Webramz blog

If you connect to FTP and can not list files/folders and you are using csf / config server firewall, It is probably becuase your vps does have support ip_nat_ftp module, and even it maybe becuase ip_nat_ftp not loaded into hardware node kernel. (if you have access to HN and restarted HN, it may not load automatically into kernel).

Just do

# modprobe ip_nat_ftp

then restart vps (or all vps’s with command service vz restart)

You’re done

I learned this stuff by searching and want to add a quick reference here for others. To install subverion on CentOS, just do:

# yum install subversion

Make sure if “perl-URI” is installed or not. If its not there you can install it using

# yum install perl-URI

Now you may stuck here, because yum may not install perl-URI, why? If you have cpanel, probably you have added perl* to /etc/yum.conf exclude list. Just remove it and install perl-URI, then revert it.

The next thing was to create a repository.

# cd /home/username
# mkdir repos
# svnadmin create /home/username/repos/myProject1

I always create a symlink to make things easier:

# ln -s /home/username/repos /svn

Now to start subversion as daemon do:

# svnserve -d -r /svn

Ok, we need to setup subversion autostart at reboot. I just found a script sometime somewhere on internet and I do not really remember who was the author, but thanks to the guy, I edited the script to suit my needs. Below is the working result, I tested and installed it on CentOS x86_64

#!/bin/bash
#
#   /etc/rc.d/init.d/subversion
#
# Starts the Subversion Daemon
#
# chkconfig: 345 90 10
# description: Subversion Daemon

# processname: svnserve

source /etc/rc.d/init.d/functions

[ -x /usr/bin/svnserve ] || exit 1

# To pass additional options (for instace, -r root of directory to server) to
# the svnserve binary at startup, set OPTIONS here.
#
OPTIONS=”-r /svn”
RETVAL=0
prog=”svnserve”
desc=”Subversion Daemon”

start() {
        echo -n $”Starting $desc ($prog): ”
   daemon $prog -d $OPTIONS
   RETVAL=$?
   [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
   echo
}

stop() {
   echo -n $”Shutting down $desc ($prog): ”
   killproc $prog
   RETVAL=$?
   [ $RETVAL -eq 0 ] && success || failure
   echo
   [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
   return $RETVAL
}

case “$1″ in
  start)
   start
   ;;
  stop)
   stop
   ;;
  restart)
   stop
   start
   RETVAL=$?
   ;;
  condrestart)
        [ -e /var/lock/subsys/$prog ] && restart
   RETVAL=$?
   ;;
  *)
   echo $”Usage: $0 {start|stop|restart|condrestart}”
   RETVAL=1
esac

exit $RETVAL

Save this script on /etc/init.d/subversion and make it chmod 0750
Execute /etc/init.d/subversion and make sure it does not have any error.
To make it autostart at reboot time, we should use chkconfig facility on RedHat/CentOS.

# chkconfig –level 345 subversion on

To get more info on chkconfig see man chkconfig and man runlevel, and http://en.wikipedia.org/wiki/Run_level

Now reboot vps / server and check it works. Yes, it was so easy, no? ;)

The Apache HTTP Server is one of the most stable and secure services that ships with Red Hat Linux. There are an overwhelming number of options and techniques available to secure the Apache HTTP Server.Below is a list of configuration options administrators should be careful using.

FollowSymLinks
This directive is enabled by default, so be careful where you create symbolic links to in the document root of the Apache HTTP ServerWeb server. For instance, it is a bad idea to provide a symbolic link to /.

The Indexes Directive
This directive is enabled by default, but may not be desirable. If you do not want users to browse files on the server, it is best to remove this directive.

The UserDir Directive
The UserDir directive is disabled by default because it can confirm the presence of a user account on the system. If you wish to enable user directory browsing on the server, use the following directives:

UserDir enabled
UserDir disabled root

These directives activate user directory browsing for all user directories other than /root. If you wish to add users to the list of disabled accounts, add a space delimited list of users on the UserDir disabled line.

Do Not Remove the IncludesNoExec Directive

By default, the server-side includes module cannot execute commands. It is ill advised to change this setting unless you absolutely have to, as it could potentially enable an attacker to execute commands on the system.

Restrict Permissions for Executable Directories
Be certain to only assign write permissions only to the root user for any directory containing scripts or CGIs. This can be accomplished by typing the following commands:

chown root
chmod 755

Also, always verify that any scripts you are running work as intended before putting them into production.

Movable Type relies on a number of libraries and additional pieces of software to perform certain functions – especially where images are concerned. Thumbnailing and captcha both rely on ImageMagick to perform various feats of graphic trickery.

However, getting ImageMagick playing nicely with Perl and Movable Type is not always straightforward. If you’re on a good host, then this work may already have been done for you (leave a comment if you’re with a host that has this sorted out), but even good hosts don’t always get this right, and if you’re on a dedicated server, this is probably something you’ll have to do yourself – as I’ve just done with my MediaTemple (dv) server.

I’m documenting the steps I took to get this working – hopefully it will be useful to someone else (and me in the future, the next time I have to do this). Please note that the steps require that you have root access, and are for dedicated servers (or dedicated virtual servers), and you need to be running Linux – I’m using CentOS, but I’m pretty sure this works for any distro.

Ok – so first up, browse to mt-check.cgi and see whether Image::Magick is already there. It’s in the same directory as mt.cgi, so just replace with mt-check.cgi in your normal URL for MT.

If you’re lucky, and it’s already there, then you’re done. Congrats, and enjoy !

If you’re not lucky, then you’ll see somethinng like “Image::Magick. Your server does not have Image::Magick installed…”. Time to roll up your sleeves.

For new installtion of Image::Magick from source, refer to

http://behzad.nategh.com/cpanel-imagemagick-perl-module-installation-failure/

• In an ideal world, we’d be done now. Unfortunately, it seems as if there are often some problems with where ImageMagick puts its libraries such that PerlMagick can’t find them.
• Test by running mt-check.cgi again. If it’s working, congrats again – if not, read on.
• Take a look at the error log (probably something like /etc/httpd/logs/error.log) and look for lines mentioning ImageMagick – chances are you might see something like this

[error] Can't load '/usr/lib/perl5/site_perl/5.8.8/.../Magick/Magick.so' for module Image::Magick: libMagick.so.10: cannot open shared object file: No such file or directory at /usr/lib/perl5/site_perl/5.8.8/.../DynaLoader.pm line 230.\n at /var/www/vhosts/xxx.xxx.com/httpdocs/test/perl/image_test.pl line 9\nCompilation failed in require at /var/www/vhosts/xxx.xxx.com/httpdocs/test

• Basically this means that PerlMagick can’t find the ImageMagick libraries it needs. To resolve this issue:
  • Edit /etc/ld.so.conf and add /usr/local/lib below the last line.
  • Run ldconfig
  • You should now be done ! check by running mt-check.cgi again or by running this perl -MImage::Magick -e 1

• If it’s still not working, you can try this kludgier way:
  • Check what libraries ImageMagic.so needs by running the following (you may need to change the path to match what you’re seeing in your own error.log file)
    

    ldd /usr/lib/perl5/site_perl/5.8.8/.../Magick/Magick.so

  • This might give you something like this:
    

    libMagick.so.10 => (missing)
libWand.so.10 => (missing)
libc.so.6 => /lib/tls/libc.so.6 (0xb7ca4000)
libtiff.so.3 => /usr/lib/libtiff.so.3 (0xb7c57000)
libjpeg.so.62 => /usr/lib/libjpeg.so.62 (0xb7c39000)
libbz2.so.1 => /usr/lib/libbz2.so.1 (0xb7c28000)
libz.so.1 => /usr/lib/libz.so.1 (0xb7c18000)
libm.so.6 => /lib/tls/libm.so.6 (0xb7bf4000)
libpthread.so.0 => /lib/tls/libpthread.so.0 (0xb7be2000)
libdl.so.2 => /lib/libdl.so.2 (0xb7bde000)
/lib/ld-linux.so.2 (0xb7fea000)

  • OK – so there are 2 libraries – libMagick.so.10 and libWand.so.10 that can’t be found. The chances are that PerlMagick is expecting to find these libraries in /usr/lib, instead of /usr/local/lib. So let’s put them there:
    

    ln -s /usr/local/lib/libMagick.so.10 /usr/lib/libMagick.so.10
ln -s /usr/local/lib/libWand.so.10 /usr/lib/libWand.so.10

  • And that should be it. Run mt-check.cgi again, and you should now see that MT finally agrees that ImageMagick has been installed.

[Updated with a better initial method - editing /ld.so.conf which removes the need for the symlinks]

Good luck !!

Rsync is a powerful command that is used to synchronize and transfer files and directories. Rsync is widely used for mirroring Web sites. and transfers only the changes in files, using a clever rsync algorithm. This is a very useful method for backups as it is uses minimal bandwidth and it is also commonly used to keep clustered servers working together. The ending slashes are very important while using rsync. If you are not familiar with how it works simply make sure to have an ending slash on both the source and the destination and it should be fine.

The general form is:

rsync source destination

A few examples are:
rsync -vrplogDtH /old/usr/local/apache/conf /usr/local/apache

That will sync the /old/usr/local/apache/conf/ directory to the /usr/local/apache/conf/ directory on the same server. If you want to use rsync to go between servers then use the following:

rsync -ave ssh root@192.168.0.1:/backup/ /backup/

That will take the backup directory on 192.168.0.1 and copy it to the server the command is run from. The command will also accept a remote destination if you adjust the command line accordingly.