HostwareSupport-Linux Hosting technical support for cPanel, Plesk, Directadmin servers

Linux Hosting technical support for cPanel, Plesk, Directadmin and No control panel servers offers and listing
http://hostwaresupport.com/

Jul 26, 2010

how to optimize apache?

Apache Default connection Limit

Apache by default is limit to server not more than 256 requests per second, so you should do a litle optimization by installing a module and a few configuration of that module to make apache enable to handle more than 256 requests per second.The reason is because to be able to handle all of the request on every server without overloading or crashing server to run on every even simple servers.So if your apache wasn’t configured properly on your powerful server, then by reaching its limit on maxClients , your apache web server will go down repeatedly .follow the following solution to optimize your apache web server:

1-Compiling Apache with needed extra Module

First you must recompile apache with mpm_perfork and if you have cpanel there is an option to add mod_prefork in the easy apache update so add that.This module has been installed and tested on apache running on Centos Linux server.

2 Edit Confiugration of Apache mpm_prefork Module

After recompiling is complete you should now edit this module configuration.You have two choices, whether to create sepprated configuration file and include it in httpd.conf or edit httpd.conf directly that I myself suggest external configuration.I will train both.

2-1 Create External configration file

# nano /etc/httpd/conf/highperformance.conf

If somthing failed due to using the default highperformance.conf then create another file let say highpreformance2.conf , #

nano /usr/local/apache/conf/highpreformance2.conf

2-2 Including configration in httpd.conf

open httpd.conf

nano /usr/local/apache/conf/httpd.conf

* and add this line that contain inclusion of external config file

Include "/usr/local/apache/conf/highperformance.conf"

2-3 Or Editing httpd.conf directly

or you can also directly edit the httpd.conf instead of creation of external file and include it in httpd.conf

Include "/usr/local/apache/conf/highperformance2.conf"

* nano /usr/local/apache/conf/httpd.conf

2-3 Writing your custom prefork configration

After opening the httpd.conf or seprated configration file edit the prefork directives or if “” does not exist add the following completely to it:

ServerLimit 2000

KeepAlive On

KeepAliveTimeout 60

MaxClients 1600

MaxSpareServers 200

MinSpareServers 50

3 Prevent Apache configration from being overwritten

After that you edit apache configration “httpd.conf” directly or included seprated configration then you should run the following command to prevent any changes or overwritten that would be occure to the config with cpanel:

4 Restart Apache for the Changes Take Effect

You are done now but After all modification to apache configration for the changes take effect you need to restart apache webserver

to do so run the following command # /etc/init.d/httpd restart

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------





at No comments:

Jul 21, 2010

Webmin error

Warning - the following zones are not in any view
----------------------------------------------------------

This warning/error when you created the wrong zone view for your server in DNS. This error takes the problem with all domain which is hosted under your DNS server in webmin
So you need to just delete that wrong client view in order to sort out the error.

Just find click on client view, and delete that.

Enjoy..!
---------------------------------
at No comments:

Jul 5, 2010

Website infected with an IFRAME or malware script

Websites infected with an IFRAME or malware script

IFRAME and java script based malware infections are growingly common these days. These infections normally occur either through leaked FTP passwords or machines infected with virus / malware that adds these lines of code on files uploaded. Most of the time, it is through a leaked FTP password obtained from an insecure system.

Hackers setup normal looking websites (or use a previously hacked website where the owner is unaware of the malware) and setup expensive keylogging and hacking tools like Mpack. When a user vists the site, it scans the browser for history, passwords and other such critical information. The visitor who is unaware of the keylogger inadvertantly sends passwords and other details to the hacker who then has access to the vistors FTP details. Once the hacker obtains the FTP login details, an automated program or script is then used access the persons website and add hidden iframe or javascript code to the compromised website. Since this gets done through FTP, the user remains unaware of the hack or compromise and no matter what permissions are set, the hacker is able to write to the users website files.

This hacked website is then used to further spread the attack when a visitor opens it and accesses the hidden iframe content. This is a growing issue and thousands of websites are infected almost on a daily basis through this method.

Prevention:
1. Keep your computer operating system up to date at all times. Always download available OS security updates at the earliest.
2. Do not use Internet Explorer to FTP your website. Use a seperate FTP program like Core FTP or WS_FTP
3. Avoid saving passwords in the browser, specially FTP passwords. Do not FTP from a public or insecure connection.
4. Change passwords frequently and set a strong alphanumeric password.
5. Install an antivirus and keep it updated. Avast is a good free antivirus program for home / personal use and can be downloaded from www.avast.com
6. Avoid suspicious websites
7. If you receive an email from an unknown person with an attachment do not open it.

Cleaning up after an infection:
1. Take your site offline and put up a maintenance page on your website to avoid getting it blacklisted by search engines.
2. Format and secure your machine with a reliable install disk or use a fresh installed, OS updated computer with an updated antivirus.
3. Change FTP and other related passwords.
4. Delete all files and upload clean content - verify that the files you are uploading are not infected by checking for unknown Java script or iframe code normally found near the body tag in the code and at the end of the file. If a backup copy is unavailable, check code of files on the server for the same and delete the malware lines of code.
5. Take steps listed in prevention above to avoid repetition of such issues.

Site is black-listed by google / firefox / chrome
1. Follow steps in Cleaning up after infection
2. Follow steps in Prevention
3. Verify that no malware is present in your website
4. Follow http://googlewebmastercentral.blogspot.com/2008/04/my-sites-been-hacked-now-what.html

Other related links
http://googlewebmastercentral.blogspot.com/2007/09/quick-security-checklist-for-webmasters.html
http://googlewebmastercentral.blogspot.com/2008/08/hey-google-i-no-longer-have-badware.html

--------------------------------------------------------------------------------------------

Reference link will help you more:

http://www.nettigritty.com/faq/cpanel/website-infected-with-an-iframe-or-malware-script/

================================================================

at No comments:
Subscribe to: Comments (Atom)