To see login history on a Linux system, you can use the “last” command.
last
On the screenshot above, it shows “admin.serverok.i” for some of the logins. This is because DNS resolve is enabled in SSH configuration, so IP get converted to hostname and it get truncated. To see the full hostname, run
last -a
If you don’t want IP converted to hostname, run
last -ai
To list only the last 10 logins, run
last -n 10
To see full date/time, use
last -F
Login history is stored in the file
/var/log/wtmp
This file can grow and get rotated over time. If the file gets rotated, when you use the “last” command, it won’t report login history from older files.
root@server12:/var/log# ls -l | grep wtmp
-rw-rw-r-- 1 root utmp 935K Aug 7 04:31 wtmp
-rw-rw-r-- 1 root utmp 1.1M Jun 3 2017 wtmp-20170603
root@server12:/var/log#
To see login history from an older file, you need to specify the location of the file using -f argument.
last -f /var/log/wtmp-20170603
You can also use the command
utmpdump /var/log/wtmp-20170603
To view the last 10 logins with full hostname from the old login file wtmp-20170603, use
last -n 10 -a -f /var/log/wtmp-20170603
The file name may differ in your server, check the /var/log folder for actual file names.
–opt combines many options. It is same as adding –add-drop-table, –add-locks, –create-options, –disable-keys, –extended-insert, –lock-tables, –quick, and –set-charset.
–extended-insert option will group together all INSERT operations for a table. This makes the backup file smaller and makes restoration faster. I restored a mysqldump bakcup, it take me 2 hours to restore. Same database backup with –extended-insert option take only 10 minutes to restore. If you want a separate INSERT for each row, then use
This script can be used to notify you when a file changed in your website. This is useful when you want to know when a file changed or your site is hacked and you to monitor your site for file changes so you know when hacker upload or modify a file.
First you need to add your web site to GIT.
This can be with
cd /var/www/html
git init
git add .
git commit -a -m "inital commit"
Replace /var/www/html with actual DocumentRoot for your web site.
Every time you modify or add a file, you need to commit it to git you will get alerted. You can commit a new file to git with command
git add FILE_NAME
git commit -a
Create a file
mkdir /usr/serverok/
vi /usr/serverok/check-files.php
Add following content
In the script, replace /var/www/html with actual document root of your web site. Change email and site name with your email and domain name.
Cronjob will run every 1 hour and email you if any file change is detected. You can modify cronjob if you want to monitor more frequently, every 1 hour will be fine for most uses.
If you have a folder or file that you need to ignore, you can create a file with name ".gitignore" and add path to file/folder in it, git will ignore files/folders listed in it.
When copying a large site form a shared server using rsync, the rsync process on get killed, this may be done by some program on shared host or server admin manually killing the process.
Here is a bash script that will check if rsync exited normally or not, then retry the trasfter is rsync failure detected.
#!/bin/bash
while [ 1 ]
do
rsync -avzP u89587395@home686010467.1and1-data.host:/kunden/homepages/18/d686010467/htdocs/jobformazione/ /home/jobformazione/
if [ "$?" = "0" ] ; then
echo "rsync completed normally"
exit
else
echo "Rsync failed. Retrying..."
sleep 180
fi
done
Save the file as 1.sh, then run it with
bash ./1.sh
You need to add servers SSH key in remote server so rsync work with out password.
check process meguca with pidfile /meguca/.pid
start program = "/bin/su -c 'cd /meguca; ./meguca start' meguca"
stop program = "/bin/su -c 'cd /meguca; ./meguca stop' meguca"
if failed port 8000 protocol HTTP
request /api/health-check
with timeout 10 seconds
then restart