[Snippet] Create a large file in Linux
Need to create a large file? For disk speed tests? Or space tests?
dd if=/dev/zero of=your.big.file bs=1MB count=500This will create a 500Mb file in your current directory called your.big.file
500+0 records in
500+0 records out
500000000 bytes (500 MB) copied, 4.08855 seconds, 122 MB/s[Snippet] Skipping the WHM Getting Started Wizard
WHM uses the /etc/.whostmgrft file to determine whether the Getting Started Wizard should run. You can touch the file using the following command to stop it appearing
Smarty Security – Stop .tpl access
WHMCS uses the Smarty template engine. Which means your .tpl files are accessible to anyone that knows the path. Quite easy in WHMCS. Whilst not really a major security risk, its bad practise to all these files to be accessed directly.
Add this code into your .htaccess file.
<Files ~ "\.tpl$">
Order allow,deny
Deny from all
</Files>New Roll Cage
Out came the dash dodging bolt in to make way for the weld in.
Theres a lot of work before it goes in. Etch primering, painting laquering and a bit of seem welding.
Active Directory DHCP Authorisation Issues
So you just deleted a DHCP server in your Active Directory site and can't authorise a new one? Yeah... Stupid.
A client of mine recently deleted a Windows Server running DHCP and couldn't authorise the new server of the same name.
This is because the client did not Unauthorise the server beforehand. Possibly because the server hardware was dead.
[Snippet] Forcing Replication Between Domain Controllers
...because some people still don't know!
- Open Active Directory Sites and Services.
- In the console tree, expand Sites, and then expand the site to which you want to force replication from the updated server.
- Expand the Servers container to display the list of servers that are currently configured for that site.
- Expand the server objects and click their NTDS Settings objects to display their connection objects in the details pane. Find a server that has a connection object from the server on which you made the updates.
- Click NTDS Settings below the server object. In the details pane, right-click the connection object whose From Server is the domain controller that has the updates that you want to replicate, and then click Replicate Now.
- When the Replicate Now message box appears, review the information, and then click OK.
That is all!
[Snippet] Stupid Simple cPanel Install
Open a clean server,
cd /home && wget -N http://httpupdate.cpanel.net/latest && sh latest && /usr/local/cpanel/cpkeycltGo have your lunch. Maybe lunch +VAT depending on the speed of your server.
cPanel MySQL Tuning
The default configuration for MySQL provided by cPanel is pretty barren. /etc/my.cnf
[mysqld] skip-innodbThats it. One line. Its rubbish.
Here's mine to help you along the way. Its got some decent logging set, some decent cache and memory options for a shared server set and some helpful security settings enabled.
[mysqld]
max_connections = 200
bind-address = 127.0.0.1
safe-show-database
skip-locking
skip-innodb
# MySQL 4.x has query caching available.
# Enable it for vast improvement and it may be all you need to tweak.
query_cache_type=1
query_cache_limit=1M
query_cache_size=32M
interactive_timeout=100
# Reduced wait_timeout to prevent idle clients holding connections.
wait_timeout=15
connect_timeout=10
# Checked opened tables and adjusted accordingly after running for a while.
table_cache=512
# Reduced it to 32 to prevent memory hogging.
thread_cache=32
# Reduced it by checking current size of *.MYI files.
key_buffer=128M
thread_concurrency=1
log_error = /var/log/mysql/error.log
# log slow queries is a must.
log_slow_queries=/var/log/mysqld.slow.log
long_query_time=2
[mysqldump]
quick
max_allowed_packet=16M
[mysql]
no-auto-rehash
[isamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M
[myisamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M
[mysqlhotcopy]
interactive-timeoutExtending Advanced Policy Firewall with Brute Force Detection
In my previous article I discussed setting up the Advanced Policy Firewall on your servers. So now your servers are protected - but what happens when you get an attack at a legitimate service? SSH? MySQL? Apache? In a series of articles I'll discuss implementing some best practises to help avoid server nightmares.
Advanced Policy Firewall (for cPanel)
More retro software that has been with us for years - APF - Advanced Policy Firewall. A brilliantly robust and fool proof Linux script that acts as a wrapper for iptables.
Here's how I configure it for all the WHM/cPanel boxes I commission, although you can configure it for non-cPanel servers, just adjust your ports accordingly.