kieranbarnes do you know where your towel is?

[Snippet] Create a large file in Linux

Posted on August 21, 2010

Need to create a large file? For disk speed tests? Or space tests?

dd if=/dev/zero of=your.big.file bs=1MB count=500

This will create a 500Mb file in your current directory called  your.big.file

500+0 records in
500+0 records out
500000000 bytes (500 MB) copied, 4.08855 seconds, 122 MB/s
Filed under: Linux No Comments

[Snippet] Skipping the WHM Getting Started Wizard

Posted on August 17, 2010

WHM uses the /etc/.whostmgrft file to determine whether the Getting Started Wizard should run. You can touch the file using the following command to stop it appearing

touch /etc/.whostmgrft
Filed under: cPanel/WHM No Comments

Smarty Security – Stop .tpl access

Posted on August 17, 2010

WHMCS uses the Smarty template engine. Which means your .tpl files are accessible to anyone that knows the path. Quite easy in WHMCS. Whilst not really a major security risk, its bad practise to all these files to be accessed directly.

Add this code into your .htaccess file.

<Files ~ "\.tpl$">
Order allow,deny
Deny from all
</Files>
Filed under: Apache, PHP, cPanel/WHM No Comments

New Roll Cage

Posted on August 13, 2010

Out came the dash dodging bolt in to make way for the weld in.

Theres a lot of work before it goes in. Etch primering, painting laquering and a bit of seem welding.

Filed under: Vantegra No Comments

Active Directory DHCP Authorisation Issues

Posted on August 6, 2010

So you just deleted a DHCP server in your Active Directory site and can't authorise a new one? Yeah... Stupid.

A client of mine recently deleted a Windows Server running DHCP and couldn't authorise the new server of the same name.
This is because the client did not Unauthorise the server beforehand. Possibly because the server hardware was dead.

Filed under: Windows Continue reading

[Snippet] Forcing Replication Between Domain Controllers

Posted on August 5, 2010

...because some people still don't know!

  1. Open Active Directory Sites and Services.
  2. In the console tree, expand Sites, and then expand the site to which you want to force replication from the updated server.
  3. Expand the Servers container to display the list of servers that are currently configured for that site.
  4. Expand the server objects and click their NTDS Settings objects to display their connection objects in the details pane. Find a server that has a connection object from the server on which you made the updates.
  5. Click NTDS Settings below the server object. In the details pane, right-click the connection object whose From Server is the domain controller that has the updates that you want to replicate, and then click Replicate Now.
  6. When the Replicate Now message box appears, review the information, and then click OK.

That is all!

Filed under: Snippets, Windows No Comments

[Snippet] Stupid Simple cPanel Install

Posted on August 3, 2010

Open a clean server,

cd /home && wget -N http://httpupdate.cpanel.net/latest && sh latest && /usr/local/cpanel/cpkeyclt

Go have your lunch. Maybe lunch +VAT depending on the speed of your server.

cPanel MySQL Tuning

Posted on August 3, 2010

The default configuration for MySQL provided by cPanel is pretty barren. /etc/my.cnf

[mysqld] skip-innodb

Thats it. One line. Its rubbish.

Here's mine to help you along the way. Its got some decent logging set, some decent cache and memory options for a shared server set and some helpful security settings enabled.

[mysqld]
max_connections = 200
bind-address = 127.0.0.1
 
safe-show-database
skip-locking
skip-innodb
 
# MySQL 4.x has query caching available.
# Enable it for vast improvement and it may be all you need to tweak.
query_cache_type=1
query_cache_limit=1M
query_cache_size=32M
 
interactive_timeout=100
 
# Reduced wait_timeout to prevent idle clients holding connections.
wait_timeout=15
connect_timeout=10
 
# Checked opened tables and adjusted accordingly after running for a while.
table_cache=512
 
# Reduced it to 32 to prevent memory hogging.
thread_cache=32
 
# Reduced it by checking current size of *.MYI files.
key_buffer=128M
 
thread_concurrency=1
 
log_error                = /var/log/mysql/error.log
 
# log slow queries is a must.
log_slow_queries=/var/log/mysqld.slow.log
long_query_time=2
 
[mysqldump]
quick
max_allowed_packet=16M
 
[mysql]
no-auto-rehash
 
[isamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M
 
[myisamchk]
key_buffer=64M
sort_buffer=64M
read_buffer=16M
write_buffer=16M
 
[mysqlhotcopy]
interactive-timeout

Extending Advanced Policy Firewall with Brute Force Detection

Posted on August 2, 2010

In my previous article I discussed setting up the Advanced Policy Firewall on your servers. So now your servers are protected - but what happens when you get an attack at a legitimate service? SSH? MySQL? Apache? In a series of articles I'll discuss implementing some best practises to help avoid server nightmares.

Advanced Policy Firewall (for cPanel)

Posted on August 2, 2010

More retro software that has been with us for years - APF - Advanced Policy Firewall. A brilliantly robust and fool proof Linux script that acts as a wrapper for iptables.

Here's how I configure it for all the WHM/cPanel boxes I commission, although you can configure it for non-cPanel servers, just adjust your ports accordingly.