Needed

iptables -i INPUT 1 -s 192.168.0.1 -j drop

DNS working Diagram:
http://westwood.wikispaces.com/file/view/dns-recrussion-big.jpg/36711139

DDOS attack checking

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n


netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -f1 -d: | sort | uniq -c | sort -rn | head

dd if=/dev/zero of=/dev/tmpFS bs=1024 count=100000

Install SSL in linux servers

Installing your SSL Certificate / Web Server Certificate / Secure Server Certificate from RapidSSL.com

Firstly when your issuance email arrives it will contain your web server certificate.

Copy your web server certificate into a text editor such as notepad and save as yourdomain.crt

Note: The examples below use the following naming conventions: "Your Private Key" = "domainname.key"; "Your Web Server Certificate" = "domainname.crt"

1. Copy the certificate to the Apache server directory in which you plan to store your certificates (by default: /usr/local/apache/conf/ssl.crt/ or /etc/httpd/conf/ssl.crt/).
   
   Note: Copy the entire contents of the certificate from (and including) the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.



2. Open the Apache httpd.conf file in a text editor.
   
   
3. Locate the SSL VirtualHost associated with your certificate. Verify that you have the following 2 directives within this virtual host. Please add them if they are not present:
   
   SSLCertificateFile /usr/local/apache/conf/ssl.crt/domainname.crt (or server.crt)
   SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/domainname.key (or server.key)
   
   Note that some instances of Apache will store Virtual Host information in a ssl.conf file. If your httpd.conf contains no Virtual Host information then you will need to locate and amend the ssl.conf as above.
   
   
4. Save the changes and exit the editor.



5. Start or Restart your apache web server using one of the following commands:
   By default:
   /usr/local/apache/bin/apachectl startssl
   or
   /usr/local/apache/bin/apachectl restart
   
   Other commands:
   /usr/sbin/httpd startssl or restart
   /usr/sbin/httpsd startssl or restart

Test your certificate by using a browser to connect to your server. Use the https protocol directive (e.g. https://your server/) to indicate you wish to use secure HTTP.

Note: The padlock icon on your browser will be displayed in the locked position if your certificates are installed correctly and the server is properly configured for SSL.

Cpanel scripts

• /scripts/postupcp — Runs after cPanel/WHM updates (/scripts/upcp).
• /scripts/postcourierinstall — Runs after Courier updates (/scripts/courierup).
• /scripts/postcourier-authlibup — Runs after courier-authlib package updates.
• /scripts/postcourier-imapup — Runs after courier-imap package updates.
• /scripts/posteasyapache — Runs after Apache is rebuilt (/scripts/easyapache).
• /scripts/postexim4install — Runs after Exim updates (/scripts/eximup).
• /scripts/postftpinstall — Runs after FTP server updates (/scripts/ftpup).
• /scripts/postmysqlinstall — Runs after MySQL updates (/scripts/mysqlup).
• /scripts/postwwwacct — Runs after account creation (/scripts/wwwacct).
• /scripts/legacypostwwwacct — Older version of /scripts_postwwwacct. Runs after account creation (/scripts/wwwacct).
• /scripts/postwwwacctuser — Runs after user creation.
• /scripts/postsuspendacct — Runs after an account is suspended (/scripts/suspendacct).
• /scripts/postunsuspendacct — Runs after an account is unsuspended (/scripts/unsuspendacct).
• /scripts/post${pkg}install — Runs within /scripts/bandminup or /scripts/courierup, specify a package name to be run after.
• /scripts/postcpbackup — Runs after cpbackup (/scripts/cpbackup).
• /scripts/postbuildapache — Runs after Apache rebuild (/scripts/easyapache).
• /scripts/postkillacct - Runs after account termination (/scripts/killacct). HASH: make sure to parse as a hash because killdns or user could change order.
• /scripts/legacypostkillacct — Runs after account termination (/scripts/killacct).

Exim Commands

exim -bp	mailq --- The mailq is relevant as it gives your the email IDs.
exim -M emailID	force delivery of one message
exim -qf	Force another queue run
exim -qff	Force another queue run and attempt to flush frozen messages
exim -Mvl messageID	View Log for message
exim -Mvb messageID	View Body for message
exim -Mvh messageID	View Header for message
exim -Mrm messageID	ReMove message (no errors sent)
exim -Mg messageID	Give up and fail message, message bounces to sender

----------------------------

exim -bp|grep name ---- show the mail in queue for $name
exim -Mvh msgid ---- View message header
exim -Mvb msgid ---- View message body
exim -M msgid ---- Force delivery of message
exim -v -M msgid ---- View the transact of message

Force delivery of one message
exim -M email-id

Force another queue run
exim -qf

Force another queue run and attempt to flush the frozen message
exim -qff

View the log for the message
exim -Mvl msgid

View the body of the message
exim -Mvb msgid

View the header of the message
exim -Mvh msgid

Remove message without sending any error message
exim -Mrm msgid

Giveup and fail message to bounce the message to the Sender
exim -Mg msgid

How much mail in the queue?
exim -bpr | grep "<" | wc -l


How many Frozen mails in the queue
exim -bpr | grep frozen | wc -l


Deleteing Frozen Messages
exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm


To find out, how many messages are there in the mail queue:
exim -bpc

To check the mails in the queue:
exim -bp

To force exim update:
/scripts/eximup --force

Hope this helps
______________________________________

VPS creation with OpenVZ

1. vzctl create vpsid –ostemplate ostemplatename
Eg: vzctl create 105 –ostemplate centos-4-i386-default
/var/lib/vz/root/vpsid

2. Adding ip address to a VPS and creating networking
vzctl set vpsid –ipadd ipaddr –nameserver nameserverIP –hostname hostname –save

3. Assign fixed amount of RAM for the created VPS?
vzctl set vpsid –vmguarpages 65536 –save
vzctl set vpsid –privvmpages 262144 –save

vmguarpages ->The memory that is ‘guaranteed’ to the VPS
privvmpages -> The ‘maximum’ amount of memory that will be granted to the VPS

4. vzctl start vpsid
vzctl destroy vpsid -- to destroy vps

Example:
vzctl create 106 --ostemplate ubuntu-9.04-i386-minimal
vzctl set 106 --onboot yes --save
vzctl set 106 --hostname singularityweb --save
vzctl set 106 --numiptent 128 --save
vzctl set 106 --diskspace 10485760:12582912 --save
vzctl set 106 --vmguarpages 33792:2147483647 --save
vzctl set 106 --oomguarpages 26112:2147483647 --save
vzctl set 106 --privvmpages 65536:69632 --save
vzctl set 106 --ipadd 64.191.79.134 --save

Port Numbers

21 => FTP
22 => SSH
23 => Telnet
25 => SMTP Mail Transfer
43 => WHOIS service
53 => name server (DNS)
80 => HTTP (Web server)
110 => POP protocol (for email)
443 => HTTP Secure (SSL for https:// )
995 => POP over SSL/TLS
9999 => Urchin
3306 = > MysQL Server
2082 => CPANEL Default
2083 => CPANEL - Secure/SSL
2086 => CPANEL WHM
2087 => CPANEL WHM - Secure/SSL
2095 => cpanel webmail
2096 => cpanel webmail - secure/SSL
Plesk Control Panel => 8443
DirectAdmin Control Panel => 2222
Webmin Control Panel => 10000


-----------------------------------
Port Number TCP/UDP Protocol
20 & 21 TCP FTP
22 TCP SSH
23 TCP Telnet
25 TCP SMTP
53 TCP & UDP DNS
67 UDP DHCP
69 UDP TFTP
80 TCP HTTP
88 TCP Kerberos
109 & 110 TCP POPv2 & POPv3
111 TCP & UDP Port Mapper
113 TCP auth/ident
119 TCP NNTP
123 UDP NTP
137 UDP NetBIOS Name Service
138 UDP NetBIOS Datagram
139 TCP NetBIOS Session
143 TCP IMAP 2
161 UDP SNMP
177 UDP XDMCP
220 TCP IMAP 3
389 TCP LDAP
443 TCP HTTPS
445 TCP Microsoft DS
514 UDP Syslog
515 TCP Spooler
636 TCP LDAPS
749 TCP Kerberos Admin
5800-5899 TCP VNC via HTTP
5900 TCP VNC
6000-6099 TCP X (X.org-X11, XFree86)

CSF insatallation

Install CSF Firewall for Cpanel

Download the package
wget http://www.configserver.com/free/csf.tgz

Untar it :
tar -zxf csf.tar.gz

Run the install script
sh /csf/install.sh

Remove apf and bfd
sh /etc/csf/remove_apf_bfd.sh

csf -s
// start the firewall
csf -r
// restart the firewall
csf -f
// flush the rules or stop the firewall.

Specify the port you want to open

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,953,993,995,2077,2078,2082,2083,2087"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873,953,2087,2089,2703"
# Allow incoming UDP ports
UDP_IN = "20,21,53,953"
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP_OUT = "20,21,53,113,123,873,953,6277"

Virtualhost ( Name based and IP based )

Virtaulhost is used to host multiple domains in the same server.  This can reduce the cost and administration workload for seperate servers for each domain. There are two types of  virtaulhost.
1. Name-based virtulahost
2. IP-based virtualhost

Name based Virtualhost:

Name-based virtaulhost mainly uses one instance of apche to host multiple domains. There is no need to setup multiple IP's in the server. To activate name-based virtualhost, we should use the directive
NameVirtualHost *

This allows apache to accept all the incoming requests.

NameVirtualHost *

ServerName abhionlinux.in
DocumentRoot /home/username/public_html
ServerAdmin admin@abhionlinux.in
ErrorLog /usr/local/apache/logs/www.abhionlinux.in-error_log
CustomLog /usr/local/apache/logs/www.abhionlinux.in-access_log common

ServerName www.example.com
DocumentRoot /home/www/htdocs/example.com
ServerAdmin webmaster@example.com
ErrorLog /usr/local/apache/logs/www.example.com-error_log
CustomLog /usr/local/apache/logs/www.example.com-access_log common

In NameVirtualHost * ,  * is used in the VirtualHost directives. Apache uses the host field in the HTTP header to connect the request to the virtual host. The request is forwarded to the virtual host whose ServerName matches the host name specified in this field.


IP-Based Virtual Hosts:

IP-Based Virtual Hosts requires multiple IP address for the machine. In this case, one instance of apache hosts multiple domains, each domains having different IP. To host multiple IP's, machine must accept request for multiple IP's. For this, IP aliasing should be enabled in the kernal. Once this is setup, you can use the commands ifconfig, route to add new IP's to machine.

Eg: /sbin/ifconfig eth0:0 192.168.1.20
    /sbin/ifconfig eth0:1 192.168.1.21

Once IP aliasing has been setup, you can use the seperate virtualhost entry for each domain.

You can use Multiple Instances of Apache  for IP-based virtaulhost. In this method use the Listen directive to specify the  IP handled by the respective apache instance.

For eg:
Listen 192.168.1.10:80
Listen 192.168.1.20:80
Listen 192.168.1.21:80

Htaccess

.htaccess files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof.

If you want to call a file using htaccess
Accessfilename .config

AllowOverride is set to allow the use of .htaccess files

It is completely equivalent to put a .htaccess file in a directory /www/htdocs/example containing a directive, and to put that same directive in a Directory section in your main server configuration:

The use of .htaccess files can be disabled completely by setting the AllowOverride directive to "none" AllowOverride None

In the directory /www/htdocs/example1 we have a .htaccess file containing the following:

Options +ExecCGI

(Note: you must have "AllowOverride Options" in effect to permit the use of the "Options" directive in .htaccess files.)

In the directory /www/htdocs/example1/example2 we have a .htaccess file containing:

Options Includes

Authentication

You must have "AllowOverride AuthConfig" in effect for these directives to be honored.

.htaccess file contents:

AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
Require Group admins

Server side includes

Options +Includes
AddType text/html shtml
AddHandler server-parsed shtml

Options +ExecCGI
AddHandler cgi-script cgi pl

If you wish to have all files in the given directory be considered to be CGI program
Options +ExecCGI
SetHandler cgi-script




Install Kayako

Below are the steps to install Kayako helpdesk on Linux box.

• Login to member area at http://member.kayako.com.
• Activate the license key based on added domain name.
• Download key.php file.
• Download the package of Kayako.
• Upload all the files in the root folder in BINARY mode.
• Create database and database user.
• Setting up /upload/confi/config.php file.
• Give 777 permissions to cache and files folder.
• Upload key.php file.
• Browse http://www.domainname.com/setup and follow the standard procedure.
• Delete setup folder.

Setting up Email Piping.

• Create Mail queue from Admin side of kayako.
• Set up forwarding from Cpanel -> Email -> Forwarders.
• Enter absolute path of “|home/user/public_html/cli/index.php” (including quotes).
• Cli folder must have 755 permissions.