August 15, 2007

Common SSH Commands - Linux Shell Commands

ls : list files/directories in a directory, comparable to dir in windows/dos.
ls -al : shows all files (including ones that start with a period), directories, and details attributes for each file.

cd : change directory · · cd /usr/local/apache : go to /usr/local/apache/ directory
cd ~ : go to your home directory
cd - : go to the last directory you were in
cd .. : go up a directory cat : print file contents to the screen
cat filename.txt : cat the contents of filename.txt to your screen

chmod: changes file access permissions
The set of 3 go in this order from left to right:
USER - GROUP - EVERONE

0 = --- No permission
1 = --X Execute only
2 = -W- Write only
3 = -WX Write and execute
4 = R-- Read only
5 = R-X Read and execute
6 = RW- Read and write
7 = RWX Read, write and execute

Usage:
chmod numberpermissions filename

chmod 000 : No one can access
chmod 644: Usually for HTML pages
chmod 755: Usually for CGI scripts


chown: changes file ownership permissions
The set of 2 go in this order from left to right:
USER - GROUP

chown root myfile.txt : Changes the owner of the file to root
chown root.root myfile.txt : Changes the owner and group of the file to root


tail : like cat, but only reads the end of the file
tail /var/log/messages : see the last 20 (by default) lines of /var/log/messages
tail -f /var/log/messages : watch the file continuously, while it's being updated
tail -200 /var/log/messages : print the last 200 lines of the file to the screen

more : like cat, but opens the file one screen at a time rather than all at once
more /etc/userdomains : browse through the userdomains file. hit Spaceto go to the next page, q to quit

pico : friendly, easy to use file editor
pico /home/burst/public_html/index.html : edit the index page for the user's website.


File Editing with VI ssh commands
vi : another editor, tons of features, harder to use at first than pico
vi /home/burst/public_html/index.html : edit the index page for the user's website.
Whie in the vi program you can use the following useful commands, you will need to hit SHIFT + : to go into command mode

:q! : This force quits the file without saving and exits vi
:w : This writes the file to disk, saves it
:wq : This saves the file to disk and exists vi
:LINENUMBER : EG :25 : Takes you to line 25 within the file
:$ : Takes you to the last line of the file
:0 : Takes you to the first line of the file

grep : looks for patterns in files
grep root /etc/passwd : shows all matches of root in /etc/passwd
grep -v root /etc/passwd : shows all lines that do not match root

ln : create's "links" between files and directories
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf : Now you can edit /etc/httpd.conf rather than the original. changes will affect the orginal, however you can delete the link and it will not delete the original.


last : shows who logged in and when
last -20 : shows only the last 20 logins
last -20 -a : shows last 20 logins, with the hostname in the last field

w : shows who is currently logged in and where they are logged in from.
who : This also shows who is on the server in an shell.

netstat : shows all current network connections.
netstat -an : shows all connections to the server, the source and destination ips and ports.
netstat -rn : shows routing table for all ips bound to the server.

top : shows live system processes in a nice table, memory information, uptime and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn't bogged down.
top then type Shift + M to sort by memory usage or Shift + P to sort by CPU usage

ps: ps is short for process status, which is similar to the top command. It's used to show currently running processes and their PID.
A process ID is a unique number that identifies a process, with that you can kill or terminate a running program on your server (see kill command).
ps U username : shows processes for a certain user
ps aux : shows all system processes
ps aux --forest : shows all system processes like the above but organizes in a hierarchy that's very useful!

touch : create an empty file
touch /home/burst/public_html/404.html : create an empty file called 404.html in the directory /home/burst/public_html/

file : attempts to guess what type of file a file is by looking at it's content.
file * : prints out a list of all files/directories in a directory

du : shows disk usage.
du -sh : shows a summary, in human-readble form, of total disk space used in the current directory, including subdirectories.
du -sh * : same thing, but for each file and directory. helpful when finding large files taking up space.

wc : word count
wc -l filename.txt : tells how many lines are in filename.txt

cp : copy a file
cp filename filename.backup : copies filename to filename.backup
cp -a /home/burst/new_design/* /home/burst/public_html/ : copies all files, retaining permissions form one directory to another.
cp -av * ../newdir : Copies all files and directories recurrsively in the current directory INTO newdir

mv : Move a file command
mv oldfilename newfilename : Move a file or directory from oldfilename to newfilename

rm : delete a file
rm filename.txt : deletes filename.txt, will more than likely ask if you really want to delete it
rm -f filename.txt : deletes filename.txt, will not ask for confirmation before deleting.
rm -rf tmp/ : recursively deletes the directory tmp, and all files in it, including subdirectories. BE VERY CAREFULL WITH THIS COMMAND!!!

TAR
: Creating and Extracting .tar.gz and .tar files
tar -zxvf file.tar.gz : Extracts the file
tar -xvf file.tar : Extracts the file
tar -cf archive.tar contents/ : Takes everything from contents/ and puts it into archive.tar
gzip -d filename.gz : Decompress the file, extract it

ZIP Files: Extracting .zip files shell command
unzip file.zip


Firewall - iptables commands
iptables -I INPUT -s IPADDRESSHERE -j DROP : This command stops any connections from the IP address
iptables -L : List all rules in iptables
iptables -F : Flushes all iptables rules (clears the firewall)
iptables --save : Saves the currenty ruleset in memory to disk
service iptables restart : Restarts iptables

Apache Shell Commands
httpd -v : Outputs the build date and version of the Apache server.
httpd -l : Lists compiled in Apache modules
httpd status : Only works if mod_status is enabled and shows a page of active connections
service httpd restart : Restarted Apache web server

MySQL Shell Commands
mysqladmin processlist : Shows active mysql connections and queries
mysqladmin drop databasenamehere : Drops/deletes the selected database
mysqladmin create databasenamehere : Creates a mysql database

Restore MySQL Database Shell Command
mysql -u username -p password databasename <> : Restores a MySQL database from databasefile.sql

Backup MySQL Database Shell Command
mysqldump -u username -p password databasename > databasefile.sql : Backup MySQL database to databasefile.sql




kill: terminate a system process
kill -9 PID EG: kill -9 431
kill PID
EG: kill 10550
Use top or ps ux to get system PIDs (Process IDs)

Putting commands together
Often you will find you need to use different commands on the same line. Here are some examples. Note that the | character is called a pipe, it takes date from one program and pipes it to another.
> means create a new file, overwriting any content already there.
>> means tp append data to a file, creating a newone if it doesn not already exist.
< send input from a file back into a command.

grep User /usr/local/apache/conf/httpd.conf |more
This will dump all lines that match User from the httpd.conf, then print the results to your screen one page at a time.

last -a > /root/lastlogins.tmp
This will print all the current login history to a file called lastlogins.tmp in /root/

tail -10000 /var/log/exim_mainlog |grep domain.com |more
This will grab the last 10,000 lines from /var/log/exim_mainlog, find all occurances of domain.com (the period represents 'anything',
-- comment it out with a so it will be interpretted literally), then send it to your screen page by page.

netstat -an |grep :80 |wc -l
Show how many active connections there are to apache (httpd runs on port 80)

mysqladmin processlist |wc -l
Show how many current open connections there are to mysql

install ionCube loader

ionCube produces leading tools for PHP source code protection to secure your PHP software from prying eyes and to combat software piracy. Featuring an advanced compiled-code encoding engine that translates source to highly efficient bytecodes, ionCube encoding tools deliver the ideal combination of maximum source code protection without sacrificing performance, reliability or language compatibility.

In order to view encoded ionCube files on your server you need the ionCube loader. This is a free plugin for Apache web server that only takes a few minutes to install and is well worth it.
http://www.ioncube.com/

Requirements:
- Root Shell access to your server
- phpinfo page: create a new document and call it phpinfo.php. Inside place phpinfo();
Place this document in your www directory so you can view it and see all your PHP settings.

Installing ionCube Loader:

1. Download the program and store it on your server using wget or FTP.
http://www.ioncube.com/loader_download.php

2. Unpack the program
tar -zxvf ioncube_loaders.tar.gz

3. cd ioncube

4. copy ioncube-install-assistant.php to a web directory such as your hosting directory and open it in your browser window.
cp ioncube-install-assistant.php /home/userdirectoryhere/www

Then open it http://www.yourdomain.com/ioncube-install-assistant.php
The output should be something similar to:

Analysis of your system configuration shows:

PHP Version 4.3.3
Operating System Linux
Threaded PHP No
php.ini file /usr/local/lib/php.ini
Required Loader ioncube_loader_lin_4.3.so

5. Now lets move the iconcube directory to a permanent location:
cd ..
mv ioncube /usr/local

6. Now that you know the location of php.ini you need to edit it.
pico /usr/local/lib/php.ini

Now find where other zend extentions are in the file.
ctrl + w: zend_extension

Paste in your new line for ioncube loader
zend_extension = /usr/local/ioncube/ioncube_loader_lin_4.3.so

7. Save the changes
ctrl + X then Y and enter

8. Restart the web server to take effect.
/etc/init.d/httpd restart

Success! You should now see a section in your PHP Info page that says:
Additional Modules
Module Name ionCube Loader

Setting Up Zend Optimizer

The Zend Optimizer is a free application that runs the files encoded by the Zend Encoder and Zend SafeGuard Suite, while enhancing the running speed of PHP applications. Many scripts require that you have Zend Optimizer installed so you are able to run them on your server while decrypting and running them on the fly while increasing runtime performance.
http://www.zend.com/store/products/zend-optimizer.php

Tested On:
This tutorial was test on: Red Hat Enterprise Linux ES using Cpanel and assumes you will be installing on a Cpanel based system otherwise you may need to make modifications in the locations of files and directories for your OS/Control Panel.

Installation:

1) First off you’ll need to grab a copy of the optimizer depending on what platform you would like to install it on. http://www.zend.com/store/free_download.php?pid=13
Linux users should grab the Linux glibc2.1

2) Once you have downloaded the file locally you’ll need to upload it to your web server. FTP to your server and upload it to a directory of your choice. It’s to bad that Zend had to make it so they couldn’t provide us with a direct download so you can’t wget the file directly from the server… a bit of a pain.

3) Uncompress/extract the file
tar zvfx ZendOptimizer*.tar.gz
cd ZendOptimizer-2.5.3-linux-glibc21-i386/

4) Now run the installer,
./install.sh

Ensure that Zend Optimizer is working you can do the following in the shell.
php -v

You should see something like this for output:

PHP 4.3.8 (cgi) (built: Sep 1 2004 17:00:35)
Copyright (c) 1997-2004 The PHP Group
Zend Engine v1.3.0, Copyright (c) 1998-2004 Zend Technologies
with Zend Optimizer v2.1.0, Copyright (c) 1998-2003, by Zend Technologies

Ban an IP Address From The Server

Have a user that keeps hammering your FTP or trying to login over and over and over again that you just want to ban and never see again? We'll show a quick and dirty method to ban an IP address from the server.

We commonly receive questions like:
"I would like to ban that ip address to prevent the access to the server.

how can i ban that Ip address from the server?"

Simple!

1) Login to the server as and su - to root.

2) If you are running iptables, you can enter:

iptables -A INPUT -s -j DROP

3) If you have APF firewall installed

apf -d

4) When you reboot this IP ban will be removed, meaning the IP will no longer be banned anymore.
If you have APF you can get around this by opening the deny hosts file.

pico /etc/apf/deny_hosts.rules

Scroll to the bottom and paste in the IP address.
Ctrl+X then Y to save the changes and exit.

5) Restart APF
/etc/apf/apf -r

How to install mod_gzip

I recently needed to speed up the load time of one of my websites, Ramprage.com - a popular sports website, while I didn't want to change the content itself I could change how fast it was delivered with mod_gzip. This tutorial features dynamic integration of mod_gzip with Apache, no recompile necessary.

mod_gzip is an Internet Content Acceleration module for the popular Apache Web Server. It compresses the contents delivered to the client. There is no need to install any additional software on the client!
Project website: http://sourceforge.net/projects/mod-gzip/ There is also static integration where gzip is compiled directly into the Apache binary but we do not feature that here.

Test Your Current Website for mod_gzip or compression
http://www.desilva.biz/gzip-test.php
http://leknor.com/code/gziped.php

They should say not compressed, meaning you od not have mod_gzip turned on or installed.

Lets Begin!

Login to your server and su to root.
Download the file to a directory of your choice.
wget http://easynews.dl.sourceforge.net/sourceforge/mod-gzip/mod_gzip-1.3.26.1a.tgz

tar -zxvf mod_gzip-1.3.26.1a.tgz

cd mod_gzip-1.3.26.1a/

Open the makefile to edit the path of Apache builder.
pico Makefile

FIND:
APXS?=/usr/local/sbin/apxs

CHANGE TO:
APXS?=/usr/local/apache/bin/apxs

Save and exit the file, Ctrl+X then Y

Lets compile the module, this will NOT affect your current Apache binary.

make

Now the next command will place the files into your folders such as the .so and .c mod_gzip files and add two lines to your httpd.conf file, it will backup the config file first.

make install

Lets take a look at the config file to see what happened and what we need to do.

pico /usr/local/apache/conf/httpd.conf

Find the mod_gzip which was added: Remove comments # from

FIND:
#LoadModule gzip_module libexec/mod_gzip.so

CHANGE TO:
LoadModule gzip_module libexec/mod_gzip.so

FIND:
#AddModule mod_gzip.c

CHANGE TO:
AddModule mod_gzip.c

Save and close the file, Ctrl+x then Y

Run Test
Now everything should be good to go but we want to do a dry run of how Apache is going to handle this new addition.
This will do a test to Apache but won't restart the live server itself, isn't Apache smart like that eh!

/usr/local/apache/bin/apachectl configtest

It might spit our no VirtualDirective or error that some directories are missing, this is normal and fine.

Restart the Live Server to enabled mod_gzip
/etc/init.d/httpd restart

Test It Again, Now you should have compression enabled giving you faster load times.

How to Install Shoutcast on Linux

How to Install Shoutcast on Linux

What is shoutcast?

SHOUTcast is Nullsoft's Free Winamp-based distributed streaming audio system. Thousands of broadcasters around the world are waiting for you to tune in and listen. You can start your own radio station and stream music and live shows. See an example of hundreds of world-wide stations at shoutcast.com

How do we install shoutcast?

Generally you dont want to run shoutcast as root as that can be really bad and a security issue, instead we'll create a shoutcast user:

1.) Login to root through SSH on the server.
2.) adduser shoutcast
3.) passwd shoutcast

Now it will ask for a new password set this and remember it.

Now login as the new shoutcast user, or you can su to the user. (Or you can logout completely and log in under the shoutcast user).
su shoutcast


Installing shoutcast

Lets grab shoutcast from nullsoft:

1) wget http://www.shoutcast.com/downloads/sc1-9-2/shoutcast-1-9-2-linux-glibc6.tar.gz

Lets extract shoutcast:
2) tar -zxvf shoutcast-1-9-2-linux-glibc6.tar.gz

Lets tidy up the directory:
3) rm -rf shoutcast-1-9-2-linux-glibc6.tar.gz
mv shoutcast-1-9-2-linux-glibc6 shoutcast
cd shoutcast

Shoutcast has now been installed!


How to configure shoutcast?

Now we need to edit the configuration file.

pico sc_serv.conf
or you can use vi which I prefer, a bit more advanced to use.
vi sc_serv.conf

Ok lets set some important configureation options. Change these settings in the file:

MaxUser
Password
PortBase

uncomment AdminPassword and set an admin password.

Now at this point you can go threw the settings and change them to what you want or you can save and start shoutcast and it will work perfectly.

to save crtl+x (if using pico) or :wq if using vi

How do i start shoutcast?

./sc_serv sc_serv.conf