Disable modsec for a domain

In apache conf under that user add this:

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule

Restart httpd

Install Zend Optimizer

cd /usr/local/src

check latest zendoptimizer

wget http://www.eth0.us/files/ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz

tar -zxf ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz

cd ZendOptimizer-3.0.1-linux-glibc21-i386

./install

If u still receiving “Zend Optimizer Not Installed” error page, then

SELinux is interfering with Apache’s attempt to access the .so file.

So do this commands

#chcon -t texrel_shlib_t  path_of_ZendOptimizer.so (/usr/local/Zend/ZendOptimizer.so)

#execstack -c path_of_ZendOptimizer.so (/usr/local/Zend/ZendOptimizer.so)

#setenforce 0

#getenforce

then restart httpd and check.

If the issue still persist,

vi /etc/selinux/config

SELINUX=disabled

then reboot the server

cd /usr/local/src

check latest zendoptimizer

wget http://www.eth0.us/files/ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz

tar -zxf ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz

cd ZendOptimizer-3.0.1-linux-glibc21-i386

./install

If u still receiving “Zend Optimizer Not Installed” error page, then

SELinux is interfering with Apache’s attempt to access the .so file.

So do this commands

#chcon -t texrel_shlib_t  path_of_ZendOptimizer.so (/usr/local/Zend/ZendOptimizer.so)

#execstack -c path_of_ZendOptimizer.so (/usr/local/Zend/ZendOptimizer.so)

#setenforce 0

#getenforce

then restart httpd and check.

If the issue still persist,

vi /etc/selinux/config

SELINUX=disabled

then reboot the server

Round Robin DNS

Round robin DNS is a technique in which load balancing is performed by a DNS server instead of a strictly dedicated machine. A DNS record has more than one value IP address.

When a request is made to the DNS server which serves this record, the answer it gives alternates for each request. For instance, if you had a three webserver that you wished to distribute requests between, you could setup your DNS zone as follows:

# vi /var/named/domain.com.db

Append/modfiy www entry:

www   IN   A   1.2.3.4

IN   A   2.3.4.5

IN   A   3.4.5.6

IN   A   4.5.6.7

# /etc/init.d/named restart

When a query is made to the DNS server it will first give the IP of 1.2.3.4 for the www host. The next time a request is made for the IP of www, it will serve 2.3.4.5 and so on.

Prevent SYN attacks

1. Enable SYN cookies mechanism in the server by the executing command:

# echo 1 > /proc/sys/net/ipv4/tcp_syncookies

2. Increase the backlog queue to 2048 by the command:

# sysctl -w net.ipv4.tcp_max_syn_backlog=”2048″

Run CGI scripts anywhere in the server + Plesk

Server wide :

cd /etc/httpd/conf/

cp -p httpd.conf httpd.conf.bak

vi httpd.conf

uncomment AddHandler cgi-script .cgi

service httpd restart

or
1. create an .htaccess file in your cgi-bin directory, that file should have the following

AddType text/x-server-parsed-html .html
AddType application/x-httpd-cgi .cgi .pl

Make sure you upload it in ASCII format, not binary.

2 set the permissions on your scripts correctly.. usually to 755

Installation of Java + Apache Ant

cd /opt

mkdir java

cd java

wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=29210

or

wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=29214

mv jre-6u13* jre-6u13-linux-i586.bin

chmod 755 jre-6u13-linux-i586.bin

./jre-6u13-linux-i586.bin

/opt/java/jre1.6.0_13/bin/java -version

Installing Ant:

cd /opt

wget http://www.gtlib.gatech.edu/pub/apache/ant/binaries/apache-ant-1.7.1-bin.tar.gz

tar -xzf apache-ant-1.7.1-bin.tar.gz

cd apache-ant-1.7.1

export ANT_HOME=/opt/apache-ant-1.7.1

export JAVA_HOME=/opt/java/jre1.6.0_13

export PATH=${PATH}:${ANT_HOME}/bin

echo “export ANT_HOME=/opt/apache-ant-1.7.1″ >> /etc/profile

echo “export JAVA_HOME=/opt/java/jre1.6.0_13″ >> /etc/profile

echo “export PATH=${PATH}:${ANT_HOME}/bin” >> /etc/profile

ln -s /opt/java/jre1.6.0_13/bin/java /etc/alternatives/java

ln -s /etc/alternatives/java /usr/bin/java

Then verify the installation by:

java -version

ant -version

———————————————————————————————————–

If you are getting the following error while executing : 

———————————-

ant -version

Unable to locate tools.jar. Expected to find it in /opt/java/jre1.6.0_13/lib/tools.jar

Unable to locate tools.jar. Expected to find it in /opt/java/jre1.6.0_13/lib/tools.jar

———————————-

then

cd /opt/java/jre1.6.0_13/lib/

wget 216.104.40.154/java/tools.jar

chmod 755 tools.jar

No space left on device: mod_rewrite: could not create rewrite_log_lock

If you are getting “No space left on device: mod_rewrite: could not create rewrite_log_lock”  while restarting apache, then please execute the following commands in shell prompt:

ipcs -s | grep nobody
for i in `ipcs -s | grep nobody | awk ‘{print $2}’`; do ipcrm -s $i; done

Reason: Apache user occupies large number of semaphore arrays.. The above script will remove the semaphore arrays by using ipcrm command

easy apache – Premature end of script headers error

Error : BEGIN failed–compilation aborted at /var/cpanel/perl/easy/Cpanel/Easy/Utils/BackGround.pm line 12.
Compilation failed in require at (eval 18) line 3….propagated at /usr/lib/perl5/5.8.8/base.pm line 85.

Premature end of script headers: /usr/local/cpanel/whostmgr/docroot/cgi/easyapache.pl

To fix, just run:

/scripts/checkperlmodules

A Simple Rewite Rule

RewriteEngine on
RewriteCond %{HTTP_HOST} ^domainname\.com
RewriteRule ^(.*)$ http://www.domainname/$1

Script for restarting apache at load 10

#!/bin/bash
loadavg=$(uptime | awk -F “.” ‘{ print $1 }’ | awk -F “:” ‘{ print $5 }’)
if [ "$loadavg" -ge "10" ]; then
pkill -9 httpd
sleep 3
/scripts/restartsrv_httpd
fi