Adding Users in Mysql and Granting Privileges

You can add users to this database and specify the databases to which they will have access with the grant command, which has the syntax.

sql> grant all privileges on database.* to username@"servername" identified by 'password';

Example:
sql> grant all privileges on data1.* to dbuser@"localhost" identified by 'secdat';

Where data1 is the database name
dbuser is the user name who has to access the db / name of new user.
secdat is the password

If you want to restrict that user from full privilege on a db you can use the following syntax:

sql> grant CREATE,INSERT,DELETE,UPDATE,SELECT on data1.* to dbuser2@localhost;

Read more »

Fix wampserver when the icon stays on orange

Below is the solution on how to fix wampserver when the icon stays on orange

1. Open Control Panel then Network Connections.
2. Right click on Local Area Connection and select Properties
3. Double click on the Internet Protocol (TCP/IP) line to open the Properties
4. On the General tab, click the Advanced button
5. Click the wins tab and uncheck the Enable LMHOSTS Lookup box

Read more »

rsync with port number

 rsync is a software application and network protocol for Unix-like and Windows systems which synchronizes files and directories from one location to another while minimizing data transfer using delta encoding when appropriate. An important feature of rsync not found in most similar programs/protocols is that the mirroring takes place with only one transmission in each direction. rsync can copy or display directory contents and copy files, optionally using compression and recursion.

Trouble with rsync while transfering to a server with port number ??

Here is the correct syntax :
There are 2 ways to use this command.

1. If you are trying to transfer the files from remote server to your system then use the syntax below:

-----
rsync -avz -e "ssh -p $portNumber" user@remoteip:/path/to/files/ /local/path/
-----
2. If you are trying to transfer the files from your system to remote server then use the syntax below:
-----
rsync -avz /local/path/ -e "ssh -p $portNumber" user@remoteip:/path/to/files/
-----

Read more »

Awstat not Updating in cPanel and Combined error Log

Yesterday I found a strange issue with awstat as it suddenly stopped reporting the data. I could get the past data but not able to get the current data. As usual as a part of debugging i opened the errorlogs and domlogs. I found something strange in the domlogs.  The word "combined" was repeating in the logs:

 # vi /usr/local/apache/domlogs/
combined
combined
combined
combined
combined
combined
combined
combined


After hours of searching and testing i found the solution. I am sharing it below:


Open the apache conf with your favorite editor.
#vi /usr/local/apache/conf/httpd.conf
Search for the line
--------
ErrorLog /usr/local/apache/logs/error_log
--------
Beneth that line add the following:
--------
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{Referer}i -> %U" referer
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{User-agent}i" agent
--------
Save and exit, then run:
--------
/usr/local/cpanel/bin/apache_conf_distiller --update
/usr/local/cpanel/bin/build_apache_conf
restart apache
/scripts/restartsrv_httpd
--------
Awstat started updating itself at last. :)

Read more »

Wordpress Hacked and Prevention

Hackers are hack for many reasons. Some of the common reasons why hackers hack are to get some Sensitive Information or to Steal Bandwidth to Distribute Illegal Content or may be for fun. Since there are many hackers around its our duty to keep our websites safe.

Since your site is wordpress, i will suggest some steps to prevent this in future:
1. Always update your wordpress to the latest version.
2. Configure a firewall on your server.
3. Always use complex passwords instead of simple ones.
4. Use an anti virus and update the virus database regularly.
5. Always take backup of your site on a weekly / monthly basis so that we cam restore it if anything happens.

Read more »

Three ways to prevent DDOS

DDOS attack, also called denial of service attack simply means creating a massive virtual visitor to a website address at the same time it was intended to "demolish" host storage makes it run slowly or can not run anymore.

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer or network resource unavailable to its intended users.

 Method 1: Anti iframe

Code:

Method 2: Anti-reload malicious website
If you are attacked like this, you set up your files .htaccess with the content:

Code:
RewriteEngine on
 RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?domain.com [NC]
 RewriteRule !antiddos.phtml http://www.domain.com/antiddos.phtml?%{REQUEST_URI} [QSA]

Then create a file antiddos.phtml with content 

Code:
 $text = $HTTP_SERVER_VARS['QUERY_STRING'];
 $text = preg_replace("#php\&#si",'php?',$text);
 echo("[CLICK HERE TO ENTER]
'');

 ?>

Method 3: Limit number of connections at a time website
You add the following code to the home page of the website.

Code:
function server_busy($numer) {
      if (THIS_IS == 'WEBSITE' && PHP_OS == 'Linux' and @file_exists (  '/proc/loadavg' ) and $filestuff = @file_get_contents ( '/proc/loadavg'  )) {
         $loadavg = explode ( ' ', $filestuff );
         if (trim ( $loadavg [0] ) > $numer) {
             print '';
             print 'Traffic is overloaded, please come back after a few minutes.';
             exit ( 0 );
         }
     }
 }
 $srv = server_busy ( 1000 ); // 1000 is the number of visitors at a time

Read more »

Traffic Summary in Plesk

There are several types of control panels, and each of them offers something unique to the user. cPanel and Plesk are two popular choices.
Plesk was released in 2003. The company is originally a product of SWsoft (after SWsoft acquired Plesk Inc.) but it’s now shipped under Parallels Inc.
Plesk can be used for Windows as well as Linux which is missing in cpanel :)
In my opinion, Plesk control panel is in the top 3 of control panels that are available to dedicated web hosting users.

Open Plesk in browser and navigate to this window.
Plesk > Home > Logs & Statistics > summary report > view traffic history

Read more »

Increase the traffic of my web site

Search engine optimization is about ways to get your website to the top of search engines.
Offer free, original, and quality content on your site also update your site everyday. Keep adding new stuff and interesting topics.
Improve your search engine ranking by focusing your content on keywords related to your topic.
Advertise your presence.
Be patient. Search engines need a lot of time to index a new website and domain. They need time to index all your content; it's worth the wait.

All the best

Read more »

cPanel Log File Locations

This is a shortlist of various log files for various applications on your Cpanel server. I have listed the application / service name and the location of the log files associated with it.

cPanel Installation Logs:
/var/log/cpanel-install-thread0.log
Apache:
/usr/local/apache/logs/access_log
/usr/local/apache/logs/error_log
Apache domlogs:
/usr/local/apache/domlogs/example.com
Apache SUEXEC Logs:
/usr/local/apache/logs/suexec_log
MySQL
/var/lib/mysql/hostname.err
BIND (named) Log:
/var/log/messages
Exim
/var/log/exim_mainlog
/var/log/exim_paniclog
/var/log/exim_rejectlog
Courier or Dovecot IMAP
/var/log/maillog
Tomcat Logs:
/usr/local/jakarta/tomcat/logs/catalina.err
/usr/local/jakarta/tomcat/logs/catalina.out
cPanel Access Log:
/usr/local/cpanel/logs/access_log
cPanel Error Log:
/usr/local/cpanel/logs/error_log
cPanel License Log:
/usr/local/cpanel/logs/license_log
Stats Execution Logs:
/usr/local/cpanel/logs/stats_log
ChkServd (cPanel Monitoring Daemon) Logs:
/var/log/chkservd.log
cPHulkd
/usr/local/cpanel/logs/cphulkd.log
cPanel Backup Logs:
/usr/local/cpanel/logs/cpbackup/*.log
Pure-FTP
/var/log/messages
/var/log/xferlog (symlinked to /usr/local/apache/domlogs/ftpxferlog)
Cron Logs:
/var/log/cron
SSH Logs:
/var/log/secure
ModSecurity:
/usr/local/apache/logs/modsec_audit.log
/usr/local/apache/logs/modsec_debug_log

Read more »

Install the SSL Server Certificate

Install the SSL Server Certificate Files
--------------------------------------------------
Login to cPanel
Click SSL/TLS Manager > Certificates (CRT) > Generate, view, upload or delete SSL certificates
In the Upload a New Certificate section click the Browse button and locate your SSL Server Certificate file your_domain_com.txt.
Click the Upload button.
Click the Go Back link to return to SSL/TLS Manger.

Setup the Domain
-------------------------
Click SSL/TLS Manager > Setup a SSL certificate to work with your site. If this option is not available to you your ISP may have disabled it and you will need to contact them to complete your SSL setup.
From the Domain drop down menu select the domain that will use the SSL Certificate. The system will attempt to Fetch the SSL Certificate and corresponding private key.
Open GeoTrust_Intermediate.txt in Notepad or other simple text editor (not Word). Copy-and-paste all the contents of the GeoTrust_Intermediate.txt file into the Ca Bundle (CABUNDLE) box.
Click on Install Certificate. You should receive a message that the certificate was successfully installed. If you receive an error you may need to contact your web hosting provider for additional support.

Verify Installation:
-----------------------

New To verify if your certificate is installed correctly, use our Certificate Installation Checker.

Test your SSL certificate by using a browser to connect to your server. Use the https protocol directive. For example, if your SSL was issued to secure.mysite.com, enter https://secure.mysite.com into your browser.

Your browser's padlock icon Browser padlock will be displayed in the locked position if your certificate is installed correctly and the server is properly configured for SSL.

Read more »

How to Block an IP in Windows

I did this in windows server 2003 not sure if these steps will work in other versions of windows.

Take Start menu and take Run else you can press windows key and R in your keyboard.
Type MMC in the box and press OK or hit enter.

Now a console windows will open up. Navigate through  'File' > 'Add/Remove Snap in'.
In the 'Standalone Tab' click The 'add' button.
Seclect 'IP Security Policy Managment' > 'ADD' > 'Local Computer' > 'finish' > 'close' > 'ok'.

After this you will be back to the console.
In the left frame right click 'IP security policies on local computer' > 'Create IP security policy'

Click Next and then name your policy 'Block IP' and type a description.

Click 'Next' then leave 'activate' ticked then click 'Next'

leave the 'edit properties ticked and click 'Finish'

You should now have the properties window open.

Click 'ADD' then click 'Next' to continue.

Leave 'This rule does not specify a tunnel' selected and click 'next'

Leave 'all network connections' selected and click 'next'

You should now be on the IP filter list. You need to create a new filter, so don't select any of the default ones. Click 'ADD'

Type a Name for your list, call it 'IP block list'
Type a description in, can be same as name.
Click 'ADD' then click 'Next' to continue.

In the description box type a description. As its the first IP you are blocking call it 'IP1' or 'IP Range 1'
Leave ticked the 'Mirrored. Match packets with the exact opposite source and destination addresses'
Click 'Next'
The 'Source address' should be left as 'My IP address' click 'Next'

You can now select 'A Specific IP address' or 'A Specific Subnet' for the Destination address.
Type in the IP address you want to block and if blocking a subnet type in the subnet block. Click 'next'

Leave the protocol type as 'Any' and click 'Next' and then 'Finish'

Read more »

Installing rkhunter

Rkhunter is a very useful tool that is used to check for trojans, rootkits, and other security problems. Is a security scanning tool which will scan for rootkits, backdoors, and local exploits.

I will show you how to install it and set it up to send daily reports:

wget -c http://downloads.rootkit.nl/rkhunter-1.1.1.tar.gz

tar -zxvf rkhunter-1.1.1.tar.gz
cd rkhunter-1.1.1
./installer.sh

We have now successfully installed it. To run a complete scan of the server

/usr/local/bin/rkhunter -c

Now setting up the daily report. Open a new file using your favourite editor.

vim /etc/cron.daily/rkhunter.sh

Add this script to the new file (rkhunter.sh). Replace abc@xyz.com with your e-mail address.

#!/bin/bash
(/usr/local/bin/rkhunter -c --cronjob 2>&1 | mail -s "Daily Rkhunter Scan Report" abc@xyz.com)

Give the script permission 

chmod +x /etc/cron.daily/rkhunter.sh

Read more »

TCP Wrapper

TCP Wrapper is used to filter network access to Internet and it can also be used to GRANT or DENY access to various services on your machine to the outside network or other machines on the same network.

You must note that the wrappers do not work with RPC services over TCP. Common services such as pop3, ftp, sshd, telnet, r-services are supported by TCP Wrappers. In linux its actually done by writing simple rules to two files:
1.  /etc/hosts.allow
2. /etc/hosts.deny
When the request for ssh comes it first checks the /etc/hosts.allow file if any rule for the sshd daemon is set in it else it will check for the same in /etc/hosts.deny file.

Examples:

/etc/hosts.allow file

[root@dedico ~]# cat /etc/hosts.allow
#
# hosts.allow    This file contains access rules which are used to
#        allow or deny connections to network services that
#        either use the tcp_wrappers library or that have been
#        started through a tcp_wrappers-enabled xinetd.
#
#        See 'man 5 hosts_options' and 'man 5 hosts_access'
#        for information on rule syntax.
#        See 'man tcpd' for information on tcp_wrappers
#
ALL : .example.com

telnetd : 192.168.0.0/255.255.255.0 EXCEPT 192.168.0.79
sshd, in.tftpd : 192.168.1.10

The first line is a comment, the next line is to define the host example.com that can access to all services. The next line is to show that the telnet service can only be accessed from any host from the 192.168.0.0/24 segment except the IP address 192.168.0.79.

/etc/hosts.deny file

[root@dedico ~]# cat /etc/hosts.deny
#
# hosts.deny    This file contains access rules which are used to
#        deny connections to network services that either use
#        the tcp_wrappers library or that have been
#        started through a tcp_wrappers-enabled xinetd.
#
#        The rules in this file can also be set up in
#        /etc/hosts.allow with a 'deny' option instead.
#
#        See 'man 5 hosts_options' and 'man 5 hosts_access'
#        for information on rule syntax.
#        See 'man tcpd' for information on tcp_wrappers
#
ALL EXCEPT in.tftpd : .example.org
telnetd : ALL EXCEPT 192.168.1.10
ALL:ALL

The first line is to deny all tftp services from all hosts except for example.com. The next line is to deny all traffic to the telnet service from all hosts except from ip address 192.168.1.10.

Read more »

Install LAMP and phpMyAdmin on Ubuntu 11.10 Easy Way

Open terminal and type the command given below. Please note that we have to give "^" at the end and its not a typo. Many prompts will pop up during installation to set password or asking for the server password. Please give them when asked for.
sudo apt-get install lamp-server^

After Installation open a web browser and enter the address http://localhost/.

You should see a page that says "It Works!" Hence you can confirm that apache is working perfectly.

Create a file in the /var/www directory called info.php. Enter the following command in the terminal to create the file.
echo "" | sudo tee /var/www/info.php

Now open a web browser again and enter the address http://localhost/info.php . You will get a php info page. If you are not getting this page try restarting apache2 by giving the command below.
/etc/init.d/apache2 restart

INSTALLING PHPMYADMIN.

LAMP installation will not install phpmyadmin. Also phpmyadmin is not required for the proper functioning of LAMP. It just gives an easy platform for editing.
sudo apt-get install libapache2-mod-auth-mysql phpmyadmin

Open your web browser and enter the address http://localhost/phpmyadmin/ to access it.

Read more »