ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

If you end-up with the error ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2), it means 2 things.

1. You don't have permissions to access the directory /var/lib/mysql/. Check the permission there and change the ownership mysql if it is not. For that do the following

#chown -R mysql.mysql /var/lib/mysql

Then, restart mysql

#/etc/init.d/mysql restart

2. If the permissions are correct, the /tmp/mysql.sock may not be existing. If so do the following.

#/etc/init.d/mysql stop

Then touch a file mysql.sock

#touch /tmp/mysql.sock

Then start the mysql server.

#/etc/init.d/mysql start

 This should fix the issue.....

Install nginx server

Ton install nginx server login to the server as root. Then navigate to the directory whre you would like to download the source file. I usually use /usr/local/src.

#cd /usr/local/src

You can now donload the installation file as shown below.

#wget http://nginxcp.com/latest/nginxadmin.tar

Once the download is finished, extract the tar file that you have downloaded.

#tar xf nginxadmin.tar

Now get into publicnginx

#cd publicnginx

And run the command below to install. 

./nginxinstaller install

You are done !! 

bash: scp: command not found lost connection

 When you try to scp some thing to a remote server you may endup with the error as shown below.

# scp somefile 10.10.10.10:/home
root@10.10.10.10's password: 
bash: scp: command not found
lost connection

This error occurs because the remote host is missing the openssh-clients package. To fix this issue just login to the remote server, and run the command below.

#yum install openssh-clients

This will fix the issue and you could now scp without any issue.

WHM does not show the nameserver ips

When you check the nameserver ips from WHM, it wont show the ip some times. 

Main >> DNS Functions >> Nameserver IPs

To fix this, login to the server as root. The navigate to /var/cpanel.

#cd /var/cpanel

Then make a backup of the file nameserverips.yaml

#cp nameserverips.yaml nameserverips.yaml.bkp

Now edit the file using any editor.

#vi  nameserverips.yaml

It will look like as shown below:

---
ns1.yourdomain.com:
  "": 0
  count: '2'
  zones: ns1.yourdomain.com,ns2.yourdomain.com
ns2.yourdomain.com:
  "": 0
  count: '2'
  zones: ns1.yourdomain,ns2.yourdomain

Now make the following changes in the file.

---
ns1.yourdomain.com:
  "10.10.10.1": 1
  count: '2'
  zones: ns1.yourdomain.com,ns2.yourdomain.com
ns2.yourdomain.com:
  "10.10.10.2": 1
  count: '2'
  zones: ns1.yourdomain,ns2.yourdomain

Where you should replace the nameservers ns1.yourdomain.com and ns2.yourdomain.com with your nameservers, and  ips 10.10.10.1 and 10.10.10.2 to your name server ips.

How to install Csf

Csf installation is very simple and quite straightforward. Login to the server as root, then navigate to the desired location where you wan't to download the installation file.

#cd /usr/local/src

Then download the installation package:

#wget http://www.configserver.com/free/csf.tgz

Now ontar the package using the blow command

#tar -xzf csf.tgz 

Now get into the directory csf

#cd csf 

Now run the below command to install

#sh install.sh

 Once the installation is done, you can do the configuration in

#/etc/csf/csf.conf

Once this is done  disable TESTING mode, lfd will not start while this is enabled. For this change the value to "0" from "1" in csf.conf file.

TESTING = "0"

Once this is done, restart the csf .

#csf -r 

DONE!!!! 

How to install SSL Certificate in a server running Lighttpd

For installing SSL Certificate for domain running in Lighttpd, follow the steps bellow. 

Login to the server and download / copy the certificate files.

Once this has been done, you need to concatenate the certificate and key file into a single pem file. For this follow the step below.

#cat yourdomain-name.key yourdomain-name.crt > yourdomain-name.pem

Now you need to edit lighttpd.conf file and add the following lines.

# vi /etc/lighttpd/lighttpd.conf

     var.confdir = "/etc/lighttpd"
     $SERVER["socket"] == "10.10.10.10:443" {
     ssl.engine = "enable"
     ssl.pemfile = var.confdir + "/yourdomain-name.pem"
     ssl.ca-file = var.confdir + "/your.crt"
     server.name = "your.domain.com"
     server.document-root = "/your/document/root/" }

Make sure that the var.confdir (/etc/lighttpd) is the location where you saved your certificate files. Also change the IP address (10.10.10.10) to your IP address.

Now restart Lighttpd.

#restart lighttpd

You are done. !!!!

How to avoid " cp: overwrite " while copying

While you copy some directory or files it will prompt " cp: overwrite " as shown below.

# cp -rf /some/file/or/directory/* /another/location
cp: overwrite `./some/files/yyy'?

 If there is lot of files, it will hard to do. So to avoid this, just put "\" before the command cp

# \cp -rf /some/file/or/directory/* /another/location

This will eliminate the interactive mode.

how to change mysql password for an user

Suppose you have got a user " db_user " and you have lost the password for the user. You need to reset it. For this just follow the steps bellow.

Get into the server as root, then get into mysql as root user.

#mysql -u root -p******

Where ***** should be replaced with your password for mysql root user.

Then execute the following commands.

mysql> use mysql;

mysql> SET PASSWORD FOR 'db_user'@'localhost' = PASSWORD('new-password'); 

Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;

           Query OK, 0 rows affected (0.00 sec)

mysql>quit

Now the password will be reset to  new-password for the user db_user.

Assign dedicated ip to a domain in Cpanel

Assigning dedicated ip to an account is simple. You just need to follow the steps below.


Home » IP Functions

Home » IP Functions » Change a Site’s IP Address

From here select the account for which the ip has to be changed. Once selected click "Change" button at the bottom.

Now select the ip from the list that you click on the drop down button, and click " Change ".

This will change the ip of the account. 

Enable TUN/TAP in OpenVZ

For installing TUN/TAP for a OpenVZ vps, you should first make sure that the module is enabled in the node.

For this you need to run the command bellow.

# lsmod | grep tun

 If the module is not installed, just install it by running

# modprobe tun

Now to enable the module to the vps, run the following commands. Replace Veid with your vps id

# vzctl set Veid --devnodes net/tun:rw --save

# vzctl set Veid --devices c:10:200:rw --save

# vzctl stop Veid 

# vzctl set Veid --capability net_admin:on --save

# vzctl start Veid

# vzctl exec Veid mkdir -p /dev/net

# vzctl exec Veid chmod 600 /dev/net/tun

Now TUN/TAP is enabled for the vps. To check this get into the vps.

# vzctl enter Veid

Now run the following command in the vps.

# cat /dev/net/tun

 The result of the above command should be

cat: /dev/net/tun: File descriptor in bad state

!! 'httpd' is disabled via '/etc/apachedisable', please re-enable to continue. !!

You may end up with the following error while running /scripts/easyapache

!! 'httpd' is disabled via '/etc/apachedisable', please re-enable to continue. !!

To resolve this, Login to your WHM

Home » Service Configuration » Service Manager

The boxes for http would be unchecked, Just check it

Then Click the " Save " button at the bottom of the page.

Now you can run easyapache without any issue.

Error: Device 768 (vbd) could not be connected. Hotplug scripts not working

When you try to start a Xen vps from solusVM, It wont get started. If you try to start from the backend, you may end up with following error.

# xm create /home/xen/vm123/vm123.cfg

          Using config file "/home/xen/vm123/vm123.cfg".          Error: Device 768 (vbd) could not be connected. Hotplug scripts not working.

Check the hotplug error log :

# tail /var/log/xen/xen-hotplug.log

If you get the following output :

         stat: cannot stat `/dev/xensan/vm123_img': No such file or directory
         Nothing to flush.

Activating the corresponding logical volumes for the vps will fix the issue.

# lvchange -ay /dev/xen**/vm123_img

Missing Perl Libraries error while installing CSF on CentOs 5/6

While installing CSF you may end up with the following error. 

Checking Perl modules...
Can't locate LWP/UserAgent.pm in @INC (@INC contains: /etc/csf /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at (eval 22) line 2.
BEGIN failed--compilation aborted at (eval 22) line 2.

Can't locate Time/HiRes.pm in @INC (@INC contains: /etc/csf /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at (eval 27) line 2.
BEGIN failed--compilation aborted at (eval 27) line 2.

This have got a simple one line fix. Just do the following. 

root@amaziah [~]# yum install -y perl-libwww-perl perl-Time-HiRes

Download speed issue in Xen VPS

For fixing download speed issue in Xen VPS. Make following changes in the vps.

Edit the /etc/sysctl.conf file.

root@amaziah [~]# vi /etc/sysctl.conf

And then add the following lines to the end of the file.

net.core.rmem_max=16777216

net.core.wmem_max=16777216

net.ipv4.tcp_rmem=4096 87380 16777216

net.ipv4.tcp_wmem=4096 65536 16777216

 Now for the changes to take effect, either reboot the vps or issue the following command.

root@amaziah [~]# sysctl -p

Change timezone in Xen VPS

The file /etc/localtime is the one which holds information of server’s timezone.

For changing the timezone you should point it to the correct zone file by creating a soft link.

From following commands below we are changing the current timezone to IST:

Firstly move the current localtime file as backup.

#mv /etc/localtime /etc/localtime.bak

Now from /usr/share/zoneinfo/ you can find the preferred timezone. Once you found the timezone file, crate a soft link   to  /etc/localtime. Eg: For IST

#ln -sf /usr/share/zoneinfo/Asia/Calcutta /etc/localtime

You are done!! You can find the timezone changed. But if you reboot the vps the settings will get reverted back. So once finishing the steps above, do the following. 

 Run following command

echo 1 > /proc/sys/xen/independent_wallclock

Now installed ntp in the vps.

# yum install ntp 

# chkconfig ntpd on

 Synchronize the system clock with 0.pool.ntp.org server:

# ntpdate pool.ntp.org

Start NTP

# /etc/init.d/ntpd start

Now edit /etc/rc.local with your favorite editor and put the following lines there.

# vi  /etc/rc.local

service ntpd stop

echo 1 > /proc/sys/xen/independent_wallclock

ntpdate pool.ntp.org

service ntpd start

You would now get correct timezone and correct time every time you reboot your Xen VPS.

Change timezone in Openvz VPS

The file /etc/localtime is the one which holds information of server’s timezone.

For changing the timezone you should point it to the correct zone file by creating a soft link.

From following commands below we are changing the current timezone to IST:

Firstly move the current localtime file as backup.

#mv /etc/localtime /etc/localtime.bak

Now from /usr/share/zoneinfo/ you can find the preferred timezone. Once you found the timezone file, crate a soft link   to  /etc/localtime. Eg: For IST

#ln -sf /usr/share/zoneinfo/Asia/Calcutta /etc/localtime

Once the link is created, reboot the vps. 

#reboot

You are done!! Now you can find your timezone.

How to setup custom nameservers in Kloxo

To setup custom nameservers in Kloxo, you have to register custom nameservers with your server IP address at your domain registrar.

After custom nameservers has been  registered in your domain registrar control panel, you can setup custom nameservers inside your Kloxo panel. For that you can follow the steps below. 

1. Login to Kloxo as " admin ".

2. From the home screen, click on the " DNS Templates " icon.

3. Now click the " Add DNS Template ".

4. Fill in the form.

5. In DNS Template Name field enter your prefered DNS template name (Any name).

6. From the dropdown lists choose your IP address for your Web and Mail services.

7. In "Primary DNS" and "Secondary DNS" enter your custom nameservers hostnames (The same you have registered in your domain registrar control panel).

8. Press " Add " button.

9. Then change DNS for your domain to you custom DNS servers at your domain registrar.

10. If all setup is done correctly, then it may take up to a 24-48 hours for DNS change to take effect.

error: configure: error: APR is needed to build mod_suphp for Apache 2.x but was not found

If you are facing the following error while installing suPhp

error: configure: error: APR is needed to build mod_suphp for Apache 2.x but was not found

Run ./configure as shown below.

# ./configure --with-apr=/usr/bin/apr-1-config

This should fix the issue. Now you can proceed with

# make

# make install

How to Flush DNS

How to Flush DNS cache in Microsoft Windows

For this just to the following steps.

Start => Run => cmd

Now give the following command in the command prompt

c:\> ipconfig /flushdns 

You are Done!!


How to Flush DNS cache in a Linux Server

For this login to the server. And issue the following command.

root@amaziah [~]# /etc/init.d/nscd restart

                          OR

root@amaziah [~]# service nscd restart

                          OR

root@amaziah [~]# service nscd reload

This will flush DNS cache in Linux.

How to restrict the users accessing a directory

Suppose you have a domain example.com. In the document root of example.com you have a directory "confidential". And you don't want all people to access this directory. So to restrict the access to this directory except few ips. For example 192.168.1.1, 192.168.1.2, 192.168.1.3. Then  you need to follow the steps given below.

First create a file .htaccess  in  "confidential" directory.

root@amaziah [~]#cd /document root/confidential 

#touch .htaccess

Now edit .htaccess using your favorite editor

#vi .htaccess

 Order Deny,Allow

Deny from all

Allow from 192.168.1.1

Allow from 192.168.1.2

Allow from 192.168.1.3

 

Now your confidential data are safe. Only users from 192.168.1.1, 192.168.1.2 & 192.168.1.3 can access it. All others will be denied.  :)

How to block Ddos

You can find the ips which have most number of connections with the command below.

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

The result of above command will look something like that is given below.

1 192.168.1.1
1 192.168.1.2
15 192.168.2.26
25 192.168.2.27
30 192.168.1.29
39 192.168.1.32
100 192.168.1.50


You can use the following script to block the ips causing ddos.


#!/bin/bash

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n > test.out

for i in `cat test.out | awk '{print $2}' `

do

 {

 if [ "$i" != "127.0.0.1" ] && [ `cat test.out | grep $i | awk '{print$1}'` -gt 35 ] && [  "$i" != "0.0.0.0" ]

 then

 iptables -A INPUT -s $i -j DROP

 echo "Writing the rule :iptables -A INPUT -s $i -j DROP"

 fi

 }

done

How to Install maldetect

For installing Maidetect in your server, login to your server.

Download the latest tar file available using wget .

#wget http://www.rfxn.com/downloads/maldetect-current.tar.gz

Extract the file using the the command below.

# tar -xzvf maldetect-current.tar.gz

Get into the directory  maldetect-*

# cd maldetect-1.4.2/

Now issue the following command, which will install maldetect in your server

# sh install.sh

Now for scanning a particular directory "eg: /home"  using maldetect, issue the below command

#maldet -a  /home

Install rkhunter

The following steps explains how to install rkhunter in your server.

Firstly login to your server as root. And navigate to the directory where you would download the file.

# cd /usr/local/src

Now download the source file using wget.

# wget http://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz

Now extract the file using the following comand.

# tar -zxvf rkhunter-1.4.0.tar.gz

And get into the directory rkhunter-*

# cd rkhunter-1.4.0

Now, the command below will install rkhunter in your server.

# ./installer.sh --install

Now to automate the scan do the following steps below. We are creating the file in /usr/local/

# vi rkhunterscan

Add the following script to the file.

#!/bin/sh

( /usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /usr/bin/mail -s "rkhunter output" admin@yourdomain.com

Now change the permission.

# chmod 750 rkhunterscan

Now edit the cronjob.

# crontab -e

Now add the following line.

0 3 * * * /usr/local/rkhunterscan -c

Email alert on root ssh login

For setting up email alert on root login, firstly login to the server.

Then get into the directory /root

# cd /root

The using your favorite editor, edit the file ".bashrc"

# vi .bashrc

Go to the end of the file. And insert the following line.

echo 'ALERT - Root Shell Access (YourserverName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" you@yourdomain.com

Replace the following in the line with your variables.

YourserverName = Server hostname or Server IP address
you@yourdomain.com = Your mail id where you would like to receive the alert.


You are DONE!! Now if you login to the server, you will be receiving email alert at you@yourdomain.com.

Enable/Disable ping in a server

To disable ping in the server, you can execute the following

root@amaziah [~]# echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all

Now, if you want to re-enable it,

root@amaziah [~]# echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all

Now to disable it permanently, you can edit /etc/sysctl.conf

root@amaziah [~]#vi /etc/sysctl.conf

edit the following line

net.ipv4.icmp_echo_ignore_all = 0

and replace the "0" with "1" ie.

net.ipv4.icmp_echo_ignore_all = 1

 then save and close the file.