Setup LAMP on centos 7

Here are steps provided to install LAMP on centos 7.

Check version of OS using command

cat /etc/redhat-release

Command to install all packages required for Apache, mysql and php

yum install httpd php php-mysql mariadb-server -y

Let’s enable and start all services using commands

systemctl enable httpd mariadb

Now start httpd and mariadb services.

systemctl start httpd mariadb

Try to access your server IP in browser and you will find apache accessible.

To check php version execute following command

echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php

Try to access this page using url

http://IP-of-machine/phpinfo.php

Let’s configure mysql service.

To configure MariaDB, run ‘mysql_secure_installation’

[root@midnight~]# mysql_secure_installation
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password: NewPasswordHere
Re-enter new password: NewPasswordHere
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

 

Now your server is ready to host website supporting php and mysql database.

Restore a Deleted File in Linux

We will learn how to restore delete file in linux

Foremost is not available in any of the CentOS/RHEL repositories, so we’ll need to install it using RPM.

For centos 7 use following command

yum install https://forensics.cert.org/centos/cert/7/x86_64//foremost-1.5.7-13.1.el7.x86_64.rpm -y

For Centos 6 use following command

yum install https://forensics.cert.org/centos/cert/6/x86_64//foremost-1.5.7-13.1.el6.x86_64.rpm -y

Once formost installed let’s try to delete one file and recover it.

Get details of file midnight.jpg which we will delete and recover

file midnight.jpg
md5sum midnight.jpg

Now delete file

rm -f midnight.jpg

Restore a Deleted File

mkdir /root/recover
foremost -i /dev/sda1 -t jpg -o /root/recover/

Here -i used to specify disk and -t used to define type of file which we want to restore.
This command will find any .jpg files in /dev/sda1 and restore them into the /root/restored/ directory, as long as the space they are using on disk has not yet been overwritten by anything else.
Now go to /root/restored/jpg folder and execute md5sum 17602156.jpg and you will find md5 hash of this file is exactly same as that of midnight.jpg.

Open port using Firewalld

How to open port using firewalld command

To open specific port say 101 use following command

firewall-cmd --permanent --add-port=101/tcp

Then execute following command to reload firewalld service.

firewall-cmd reload

To remove opened port –remove-port as given below

firewall-cmd --permanent --remove-port==101/tcp
firewall-cmd --reload

Command to list ports opened in firewalld.

firewall-cmd --list-ports

How to open port range say 300-400 in firewalld

firewall-cmd --permanent --add-port=300-400/tcp
firewall-cmd --reload

Following command will list services whose ports are open

firewall-cmd --list-services

To open port of specific service command would be

firewall-cmd --permanent --add-service=http

To remove port of specific service command would be

firewall-cmd --permanent --remove-service=http

Firewalld on centos 7

We will learn few basic commands about Firewalld command on Centos version 7+

Command to check firewalld service status.

systemctl status firewalld

Command to disable firewalld service.

systemctl disable firewalld

Command to enable firewalld service.

systemctl enable firewalld

Command to start/stop firewalld service.

systemctl start firewalld
systemctl stop firewalld

To list firewall rules

iptables -L

Eagle eye on CPU usage

How to monitor CPU usage and server load.

In shared hosting or cloud hosting monitoring CPU usage and high load is essential part.

What is server load and when it shall considered as overloaded ?

Server could get overload because of excessive usage of CPU / Disk and RAM. We will learn how to monitor and know there is high CPU usage on server. Generally server load upto 1 for a single CPU server indicates very stable server. Server load upto 5 means it is bit overload but still nothing to worry but above 5 there is something wrong and user need to watch server load closely.

Commands to check server load.

1: w

2:uptime

3: top -d2

If user have server with multiple CPUs then normal server load range would vary for him accordingly. Like for server with 4 CPUs very stable server load is 4 and upto 16 server bit overloaded and above 16 user need to take care of CPU usage. Another important factor should be considered while monitoring server load is CPU %idle.

 

Administrator shall check CPU %idle if it is more than 30% then it can sit and allow to run processes/applications on server without worrying about server load. If it is less than 30% then services/application running on server will become less responsive and that time he need find and fix processes causing high CPU usage.

How to check %idle CPU ?

use command sar -u 1 1 this will show you present status of idle CPU in following example it is 85% which means server is stable and all applications running on server and responding quickly.

To check historical CPU idle% use command sar -u . Below is script which you can add in cronjob to monitor idle CPU usage. This script will monitor average “idle CPU” for 3 mins. If it get less than 30% then it will send an email to you. I recommend to set cron job every after 10 mins.

——————-

sar -u 10 3 | grep Average | awk '{print $NF}' > idlecpu
idlecpu=`cat idlecpu | cut -d. -f1`
echo $idlecpu
critical=30
if test $idlecpu -lt $critical
then
echo "CPU usage is high"
echo "Idle CPU is $idlecpu, this is critical. Timestamp `date` " | mail -s "Idle CPU % is less than 30" admin@midnight-cafe.com
else
if test $idlecpu -gt $critical
then
echo "CPU usage is okay"
else
echo "CPU usage is high"
echo "Idle CPU is $idlecpu, this is critical. Timestamp `date` " | mail -s "Idle CPU % is less than 30" admin@midnight-cafe.com
fi
fi
rm -f /home/idlecpu

——————-

rsync to copy difference

Rsync to copy difference of source and destination.

We use rsync command to copy files from source to destination. Rsync command sync modified/update files and newly created files on destination server.

But user need copy modified files and newly created files on source as compared to destination to be copied in separate folder.

I created 3 folders in /home as r1 r2 and r3. Then I touched 5 files named as 1 2 3 4 5 in r1 and r2 and r3 are empty.

Here source=/home/r1 destination=/home/r2 and difference=/home/r3

Output of ls -l for r1 r2 and r3 as given below:

[root@midnight home]# ls -l r1
total 0
-rw-r–r– 1 root root 0 Sep 17 01:30 1
-rw-r–r– 1 root root 0 Sep 17 01:30 2
-rw-r–r– 1 root root 0 Sep 17 01:30 3
-rw-r–r– 1 root root 0 Sep 17 01:30 4
-rw-r–r– 1 root root 0 Sep 17 01:30 5

[root@midnight home]# ls -l r2
total 0

[root@midnight home]# ls -l r3
total 0

Now. I will copy r1 to r2 and paste output.

rsync -va /home/r1/ /home/r2/

[root@midnight home]# rsync -va /home/r1/ /home/r2/
sending incremental file list
./
1
2
3
4
5

sent 306 bytes received 114 bytes 840.00 bytes/sec
total size is 0 speedup is 0.00

List all files from r2.

[root@midnight home]# ls -lt r2
total 0
-rw-r–r– 1 root root 0 Sep 17 01:30 1
-rw-r–r– 1 root root 0 Sep 17 01:30 2
-rw-r–r– 1 root root 0 Sep 17 01:30 3
-rw-r–r– 1 root root 0 Sep 17 01:30 4
-rw-r–r– 1 root root 0 Sep 17 01:30 5

 

Now let’s modify /home/r1/1 file and create two files as 6 and 7. And we need rsync to copy this modified file named as 1 and newly created file 6 & 7 to /home/r3 folder.

[root@midnight home]# rsync -aHxv –progress –compare-dest=/home/r2/ /home/r1/ /home/r3/
sending incremental file list
./
1
5 100% 0.00kB/s 0:00:00 (xfr#1, to-chk=6/8)
6
0 100% 0.00kB/s 0:00:00 (xfr#2, to-chk=1/8)
7
0 100% 0.00kB/s 0:00:00 (xfr#3, to-chk=0/8)

sent 285 bytes received 81 bytes 732.00 bytes/sec
total size is 5 speedup is 0.01

Above command copied  modified and newly created files to folder r3

[root@midnight home]# ls -l /home/r3
total 4
-rw-r–r– 1 root root 5 Sep 17 01:36 1
-rw-r–r– 1 root root 0 Sep 17 01:36 6
-rw-r–r– 1 root root 0 Sep 17 01:36 7

How to Use the Traceroute Command

How to run traceroute/tracert for domain or IP.

Sometimes end user is not able to access specific site or IP,  Even end user IP is not blocked on server. In such case user need to take traceroute to IP or domain and provide it to ISP.

ISP would check if there any issue at any specific hop. Output of traceroute is also useful when site loading speed is slow for specific user/ISP.

Below are steps to get traceroute IP or website for linux.

Open command prompt/ hash prompt and execute command

Using traceroute for domain

traceroute midnight-cafe.com

Using traceroute for IP

traceroute 103.228.112.92

Below are steps to get traceroute IP or website for Windows.

Using traceroute for domain and IP

start > run > cmd

tracert midnight-cafe.com

tracert 103.228.112.92

run cronjob on random time

 

Cronjob to run on random time.

Some users need cronjob to be run every after X hours and random min ie. X hours and (1 to 60 mins).

Let say you need to run cronjob every after 4 hrs and 1-100 mins. Then it would be like given below:

* */4 * * * sleep $[ ( $RANDOM % 100 ) + 1 ]m; /path/to/script or command

 

command to delete empty folders on linux

Sometime we need to find remove only those folders which are empty. (Doesn’t contains any file or folder) .  rmdir is command which will delete folder only if it is empty.

find . -type d -exec rmdir {} \;
This command will find all files with type d (type d means all files those are directories) in present folder. Then execute rmdir for all directories but since rmdir will remove only empty folder and for other it will throw error.