Check CPU Type

Here is how to check the CPU type in CentOS:

# dmidecode --type processor

Output:

# dmidecode 2.12
SMBIOS 2.7 present.

Handle 0x0004, DMI type 4, 42 bytes
Processor Information
	Socket Designation: CPU 1
	Type: Central Processor
	Family: Xeon
	Manufacturer: Intel
	ID: D7 06 02 00 FF FB EB BF
	Signature: Type 0, Family 6, Model 45, Stepping 7
	Flags:
		FPU (Floating-point unit on-chip)
		VME (Virtual mode extension)
		DE (Debugging extension)
		PSE (Page size extension)
		TSC (Time stamp counter)
		MSR (Model specific registers)
		PAE (Physical address extension)
		MCE (Machine check exception)
		CX8 (CMPXCHG8 instruction supported)
		APIC (On-chip APIC hardware supported)
		SEP (Fast system call)
		MTRR (Memory type range registers)
		PGE (Page global enable)
		MCA (Machine check architecture)
		CMOV (Conditional move instruction supported)
		PAT (Page attribute table)
		PSE-36 (36-bit page size extension)
		CLFSH (CLFLUSH instruction supported)
		DS (Debug store)
		ACPI (ACPI supported)
		MMX (MMX technology supported)
		FXSR (FXSAVE and FXSTOR instructions supported)
		SSE (Streaming SIMD extensions)
		SSE2 (Streaming SIMD extensions 2)
		SS (Self-snoop)
		HTT (Multi-threading)
		TM (Thermal monitor supported)
		PBE (Pending break enabled)
	Version: Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz
	Voltage: 0.0 V
	External Clock: 100 MHz
	Max Speed: 4000 MHz
	Current Speed: 2000 MHz
	Status: Populated, Enabled
	Upgrade: Socket LGA2011
	L1 Cache Handle: 0x0005
	L2 Cache Handle: 0x0006
	L3 Cache Handle: 0x0007
	Serial Number: Not Specified
	Asset Tag: Not Specified
	Part Number: Not Specified
	Core Count: 6
	Core Enabled: 1
	Thread Count: 12
	Characteristics:
		64-bit capable
		Multi-Core
		Hardware Thread
		Execute Protection
		Enhanced Virtualization
		Power/Performance Control

Handle 0x0008, DMI type 4, 42 bytes
Processor Information
	Socket Designation: CPU 2
	Type: Central Processor
	Family: Xeon
	Manufacturer: Intel
	ID: D7 06 02 00 FF FB EB BF
	Signature: Type 0, Family 6, Model 45, Stepping 7
	Flags:
		FPU (Floating-point unit on-chip)
		VME (Virtual mode extension)
		DE (Debugging extension)
		PSE (Page size extension)
		TSC (Time stamp counter)
		MSR (Model specific registers)
		PAE (Physical address extension)
		MCE (Machine check exception)
		CX8 (CMPXCHG8 instruction supported)
		APIC (On-chip APIC hardware supported)
		SEP (Fast system call)
		MTRR (Memory type range registers)
		PGE (Page global enable)
		MCA (Machine check architecture)
		CMOV (Conditional move instruction supported)
		PAT (Page attribute table)
		PSE-36 (36-bit page size extension)
		CLFSH (CLFLUSH instruction supported)
		DS (Debug store)
		ACPI (ACPI supported)
		MMX (MMX technology supported)
		FXSR (FXSAVE and FXSTOR instructions supported)
		SSE (Streaming SIMD extensions)
		SSE2 (Streaming SIMD extensions 2)
		SS (Self-snoop)
		HTT (Multi-threading)
		TM (Thermal monitor supported)
		PBE (Pending break enabled)
	Version: Intel(R) Xeon(R) CPU E5-2620 0 @ 2.00GHz
	Voltage: 0.0 V
	External Clock: 100 MHz
	Max Speed: 4000 MHz
	Current Speed: 2000 MHz
	Status: Populated, Enabled
	Upgrade: Socket LGA2011
	L1 Cache Handle: 0x0009
	L2 Cache Handle: 0x000A
	L3 Cache Handle: 0x000B
	Serial Number: Not Specified
	Asset Tag: Not Specified
	Part Number: Not Specified
	Core Count: 6
	Core Enabled: 1
	Thread Count: 12
	Characteristics:
		64-bit capable
		Multi-Core
		Hardware Thread
		Execute Protection
		Enhanced Virtualization
		Power/Performance Control

How To Set Up a Firewall Using Firewalld on CentOS 7


Turning on the Firewall

# sudo systemctl start firewalld.service

We can verify that the service is running and reachable by typing:

# firewall-cmd --state
output
running

We can see which zone is currently selected as the default by typing:

# firewall-cmd --get-default-zone
output
public


firewall-cmd --get-active-zones
output
public
interfaces: eth0 eth1

We can print out the default zone’s configuration by typing:

# firewall-cmd --list-all
output
public (default, active)
interfaces: eth0 eth1
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:

Exploring Alternative Zones. To get a list of the available zones, type:

# firewall-cmd --get-zones
output
block dmz drop external home internal public trusted work

We can see the specific configuration associated with a zone by including the –zone= parameter in our –list-all command:

# firewall-cmd --zone=home --list-all
output
home
interfaces:
sources:
services: dhcpv6-client ipp-client mdns samba-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:

You can output all of the zone definitions by using the –list-all-zones option. You will probably want to pipe the output into a pager for easier viewing:

# firewall-cmd --list-all-zones | less

Selecting Zones for your Interfaces
Unless you have configured your network interfaces otherwise, each interface will be put in the default zone when the firewall is booted.

Changing the Zone of an Interface for the Current Session

You can transition an interface between zones during a session by using the –zone= parameter in combination with the –change-interface= parameter. As with all commands that modify the firewall, you will need to use sudo.

For instance, we can transition our eth0 interface to the “home” zone by typing this:

# sudo firewall-cmd --zone=home --change-interface=eth0
output
success


# firewall-cmd --get-active-zones
output
home
interfaces: eth0
public
interfaces: eth1

If the firewall is completely restarted, the interface will revert to the default zone:

sudo systemctl restart firewalld.service
firewall-cmd --get-active-zones
output
public
interfaces: eth0 eth1

Changing the Zone of your Interface Permanently

# sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0

At the bottom of the file, set the ZONE= variable to the zone you wish to associate with the interface. In our case, this would be the “home” interface:

/etc/sysconfig/network-scripts/ifcfg-eth0
. . .

DNS1=2001:4860:4860::8844
DNS2=2001:4860:4860::8888
DNS3=8.8.8.8
ZONE=home

Save and close the file.

To implement your changes, you’ll have to restart the network service, followed by the firewall service:

sudo systemctl restart network.service
sudo systemctl restart firewalld.service

After your firewall restarts, you can see that your eth0 interface is automatically placed in the “home” zone:

# firewall-cmd --get-active-zones
output
home
interfaces: eth0
public
interfaces: eth1

Adjusting the Default Zone


# sudo firewall-cmd --set-default-zone=home
output
home
interfaces: eth0 eth1
Setting Rules for your Applications

Adding a Service to your Zones

The easiest method is to add the services or ports you need to the zones you are using. Again, you can get a list of the available services with the –get-services option:

firewall-cmd --get-services
output
RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps ipp ipp-client ipsec kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius rpc-bind samba samba-client smtp ssh telnet tftp tftp-client transmission-client vnc-server wbem-https

You can get more details about each of these services by looking at their associated .xml file within the /usr/lib/firewalld/services directory. For instance, the SSH service is defined like this:

/usr/lib/firewalld/services/ssh.xml


SSH
Secure Shell (SSH) is a protocol for logging into and executing commands on remote machines. It provides secure encrypted communications. If you plan on accessing your machine remotely via SSH over a firewalled interface, enable this option. You need the openssh-server package installed for this option to be useful.

You can enable a service for a zone using the –add-service= parameter.

For instance, if we are running a web server serving conventional HTTP traffic, we can allow this traffic for interfaces in our “public” zone for this session by typing:

sudo firewall-cmd --zone=public --add-service=http

You can leave out the –zone= if you wish to modify the default zone. We can verify the operation was successful by using the –list-all or –list-services operations:

firewall-cmd --zone=public --list-services
output
dhcpv6-client http ssh

We can make our “public” zone change permanent by typing:

# sudo firewall-cmd --zone=public --permanent --add-service=http

You can verify that this was successful by adding the –permanent flag to the –list-services operation. You need to use sudo for any –permanent operations:

sudo firewall-cmd --zone=public --permanent --list-services
output
dhcpv6-client http ssh

Your “public” zone will now allow HTTP web traffic on port 80. Add https:

sudo firewall-cmd --zone=public --add-service=https
sudo firewall-cmd --zone=public --permanent --add-service=https

Adding Other ports
We can verify that this was successful using the –list-ports operation:

firewall-cmd --list-ports
output
5000/tcp

It is also possible to specify a sequential range of ports by separating the beginning and ending port in the range with a dash. For instance, if our application uses UDP ports 4990 to 4999, we could open these up on “public” by typing:

# sudo firewall-cmd --zone=public --add-port=4990-4999/udp
After testing, we would likely want to add these to the permanent firewall. You can do that by typing:
sudo firewall-cmd --zone=public --permanent --add-port=5000/tcp
sudo firewall-cmd --zone=public --permanent --add-port=4990-4999/udp
sudo firewall-cmd --zone=public --permanent --list-ports
output
success
success
4990-4999/udp 5000/tcp

Creating Your Own Zones
While the predefined zones will probably be more than enough for most users, it can be helpful to define your own zones that are more descriptive of their function.

For instance, we could create the two zones we discussed above by typing:

sudo firewall-cmd --permanent --new-zone=publicweb
sudo firewall-cmd --permanent --new-zone=privateDNS
You can verify that these are present in your permanent configuration by typing:


# sudo firewall-cmd --permanent --get-zones
output

block dmz drop external home internal privateDNS public publicweb trusted work
As stated before, these won’t be available in the current instance of the firewall yet:

firewall-cmd --get-zones
output
block dmz drop external home internal public trusted work

Reload the firewall to bring these new zones into the active configuration:

sudo firewall-cmd --reload
firewall-cmd --get-zones
output
block dmz drop external home internal privateDNS public publicweb trusted work

Now, you can begin assigning the appropriate services and ports to your zones. It’s usually a good idea to adjust the active instance and then transfer those changes to the permanent configuration after testing. For instance, for the “publicweb” zone, you might want to add the SSH, HTTP, and HTTPS services:

sudo firewall-cmd --zone=publicweb --add-service=ssh
sudo firewall-cmd --zone=publicweb --add-service=http
sudo firewall-cmd --zone=publicweb --add-service=https
firewall-cmd --zone=publicweb --list-all
output
publicweb
interfaces:
sources:
services: http https ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:

Likewise, we can add the DNS service to our “privateDNS” zone:

sudo firewall-cmd --zone=privateDNS --add-service=dns
firewall-cmd --zone=privateDNS --list-all
output
privateDNS
interfaces:
sources:
services: dns
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:

We could then change our interfaces over to these new zones to test them out:

sudo firewall-cmd --zone=publicweb --change-interface=eth0
sudo firewall-cmd --zone=privateDNS --change-interface=eth1

At this point, you have the opportunity to test your configuration. If these values work for you, you will want to add the same rules to the permanent configuration. You can do that by re-applying the rules with the –permanent flag:

sudo firewall-cmd --zone=publicweb --permanent --add-service=ssh
sudo firewall-cmd --zone=publicweb --permanent --add-service=http
sudo firewall-cmd --zone=publicweb --permanent --add-service=https
sudo firewall-cmd --zone=privateDNS --permanent --add-service=dns

You can then modify your network interfaces to automatically select the correct zones.

We can associate the eth0 interface with the “publicweb” zone:

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth0
[label /etc/sysconfig/network-scripts/ifcfg-eth0
. . .


IPV6_AUTOCONF=no
DNS1=2001:4860:4860::8844
DNS2=2001:4860:4860::8888
DNS3=8.8.8.8
ZONE=publicweb

And we can associate the eth1 interface with “privateDNS”:

sudo nano /etc/sysconfig/network-scripts/ifcfg-eth1
/etc/sysconfig/network-scripts/ifcfg-eth1
. . .

NETMASK=255.255.0.0
DEFROUTE='no'
NM_CONTROLLED='yes'
ZONE=privateDNS
Afterwards, you can restart your network and firewall services:

sudo systemctl restart network
sudo systemctl restart firewalld

Validate that the correct zones were assigned:

firewall-cmd --get-active-zones
output
privateDNS
interfaces: eth1
publicweb
interfaces: eth0

And validate that the appropriate services are available for both of the zones:

firewall-cmd --zone=publicweb --list-services
output
http htpps ssh
firewall-cmd --zone=privateDNS --list-services
output
dns

You have successfully set up your own zones. If you want to make one of these zones the default for other interfaces, remember to configure that behavior with the –set-default-zone= parameter:

sudo firewall-cmd --set-default-zone=publicweb

To configure your firewall to start at boot, type:

sudo systemctl enable firewalld

Php 4 on cpanel

Here are a few articles that mention it:

https://documentation.cpanel.net/display/EA/Custom+Modules
https://forums.cpanel.net/threads/how-to-easy-php4-php5-side-by-side-after-removal-of-php4-from-easyapache.304942/
http://www.liquidweb.com/kb/the-end-of-php-4/
https://www.siteground.com/kb/how_to_have_different_php__mysql_versions/

You can set the handler for the site using a .htaccess file in the domains webroot with the following contents:
Code:
AddHandler application/x-httpd-php4 .php .php4 .php3

Enable gzip on WHM/cPanel

To enable gzip, login to cPanel account for the user account which GZIP compression wants to be turned on. Then click on Optimize Website under Software / Services. Choose Compress All Content or Compress the specified MIME types to enable GZIP compression on all websites hosted by the particular account. Click on Update Settings when done.

MIME types include text/html, text/plain, text/xml, text/css, text/javascript, application/javascript, application/xhtml+xml, application/xml, application/rss+xml, application/atom_xml, application/x-javascript, application/x-httpd-php, application/x-httpd-fastphp, application/x-httpd-eruby, and image/svg+xml.

Once you’re done you can easily test to see if the compression is working by using the gzip test tool here: http://www.gziptest.com/

SCP Examples

How to secure copy a file from remote server to to local directory:
/home/user/file.txt = remote file
/home/user/Desktop/ = path to copy to local system


# scp -r user@remote.server.com:/home/user/file.txt /home/user/Desktop/

-r Recursively copy entire directories

What if the port is on 2243?

Use:

# scp -P2243 -r user@remote.server.com:/home/user/file.txt /home/user/Desktop/

# scp -P -r user@remote.server.com:/home/user/file.txt /home/user/Desktop/

-P port Specifies the port to connect to on the remote host. Note that this option is written with a capital ‘P’, because -p is already reserved for preserving the times and modes of the file in rcp(1).

-p Preserves modification times, access times, and modes from the original file.

Copy from local to remote:

# scp -P 22 file.txt root@192.168.1.1:/vmfs/volumes/datastore1/ISO

Find Mysql Connection script

Recently, I had to find a connection script for mysql as the clients programmer had gone away. I knew the database username and here is the grep command that found it.

# cd /var/www/vhosts/domain.com/httpdocs
# grep -r 'database username' *

* Where database username is the actulay database username in the plesk database