NOTE: this is only if you can’t use apt to clean up due to a 100% full /boot 1. Get the list of kernel images Get the list of kernel images and determine what you can do without. This command will show installed kernels except the currently running one $ sudo dpkg –list ‘linux-image*’|awk ‘{ if ($1==”ii”) print $2}’|grep -v `uname -r` You will get the list of images somethign like below: linux-image-3.19.0-25-generic linux-image-3.19.0-56-generic linux-image-3.19.0-58-generic linux-image-3.19.0-59-generic linux-image-3.19.0-61-generic linux-image-3.19.0-65-generic linux-image-extra-3.19.0-25-generic linux-image-extra-3.19.0-56-generic linux-image-extra-3.19.0-58-generic linux-image-extra-3.19.0-59-generic linux-image-extra-3.19.0-61-generic 2. Prepare Delete Craft a command to delete all files in /boot for kernels that don’t matter to you using brace expansionRead More →

First of all, we need to order a certificate , this certificate is the same with normal web server certificate. The certificate will have 3 files: cert, key, cabundle. We use CentOS for example in below tutorial, please adjust the file to correct one on your server according to above description. Postfix (SMTP server) We can use postconf command to update SSL related settings directly: postconf -e smtpd_tls_cert_file=’/etc/pki/tls/certs/cert.pem’ postconf -e smtpd_tls_key_file=’/etc/pki/tls/private/privkey.pem’ postconf -e smtpd_tls_CAfile=’/etc/pki/tls/certs/fullchain.pem’ Restarting Postfix service is required. Dovecot (POP3/IMAP server) SSL certificate settings are defined in Dovecot main config file, /etc/dovecot/dovecot.conf (Linux/OpenBSD) or /usr/local/etc/dovecot/dovecot.conf (FreeBSD): ssl = required ssl_cert = </etc/pki/tls/certs/cert.pem ssl_key = </etc/pki/tls/private/privkey.pem ssl_ca = </etc/pki/tls/certs/fullchain.pem Restarting DovecotRead More →

We have seen many cases where the client didn’t close the connection correctly, the process is stuck at CLOSE_WAIT status, i never clear the database connection. We have this script to kill all close_wait connection. <? //Some apache process are in close_wait //replace apache2 with other stuff (httpd..) $cmd=”netstat -ntp | grep CLOSE_WAIT | grep apache2″; $process_array=array(“httpd”,”apache2″); $hostname=trim(shell_exec(“hostname -s”)); if($hostname==’ubuntu’) $cmd=”netstat -ntp “; debug(“Running $cmd”); $netstat=shell_exec($cmd); $file_log=”/tmp/kill_close_wait.txt”; $arr=explode(“\n”,$netstat); //print_r($arr); $test=false;//if we are debugging- if we are debug – it will not killl $log=false; foreach($arr as $line) { $line=preg_replace(‘/\s{2,}/’,’ ‘, $line); $arr2=explode(‘ ‘,$line); if(isset($arr2[6]) && $arr2[6]<>’-‘) { //print_r($arr3); $arr3=explode(‘/’,$arr2[6]); $process_id=$arr3[0]; if($process_id==0) continue; $process_name=$arr3[1]; if(!in_array($process_name,$process_array)) continue; debug(“Found:Read More →

In some situations,  our web server receive too many connections. The number is much higher than normal, that could be an issue with our code, or we are being attack. While waiting to find a solution, we need a solution to keep the service running. The easiest solution is to restart our web server when it’s go over our limit. We’ll keep the log what the server is running, then restart the server. Later on we can see our log and do the fine tuning. cnt=`ps -Af | grep apache2 | grep -v rotatelogs | grep -v grep | wc -l` now=`date +%Y-%m-%d_%H-%M` # changeRead More →

Sendmail use “access” database to control who can use this email server to send email out. It’s easy, just edit this file /etc/mail/access   , but access is a database file, after you edit it you need to recreate database map makemap hash /etc/mail/access < /etc/mail/access   Put your control list in the at the end of the file: [email protected] REJECT cyberspammer.com REJECT TLD REJECT 192.168.0 RELAY 192.168.1 OK   REJECT: reject all email from that source RELAY: allow that IP range to use our server as a relay. OK: allow to send any email even though it’s blocked in some other rules.Read More →

I used to put this content in my .htaccess to treat .html as php file, but some how it’s no longer working in godaddy. AddType application/x-httpd-php .htm .html AddHandler x-httpd-php .htm .html I found a solution, use the below text: Options +ExecCGI AddHandler x-httpd-php5-cgi .html  Read More →

In my experience, we need to migrate to 1.7 first in order to move all attachments  from file system to database , if you go directly from 1.6 to 1.10 , attachment might be missing. We need to run the following queries before to fix some issues with database: ALTER TABLE `supportedf_help_topic` ADD INDEX(`topic`); ALTER TABLE `supportedf_department` ADD INDEX(`dept_name`); If you have duplicate topic you might need to clear the topic first TRUNCATE supportedf_help_topic;Read More →