If you're configuring a new Webserver or adding a new VirtualHost to an existing Apache configuration you will need to restart Apache with or without graceful option once Apache is restarted to assure Apache is continuously running on server (depending on Linux distribution) issue:
2. On CentOS, Fedora, RHEL and SuSE Linux and FreeBSD
ps ax | grep httpd | grep -v grep
7661 ? Ss 0:00 /usr/sbin/httpd 7664 ? S 0:00 /usr/sbin/httpd 7665 ? S 0:00 /usr/sbin/httpd 7666 ? S 0:00 /usr/sbin/httpd 7667 ? S 0:00 /usr/sbin/httpd 7668 ? S 0:00 /usr/sbin/httpd 7669 ? S 0:00 /usr/sbin/httpd 7670 ? S 0:00 /usr/sbin/httpd 7671 ? S 0:00 /usr/sbin/httpd
Whether a new Apache IP Based VirtualHosts are added to already existing Apache and you have added new
Listen 220.127.116.11:80 Listen 18.104.22.168:443
directives, after Apache is restarted to check whether Apache is listening on port :80 and :443
Meaning of 0.0.0.0 is that Apache is configured to Listen on Any Virtualhost IPs and interfaces. This output is usually returned whether in Apache config httpd.conf / apache2.conf webserver is configured with directive.
If in netstat output there is some IP poping up for example "192.168.1.1:http", this means that only connections to the "192.168.1.1" IP address will be accepted by Apache.
Another way to look for Apache in netstat (in case Apache is configured to listen on some non-standard port number) is with:
netstat -l |grep -E 'http|www'
tcp 0 0 *:www *:* LISTEN
As sometimes it might be possible that Apache is listening but its processes are in in defunct (Zommbie) state it is always a good idea, also to check if pages server by Apache are opening in browser (check it with elinks, lynx or curl)
To get more thorough information on Apache listened ports, protocol, user with which Apache is running nomatter of Linux distribution use lsof command:
I'm running a two servers for a couple of home hosted websites. One of the servers is serving as Apache host1 and has configured MySQL running on it and the second is used just for database host2 – (has another MySQL configured on it). The MySQL servers are not configured to run as a MySQL MASTER and MySQL SLAVE (no mysql replication), however periodically (daily), I have a tiny shell script that is actualizing the data from the active SQL host2 server to host1.
Sometimes due to electricity problems or CPU overheats the active MySQL host at host2 gets stoned and stops working causing the 2 WordPress based websites and One joomla site inaccessible. Until I manually get to the machine and restart host2 the 3 sites are down from the net and as you can imagine this has a very negative impact on the existing website indexing (PageRank) in Google.
When I'm at home, this is not a problem as I have physical access to the servers and if somethings gets messy I fix it quickly. The problem comes, whether I'm travelling or in another city far from home and there is no-one at home to give the hanged host hard reboot ….
Lately the problems with hang-ups of host2 happaned 3 times or so for 2 weeks, as a result the websites were inaccessible for hours and since there is nobody to reboot the server for hours; the websites keep hanging until the DB host is restarted ;;;;
To work-around this I came with the idea to write a tiny shell script to check if host2 is ping-able in order to assure the Database host is not down and then if script determines host2 (mysql) host is down it changes wp-config.php (set to use host2) to a wp-config.php (which I have beforehand configured to use) host1.
Using the script is a temporary solution, since I have to actually find the real hang-up causing troubles, but at least it saves me long downtimes. Here is a download link to the script I called change_blog_db.sh . I've configured the script to be run on the Apache node (host1) via a crontab calling the script every 10 minutes, here is the crontab:
The script is written in a way so if it determins host2 is reachable a copy of wp-config.php and Joomla's configuration.php tuned to use host2 is copied over the file config originals. In order to use the script one has to configured the head variables script section, e.g.:
wp-config-localhost.php, wp-config-192.168.0.2.php ,configuration-192.168.0.2.php, wp-config-localhost.php to be existing files configured to with proper host1 and host2 IP addresses. Hope the script will be useful to others, experiencing database downtimes with WordPress or Joomla installs.
After writting in previous article on how talk be used to handle interactive chat console sessions on FreeBSD, I thought of dropping a few lines on how same is done on Debian, so here is how:
1.; Install talk and talkd
noah:/home/hipo# apt-get --yes install talk talkd
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
0 upgraded, 2 newly installed, 0 to remove and 93 not upgraded.
Need to get 19.0 kB/42.3 kB of archives.
After this operation, 201 kB of additional disk space will be used.
Get:1 http://ftp.nl.debian.org/debian/ stable/main talkd amd64 0.17-14 [19.0 kB]
Fetched 19.0 kB in 0s (67.1 kB/s)
Selecting previously deselected package talk.
(Reading database ... 90%
Unpacking talk (from .../talk_0.17-14_amd64.deb) ...
Selecting previously deselected package talkd.
Unpacking talkd (from .../talkd_0.17-14_amd64.deb) ...
Processing triggers for man-db ...
Setting up talk (0.17-14) ...
update-alternatives: using /usr/bin/netkit-ntalk to provide /usr/bin/talk (talk) in auto mode.
Setting up talkd (0.17-14) ...
2.;; Check and make sure talk and ntalkd lines are present in /etc/inetd.conf
Now you probably wonder why are there two lines in /etc/inetd.conf for ))
in.talkd and in.ntald
in.talkd daemon's aim is to deliver talk sessions between logged in users on one Linux host with few logged in users willing to talk to each other locally;; Wheter in.ntalkd is designed to serve interactive user talks between the host where in.ntalkd is installed and remote systems ruwhich have the talk client program installed. Of course in order for remote talks to work properly the firewall (if such has to be modified to allow in.ntalkd chats. I've never used in.ntalkd and on most machines having in.ntald hanging around from inetd, could be a potential security hole so, for people not planning to initiate remote TALKs between Unix / Linux / BSD hosts on a network it is a good practice the ntalkd line seen above in inetd.conf to be commented out ::;
3.;;; Restart openbsd-inetd init script and talk is ready to use
noah:~# /etc/init.d/openbsd-inetd restart
* Restarting internet superserver inetd
Onwards to use talk between two users the syntax is same like on other BSD, as a matter of fact TALK – console / terminal interactive chat originally was developed for the 4.2BSD UNIX release ;; the Linux code is a port of this BSD talk and not rewrite from scratch.
Using talk between two logged in users on pts/1 (lets say user test) and tty1 (user logged as root) is done with:
On tty1 the user has to have enabled Talk sessions request, by default this behaviour in Debian and probably other Debian based Linuxes (Ubuntu) for instance is configured to have talks disabled, i,e ,,,
Enabling it on root console is done with:
root@noah:~# mesg y
Once enabled the root will be able to see the TALK service requests on tty1 otherwise, the user gets nothing. With enabled messaging the root user will get on his tty:
Message from TalkDaemon@his_machine...
talk: connection requested by your_name@your_machine.
talk: respond with: talk your_name@your_machine
So on the root console to reply back to talk chat request:
A combination of two wordpress caching plugins (Hyper Cache and Db Cachesignificantly improves the access times of a wordpress based blogs and websites.
Installing the two websites has drastically improved my blog opening times, so in my view having the two plugins on every wordpress install out there is a must! 🙂 The plugins installation is straight forward, here is how I installed them.
1. Installing Hyper Cache on WordPress
To install Hyper Cache all I had to do is download and enable the plugin, the plugin doesn’t require any configuration. I always love it when I don’t have to bother with reading configuration options and pondering for some 20 minutes on the plugin features, so in that perspective Hyper Cache in my view is a good alternative to WordPress Super Cache
Besides that WordPress Super Cache was having issues when enabled on few wordpress based websites I manage these days. For comparison Hyper Cache worked just great on all wordpress install I tried the plugin so far.
To install all I had to do is download the plugin unzip and enable it:
a. Download and unzip it
debian:/var/www/blog# wget http://downloads.wordpress.org/plugin/hyper-cache.zip
debian:/var/www/blog# cd wp-content/plugins
debian:/var/www/blog/wp-content/plugins# unzip hyper-cache.zip
b. Enable Hyper Cache plugin
To enable the plugin follow to standard plugin location;
Plugins -> Inactive -> Hyper Cache (Enable)
To enable the plugin follow to standard plugin location;
What Db Cache, does it does caching of last queries made to MySQL for specified time, so if the query has to be refetched again from wordpress’s php frontend the queries results are fetched straight for the memory. This decreases the load towards the MySQL server and increases the webpages loading time.
As the plugin page suggests it’s way faster than other html caching-plugins like WP-Cache or WP Super Cache
However, I think its still slower than using a combination of WP Super Cache’s alternativeHyper Cache and Db Cache . Combining this two could rise the webpage opening times according to some statisticonline at best cases up to 830% !! 😉 Let me proceed with how I did the install of Db Cache .
On other GNU/Linux distributions the above commands (user and group) www-data:www-data, should be set to whatever user/group Apache is running with, on Slackware this would be nobody:nobody, on CentOS and RHEL it would be apache:apache.
There are few commands I usually use to track if my server is possibly under a Denial of Service attack or under Distributed Denial of Service
Sys Admins who still have not experienced the terrible times of being under a DoS attack are happy people for sure …
1. How to Detect a TCP/IP Denial of Service Attack This are the commands I use to find out if a loaded Linux server is under a heavy DoS attack, one of the most essential one is of course netstat. To check if a server is under a DoS attack with netstat, it’s common to use:
As you could see from the above command output the IP 22.214.171.124 is either connected 221 times to the server or is in state of connecting or disconnecting to the node.
Another possible way to check, if a Linux or BSD server is under a Distributed DoS is with the list open files command lsof Here is how lsof can be used to list the approximate number of ESTABLISHED connections to port 80.
Another way to get an approximate number of established connections to let’s say Apache or LiteSpeed webserver with lsof can be achieved like so:
linux:~# lsof -i TCP:80 |wc -l
I find it handy to keep track of above lsof command output every few secs with gnu watch , like so:
linux:~# watch "lsof -i TCP:80"
2. How to Detect if a Linux server is under an ICMP SMURF attack
ICMP attack is still heavily used, even though it’s already old fashioned and there are plenty of other Denial of Service attack types, one of the quickest way to find out if a server is under an ICMP attack is through the command:
server:~# while :; do netstat -s| grep -i icmp | egrep 'received|sent' ; sleep 1; done
120026 ICMP messages received
1769507 ICMP messages sent
120026 ICMP messages received
1769507 ICMP messages sent
As you can see the above one liner in a loop would check for sent and recieved ICMP packets every few seconds, if there are big difference between in the output returned every few secs by above command, then obviously the server is under an ICMP attack and needs to hardened.
3. How to detect a SYN flood with netstat
linux:~# netstat -nap | grep SYN | wc -l
1032 SYNs per second is quite a high number and except if the server is not serving let’s say 5000 user requests per second, therefore as the above output reveals it’s very likely the server is under attack, if however I get results like 100/200 SYNs, then obviously there is no SYN flood targetting the machine 😉
Another two netstat command application, which helps determining if a server is under a Denial of Service attacks are:
server:~# netstat -tuna |wc -l
server:~# netstat -tun |wc -l
Of course there also some other ways to check the count the IPs who sent SYN to the webserver, for example:
server:~# netstat -n | grep :80 | grep SYN |wc -l
In many cases of course the top or htop can be useful to find, if many processes of a certain type are hanging around.
4. Checking if UDP Denial of Service is targetting the server
If after getting an IP that has too many connections to the server and is almost certainly a DoS host you would like to filter this IP.
You can use the /sbin/route command to filter it out, using route will probably be a better choice instead of iptables, as iptables would load up the CPU more than simply cutting the route to the server.
Here is how I remove hosts to not be able to route packets to my server:
route add 126.96.36.199 reject
The above command would null route the access of IP 188.8.131.52 to my server.
Later on to look up for a null routed IP to my host, I use:
route -n |grep -i 184.108.40.206
Well hopefully this should be enough to give a brief overview on how, one can dig in his server and find if he is under a Distributed Denial of Service, hope it’s helpful to somebody out there. Cheers 😉
I'm so depressed these days that I'm trying to write something decent here but everytime I try I do stop and delete all I have written and start from scratch again. It's terrible, I believe everyone have this days and they're so dark that even the smallest ray of light is gone somewhere…
The causes for depression are multiple, I know we're entering into the season period and that could be a factor, but truly for a long time I haven't felt that bad and I really cannot find the true cause. It's like hunting the unexplained. Being a citizen of a countries on the balkans brings a lot of questions which cannot get answered. Why we the Balkan and more specificly most of the Orthodox Christian countries are suffering so badly and economically in constant crisis and recession? From a material perspective Bulgaria is one of the worst countries one can live in, we the people on the balkans are chronically depressed and it really seems like a downward spiral We've been gone through so far, when I was a child we were teached in the spirit of communism and a believe in a hard material realities.
Communism has taught us we're all fleshly brothers and we should live in groups and stick to the group, now as the democracy come it's on the contraty, we're being constantly re-taught that we should leave behind the group kind of thinking and all built from communism destroy it all and build the new society… We're told by individualist nations like USA and Western europe that the only thing for the good of a person is to (get an absolute individualistic life and only exist for the greater goodness of each ones self as individuals..
As with everything the Balkans are notable for being a very unordered place. Living here is like living in chaos… The social security policies here are not working, the jurisdiction is working on behalf of the rich, the police force is seriously disfunctional and easily bribable. Put next to all this shit a high levels of unemployment and a lot of unhappy depressed people crawling around the streets and you get the picture … As a normal consequence most of the young people have entered a dark ways of alcoholism and hard-core nihillism. There are high level of people who are oriented into the new dark realities of Metal or underground music. Each philosophy that is being put in from the west is being adopted here and being multiplied million times and mostly the bad things are being adopted and less rarely the good ones… It's so mixed up that nobody can explain why it is happening as it is here. I really am trying hard to convince myself for a years now that it is worthy to live here but the more I live here in Bulgaria the more I see all is getting worser than getting for good.
I wonder for how long it will go this pointless way, we the balkan people are living in ruins literally.
The only light we still have is the Church, but very sadly most people has left behind the faith and prefer to follow the fake American dream than to obey to our old ways and traditions.
Globalisation has entered in the Balkans in a full-force and is destroying our ancient culture and traditions and building the fakeness of the coca-cola culture that most of the people prefer to adore nowdays …
Bulgaria's population is mostly based of old people and we're a dying nation, if a miracle doesn't happen then we definitely will be gone.
As I’m continuing my nginx adventures this days, by trying to take the best out of the installed nginx server, I’ve found few configuration options, which does improve nginx’s server performance and thought it might be nice to share it here in hope that some other nginx novice might benefit out if them. To setup and start using the options you will have of course to place the conf directives in /usr/local/nginx/conf/nginx.conf or wherever your nginx.conf is located.
The configuration options should be placed in nginx’s conf section which starts up with:
Here are the configuration options useful in hastening my nginx’s performance:
In this dark days of humanity, we can rarely find persons who live in a holy way like the saints from the Holy Bible or the Books of the Living of the Saints
Saintship has been slowly disappearing from earth just like it's prophecised by Christ our Saviour and the Holy Apostles and in later times by many monks, Church hierarchs, patriarchs and hermits.
In Bulgaria as in most parts of the Orthodox world the Christian faith apostacy is also clearly seen. We can no longer see saint hermits like our patron saint of Bulgaria Saint John of Rila
Even in this dark days God still shows mercy to us and still present us some of his saints. The topic of this article as you have already red in the title is Elder Dobri of the Baylovo village
Elder Dobri of Baylova has been a regular person like all of us with a family and children just until 12 years ago. About 12 years ago the I would call him The Living saint has decided to let all the earthly passions and sorrows for Christ and his eternal salvation. He despised the earthly goodness and become a beggar, all the collected money he got were distributed among other poor people or donated to Churches and monasteries belonging to the Bulgarian Orthodox Church.
Day by day and a coin by coin, he has collected thousands of levs (the bulgaria national currency). The gathered money were given to support the live of monasteries and Churches, by this very date. This old man is the greatest donator for the Cathedral Church St. Alexsander Nevski (situated at the heart of Bulgaria's capital Sofia)
His words spoken just like the saints are full of grace and goodness. One of his famous sayings are:
Man has Always two wills in himself in every moment of his life, the will to do good and the will to do evil As all the truths his sayings are simple but represent the ultimate truth which was also said in many other forms in The Holy Bible Gospels and God's law.
The external outlook of Dqdo Dobri is also saintly, he has long beard a shining eyes and a national folklore dress. He looks like he has been out of some old Bulgarian tale.
It's very striking fact that he that this old man is the biggest donator for our Cathedral Temple, we have many millionaires and businessman in Bulgaria but nobody has decided to donate to our Church such a high sum of money.
Elder Dobri's donation for the St. Alexander Nevski's Church is in value 35700 levs (around 19000 euros). Dqdo Dobri is a beggar for Christ, this is one of the major types of saintship we read about in the living of the saints. All the collected money from people are given for God's Glory. It's amazing heroism and an example, all we the Christians should follow to fulfill Christ's law of love and inherit the internal salvation. A friend of mine who has the blessing to see Elder Dobri with her own eyes and have a small talk with him, has shared with me that even though he wears an old ragged clothes, his clothes and body emit a roses like odor!
As the fame about the same has grown these days, the Bulgarian National television has prepared a small video about the saint. I believe the video as a true blessing for us the Christians and will encourage us to persist in the good deads. Here I present you the videos you can see the living saint, I hope by his holy prayers God will show mercy to all us who watch his graceful words:
The Living Christian Saint from Baylovo Village – Bulgaria
Elder Dobri from Baylovo – Bulgaria
Inteview with Elder Dobri in his house in Baylovo (the interview is in Bulgarian)
I stand up in the morning at somewhere around 09:30. I made my physical excersises everyday. What I have to say that I’m trying to fast. You know it’s the orthodox fasting period. Orthodox Eastern has to be on 27 may if I’m not mistaken. In the morning we had Marketing II classes with a teacher called Stanislav. Nobody has a homework and only three of us entered the classes so the teacher was furious. After that we had lectures with Ruelof on the topic of Marketing Research. I had not much job from work. Our project manager said that they are going to give me a phone so they can reach me cheaper and easier. We have to had some English classes just after the Marketing Planning lectures but the teacher Valio said we won’t have it because he has some job to do. After the school I worked on the servers. Servers and stuff works just fine thanks to God. Unfortunately my health issues continue on and on. I’m starting to loose temper I try to pray for a little every night before I go to bed and every evening. I still hope God would hear me and heal me. Ahm what else in the evening I went to the 2nd hand furniture shop of my cousin Zlatina and her husband Ivailo I spend a little less than an hour there. After that I went to Yasho a colleague 1st year (A metal head and brother of one of my class mates) and we watched Dr. Strangelove together Or How I learned to stop worrying and drop the bomb. I really enjoy this Kubrick film :). That’s most of the day. I figure out that one of the qmail chkuser’s patch wasn’t working properly on one of the servers and I did some tweaks to make it work. Also I’m reading a little book on MySQL although I almost doesn’t have time to read it. Well that’s it Let’s call it a day.END—–
In Saturday we had a Training day at Design.BG. It wasn’t too interesting the Boss spoke a lot about a new hierarchy being implanting into the corporation. Big mouths were said “how we should not anymore say that we make sites in the office or out if it.” He said: “We doesn’t make sites! We make projects and solutions for the client” :). Mitko has come back in Dobrich in Saturday (For the weekend) and Sunday and we went out twice. I haven’t touched computers much this weekend :).In the morning in Sunday I went to Liturgy and after that we had a small walk with Stoyan. After that I watched the 3 seriesof “From Dusk till Dawn” nice vampire story btw 🙂 And yes I like the style of Tarantino.
At some time I feeled very alone like nobody cares about me. I called Lily and we spend some good time together :).
☩ Walking in Light with Christ – Faith, Computing, Diary 2006-2020 Powered by: Pc Freak Solutions and Comments (RSS). Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.