itemprop="text"> I'm trying to get the directories in my /var/www/html/ directory to not show the "index of..." and all files residing in it. Do I need to edit httpd.conf and put .htaccess files in each directory to ensure the contents are hidden? I have Apache version 2.2.3 on CentOS 5. Is this the part of httpd.conf I need to edit? "/var/www/error"> AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en es de fr ForceLanguagePriority Prefer Fallback Do I put a .htaccess file with this in each directory? Options -Indexes class="post-text" itemprop="text"> class="normal">Answer If you can edit the main config ...

I'm trying to get the directories in my /var/www/html/ directory to not show the "index of..." and all files residing in it. Do I need to edit httpd.conf and put .htaccess files in each directory to ensure the contents are hidden? I have Apache version 2.2.3 on CentOS 5. Is this the part of httpd.conf I need to edit? AllowOverride None Options IncludesNoExec AddOutputFilter Includes html AddHandler type-map var Order allow,deny Allow from all LanguagePriority en es de fr ForceLanguagePriority Prefer Fallback Do I put a .htaccess file with this in each directory? Options -Indexes Answer If you can edit the main config file then add -Indexes to your Options line Options IncludesNoExec -Indexes and restart your apache service. It's doing this because there is no DirectoryIndex file. You could just put a blank index.html file in your directory. You could add the -Indexes to a .htaccess too.

itemprop="text"> I recently became the new admin of a old system that everybody approaches with the "don't touch it or it might break" mentality. Now I am being told to "touch it, and don't break it!" Task: What I am supposed to do: Remove a domain name www.domain1.com from the server and replace it with www.domain2.com. Background: www.domain1.com uses a SSL Certificate to host a SOAP and a protected data retrieval site. The server is long out of date. It is a Fedora 4 server with Apache 2.2.0, tomcat 5.5.7 and openssl 0.9.7f. I am trying to: Set up www.domain2.com on the server with an SSL certificate to allow our Business relations to access the SOAP from www.domain2.com/SOAP. We will move our other websites over then as well. Path One: I was looking to set up the two domains o...

I recently became the new admin of a old system that everybody approaches with the "don't touch it or it might break" mentality. Now I am being told to "touch it, and don't break it!" Task: What I am supposed to do: Remove a domain name www.domain1.com from the server and replace it with www.domain2.com. Background: www.domain1.com uses a SSL Certificate to host a SOAP and a protected data retrieval site. The server is long out of date. It is a Fedora 4 server with Apache 2.2.0, tomcat 5.5.7 and openssl 0.9.7f. I am trying to: Set up www.domain2.com on the server with an SSL certificate to allow our Business relations to access the SOAP from www.domain2.com/SOAP. We will move our other websites over then as well. Path One: I was looking to set up the two domains on the same IP address(1.1.1.1). To make it easy. However that doesn't look so easy or safe(see References at bottom). I found out that I don't have new enough versions of Apache or ope...

I currently run a number of domains on the same VPS with a managed provider. Each domain would require their own dedicated SSL certificate for ecommerce security, and also require access to a bunch of common scripts that each domain uses. (These scripts are in a central location on the server and each domain can access them). With the current VPS solution, I am only capable of having one of the two requirements (Either dedicated SSL certs, or files that every domain can access; impossible to have both on a number of VPS hosting I have looked at). Seeing both of these are a requirement, is there a server configuration that would allow this? Linux or Windows? Managed or unmanaged? ... recommendations? On my local machine, running WAMP, files can be shared among domains but I have yet to investigate SSL functionality.

I currently run a number of domains on the same VPS with a managed provider. Each domain would require their own dedicated SSL certificate for ecommerce security, and also require access to a bunch of common scripts that each domain uses. (These scripts are in a central location on the server and each domain can access them). With the current VPS solution, I am only capable of having one of the two requirements (Either dedicated SSL certs, or files that every domain can access; impossible to have both on a number of VPS hosting I have looked at). Seeing both of these are a requirement, is there a server configuration that would allow this? Linux or Windows? Managed or unmanaged? ... recommendations? On my local machine, running WAMP, files can be shared among domains but I have yet to investigate SSL functionality.

itemprop="text"> We upgraded our Ubuntu with Xen to 10.04 after the upgrade it will boot into the regular ubuntu, however it will not boot into the Xen (3.3) kernel. Our output : src="https://i.stack.imgur.com/RVtg9.jpg" alt="Screen output"> What we tried : increase rootdelay on the vmlinuz line in grub rootwait Result : none, it always falls back to a shell that doesn't respond to anything. Has anyone come across this error ? itemprop="text"> class="normal">Answer We ended up booting ubuntu and migrating the images to KVM

We upgraded our Ubuntu with Xen to 10.04 after the upgrade it will boot into the regular ubuntu, however it will not boot into the Xen (3.3) kernel. Our output : What we tried : increase rootdelay on the vmlinuz line in grub rootwait Result : none, it always falls back to a shell that doesn't respond to anything. Has anyone come across this error ? Answer We ended up booting ubuntu and migrating the images to KVM

itemprop="text"> When you register a domain, typically the registrar will set it up on their default DNS servers and point it to their default web server to serve their default parked page. Obviously the web server (or hosting company) serving out the pages will always know traffic, so in the Registrar-DNS-Host chain, I'm really asking about the first 2: registrar and DNS provider. If you edit the zone file with the registrar to point to your own web server, the website is no longer hosted with the registrar, but the registrar still hosts the DNS. Would hosting DNS still enable them to count traffic? If you change nameservers and point it to a specialist provider like DNS Made Easy, then the registrar has nothing left (except basic registrar functionality, like WHOIS, etc.) So I'm guessing at this point, they ha...

When you register a domain, typically the registrar will set it up on their default DNS servers and point it to their default web server to serve their default parked page. Obviously the web server (or hosting company) serving out the pages will always know traffic, so in the Registrar-DNS-Host chain, I'm really asking about the first 2: registrar and DNS provider. If you edit the zone file with the registrar to point to your own web server, the website is no longer hosted with the registrar, but the registrar still hosts the DNS. Would hosting DNS still enable them to count traffic? If you change nameservers and point it to a specialist provider like DNS Made Easy, then the registrar has nothing left (except basic registrar functionality, like WHOIS, etc.) So I'm guessing at this point, they have no way of estimating traffic at all. Is this correct? I'm basically trying to verify my guess that only the Host or DNS provider can count traffic, but the registrar itself has no...

itemprop="text"> Today we realized that all of our emails being sent to email addresses of the type @corporatedomain.com were getting rejected. I don't know who is hosting the email for corporatedomain.com . I don't think that should matter. Anyway, the error we were getting was Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the server for the recipient domain example.com by mail.example.com. [yyy.yyy.yyy.230]. The error that the other server returned was: 550 5.7.1 Command rejected We have a Google Apps account for mydomain.com . The DNS for mydomain.com had the SPF record v=spf1 mx include:spf.mailjet.com -all . We are using the Google Apps SMTP server to send transactional emails from with my app. We am using the mailj...

Today we realized that all of our emails being sent to email addresses of the type @corporatedomain.com were getting rejected. I don't know who is hosting the email for corporatedomain.com . I don't think that should matter. Anyway, the error we were getting was Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the server for the recipient domain example.com by mail.example.com. [yyy.yyy.yyy.230]. The error that the other server returned was: 550 5.7.1 Command rejected We have a Google Apps account for mydomain.com . The DNS for mydomain.com had the SPF record v=spf1 mx include:spf.mailjet.com -all . We are using the Google Apps SMTP server to send transactional emails from with my app. We am using the mailjet account to send bulk marketing emails. Since the mail for this domain is handled by Google Apps, the MX records all point to the default Google app ones. My VPS has two public ip addresses. I don't have an SMTP serv...

itemprop="text"> So we've just received our new server which will be used solely for website development and version control. I've set up Ubuntu (11.04 desktop edition, I like interfaces, sorry!) and installed Apache, PHP and MySQL - so far, so good. We've decided that we want to use Git as our version managing system, since we've had good experiences with it. But... We're unsure of how to lay out, our structure. So I'm hoping you can help us. Current setup At the moment, we run one development server bbtsrv02 which is a Windows server, running XAMPP. We do all of our developments on this server and it leads to a lot of noise and mess when we're hacking things quickly. Once the changes have been made locally, we upload these files to our external server (hosted by someone else) ...

So we've just received our new server which will be used solely for website development and version control. I've set up Ubuntu (11.04 desktop edition, I like interfaces, sorry!) and installed Apache, PHP and MySQL - so far, so good. We've decided that we want to use Git as our version managing system, since we've had good experiences with it. But... We're unsure of how to lay out, our structure. So I'm hoping you can help us. Current setup At the moment, we run one development server bbtsrv02 which is a Windows server, running XAMPP. We do all of our developments on this server and it leads to a lot of noise and mess when we're hacking things quickly. Once the changes have been made locally, we upload these files to our external server (hosted by someone else) via FTP. It's far from practical, there can be 3/5 developers at one time working on the site as a whole. It causes conflicts and... it's not nice. The current idea The idea is to use bbtsrv...

I have two domains - domain.com and forum.domain.com that points to the same directory. I'd like redirect all request from forum.domain.com to domain.com (for example: forum.domain.com/foo to domain.com/forum/foo) without changing address in addres bar (hidden redirect). I wrote something like this and put it into .htaccess file: Options +FollowSymlinks RewriteEngine on RewriteCond %{HTTP_HOST} ^forum\.example\.net$ RewriteRule (.*) http://example.com/forum/$1 [L] RewriteCond %{REQUEST_FILENAME} !-s [NC] RewriteCond %{REQUEST_FILENAME} !-d [NC] RewriteRule ^(.+) index.php/$1 [L] That works only if I add Redirect directive: RewriteRule (.*) http://example.com/forum/$1 [R,L] But it changes previous address in address bar. EDIT: Ok, let's make it simple. I ...

I have two domains - domain.com and forum.domain.com that points to the same directory. I'd like redirect all request from forum.domain.com to domain.com (for example: forum.domain.com/foo to domain.com/forum/foo) without changing address in addres bar (hidden redirect). I wrote something like this and put it into .htaccess file: Options +FollowSymlinks RewriteEngine on RewriteCond %{HTTP_HOST} ^forum\.example\.net$ RewriteRule (.*) http://example.com/forum/$1 [L] RewriteCond %{REQUEST_FILENAME} !-s [NC] RewriteCond %{REQUEST_FILENAME} !-d [NC] RewriteRule ^(.+) index.php/$1 [L] That works only if I add Redirect directive: RewriteRule (.*) http://example.com/forum/$1 [R,L] But it changes previous address in address bar. EDIT: Ok, let's make it simple. I added those two lines at the end of the c:\windows\system32\drivers\etc\hosts on my local computer: 127.0.0.3 foo.net 127.0.0.3 forum.foo.net Now, I created two virtual hosts: ServerAdmin admin@admin.com ServerName...

Apache has got out of control over the past few days and made MySQL crash twice. It all started when I migrated a WordPress website over which also contains a phpBB forum. I'm not very experienced in server admin so it's been very difficult for me to pinpoint what is causing the issue. When I noticed that MySQL was down, I ran TOP and saw my system-load spike to 98.00. The server runs 10 V-HOSTS all of which receive a healthy amount of traffic so I was obviously seeing many apache-2 processes running. The high server load continued for 10 mins and then it returned to a normal state. I didn't see a spike of network traffic at this point. Unfortunately, MySQL error logging was disabled (it's now re-enabled) so no clues there. But I'm pretty sure it is because Apache was consuming all resources, so the MySQL process ID was kill...

Apache has got out of control over the past few days and made MySQL crash twice. It all started when I migrated a WordPress website over which also contains a phpBB forum. I'm not very experienced in server admin so it's been very difficult for me to pinpoint what is causing the issue. When I noticed that MySQL was down, I ran TOP and saw my system-load spike to 98.00. The server runs 10 V-HOSTS all of which receive a healthy amount of traffic so I was obviously seeing many apache-2 processes running. The high server load continued for 10 mins and then it returned to a normal state. I didn't see a spike of network traffic at this point. Unfortunately, MySQL error logging was disabled (it's now re-enabled) so no clues there. But I'm pretty sure it is because Apache was consuming all resources, so the MySQL process ID was killed. My questions are: Next time this occurs - how can I identify what is causing the system load spike? Could it be a php script that went crazy...

itemprop="text"> We have a production issue with only one of our servers and have correlated slow performance to an abundance of sockets in the TIME_WAIT state. Without drawing this question into a huge backstory, we basically know that every time the server is slow, about 80% of the server's sockets are in this TIME_WAIT state, which of course we see by running a netstat ). Specifically, because TIME_WAIT times out and go away, when our server is slow we see these TIME_WAIT s crop up very frequently (about ever 5 - 10 minutes). I did a little digging and see that TIME_WAIT s occur when the server closes an active connection but keeps it around in case any delayed packets come through. Eventually TIME_WAIT times out. Anyway to see exactly why an individual socket went into the TIME_WAIT state to beg...

We have a production issue with only one of our servers and have correlated slow performance to an abundance of sockets in the TIME_WAIT state. Without drawing this question into a huge backstory, we basically know that every time the server is slow, about 80% of the server's sockets are in this TIME_WAIT state, which of course we see by running a netstat ). Specifically, because TIME_WAIT times out and go away, when our server is slow we see these TIME_WAIT s crop up very frequently (about ever 5 - 10 minutes). I did a little digging and see that TIME_WAIT s occur when the server closes an active connection but keeps it around in case any delayed packets come through. Eventually TIME_WAIT times out. Anyway to see exactly why an individual socket went into the TIME_WAIT state to begin with? This is CentOS 5 - does Linux log this info in var/logs anywhere, or is there any way to do a tcpdump and look for a specific pattern that leads to a TIME_WAIT ? Thanks in advance. An...

itemprop="text"> I have an existing network. It looks like this. Router LAN (192.168.0.1 /24) -> Switch (192.168.0.10 /24) -> Workstations (192.168.0.100 - 192.168.0.200 /24) Our network has expanded and I need to have more hosts available. The simplest way to do this is to change the router's inside interface subnet (/24) to a supernet (/23). This will give me 192.168.0.0-192.168.1.254 instead of just 192.168.0.0-192.168.0.254. That is exactly what I want. My question is do I need to adjust the subnet masks on hosts on either the 192.168.0.0 /24 network or 192.168.1.0 /24 network or should they continue to work having only changed the subnet mask on the inside interface of the router? The reason I'm confused is 192.168.0.0 /24 and 192.168.1.0 /24 are both part of 192.168.0.0 /23 so...

I have an existing network. It looks like this. Router LAN (192.168.0.1 /24) -> Switch (192.168.0.10 /24) -> Workstations (192.168.0.100 - 192.168.0.200 /24) Our network has expanded and I need to have more hosts available. The simplest way to do this is to change the router's inside interface subnet (/24) to a supernet (/23). This will give me 192.168.0.0-192.168.1.254 instead of just 192.168.0.0-192.168.0.254. That is exactly what I want. My question is do I need to adjust the subnet masks on hosts on either the 192.168.0.0 /24 network or 192.168.1.0 /24 network or should they continue to work having only changed the subnet mask on the inside interface of the router? The reason I'm confused is 192.168.0.0 /24 and 192.168.1.0 /24 are both part of 192.168.0.0 /23 so in my mind there is not a need to change the subnet masks of hosts in those smaller networks but having made the subnet mask change only to the inside interface of the router I am not able to communicate with ...

itemprop="text"> I'm getting "Connection refused" errors for some sites being served over SSL on my Ubuntu box (10.04 LTS). It doesn't affect all sites: noreferrer">https://github.com/ , for example, loads no problem, but href="https://codeeval.com" rel="nofollow noreferrer">https://codeeval.com does not. I've checked my firewall settings, and there are no rules affecting connection to sites over port 443. But running nmap yields the following: $ nmap -sT -r -n -p443 codeeval.com Starting Nmap 5.00 ( http://nmap.org ) at 2011-06-22 11:25 BST Interesting ports on 184.72.48.116: PORT STATE SERVICE 443/tcp closed https Nmap done: 1 IP address (1 host up) scanned in 1.31 seconds To check that it wasn't a problem with the site, I SSH'd into another comp...

I'm getting "Connection refused" errors for some sites being served over SSL on my Ubuntu box (10.04 LTS). It doesn't affect all sites: https://github.com/ , for example, loads no problem, but https://codeeval.com does not. I've checked my firewall settings, and there are no rules affecting connection to sites over port 443. But running nmap yields the following: $ nmap -sT -r -n -p443 codeeval.com Starting Nmap 5.00 ( http://nmap.org ) at 2011-06-22 11:25 BST Interesting ports on 184.72.48.116: PORT STATE SERVICE 443/tcp closed https Nmap done: 1 IP address (1 host up) scanned in 1.31 seconds To check that it wasn't a problem with the site, I SSH'd into another computer on my local network and ran the same command, this time getting: $ nmap -sT -r -n -p443 codeeval.com Starting Nmap 5.00 ( http://nmap.org ) at 2011-06-22 11:37 BST Interesting ports on 184.72.48.116: PORT STATE SERVICE 443/tcp open https Nmap done: 1 IP address (1 host up) scanned...

itemprop="text"> I have a Debian 8 system with Samba 4.2. I'm using ZFS file system for data storage. Windows sharing is working fine, except Windows clients can't see any Shadow Copies snapshots. My samba config is: [Test] comment = test writable = yes directory mask = 0777 guest ok = Yes path = /samba/123 create mask = 0666 read only = No vfs objects = shadow_copy2 shadow: format = auto-%Y-%m-%d_%H.%M.%S--28d shadow: sort = desc shadow: snapdir = .zfs/snapshot My snapshot list is: zfs list -t snapshot NAME USED AVAIL REFER MOUNTPOINT tank/samba/123@GMT-2017.01.06-16.00.00 64K - 96K - tank/samba/123@GMT-2017.01.07-10.00.00 64K - 96K - tank/samba/123@GMT_2017.02.07-14.00.32 64K - 120K - tank/samba/123@GMT_2017.02.07-07.02.04 64K - 120K - I can actually ...

I have a Debian 8 system with Samba 4.2. I'm using ZFS file system for data storage. Windows sharing is working fine, except Windows clients can't see any Shadow Copies snapshots. My samba config is: [Test] comment = test writable = yes directory mask = 0777 guest ok = Yes path = /samba/123 create mask = 0666 read only = No vfs objects = shadow_copy2 shadow: format = auto-%Y-%m-%d_%H.%M.%S--28d shadow: sort = desc shadow: snapdir = .zfs/snapshot My snapshot list is: zfs list -t snapshot NAME USED AVAIL REFER MOUNTPOINT tank/samba/123@GMT-2017.01.06-16.00.00 64K - 96K - tank/samba/123@GMT-2017.01.07-10.00.00 64K - 96K - tank/samba/123@GMT_2017.02.07-14.00.32 64K - 120K - tank/samba/123@GMT_2017.02.07-07.02.04 64K - 120K - I can actually cd into .zfs/snapshot and see these snapshots. I'm trying to check any errors in log: journalctl -u smbd -f does not see any errors/warning even with debug...

itemprop="text"> I have been trying to limit max TCP connections to port 80 of my server coming from the same IP. I have used iptables for this task: -A INPUT -p tcp --dport 80 -m conntrack --ctstate ESTABLISHED -m connlimit --connlimit-above 24 --connlimit-mask 32 -j LOG_THROT The rule sends packets to my LOG_THROT chain where I log them and tcp reset the connection. The problem is that all the IP's that get logged (overflooding 24 parallel http connection rule) and get found in apache's access logs seem legit users with referrals from google, coming from standard mobile ISP's like vodafone etc. What they all got in common is User agent and it is: Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/ 11.0 Mobile/15E148 Safari/604.1...

I have been trying to limit max TCP connections to port 80 of my server coming from the same IP. I have used iptables for this task: -A INPUT -p tcp --dport 80 -m conntrack --ctstate ESTABLISHED -m connlimit --connlimit-above 24 --connlimit-mask 32 -j LOG_THROT The rule sends packets to my LOG_THROT chain where I log them and tcp reset the connection. The problem is that all the IP's that get logged (overflooding 24 parallel http connection rule) and get found in apache's access logs seem legit users with referrals from google, coming from standard mobile ISP's like vodafone etc. What they all got in common is User agent and it is: Mozilla/5.0 (iPhone; CPU iPhone OS 11_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/ 11.0 Mobile/15E148 Safari/604.1 I was wondering if the new OS/Browser has a higher limit than standard 6 parallel conns, does it maybe use some kind of preloading of the links found on the website and spawns additional connections or is it...

I'm currently developing a small web application using Linux, Apache, Django, and MySql. Being a developer with bare-minimal knowledge of Linux / shell scripting / server monitoring, I have no clue what kind of monitoring I'm suppose to do... However, some things I like to do are: Easy access to the time series of CPU / memory usage. Alerts sent out whenever server resource is being overused. Easy access to apache log files, and be able to run quick analysis with them. Also, I'm wondering if there are any other log files / services that I should keep my eyes on? Answer Sever monitoring depends on which metrics matter to the server's purpose. As a web application there's quite a few areas to cover. There's endless numbers of metrics you can think of but you'll usually have these b...

I'm currently developing a small web application using Linux, Apache, Django, and MySql. Being a developer with bare-minimal knowledge of Linux / shell scripting / server monitoring, I have no clue what kind of monitoring I'm suppose to do... However, some things I like to do are: Easy access to the time series of CPU / memory usage. Alerts sent out whenever server resource is being overused. Easy access to apache log files, and be able to run quick analysis with them. Also, I'm wondering if there are any other log files / services that I should keep my eyes on? Answer Sever monitoring depends on which metrics matter to the server's purpose. As a web application there's quite a few areas to cover. There's endless numbers of metrics you can think of but you'll usually have these bare minimums: Availability of server and services Disk space & usage Network usage Memory usage CPU usage Log files The other part of monitoring besides vie...

I have Dell EqualLogic PS5000E iSCSI Array . I have connected this SAN in servers directly. I used Jumbo Frames . In this case, everything is ok. My storage is ~25TB . Now, I need to choose, which RAID level I have to use. SAN proposes only 3 levels: 6, 50, 10. I have 16 HDD-s with ~1.8TB per each disk. Which RAID level can you advise for virtualization and for work with databases? Also, better to configure two raid levels. But SAN creates only one default storage pool with all our disks. If you know another way to configure two arrays, it will very nice

I have Dell EqualLogic PS5000E iSCSI Array . I have connected this SAN in servers directly. I used Jumbo Frames . In this case, everything is ok. My storage is ~25TB . Now, I need to choose, which RAID level I have to use. SAN proposes only 3 levels: 6, 50, 10. I have 16 HDD-s with ~1.8TB per each disk. Which RAID level can you advise for virtualization and for work with databases? Also, better to configure two raid levels. But SAN creates only one default storage pool with all our disks. If you know another way to configure two arrays, it will very nice