The following guide explains the installation of the apache module "mod_evasive". Mod_evasive tracks the number of requests of files at the apache webserver and blocks the delivery in case that a certain limit has been reached.
apt-get install libapache2-mod-evasive
Create the log directory for mod_evasive
mkdir -p /var/log/apache2/evasive
chown -R www-data:root /var/log/apache2/evasive
Now we add the configuration for the module at the end of the file /etc/apache2/mods-available/mod-evasive.load
so that it looks like this:
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
and restart apache:
To change the language of the website statistics generated by AWStats on a Debian Linux server to e.g. german (de), edit the /etc/awstats/awstats.conf file:
and change the value of the "Lang" variable. To change the languge to e.g. German, cahnge:
The website statistics are generated nightly on a ISPConfig 3 server, so it may take up to 24 hours until the statistics will show up in German language.
Thanks to PlaNet Fox for this FAQ.
wrote by Rafael Marangoni, from Suporte Linux team.
This article explains how to change the default PostgreSQL Locale. Be careful, because we're considering that you do not have data on postgresql instance.
First, we need to stop the postgres service (if was not already stopped):
Then we need to remove all data files from postgresql data dir. On RedHat based, that's the dir:
rm -rf /var/lib/pgsql/data/*
Now we change to postgres user:
Creating the initial data, selecting the Locale:
initdb --locale=C /var/lib/pgsql/data
initdb --locale=pt_BR.UTF-8 /var/lib/pgsql/data
or your locale
Then, we start postgres service:
wrote by Rafael Marangoni, from BR Link team.
By default, the ssh login is disabled on VMware ESXi, in opposite way what it happens on VMware ESX Server.
But, there’s a way to enable SSH Login.
After the system is installed, go to the console screen and type:
ALT + F1
After that, a Black screen will appear (be calm, that is normal), then type:
Next, the Server will prompt for root password. Then you type the root password.
Afterwards, you’ll have shell access. We need to edit the following file:
Uncomment the line that starts with “SSH”. Save the file (it’s a normal vi, ZZ will do that for you).
Now reboot the server:
After it reboots, you should login with SSH on port TCP/22, and user root.
wrote by Rafael Marangoni, from Servidor Linux team.
This article explains howto update the Samba packages on CentOS 5 to version 3.5.
First, we need to add a new repository:
Then, update samba:
yum update samba
Probably, you will need winbind too:
yum install samba3-winbind samba3-utils
Check the rpm version:
rpm -qa | grep samba
wrote by Rafael Marangoni, from Consultoria Linux team.
By default, on some distros, PostgreSQL will only accept connections from localhost. When you have only access from localhost (from localhost Apache, by example) everything is ok, but when you need that postgresql accepts connections for other hosts, you need to make some configs.
First of all, edit the postgresql.conf file (on CentOS the default location is /var/lib/pgsql/data/postgresql.conf).
Search the following line:
listen_addresses = 'localhost'
Change it to:
listen_addresses = '*'
Secondly, you need to change the permissions inside pg_hba.conf file (on CentOS, the default location is /var/lib/pgsql/data/pg_hba.conf)
Include the following line (at the end of the file):
host username all 192.168.0.10/32 md5
username: it's the name of the postgres user
all: the database name (here we enabled all of them)
192.168.0.10/32: is the IP address/subnet to accept connections
md5: is the method of authentication (md5 requests password)
When you run rkhunter on Debian Linux, you might get a warning when rkhunter is checking for hidden files and directories that some Hiffen files were found in /proc. A closer investigation in rkhunter might bring up the filenames /dev/.static, /dev/.udev and /dev/.initramfs which are normal files on Debian and not related to a attack on your system. The warnings in rkhunter.log are:
[10:21:40] Warning: Hidden directory found: /dev/.static
[10:21:40] Warning: Hidden directory found: /dev/.udev
[10:21:40] Warning: Hidden directory found: /dev/.initramfs
To avoid these warnings, you can reconfigure rkhunter to ignore these files by editing the rkhunter.conf file:
and remove the # in fron of the following lines:
Today I tested the logrotation of a Linux server installation and therefore I needed a logfile that was larger then 10 MB. To create such a file of e.g. 11 MB size on the shell, I used this command:
dd if=/dev/urandom of=test.log bs=1M count=11
The content of the file are random characters. If you need a file filled with zeros, use this command:
dd if=/dev/zero of=test.log bs=1M count=11
The result is a file named test.log in the current directory with a size of 11 MB.
If you get the error message "connect to mysql server 127.0.0.1: Too many connections" in a log file, e.g. the mail.log file, then the max. number of mysql database connections on your server is reached. To increase the max. number of simultanious connections, edit the MySQL my.cnf file:
and add or change the lines for mysql max_connections and max_user_connections in the [mysqld] section of the my.cnf file:
max_connections = 500
max_user_connections = 500
If you get the error "/dev/zero: No space left on device" in the apache error.log on a OpenVZ virtual machine, then the shared memory size in the xcache.ini is too high or the xcache.mm_path is set wrong.
Edit the file /etc/php5/conf.d/xcache.ini
and check the mm_path. On a OpenVZ virtual machine it should be set to "/tmp/xcache" as /dev/zero might not work correctly in a virtual machine:
xcache.mmap_path = "/tmp/xcache"
Then restart apache2:
and check if the error has been resolved.
If the roor still occurs after some time, you will have to reduce the xcache.size.
Edite the xcache.ini file:
and set xcache.size to e.g. 8 MB
xcache.size = 8M
Then restart apache2: