Archive for the ‘Debian’ Category

Code to grep file

Posted: July 28, 2011 in archlinux, Debian, Freebsd, Slackware, squid

This is simple code to grep file …

This code using by other to grep squid configurations and other like apache.conf.

# cat /etc/squid/squid.conf | sed ‘/ *#/d; /^ *$/d’

(thanks to kotnik for small sed trick)

to safe file use this

# cat /etc/squid/squid.conf | sed ‘/ *#/d; /^ *$/d’ > /etc/squid/squid.conf-new

to view or search something in squid access.log use this command

# grep ‘string-to-search’ /var/log/squid/access.log

Simple trick but you can use it…

### http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html

Apache run under Multiple User

Posted: April 30, 2011 in Debian

1. Install apache2-mpm-itk

aptitude install apache2-mpm-itk

2. After Create user

adduser WebAdmin

**force user to use apache group

usermod -g www-data WebAdmin

3. Add this line on vhost

<IfModule mpm_itk_module>

AssignUserId WebAdmin www-data

</IfModule>

4. Chown folder to user

chown WebAdmin:www-data /var/www/web/* -R

5. Reload apache

service apache2 reload

mysql -u username -p –default-character-set=utf8 “database” < backup.sql

THANKS TO BRO HARIS !!!

Untuk high performance network rules dia :-

1) Pakai cat6 dan pastikan hubungan server dan switch menggunakan
1GB/s (Gigabit switch).

2) pakai OS 64bit

3) Perlu buat kernel tunning terutama TCP tunning, files limit dan process limit

http://people.redhat.com/alikins/system_tuning.html

http://www.performancewiki.com/linux-tuning.html

Yang ni yang paling saya suka walaupun untuk Oracle

http://www.puschitz.com/TuningLinuxForOracle.shtml

APACHE – ServerToken and X-Powered

Posted: February 21, 2011 in Debian, Freebsd

Secure your apache and php by hide information of it.

for debian / ubuntu

root@webserv# pico /etc/apache2/conf.d/security

ServerTokens Prod

ServerSignature Off

after that for php5

root@webserv#/etc/php5/apache2/php.ini

find expose_php and closed it (default is on)

expose_php off

root@webserv# /etc/init.d/apache2 restart

 

For freebsd

webserv# pico /usr/local/etc/apache22/httpd.conf

ServerTokens Prod
ServerSignature Off

after that for php5

webserv# pico /usr/local/etc/php.ini

find expose_php and closed it (default is on)

expose_php off

webserv#/usr/local/etc/rc.d/apache2 restart

 

 

 

IPTABLES – Block Script

Posted: February 13, 2011 in archlinux, Debian, Slackware

root@web:~# pico /skrip/ip
root@web:~# pico /skrip/ipsub
root@web:~# pico /skrip/block

####################### PUT THIS ON /skrip/block ##################

BLOCKDB=’/skrip/ip’
IPS=$(grep -Ev “^#” $BLOCKDB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

#BLOCK SUBNET
BLOCKSUB=’/skrip/ipsub’
IPS=$(grep -Ev “^#” $BLOCKSUB)
for i in $IPS
do
iptables -A INPUT -s $i -j DROP
iptables -A OUTPUT -d $i -j DROP
iptables -A INPUT -p tcp -s $i –dport 21 -j DROP
iptables -A INPUT -p tcp -s $i –dport 80 -j DROP
done

####################### PUT THIS ON /skrip/block ##################

root@web:~# chmod +x /skrip/block

root@web:~#/skrip/block

*** put ip /skrip/ip

root@web:~#echo ‘123.123.123.123’ >> /skrip/ip

*** put ip range on /skrip/ipsub

root@web:~#echo ‘123.123.123.0/24’ >> /skrip/ipsub

I’am suing Lighttpd for serve multiple domain …

Always forget how to configure ….

## For 1 domain

simple-vhost.server-root = “/var/www/servers/”

simple-vhost.default-host = “kami337fm.com”

simple-vhost.document-root = “pages”

$HTTP[“host”] == “kami337fm.com” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## For host www and without www (www.kami337fm.com & kami337fm.com)

$HTTP[“host”] =~ “(^|\.)kami337fm\.com$” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## For host .com and .org (www.kami337fm.com & kami337fm.org)

$HTTP[“host”] =~ “^(www\.kami337fm\.org|www\.kami337fm\.com)$” {

server.document-root = “/var/www/servers/news2.example.org/pages/”

}

## for 2 and more host

$HTTP[“host”] !~ “^(test1\.example\.org|test2\.example\.org)$” {

simple-vhost.server-root = “/var/www”

simple-vhost.document-root = “/html/”

## the default host if no host is sent

simple-vhost.default-host = “example.org”

}

$HTTP[“host”] == “test1.example.org” {

server.document-root = “/home/user/sites/test1.example.org/”

accesslog.filename = “/home/user/sites/logs/test1.example.org.access.log”

}

$HTTP[“host”] == “test2.example.org” {

server.document-root = “/home/user/sites/test2.example.org”

accesslog.filename = “/home/user/sites/logs/test2.example.org.access.log”

}