When uploading files via FTP with the FileZilla program, it connects to the server using multiple ports simultaneously. The security software on the server detects these connections as an
attack and blocks your IP address. To avoid the blocking issue, making the following settings in the FileZilla program will be sufficient.

We open the FileZilla program and go to the Settings section from Edit.

When we enter the Settings section, from the
window that appears, we click on the “FTP” heading on the left side. The transfer mode will come pre-selected as “Passive (recommended)”. We mark this section as Active.

Set the Concurrent transfers, Concurrent downloads, and
Concurrent uploads values in the Transfer section on the left menu to 1.

After making these settings, we save them by clicking OK. When we close and reopen the program, our settings will be effective and IP blocking will no longer occur during
file transfers via FTP.

Additionally, you can also use an FTP program called WinSCP. This program uploads files one by one and there is no blocking issue.

Cloud Spam Protection provides special security at hardware and software layers against spam, virus, phishing, and malware attacks. Our self-learning system, capable of learning attacks on its own,
filters all incoming emails and prevents unwanted such emails from reaching you. If your existing email server becomes inoperative or shuts down due to any error, Cloud Spam Protection stores the emails sent to you and forwards them back to your email server once it
becomes active again, so you do not lose incoming emails even if your email server encounters an error.

Login Section

To log in to your mail system, you need to use the following link.

http://selocal1.ni.net.tr/

You can reach the system login screen via this link and log in with the credentials sent to you when your service is activated.

MX Redirections

For your emails to work through our cloud spam protection service, your MX settings must be pointed to the following addresses.

• 
  

  mx1 : semx1.ni.net.tr

  
  


• mx2 : semx2.ni.net.tr

Cloud Spam Dashboard

On the cloud spam dashboard, there are many panels where you can configure all settings for your incoming and outgoing emails, generate email reports, create email blacklists and whitelists, set email restrictions, and grant permissions to email users.

Example dashboard image

Edit Routes Option

If you are using an Exchange server as the mail server for your domain name or running the mail service through a different server, you need to enter the hostname or IP address of the mail server you are using in the “Edit Routes” option. If you don’t do this,
your emails will not work through cloud spam.

Example image

As you can see in the image, since the relevant domain name is using the local mail service on the server, its redirection appears as example.com:25 by default.

You can complete the installation using a CentOS 6.3 CD or ISO file. After booting the CD, the first screen you will see is as follows. We select the first option to begin the installation.

In the next step, continue with the Next button.

In the following two steps, it will first ask for the system language and then the keyboard language. Here, we continue with English selected without making any changes.

In the next step, a field where we can enter a HOSTNAME will appear at the top. Enter the hostname you want to give the server here. On the same screen, click the Configure Network button in the lower left corner. On the screen that appears, click the Add button,
then select the options as shown in the image and enter the IP address, Netmask, and Gateway values you want to enter on the server.

On the next screen, we select the time zone on the server as shown in the image.

On the next screen, we enter the root password we want to use for the server. (Be careful not to use a simple password.)

On the next screen, we will perform the disk partitioning. Make the selection as shown in the image and click the Create button.

The directories we need to create in order are /boot, swap, and /. First, as shown in the image below, select the /boot option from the top and enter 400 in the Size(MB) field, then click OK.

The next directory to create is the swap directory. Make the selection as shown in the image. In the Size(MB) section, enter a value of twice the amount of RAM on the server. For example, if the server has 4 GB of RAM, enter 8000 in the Size(MB) field.

Once the swap directory is created, we can now create the / root directory. Make the selection as shown in the image and without entering a value in the Size(MB) field, select the “Fill to maximum allowable size” option at the bottom and press OK.

In the next step, select the “Write changes to disk” option and continue with the process.

In the next step, continue with the Next button without making any changes.

On the next screen, select the “Basic Server” option and continue, thus starting the installation process. When the installation is complete, remove the CD and click Reboot, then wait for the server to restart.

After the server starts, log in with root and your password, type setup in the command line, and press Enter. A screen will appear where you can configure network and firewall settings.

In the Firewall Configuration section, if the Enabled option is active, deselect it and save. If the firewall is on, we will not be able to connect to the server via SSH.

If your server has more than one ethernet port, you can check in the Network Configuration section which ethernet has been assigned an IP, which is active, and which is passive.

Finally, we need to enable the on-boot feature for the ethernet card. To do this, perform the following steps.

nano /etc/sysconfig/network-scripts/ifcfg-eth0

As shown in the image, we need to set the ONBOOT option to “yes.” This option will come as “no” by default after installation. After saving and exiting, run the following command:

service network restart

to restart the network.

You can check connectivity by pinging the server’s IP address.

There are dozens of services running on cPanel servers. Each of these services has a purpose for running, but disabling unused services will be beneficial to prevent
unnecessary load on the server. After a bit of research and experience, we found that the services listed below are unnecessary for a standard hosting server. Disabling these services will not cause any negative impact on your server. If you wish, you can also disable
these unused services on your server.

After connecting to the server via SSH as root, simply run the following commands.

service pcscd stop

  chkconfig pcscd off

  service hidd stop

  chkconfig hidd off

  service avahi-daemon stop

  chkconfig avahi-daemon off

  service gpm stop

  chkconfig gpm off

  service anacron stop

  chkconfig anacron off

  service bluetooth stop

  chkconfig bluetooth off

  service rpcidmapd stop

  chkconfig rpcidmapd off

  service nfslock stop

  chkconfig nfslock off

  service atd stop

  chkconfig atd off

  service xfs stop

  chkconfig xfs off

  service cups stop

  chkconfig cups off

NOTE: If you encounter an error on your websites related to the services you disabled, you will need to restart that service.

Especially on servers with cPanel installed, although the correct time is displayed in WHM and cPanel, scripts may show incorrect times. This is caused by the date.timezone setting in your php.ini file.
You can find the date.timezone line in the php.ini file and change it as follows.

date.timezone = “Europe/Istanbul”

Introduction

Linux system administrators frequently need to check log files for troubleshooting purposes. In fact, this is the first thing any system administrator does.

Linux and the applications running within it have different logging methods. Knowing where these log files are kept and being able to read logs is helpful during problem solving and saves time.

In this article, we will take a look at the Linux logging mechanism.

Warning: The commands used in this article were tested on CentOS 6.4, Ubuntu 12, and Debian 7.

Where Standard Log Files Are Located

Linux log files are located in the “/var/log” directory.

You can simply use the “ls -l /var/log” command to list the log files.

[root@TestLinux ~]# ls -l /var/log

  total 143

  -rw/-. 1 root root  59041 Nov 15 16:04 anaconda.log

  -rw/-. 1 root root 299910 Nov 15 16:04 anaconda.storage.log

  -rw/-. 1 root root  57061 Nov 15 16:04 anaconda.xlog

  -rw*. 2 root root   4096 Nov 15 16:11 audit

  -rw-r–r–  1 root root   2252 Dec  9 10:27 boot.log

  -rw/-. 1 root utmp   1920 Nov 28 09:28 btmp-20131202

  drwxr-xr-x  2 root root   4096 Nov 29 15:47 ConsoleKit

  -rw/-. 1 root root   8809 Dec  2 17:09 cron-20131202

  -rw-r–r–  1 root root  21510 Dec  9 10:27 dmesg

  -rw-r–r–  1 root root  21351 Dec  6 16:37 dmesg.old

  -rw-r–r–. 1 root root 165665 Nov 15 16:04 dracut.log

  -rw-r–r–. 1 root root 146876 Dec  9 10:44 lastlog

  -rw/-. 1 root root   4609 Dec  2 17:00 maillog-20131202

  -rw/-. 1 root root 458481 Dec  2 17:00 messages-20131202

  -rw/-. 1 root root  15984 Dec  2 17:00 secure-20131202

  -rw/-. 1 root root      0 Nov 15 16:02 spooler-20131202

  -rw/-  1 root root   3778 Dec  6 16:48 yum.log

Viewing the Contents of Log Files

Some important log files you can find in “/var/log”:

• wtmp




• utmp




• dmesg




• messages




• maillog or mail.log




• spooler



• auth.log or secure

The contents of some log files like wtmp and utmp cannot be viewed with the “cat” command.

Now let’s use some of these commands.

The “who” command is used to see the people currently connected to the Linux server.

An example on a CentOS server:

[root@TestLinux ~]# who

  root     tty1         2013-12-09 10:44

  root     pts/0        2013-12-09 10:29 (192.168.1.2)

  sysadmin pts/1        2013-12-09 10:31 (192.168.1.2)

  ahmet    pts/2        2013-12-09 10:39 (192.168.1.2)

There is a special situation here. I am the only user of this system, but since it is a server simulated with Oracle VirtualBox, two extra users appear as active in the system. (sysadmin and ahmet)

The following command shows the login dates of users who connected to the server:

[root@TestLinux ~]# last | grep sysadmin

  sysadmin pts/1        192.168.1.2      Mon Dec  9 10:31   ahmet logged in

  sysadmin pts/0        192.168.1.2      Fri Nov 29 15:42 - crash  (00:01)

  sysadmin pts/0        192.168.1.2      Thu Nov 28 17:06 - 17:13  (00:06)

  sysadmin pts/0        192.168.1.2      Thu Nov 28 16:17 - 17:05  (00:48)

  sysadmin pts/0        192.168.1.2      Thu Nov 28 09:29 - crash  (06:04)

  sysadmin pts/0        192.168.1.2      Wed Nov 27 16:37 - down   (00:29)

  sysadmin tty1                          Wed Nov 27 14:05 - down   (00:36)

  sysadmin tty1                          Wed Nov 27 13:49 - 14:04  (00:15)

In this example, I was trying to find the login date for the sysadmin user.

To see when the system was last restarted, you can run the “last reboot” command:

[root@TestLinux ~]# last reboot

  reboot   system boot  2.6.32-358.el6.x Mon Dec  9 10:27 - 10:47  (00:19)

  reboot   system boot  2.6.32-358.el6.x Fri Dec  6 16:37 - 10:47 (2+18:10)

  reboot   system boot  2.6.32-358.el6.x Fri Dec  6 16:28 - 16:36  (00:08)

  reboot   system boot  2.6.32-358.el6.x Fri Dec  6 11:06 - 16:36  (05:29)

  reboot   system boot  2.6.32-358.el6.x Mon Dec  2 17:00 - 16:36 (3+23:36)

  reboot   system boot  2.6.32-358.el6.x Fri Nov 29 16:01 - 16:36 (7+00:34)

  reboot   system boot  2.6.32-358.el6.x Fri Nov 29 15:43 - 16:36 (7+00:53)

  …

  …

  wtmp begins Fri Nov 15 16:11:54 2013

Use the “lastlog” command to see the last person to log into the system:

[root@TestLinux ~]# lastlog

  Username        Port        From            Latest

  root            tty1                        Mon Dec  9 10:44:30 +1100 2013

  bin                                        Never logged in

  daemon                                     Never logged in

  adm                                        Never logged in

  lp                                         Never logged in

  sync                                       Never logged in

  shutdown                                   Never logged in

  halt                                       Never logged in

  mail                                       Never logged in

  uucp                                       Never logged in

  operator                                   Never logged in

  games                                      Never logged in

  gopher                                     Never logged in

  ftp                                        Never logged in

  nobody                                     Never logged in

  vcsa                                       Never logged in

  saslauth                                   Never logged in

  postfix                                    Never logged in

  sshd                                       Never logged in

  sysadmin         pts/1    192.168.1.2      Mon Dec  9 10:31:50 +1100 2013

  dbus                                       Never logged in

  ahmet            pts/2    192.168.1.2      Mon Dec  9 10:39:24 +1100 2013

For other text-based log files, you can read them using the “cat”, “head”, or “tail” commands.

In the following example, I am trying to view the last lines of the /var/log/messages log file on a Debian server:

debian@debian:~$ sudo tail /var/log/messages

  Dec 16 01:21:08 debian kernel: [    9.584074] Bluetooth: BNEP (Ethernet Emulation) ver 1.3

  Dec 16 01:21:08 debian kernel: [    9.584074] Bluetooth: BNEP filters: protocol multicast

  Dec 16 01:21:08 debian kernel: [    9.648220] Bridge firewalling registered

  Dec 16 01:21:08 debian kernel: [    9.696728] Bluetooth: SCO (Voice Link) ver 0.6

  Dec 16 01:21:08 debian kernel: [    9.696728] Bluetooth: SCO socket layer initialized

  Dec 16 01:21:08 debian kernel: [    9.832215] lp: driver loaded but no devices found

  Dec 16 01:21:08 debian kernel: [    9.868897] ppdev: user-space parallel port driver

  Dec 16 01:21:11 debian kernel: [   12.748833] [drm] Initialized drm 1.1.0 20060810

  Dec 16 01:21:11 debian kernel: [   12.754412] pci 0000:00:02.0: PCI INT A -> Link[LNKB] -> GSI 11 (level, low) -> IRQ 11

  Dec 16 01:21:11 debian kernel: [   12.754412] [drm] Initialized vboxvideo 1.0.0 20090303 for 0000:00:02.0 on minor 0

Here I used the “tail” command to view the log content. Below I will write the commands with which logs can be viewed:

• cat: Prints the entire file to the screen




• head: Prints the top 10 lines of the file to the screen




• tail: Prints the last 10 lines of the file to the screen




• nano: Nano is actually a file editor. It opens the file allowing you to edit and navigate within it. With this command you can open the file and navigate through it to conveniently view the logs.



• vi: A file editor similar to nano

rsyslog Service

Behind the daily logging mechanism is the rsyslog service. This service is used to listen to messages coming from different parts of a Linux system and to save them appropriately in the /var/log directory.

Rsyslog Configuration File

The rsyslog service is configured from the rsyslog.conf file. This file is located in the /etc directory.

Basically, the rsyslog.conf file instructs the rsyslog service how to record log messages. This instruction in the file comes in the form of a series of two-part lines.

This file is found on Ubuntu as “rsyslog.d/50-default.conf”.

An example of rsyslog.conf content on a CentOS system:

# rsyslog v5 configuration file

  …

  …

  # Include all config files in /etc/rsyslog.d/

  IncludeConfig /etc/rsyslog.d*/-  1 root root      0 Dec  9 11:21 local4crit.log

  -rw/-  1 root root    359 Dec 17 18:25 maillog

  -rw/-  1 root root  30554 Dec 17 18:25 messages

  -rw/-  1 root root    591 Dec 17 18:28 secure

  -rw/-  1 root root    0 Dec 17 18:34 /var/log/maillog

  -rw**/-  1 root root  359 Dec 17 18:25 /var/log/maillog-20131217


[root@TestLinux ~]# ls -l /var/log/messages*

  -rw/-. 1 root root 180429 Dec 16 16:35 /var/log/messages-20131216

  -rw/-  1 root root    0 Dec 17 18:34 /var/log/secure

  -rw**/-  1 root root  591 Dec 17 18:28 /var/log/secure-20131217

  [root@TestLinux ~]#

As you can see, the logs have been archived by date and the files containing the latest logs have been cleared.

We hope this article has given you some ideas about the Linux log system. Log files in the Linux operating system are life-savers. They save you time and give you information about the status of the system. Log files should be the first thing you consult when
facing a problem you cannot solve…

On cPanel servers, you can easily configure the PHP settings required for your sites to run through an Apache compilation. You can start your Apache compilation with a single command and easily
manage your server’s PHP settings through the compilation.

To be able to configure settings as you wish through Apache compilation, you need to have root access on the server. If you are using a shared hosting service, you will not have root access, so you will not be able to perform this operation. You will need to inform
your hosting company about the settings you want to change. However, these settings on shared servers are generally standard and are not changed. Now let’s take a look at how this operation is performed.

EasyApache Compilation

/scripts/easyapache

When we run the above command via SSH, the compilation screen will appear. This compilation screen consists of 5-6 steps. Let’s now follow these steps and proceed.

On this screen, if there are functions we want to select, we select them. Then we continue with the compilation process via the Customize Profile option at the bottom. The second screen is the Apache version selection section.
Here we continue with the currently selected default option using Next Step.

In the next step, the MySQL Version selection section for what will run on our server appears. At the top it shows which version is currently installed on the server.
The options below show the versions that can be installed. Selecting the stable version that is in use is a good idea to avoid issues.

In the next step, we come to the section where we select the functions we want to run on the server. On the first page, you can select settings like IonCube, Perl, and Zend Optimizer.
After making selections here, to continue to the installation of other functions, we continue with the Exhaustive Options List option.

Now a total of 4 pages will appear with many functions we can install on the server. On this page, we can move the green cursor using the keyboard arrow keys over the function we want to select and make a selection by pressing the Space bar, or deselect.
By switching between 4 pages in this way, we make the necessary selections and then continue the process with the Next Step button.

After completing the necessary selections up to the last page and continuing, we arrive at the final step of our compilation. In the final step, we start our compilation process by pressing the Save and Build button as shown below.

Note: The compilation time varies depending on the number of functions selected for installation. However, on average, the compilation is completed in 20 to 45 minutes.
Even if you want to install just a single function, the compilation process will take an average of 15-20 minutes.

ClamAV is software that can be installed as a plugin in cPanel, enabling virus scanning of accounts on the server. Installable automatically from the Manage Plugins section
in cPanel/WHM, this program is quite easy to install and use. With it, you can largely ensure that malicious content is removed by performing virus scans on the accounts on your server.

To perform the installation, first log in to your WHM panel as root via a browser. Then go to the Manage Plugins section in WHM and select the Install and keep update option under ClamAV and save. When you save, the installation will begin and will
take approximately 5-10 minutes.

After the installation is complete, you can enter the Configure ClamAV Scanner section under Plugins in the WHM panel to configure its settings. On the page that appears, you can select which directories will be scanned.

On this page there is also a User Configuration button that allows you to make user-based settings. By accessing this section, you can configure which users’ files should or should not be virus-scanned.

After setting up daily, weekly, and monthly backups from your WHM panel, backups are taken periodically to the specified directory. But after a while, even if an account is cancelled and
deleted, the backup files are not deleted. There is a plugin called Clean Backup for this — when you come to the Plugins section of your WHM panel and install it, you can instantly delete backup files or set a period for deletion. For example, we can configure the
plugin to delete a backup if no changes have been made for 7 days. The installation is quite simple; from your SSH panel, run:

cd /usr/src

  wget http://download.ndchost.com/cleanbackups/latest-cleanbackups

  sh latest-cleanbackups

When you run these commands, it will appear in the Plugins section of your WHM panel. It comes as Auto Cleaning Disabled; you can configure it from the Edit Settings section. The current version of the plugin is 10. When you configure the settings as shown in the
image, when a new version is released it will automatically update, and it will check your daily, weekly, and monthly backups and delete backups older than 30 days. You can set the number of days as you wish.