How To
You are currently browsing the articles from Server Fu matching the category How To.
How To Block Proxy Visitors From Your Web Site?
If you have access to your .htaccess file, you can add this bit of mod_rewrite code to give proxy visitors a “Forbiden” 403 server response.
# block proxy servers from site access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]
Written by admin on November 3rd, 2009 with comments disabled.
Read more articles on How To.
Noticing that Linkwalker requests robots.txt and is followed by BDFetch.
Example of the Linkwalker robot:
72.14.164.165 - - "GET /robots.txt HTTP/1.1" 406 1326 "www.seventwentyfour.com/" "LinkWalker/2.0"
Examples of the BDFetch robot:
72.14.164.177 - - "GET /robots.txt HTTP/1.1" 5816 "www.brandimensions.com" "BDFetch"
72.14.164.193 - - "GET /index.html HTTP/1.1" 5816 "www.brandimensions.com" "BDFetch"
72.14.164.173 - - "GET /robots.txt HTTP/1.1" 5816 "www.brandimensions.com" "BDFetch"
72.14.164.191 - - "GET /index.html HTTP/1.1" 5816 "www.brandimensions.com" "BDFetch"
72.14.164.177 - - "GET /robots.txt HTTP/1.1" 5816 "www.brandimensions.com" "BDFetch"
72.14.164.188 - - "GET /index.html HTTP/1.1" 5816 "www.brandimensions.com" "BDFetch"
Solution to bandwidth gobbling bots in this IP range:
Add these to the deny list on the router.
72.14.163.0/24
72.14.164.0/24
Written by admin on September 28th, 2009 with comments disabled.
Read more articles on How To and Spiders.
If you notice a “Lock table is out of available locker entries” error while updating with your WHM/CPANEL “Upgrade to Latest Version” function, then you have a RPM error.
The easiest way to fix this problem is to backup, delete, and refresh your RPM database.
How To Fix RPM Error?
Backup your /var/lib/rpm in the event something goes wrong.
tar cvzf rpmdb-backup.tar.gz /var/lib/rpm
Delete the RPM databases. You may have to hit “Y” and “Enter” for each database.
rm /var/lib/rpm/__db.00*
Rebuild your RPM database.
rpm –rebuilddb
Check Your RPM to make sure everything has been updated.
rpm -qa | sort
That’s it!
Written by admin on January 29th, 2009 with comments disabled.
Read more articles on Cpanel and How To.
Many server admins would like to check what port speed their server was configured by their host provider. If you paid for a 10Mbs or 1000Mbs connection, you definitely want to check on its correct provisioning.
Log into your server via putty and enter this command.
STEPS
root@server [~]# mii-tool
You will get a response like this example.
eth0: 100 Mbit, full duplex, link ok
mii-tool Command variables.
mii-tool [-v, --verbose] [-V, --version] [-R, --reset] [-r, --restart] [-w, --watch] [-l, --log] [-A, --advertise=media,...] [-F, --force=media] [interface ...]
Written by admin on August 22nd, 2008 with comments disabled.
Read more articles on How To and Linux.
Ever wondered how to check that status of your server’s ram with a convient, simple to use command? Well, worry no more.
STEPS
1) Enter
root@server [~]# free -o
Your response should look something like this:
total used free shared buffers cached
Mem: 2067220 2013636 53584 0 28300 1323664
Swap: 2031608 71336 1960272
This command will show you your total available/used memory and cached memory. In the case obvoe, this server has 2 gigabytes of RAM installed and has used a large portion of it with a memory intensive application. The SWAP file has been put to use to buttress the RAM use.
Another method is to use this command for more detail.
root@server [~]# cat /proc/meminfo
You will get a result something like this:
MemTotal: 2067220 kB
MemFree: 95960 kB
Buffers: 20472 kB
Cached: 1373616 kB
SwapCached: 25076 kB
Active: 697120 kB
Inactive: 1211676 kB
HighTotal: 1171136 kB
HighFree: 19632 kB
LowTotal: 896084 kB
LowFree: 76328 kB
SwapTotal: 2031608 kB
SwapFree: 1962060 kB
Dirty: 464 kB
Writeback: 0 kB
AnonPages: 505384 kB
Mapped: 32668 kB
Slab: 49260 kB
PageTables: 4128 kB
NFS_Unstable: 0 kB
Bounce: 0 kB
CommitLimit: 3065216 kB
Committed_AS: 1145992 kB
VmallocTotal: 114680 kB
VmallocUsed: 5128 kB
VmallocChunk: 107708 kB
HugePages_Total: 0
HugePages_Free: 0
HugePages_Rsvd: 0
Hugepagesize: 4096 kB
Written by admin on August 10th, 2008 with comments disabled.
Read more articles on How To and Linux.
Lately, there has been a huge amount of annoying website scrappers combing through our sites using the useragent below.
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Obviously, legitimate human visitors do not have the term “User-Agent:” in their useragent field. Months ago I had added a ModSecurity rule to help identify and block these bandwidth wasters and copyright infringer’s.
Example of log details:
69.14.204.163 – - [04/Jul/2008:13:09:58 -0400] “GET / HTTP/1.1″ 410 317 “-” “User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”
Thumbs Down To "User-Agent" Scrappers
STEPS
1) Using ModSecurity 2.0+, I instituted this rule to modsec2.conf located in usr/local/apache/conf/
SecRule HTTP_User-Agent “User-Agent” “deny,log,status:410″
2) Restart Apache
/sbin/service httpd restart
Written by admin on July 4th, 2008 with comments disabled.
Read more articles on How To and ModSecurity.
Do you want to check if your server is properly configured with rDNS or reverse DNS?
It’s pretty important these days to have a reverse DNS setup for your dedicated IP address in order for email to be properly delivered.
Many free email companies like GMail, Hotmail, Yahoo Mail, and others require a reverse DNS to be setup for the IP address from which the email orginiates. It would not hurt to have a SPF Record and/or a DomainKey configured as well, but that is for another post.
STEPS
1) Log into your server as root or as another user.
2) Enter the following at the prompt using putty or other SSH client.
root@server [~]# dig -x 68.180.206.184 <--- replace with your IP address
The output should look like this:
;; QUESTION SECTION:
;184.206.180.68.in-addr.arpa. IN PTR
;; ANSWER SECTION:
184.206.180.68.in-addr.arpa. 1200 IN PTR w2.rc.vip.sp1.yahoo.com.
As long as there is a record in the PTR section that matches what you would like your rDNS to be such as www.server.com then your are golden.
Sometimes, you must contact your server host and have them manually enter your PTR records for you or providers will allow you to do it yourself via a control panel.
Written by admin on June 26th, 2008 with comments disabled.
Read more articles on Centos and How To and Linux.
There are a few ways to see what version of Centos your server has installed.
Steps
1) While logged in as root, enter the following commands.
cat /etc/redhat-release
This should produce a response like this:
CentOS release 5.2 (Final)
2) Another method is to enter the following command:
rpm -qa | grep centos
This should produce results like this:
root@server [~]# rpm -qa | grep centos
procmail-3.22-17.1.el5.centos
comps-extras-11.1-1.1.el5.centos
basesystem-8.0-5.1.1.el5.centos
gdm-2.16.0-46.el5.centos
pm-utils-0.99.3-6.el5.centos.19
yum-fastestmirror-1.1.10-9.el5.centos
specspo-13-1.el5.centos
rhgb-0.16.4-8.el5.centos.1
nss-3.11.99.5-2.el5.centos
centos-release-notes-5.2-2
desktop-backgrounds-basic-2.0-40.el5.centos
anacron-2.3-45.el5.centos
pango-1.14.9-3.el5.centos
kdelibs-3.5.4-16.el5.centos
system-config-date-1.8.12-3.el5.centos.2
gnome-session-2.16.0-6.el5.centos
gnome-desktop-2.16.0-1.el5.centos.1
redhat-logos-4.9.99-8.el5.centos
redhat-artwork-5.1.0-26.el5.centos
redhat-lsb-3.1-12.3.EL.el5.centos
pirut-1.3.28-13.el5.centos
httpd-manual-2.2.3-6.el5.centos.1
filesystem-2.4.0-1.el5.centos
mod_ssl-2.2.3-6.el5.centos.1
ntp-4.2.2p1-8.el5.centos.1
nss-tools-3.11.99.5-2.el5.centos
gzip-1.3.5-10.el5.centos
busybox-1.2.0-4.el5.centos
initscripts-8.45.19.EL-1.el5.centos.1
firstboot-tui-1.4.27.3-1.el5.centos
firstboot-1.4.27.3-1.el5.centos
crash-4.0-5.0.3.el5.centos
Deployment_Guide-en-US-5.2-9.el5.centos
kdebase-3.5.4-18.el5.centos
yum-protectbase-1.1.10-9.el5.centos
xorg-x11-proto-devel-7.1-9.el5.centos
setuptool-1.19.2-1.el5.centos
centos-release-5-2.el5.centos
yum-3.2.8-9.el5.centos.2.1
bluez-utils-3.7-2.el5.centos
httpd-2.2.3-6.el5.centos.1
firefox-3.0-0.beta5.6.el5.centos
3) To check your Kernel version, you could enter this command.
uname -a
Written by admin on June 25th, 2008 with comments disabled.
Read more articles on Centos and How To.
It’s a good idea on a new server to edit the syctl.conf file to increase server security.
Steps:
1) Log into your server as root.
2) I recommend using WinSCP as a windows based interface to edit and manipulate server files.
3) Find /etc/sysctl.conf
4) Add the following text to the file. Cut and paste.
#Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Disables packet forwarding
net.ipv4.ip_forward=0
# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
# Disables the magic-sysrq key
kernel.sysrq = 0
# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15
# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800
# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0
# Turn off the tcp_sack
net.ipv4.tcp_sack = 0
# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1
# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1
# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1
# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024
# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000
# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536
5) You will now have to manually restart sysctl to affect the changes. This can be done by executing these two commands in order.
a) /sbin/sysctl -p
b) sysctl -w net.ipv4.route.flush=1
Written by admin on June 24th, 2008 with comments disabled.
Read more articles on How To and Linux.
How To: Add SPF Record to Sub Domain
Most folks don’t realize that if you have a subdomain that sends email; that it probably should have a SPF record so that email will not be rejected as spam.
Example: subdomain.foo.com
Steps
1) Log into Cpanel/WHM and navigate to:
Main >> DNS Functions >> Edit DNS Zone
2) Choose a Zone to Edit – example: foo.com
3) Find: “Add New Entries Below this Line”
4) Enter your corresponding variables such as this:
subdomain 14400 IN TXT "v=spf1 a mx ptr ~all"
5) Click on “Save”
This will reset Bind and your DNS zone should be updated.
To confirm that your subdomain is working properly, log into root and enter:
dig subdomain.abc.com
That should dispaly the new SPF record if all goes well.
Written by admin on June 24th, 2008 with 1 comment.
Read more articles on Cpanel and How To.
