Extending Perfect Server - Debian Squeeze [ISPConfig 3] - Page 4

9. Anytime stats with awstats

In this section, you can apply a modification that will allow you to update the awstats anytime you want, or (by using cron) in more frequent time intervals. Before we proceed we must change the default log format for awstats. In Debian Squeeze the default format is 4, but we need the 1. So either you edit the file /etc/awstats/awstats.conf or the file /etc/awstats/awstats.conf.local . I prefer the second one, because it will let me keep up with updates:

nano /etc/awstats/awstats.conf.local

and append the line: LogFormat=1

After that, the file should look like:

# You can overrides config directives here.
# This is particularly useful for users with several configs for
# different virtual servers, who want to reuse common parameters.
# Also, this file is not updated with each new upstream release.
LogFormat=1

Now we have to copy the default daily cron of ISPConfig and edit it ... actually we have to edit it A LOT (new file name : mycron.php ). Basically we have to cutoff a lot of lines and only keep some of them. Do:

cp /usr/local/ispconfig/server/cron_daily.php /root/scripts/mycron.php
chmod 700 /root/scripts/mycron.php
nano /root/scripts/mycron.php

and paste all the following lines:

<?php

/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/


require('/usr/local/ispconfig/server/lib/config.inc.php');
require('/usr/local/ispconfig/server/lib/app.inc.php');
set_time_limit(0);

// make sure server_id is always an int
$conf['server_id'] = intval($conf['server_id']);
// Load required base-classes
$app->uses('ini_parser,file,services,getconf');

#######################################################################################################
// Create awstats statistics
#######################################################################################################

$sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE stats_type = 'awstats' AND server_id = ".$conf['server_id'];
$records = $app->db->queryAllRecords($sql);
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
foreach($records as $rec) {
$logfile = escapeshellcmd($rec['document_root'].'/log/access.log');
$domain = escapeshellcmd($rec['domain']);
$statsdir = escapeshellcmd($rec['document_root'].'/web/stats');
$awstats_pl = $web_config['awstats_pl'];
$awstats_buildstaticpages_pl = $web_config['awstats_buildstaticpages_pl'];
$awstats_conf_dir = $web_config['awstats_conf_dir'];
$awstats_website_conf_file = $web_config['awstats_conf_dir'].'/awstats.'.$domain.'.conf';
if(is_file($awstats_website_conf_file)) unlink($awstats_website_conf_file);
if(!is_file($awstats_website_conf_file)) {
$awstats_conf_file_content = 'Include "'.$awstats_conf_dir.'/awstats.conf"
LogFile="/var/log/ispconfig/httpd/'.$domain.'/access.log"
SiteDomain="'.$domain.'"
HostAliases="www.'.$domain.' localhost 127.0.0.1"';
file_put_contents($awstats_website_conf_file,$awstats_conf_file_content);
}
if(!@is_dir($statsdir)) mkdir($statsdir);

// awstats_buildstaticpages.pl -update -config=mydomain.com -lang=en -dir=/var/www/domain.com/web/stats -awstatsprog=/path/to/awstats.pl
$command = "$awstats_buildstaticpages_pl -update -config='$domain' -lang=en -dir='$statsdir' -awstatsprog='$awstats_pl'";

if($awstats_pl != '' && $awstats_buildstaticpages_pl != '' && fileowner($awstats_pl) == 0 && fileowner($awstats_buildstaticpages_pl) == 0) {
exec($command);
rename($rec['document_root'].'/web/stats/awstats.'.$domain.'.html',$rec['document_root'].'/web/stats/index.html');
$app->log('Created awstats statistics with command: '.$command,LOGLEVEL_DEBUG);
} else {
$app->log("No awstats statistics created. Either $awstats_pl or $awstats_buildstaticpages_pl is not owned by root user.",LOGLEVEL_WARN);
}

}


die("finished.\n");
?>

This script is a cutoff  of the ISPConfig's default cron file and applies up to ISPConfi 3.0.3. It's made by Till Brehm , and we edited it, so as the update procedure DOES NOT modify any system (or log) file whenever we call it. In simple words, the script reads the access.log file of each domain and DOES NOT do any rotation or any modification, except that it reproduces the html files for awstats. Keep in mind that the default ISPConfig cron job, will run as usual at 00:30 and it will simply append to the stats db and recreate the html files.

In the above script you can change the language produced by awstats if you simply change the letters after "lang=" with those that represent your country.

For ISPConfig 3.0.4 please use the following code:

<?php

/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.

Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

require('/usr/local/ispconfig/server/lib/config.inc.php');
require('/usr/local/ispconfig/server/lib/app.inc.php');

set_time_limit(0);

// make sure server_id is always an int
$conf['server_id'] = intval($conf['server_id']);


// Load required base-classes
$app->uses('ini_parser,file,services,getconf');


#######################################################################################################
// Create awstats statistics
#######################################################################################################

$sql = "SELECT domain_id, domain, document_root FROM web_domain WHERE stats_type = 'awstats' AND server_id = ".$conf['server_id'];
$records = $app->db->queryAllRecords($sql);

$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');


foreach($records as $rec) {
$logfile = escapeshellcmd($rec['document_root'].'/log/access.log');
$domain = escapeshellcmd($rec['domain']);
$statsdir = escapeshellcmd($rec['document_root'].'/web/stats');
$awstats_pl = $web_config['awstats_pl'];
$awstats_buildstaticpages_pl = $web_config['awstats_buildstaticpages_pl'];

$awstats_conf_dir = $web_config['awstats_conf_dir'];
$awstats_website_conf_file = $web_config['awstats_conf_dir'].'/awstats.'.$domain.'.conf';

if(is_file($awstats_website_conf_file)) unlink($awstats_website_conf_file);

$sql = "SELECT domain FROM web_domain WHERE (type = 'alias' OR AND type = 'subdomain') server_id = ".$conf['server_id'];
$aliases = $app->db->queryAllRecords($sql);
$aliasdomain = '';

if(is_array($aliases)) {
foreach ($aliases as $alias) {
$aliasdomain.= ' '.$alias['domain']. ' www.'.$alias['domain'];
}
}

if(!is_file($awstats_website_conf_file)) {
$awstats_conf_file_content = 'Include "'.$awstats_conf_dir.'/awstats.conf"
LogFile="/var/log/ispconfig/httpd/'.$domain.'/access.log"
SiteDomain="'.$domain.'"
HostAliases="www.'.$domain.' localhost 127.0.0.1"'.$aliasdomain;
file_put_contents($awstats_website_conf_file,$awstats_conf_file_content);
}

if(!@is_dir($statsdir)) mkdir($statsdir);


####################################################################################
######################### RECREATE STATS ###########################################
$redo = 0; // set this to 1 if you want to recreate statistics for a specific month
$REMONTH = 11; // select the month
$REYEAR = 2011; //select the year
$LANG = 'gr'; // set your language
// After setting the above rerun this script
// e.g
// php /path/to
####################################################################################
####################################################################################
if ( $redo == 1 ) {

$awmonth = $REMONTH;
$awyear = $REYEAR;
$statsdirold = $statsdir."/".$awyear."-".$awmonth."/";
if (!is_dir($statsdirold)) {
mkdir($statsdirold);
}
$command = "$awstats_buildstaticpages_pl -month='$awmonth' -year='$awyear' -update -config='$domain' -lang='$LANG' -dir='$statsdirold' -awstatsprog='$awstats_pl'";

if($awstats_pl != '' && $awstats_buildstaticpages_pl != '' && fileowner($awstats_pl) == 0 && fileowner($awstats_buildstaticpages_pl) == 0) {
exec($command);
rename($statsdirold.'awstats.'.$domain.'.html',$statsdirold.'awsindex.html');
$app->log('Created awstats statistics with command: '.$command,LOGLEVEL_DEBUG);
} else {
$app->log("No awstats statistics created. Either $awstats_pl or $awstats_buildstaticpages_pl is not owned by root user.",LOGLEVEL_WARN);
}
}
else {
if (date("d") == 1) {

$awmonth = date("n")-1;
$awyear = date("Y");


if (date("n") == 0) {
$awyear = date("Y")-1;
$awmonth = "12";
}

$statsdirold = $statsdir."/".$awyear."-".$awmonth."/";

if (!is_dir($statsdirold)) {
mkdir($statsdirold);
$command = "$awstats_buildstaticpages_pl -month='$awmonth' -year='$awyear' -update -config='$domain' -lang='$LANG' -dir='$statsdirold' -awstatsprog='$awstats_pl'";

if($awstats_pl != '' && $awstats_buildstaticpages_pl != '' && fileowner($awstats_pl) == 0 && fileowner($awstats_buildstaticpages_pl) == 0) {
exec($command);
rename($statsdirold.'awstats.'.$domain.'.html',$statsdirold.'awsindex.html');
$app->log('Created awstats statistics with command: '.$command,LOGLEVEL_DEBUG);
} else {
$app->log("No awstats statistics created. Either $awstats_pl or $awstats_buildstaticpages_pl is not owned by root user.",LOGLEVEL_WARN);
}

}
}

// ispconfig, on the second day of month, overwrites the stats created before by this script
// to overwrite ispconfig default execution on 2nd day of month we must execute the below code
if (date("d") == 2) {
$awmonth = date("n")-1;
$awyear = date("Y");
if (date("n") == 0) {
$awyear = date("Y")-1;
$awmonth = "12";
}
$statsdirold = $statsdir."/".$awyear."-".$awmonth."/";
$command = "$awstats_buildstaticpages_pl -month='$awmonth' -year='$awyear' -update -config='$domain' -lang='$LANG' -dir='$statsdirold' -awstatsprog='$awstats_pl'";
if($awstats_pl != '' && $awstats_buildstaticpages_pl != '' && fileowner($awstats_pl) == 0 && fileowner($awstats_buildstaticpages_pl) == 0) {
exec($command);
rename($statsdirold.'awstats.'.$domain.'.html',$statsdirold.'awsindex.html');
$app->log('Created awstats statistics with command: '.$command,LOGLEVEL_DEBUG);
} else {
$app->log("No awstats statistics created. Either $awstats_pl or $awstats_buildstaticpages_pl is not owned by root user.",LOGLEVEL_WARN);
}

}
// end of overwrite
// unfortunately the above will execute many times (as many as you run this script by cron)


$awmonth = date("n");
$awyear = date("Y");
$command = "$awstats_buildstaticpages_pl -month='$awmonth' -year='$awyear' -update -config='$domain' -lang='$LANG' -dir='$statsdir' -awstatsprog='$awstats_pl'";

if($awstats_pl != '' && $awstats_buildstaticpages_pl != '' && fileowner($awstats_pl) == 0 && fileowner($awstats_buildstaticpages_pl) == 0) {
exec($command);
if(is_file($rec['document_root'].'/web/stats/index.html')) unlink($rec['document_root'].'/web/stats/index.html');
rename($rec['document_root'].'/web/stats/awstats.'.$domain.'.html',$rec['document_root'].'/web/stats/awsindex.html');
if(!is_file($rec['document_root']."/web/stats/index.php")) copy("/usr/local/ispconfig/server/conf/awstats_index.php.master",$rec['document_root']."/web/stats/index.php");

$app->log('Created awstats statistics with command: '.$command,LOGLEVEL_DEBUG);
} else {
$app->log("No awstats statistics created. Either $awstats_pl or $awstats_buildstaticpages_pl is not owned by root user.",LOGLEVEL_WARN);
}

} //end redo
} // end foreach


die("finished.\n");
?>

 Keep in mind (in version > =3.0.4) that you will not see any stats the first day of every month (as with the normal script). If you want to see the udated stats after the first execution the first day of the month you have to read this post :  http://www.howtoforge.com/forums/showthread.php?p=270816#post270816

To execute the script every 4 hours, first create the file /root/scripts/mycron.sh, make it executable and then add it to the cronjob list:

touch /root/scripts/mycron.sh
chmod 700 /root/scripts/mycron.sh
nano /root/scripts/mycron.sh

and paste the following:

#!/bin/sh
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin
/usr/bin/php /root/scripts/mycron.php

Add the cronjob:

crontab -e

Append the following line, save and exit:

45 0,4,8,12,16,20 * * * /root/scripts/mycron.sh

You can also initiate the stats creation anytime by:

/root/scripts/mycron.sh

You can recreate stats of previously months (as long as there are data in /var/lib/awstats or /var/cache/awstats). Read the comments in the script, set redo=1 and execute the script. More at http://www.howtoforge.com/forums/showthread.php?t=51731

10. mysql tuning

Download tuning-primer.sh and mysqltuner.pl. These will help you to improve mysql's configuration file.

cd /root/scripts
wget http://www.day32.com/MySQL/tuning-primer.sh
wget http://mysqltuner.com/mysqltuner.pl
chmod 700 tuning-primer.sh mysqltuner.pl

To execute them:

perl /root/scripts/mysqltuner.pl
/root/scripts/tuning-primer.sh

The scripts will ask some simple questions (user/pass) and will display in red colour, their suggestions for critical settings. You can use their suggestions to boost the performance of mysql-server.

Share this page:

32 Comment(s)

Add comment

Comments

From: at: 2011-03-22 19:50:03

There is a small typo in download of the webmin

 

cd /tmp wget http://prdownloads.sourceforge.net/webadmin/webmin_1.530_all.deb

 

should actually be 

 cd /tmp

wget http://prdownloads.sourceforge.net/webadmin/webmin_1.530_all.deb

From: teddy at: 2011-08-19 18:28:47

Hi, I've followed the perfect debian server with ispconfig3 tutorial, then the SSL post on faqforge, and everything went ok on my virtualized server and on the online one. Once it gets to changing default port for webmin, activating it on ispconfig firewall, restarting webmin and apache, and no way, the page I get on the browser (url is https://x.x.x.x:1888) is (Chrome in this case, but the timeout is consistent for all browsers.

 Error 118 (net::ERR_CONNECTION_TIMED_OUT)

 I've checked with a netstat, but the port is listening

 tcp        0      0 0.0.0.0:18888           0.0.0.0:*               LISTEN      32521/perl

udp        0      0 0.0.0.0:18888           0.0.0.0:*                           32521/perl

an iptables list gives this response
 
  <code>

 Chain INPUT (policy DROP)

target     prot opt source               destination

DROP       tcp  --  anywhere             loopback/8

ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED

ACCEPT     all  --  anywhere             anywhere

DROP       all  --  base-address.mcast.net/4  anywhere

PUB_IN     all  --  anywhere             anywhere

PUB_IN     all  --  anywhere             anywhere

PUB_IN     all  --  anywhere             anywhere

PUB_IN     all  --  anywhere             anywhere

DROP       all  --  anywhere             anywhere


Chain FORWARD (policy DROP)

target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED

DROP       all  --  anywhere             anywhere


Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

PUB_OUT    all  --  anywhere             anywhere

PUB_OUT    all  --  anywhere             anywhere

PUB_OUT    all  --  anywhere             anywhere

PUB_OUT    all  --  anywhere             anywhere


Chain INT_IN (0 references)

target     prot opt source               destination

ACCEPT     icmp --  anywhere             anywhere

DROP       all  --  anywhere             anywhere


Chain INT_OUT (0 references)

target     prot opt source               destination

ACCEPT     icmp --  anywhere             anywhere

ACCEPT     all  --  anywhere             anywhere


Chain PAROLE (15 references)

target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere


Chain PUB_IN (4 references)

target     prot opt source               destination

ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable

ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply

ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded

ACCEPT     icmp --  anywhere             anywhere            icmp echo-request

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp-data

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:domain

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:imap2

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:mysql

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:http-alt

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:tproxy

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:8000

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:18888

PAROLE     tcp  --  anywhere             anywhere            tcp dpt:webmin

ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain

ACCEPT     udp  --  anywhere             anywhere            udp dpt:mysql

DROP       icmp --  anywhere             anywhere

DROP       all  --  anywhere             anywhere

...

 </code>

 So, everything seems in order, what could it be stopping me from accessing webmin from alternative port? Please consider that default port works, and all other services work, since I've followed letter by letter you instructions...

 Did I forget anything? Where could I look?

 

From: at: 2011-12-17 14:30:14

Good tutorial, I just want to thank you for taking the time to write it.

From: Frank at: 2012-05-31 10:56:40

hi,
it is possible to coexist squirrelmail and roundcube?

thanks!

From: Frederik at: 2011-06-01 14:07:54

Hy!

 

There is a typo in 4. FAIL2BAN.

 nano /etc/fail2ban/jail.local -> nano /etc/fail2ban/jail.conf

 

 

 

my regards

From: at: 2011-06-26 17:16:23

This is not a typo.

The jain.local will not be overwritten in a future update.

From: Maurizio Marini at: 2011-08-07 15:30:40

file /var/lib/roundcube/config/main.inc.php line 60 is already:

$rcmail_config['auto_create_user'] = TRUE;

i think that your

auto_create_user = TRUE;

is relative to older versions ...

or should we change:

$rcmail_config['auto_create_user'] = TRUE;

with

auto_create_user = TRUE;

?

From: at: 2011-08-04 15:13:00

Hi,

I found that if I added 0.05 to the sleep command I would end up with errors in the fail2ban.log that I also found here http://oschgan.com/drupal/node/52 and when I changed it to 0.1 it worked perfectly.

Regards,

Steve

 

From: Anonymous at: 2012-01-13 02:01:27

I'm using BIND + Dovecot and extending with roundcube and following line

failregex = FAILED login for .*. from <host>
 in /etc/fail2ban/filter.d/roundcube.conf give me an error:
fail2ban.filter : ERROR  No 'host' group in 'FAILED login for .*. from <host>'
So i think it's only a typo, if i write <HOST> with uppercase, then all seems to be great.
 THX

From: michael at: 2012-04-02 09:16:59

Hi, first, thanks for the useful info!

 In step 8:

 

"If you want to install Drupal (or other cms) you will propably need uploadprogress and json. To accomplish their installation, do:

apt-get install php5-dev php-services-json
pecl install uploadprogress
touch /etc/php5/apache2/conf.d/uploadprogress.ini
nano /etc/php5/apache2/conf.d/uploadprogress.ini"

The sites gave 500-errors all around. I ran apt-get remove php5-dev and the sites came up again. Will that have an effect on the other things or is there a work-around for the 500-errors? 

From: Benoit Lallemand at: 2011-04-21 15:53:22

I think the parameter -p in command, here after, is wrong !

#!/bin/sh
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin
/usr/bin/php -p /root/scripts/mycron.php

From: Web Worlds at: 2011-05-05 08:56:45

I agree, also with me it was not working with the '-p' in the PHP command.

From: lenz at: 2011-06-07 09:49:06

there is a typo

wget http://mysqltuner.com/mysqltuner.pl

From: at: 2012-05-19 20:27:36

I really like this tutorial, so that is why i wish to improve it by posting this error that i have found with the email the cron job mycron.php sends.

I have gone through this tutorial twice, both starting from the perfect server here.

Both times i keep getting this error email from mycron.php.

HERE IS THE ERROR:

Email Subject:    Cron <root@node1> test -x /usr/sbin/tigercron && { [ -r "$DEFAULT" ] && . "$DEFAULT" ; nice -n$NICETIGER /usr/sbin/tigercron -q ; } (failed)

Email Message:  /usr/lib/tiger/config: line 360: /config: No such file or directory


How can i fix this error. I followed the tutorial to a 'T' so i dont think it was an error on my part.

From: at: 2012-09-05 11:07:11

Did you install tigercron?

(Please use the forums for questions)

From: at: 2011-04-22 15:56:50

unloadfw and loadfw are exactly the same... it is an error, please can be those lines corrected?

Thanks in advance, awesome tutorial ;)

From: Frederik at: 2011-06-01 14:25:40

No they are different.

The one script calls the flag -I to init a rule, the other one -D to delete a rule.

 

:)

From: Benoit Lallemand at: 2011-04-21 19:01:14

On the top of this pages : 

mkdir /root/scripts
touch /root/scripts/loadfw
touch /root/scripts/unloadfw
touch /root/scripts/IPs

touch /root/scripts/fwrules  --> fwrules with "s"

touch /root/scripts/reloadfail2ban
cd /root/scripts
nano loadfw

 and in the script, here after, you read "fwrule" without "s"

# Simple iptables IP/subnet unload script
# ---------------------------------------------------------


cd /root/scripts/

IPT=/sbin/iptables
DROPMSG="fwBLOCKED "
BADIPS=$(egrep -v -E "^#|^$" /root/scripts/IPs)

while read fwrule
do
$IPT -D INPUT $fwrule

done < /root/scripts/fwrules

From: at: 2011-06-26 17:32:08

fwrule is the variable.

At the end of the while is the file (/root/scripts/fwrules):

 while read fwrule
do
  $IPT -D INPUT $fwrule

done < /root/scripts/fwrules

 

From: Frederik at: 2011-06-01 14:59:17

Hy, I applyed this tutorial to my Debian 6 Server.

 When i execute /root/scripts/reloadfail2ban my console tells me:

 

  • root@lvpsXXXXXXXXX:~/scripts# /root/scripts/reloadfail2ban
  • Restarting authentication failure monitor: fail2ban.
  • iptables: Bad rule (does a matching rule exist in that chain?).
  • iptables: No chain/target/match by that name.
  • iptables: Bad rule (does a matching rule exist in that chain?).
  • [...] some more stuff
  • iptables: No chain/target/match by that name.
  • iptables: Bad rule (does a matching rule exist in that chain?).
  • iptables: No chain/target/match by that name.
  • iptables: No chain/target/match by that name.
  • iptables: No chain/target/match by that name.
  • [...] some more stuff
  • iptables: No chain/target/match by that name.
  • iptables: No chain/target/match by that name.
  • iptables: No chain/target/match by that name.
  • iptables: No chain/target/match by that name.
  • iptables: No chain/target/match by that name.

 

 

 Is this okay or is this an error?

 

 

my regards.

From: at: 2011-06-26 17:39:53

It's OK.

You probably changed the rules before you unload the previous rules.

So the script tries to unload the new rules, but the old ones are still loaded.

Please first unload everything, after this make your changes and finally reload the rules.

The above include the part of IP addresses

To be sure that everything is ok:

Do a full restart. Unload the rules, Make the changes. Reload the rules.

Keep in mind that this is not a fully featured firewall. It's just a script with basic rules.

From: at: 2011-12-12 20:44:31

hey i get this email from cron:

 /usr/lib/tiger/config: line 360: /config: No such file or directory

 how can i fix this?

 

From: at: 2013-03-30 22:29:51

Copy the default config from


/usr/lib/tiger/systems/default/config

or

/usr/lib/tiger/systems/Linux/2/config

to

/usr/lib/tiger/

From: Stefkom at: 2013-08-25 11:11:24

very simple :)

1. sudo ln -s /usr/lib/tiger/systems/Linux/2 /usr/lib/tiger/systems/Linux/3

or

2. sudo cp -a /usr/lib/tiger/systems/Linux/2 /usr/lib/tiger/systems/Linux/3

From: at: 2011-12-12 20:51:04

just wanted to add the subject line for the cron email:

 test -x /usr/sbin/tigercron && { [ -r "$DEFAULT" ] && . "$DEFAULT" ; nice -n$NICETIGER /usr/sbin/tigercron -q ; } (failed)

From: at: 2011-04-14 13:07:54

I followed the client backup tutorial, however I'm getting a error after running it as root.

The backups seems to run fine but i receive te following error and this keeps repeating in the console:

 /bin/tar: ./tmp/sess_5jrh2r2d5m8lhtaq7sf04mo3n7: Cannot open: Permission denied


From: at: 2011-05-05 05:17:55

After downloading the file, you must:

chmod +x /usr/share/roundcube/plugins/fail2ban.php
touch /var/log/roundcube/userlogins
chown www-data:www.data /var/log/roundcube/userlogins

 

I don't know if chmod +x is necesary for fail2ban.php (i was traying to make it work, I am too tired to test it lol xD) but, you MUST chown userlogins, if not, apache2 (or roundcube through apache2) will not be able to write inside the file (access denied).

 Regards

 

PD: Perfect howto xD

From: at: 2011-06-26 18:04:25

You just need the following command:

 chown www-data:www-data /var/log/roundcube/userlogins

I updated the tutorial. Thx

From: webmaster eddie at: 2011-12-17 06:50:16

I tried following your instructions - just to harden the server using ipTables and the ddos - and the backup scripts - and I could no longer ftp - i only have a dynamic ip wifi public connection to the net and it was blocking me disconnecting me from ftping files after 1 second it seems... so I reversed every single thing I did following your instructions, and now cannot ftp with any program at all - I can connect but not a single file is allowed to be transferred - i get a permission denied 553 error. Can you help me ? I have checked everything - the ports in IPSCongif 3 panel are fine, etc.

 

Also I never got the backup scripts to work at all - so I removed them. I do thank you for the 2 mysql tuning scripts which work and seem to help

From: at: 2012-01-21 01:19:17

At backup script mysqldump '--all' option is deprecated and restor from backup won't work ! Use '--create-options' instead.

From: Jonas Lateur at: 2012-04-23 14:51:53

when i run /root/scripts/mybackup.sh, i get follow error


       Site: server.ttb-ltd.eu
-------------------------------------------------------------
Backing Up site:  /var/www/clients/client1/web1/ in : /var/www/clients/client1/web1/server.ttb-ltd.euBU.tar.gz
tar (child): /var/www/clients/client1/web1/server.ttb-ltd.euBU.tar.gz: Cannot open: Permission denied
tar (child): Error is not recoverable: exiting now
/bin/tar: /var/www/clients/client1/web1/server.ttb-ltd.euBU.tar.gz: Cannot write: Broken pipe
/bin/tar: Error is not recoverable: exiting now
cp: cannot stat `/var/www/clients/client1/web1/server.ttb-ltd.euBU.tar.gz': No such file or directory
/bin/chown: cannot access `/var/www/clients/client1/web1/server.ttb-ltd.euBU.tar.gz': No such file or directory
/bin/chmod: cannot access `/var/www/clients/client1/web1/server.ttb-ltd.euBU.tar.gz': No such file or directory
-------------------------------------------------------------

From: at: 2013-04-07 14:35:47

Hi,

at first: thnx. for this wonderfull tutorial!!!

The only problem I've got at this point is that when I execute the mybackup.sh file I get this error:

ERROR 1054 (42S22) at line 1: Unknown column 'web_database.database_user' in 'field list'

I looked into the database and there really is missing the database_user field... Is this a never version of ispConfig3 I'm using? Can you adapt the script to the newer version?

Thnx. again for your good work.

Best regards, Ingmar