storage and fast retrieval of IIS configuration properties for Web sites, Virtual directories, FTP Sites, SMTP and NNTP sites.


Steps to Backup/Restore:

1. Click Start >> run and type ‘inetmgr’. This will open the Internet Services Manager.

2. Right click on the computer name in the left panel and select the ‘Backup/Restore Configuration’ in the Drop Down menu.

3. In the newly opened dialog box ‘Configuration Backup/Restore’, click on the button ‘Create Backup’. It will open the dialog box for specifying the name of the backup. After specifying the name, click ‘Ok’. The backup will be stored in the directory ‘C:\Windows\System32\InetSrv\Metaback’.

The backup can be restored by selecting the desired backup in the ‘Configuration Backup/Restore’  dialog box  and clicking the  ‘Restore’ button.

MMC error in IIS

Published February 1, 2010 by Siva

If you get the following error while opening IIS,

MMC could not create the Snap-In

Then execute the steps given below to fix this issue.

1. Register the .dll files “mmcndmgr.dll” and “inetmgr.dll”

Commands:

i)  Start | Run | cd  %SystemRoot%\system32

Here, ‘SystemRoot’ refers ‘C:\Windows’.

ii) regsvr32 mmcndmgr.dll

iii) regsvr32 inetmgr.dll

Tips:   ‘regsrv32’ is a command line tool to register the .dll in the registry.

2. Uninstall and Re-install IIS
To uninstall, Start | Control Panel | Add/Remove Windows Components | Check ‘Application Server’, click ‘Details’ | Uncheck  ‘Internet Information Services’  | Click ‘OK’

To install, Start | Control Panel | Add/Remove Windows Components | Check ‘Application Server’, click ‘Details’ | check ‘Internet Information Services’ | Click ‘OK’

Now you can access IIS without any error.

Configure Apache to listen multiple ports

Published February 1, 2010 by Siva

The listen directive in the Apache configuration file can be used to make Apache to listen in a particular port or IP address or port combination.

Listen 80
Listen 8000

In this format the Apache server listens on the given ports on all interfaces (IP addresses) which are up in the server. If you mention the above two directives in the Apache configuration file then the Apache server will listen on both the ports 80 and 8000. Multiple Listen directives may be used to specify a number of addresses and ports to listen to.

Listen IP:80

You need to replace the IP address in this example with the IP address you want the Apache service to listen. In this format an IP address is given as well as a port. In this case the server will listen on the given port and interface( IP address ). If you want the Apache service to listen on two IP addresses in the server you can use multiple listen directive in the configuration file.

Listen IP1:80
Listen IP2:80

Please remember to restart the Apache service in the server once the changes are made to the configuration file.

Install php5 and php4 in cPanel server

Published February 1, 2010 by Siva

Install Apache(apache2.2.2)

1. Download apache2.2.2(httpd-2.2.2.tar.gz) store in /usr/local/src
2. Type the following to un-tar the file into a directory called apache_[version]: tar -xvf apache_[version].tar
3.  cd into /usr/local/apache_[version] (or wherever you un-tared it)
4. Type the following to prepare for building, replacing [path] with your own path, such as /usr/local/usr/local/apache_new
5. ./configure –prefix=[path] –enable-module=so
6. make
7. make install
8. Check if you have mod_so enabled:
* cd to the Apache bin directory (/usr/local/apache_new/bin/ or wherever you installed Apache originally)
* Type ./httpd -l
9. Open httpd.conf(/usr/local/apache_new/conf/) and find a line starting with ServerAdmin.
ServerAdmin admin@example.com
10. Find a line starting with ServerName:
ServerName server1.example.com:80
11. Save the file.
12. cd up a directory (type cd ..)
13. Start Apache using the following command:
# ./bin/apachectl start
14. Call the IP(192.168.1.5) or domain name(server1.example.com)from browser You will get a page “IT WORKS”

Install Mysql 4.1

Add a login user and group for mysqld to run:
# groupadd mysql
# useradd -g mysql mysql
# tar zxvf mysqlversion.tar.gz
# cd mysqlversion
# ./configure–prefix=/usr/local/mysql
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
# cd /usr/local/mysql

If you haven’t installed  mysql before, you must create the mysql grant tables:
#bin/mysql_install_db –user=mysql
(If you run the command as root, you should use the –user option. The value of the option should be the name of the login account that you have created in the first step to use for runnning the server)

#cd /usr/local/mysql
#chown -R root .
#chown -R mysql var
#chgrp -R mysql .

Install PHP(PHP4.4.2)

Unpack a source archive
# tar -zxvf php-4.3.3.tar.gz

Configure PHP as Apache module with MySQL support
#./configure –with-apxs2=/usr/local/apache/bin/apxs –with-mysql=/usr/local/mysql

Compile the sources
# make

Install the compiled Apache module
# make install

Copy php.ini-dist to /usr/local/lib/php.ini
# cp ./php.ini-dist /usr/local/lib/php.ini

Integrate PHP with Apache

Open httpd.conf(/usr/local/apache_new/conf) open in your text editor

AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps

Save the file, go up a directory (cd ..), and stop and restart Apache by typing:

./bin/apachectl stop Followed by ./bin/apachectl start

Find the document root from httpd.conf(/usr/local/apache_new/conf) file
DocumentRoot “/usr/local/apache_new/htdocs”

Configuring Websites

Edit /usr/local/apache2/conf/httpd.conf and make sure it has the
correct document root settings :: /var/www/
(change the defautlt documetroot in config file (#DocumentRoot “/usr/local/apachenew/htdocs”) to /var/www/ and also change the the ‘directory’ directive(#<Directory “/usr/local/apachenew/htdocs”) to /var/www/(search for the DocumentRoot and change))

Un-comment the following options …
-> Include conf/extra/httpd-vhosts.conf
-> Include conf/extra/httpd-default.conf

Then edit the v-hosts file(conf/extra/httpd-vhosts.conf) and setup a couple of dummy sites just to make sure everything is working as it should(Comment out all the default VirtualHost entries inside this file)

NameVirtualHost ServerIP:80

<VirtualHost ServerIP:80>
DocumentRoot /var/www/test1/
ServerName test1.com
</VirtualHost>

<VirtualHost ServerIP:80>
DocumentRoot /var/www/test2/
ServerName test2.com
</VirtualHost>

Create the two directories in /var/www/ and place a index.html file in  each, with some domain specific text in, so we can differentiate between the two when testing.

Launch Apache
# /usr/local/apache2/bin/apachectl start

Check the two sites