Category: Uncategorized

  • traceroute

    traceroute

    Traceroute is a network diagnostic tool that provides insights into how data packets travel across a network. Whether you’re troubleshooting network issues or exploring the internet’s infrastructure, traceroute can help you map the journey of data packets from source to destination.

    Traceroute is a command-line utility that traces the path data packets take across a network. It identifies each intermediate device (or “hop”) between your computer and the destination server, providing information about latency and routing.

    On Ubuntu/Debian, you can install traceroute with the command:

    apt install traceroute -y

    Usage:

    traceroute IP or HostName

    example

    root@vps-535faf74:~# traceroute serverok.in
traceroute to serverok.in (172.67.133.148), 30 hops max, 60 byte packets
 1  _gateway (15.204.204.1)  0.091 ms  0.080 ms  0.035 ms
 2  192.168.250.254 (192.168.250.254)  0.073 ms  0.045 ms  0.034 ms
 3  10.142.1.126 (10.142.1.126)  0.198 ms  0.212 ms  0.223 ms
 4  10.142.0.40 (10.142.0.40)  0.266 ms 10.142.0.42 (10.142.0.42)  0.248 ms 10.142.0.40 (10.142.0.40)  0.129 ms
 5  10.142.0.6 (10.142.0.6)  0.240 ms 10.142.0.8 (10.142.0.8)  0.297 ms 10.142.0.10 (10.142.0.10)  0.332 ms
 6  10.244.64.238 (10.244.64.238)  0.175 ms 10.244.64.240 (10.244.64.240)  0.195 ms 10.244.64.254 (10.244.64.254)  0.261 ms
 7  * 10.244.120.2 (10.244.120.2)  2.354 ms *
 8  was-cva1-sbb1-nc5.va.us (178.32.135.210)  1.721 ms was-nva1-sbb1-nc5.va.us (178.32.135.154)  1.705 ms was-cva1-sbb1-nc5.va.us (178.32.135.210)  1.532 ms
 9  10.200.2.195 (10.200.2.195)  1.479 ms  1.425 ms  1.421 ms
10  * * *
11  173.245.63.99 (173.245.63.99)  2.452 ms 173.245.63.119 (173.245.63.119)  2.617 ms 173.245.63.85 (173.245.63.85)  2.585 ms
12  172.67.133.148 (172.67.133.148)  1.738 ms  2.036 ms  1.867 ms
root@vps-535faf74:~#

    If you need to traceroute to specific port, you can use -p option

    traceroute -T -p 587 smtp.google.com

    -T specifies tcp option, some traceroute implementation do not support it.

    tcptraceroute is another useful command

    apt install tcptraceroute

    To traceroute to a port, use

    tcptraceroute smtp.google.com 25
  • Unable to connect to the MTA on fresh Carbonio install

    Unable to connect to the MTA on fresh Carbonio install

    On a fresh carbonio install, when trying to send email from webmail, it fails.

    On checking the log file /opt/zextras/log/mailbox.log

    tail -f /opt/zextras/log/mailbox.log

    found following error message

    com.zimbra.cs.mailbox.MailServiceException: try again: Unable to connect to the MTA

    The error was because carbonio use invalid port for smtp:

    zextras@mail:~$ zmprov gcf zimbraSmtpPort
zimbraSmtpPort: 20025
zextras@mail:~$

    To fix it, set SMTP port to 25 with the command:

    zmprov mcf  zimbraSmtpPort 25

    After running the command, you can verify SMTP port is changed with the command:

    zextras@mail:~$ zmprov gcf zimbraSmtpPort
zimbraSmtpPort: 25
zextras@mail:~$

    Some useful symlinks

    ln -s /opt/zextras/common/sbin/mailq /usr/local/bin/mailq
ln -s /opt/zextras/common/sbin/postqueue /usr/local/bin/postqueue
ln -s /opt/zextras/common/sbin/postcat /usr/local/bin/postcat
ln -s /opt/zextras/common/sbin/postsuper /usr/local/bin/postsuper

    ufw firewall

    ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow 25/tcp
ufw allow 465/tcp
ufw allow 587/tcp
ufw allow 110/tcp
ufw allow 995/tcp
ufw allow 143/tcp
ufw allow 993/tcp
ufw allow 6071/tcp
ufw enable
  • Backup MySQL Database with PHP Script

    Backup MySQL Database with PHP Script

    When you need to backup a MySQL database and no phpMyAdmin or SSH available, you can use a PHP script with exec function.

    <?php

exec("mysqldump --opt -u DB_USER -p'DB_PASSWORD' DB_NAME --result-file=DB_NAME.sql 2>&1", $result, $rval);

if ($rval === 0) {
    echo "Backup successful!";
} else {
    echo "Backup failed! Verify Database credentials.";
    echo "<pre style='color:red'>";
    foreach ($result as $line) {
        echo $line . "\n";
    }
}

    In the above code, replace DB_USER, DB_PASSWORD and DB_NAME with actual database user, password and database name.

    You can execute this program by going to your website and accessing the PHP file.

    Backup will be saved in current directory with .sql extension.

    Back to MySQL Backup

  • Upgrade MariaDB 10.3 to 10.5 on Ubuntu 20.04

    Upgrade MariaDB 10.3 to 10.5 on Ubuntu 20.04

    Before upgrading, take a backup all databases.

    mysqldump  --routines --triggers --all-databases | gzip -9 > "$(date +%F-%H%m%S)"-mysql-backup.sql.gz

    run these commands

    sudo apt-get install apt-transport-https curl
sudo mkdir -p /etc/apt/keyrings
sudo curl -o /etc/apt/keyrings/mariadb-keyring.pgp 'https://mariadb.org/mariadb_release_signing_key.pgp'

    Create file

    vi /etc/apt/sources.list.d/mariadb.sources

    and add the following content. If you need repo config for another version of MariaDB or download server from another country, you can do so at

    https://mariadb.org/download/?t=repo-config&d=20.04+%22focal%22&v=10.5&r_m=rackspace

    # MariaDB 10.5 repository list - created 2024-10-10 04:35 UTC
# https://mariadb.org/download/
X-Repolib-Name: MariaDB
Types: deb
# deb.mariadb.org is a dynamic mirror if your preferred mirror goes offline. See https://mariadb.org/mirrorbits/ for details.
# URIs: https://deb.mariadb.org/10.5/ubuntu
URIs: https://mirror.rackspace.com/mariadb/repo/10.5/ubuntu
Suites: focal
Components: main main/debug
Signed-By: /etc/apt/keyrings/mariadb-keyring.pgp

    To update MariaDB to version 10.5, run

    sudo apt-get update
sudo apt-get install mariadb-server

    Back to MySQL

  • How to extract wpress file

    How to extract wpress file

    The .wpress file format is generated by the “All-in-One WP Migration” plugin, which is widely used for migrating WordPress sites.

    If you cannot restore a “wpress” file for any reason, you can manually extract the file and restore it manually.

    To extract, we will use wpress-extract package available at

    https://github.com/ofhouse/wpress-extract

    To use it, you need node.js installed on your computer.

    To extract a .wpress file, run

    npx wpress-extract your-site.wpress

    Once extracted, you will get the content of the “wp-content” directory and MySQL backup file. To manually restore, do a fresh WordPress installation, and replace “wp-content” folder with the extracted files.

    Before restoring the database, you need to correct the table prefix. Open the database backup SQL file in a text editor and replace the table prefix with the string you need.

    Delete existing database tables, restore the new SQL file, and update wp-config.php as needed, you may need to update the table prefix in wp-config.php

    Back to WordPress

  • How to change pure-ftpd port

    How to change pure-ftpd port

    pure-ftpd by default listens on port 21. We will change the FTP port from 21 to some other port. This instruction work for RHEL, CentOS, AlmaLinux, Oracle Linux, and RockeyLinux.

    To change FTP port to some other port, edit file

    vi /etc/pure-ftpd/pure-ftpd.conf

    Find

    # Bind                         127.0.0.1,21

    Add below

    Bind                        FTP_PORT_HERE

    Example

    [root@backendz ~]# cat /etc/pure-ftpd/pure-ftpd.conf  | grep -i bind
# Bind                         127.0.0.1,21
Bind                        2121 
[root@backendz ~]#

    This will change FTP port to 2121.

    Restart pure-ftpd with command.

    systemctl start pure-ftpd

  • MySQL see all charsets

    To see all charsets available on your MySQL installation, run the command

    select * from information_schema.character_sets;

    maxlen column specifies how many bytes are required to store one character.

    MariaDB [(none)]> select maxlen, character_set_name from information_schema.character_sets where character_set_name in('latin1', 'utf8', 'utf8mb4'); 
+--------+--------------------+
| maxlen | character_set_name |
+--------+--------------------+
|      1 | latin1             |
|      3 | utf8               |
|      4 | utf8mb4            |
+--------+--------------------+
3 rows in set (0.000 sec)

MariaDB [(none)]>

    latin1 charset uses 1 byte to store a character. uff8mb4 uses 4 bytes to store a character.

    See MySQL

  • WordPress HyperDB

    WordPress HyperDB

    HyperDB is a WordPress plugin that allows you to use multiple MySQL database servers with large MySQL installations. It is used to WordPress.com to distribute MySQL server load amount multiple MYSQL database servers hosted in different data centers.

    HyperDB supports

    • Read and write servers (replication)
    • Configurable priority for reading and writing
    • Local and remote datacenters
    • Private and public networks
    • Different tables on different databases/hosts
    • Smart post-write master reads
    • Failover for downed host
    • Advanced statistics for profiling
    • WordPress Multisite

    You can find more about the HyperDB plugin at

    https://wordpress.org/plugins/hyperdb/

    How it works

    HyperDB replaces WordPress wpdb class so it can read from multiple MySQL database servers.

    On a default WordPress installation, when a website grows, you need to upgrade the server to a more powerful server, but there is a limit on this as at some point upgrading server becomes costly. What you can do is move MySQL into its own dedicate server. For larger WordPress sites, a single dedicated MySQL server is not enough. In such a case, you can set up MySQL replication. When you set up MySQL replication with read-only nodes, you can only write to “main” MySQL server, all Database reads can be distributed across multiple MySQL read-only replicas. HyperDB checks each MySQL query, detect if it is a read or write/update query. If read, it is sent to one of the read-only MySQL replica servers.

    See WordPress

  • Warning: Use of undefined constant OAUTH_REQENGINE_CURL

    Warning: Use of undefined constant OAUTH_REQENGINE_CURL

    On an Ubuntu server (Ubuntu 20.04.2 LTS) when running a PHP script, I get the following error.

    Warning: Use of undefined constant OAUTH_REQENGINE_CURL - assumed 'OAUTH_REQENGINE_CURL' (this will throw an Error in a future version of PHP

    On checking phpinfo, I get

    Ubuntu PHP OAuth

    Request engine support	php_streams

    curl is missing in “Request engine support”.

    This is because the default php-oauth package does not support curl. To fix, uninstall php-oauth and install oauth package using pecl.

    Uninstall pcel

    apt install php-oauth -y

    install curl dev package

    apt install libcurl4-gnutls-dev
ln -s /usr/include/x86_64-linux-gnu/curl /usr/include/curl

    Install PHP PECL

    apt install php-pear

    Install oAuth

    pecl install oauth

    Edit php.ini file

    vi /etc/php/7.4/cli/php.ini

    Add at end of the file

    extension=oauth.so

    You need to do the same for Apache and php-fpm php.ini files located at

    /etc/php/7.4/apache2/php.ini
/etc/php/7.4/fpm/php.ini

    7.4 is for PHP version 7.4. Change this to whatever PHP version you have on your server. After making the change, phpinfo() page shows curl

    ubuntu php oauth

    See php

  • SaaS

    https://www.paddle.com – Payment processing for SaaS.

  • Enable SSL in Haproxy Docker Container

    I have a haproxy container running on port 80. This container is started with command

    docker run -d -p 80:80 --name haproxy1 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7

    This haproxy used following configuration file /home/ubuntu/haproxy/haproxy.cfg

    global

defaults

frontend sok-front-end
    bind *:80
    mode http
    default_backend sok-front-end

backend sok-front-end
    mode http
    balance roundrobin
    server srv3 172.17.0.2:8000

    To make this haproxy work with SSL, first create a ssl.pem file with your SSL certificate contents in following order

    1) Your Private Key
2) Your SSL CRT
4) CA-BUNDLE

    copy and paste all those certs into ssl.pem file inside /home/ubuntu/haproxy/ssl.pem

    Now modify your /home/ubuntu/haproxy/haproxy.cfg file as follows

    global

defaults

frontend sok-front-end
    bind *:80
    bind :::443 ssl crt /usr/local/etc/haproxy/ssl.pem
    acl https ssl_fc
    http-request set-header X-Forwarded-Proto http  if !https
    http-request set-header X-Forwarded-Proto https if https
    mode http
    default_backend sok-front-end

backend sok-front-end
    mode http
    balance roundrobin
    server srv3 172.17.0.2:8000

    Now we need to stop current docker container as it only allow port 80 to be shared.

    docker container stop haproxy1

    Lets create a new haproxy container with port 443 forwaded.

    docker run -d -p 80:80 -p 443:443 --name haproxy2 -v /home/ubuntu/haproxy:/usr/local/etc/haproxy:ro haproxy:1.7

    See Haproxy

  • PHP script to monitor exim mail queue

    When you run exim mail server, it is good to keep an eye on number of emails in mail queue. here is a PHP script that will check number of emails in queue, if it exceed pre-set number, it will email you.

    Create file

    mkdir /usr/serverok/
vi /usr/serverok/mail_q_monitor.php

    Add following content.

     $alertOn) {
    $hostname = exec('/bin/hostname');
    $subject = 'Mail queue alert on ' . $hostname;
    $mail_text = 'Mail queue on server ' . $hostname . ' have ' . $num_mails . ' mails';
    mail($adminEmail, $subject, $mail_text);
}

    In this case, if mails in queue exceeded 100, you get email. 

    $alertOn = 100;

    You can change 100 to whatever number you need.

    $adminEmail = "you@your-domain.com";

    Replace you@your-domain.com with your email address.

    Set script to run every 10 minutes using cronjob

    */10 * * * * /usr/local/bin/php /usr/serverok/mail_q_monitor.php >/dev/null 2>&1