Error: You need to install the missing perl modules and then install csf in DirectAdmin

If you end up with the error "Error: You need to install the missing perl modules and then install csf in DirectAdmin"

Running the following commands should fix the issue. 

# yum install perl-Time-HiRes
OR
# yum install perl-libwww-perl

Install suPHP on debian

Before starting the installation install the prerequisites needed to build mod_suphp with the command below.

#apt-get install php5-cgi apache2-prefork-dev

Now move to the directory where you would like to download the installation file

#cd /usr/local/src

The download it with the command below.

#wget http://www.suphp.org/download/suphp-0.6.2.tar.gz

Now unpack the file

#tar xvfz suphp-0.6.2.tar.gz

and,

#cd suphp-0.6.2

Now you can install with the following commands.

#./configure

Now if you end up with following error while running ./configure

APXS was not found, so mod_suphp will not be built!

Run the command again with the following option. ( where path to apxs may differ )

#./configure --with-apxs=/usr/bin/apxs2

 Now you can proceed with the commands below.

#make
#make install

Now add the module to apache.

#vi /etc/apache2/httpd.conf

And add the following line.

LoadModule suphp_module /usr/lib/apache2/modules/mod_suphp.so

Then restart apache.

#/etc/init.d/apache2 restart

DONE!!

Enable Iptables Modules for a VPS

Before enabling the modules to the VPS , make sure that its enabled in the root node of the VPS. You can check it using the command below.

#lsmod | grep -i module_name

If its not enabled, then enable it by using the modprobe command 

#modprobe iptables_module
#modprobe ipt_helper
#modprobe ipt_REDIRECT
#modprobe ipt_TCPMSS
#modprobe ipt_LOG
#modprobe ipt_TOS
#modprobe iptable_nat
#modprobe ipt_length
#modprobe ipt_tcpmss
#modprobe iptable_mangle
#modprobe ipt_tos
#modprobe iptable_filter
#modprobe ipt_helper
#modprobe ipt_tos
#modprobe ipt_ttl
#modprobe ipt_SAME
#modprobe ipt_REJECT
#modprobe ipt_helper
#modprobe ipt_owner
#modprobe ip_tables
#modprobe ipt_MASQUERADE
#modprobe ipt_multiport/xt_multiport
#modprobe ipt_state/xt_state
#modprobe ipt_limit/xt_limit
#modprobe ipt_recent
#modprobe xt_connlimit
#modprobe ipt_owner/xt_owner
#modprobe iptable_nat/ipt_DNAT
#modprobe iptable_nat/ipt_REDIRECT

Now to enable the module to the container, first stop the container which one you want to enable the module . Assuming the vps id as 101 here.  

# vzctl stop 101

Now you can enable the module to the vps either by executing the following command

# vzctl set 101 --iptables ipt_REJECT --iptables ipt_tos --iptables ipt_TOS --iptables ipt_LOG --iptables ip_conntrack --iptables ipt_limit --iptables ipt_multiport --iptables iptable_filter --iptables iptable_mangle --iptables ipt_TCPMSS --iptables ipt_tcpmss --iptables ipt_ttl --iptables ipt_length --iptables ipt_state --iptables iptable_nat --iptables ip_nat_ftp --save

                                                 OR

By adding manually to the configuration file /etc/vz/conf/veid.conf 

#vi /etc/vz/conf/101.conf

and then paste following at the end of the file.

 

IPTABLES="iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc"

Now restart the container.

# vzctl restart 101

This will enable the modules to the vps.

Install Ioncube loader in Debian

For installing Ioncube loader in debian follow the steps below.

Get into the server and change the directory where you would like to download the package to. 

#cd /usr/local/src

Now download IonCube loader using the command below ( chose according to which architecture you have )

#wget http://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
                                                        OR
#wget http://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz

Now extract the downloaded file

#tar zxvf ioncube_loaders_lin_*.tar.gz

 Now move the directory ioncube to a permanent location

#mv ioncube /usr/local/

Now edit the php.ini file and add the following ( You can choose the version of ioncube loader the one that suites your needs )

#vi /etc/php5/apache2/php.ini
zend_extension = /usr/local/ioncube/ioncube_loader_lin_5.2.so

Now restart apache

#/etc/init.d/apache2 restart

Done !!

ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)

If you end-up with the error ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2), it means 2 things.

1. You don't have permissions to access the directory /var/lib/mysql/. Check the permission there and change the ownership mysql if it is not. For that do the following

#chown -R mysql.mysql /var/lib/mysql

Then, restart mysql

#/etc/init.d/mysql restart

2. If the permissions are correct, the /tmp/mysql.sock may not be existing. If so do the following.

#/etc/init.d/mysql stop

Then touch a file mysql.sock

#touch /tmp/mysql.sock

Then start the mysql server.

#/etc/init.d/mysql start

 This should fix the issue.....

Install nginx server

Ton install nginx server login to the server as root. Then navigate to the directory whre you would like to download the source file. I usually use /usr/local/src.

#cd /usr/local/src

You can now donload the installation file as shown below.

#wget http://nginxcp.com/latest/nginxadmin.tar

Once the download is finished, extract the tar file that you have downloaded.

#tar xf nginxadmin.tar

Now get into publicnginx

#cd publicnginx

And run the command below to install. 

./nginxinstaller install

You are done !! 

bash: scp: command not found lost connection

 When you try to scp some thing to a remote server you may endup with the error as shown below.

# scp somefile 10.10.10.10:/home
root@10.10.10.10's password: 
bash: scp: command not found
lost connection

This error occurs because the remote host is missing the openssh-clients package. To fix this issue just login to the remote server, and run the command below.

#yum install openssh-clients

This will fix the issue and you could now scp without any issue.

How to install Csf

Csf installation is very simple and quite straightforward. Login to the server as root, then navigate to the desired location where you wan't to download the installation file.

#cd /usr/local/src

Then download the installation package:

#wget http://www.configserver.com/free/csf.tgz

Now ontar the package using the blow command

#tar -xzf csf.tgz 

Now get into the directory csf

#cd csf 

Now run the below command to install

#sh install.sh

 Once the installation is done, you can do the configuration in

#/etc/csf/csf.conf

Once this is done  disable TESTING mode, lfd will not start while this is enabled. For this change the value to "0" from "1" in csf.conf file.

TESTING = "0"

Once this is done, restart the csf .

#csf -r 

DONE!!!! 

How to install SSL Certificate in a server running Lighttpd

For installing SSL Certificate for domain running in Lighttpd, follow the steps bellow. 

Login to the server and download / copy the certificate files.

Once this has been done, you need to concatenate the certificate and key file into a single pem file. For this follow the step below.

#cat yourdomain-name.key yourdomain-name.crt > yourdomain-name.pem

Now you need to edit lighttpd.conf file and add the following lines.

# vi /etc/lighttpd/lighttpd.conf

     var.confdir = "/etc/lighttpd"
     $SERVER["socket"] == "10.10.10.10:443" {
     ssl.engine = "enable"
     ssl.pemfile = var.confdir + "/yourdomain-name.pem"
     ssl.ca-file = var.confdir + "/your.crt"
     server.name = "your.domain.com"
     server.document-root = "/your/document/root/" }

Make sure that the var.confdir (/etc/lighttpd) is the location where you saved your certificate files. Also change the IP address (10.10.10.10) to your IP address.

Now restart Lighttpd.

#restart lighttpd

You are done. !!!!

Install rkhunter

The following steps explains how to install rkhunter in your server.

Firstly login to your server as root. And navigate to the directory where you would download the file.

# cd /usr/local/src

Now download the source file using wget.

# wget http://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.0/rkhunter-1.4.0.tar.gz

Now extract the file using the following comand.

# tar -zxvf rkhunter-1.4.0.tar.gz

And get into the directory rkhunter-*

# cd rkhunter-1.4.0

Now, the command below will install rkhunter in your server.

# ./installer.sh --install

Now to automate the scan do the following steps below. We are creating the file in /usr/local/

# vi rkhunterscan

Add the following script to the file.

#!/bin/sh

( /usr/local/bin/rkhunter --versioncheck
/usr/local/bin/rkhunter --update
/usr/local/bin/rkhunter --cronjob --report-warnings-only
) | /usr/bin/mail -s "rkhunter output" admin@yourdomain.com

Now change the permission.

# chmod 750 rkhunterscan

Now edit the cronjob.

# crontab -e

Now add the following line.

0 3 * * * /usr/local/rkhunterscan -c

Email alert on root ssh login

For setting up email alert on root login, firstly login to the server.

Then get into the directory /root

# cd /root

The using your favorite editor, edit the file ".bashrc"

# vi .bashrc

Go to the end of the file. And insert the following line.

echo 'ALERT - Root Shell Access (YourserverName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" you@yourdomain.com

Replace the following in the line with your variables.

YourserverName = Server hostname or Server IP address
you@yourdomain.com = Your mail id where you would like to receive the alert.


You are DONE!! Now if you login to the server, you will be receiving email alert at you@yourdomain.com.