Sunday, November 13, 2011

Apache Stuff


Disable modsec for a domain


In apache conf under that user add this:

SecRuleEngine Off
Restart httpd
Install Zend Optimizer
cd /usr/local/src
check latest zendoptimizer
wget http://www.eth0.us/files/ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz
tar -zxf ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz
cd ZendOptimizer-3.0.1-linux-glibc21-i386
./install
If u still receiving “Zend Optimizer Not Installed” error page, then
SELinux is interfering with Apache’s attempt to access the .so file.
So do this commands
#chcon -t texrel_shlib_t  path_of_ZendOptimizer.so (/usr/local/Zend/ZendOptimizer.so)
#execstack -c path_of_ZendOptimizer.so (/usr/local/Zend/ZendOptimizer.so)
#setenforce 0
#getenforce
then restart httpd and check.
If the issue still persist,
vi /etc/selinux/config
SELINUX=disabled
then reboot the server


Prevent SYN attacks


1. Enable SYN cookies mechanism in the server by the executing command:
# echo 1 > /proc/sys/net/ipv4/tcp_syncookies
2. Increase the backlog queue to 2048 by the command:
# sysctl -w net.ipv4.tcp_max_syn_backlog=”2048

Round Robin DNS


″Round robin DNS is a technique in which load balancing is performed by a DNS server instead of a strictly dedicated machine. A DNS record has more than one value IP address.
When a request is made to the DNS server which serves this record, the answer it gives alternates for each request. For instance, if you had a three webserver that you wished to distribute requests between, you could setup your DNS zone as follows:
# vi /var/named/domain.com.db
Append/modfiy www entry:
www   IN   A   1.2.3.4
IN   A   2.3.4.5

IN   A   3.4.5.6
IN   A   4.5.6.7

# /etc/init.d/named restart
When a query is made to the DNS server it will first give the IP of 1.2.3.4 for the www host. The next time a request is made for the IP of www, it will serve 2.3.4.5 and so on.


Run CGI scripts anywhere in the server + Plesk


Server wide :
cd /etc/httpd/conf/
cp -p httpd.conf httpd.conf.bak
vi httpd.conf
uncomment AddHandler cgi-script .cgi
service httpd restart
or
1. create an .htaccess file in your cgi-bin directory, that file should have the following
AddType text/x-server-parsed-html .html
AddType application/x-httpd-cgi .cgi .pl
Make sure you upload it in ASCII format, not binary.
2 set the permissions on your scripts correctly.. usually to 755

Installation of Java + Apache Ant


cd /opt
mkdir java
cd java
wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=29210
or
wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=29214
mv jre-6u13* jre-6u13-linux-i586.bin
chmod 755 jre-6u13-linux-i586.bin
./jre-6u13-linux-i586.bin
/opt/java/jre1.6.0_13/bin/java -version
Installing Ant:
cd /opt
wget http://www.gtlib.gatech.edu/pub/apache/ant/binaries/apache-ant-1.7.1-bin.tar.gz
tar -xzf apache-ant-1.7.1-bin.tar.gz
cd apache-ant-1.7.1
export ANT_HOME=/opt/apache-ant-1.7.1
export JAVA_HOME=/opt/java/jre1.6.0_13
export PATH=${PATH}:${ANT_HOME}/bin
echo “export ANT_HOME=/opt/apache-ant-1.7.1″ >> /etc/profile
echo “export JAVA_HOME=/opt/java/jre1.6.0_13″ >> /etc/profile
echo “export PATH=${PATH}:${ANT_HOME}/bin” >> /etc/profile
ln -s /opt/java/jre1.6.0_13/bin/java /etc/alternatives/java
ln -s /etc/alternatives/java /usr/bin/java
Then verify the installation by:
java -version
ant -version
———————————————————————————————————–
If you are getting the following error while executing : 
———————————-
ant -version
Unable to locate tools.jar. Expected to find it in /opt/java/jre1.6.0_13/lib/tools.jar
Unable to locate tools.jar. Expected to find it in /opt/java/jre1.6.0_13/lib/tools.jar
———————————-
then
cd /opt/java/jre1.6.0_13/lib/
wget 216.104.40.154/java/tools.jar
chmod 755 tools.jar


No space left on device: mod_rewrite: could not create rewrite_log_lock


If you are getting “No space left on device: mod_rewrite: could not create rewrite_log_lock”  while restarting apache, then please execute the following commands in shell prompt:
ipcs -s | grep nobody
for i in `ipcs -s | grep nobody | awk ‘{print $2}’`; do ipcrm -s $i; done
Reason: Apache user occupies large number of semaphore arrays.. The above script will remove the semaphore arrays by using ipcrm command

A Simple Rewite Rule


RewriteEngine on
RewriteCond %{HTTP_HOST} ^domainname\.com
RewriteRule ^(.*)$ http://www.domainname/$1

Script for restarting apache at load 10

#!/bin/bash
loadavg=$(uptime | awk -F “.” ‘{ print $1 }’ | awk -F “:” ‘{ print $5 }’)
if [ "$loadavg" -ge "10" ]; then
pkill -9 httpd
sleep 3
/scripts/restartsrv_httpd
fi