Archive › SSH Hosting

Find out Files modified within the Last x Days in Linux

Just use this simple command to recursively find out what files in the current directory has been modified within the last 6 days:

find . -type f -mtime -6

 

To find modified files in the current directory but to not look in certain sub-directories such as Maildir or logs:

find . -type f -mtime -6 | grep -v "/Maildir/" | grep -v "/logs/"

 

This would come very handy in:

  1. Finding files that have been hacked or maliciously uploaded.
  2. Finding files that are modified or updated by you in the last few days for backup or recovery or simply synchronization.

More tips can be found in this article as well.

Comments Off on Find out Files modified within the Last x Days in Linux

Get Server CPU Usage of A Specific User

Suppose your user name is jimgreen and you can run the following command to get a very specific CPU usage of it in real time:

top -b -n 1 -u jimgreen | awk 'NR>7 { sum += $9; } END { print sum; }'

You can even further capture the usage metric in PHP and do conditional actions:
$usage = shell_exec("top -b -n 1 -u jimgreen | awk 'NR>7 { sum += $9; } END { print sum; }'");
Now $usage contains the CPU usage of the user jimgreen.

Comments Off on Get Server CPU Usage of A Specific User

How to count the number of files in a tar archive?

So you have a tar archive file and you want to know the number of files in it without expanding it. You know the text counter program ‘wc’? You can count the number of lines from the input by:

wc -l file.txt

You know how to list the content (files and directories) of a tar archive?

tar --list example.tar

Now you just combine these two to count the number of lines of the files list of the tar archive:

tar --list example.tar | wc -l

So that you have the number of files in the tar file example.tar. The pipe means relaying the output of the previous command to the next command as input.

Comments Off on How to count the number of files in a tar archive?

How to find out the Linux distro release and the version number of your server?

To check the version date of your OS (Linux distros):

uname -v

To find out the release:

uname -r

To display and show the complete kernel signature of your hosting server:

uname -a

Something like this will output similar information concerning your Linux kernel:

cat /proc/version

If you haven’t had the uname utility installed, you can get the kernel release version by:

cat /proc/sys/kernel/osrelease

You may also be interested in some other useful things to see within /proc.

Comments ( 1 )

How to find out the number of users on your hosting server?

How many user accounts are there on your hosting server? You can look up the number of server user accounts by the following command via SSH:

wc -l /etc/passwd

And it may output something like this:

76 /etc/passwd

Which means there are a total of 76 active users in the system. However, the actual number of human users of the server should be lower than the amount because there are system users created to carry out certain tasks.

Multiply the amount by 5 and you may get a rough number of websites hosted on your server.

Comments ( 2 )

Create a local static mirror of your WordPress blog by SSH command wget

wget command should be available in most hosting companies who offer SSH access to your hosting account. It is usually used to download stuff from the remote server, for example, to download something:

wget http://www.google.com/money.zip

However, there’s yet another hidden trick of wget that could enable you to make a mirror backup of any website – well, not actually any website but wget feels more comfortable with certain sites. WordPress blogs are perfect candidates for wget to mirror. Mirroring a WordPress blog can be done by a very simple switch of the wget command through SSH:

wget -mk http://www.example.com

All the documents relationships and HTML links will be taken care of so that local browsing of the mirrored copy will be completely no problem.

Comments Off on Create a local static mirror of your WordPress blog by SSH command wget

Change and Increase the Max PHP File Uploading Limit

The default php configuration comes with a hard cap of 2MB on the size of uploaded file determined by the php.ini directive upload_max_filesize in conjunction with post_max_size. The maximum uploading size of a file is the lower. Therefore, to increase the uploading cap and raise uploading limit, you will need to edit those 2 directives in php.ini.

The location of php.ini varies distribution by distribution, in this example, with Ubuntu 9.04 Jaunty, php.ini is located at /etc/php5/apache2/php.ini, so

sudo vi /etc/php5/apache2/php.ini

Press / to find upload_max_filesize and change it to, say 8M:

upload_max_filesize = 8M

Press ESC, :, wq and Enter. Now the php.ini is saved with the new uploading file limit. Reload apache2 to read the new configurations:

sudo /etc/init.d/apache2 reload

Now you should be able to upload any file up to 8MB in size, in case you need larger uploading limit, in addition to change upload_max_filesize to, say, 16M, you must also edit post_max_size to more than or equaling to 16M because file uploads are processed through HTTP POST method.

Comments Off on Change and Increase the Max PHP File Uploading Limit

Installing FTP (vsFTPd) Service on Ubuntu Server

FTP is an indispensable feature of servers that host and serve websites as it enables us to easily upload stuff to the remote server. On a Ubuntu server, with a little help of aptitude command (the package management program descended from Debian), you can install the most simple yet most common FTP daemon program for your server: vsFTPd.

apt-get install vsftpd

It is started automatically after successful installation. Stop it:

/etc/init.d/vsftpd stop

So that you can customize the configuration file:

vi /etc/vsftpd.conf

And make it look like:

pasv_enable=YES
pasv_max_port=8010
pasv_min_port=8001

anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022

idle_session_timeout=3600

chroot_local_user=YES

pam_service_name=ftp

Restart the FTP service:

/etc/init.d/vsftpd start

Now you can try connecting to the FTP and transferring some stuff.

Comments ( 1 )

vi code highlighting: change the default comments color from dark blue to light blue

The default colors for comments (texts in /* */ or following // or #, …) in vi code highlighting are a little too dark. Ever wanted to make it more recognizable in SSH console?

Find and edit /etc/vim/vimrc with vi:

vi /etc/vim/vimrc

And add in this line:

colorscheme desert

Wherein desert is one of the available color schemes vim comes with. Now we will need to edit the actual color scheme file and change the highlighting colors:

/usr/share/vim/vimcurrent/colors/desert.vim

Change:

hi Comment ctermfg=darkcyan

To:

hi Comment ctermfg=blue

Save the change and exit. Run:

source /etc/vim/vimrc

And the changes will now take effect.

The default directory color of ls –color is also too dark, you can learn how to change the default directory color of ls –color.

Comments ( 3 )

Use Shell Environment Variable LS_COLORS to Change Directory Listing Colors of ls –color

After you have enabled the color switch of ls command in shell console, it’s nice but some may complain that the deep blue color of the directories are too dark to recognize sometimes. Let’s change that.

Just open up the .profile or .bash_profile file under your home directory and put this line in it:

export LS_COLORS='di=01;34'

Done! Now the color of the ls directory listings is much lighter and easier to recognize. There’s also a tip of how to change the default dark color for comments in vi text editor.

Comments ( 4 )

Colorful ls, SSH Console and Command Prompt

Add the following snippet in the .profile or .bash_profile under your home directory:

export PS1='[\[\e[1;31m\]\u\[\e[0m\] - \[\e[32m\]\w\[\e[0m\]]$ '
export LS_COLORS='di=01;34'
alias ls='ls --color -l'

If you are ‘supergirl’, your Linux home directory would be located at: /home/supergirl, and the file you should add the above lines to is: /home/supergirl/.profile or /home/supergirl/.bash_profile.

What is LS_COLORS doing here?

Comments ( 2 )

Linux SSH commands to show and monitor server resources and real-time performance: memory, swap, disk usage, CPU usage and I/O …

Below are a few general commands found in most popular Linux distros which you can use via SSH to check the status of your hosting server.

To show used and available RAM memory and swap space usage:

free -m

To show current disk storage usage by mounted device:

df

To show disk usage statistics of the current directory by directories and files:

du

To show the hard disk space a directory or a file takes up:

du filename

To show the length of time this server has been up and the server loads in the past 1 minute, 5 minutes and 15 minutes:

uptime

To display a real-time updated server resource usage including: server uptime, user logged on, load average, current tasks, CPU usage, memory usage and swap usage:

top

To display a list of real-time active or sleeping processes your server is up to:

ps

To show some information about the current status of virtual memory, CPU usage, I/O usage:

vmstat

This is also a good tool to find out system performance bottlenecks.

To display currently logged on users on the system:

w

Or

who

To print a full screen text graph of the server load refreshed every few seconds:

tload

If you are on shared hosting, chances are your server usage has been imposed some hard limits such as the largest amount of files / directories possible and the hard storage limit. View them by:

quota

Comments ( 1 )

Typical iptables Firewall Rules for a Server that Hosts Websites

iptables is a rather handy tool to protect your server from unwanted and potentially malicious connection attempts. To list the current rules, run in SSH:

iptables -L

A typical set of firewall rules set by iptables on a simple server, be it VPS or dedicated, for hosting and serving websites should be like this:

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m multiport --dports 8001,8002,8003,8004,8005,8006,8007,8008,8009,8010 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -j REJECT
iptables -A FORWARD -j REJECT

Which enables

  1. ports 80 and 443 for web pages serving via HTTP and HTTPS
  2. port 21 and a series of tcp ports for FTP (passive mode) so that you can upload stuff to the server with your favorite FTP client
  3. port 22 for SSH access which can be modified for more security. If you have altered the default SSH connection port 22 to a random one, make sure you also change the port in the iptables rules set accordingly or the server will reject you.
  4. port 3306 for MySQL database server. Note that you may or may not need to open port 3306 for MySQL. For example, if you use ‘localhost’ as database server, there’d be no need most of the time.

And disables everything else.

These commands will only be in effect for the current session, once the server is restarted, all rules will be lost. In order to save these rules and make the server automatically load and apply them every time you reboot, write them into a file to be loaded upon every system start. Run:

iptables-save > /etc/iptables.up.rules

Command iptables-save saves the rule set to the file /etc/iptables.up.rules from the memory. Now configure the server to read and apply the rule set file /etc/iptables.up.rules every time it starts:

nano /etc/network/interfaces

And add a line immediately below ‘iface lo inet loopback’:

pre-up iptables-restore < /etc/iptables.up.rules

Now you are set. Reboot the server and see if all takes effect.

Comments ( 1 )

Customize or change the default SSH port 22 to a random custom one of your choice

By default, all newly set up servers listen and accept SSH login on port 22 which is known universally. To make it a little harder for hackers to break into your user account, one of the first steps you want to take is to change the default SSH port to a different on that’s randomly chosen by you.

To do this, simply modify the sshd configuration file by:

nano /etc/sshd/sshd_config

For novice SSH users, nano is more intuitive than vi. After loading the file in the editor, find and change this line:

Port 22

To

Port 8433

Ctrl + o and ctrl + x should save the change and get you out of the editor.

The port number can be anything between 1024 and 65535, inclusive. You can make it instantly in effect by reloading the new configurations:

/etc/init.d/ssh reload

Now the server will only accept SSH accesses on the port 8433. After modifying this, make sure you also change the remote port setting in your local SSH client or it will be rejected by the hosting server.

Comments ( 2 )

How to Change Login Password of Linux SSH User Account?

If you are root, you can change anyone’s password by:

passwd someuser

Wherein someuser is the user name of the account. It will prompt you to enter the new password twice.

If you are yourself and logged in with your own SSH account, you can also change your own password by simply:

passwd

It will also ask you to type your new password twice. Now you can log into your SSH with the new password.

Comments ( 1 )