Check Dedicated Server Specifications | check raid
This post explains few quick linux commands to check server specifications. I tried to explain every command output in this post as follows:
# cat /sys/block/sda/queue/rotational
if above commnad returns 1 it means HDD else if it returns 0 then it is SSD.
# cat /proc/meminfo
MemTotal: 131778740 kB
Above command returns huge list of outputs, however you can ignore all and should focus on 1st line which tells about total Memory. You can convert KBs to MBs at google in order to get values in MBs.
Remove IPtables rules from rescue system
Hey, this article explains how you can remove IPtables rules if they are blocking access to the server. This usually happens if you wrongly configured IPtables or got any port blocked mistakenly like SSH port. Following the below steps to get it fixed.
Operating System : These steps are tested on Centos 6, however not tested on other operating systems.
- Boot your server into rescue system. (If you cannot boot it you can ask your server provider to do this for you.)
- Login to rescue system via SSH and then:
- List hard disk partitions:
# fdisk -l
- Output will be like:
Device Boot Start End Blocks Id System/dev/sda1 * 2048 1026047 512000 83 Linux/dev/sda2 1026048 234436607 116705280 8e Linux LVM/dev/sda3 234436608 234440703 2048 83 LinuxDisk /dev/mapper/vg-root: 102.6 GiB, 110125645824 bytes, 215089152 sectorsUnits: sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytesDisk /dev/mapper/vg-tmp: 1 GiB, 1073741824 bytes, 2097152 sectorsUnits: sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytes
This is your root partition : Disk /dev/mapper/vg-root: 102.6 GiB
- Now mount this partition on /mnt point:
# mount /dev/mapper/vg-root /mnt
- Nothing will be shown if above command succeeds.
- Now navigate to the sysconfig directory where iptables rules are saved:
# cd /mnt/etc/sysconfig
- There is file called iptables which stores all the iptables rules. You just have to rename it:
# mv iptables iptables-old
# mv iptables.save iptables.save-old
- Now you have changed iptables rules and ready to reboot your system into original operating system, but you need to unmount the partition as follows:
http2 is the latest protocol everyone is migrating on it due to its reliability and speed. So my client asked me the same to enable it for his server, i had to enable http2 protocol on one of my client’s dedicated server. After enabling it i faced very strange issue that took my couple of hours figuring out the main cause.
I enabled http2 and then tried to access web site with local chrome browser (Version 65.0.3325.181 (Official Build) (64-bit)) it returned http/1.1 all the time in network tab. Then i tried accessing it on my remote desktop server having windows 2012 standard version i saw all the things work fine and in network tab i saw h2 which means it is working.
So i searched on google and came to the conclusion it is either network (ISP), antivirus or firewall which is blocking the access via http2 and reverting back to http/1.1 protocol. Here are 2 URLs to check for http2 support locally and on web server.
Email sending failed with outlook 2007 and 2010
Email sending is main feature of any hosting account that must have feature whether on linux or on windows OS. Most of the users use desktop clients to send or receive their emails, and yes that is the easiest way to communicate with your clients. Okay, lets come to the main topic, if you’re web hosting provider and using cPanel/WHM hosting panel to provide web hosting accounts to your customers then you should read this article. It will save your 24 to 48 hours for sure.
Recently cPanel/WHM has released its latest version that is 68, they made some major updates one of them i have found is updates to SSL and TLS authentications. They introduced new mechanisms and algorithms for the authentication system used for SMTP server (dovecot, exim). What it does? it just disables old authentication system that breaks the SMTP authentication functionality with old email clients such as Outlook 2007 & Outlook 2010. So at the end your clients will not be able to connect to your outgoing email server (SMTP) if they’re using Outlook 2007 & 2010 versions.
First of all i checked mail logs for exim:
Switching between litespeed and apache from ssh | switch from litespeed
Today i will tell you the ssh command to switch between apache and litespeed web servers. You must have litespeed installed on the server.
This command is useful when you have apache and litespeed installed and your cPanel license is no more operational or expired. You can still swtich between web servers by executing this command via terminal/ssh.
Login to your server with root access via ssh terminal and run followimg ssh command:
To switch from litespeed to apache:
sh /usr/local/lsws/admin/misc/cp_switch_ws.sh apache
To switch from apache to litespeed:
sh /usr/local/lsws/admin/misc/cp_switch_ws.sh lsws
Please note you should write correct path of your litespeed installation directory.
DDOS attacks from amazon servers
Well today one of our client server had worst ddos attack against server main IP. While analyzing i found it is coming from amazon hacked servers. As amazon is offering free ec2 servers for 1 year so some of people don’t care about it after getting it as free. They do not use it and forget it after getting it. These servers are easy to get hacked and then can be used to attack other servers by hackers.
Here is the quick solution for linux centos 7 to deal with these attacks:
1. Access your server from ssh, you can use putty
2. Once you logged in with root access you have to install network monitoring tool, i found Trafshow tool very help full to see what IPs are attacking.
3. Install it with :
yum install trafshow -y
if you get nothing found error, just install epel-release repo by executing following command:
yum install epel-release -y
4. Once you install Trafshow, now you are ready to check incoming requests from IPs. Run following below command:
trafshow -i eth0 tcp
where eth0 is network card, you need to change it with your network interface. if you’re not sure about network interface, run following command:
It will return all the interfaces.
5. Once you run command trafshow -i eht0 tcp it will display all the connections with IPs. Here you can block them by various techniques. One is to add these IPs in config Server Firewall.
6. Here is the list of amazon IPs: