Close cpanel mysql strict mode method of presentation
First with putty connection linux terminal
we /etc/my.cnf
See the last line:
sql-mode= NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
After saving service mysqld restart
Imitation brand space,American imitation brand space,Dutch anti complaint space,Imitation brand,Anti-complaint,Web Hosting,space,VPS,server
First with putty connection linux terminal
we /etc/my.cnf
See the last line:
sql-mode= NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
After saving service mysqld restart
Linux mount the ftp server,You need to use a package called the fuse-curlftpfs。Under normal circumstances can not get this package through yum way,Therefore, you need to install DAG repository
Centos5 64位 wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm
Centos5 32位 wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el5.rf.i386.rpm
Centos6 64位 wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
Centos6 32位 wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm
Then install the downloaded rpm package
rpm -ivh rpmforge-release-0.5.3-1.el5.rf.x86_64.rpm
Then you can install the fuse-curlftpfs the way through yum
yum install fuse-curlftpfs -y
Execute this command on Centos6,Requires might encounter: libcurl.so.3 error,Solution:Edit /etc/yum.repos.d/rpmforge.repo file,The [rpmforge-extras] Open item,It can then execute yum clean all。
Then you can mount the ftp
Written 1:curlftpfs ftp://username:Password @ftp address mount point -o codepage = utf8
Writing 2:curlftpfs ftp://ftp address mountpoint -o user =”username:password”
note:If you prompted to "fuse: failed to open /dev/fuse: Operation not permitted”,That you are using the Linux VPS OpenVZ technology,OpenVZ technology because of defective (all common hen chicks kernel) unusable curlftpfs command,Please use vmware or Xen technology。
Boot automatically mount
echo “curlftpfs # Username:Password @ftp address mount point fuse rw,allow_other,uid=0,gid=0 0 0” >> /etc/fstab
one、The easiest way: wget
All files following command to download a specified directory on the ftp server
[html] view plain copy print?
wget ftp://IP:PORT/* –ftp-user=xxx –ftp-password=xxx -r
-r parameter represents a recursive downloads;
can use–directory-prefix = / mypath / designated storage path download;-nH option can not create the directory structure on the local server
Another option is confusing–delete-after,It is not to remove the downloaded file on the server,But to remove the machine;
The reason is wget wget instead wput,It can only download operation,On the ftp server does not support any write operation,For example, delete。
two、The method can delete files:lftp
Project requirements are specified file all the files on the ftp server download gripping inside,After downloading and delete,wget not meet the requirements,Then rewrite the script below。
mget command to download multiple files,-Delete files on the server after downloading E parameter indicates。
[python] view plain copy print?
#!/bin/bash
#ip designated ftp server
serverip=1.2.3.4
#ftp ftp server specified by the user
serveruser=root
#ftp user password specified ftp server
serverpass=123456
#Specifies the client to download a host of local file directory
localdir=./data
logfile=../log/ftp_download.log
#Specify the server host ftp directory
remotedir=./
#Host Name Specify the host server
host=test_host
#Switch to local download file directory
cd $localdir
#Enter the information to start the backup
echo “Starting FTP Download on ” $host
#Ftp server connection
/usr/bin/lftp << EOF
open $serverip
user $serveruser $serverpass
#切换到server主机的ftp目录
echo "cd " $remotedir
cd $remotedir
#列出ftp服务器ftp目录中文件列表并存放到client中的$localdir中
ls . >> $logfile
#Ftp download ftp server directory of all files
mget -E *.txt
#Exit ftp server
bye
three、Other methods
System ftp command,And strong curl。
curl支持FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP,Easy call in your program。Supports cookie、proxy、Password and certificate validation。Very powerful。
On this post we are going to show how to quickly patch a common PCI Vulnerability Alert that says something like this:
“The remote service appears to encrypt traffic using SSL protocol version 2?.
In Apache common ports 80 and 443, you need to modify the SSLCipherSuite directive in the httpd.conf or ssl.conf file.
An example would be editing the following lines to something like:
In whm path
WHM > Apache Configuration > Global Configuration area
1.
SSLProtocol -ALL +SSLv3 +TLSv1
2.
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
After you have done this, if you see you are still getting PCI Compliance vulnerability emails regarding to this issue its probably that cPanel is still allowing SSLv2 on their ports.
To quickly disable SSL version 2 on cPanel ports: 2082, 2083, 2086, 2087, 2095, 2096. You will need to do the following:
edit /var/cpanel/cpanel.config and change nativessl=1 to nativessl=0
This will make cPanel to use sTunnel.
edit /usr/local/cpanel/etc/stunnel/default/stunnel.conf
and add:
1.
options = NO_SSLv2
just below the “Authentication stuff” tab.
After you have done all this you will need to restart cPanel:
1.
/etc/init.d/cpanel restart
Done!
How to quickly check this?
SSH to your server and type the following commands
1.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
2.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2083
3.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2087
4.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2086
If everything is fine you should receive something like this,
1.
root@cPanel [~]# openssl s_client -ssl2 -connect localhost:2096
2.
CONNECTED(00000003)
3.
write:errno=104
If you see such an error message after logging into cPanel, it says something is broken with the cPanel system. First step you should do is to take a look into the cPanel error log. An eaiest way to do this is, run the following command in command line and reload the WHM/cPanel inteface; that will show you the latest errors while loading the panel.
tail -f /usr/local/cpanel/logs/error_log
Once the error is identified, you may take corrective actions and fix errors. Many errors can be fixed by running a cPanel update, but sometime it needs additional troubleshooting steps.
For example, a sample error we were facing with one of the servers is following.
/usr/local/cpanel/whostmgr/bin/whostmgr: error while loading shared libraries: /usr/local/cpanel/3rdparty/perl/514/lib64/perl5/cpanel_lib/x86_64-linux-64int/auto/Cpanel/Optimizer/Optimizer.so: cannot open shared object file: No such file or directory
Duplicate logaccess: at /usr/local/cpanel/Cpanel/Server.pm line 421.
Cpanel::Server::logaccess(Cpanel::Server=HASH(0x380aed0)) called at /usr/local/cpanel/Cpanel/Server.pm line 365
Cpanel::Server::body_internal_error(Cpanel::Server=HASH(0x380aed0), 500, “No response from subprocess (whostmgr (whostmgr)): The subpro”…) called at /usr/local/cpanel/Cpanel/Server.pm line 313
The error states, there is a missing library for whostmgr binary. We fixed the above error by running the following commands
/scripts/autorepair fix_duplicate_cpanel_rpms
/usr/local/cpanel/scripts/check_cpanel_rpms –fix
vi /etc/sysconfig/iptables
The following is added in the firewall rule
Hard drive is relatively easy to broken equipment,It may appear bad sectors and other physical failure after a period of time。When the hard disk bad sectors,If not promptly replaced or conduct technical process,Disk bad sectors will be more and more,And would cause frequent crashes and data loss。The best approach is to replace the new disk。In the case of temporary,We should be part of the bad sectors sector shields,Do not touch them。
badblocks is to check whether a disk has bad sectors Tools,Can be read way to check,You can also check the way to write。
Here,I use
badblocks -v /dev/sda
Check for bad sectors,Test results without error
badblocks parameter options
-b blocksize
Block size specified disk,Bytes,The default value is "block 4K"(4K/block)
-c blocksize
Check the number of times each block,The default is 16
-f
Non-destructive read enforcement on an already mounted equipment write test operation
(We recommend that you umount equipment,Then to detect bad sectors。Only when the / etc / mtab mount the wrong device false positives when you can use this option)
-i file
Skip has been shown to bad sectors in the file file,Without detection (to avoid duplicate detection)
-or file
The detection result is output to the file file
-p number
Repeat search devices,Until a specified number of times through no bad blocks to find a new location,The default number is 0
-s
It shows progress check
-t pattern
By pressing the designated read mode is detected block。You can specify a decimal 0 to ULONG_MAX-1 positive value,Or random (stochastic)。
If you specify more than one mode,badblocks will use the first pattern detecting all blocks,Then use one mode to detect all of the blocks。
Read-only mode accepts only a mode,It can not accept random pattern。
-v
Display detailed information about the implementation
-w
Are the first written for each block,Then read information from it
[device]
Specifies the disk device to be checked。
[last-block]
The total number of blocks specified disk device。
[start-block]
Specifies the block from which you want to start checking
Intranet,Pass from one servermysqlofSourceWhen you install the package to another server,The following error occurred:
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
1. Disable Firewalld Service.
[root@rhel-centos7-tejas-barot-linux ~]# systemctl mask firewalld
2. Stop Firewalld Service.
[root@rhel-centos7-tejas-barot-linux ~]# systemctl stop firewalld
3. Install iptables service related packages.
[root@rhel-centos7-tejas-barot-linux ~]# yum -y install iptables-services
4. Make sure service starts at boot:
[root@rhel-centos7-tejas-barot-linux ~]# systemctl enable iptables
# If you do not want ip6tables, You can skip following command.
[root@rhel-centos7-tejas-barot-linux ~]# systemctl enable ip6tables
5. Now, Finally Let’s start the iptables services.
[root@rhel-centos7-tejas-barot-linux ~]# systemctl start iptables
# If you do not want ip6tables, You can skip following command.
[root@rhel-centos7-tejas-barot-linux ~]# systemctl start ip6tables
Firewalld Service is now disabled and stop, You can use iptables.
Close selinux
vi/etc/selinux/config
#SELINUX=enforcing
SELINUX=disabled
iftop can be used in real-time traffic monitoring NIC (network segment can be specified)、Reverse lookup IP、Display port information, etc.,Details will be explained later in the parameter。
If you can compile and install the iftop official website to download the latest source package。
Before installing the need to have installed the required basic compilation environment,For example, make、gcc、autoconf等。Installation iftop also need to install libpcap and libcurses。
On CentOS install the required dependencies:
yum install flex byacc libpcap ncurses ncurses-devel libpcap-devel
On Debian install the required dependencies:
apt-get install flex byacc libpcap0.8 libncurses5
Download iftop
wget http://www.ex-parrot.com/pdw/iftop/download/iftop-0.17.tar.gz
tar zxvf iftop-0.17.tar.gz
cd iftop-0.17
./configure
make && make install
Well to fix this issue just run following command to install Crypt::PasswdMD5
# /usr/local/cpanel/bin/cpanm -n Digest::SHA1 Crypt::PasswdMD5
Once you have run the above code in SSH try Easy Apache again.
install Digest::SHA1 Crypt::PasswdMD5
cpan> install Bundle::CPAN
cpan> reload cpan
cpan> install DateTimecpan> install DBI cpan> install DBD::mysql cpan> install Class::Autouse cpan> install Digest::MD5 cpan> install Digest::SHA1 cpan> install HTML::Template cpan> install Image::Size cpan> install MIME::Lite cpan> install MIME::Wordscpan> install Compress::Zlib cpan> install Net::DNS cpan> install URI::URL cpan> install HTML::tagset cpan> install HTML::Parser cpan> install LWP::Simple cpan> install LWP::UserAgentcpan> install GD cpan> install Mail::Address cpan> install Unicode::MapUTF8 cpan> install XML::Simple cpan> install IO::WrapTie cpan> install Unicode::CheckUTF8 cpan> install Captcha::reCAPTCHA cpan> install Digest::HMAC_SHA1
Files stored on the hard disk,HDD minimum storage units called "sectors" (Sector)。Store 512 bytes per sector (equivalent 0.5KB)。
Operating system hard to read when,Not read a sector,Such efficiency is too low,But sequential read more sectors at once,That is a one-time read "block" (block)。This from a plurality of sectors "chunks",It is the smallest unit file access。Size "chunks",The most common is 4KB,That is a block consisting of eight consecutive sector。
Data files are stored in the "block" in the,Then it is clear,We must also find a place to store meta-information file,For example, the creator of the file、File creation date、File size, etc.。This storage area file meta information is called inode,Chinese translation for "inode"。
Each file has a corresponding inode,Which contains some information and documents relating to the。
df -ih
First cut to the root directory /
cd /
And then do
for i in /*; do echo $i; find $i | wc -l; done
or
for i in `ls -1A | grep -v "\.\./" | grep -v "\./"`; do echo "`find $i | sort -u | wc -l` $i"; done | sort -rn | head -10
This will in turn return/
Most files under directory,Into this directory,And then execute the above command,In this way layers of depth is up to finalize the directory file
Under normal circumstances,If there should be millions of files in this directory,If you directly rm -rf 目录名
If inefficient,You can use the following method
find 目录 -type f -name '*' -print0 | xargs -0 rm
Time may be relatively long,So you'd better open a screen to handle
/var / spool / postfix / maildrop below many files
in order to avoid,You can perform crontab -e
At the beginning of the most added MAILTO='"'
Save,then server crond restart
Restart crond
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »