You can find  a lot of answers  through the Internet, like this:

cPanel forums
24x7servermanagement

All methods  are good, but there is one big problem with script  (postwwwacct) which was suggested by somebody. It is useless if you are using Addon and Sub domains. This script set wrong homedir for sub- and addon- domains in config.

I wouldn’t rewrite all solution, you can find it easily. But I wrote my own script which generate vhosts.cfg

I think it  will put on in right place.

You can get it simply:

wget http://lanselot.me/scripts/postwwwacct

In variable VHOSTFILE set destination of your vhost config file.

#!/bin/bash
#Lanselot 2011
VHOSTFILE=”/opt/nginx/conf/vhosts.cfg”
/bin/cp /dev/null $VHOSTFILE

function writevhosts {
for DOMAIN in $@ ; do
ROOT=`cat /var/cpanel/userdata/$USER/”$DOMAIN” | grep documentroot | awk ‘{print $2}’`
ALIASES=`cat /var/cpanel/userdata/$USER/”$DOMAIN” | grep serveralias | sed “s/serveralias: //g” | sed “s/www\.\*\.$DOMAIN//g”`
cat >> “$VHOSTFILE” < server {
access_log /dev/null;
error_log /dev/null;
listen 80;
server_name $DOMAIN $ALIASES;

gzip on;
gzip_min_length 1100;
gzip_buffers 4 16k;
gzip_types text/plain text/css text/javascript application/x-javascript;
location ~* .(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|mp3|wav|zip|tar|gz|rar|7z)$ {
try_files \$uri @proxy_backend;
gzip off;
root $ROOT;
}

location ~* .(js|css)$ {
try_files \$uri @proxy_backend;
gzip on;
root $ROOT;
}

location @proxy_backend {
client_max_body_size 64m;
client_body_buffer_size 128k;

proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_connect_timeout 30s;

proxy_redirect http://www.$DOMAIN:81 http://www.$DOMAIN;
proxy_redirect http://$DOMAIN:81 http://$DOMAIN;
proxy_pass http://$IP:81;

proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
}

location / {
client_max_body_size 64m;
client_body_buffer_size 128k;

proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 16 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_connect_timeout 30s;

proxy_redirect http://www.$DOMAIN:81 http://www.$DOMAIN;
proxy_redirect http://$DOMAIN:81 http://$DOMAIN;
proxy_pass http://$IP:81;

proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
}
}
EOF
done
}

cd /var/cpanel/users
for USER in *; do
TOTALLINES=`cat /var/cpanel/userdata/$USER/main|wc -l`
SUBLINE=`grep -n sub_domains /var/cpanel/userdata/$USER/main | awk -F ":" '{print $1}'`
IP=`cat /var/cpanel/users/$USER|grep ^IP|cut -d= -f2`;
#SUBDOMAIN and ADDONS
TOT1=`echo "$TOTALLINES-$SUBLINE" | bc`
for SUB in `cat /var/cpanel/userdata/$USER/main | tail -n $TOT1 | awk '{print $2}' | xargs -L100` ; do
writevhosts $SUB
done
#MAIN DOMAIN and his aliases
DOMAIN=`grep main_domain /var/cpanel/userdata/$USER/main | awk '{print $2}' `
writevhosts $DOMAIN
done

Share

dmidecode

which grab all required information.
But it command not very human-readable and when numbers of servers to examine increased – it become very boring to get useful information.
Okay, I’ve write very simple bash – parser to get only what I need.
Maybe, it will help someone else.

#!/bin/bash
#lanselot 2011
SERVERNAME=`uname -n`
SERVERTYPE=`dmidecode | grep “Product Name” | awk -F “:” ‘{print $2}’`
MEMSLOT=`dmidecode -t 17 | grep “Memory Device” | wc -l`
EMPTYSLOT=`dmidecode -t 17 | grep “No Module Installed” | wc -l`
ACTIVESLOT=`echo “$MEMSLOT-$EMPTYSLOT” | bc`
TOTALMEM=`dmidecode -t 17 | grep -v “No Module Installed” | grep “Size” | awk ‘{print $2}’ | xargs -L100 | tr ‘ ‘ ‘+’ | bc`
echo -e “\e[1;37m ServerName: $SERVERNAME”
echo -e “Servertype: $SERVERTYPE”
echo -e “\e[1;37m Slots:\e[1;32m $MEMSLOT\e[1;37m. Used:\e[1;33m $ACTIVESLOT\e[1;37m, empty:\e[1;31m $EMPTYSLOT”
echo -e “\e[40m \e[0;37m”
echo -e “\e[1;37mTotal memory:\e[1;32m $TOTALMEM\e[1;37m Mb”
echo -e “\e[40m \e[0;37m”
echo “Modules:”
dmidecode -t 17 | grep -v -E “No Module Installed|Unknown” | grep -A 8 “Size” | grep -v -E “Type Detail|Locator:”

Or simply

wget http://lanselot.me/scripts/meminfo

Of course, it is very easy to rewrite it for any data you need.

Boot viruses: The viruses, which infect, boot records on hard disks or other booting
devices are called boot viruses. These viruses replace the boot record program and copy it
elsewhere.

Example: Disk Killer, Stone Virus

Program viruses: These viruses infect the executable program files, for example, those
with extensions like .EXE, .COM, .SYS etc. Virus is loaded in the memory with the programs
on execution and thus it makes copies of itself and infects the file.

Example: Sunday

Multipartite viruses: This virus is a fusion of Boot and Program viruses. They infect
program files as the first step. On execution of these infected files, these viruses infect the
boot record.

Example: Invader, Tequila

Stealth viruses: These viruses are hard to detect. They use different techniques to avoid
detection.

Example: Whale, Joshi

Macro Viruses: It is a new kind of virus infecting the macros within a document.

Example: Nuclear, DMV

The above mentioned types of virus are but a broad category of the viruses. They are many
specialized versions available.

Share

Share

Very strange problem. We’ve got site di.by. This site set cookie PHPSESSID. Header looks like:

Set-Cookie: PHPSESSID=1f7d0b338f2b5a4e53c66cf213fe5f90; path=/; domain=di.by

Opera and Firefox set this cookie without any problems, but internet explorer doesn’t see it at all. It doesn’t block it. We’ve checked it many times.

We make alias for domain di.by – http://confa.of.by/ and cookie

Set-Cookie: PHPSESSID=498b3195efe311c30b61d59eec3f4b23; path=/; domain=confa.of.by

works without any problems in IE.

We check from ie6 till ie9. And problems was in all versions.

Solution.

It is very strange too. I surfing through Internet and couldn’t find anything. But programmers solve this very rough and effective. They changed cookie to this:

Set-Cookie: PHPSESSID=1ff0ebc3b0a88de2dac01d0c3e6ed496; path=/

And IE set it without any problem. Very strange, maybe some bug in IE with short domains. But exactly explanation I don’t have. Maybe someone know?

Share

When one of our clients try to rails app, which use rmagick he got error in log:

libgomp: Thread creation failed: Cannot allocate memory

Solution.

First of all remove rmagick:

gem uninstall rmagick

Second step is recompile ImageMagick  with –disable-openmp option. You can get latest ImageMagick source here. I’ll describe software installation from sources process here. Than simple steps

tar -xzf ImageMagick-6.6.3-1.tar.gz

cd  ImageMagick-6.6.3-1/

./configure –prefix=/usr –disable-openmp

make

make install

If all installed successfully you can install rmagick and use it.

gem install rmagick

Share

Out client wrote, that his script don’t send email to his email.

Discovering problem.

As he told problem only with one email ishops@elserv.example.com. Domain elserv.example.com has 2 MX:

root@server# dig +short MX elserv.example.com
10 ms.elserv.example.com.
30 mx.uniflex.by.

Next step is to check server logs:

root@server# cat /var/log/exim_mainlog | grep elserv.example.com

2010-09-06 13:34:00 1OsZ1E-0000fg-K9 => ishops@elserv.minsk.by R=lookuphost T=remote_smtp H=mx.uniflex.by [84.201.225.218] X=TLSv1:DHE-RSA-AES256-SHA:256
2010-09-06 13:34:00 1OsZ1E-0000fi-LI => ivasilev@elserv.minsk.by R=lookuphost T=remote_smtp H=mx.uniflex.by [84.201.225.218] X=TLSv1:DHE-RSA-AES256-SHA:256

Ok, we’ve got interesting situation. Emails sent to MX with higher priority and it is very strange.

Solution.

First of all I thought that it is DNS resolve оr exim bug. I’ve checked /etc/resolf.conf to identify which dns server uses. After that I asked every DNS server about this MX. All answers where correct.

What can be wrong with exim?  I start to search something about exim configuration and dns resolving. While reading different forums and manuals I decided to check connection with MX servers.

I try:

root@server# telnet ms.elserv.example.com 25

And that was an answer. Connection died because of timeout, but connection with uniflex.by:

root@server# telnet mx.uniflex.by 25
Trying 84.201.225.218…
Connected to mx.uniflex.by (84.201.225.218).
Escape character is ‘^]’.
220 ESMTP UNIFLEX.BY

was successful. I’ve checked iptables and connections from another servers. From other places connection established without any problems.  Problem was on a client side, maybe they blocked server ip for any reasons.

Very simple, but first sight on a problem was very fuzzy.

Share

One of our employers ask for help me today. On his computer internet explorer and firefox block all sites and bring kaspersky like menu with text (that was on russian, but i think something can be in another languages):

Internet Security Access Denied
The requested URL-address can not be granted
Your computer is blocked for spamming
You can unlock your computer for this, go to the site VKontakte (http://vkontakte.ru) and activate your profile. Then you can use the entire network. The report created: Internet Security

Solution.

First of all I’ve checked hosts file, of course:

%systemroot% \system32\drivers\etc\hosts

But it was empty. Only one line about localhost. Opera on this computer works fine, but it was configured to use our proxy server.

Second step – check destination of hists file in windows registry. Run regedit, found key:

\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath

Path was written correctly.

Ok, start googling. I found that many people have met this problem, but all of them solve it bu cleaning hosts file. Second check confirmed that it was clean.

On computer installed kaspersky antivirus, but I decided to check more carefully and use drweb cureit. It found two small trojans, but it didn’t solve problem. Also I’ve clean autorun with msconfig utility and no luck.

Finally I want to do some experiments and configure IE to use our proxy server and bingo! In

Control panel – Internet options – Connections – LAN settings

I found that other unknown proxy was configured, and all http traffic was transfer through it. It’s very bad idea, and very good for viruses. The best way to use such stuff – steal passwords from different sites and emails. Why they just blocking surfing. Maybe author only novice? I don’t know but beware, it is serious leak, and from first sight it is hard to identify.

Good luck.

Share

Often I’ve got this problem  after transferring site from one server to another. The main page works fine, but if you click any link – other pages load only text and all css\js files got 404 error. The result – page looks very ugly.

Solution.

It took a lot of time to discover what exactly cause this problem.

Loading log looks like:

+ 0.000 0.260 579 19040 GET 200 text/html; charset=utf-8 http://example.com/index.php/products
+ 0.338 0.222 598 2493 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/jv_menus/jv_moomenu/jv.moomenu.css
+ 0.340 0.220 563 2459 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/js/mootools.js
+ 0.437 0.281 564 2459 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/js/jv.script.js
+ 0.439 0.281 566 2459 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/js/jv.collapse.js
+ 0.442 0.281 582 2493 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/jv_menus/jv_moomenu/jv.moomenu.js
+ 0.445 0.740 575 2455 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/system/css/system.css
+ 0.452 0.739 576 2455 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/system/css/general.css
+ 0.475 0.720 579 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/default.css
+ 0.477 0.723 580 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/template.css
+ 0.479 0.741 576 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/typo.css
+ 0.482 0.808 574 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/k2.css
+ 0.484 0.820 578 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/jv_css.php
+ 1.361 0.313 564 2459 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/js/jv.script.js
+ 1.808 0.294 566 2459 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/js/jv.collapse.js
+ 2.226 0.232 582 2493 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/jv_menus/jv_moomenu/jv.moomenu.js
+ 2.588 0.611 575 2455 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/system/css/system.css
+ 2.591 0.612 576 2455 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/system/css/general.css
+ 2.594 0.613 579 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/default.css
+ 2.598 0.612 580 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/template.css
+ 2.607 0.606 576 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/typo.css
+ 2.611 0.655 574 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/k2.css
+ 2.621 0.698 578 2461 GET 404 text/html; charset=utf-8 http://example.com/index.php/templates/jv_bellus/css/jv_css.php

And joomla generates very strange links.

I wouldn’t describe all my mutterings. All my hours of investigation show me one variable in configuration.php which fix it.

Remember. Always define  var $live_site  in configuration.php:

var $live_site = ‘http:///example.com’;

And you will see:

+ 0.000 0.191 622 18600 GET 200 text/html; charset=utf-8 http://example.com/index.php/products
+ 0.259 0.025 631 5187 GET 200 text/css http://example.com/templates/jv_bellus/jv_menus/jv_moomenu/jv.moomenu.css
+ 0.262 0.374 596 74941 GET 200 application/javascript http://example.com/templates/jv_bellus/js/mootools.js
+ 0.382 0.276 597 8109 GET 200 application/javascript http://example.com/templates/jv_bellus/js/jv.script.js
+ 0.384 0.274 599 4124 GET 200 application/javascript http://example.com/templates/jv_bellus/js/jv.collapse.js
+ 0.387 0.268 615 3695 GET 200 application/javascript http://example.com/templates/jv_bellus/jv_menus/jv_moomenu/jv.moomenu.js
+ 0.390 0.270 608 1774 GET 200 text/css http://example.com/templates/system/css/system.css
+ 0.392 0.268 609 2762 GET 200 text/css http://example.com/templates/system/css/general.css
+ 0.414 0.247 612 10893 GET 200 text/css http://example.com/templates/jv_bellus/css/default.css
+ 0.417 0.366 613 31697 GET 200 text/css http://example.com/templates/jv_bellus/css/template.css
+ 0.420 0.355 609 19119 GET 200 text/css http://example.com/templates/jv_bellus/css/typo.css
+ 0.422 0.353 607 2194 GET 200 text/css http://example.com/templates/jv_bellus/css/k2.css
+ 0.424 0.356 611 456 GET 200 text/css http://example.com/templates/jv_bellus/css/jv_css.php
+ 1.017 0.041 648 649 GET 200 image/png http://example.com/templates/jv_bellus/images/body_bg.png
+ 1.023 0.121 648 3548 GET 200 image/png http://example.com/templates/jv_bellus/images/menu-tr.png
+ 1.026 0.118 648 683 GET 200 image/png http://example.com/templates/jv_bellus/images/menu-tl.png
+ 1.030 0.115 648 4321 GET 200 image/png http://example.com/templates/jv_bellus/images/menu-br.png
+ 1.032 0.110 648 3463 GET 200 image/png http://example.com/templates/jv_bellus/images/menu-bl.png
+ 1.035 0.110 645 1777 GET 200 image/png http://example.com/templates/jv_bellus/images/logo.png
+ 1.038 0.109 646 571 GET 200 image/png http://example.com/templates/jv_bellus/images/blank.png
+ 1.040 0.203 666 728 GET 200 image/jpeg http://example.com/templates/jv_bellus/images/li-main.jpg
+ 1.045 0.676 672 8906 GET 200 image/jpeg http://example.com/templates/jv_bellus/images/menu-active-r.jpg
+ 1.047 0.197 672 884 GET 200 image/jpeg http://example.com/templates/jv_bellus/images/menu-active-l.jpg
+ 1.054 0.190 653 3841 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/box-tr.png
+ 1.058 0.188 653 752 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/box-tl.png
+ 1.061 0.185 653 3299 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/box-cr.png
+ 1.064 0.176 653 557 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/box-cl.png
+ 1.071 0.176 647 465 GET 200 image/gif http://example.com/templates/jv_bellus/images/bullet.gif
+ 1.081 0.189 653 3750 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/box-br.png
+ 1.084 0.187 653 729 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/box-bl.png
+ 1.090 0.209 653 4370 GET 200 image/png http://example.com/templates/jv_bellus/images/pathway-left.png
+ 1.093 0.179 654 890 GET 200 image/png http://example.com/templates/jv_bellus/images/pathway-right.png
+ 1.095 0.177 653 933 GET 200 image/png http://example.com/templates/jv_bellus/images/pathway-home.png
+ 1.098 0.201 648 8436 GET 200 image/jpeg http://example.com/templates/jv_bellus/images/pathway.jpg
+ 1.100 0.203 649 792 GET 200 image/jpeg http://example.com/templates/jv_bellus/images/menu_sep.jpg
+ 1.102 0.211 655 3782 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/blank-tr.png
+ 1.105 0.210 655 3392 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/blank-tl.png
+ 2.670 0.023 656 1142 GET 200 image/png http://example.com/templates/jv_bellus/images/jvmod/span-show.png
+ 2.867 0.010 669 764 GET 200 image/jpeg http://example.com/templates/jv_bellus/images/menu-hover.jpg

Good luck.

Share

You try to start mysqld and get  such error:

Starting MySQL… Manager of pid-file quit without updating

Solution.

Solution was not very hard, but pretty interesting.

To see what happened  I made:

cat /var/log/messages | grep mysql

And found very interesting strings:

Aug 18 03:07:29 server kernel: Out of memory: Killed process 20789 (mysqld).
Aug 18 03:07:31 server kernel: OOM killed process mysqld (pid=20804, ve=0) exited, free=895596 gen=5.

Mysql was simply killed. I think for a while and go to mysql databases directory

cd /var/lib/mysql/mysql/

This is path to my mysql (system database) situated. And run myisamchk:

myisamchk -o *.MYI

Retry to start mysql and Bingo! It is started without any problems. System table users was marked as crashed.

Of course after that I must check and fix critical values into my.cnf to prevent system kill mysql again. But this is after cup of tea. But now I must run mysqlcheck:

mysqlcheck -c –auto-repair –all-databases

Good luck!

Share