Error:

[stextbox id=”warning”]ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
ERROR: Can’t open /var/log/clamav/freshclam.log in append mode (check permissions!).[/stextbox]

# cd /var/log/clamav
# ls -la freshclam.log
-rw-r--r-- 1 clamav clamav 0 Oct 20 03:43 freshclam.log

# nano /etc/freshclam.conf

# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
DatabaseOwner clam

Change to clamav

# nano /etc/clamd.conf
# Run as another user (clamd must be started by root for this option to work)
# Default: don't drop privileges
User clam

Change to clamav

Here is how to add additional IP’s to your Ubuntu server

Add it to the server just on a temporary basis. A reboot will erase the changes.

Using ifconfig

If you want to add a secondary IP address to a NIC already in use in Linux, and have that change only temporary. Enter this command:

# ifconfig [nic]:0 [IP-Address] netmask [mask] up

Example:

#ifconfig eth0:0 192.168.1.2 netmask 255.255.255.0 up

If you prefer to use the ip command instead of ifconfig

# ip address add [ip]/[mask-digits] dev [nic]

IP command example

#ip address add 192.168.99.37/24 dev eth0

With this command you can add more ip address to the same NIC, the second is considered as secondary.

Add a permanent IP address to the Server

For Ubuntu systems, edit the /etc/network/interfaces file

# nano /etc/network/interfaces

Example:


auto eth0:1
iface eth0:1 inet static
address 192.168.0.1
gateway 192.168.0.254
netmask 255.255.255.0

The restart networking for the changes to take effect

~# service networking restart
 * Reconfiguring network interfaces... 

Check to see if the IP’s re enabled

# ifconfig

You should see the additional IP’s here

You can add What you need. Just change eth0:1 for eth0:2, eth0:3 etc. This can also be done for any other network cards like eth1, eth2, etc.

If the network show this:

# nano /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

auto em1
iface em1 inet static
address 162.xx.xx.xx
netmask 255.255.255.0
gateway 162.xx.xx.1
broadcast 162.xx.xx.255
dns-nameservers 8.8.4.4

Add this

auto em2
iface em1 inet static
address 10.156.1.xxx
netmask 255.255.255.224

Source: http://blog.hyperfive.com/2013/07/how-to-setup-internal-smtp-service-for.html

Also
Configuring the server so you can send mail using mail.domain.com instead of ‘localhost’ or the server’s IP address.

If you add the following line to the server’s hosts file it will map mail.domain.com to 127.0.0.1 which is localhost. Please note this would need to be done on each server as reverse NAT translation is not supported.

127.0.0.1 mail.domain.com
How to edit the server’s hosts file:
http://www.howtogeek.com/howto/27350/beginner-geek-how-to-edit-your-hosts-file/

Because fail2ban is not available from CentOS, we should start by downloading the EPEL repository:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Follow up by installing fail2ban:

yum install fail2ban

The default fail2ban configuration file is location at /etc/fail2ban/jail.conf. The configuration work should not be done in that file, however, and we should instead make a local copy of it.


cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

After the file is copied, you can make all of your changes within the new jail.local file. Many of possible services that may need protection are in the file already. Each is located in its own section, configured and turned off.

Set up a few rules on a plesk server with CentOS

SSH

[ssh-iptables]

enabled  = true
filter   = sshd
action   = iptables[name=SSH, port=10222, protocol=tcp]
           sendmail-whois[name=SSH, dest=root, sender=admin@domain.com, sendername="Fail2Ban"]
logpath  = /var/log/secure
maxretry = 5

* Notice ssh is set up on port 10222

ProFTP

[proftpd-iptables]

enabled  = true
filter   = proftpd
action   = iptables[name=ProFTPD, port=ftp, protocol=tcp]
           sendmail-whois[name=ProFTPD, dest=admin@domain.com]
logpath  = /var/log/secure
maxretry = 5

* Notice the log location. This is for a Plesk server as proftpd logs to /var/log/secure
Restart fail2ban

# service fail2ban restart

Postfix

# This jail forces the backend to "polling".
[sasl-iptables]

enabled  = true
filter   = postfix-sasl
backend  = polling
action   = iptables[name=sasl, port=smtp, protocol=tcp]
           sendmail-whois[name=sasl, dest=admin@domain.com]
logpath  = /usr/local/psa/var/log/maillog

Postfix

[postfix-tcpwrapper]

enabled  = true
filter   = postfix
action   = hostsdeny[file=/etc/fail2ban/hosts.deny]
           sendmail[name=Postfix, dest=admin@domain.com]
logpath  = /usr/local/psa/var/log/maillog
bantime  = 300

Apache Auth

[apache-tcpwrapper]

enabled  = true
filter   = apache-auth
action   = iptables[name=apache, port=apache, protocol=tcp]
           sendmail-whois[name=apache, dest=admin@domain.com]
logpath  = /var/log/httpd/error_log
#           /home/www/myhomepage/error.log
maxretry = 6

Whitelisting is setup in the jail.conf file using a space separated list.


[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                          
# ban a host which matches an address in this list. Several addresses can be                             
# defined using space separator.                                                                        
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8


# This will ignore connection coming from common private networks.
# Note that local connections can come from other than just 127.0.0.1, so
# this needs CIDR range too.
ignoreip = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16

Source: http://www.fail2ban.org/wiki/index.php/Main_Page

APPLIES TO:

Parallels Plesk 11.0 for Linux

Instructions:

1. Install epel and remi repositories:

# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
# sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

2. Enable remi repository:

# sudo vi /etc/yum.repos.d/remi.repo

In the [remi] section of the file, set the “enabled” option to 1.

3. Upgrade PHP with this command:

# yum install php

Installation of ionCube for PHP 5.4 (optional)
1. Download ionCube:
For x32:

# wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.zip

For x64:

# wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.zip

2. Unzip file.
3. Copy ioncube_loader_lin_5.4.so to PHP extensions folder:

# sudo cp ioncube/ioncube_loader_lin_5.4.so /usr/lib/php/modules/

4. Set SELinux attributes:
# sudo chcon -u system_u -t textrel_shlib_t /usr/lib/php/modules/ioncube_loader_lin_5.4.so

5. Switch on ionCube in PHP config:

# echo "zend_extension=/usr/lib/php/modules/ioncube_loader_lin_5.4.so" >> /etc/php.d/zend_extensions_psa.ini

6. Check functioning of ionCube:

# php -r 'phpinfo();' | grep -i ioncube

You can also test ionCube Loader by using the helper PHP script “loader-wizard.php” that’s included in the ionCube Loader archive.
Possible issues

1. MySQL server is upgraded with PHP. If, when creating databases, database users or applications fail with MySQL errors such as “Table mysql.servers does not exist,” it means that the MySQL server has been upgraded with PHP. This can be fixed with the following command:

# mysql_upgrade -uadmin -p`cat /etc/psa/.psa.shadow`

2. If you see an error message like “Failed loading /usr/lib/php/modules/ioncube_loader_lin_5.4.so: /usr/lib/php/modules/ioncube_loader_lin_5.4.so: wrong ELF class: ELFCLASS6,” it means that the the ionCube Loader file has a different OS architecture.

3. If you see an error message like “Failed loading /usr/lib/php/modules/ioncube_loader_lin_5.4.so: /usr/lib/php/modules/ioncube_loader_lin_5.4.so: cannot restore segment prot after reloc: Permission denied,” it means that SELinux is effective. The SELinux context is wrong on the ionCube Loader file.

4. PHP doesn’t work in CGI/FastCGI mode with HTTP Error 500. This can be caused by the existence of directives that are incompatible with PHP 5.4 in the global or domain php.ini file. Here is a list of incompatible directives:

register_globals
register_long_arrays
magic_quotes_gpc
magic_quotes_runtime
magic_quotes_sybase
allow_call_time_pass_reference
define_syslog_variables
highlight.bg
session.bug_compat_42
session.bug_compat_warn
y2k_compliance
safe_mode
safe_mode_gid
safe_mode_include_dir
safe_mode_exec_dir
safe_mode_allowed_env_vars
safe_mode_protected_env_vars
zend.ze1_compatibility_mode

Refer to http://www.php.net/manual/en/migration54.ini.php for details.

Upgrade from Atomic

# wget -q -O - http://www.atomicorp.com/installers/atomic | sh

# yum update php

Source:

http://mysql.wingtiplabs.com/documentation/row639ae/configure-row-based-or-mixed-mode-replication

http://www.xaprb.com/blog/2012/08/23/avoiding-statement-based-replication-warnings/

By default, MySQL binary logging and replication is statement-based: when the master server commits a change, it writes the SQL statement into its binary log, and any slaves that replicate it execute the same SQL statement into their own database.

MySQL also supports row-based replication: the master server logs the data affected by a change (information to INSERT or UPDATE, the identity of rows to DELETE), and the slave applies those changes directly to its database.

Row-based replication was introduced to provide perfect replication of data that is non-deterministic: when the same statement was executed on the master and slave, the outcome was different.

It can also have a performance impact. Short SQL queries that affect a lot of rows would require more bandwidth to transmit as row-based replication. For example, if replicated by row, this statement would have to uniquely identify 10,000 rows; it would be much more efficiently transmitted as statement-based:

DELETE FROM important.stuff WHERE id BETWEEN 1 AND 10000;

But difficult to evaluate queries that change relatively little data would be much faster to apply to slaves if the master told them what to change instead of forcing them to repeat the work. For example, this statement requires a table scan and a hash calculation on every row; slaves could save considerable processor time if the master just told them the outcome of all those calculations using row-based replication:

DELETE FROM user WHERE MD5(User) = "c498faa0787b2eaf054b81f814b1aa12";

The MySQL documentation recommends you use Mixed Mode replication. In Mixed Mode replication, most queries are replicated by statement. But transactions MySQL knows are non-deterministic are replicated by row.

Mixed Mode uses row-based replication for any transaction that:

  • Uses user defined functions
  • Uses the
    UUID()

    ,

    USER()

    , or

    CURRENT_USER()

    functions

  • Uses
    LOAD_FILE

    (which otherwise assumes every slave has the exact same file on the local file system and doesn’t replicate the data)

  • Updates two tables with
    auto_increment

    columns (the binlog format only carries one

    auto_increment

    value per statement)