Directadmin – enable and configure Spamassassin automatically on creating user

By default, when you add new user in Directadmin, Spamassassin is disabled. Some users are not aware about Spamassassin, so they’ll have it disabled and will receiving a lot of spam. It is good practice to enable Spamassassin by default and also set some settings. You can do that by adding below code in your /usr/local/directadmin/scripts/custom/user_create_post.sh script. The first step is well described on Directadmin documentation. But you may also want to define some parameters for Spamassassin when user is created. It’s really simple. You can do that by manipulating filter.conf file. Steps below are preformed on Directadmin running on FreeBSD. It should be the same for Linux also.

Continue Reading

Install PHP extension on Directadmin – fast and easy way (without custombuild)

Directadmin is pretty good, lightweight, control panel for providing web hosting service or to host your own websites/projects, managing mail … Through the years, I recompiled PHP with custombuild countless times. Problem is, that every time that you want to install some new PHP extension – exif, in this example – you’ll have to rebuild whole PHP with Directadmin’s custombuild also. That can be very annoying and time-consuming. Expesialy when things go wrong. So, there is simple way on how to quickly install PHP extensions without using custombuild. I used this way many times. In this case, installation was done on CentOS 7.2 server with Directadmin and PHP version 5.6.23.

I hope this was helpful to you in any way.

Continue Reading

Ultimate NGINX configuration for WordPress

Most of the sites that I created are based on WordPress. WordPress is great platform for your sites if you take a little care for it. different kind of abusive behavior on Wordpress systems is very common. Weak points are in most cases plugins, themes and outdated code in general. Many times people think, that security of their websites is all about hosting provider, firewalls… It’s true to some point. But one of the most fundamental steps to better WordPress security is up to the end-user. Take care of your site, update it regularly, use only good plugins and themes… It’s so important that you take care for regular updates and fixes. Also, try to use as least plugins as possible. If you are using only one theme, delete the ones that you don’t use. If you’ll  use theme downloaded from internet, only use themes from good providers.

NGINX in combination with good configuration and cache system can make your website lightning fast and super responsive. Memcached, Redis, Opcache are also great for optimizing your site. You definitely want to check into them too. W3 Total Cache plugin is great and easy to configure. More about this another time.

Continue Reading

fail2ban – Error in FilterPyinotify callback: illegal IP address string passed to inet_aton

Just recently, I discovered great pice of software named fail2ban. Supreme way to provide some additional security to your server. But more about fail2ban next time. So, I configured my jail.local configuration, but getting errors in error log. This was the error:

Error in FilterPyinotify callback: illegal IP address string passed to inet_aton

Error is pretty self explanatory, my whitelisted IP’s defined in variable ignoreip were wrong. If you use commas (,) like I did, then there is your problem. Just replace commas with spaces and it should work fine.

Find and replace whitespaces from your filename

If your files contain whitespaces in their names, it can sometimes be a real pain. Expressly if you are on Linux or Unix systems. I had some problems when running rsync for backup my files. Files with whitespace were causing problems. So bellow is simple command that will remove all whitespace and replace them with “_”. You can change to any symbol that you like. I example bellow, I was searching for all jpg files.

find . -type f -name "* *.jpg" -exec bash -c 'mv "$0" "${0// /_}"' {} \;

Loop curl requests

Here is a simple solution on how to create loop for curl requests.

Just replace 30 with number of requests you want to make.

curl http://www.mywebsite.com/?[1-30]

Icinga/Nagios plugin for http brute force detection

When dealing with web servers where there are a lot of web sites, especially WordPresses, Joomlas etc., it is very common problem to dealing with flood/brute force attacks. One of most common for example, is generating massive requests on wp-login.php, or xmlrpc.php. With brute force, attackers goal is usually gaining access to administration. This is the simplest kind of method to gain access. Idea is very simple, attacker tries with a lot of different passwords and usernames, until it gets it right. Those operations of course, are automated by bots, scripts.

This can be very damaging for your server as it consumes a lot of memory. Every request means that someone just visited your website. When there is a script with bad intentions visiting your site, that means a lot of requests. Most modern web pages, every request like this, also makes database query. In most cases, server will become unresponsive, system will run out of memory, swap will fill up, mysql will stop responding.. This also means, that all websites on your server will stop working. In many cases, you’ll have to reboot your server to make it responsive again. Of course, there are systems that don’t allow this, like Cloud Linux with its LVE. One of great practices is to lock your administration to some static IP. There different ways.

Continue Reading

Directadmin – install cloudflare module (mod_cloudflare) on apache 2.4

Be careful that you’ll download proper package from cloudflare repository. In my case, I’m using Apache 2.4 on Directadmin installation. At first, I downloaded wrong version of mod_cloudflare.c and was constantly getting errors while trying to build module.

Download mod_cloudflare

wget https://www.cloudflare.com/static/misc/mod_cloudflare/mod_cloudflare.c

Install mod_cloudflare using apxs

apxs -a -i -c mod_cloudflare.c

Check if module was installed into Apache

[root@server ~]# httpd -M | grep cloud
cloudflare_module (shared)

Archive/backup your server with Mega and megatools / CentOS 7

I am Mega user for quite some time now. I have VPS on which I run my blog. Idea was: can I upload my blog/website/database backups to my Mega account daily? So I wish to use Mega as some sort of backup service. It is possible as there is Linux tool that allows operations through your Linux machine to your Mega account. It is called megatools. Mega offers 50G of capacity for free! In most cases, this should be more than enough to backup your websites. You can backup your server to your Mega account! Downside is, that megatools currently don’t offer function such as is rsync – for archive purposes.

Continue Reading

Scan your cPanel/Directadmin for excessive files

When dealing with cPanel/Directadmin that contains a lot of users, you need some control of what those users are uploading. Web hosting accounts should be used just for that, hosting websites, and not as data storage – in most cases. Sometimes you even offer packets with unlimited disk capacity but you don’t want that users are storing movies and all kind of other unnecessary files that don’t belong on web hosting account. From web hosting perspective, in most cases, any single file that exceeds 100M is usually not part of website and is just laying there, wasting your precious disk space. In cases like this, account is used as backup service. You’ll be able to find all kind of files. Movies, music, applications, archives …

So you may want to have some reports on regular basis that gives you list of all files that exceed some maximum allowed file size limit – defined by you. Personaly, I scan on interval of 7 days for all files that exceed size of 300M. I created a simple script that will do just that. It will check your /home directory for all files that exceed size that you defined. At the end, report will be sent to your email. You can also scan other directory beside /home if you wish.

Continue Reading

© 2025 geegkytuts.net
Hosted by SIEL


About author