Author: tadmin

Shell script to remove Plesk health monitor package for RPM-based Linux RHEL CentOS Fedora etc

~ tadmin

Because I have tired from annoying e-mail messages with subject alarm level changed which are killing me.

I can`t find how to disable them in Plesk control panel.

I have developed simple script to remove Plesk health monitor package for RPM-based Linux: RHEL, CentOS, Fedora etc.

#!/bin/sh

RPM_NAME="`rpm -qa |grep -i psa-health-monitor`"

if [ -z "$RPM_NAME" ];
then
        echo "Plesk health monitor package has not found"
else
        echo "Found Plesk health monitor package: $RPM_NAME"
        rpm -e $RPM_NAME
fi

ERROR 2003 (HY000): Can’t connect to MySQL server on ‘server IP’ (10061)

~ tadmin

If you see error messages below:

  • Can’t connect to MySQL server on ‘Server IP’ (10061):
  • ERROR 2003 (HY000): Can’t connect to MySQL server on ‘Server IP’ (110)
    Server did not respond within the specified timeout interval

And checking port using telnet utility
$ telnet ‘Server IP’ 3306

Gives error message:
Trying ‘Server IP’…
telnet: connect to address ‘Server IP’: Connection timed out

It is possible because MySQL server TCP port 3306 is closed on server in firewall.

Courier imap connections limit error

~ tadmin

To fix courier-imap connections limit errors like shown below:

e-mail client imap connection error

Thunderbird
Unable to connect to your IMAP server. You may have exceeded the maximum number of connections to this server. If so, use the Advanced IMAP Server Settings dialog to reduce the number of cached connections.

Edit configuration file /etc/courier-imap/imapd parameters:

  • MAXDAEMONS=40
  • MAXPERIP=4

Restart courier-imap service.

Use fail2ban to protect your server with plesk panel from zero day exploit

~ tadmin ~ 4 Comments

To protect your server with Plesk control panel from zero day exploit the following fail2ban configuration can be added:

1. Added custom config with the following regex:
# more /etc/fail2ban/filter.d/apache-plesk-vulnerability.conf
# Fail2Ban configuration file
#
# Author: Taras Shkodenko
#
# $Revision: 1 $
#

[Definition]

# Option: failregex
# Notes.: regex to match the password failure messages in the logfile. The
# host must be matched by a group named “host”. The tag “” can
# be used for standard IP/hostname matching and is only an alias for
# (?:::f{4,6}:)?(?P[\w\-.^_]+)
# Values: TEXT
#
failregex = ^ -.*”POST /%%70%%68%%70%%70%%61%%74%%68/%%70%%68%%70?%%2D%%64+%%61%%6C%%6C%%6F%%77%%5F%%75%%72%%6C%%5F%%69%%6E%%63%%6C%%75%%64%%65%%3D%%6F%%6E+%%2D%%64+%%73%%61%%66%%65%%5F%%6D%%6F%%64%%65%%3D%%6F%%66%%66.*

# Option: ignoreregex
# Notes.: regex to ignore. If this regex matches, the line is ignored.
# Values: TEXT
#
ignoreregex =
#

2. Added these lines to fail2ban configuration file: /etc/fail2ban/jail.conf
#
#
# Ban attackers that try to use Plesk zero day vulnerability
#

[apache-plesk-vulnerability]
enabled = true
filter = apache-plesk-vulnerability
action = iptables-multiport[name=apachePleskVulner, port=”http,https”, protocol=tcp]
sendmail-whois[name=apachePleskVulner, dest=serveradmin@shkodenko.com]
logpath = /var/log/httpd/access_log
maxretry = 1
#

3. To check new ban regex use command:
# /usr/bin/fail2ban-regex /var/log/httpd/access_log /etc/fail2ban/filter.d/apache-plesk-vulnerability.conf

4. Restarted fail2ban using command:
# /sbin/service fail2ban restart

Find files and fix permissions bash script example

~ tadmin ~ 2 Comments

To find files and fix permissions example bash script below can be used:

$ ./find_fix_permissions.sh

#!/bin/bash

CORRECT_PERMISSIONS=644
SEARCH_FOLDER="./images/"

if [ "$(find $SEARCH_FOLDER -type f ! -perm $CORRECT_PERMISSIONS -print)" ]; then
    find $SEARCH_FOLDER -type f ! -perm $CORRECT_PERMISSIONS -print0 |xargs -0 chmod -fv $CORRECT_PERMISSIONS
fi

$

It searches all files in folder SEARCH_FOLDER including sub-folders and if these files found correct permissions set in variable CORRECT_PERMISSIONS

Apache .htaccess: Invalid command ‘AuthUserFile’, perhaps misspelled or defined by a module not included in the server configuration

~ tadmin ~ 2 Comments

To fix .htaccess error message: Invalid command ‘AuthUserFile’, perhaps misspelled or defined by a module not included in the server configuration
add directive

LoadModule authn_file_module modules/mod_authn_file.so

to main web server Apache configuration file /etc/httpd/conf/httpd.conf
check web server Apache configuration:

# /sbin/service httpd configtest

and reload web server using command:

# /sbin/service httpd graceful

Bind named check named.conf db zone file check

~ tadmin

Before making any configuration changes to any services remember to create backup.

1. To check named server Bind main configuration file /etc/named.conf syntax use command:

# named-checkconf /etc/named.conf

2. To check zone file configuration use command:

# named-checkzone shkodenko.com /var/named/run-root/var/shkodenko.com
zone shkodenko.com/IN: loaded serial 201306071
OK
#

3. To apply configuation files changes use command:

# /sbin/service named reload
Reloading named: [ OK ]
#

Apache server status setup

~ tadmin

To set up server status page for web server Apache use the following commands:

1. Check Apache web service configuration files
# /sbin/service httpd configtest
Syntax OK

2. Make backup copy of main web server Apache configuration file
# cp -fvp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf-2013-05-21.bak
`/etc/httpd/conf/httpd.conf’ -> `/etc/httpd/conf/httpd.conf-2013-05-21.bak’

3. Edit main web server Apache configuration file /etc/httpd/conf/httpd.conf with your favorite editor. Mine is vim.

3.1. Make sure status module is loaded:
LoadModule status_module modules/mod_status.so

3.2. Add these lines:
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 11.123.44.56
</Location>

Where 11.123.44.56 is your IP address.
You can check your IP address here.

Now, you can check web server Apache status using URI /server-status e.g.: https://www.shkodenko.com/server-status