My notes

How to create and run a jar file

JAR (Java ARchive) is an archive file format typically used to aggregate many Java class files and associated metadata and resources (text, images and so on) into one file to distribute application software or libraries on the Java platform.

JAR files are built on the ZIP file format and have the .jar file extension. Computer users can create or extract JAR files using the jar command that comes with a JDK. They can also use zip tools to do so; however, the order of entries in the zip file headers is important when compressing, as the manifest often needs to be first.

How to create jar file

Into directory, there are at least java class files. It is important create the manifest file. Manifest file contains information about version, author, main class and other data about application created. Follow the TicTacToe example MANIFEST.MF file:

Manifest-Version: 1.0
Created-By: biliards
Main-Class: TicTacToe

Change directory where there are java class files and MANIFEST.MF file. To create jar file, edit this command line:

jar cfm TicTacToe.jar MANIFEST.MF TicTacToe*class

How to run jar file

The jar file created is runnable with follow command line

java -jar TicTacToe.jar

JAR file manipulations

JAR file is a compress file and it is possible manipulate it in different ways

  • view the contents of a JAR file

    jar tf TicTacToe.jar

  • extract the contents of a JAR file

    jar xf TicTacToe.jar

  • extract specific files from a JAR file

    jar xf TicTacToe.jar META-INF/MANIFEST.MF

Reference: Wikipedia, jar file and manifest file.

How to create and run a java file

Java files are source code edited by programmers from where to create executable files. An example about code structure is a sample TicTacToe game:

  1. create java file with main class (ie: TicTacToe class) and assign it the name
  2. if application is simple and uses few and simple classes, insert these class auxiliary into TicTacToe class
  3. else create one file for each class and declare each class into TicTacToe class

It is not possible run directly file. It needs to compile java file:

javac -g

and then it is possible run application recall name of main class:

java TicTacToe

This method is same if there are created one file for each class.

Reference: Wikipedia

How to set MySQL permissions read-only with exceptions

The infrastructure about MySQL Master Slave replication involves:

  1. MySQL custom configuration
  2. MySQL custom recall
  3. Optimization and performance about point 1 and 2

Often there are open source that customizes MySQL recall, and it is not simple to adapt a MySQL Master Slave infrastructure. So that any simple idea is considered.

More open source uses user session, and table about session could be unique problem about a system of Master Slave replication with more slave.

Each slave could permit a read-only permission for each table excluding table session with these MySQL commands

grant select on database_name.* to 'mysql_user'@'localhost';
grant all on database_name.table_session to 'mysql_user'@'localhost';


How to change default editor

Each works well with your favorite text editor. It is important that there is a default editor known. In debian and in other linux distro, default editor is vi.

You could change default editor:

  1. during distro installation
  2. custom each user into .bashrc or .profile file with line:

    export EDITOR=/usr/bin/emacs

  3. custom locally in a shell session and/or particular program:

    env EDITOR=nano crontab -e


crontab – maintain crontab files for individual users (V3)

crontab [ -u user ] file
crontab [ -u user ] { -l | -r [ -i ] | -e }

Stamp output about crontab file:

crontab -l

Modify crontab with default editor

crontab -e

yum segmentation fault in centos

After an upgrading with yum program, yum will end with segmentation fault.

Last link about libz is the cause:

-rwxr-xr-x 1 root root  75028  9 gen  2007
-rwxr-xr-x 1 root bin   96572  8 nov  2010
-rw-r–r– 1 root bin  101462  8 nov  2010 libz.a
lrwxrwxrwx 1 root root     13  8 apr  2011 ->
lrwxrwxrwx 1 root root     13  8 apr  2011 -> need a different link:

lrwxrwxrwx 1 root root     13  8 apr  2011 ->

Reference: yum fails with segfault after source zlib upgrade

Advanced configuration for MySQL performance

MySQL performance covers a wide area: configuration file (/etc/my.cnf), table schema, query structure, cache system, and so on.

How to create Master Master replication between two MySQL instances

MySQL Master Master replication is a double MySQL Master Slave replication between two MySQL instances: one MySQL instance (Mi1) is Master and the other MySQL instance (Mi2) is Slave and vice versa.

Minimal configuration file (/etc/my.cnf) of each mysql instance is similar:


There is few difference.

server-id = 1


server-id = 2

If the servers are not alternative, and both writes into database, then it is important to be alert to the schema of the tables and it could be important add different auto increment configuration.

auto_increment_increment = 2
auto_increment_offset = 1


auto_increment_increment = 2
auto_increment_offset = 2

The initializing and starting replication is even to MySQL Master Slave replication between two MySQL instances.

It is important to assess the risks of a desynchronization between two MySQL instances. The errors can arise in the retrieval of information from the slave. If both instance writes into database, the reasons can be many:

  1. MySQL instances create a record considered as identical to the schema of a table (error 1062, duplicate entry)
  2. MySQL instances can not communicate due to lack of network for a time sufficient to change log file
  3. SQL syntax could be contain an error (error 1064, sql syntax)
  4. and the list is endless

It may need to add the slave skip errors configuration into /etc/my.cnf:

slave_skip_errors = 1062,1064

It may need to delete error on the fly with MySQL commands:

stop slave; set global SQL_SLAVE_SKIP_COUNTER=1; start slave;


Thread Safety in php

Thread safety is a computer programming concept applicable in the context of multi-threaded programs. A piece of code is thread-safe if it only manipulates shared data structures in a manner that guarantees safe execution by multiple threads at the same time.

There have been a few options available for a while to get PHP performing well on linux or IIS.
One solution is to configure web service to use PHP in FastCGI mode which allows PHP processes to be recycled rather than killed off after each PHP request and also allows you to run several PHP processes at once, making PHP much much faster with the added bonus that as it is using the CGI interface there is little or no incompatibility issues with PHP extensions.

The utilization of non thread safe binaries does not allow to use FastCGI mode!

On debian/ubuntu
Thread Safety enable.

aptitude install apache2-mpm-worker libapache2-mod-fcgid php5-cgi & a2enmod fcgid & /etc/init.d/apache2 restart

Thread Safety disable.

aptitude install apache2-mpm-prefork libapache2-mod-php5 & a2dismod fcgid & /etc/init.d/apache2 restart

If your non thread safe binaries software not works, it was because installing apache2-dev package on my system automatically installs apache2-thread-dev whose apxs2 tells the PHP build system to build with thread-safety on. Therefore, the solution was to directly install apache2-prefork-dev package.

Reference: Wikipedia, Tnread Safety dis/able, Install/Purge package

PHPmotion installation

PHPmotion is a free video sharing software that also has support for other types of media such as audio/mp3 sharing. The Content Managent System or (media cms application) will allow you to create and run your very own Video Sharing website, Music Sharing Site, Picture Sharing Site.

Servers – Linux/Unix server

  • PHP 4.3 and above (including support of CLI)
  • MySQL database server
  • LAME MP3 Encoder
  • Libogg + Libvorbis
  • Mencoder and also Mplayer
  • FFMpeg-PHP
  • GD Library 2 or higher
  • Be able to run background processes`

PHP Settings

open_basedir = (no value)
upload_max_filesize = 100M
post_max_size = 100M
max_execution_time = 1500
session.gc_maxlifetime = 14000
safe_mode = off
Thread saftery = disabled
enable_dl = On

Libraries installation
Follow the steps on this page.

phpSHIELD loader
With this error:

PHP script /var/www/*/classes/config.php is protected by phpSHIELD and requires the phpSHIELD loader phpshield.5.3.lin. The phpSHIELD loader has not been installed, or is not installed correctly. Please visit the phpSHIELD php encoder site to download required loader.

Follow the steps on this page.

With this error:

PHP Fatal error: SourceGuardian Loader - This protected script does not support version 5.3.2-1ubu of PHP. Please contact the script author about this problem. Error code [07] in /var/www/*/classes/config.php on line 2

Assuming you have old revision installed, you need to update / upload 4 files from the php5.3 release (or download here)


Other error infamous
White screen

  • The following files MUST be uploaded in Binary mode

    /phpshiled/ #all files in this folder

  • Set error_reporting to E_ALL or into apache configuration

    LogLevel debug

  • Set Thread Safety to disable (follow the steps on this page)
  • Your revision is too old that you must install last revision:
    • Backup your database and /upload and your /themes/*/templates directories
    • Install new release
    • Use old database during new intallation
    • Copy old /upload and your /themes/*/templates directories

Reference: PHPmotion System Requirements, PHPmotion Forum

qmail and simple configuration

qmail is a modern SMTP server and the second most popular MTA on the Internet. A number of large Internet sites are using qmail, Plesk is one. If you are on Plesk control panel, and need to change email account password then changing password from Plesk is a lengthy process.

qmail is installed into /var/qmail or similar. There are more directories, but four are important: bin, control, mailnames and users. bin directory contains all binary programs about manage qmail service. mailnames directory contains all mail divided by domain and user.


If you type this command:

man qmail-control

You obtain info about files into /var/qmail/control directory.
We analize rejectnonexist, rcpthosts and virtualdomains.

File is the list of domains, one per line. qmail-smtpd will reject any envelope recipient address with a domain not listed in rejectnoexist.

File is the list of domains, one per line. Allowed RCPT domains. If rcpthosts is supplied, qmail-smtpd will reject any envelope recipient address with a domain not listed in rcpthosts. Any details with command line:

man qmail-smptd

List of virtual users or domains, one per line. A virtual user has the form user@domain:prepend, without any extra spaces. When qmail-send sees the recipient address user@domain, it converts it to prepend-user@domain and treats it as local. Any details with command line:

man qmail-send


If you type this command:

man qmail-users

You obtain info about files into /var/qmail/users directory: assign and cdb.

List of users addresses. File is a series of assignments, one per line. It ends with a line containing a single dot. Lines must not contain NUL.

It is a constant database (CDB). CDB is a binary format that can be accessed quickly by qmail-lspawn, even when there are thousands of assignments.

.qmail files

.qmail files contain a list of delivery instructions, one instruction per line. Delivery of a user’s mail is usually controlled by one or more “.qmail” (pronounced dot kyoo mail) files. The pseudo-user on all qmail systems whose home directory is usually /var/qmail/alias. About each user, home directory is usually /var/qmail/mailnames/domain/user/.qmail. Any details with command line:

man dot-qmail


You could use any programs to manage qmail service. Most popular is vpopmail. vpopmail is a set of API that manages virtual user accounts on a qmail system, and handles delivery for these virtual users. The command-line utilities, and Qmailadmin all use the vpopmail API, provided by the vpopmail library to manage the system. vpopmail does not work with Plesk. So that, you could run the Plesk or qmail commands. Options about Plesk commands line may differ from version to version: we are using v10.3. Any details, you could run each command with --help.

Create a domain

If you want configure only domain mail into Plesk,

/usr/local/psa/bin/domain --create -dns false -mail_service true -notify false -ip

else if you have Plesk panel, you could add new domain out to Plesk and you could add mail into qmail service.
This configuration is available only user with forward because it is disable change password without Plesk or vpopmail.
You must modify five files (assign, cdb, rejectnonexist, rcpthosts and virtualdomains) and create new directory into /var/qmail/mailnames.

If the domain is, add domain into files:

echo "" >> /var/qmail/control/rejectnonexist
echo "" >> /var/qmail/control/rcpthosts

To add domain into virtualdomains, and you are using prefix, you must use new prefix. Plesk uses progressive number like id domain. Show last prefix:

tail -n 1 /var/qmail/control/virtualdomains | awk -F ':' '{print $2}'

If last prefix number is 35, you could use 100 so that you could use again Plesk:

echo "" >> /var/qmail/control/virtualdomains


mkdir /var/qmail/mailnames/
echo "|bouncesaying This\ address\ no\ longer\ accepts\ mail." > /var/qmail/mailnames/
chown -R popuser.popuser /var/qmail/mailnames/
chmod -R 700 /var/qmail/mailnames/

Show values about qmail user: popuser

grep popuser /etc/passwd

Output could be:

popuser:x:110:31:POP3 service user:/var/qmail/popuser:/bin/false

Add on the top domain line into /var/qmail/users/assign:

nano /var/qmail/users/assign

Now run qmail-newu: it processes the assign file and generates a new cdb:


Create an user

If domain and mail are configured into Plesk and you must create new user,

/usr/local/psa/bin/mail --create -passwd mypassword -mailbox true

else if domain and mail are configured into Plesk and you must update only password,

/usr/local/psa/bin/mail -u -passwd mypassword

else if domain and mail are not configured into Plesk, commands are more than one. You must modify two files (assign and cdb) and create new directory into /var/qmail/mailnames/ If the user name is biliards, add on the top user line into /var/qmail/users/assign:

nano /var/qmail/users/assign

Now run qmail-newu: it processes the assign file and generates a new cdb:


Make the user home directory:

mkdir /var/qmail/mailnames/
mkdir /var/qmail/mailnames/\@attachments<br /> mkdir /var/qmail/mailnames/
mkdir /var/qmail/mailnames/<br /> mkdir /var/qmail/mailnames/
mkdir /var/qmail/mailnames/

Make two files:

cat /var/qmail/mailnames/
/usr/bin/deliverquota ./Maildir
cat /var/qmail/mailnames/
0 0

Modify the owner and permissions:

chown -R popuser.popuser /var/qmail/mailnames/
chmod -R 700 /var/qmail/mailnames/
chmod 600 /var/qmail/mailnames/
chmod 644 /var/qmail/mailnames/

User password is configurable only Plesk or vpopmail programs. So that, if you have other domains configured into Plesk, you must use Plesk commands or you add line to user .qmail file to forward mailing:

cat /var/qmail/mailnames/
/usr/bin/deliverquota ./Maildir

Create an alias

If domain and mail are configured into Plesk and you must create new user alias,
for example, user biliards and alias bilardi and webmaster,

/usr/local/psa/bin/mail -u -aliases add:bilardi,webmaster

else if you want create only alias about mail already configured,

nano /var/qmail/users/assign

Now run qmail-newu: it processes the assign file and generates a new cdb:


To test mail that you created, follow the steps on this page.

Reference:, FAQ, vpopmail, pop account

phpSHIELD Loader

phpSHIELD is a premier php Encoder product. Loaders for phpSHIELD encoded scripts are free to download and install.

Check your servers PHP version. You do this by typing the command:

php -v

Check your system architecture. You do this by typing the command:

uname -i

The result will either be i386 or x86_64. You will need this information to download the correct PHPshield loaders.

Check your PHP extensions_directory. You do this by typing the command:

php -i | grep extension_dir

My path is

extension_dir => /usr/lib/php5/20090626 => /usr/lib/php5/20090626

You must first delete any loaders that may already be in your extensions directory

cd /usr/lib/php5/20090626
rm phpshield.*

Download PHPshield Loaders. You must now download the appropriate PHPshield loader, based on your system architecture. below is a list of the files we have available for download

  • Linux, i386, v5.2.x wget
  • Linux, x86_64, v5.2.x wget
  • Linux, i386, v5.3.x wget
  • Linux, x86_64, v5.3.x wget


mv phpshield.5.2.lin /usr/lib/php5/20090626/


mv ixed.5.3 /usr/lib/php5/20090626/

First you need to find out the location of your main php.ini file. This file is the main configuration file for PHP on your server.
You do this by typing the command below

php -i | grep php.ini

You should get a result that shows something like this

Loaded Configuration File => /etc/php.ini

In the case of our example above, the path we want it /etc/php.ini (others, /etc/php5/apache2/php.ini)
Now run the command below. Remember to use your own php.ini directoy path in the command above

echo "extension=ixed.5.3" >> /etc/php.ini

Restart your web server

/etc/init.d/apache restart


/etc/init.d/apache2 restart

Reference: phpSHIELD PHP encoder, Loaders

FFmpeg, FFmpeg-PHP, Lame, Libogg, Libvorbis, FLVtool2, Mplayer, Mencoder, AMR Installation


apt-get update
apt-get upgrade
apt-get install libjpeg-progs libjpeg62 libjpeg62-dev libsdl1.2-dev php5-dev build-essential subversion ruby libcurses-ruby git-core yasm unzip

Download all the files needed

cd /opt/phpmotion
svn checkout svn:// ffmpeg
svn checkout svn:// mplayer

Extract all the files

tar zxvf lame-3.99.5.tar.gz
tar zxvf libogg-1.3.0.tar.gz
tar zxvf libvorbis-1.3.3.tar.gz
bzip2 -cd amrnb- | tar xvf -
bzip2 -cd amrwb- | tar xvf -
tar zxvf libtheora-1.1beta3.tar.gz
tar jxvf ffmpeg-php-0.6.0.tbz2
tar zxvf flvtool2-1.0.6.tgz
tar jxvf essential-amd64-20071007.tar.bz2

Install lame

cd /opt/phpmotion/lame-3.99.5
./configure & make & make install

Install libogg

cd /opt/phpmotion/libogg-1.3.0
./configure & make & make install

Install libvorbis

cd /opt/phpmotion/libvorbis-1.3.3
./configure & make & make install

Install flvtool2

cd /opt/phpmotion/flvtool2-1.0.6/
ruby setup.rb config
ruby setup.rb setup
ruby setup.rb install

Copy Codecs for mplayer

mkdir /usr/local/lib/codecs
mv /opt/phpmotion/essential-amd64-20071007/* /usr/local/lib/codecs/
chmod -R 755 /usr/local/lib/codecs/

We also need to secure the tmp directory

mkdir /usr/local/src/tmp
chmod 777 /usr/local/src/tmp
export TMPDIR=/usr/local/src/tmp

Install mplayer & mencoder

cd /opt/phpmotion/mplayer
svn update
./configure --enable-jpeg
make & make install

Install AMR (for 3gp conversion)
Debian Lenny and Ubuntu 10.04 users, not install AMR packages

cd /opt/phpmotion/amrnb-
./configure & make & make install
cd /usr/local/src/amrwb-
./configure & make & make install

Install libtheora (for ogg video encoding)

cd /opt/phpmotion/libtheora-1.1beta3
./configure & make & make install

Install ffmpeg

cd /opt/phpmotion/ffmpeg/
svn update

Debian Lenny and Ubuntu 10.04 users please use the following configure command:

./configure --enable-libmp3lame --enable-libvorbis --disable-mmx --enable-shared --enable-nonfree --enable-libtheora

Debian Etch and Ubuntu 8.04 users please use the following configure command:

./configure --enable-libmp3lame --enable-libvorbis --disable-mmx --enable-shared --enable-libamr-nb --enable-libamr-wb --enable-nonfree --enable-libtheora

Ubuntu 7.06 users please use the following configure command:

./configure --enable-libmp3lame --enable-libogg --enable-libvorbis --disable-mmx --enable-shared --enable-libamr-nb --enable-libtheora

Now run these commands:

make & make install
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/
ln -s /usr/local/lib/ /usr/lib/

Install ffmpeg-php
Debian Lenny and Ubuntu 10.04 users please use the following configure command:

aptitude install php5-ffmpeg

Others Debian and Ubuntu users please use the following configure command:

cd /opt/phpmotion/ffmpeg-php-0.6.0/
./configure & make & make install

You now check if there is ffmpeg-php module:

grep -R ffmpeg /etc/php5/*

If there is not, then you now need to add the new ffmpeg-php module to the php.ini file

nano /etc/php5/apache2/php.ini (add this line to the end of the file)

Restart & done

/etc/init.d/apache2 force-reload


Joomla and its customization

Joomla is fantastic because you could add or modify view or calculate intervening into particular events. It only needs to add or modify correct files. If you would like:

  1. modify template
    • creating your template in /templates/your-template-name and
    • overwriting css or html about modules or components
  2. modify modules
    • overwriting html from templates/your-template-name/html
    • from administration, copying module and add it with different parameters
    • copying module and install it as new module
    • changing module by your plugin
  3. add new plugins
  4. add new components

Zoo is a big component. It is so important that it has also more ways to add or modify view or calculate.
If you would like:

  1. modify template
    • from zoo administration interface
    • adding modules into zoo templates (full, related, item, teaser, ..)
  2. modify zoo component
    • from /media/zoo/applications with applications.php files
    • and all final files about full, related, item, teaser, .., templates

Joomla – Plugin load module into article

Load Module plugin
You will usually want to associate modules with articles in some way. The modules are allocated to module positions and the module positions appear somewhere on the Web page as determined by the template. However, it is sometimes useful to have a module actually embedded within the article.

To insert a module inside an article, use the {loadposition xx} command, as follows:

  1. Create a module and set its position to any value that doesn’t conflict with an existing template position. You can type in the position value instead of selecting it from the drop-down list. For example, use the position myposition.
  2. Assign the module to the Menu Items that contain the articles that you want the module to show in. You can also just assign the module to all Menu Items.
  3. Edit the articles where you want this module to appear and insert the text

    {loadposition myposition}

in the article at the place where you want the module.

Note that this only works when the Content – Load Module plugin is enabled. If this plugin is disabled, the text {loadposition myposition} shows unchanged in the article.

Load module into article
This plugin loads any module into an article.
Syntax in editor:

{module [27]}

where 27 is the modules id.

Modules Anywhere
With Modules Anywhere you can include a single module or complete module positions anywhere in your site, including inside 3rd party components and even inside other modules.

Why use Modules Anywhere, and not the {loadposition} plugin?

  • It works anywhere, not only in articles. It even works in modules!
  • You can load a single module, not only complete module positions.
  • You can control the html display style from within the tag, not only one global setting.
  • You have some security setting, so you can disable this feature for lower user types.
  • It comes with a very easy to use editor button.

You can set Modules Anywhere to also handle the {loadposition} tags. In that case, you can safely disable the {loadposition} plugin all together.

Modules Anywhere does not show unpublished Modules by default. If you do want it to, you can change that behavior through the plugin parameters.

Load module into zoo
To load module into zoo content, you could use Modules Anywhere or modify template about zoo.
If you want load module into product catalog, then you could implement ProductApplication class as


module (with function that return text modified) and use it into template file




where your_function is public function that you implemented (as plgContentLoadModule about loadmodule.php) and $html_content is variable that contain your {loadposition xx}.

Reference:, Load module into article, Modules Anywhere


DNS lookup utility.

dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-p port#] [-t type] [-x addr] [-y name:key] [-4] [-6] [name] [type] [class] [queryopt...]
dig [global-queryopt...] [query...] dig [-h]



Set TimeZone on Centos

CentOS update breaks another thing – the logwatch perl timezone manipulation. The exact error message is:

ERROR: Date::Manip unable to determine TimeZone.
Execute the following command in a shell prompt:
perldoc Date::Manip
The section titled TIMEZONES describes valid TimeZones and where they can be defined.

You could fix it modify /etc/localtime. You could use tzconfig command line and follow its questions or:

cp /usr/share/zoneinfo/Europe/Rome /etc/localtime

If your localtime is different, you could choose your zoneinfo in /usr/share/zoneinfo/.



rdate – get the time via the network

rdate [-p] [-s] [-u] [-l] [-t sec] [host...]


rdate -s

If you want syncronize date, then you could add this line into crontab:

        • 0 rdate -s

Functions to be invoked with the OpenX API: howto and examples

There are any tutorial about openx api but if you know code, then in you found all functions that you could invoke in your client script.

How to use vhost.conf in Plesk

Maybe you need to do some specific configurations for a domain or subdomain and you tried to do directly in httpd.include file. You saw that it works for the momment but plesk will delete again your specific configurations from this file. So, in this case the answer is vhost.conf file. This file will be placed inside your domain’s conf directory, usually found at /var/www/ Create a file called vhost.conf in whatever editor you prefer.

Modify Plesk skel for each vhost.conf
If you want modify configuration for all domains, then you must create vhost.conf in .skel directory:

mkdir /var/www/.skel/0/conf/
emacs /var/www/.skel/0/conf/vhost.conf

Modify vhost.conf for one domain
If you want modify configuration for one domain, the you must create vhost.conf:

emacs /var/www/

Modify vhost.conf for one subdomain
If you want modify configuration for single subdomain, the you must create vhost.conf:

emacs /var/www/

Edit vhost.conf
If you want modify safe_mode directive to off in, then you could create vhost.conf into /var/www/

<Directory /var/www/>
<IfModule mod_php4.c>
php_admin_flag safe_mode off
<IfModule mod_php5.c>
php_admin_flag safe_mode off

Now, you need to tell Plesk to update it’s information.
You have to run:

/usr/local/psa/admin/sbin/websrvmng -u

this will configure plesk only for one single domain, in this case
If you want to configure it for all sites run:

/usr/local/psa/admin/bin/websrvmng -a

After this command if you look to httpd.include file, will see that your httpd.include will have an include line for your vhost.conf, something like this:

Include /srv/www/

There is also a vhost.conf file for subdomain in their DocumentRoot directory, if you want to do some specific things for subdomain.

Now, you must restart apache:

apachectl -t
apachectl graceful


Installing a SSL Certificate in Plesk

Add a SSL Certificate to a website using Plesk it is simple: it is important to know Plesk version because it is different among differente releases.
Plesk 9

  1. we first login to Plesk and navigate to the domain you wish to install the Certificate on to
  2. enter into the configuration of the target domain
  3. click on SSL Certificates
  4. click on Add SSL Certificate
  5. if you already have a SSL Certificate then you can skip this step and go to step 8. Any details:
    1. Name the certificate. This can be named anything that you choose. You could use a descriptive name including a timestamp like YYYYMMDDRR format where RR is the revision number (00 in this case as there are no revisions for the same day)
    2. Make any needed adjustments to the SSL Request. This information will be embedded in the SSL Certificate and should be similar to the domain registration information
    3. The email address should match one of the email addresses in the domain whois information provided by your domain registrar
    4. Falsified information may be rejected by your SSL Certificate Authority.
  6. now enter back into the Certificate configuration
  7. you can now review the CSR and Private Key. Save the Private Key in a safe location. Should anything occur with your server that the certificate must be re-entered you MUST have at least the Certificate and Private Key. Take the CSR and submit it to the Certificate Authority of your choice
  8. once you have received the Certificate from your Certificate Authority you can paste it into the Certificate text area. If your Certificate Authority requires, you may need to paste their own Certificate into the CA certificate text area (often called a CA Bundle)
  9. if the Private Key does not match the Certificate then you will see a page similar to this. You MUST have a matching Private Key and Certificate in order to use a Certificate
  10. once installed you will see CSR, Private Key and Certificate. These three all match up and are ready to be used
  11. now you will navigate back in to the Web Hosting Settings from the Domains configuration
  12. select the corresponding Certificate and click OK at the bottom

Plesk 9.5
Previous steps do not work. Certificate must be adding into Global Configurations and not into single domain configuration.

  1. we first login to Plesk and enter into the Global Configuration
  2. click on SSL Certificates and follow steps (about Plesk 9) from 4 to 10
  3. now you will navigate back in to the IP addresses
  4. you need exclusive IP addresses for domains with SSL certificates. Enter into IP address about your website to apply the SSL Certificate
  5. select SSL Certificate (choose name about certificate newly created)
  6. select domain and save
  7. follow last steps (about Plesk 9) 11 and 12

The new certificate is now being used for the domain. If you have updated the certificate then you may need to completely close out of your browser before the new certificate is used.


How to create replication between two MySQL instances

It is important create a mysql user into each instance that it could exec only replication actions, in mysql shell:

create user replica@localhost;
grant replication slave on *.* to replica@localhost identified by 'replicapassword';

Minimal configuration file (/etc/my.cnf) of each mysql instance is:




Last step is initializing and starting replication. In mysql shell:

reset master;


change master to master_host='ip.server.master',

If you want resetting replication:

reset master;


stop slave;
reset slave;
start slave;

If you want show which it is binary file and position:

show master status;
show slave status;


How to install multiple MySQL instances on the same machine

There are various methods to run multiple instances of mysql (on different ports) on the same machine. We can either compile the mysql binary with different defaults and paths, use mysqld_multi or the MySQL Sandbox project. Still the simplest solution I’ve used in the past for such situations is to use the same binary and use a separate configuration file (with separate port, pid, socket and data directory). This post will explain this method.

Create separate data and log directories
We need to create new directories for our datadir and log folder (if used). Also we need to assign proper permissions on those folders:

mkdir /var/lib/mysql2
chown -R mysql:mysql /var/lib/mysql2/
mkdir /var/log/mysql2
chown -R mysql:mysql /var/log/mysql2

Create a new mysql configuration file
Next we need a separate configuration file. We can start by copying the existing one and changing the needed values. This example was taken on a debian machine that holds the mysql configurations under /etc/mysql/my.cnf. We just copy this folder and modify it from there:

cp -R /etc/mysql/ /etc/mysql2

if you use a redhat variant package then your configuration file is under /etc/my.cnf by default and you can just copy it directly:

cp /etc/my.cnf /etc/my2.cnf

(or change the path appropriately for your configuration file is in a different place).
Next, we need to edit our new configuration file and at least update the mysql port (default to 3306), the pid and socket to be different than the default ones, and also point the data and log folders to the ones created before.

cd /etc/mysql2/
sed -i 's/3306/3307/g' my.cnf
sed -i 's/mysqld.sock/mysqld2.sock/g' my.cnf
sed -i 's/' my.cnf
sed -i 's/var\/lib\/mysql/var\/lib\/mysql2/g' my.cnf
sed -i 's/var\/log\/mysql/var\/log\/mysql2/g' my.cnf

Initializing and starting
Finally we need to initialize the default dbs:

mysql_install_db --user=mysql --datadir=/var/lib/mysql2/

Alternatively we can copy the existing /var/lib/mysql if this is needed (shut down mysql prior to do this).
Finally we can start our new mysql instance with:

mysqld_safe --defaults-file=/etc/mysql2/my.cnf &#038;

We can connect to our new instance using:

mysql -S /var/run/mysqld/mysqld2.sock


mysql -h -P 3307

and if we no longer need it, stop it with:

mysqladmin -S /var/run/mysqld/mysqld2.sock shutdown

Other solution

Create a unique mysql configuration file
You could create unique mysql configuration file /etc/my.cnf. You could label each instance with a number and define same parameters into unique file.
If you have got two instances, 1 and 2, your minimal mysql congifuration file could be this:



Each directory had owner mysql user:

chown -R mysql:mysql /path/directory

Initializing and starting
As above. Or you could use mysqld_multi command line to start mysql instances together:

mysqld_multi --verbose --log=/var/log/mysqld.log start 1,2

About stop instances, you could use mysqladmin command line as above. If you
need a particular mysql user about shutdown particular mysql instance, you could use:

mysqladmin --defaults-file=/etc/myuser.cnf shutdown

where /etc/myuser.cnf is:


and you must add in mysql shell:

GRANT SHUTDOWN ON *.* TO 'myuser'@'localhost' IDENTIFIED BY 'myuserpassword'

Check port of MySQL instances
If you have worked well, then you have got two MySQL instances that they listen on different ports:

netstat -ntl

My output is:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0* LISTEN
tcp 0 0* LISTEN


How to configure an IP Tunnel

An IP tunnel is an Internet Protocol (IP) network communications channel between two networks. It is used to transport another network protocol by encapsulation of its packets.

IP tunnels are often used for connecting two disjoint IP networks that don’t have a native routing path to each other, via an underlying routable protocol across an intermediate transport network. In conjunction with the IPsec protocol they may be used to create a virtual private network between two or more private networks across a public network such as the Internet. Another prominent use is to connect islands of IPv6 installations across the IPv4 Internet.

You could try by two ways.
On-the-fly way
In the first ( endpoint:

ip tunnel add mytun mode ipip local remote
ip addr add dev mytun
ip link mytun up

In the second ( endpoint:

ip tunnel add mytun mode ipip local remote
ip addr add dev mytun
ip link mytun up

Permanent way




To starting tunnel is simple. On host and on host

ifup mytun

If you want check up tunnel:

ip addr ls


PHP PEAR installation and configuration

PEAR is short for “PHP Extension and Application Repository” and is pronounced just like the fruit. The purpose of PEAR is to provide:

  • A structured library of open-source code for PHP users
  • A system for code distribution and package maintenance
  • A standard style for code written in PHP, specified here
  • The PHP Extension Community Library (PECL), see more below
  • A web site, mailing lists and download mirrors to support the PHP/PEAR community

There is not important what it is your OS: you could download to begin installation.

mv go-pear go-pear.php
php go-pear.php

or simply:

aptitude install php-pear (Debian / Ubuntu)
yum install php-pear (Fedora / Centos)

Verifying the include path
To use PEAR and PEAR compatible packages in your applications, you normally include them into your PHP scripts using require_once(). For this to work, PEAR’s php_dir must be a part of PHP’s include path.

  • First, check where PEAR installs .php files:

    pear config-get php_dir

mine output is:


This directory will contain System.php.

  • Now it’s time to find which configuration file is used by your PHP installation. On command line, execute:

    php --ini | grep Loaded

mine output is:

Loaded Configuration File: /etc/php.ini

To see which php.ini is used by PHP on your web server, create a file with only <?php phpinfo(); ?> as the contents, and save it in your local web root as check_php.php. Open the file in your browser as http://localhost/check_php.php, to find the path to the php.ini file your web server is using.

  • include_path about php.ini must include php pear directory:

    grep include_path /etc/php.ini | egrep "^[^;]"

mine output is:

include_path = “.:/usr/local/php/pear/”

If your include_path does not contain php pear directory, then you must add it modifying php.ini.
Modifying php.ini
To get PEAR working properly, you need to adjust PHP’s include_path. After you found php.ini, open it in an editor.
Search for the line include_path.
Now that you found it, you probably will see a semicolon ; at the beginning. This means the line is a comment. Add a new line below it.
In this line, write:


Depending on your operating system, add a : (Unix/Linux/FreeBSD/Mac OS X) or a ; (Windows) after the dot. Add PEAR’s php_dir after it. (The directory System.php is located in!)
The result should look like that:

; Unix


; Windows

Checking if PEAR works
Now that this is done, try including a file. Create a new check_pear.php file with the following contents:

<? php
require_once ‘System.php’;

System.php is shipped with every PEAR installation and thus should be on your computer, too. Open the file with the browser from your web server, and also try it on command line:

php check_pear.php

The only output should be


A message like:

Warning: require_once(System.php): failed to open stream:
No such file or directory in /path/to/check_pear.php on line 2

means that your include path is not correct. (So go and fix it!)
Installing packages
After getting PEAR working on your machine you most likely want to install some packages. This guide shows people new to the PEAR command line installer how to get started. The general command to install a PEAR package named “foo” is

pear install foo

Typing this and pressing return, the package will be downloaded and installed on your computer. It does not matter if you write the package name in lowercase, UPPERCASE or MixedCase – the installer will find the package by lowercasing the name.
When a package is already installed, you will get the following message:

pear install foo

Output is:

Ignoring installed package pear/foo
Nothing to install

This happens even if there is a newer version of the package! The correct command to upgrade to the lastest version is

pear upgrade foo

Output is:

upgrade ok: channel://

If the package already has the lastest version, you will get a message similar to the following:

Ignoring installed package pear/Foo
Nothing to upgrade

In the case you deleted some file and really really want to re-install the package, you have two choices:

  • Uninstall the package, and reinstall it afterwards
  • Force the installation

Forcing an command should only be done when you absolutely know what you are doing – you might in some circumstances break PEAR otherwise. Forcing something should always be the last option.

pear install -f foo
pear upgrade -f foo

Unstable alpha/beta packages
Now and then, you will get error messages like

Failed to download pear/foo within preferred state “stable”,
latest release is version 0.1.2, stability “beta”,
use “channel://” to install
Cannot initialize ‘channel://’, invalid or missing package file
Package “channel://” is not valid
install failed

Reason for this is that PEAR by default installs stable packages only. When a package is in state devel, alpha or beta it will refuse to install them. You can easily persuade it by adding either the version number or the stability you are willing to accept:

pear install Foo-beta
pear install Foo-alpha

You can also install a specific version, or upgrade to a specific version regardless of the state:

pear install Foo-1.2.3
pear upgrade Foo-1.2.3

Verifying the open basedir
It may happen that from the command line php pear works and via browser no. In the apache configuration file of domain may need to add:

<Directory “/var/www/”>
php_admin_value open_basedir “/var/www/”
php_admin_value include_path “.:/usr/local/php/pear/”

Reference: about PEAR, getting started, installing packages, checking if PEAR works,

open_basedir restriction in effect

PHP open_basedir protection tweak is a Safe Mode security measure that prevents users from opening files or scripts located outside of their home directory with PHP, unless the folder has specifically excluded. PHP open_basedir setting if enabled, will ensure that all file operations to be limited to files under certain directory, and thus prevent php scripts for a particular user from accessing files in unauthorized user’s account. When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified or permissible directory-tree, PHP will refuse to open it and the following errors may occur:

Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File …

The above error message appears on a Apache httpd web server error log (error_log). However, the problem may happen to all system or websites that use PHP as scripting language.
The solution or workaround to open_basedir restriction problem is that disable the PHP open_basedir protection altogether, or to exclude the protection for certain privileged user accounts, or to allow access to the additional directory for PHP scripts.

If you’re using cPanel WebHost Manager (WHM), you can easily disable PHP open_basedir protection or exclude certain users from the protection with WHM. Simply go to “Tweak Security” under the “Security” section, then select “Configure” link for “Php open_basedir Tweak”. Inside it, you can enable or disable php open_basedir Protection, or exclude and include hosts from the protection.

If you’re using Plesk hosting control panel, you may need to manually edit Apache configuration file of vhost.conf and vhost_ssl.conf, and add in or edit the following php_admin_value open_basedir lines to the following:

<Directory /full/path/to/the/directory/httpdocs>
php_admin_value open_basedir none
<Directory /full/path/to/the/directory/httpdocs>
php_admin_value open_basedir /full/path/to/dir:/full/path/to/directory/httpdocs:/tmp

Note: For SSL hosts in the vhost_ssl.conf file, the Directory path will end with “httpsdocs” instead of “httpdocs”.

The paths (above is example only and to be replaced with real path) that behind open_basedir are the directories that specifically allowed for the PHP scripts in the vhost domain account to access, so you can add in more directories that files are been stored and needed to be opened by PHP, each seperated by color “:”. But be careful as it might expose your system to security fraud.

Once done, restart Apache httpd web server (apache2ctl restart or httpd restart). If you have to manually edit the Apache configuration file to disable PHP open_basedir protection, simply open up the httpd.conf file, and search for the lines that starts with the following characters:

php_admin_value open_basedir …

Replace the whole line under the virtual host for the domain user account that you want to disable protection with the following line to disable it:

php_admin_value open_basedir none

You can also opt to allow your PHP scripts to access additional directory instead without disabling the protection. Additional directory can be added to the line, separated with color “:”. For example, to add /new_directory to the allow list:

php_admin_value open_basedir “/home/user_account/:/usr/lib/php:/usr/local/lib/php:/tmp”
php_admin_value open_basedir “/home/user_account/:/usr/lib/php:/usr/local/lib/php:/tmp:/new_directory”

Restart the Apache after finished editing. Note that the directory allowed list restriction above is actually a prefix, not a directory name. This means that “open_basedir = /dir/incl” also allows access to “/dir/include” and “/dir/incls” if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: “open_basedir = /dir/incl/”.


How to add a directory to my PATH statement or variable

When you type the name of an executable file, GNU/Linux searches for that executable in all the directories specified in the PATH environment variable.
By default, your GNU/Linux distribution probably set up a default PATH variable during install. To see what your current PATH variable is set to, in a terminal window, type:

echo $PATH

and press ENTER. The system should respond by writing out the current value of the PATH variable. That probably looks something like:


To add a directory to the PATH statement is a relatively straight forward process, but first a question needs to be answered:
Note that these instructions are for a bash shell which is very common n GNU/Linux systems. If you are running another shell, please consult the directions for that shell.
Which users do you want to be affected by this new PATH value?

  1. In a home GNU/Linux system, it’s likely that there is only one user and therefore the answer is: me and my root account.
  2. If you are running a multi-user system, then the answer is likely: everybody and root.
  3. Possibly the third answer is: only ‘joe’ or some other single user on the system.
    Regardless of which user(s) are to affected, the same line(s) need to be added to a profile file. The only variable is: which file?
    The line(s) or code to add are:

    export PATH

NOTE: The export command need only be called once in the profile file and after all the PATH statements in that file. If an export command is already present in the applicable profile file (see below), then you need not add another one.
You are going to add these lines to the following location depending on which user(s) you want to affect:

  1. To add that PATH to every user but root, add the line(s) to /etc/profile
  2. To add that PATH to root, add those line(s) to /root/.bash_profile
  3. To add that PATH to a specific user(s), add the line(s) to /home/user/.bash_profile

export PATH


How to add user to group

How can I add a user to a group under Linux operating system?

You can use the useradd or usermod commands to add a user to a group. The useradd command creates a new user or update default new user information. The usermod command modifies a user account i.e. it is useful to add user to existing group. There are two types of group. First is primary user group and other is secondary group. All user account related information is stored in /etc/passwd, /etc/shadow and /etc/group files to store user information.

useradd Example – Add A New User To Secondary Group
You need to the useradd command to add new users to existing group (or create a new group and then add user). If group does not exist, create it. The syntax is as follows:

useradd -G {group-name} username

In this example, create a new user called vivek and add it to group called developers. First login as a root user (make sure group developers exists), enter:

grep developers /etc/group



If you do not see any output then you need to add group developers using groupadd command:

groupadd developers

Next, add a user called vivek to group developers:

useradd -G developers vivek

Setup password for user vivek:

passwd vivek

Ensure that user added properly to group developers:

id vivek


uid=1122(vivek) gid=1125(vivek) groups=1125(vivek),1124(developers)

Please note that capital G (-G) option add user to a list of supplementary groups. Each group is separated from the next by a comma, with no intervening whitespace. For example, add user jerry to groups admins, ftp, www, and developers, enter:

useradd -G admins,ftp,www,developers jerry

useradd example – Add a new user to primary group
To add a user tony to group developers use following command:

useradd -g developers tony
id tony


uid=1123(tony) gid=1124(developers) groups=1124(developers)

Please note that small -g option add user to initial login group (primary group). The group name must exist. A group number must refer to an already existing group.

usermod example – Add a existing user to existing group
Add existing user tony to ftp supplementary/secondary group with usermod command using -a option ~ i.e. add the user to the supplemental group(s). Use only with -G option :

usermod -a -G ftp tony

Change existing user tony primary group to www:

usermod -g www tony



useradd – create a new user or update default new user information


useradd [options] LOGIN
useradd -D
useradd -D [options]

add user jerry to groups admins, ftp, www, and developers, enter:

useradd -G admins,ftp,www,developers jerry

add a user tony to group developers use following command:

useradd -g developers tony


usermod – modify a user account


usermod [options] LOGIN

Add existing user tony to ftp supplementary/secondary group with usermod command using -a option ~ i.e. add the user to the supplemental group(s). Use only with -G option :

usermod -a -G ftp tony

Change existing user tony primary group to www:

usermod -g www tony


mytop – display MySQL server performance info like ‘top’


mytop [options]


mytop -u mysqluser -p mysqlpassword -d database

Mytop has started to break on RHEL or CentOS. It appears that some of the perl modules have change.d
There error is:

Error in option spec: “long|!”

The fix for this is to edit the mytop script and comment out the line containing long|!

nano /usr/bin/mytop

Run a search for long|! and comment out the following line:

“long|!” => $config{long_nums},

Start mytop and you should be fine!


Installing msttcorefonts

If you need MS fonts installed in our Linux Operating System, in order to look at the documents in the same way they are looking at it.
on Debian / Ubuntu

sudo aptitude install msttcorefonts

on Fedora / Centos
Install the software needed

sudo yum install rpm-build cabextract

download cabextract package here
Download the specs to build the RPM


Build the RPM

rpmbuild -ba msttcorefonts-2.0-1.spec



Install the RPM

rpm -ivh msttcorefonts-2.0-1.noarch.rpm

Reload xfs

/sbin/service xfs reload

Now the msttcorefonts are installed and available. Look:

yum list msttcorefonts


How to insert into plesk new db and user db manually

If you are a maniac of the shell but you need to work with plesk. If you’re not the only one to administer the db and who is not a practical use plesk.
If you created the db via shell are in use and can not stop their use. It is good that the db and db users you entered manually, are also present in plesk.

The process is very simple. Plesk uses three tables:

mysql> desc accounts;
| Field    | Type             | Null | Key | Default | Extra          |
| id       | int(10) unsigned | NO   | PRI | NULL    | auto_increment |
| type     | varchar(32)      | NO   |     | plain   |                |
| password | text             | YES  |     | NULL    |                |
mysql> desc db_users;
| Field      | Type             | Null | Key | Default | Extra          |
| id         | int(10) unsigned | NO   | PRI | NULL    | auto_increment |
| login      | varchar(16)      | NO   |     | NULL    |                |
| account_id | int(10) unsigned | NO   | MUL | NULL    |                |
| db_id      | int(10) unsigned | NO   | MUL | NULL    |                |
mysql> desc data_bases;
| Field           | Type                               | Null | Key | Default | Extra          |
| id              | int(10) unsigned                   | NO   | PRI | NULL    | auto_increment |
| name            | varchar(63)                        | NO   | MUL | NULL    |                |
| type            | enum('mysql','postgresql','mssql') | NO   |     | mysql   |                |
| dom_id          | int(10) unsigned                   | NO   | MUL | NULL    |                |
| db_server_id    | int(10) unsigned                   | NO   | MUL | NULL    |                |
| default_user_id | int(10) unsigned                   | YES  |     | NULL    |                |

So you can add, for each database, the following lines:

mysql> insert into accounts values(id,'plain','dbUserPassword');
mysql> insert into data_bases values(id,'dbName','mysql',idDomain,idDbServer,idDbUser);
mysql> insert into db_users values(id,'dbUserName',idAccount,idDb);

Jomsocial installation and tips

Would you like create your personal social network? There are more solutions. If you know Joomla, then you could install it and try Jomsocial.


nc – TCP/IP swiss army knife


nc [-options] hostname port[s] [ports] ...
nc -l -p port [-options] [hostname] [port]


nc -l -p 2345


fcrackzip – a Free/Fast Zip Password Cracker

fcrackzip [-bDBchVvplum2] [--brute-force] [--dictionary] [--benchmark] [--charset characterset] [--help] [--validate] [--verbose] [--init-password string/path] [--length min-max] [--use-unzip] [--method name] [--modulo r/m] file...


fcrackzip -v -b -p aaaaaaa -u
fcrackzip -b -u -l 1-7


rename – renames multiple files

rename [ -v ] [ -n ] [ -f ] perlexpr [ files ]


rename 's/\.JPG/\.jpg/' *.JPG
rename 's/ //' *.JPG
rename 'y/A-Z/a-z/' *

How to add line number

Simple but useful. The sample file is “,” delimited.

cat sample

If I have to add the line number as the first field. Then

awk '{$1=$1; print NR,$0}' sample
1 3232,32332,54545,34
2 3233,45645,23233,23
3 1211,1212,4343,434
4 3434,121121,121,33

If I have to change the field separator of the above file from “,” to “|” (can also be done using ‘tr’) and have to add the line number as the first field. Then

awk 'BEGIN{FS=",";OFS="|"} {$1=$1; print NR,$0}' sample


netstat – Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships


netstat [-venaoc] [--tcp|-t] [--udp|-u] [--raw|-w] [--unix|-u] [--inet|--ip] [--ax25] [--ipx] [--netrom]
netstat [-veenc] [--inet] [--ipx] [--netrom] [--ddp] [--ax25] {--route|-r}
netstat [-veenac] {--interfaces|-i} [iface]
netstat [-enc] {--masquerade|-M}
netstat [-cn] {--netlink|-N}
netstat {-V|--version} {-h|--help}


netstat -ano | grep ":3306"

How to control remote connections

It is often necessary to control the ports because firewall, other inbound port blocking problems, VMWare NAT’ed without port forwarding, MySQL not listening on the correct interface / MySQL not running networking, incorrect MySQL grant…)

Things to consider:

  • Is MySQL running and running with networking (you may need to specify a user/pass for these)?
    • check if accessible via UNIX socket

      mysqladmin --protocol=socket ping

    • check if accessible via localhost TCP/IP

      mysqladmin --protocol=tcp ping

    • check if accessible via external IP (MySQL can be configured to listen on the loopback address only, it can also be configured to skip-networking entirely)

      mysqladmin --protocol=tcp --host=ipaddress ping

  • Is the machine accessible from other machines? Run

    nmap -sT -p 22,3306 ipaddress

  • from another machine, this will give an indication whether the machine is accessible on the SSH/MySQL ports or not
  • If the VM is running in NAT networking mode (as opposed to bridged), then you’ll need to ensure the correct ports are forwarded to the machine’s real IP address, or otherwise use the NAT address (where accessible) for communicating
  • Is a firewall on the VM, or the VM’s host preventing access to port 3306 (the default MySQL port)? Check your firewall rules (iptables -L for iptables)
  • If you’re accessing the MySQL server via DNS, is DNS causing the problem? You can try connecting using the IP address instead of a hostname in this case to eliminate this possibility
  • If logins are working on the machine, but permission is being denied remote machines, remember that MySQL performs access control using username, password and hostname (with wildcards permitted). You may need to adjust your grant tables


How to replace text in single or multiple files

sed commands change from distribution to distribution. The proposed method should be working for each distribution.

for i in *.file; do sed -i _modified 's/foo/bar/g' "$i"; mv "$i"_modified "$i"; done

If you want add filename into file, you could join another sed command. Our files have format:

for i in *.foo; do m="$( echo $i | sed 's/_[A-Z_]*.foo//g' )"; sed -i _ 's/#/code='$m'/g' "$i"; done

If you need add also “-” into code because it has ABC12345 format and you want ABC-12345 format:

for i in *.foo; do j="$( echo $i | sed 's/_[A-Z_]*.foo//g' )"; k="$( echo $j | sed 's/\([A-Z]*\)/\1-/' )"; sed -i _ 's/#/code='$k'/g' "$i"; done

How to rename multiple files

There are more command line to rename files. If you have not got rename command line, you could use follow tips:

ls -d *.foo | sed -e 's/.*/mv & &/' -e 's/foo$/bar/' | sh


How to testing your website before switching DNS servers on domain record

You can test everything by editing the hosts file on your PC. In Unix system there is /etc/hosts.
The hosts file contains lines of text consisting of an IP address in the first text field followed by one or more hostnames, each field separated by white space (blanks or tabulation characters). Comment lines may be included; they are indicated by a hash character (#) in the first position of such lines. Entirely blank lines in the file are ignored.

If you want testing your website on server, add line on /etc/hosts with server IP (IP.SE.RV.ER) and domain name about your website. Open /etc/hosts file:

nano /etc/hosts

add this line:


and save file. Now if you ping hostname about your website:


It pings on IP.SE.RV.ER!


How to disable root access via SSH

One of the biggest security holes you could open on your server is to allow directly logging in as root through ssh, because any cracker can attempt to brute force your root password and potentially get access to your system if they can figure out your password.

It’s much better to have a separate account that you regularly use and simply sudo to root when necessary. Before we begin, you should make sure that you have a regular user account and that you can su or sudo to root from it.

To fix this problem, we’ll need to edit the sshd_config file, which is the main configuration file for the sshd service. The location will sometimes be different, but it’s usually in /etc/ssh/. Open the file up while logged on as root.

vi /etc/ssh/sshd_config

Find this section in the file, containing the line with PermitRootLogin in it.
Make the line look like this to disable logging in through ssh as root.

PermitRootLogin no

Now you’ll need to restart the sshd service:

/etc/init.d/sshd restart

Now nobody can brute force your root login, at least.

How to moving MU WordPress within your site

Moving the MU WordPress files from one location on your server to another – changing its URL – requires some special care.

WordPress is installed into /wordpress/ default folder and default url is to appear as http://localhost/wordpress/. This howto post is if you want moving from /wordpress/ to /blog/ and you want url to appear as http://localhost/blog/, in MU WordPress system. There are any differences about tutorial.

Here are the step-by-step instructions:

  • modify /wordpress/ folder in /blog/
    • via ssh:

      cd /path-your-main-site
      mv wordpress blog

    • via ftp
    • or via your file manager
  • modify /blog/.htaccess file: change all occurrences of wordpress in blog
  • modify mysql record about site url (MU WordPress 3.0 has not WordPress address in Administration > Settings > General panel):

    mysql -h host -u user -ppassword database -e "UPDATE `wp_options` SET `option_value` = 'http://localhost/blog' WHERE `option_id` =1 LIMIT 1 ;"

If you create subdomain site, you finished. If you have subdomain site:

  • digit on browser http://localhost/blog/ (your main site)
  • go to Super Admin > Sites
  • click Edit about each site and change all occurrences of wordpress in blog


lighthttpd h264 streaming module installation on CentOS

rpm -ivh lighttpd-1.4.28-1.el5.rf.i386.rpm
rpm -ivh lighttpd-fastcgi-1.4.28-1.el5.rf.i386.rpm
rpm -ivh --nodeps lighttpd-mod_h264_streaming-1.4.28-1.i386.rpm

Edit file /etc/lighttpd/lighttpd.conf and modify server.use-ipv6 value in disable. I f you could dedicate one IP, uncomment server.bind and change localhost with IP dedicated.
Edit file /etc/lighttpd/modules.conf and:

  • comment all modules in server.modules
  • in server.modules, add line:


  • below server.modules, add lines:

    h264-streaming.extensions = ( “.mp4”, “.f4v” )
    h264-streaming.buffer-seconds = 10

Start your new web server:

service lighthttpd start

Add web server in runlevel:

chkconfig --add lighttpd

For testing purposes we recommend a tool like wget, or curl):

  • upload one f4v video to the document root of your website:

    wget sample.f4v
    cp sample.f4v /srv/www/lighttpd/

  • download the full file:

    wget -O test.f4v "http://localhost/sample.f4v"

  • download file with specify start time:

    wget -O test.f4v "http://localhost/sample.f4v?start=45.5"

    This saves a file (test.f4v) on your local disk that will have the first 45.5 seconds removed from the original (sample.f4v) video

You can use your favourite player to see if worked okay.

Reference: installation and testing


lighttpd – a fast, secure and flexible web server

lighttpd [-ptDvVh] -f configfile [-m moduledir]


service lighthttpd start
service lighthttpd stop


/etc/init.d/lighthttpd start
/etc/init.d/lighthttpd stop


nmap – Network exploration tool and security / port scanner

nmap [Scan Type...] [Options] {target specification}


nmap -sT -p 22,3306 IP.SE.RV.ER
nmap -sS -O IP.SE.RV.ER

Red5 IP dedicated configuration

You could setup apache2 on one IP (IP.AP.AC.HE) and Red5 on other IP dedicated (IP.DED.ICA.TED).

  • The first file we need to modify is the server properties file located in the conf directory red5_path/conf/

    sed "s/" red5_path/conf/

  • The second file we need to modify is the apache configuration file in the conf directory /etc/httpd/conf/httpd.conf (or /etc/apache2/apache2.conf):

    sed "s/Listen 80/Listen IP.AP.AC.HE:80/g" /etc/httpd/conf/httpd.conf

  • Now you must reboot server:



Red5 port 80 configuration

You could setup HTTP on port 80 and RTMPT on port 80 as well.
We need to modify is the server properties file located in the conf directory: red5_path/conf/

  • Locate the http.port key and change it to 80 instead of 5080
  • Do not change the rtmpt.port entry, it should be 8088
  • Save and close the file


Red5 installation


  • Download and Install Java. RED5 server depends on Java. CentOS 5.3 comes with OpenJDK 1.6 and install it using yum.

    yum -y install java-1.6.0-openjdk java-1.6.0-openjdk-devel

  • Download and Install Ant (Apache Project). Ant will need to compile RED5 server code. Ant comes in binary form, so just download and install it in /usr/local directory.

    cd /usr/src
    tar jxvf apache-ant-1.8.0-bin.tar.bz2<br /> mv apache-ant-1.8.0 /usr/local/ant`

  • Export Variables for Ant and Java

    export ANT_HOME=/usr/local/ant
    export JAVA_HOME=/usr/lib/jvm/java
    export PATH=$PATH:/usr/local/ant/bin
    export CLASSPATH=.:$JAVA_HOME/lib/

    Also export these variables in /etc/bashrc to become available for every user login or for any terminal opens.

    export ANT_HOME=/usr/local/ >> /etc/bashrc
    export JAVA_HOME=/usr/lib/jvm/ >> /etc/bashrc
    export PATH=$PATH:/usr/local/ant/ >> /etc/bashrc
    export CLASSPATH=.:$JAVA_HOME/lib/classes. >> /etc/bashrc

  • Download and Install RED5 Server. Here the latest version available for RED5 is 0.7 on site but download from google code using svn as the tarball of 0.7 on site is missing some of the files.

    cd /usr/src
    svn checkout red5
    mv red5 /usr/local/
    cd /usr/local/red5
    ant prepare
    ant dist

  • you will see a ton of lines, but you should get at last
    this mean its install and now copy the conf directory from dist/ and test the red5 installation.

    cp -r dist/conf .

    If it shows Installer service created in the last then everything is fine here, press ctrl+c and move to next step to create init script.


  • Before beginning this make sure you are running these commands as root. Install Subversion:

    apt-get install subversion

  • Install tools to build your own Debian packages:

    apt-get install dpkg-dev
    apt-get install debhelper
    apt-get install dh-make
    apt-get install devscripts
    apt-get install fakeroot

  • Install Java (see this tutorial for more info):

    apt-get install java-package

  • Install Apache Ant 1.7:

    gzip -d xf apache-ant-1.7.0-bin.tar.gz
    tar -xf apache-ant-1.7.0-bin.tar
    cd apache-ant-1.7.0
    mv apache-ant-1.7.0 /usr/local/ant
    export ANT_HOME=/usr/local/ant

  • Once Java and Ant are all set up you simply download the latest development version of Red5 to your box.

    svn co red5-trunk

    That will create a folder in your current directory called red5-trunk.

  • Navigate to the red5-trunk directory and run


    That will build the project on your machine.

  • At this point you will need to create a red5 directory in the /usr/local/red5 directory.

    mkdir /usr/local/red5

  • Then you will want to copy the contents of the dist(distribution) folder to /usr/local/red5 like so

    cp -R red5-trunk/dist/* /usr/local/red5/

  • We need need to fix the permissions on the file:

    cd /usr/local/red5
    chmod 755

  • To run the server you have a few options using the file. Run the server by either running

    sh &


./ &

This will start the Red5 service manually.   * Verify the correct ports are being bound to:   > `netstat -ant`


sudo apt-get update
sudo apt-get install subversion
sudo apt-get install java-package
sudo apt-get install sun-java6-jdk
sudo apt-get install ant
mkdir -p ~/svn/red5
cd ~/svn/red5
svn checkout red5-read-only
export JAVA_HOME=/usr/lib/jvm/java-6-sun
export ANT_HOME=/usr/share/ant/
cd ~/svn/red5/red5-read-only
sudo mkdir /usr/share/red5
cd ~/svn/red5/red5-read-only/dist
sudo cp -R * /usr/share/red5/
cd /usr/share/red5
sudo chmod 755
/usr/share/red5/ &

Digit on browser: http://localhost:5080 and good luck!

Init Script
Now we will create init script for red5 to start, stop and restart easily.

cp red5.txt /etc/init.d/red5
chmod 755 /etc/init.d/red5


MaxClients directive

The MaxClients directive sets the limit on the number of simultaneous requests that will be served. Any connection attempts over the MaxClients limit will normally be queued, up to a number based on the ListenBacklog directive. Once a child process is freed at the end of a different request, the connection will then be serviced.

For non-threaded servers (i.e., prefork), MaxClients translates into the maximum number of child processes that will be launched to serve requests. The default value is 256; to increase it, you must also raise ServerLimit.

For threaded and hybrid servers (e.g. beos or worker) MaxClients restricts the total number of threads that will be available to serve clients. The default value for beos is 50. For hybrid MPMs the default value is 16 (ServerLimit) multiplied by the value of 25 (ThreadsPerChild). Therefore, to increase MaxClients to a value that requires more than 16 processes, you must also raise ServerLimit.

Set it on CentOS server

  • digit this command line to test how modules are activated: httpd -l
  • edit /etc/httpd/conf/httpd.conf and add/modify ServerLimit directive on active module

    ServerLimit 20000

  • test the changes with apachectl -t
  • reload the service by apachectl graceful
  • edit /etc/httpd/conf/httpd.conf and modify MaxClients directive on active module

    MaxClients 20000

  • test the changes with apachectl -t
  • reload the service by apachectl graceful

Set it on Debian server

  • digit this command line to test how modules are activated: apache2 -l
  • edit /etc/apache2/apache2.conf and add/modify ServerLimit directive on active module

    ServerLimit 20000

  • test the changes with apachectl -t
  • reload the service by apachectl graceful
  • edit /etc/apache2/apache2.conf and modify MaxClients directive on active module

    MaxClients 20000

  • test the changes with apachectl -t
  • reload the service by apachectl graceful

Reference: apache2

php5 update on CentOS

If you have CentOS v5.2 then you have PHP v5.1.6. Any PHP5 systems need PHP5 > v5.2.
The php-sqlite2 library has a problem to update so that you must delete it:

yum erase php-sqlite2

You have got any solutions.

  • Update PHP5 to last stable version and create /etc/yum.repos.d/CentOS-Testing.repo with this content

    name=CentOS-5 Testing

  • Update PHP5 to last beta version and create /etc/yum.repos.d/utterramblings.repo with this content

    name=Jason’s Utter Ramblings Repo

Now, you could update system:

yum update

Reference: and

php-mcrypt installation on CentOS

Updating/Installing mcrypt
If you have php-mcrypt for PHP 5.1.x installed you’ll want to remove it:
Note: Your version number maybe different. Alter below command accordingly.

rpm -e php-mcrypt-5.1.6-15.el5.centos.1

Download php-mcrypt for PHP 5.2.x and install it. You can find a 32-bit php-mcrypt package here FedoraJunkies.
Note: You’ll notice the --nodeps flag in the example. When you try to install php-mcrypt without it you get an error that php-common-5.2.6-2.el5s2 is missing even though it is installed.

wget -c
rpm -i --nodeps php-mcrypt-5.2.6-2.i386.rpm

Restart Apache and you should now see mcrypt information on your testing.php page.

System installs library and creates /usr/lib/php5/../
Check if mcrypt.ini file exists or create it in /etc/php5/conf.d and added this one liner:


imapsync installation on CentOS

CentOS does not use yum to install imapsync as Debian with apt-get, so that you must follow these steps:

perl -MCPAN -e "install Test::Inter"
perl -MCPAN -e "install Parse::RecDescent"
perl -MCPAN -e "install Getopt::Long"
perl -MCPAN -e "CPAN::Shell->force(qw(install Date::Manip));"
perl -MCPAN -e "CPAN::Shell->force(qw(install Mail::IMAPClient));"
perl -MCPAN -e "CPAN::Shell->force(qw(install Term::ReadKey));"
rpm -i --nodeps imapsync-1.350-1.el5.rf.noarch.rpm

Reference: imapsync web site


imapsync – IMAP synchronisation, sync, copy or migration tool. Synchronise mailboxes between two imap servers. Good at IMAP migration. More than 36 different IMAP server softwares supported with success.
To synchronise imap account “foo” on “” to imap account “bar” on “” with foo password “secret1″ and bar password “secret2″:

imapsync --host1 --user1 foo --password1 secret1 --host2 --user2 bar --password2 secret2


imapsync --host1 ip --authmech1 login --user1 --password1 userpassword --host2 localhost --authmech2 login --user2 --authuser2 admin --password2 adminpassword
imapsync --host1 ip --authmech1 login --user1 --password1 userpassword --host2 localhost --authmech2 login --user2 --password2 userpassword

where authmech1 and authmech2 accept the values: login, plain, cram-md5, md5, sasl, …

IP Failover configuration

Guide to configure IP Failover on CentOS server in ovh farm.

nano /etc/sysconfig/network-scripts/ifcfg-eth0:0

Copy and paste this code:


IP.FAIL.OVER is ip number of your IP Failover. Now set new interface and reboot server:

ifup eth0:0

When server restarted ping IP.FAIL.OVER:


If you have more IP Failover, set eth0:1, eth0:2, ..



lftp – Sophisticated file transfer program

lftp [-d] [-e cmd] [-p port] [-u user[,pass]] [site]


lftp -u user,password ip
lftp -f script_file
lftp -c commands
lftp --version
lftp --help

How to migrate objects from Parallels Plesk Panel version 7.5 or 8.6 to Parallels Plesk Panel 9

Plesk Migration Manager (PMM) does not exist in Parallels Plesk Panel Beta, Plesk 9 Release and the first patch 9.0.1.
The feature is under development now and will be available in the next version of Parallels Plesk Panel 9.2.

However it is still possible to migrate objects from Parallels Plesk Panel versions 7.5, 8.6 manually using Plesk Backup Manager.

You may migrate Parallels Plesk Panel as a whole or separate domains and clients. Below are the instructions.

Migrate server

  • Login to a source server with Parallels Plesk Panel 8.6 installed and create a full backup with the pleskbackup utility:

/usr/local/psa/bin/pleskbackup all <backup-file>

The utility is included into the psa-backup-manager package for Plesk 8.6, verify that it is installed.

In Parallels Plesk Panel 7.5 the command line backup utility is /usr/local/psa/bin/psadump that is included into psa-bu package.

If not installed you may install Plesk Backup Manager via Autoinstaller in control panel Server -> Updater

  • Copy the dump to the destination server with Parallels Plesk Panel 9 and convert the backup to version 9 with pre9-backup-convert.

/usr/local/psa/bin/pre9-backup-convert -v convert -d /var/lib/psa/dumps/ <backup-file>

Where /var/lib/psa/dumps/ is Backups directory on the destination server with Parallels Plesk Panel 9.

This will create a number of backup XML files and subdirectories with data under /var/lib/psa/dumps.

  • Login to Parallels Plesk Panel as administrator and change to the server backup repository:

Home -> Backup Manager -> Server Repository

There is a list of backup files in the server repository.

  • Click the backup name to enter the Backup Details page.

  • Select the required restoration options and click Restore to start the restoration process.

Note: you should check the Administrator’s clients option to restore all clients and domains from the backup.

Migrate client

  • Login to the source server and create a backup of clients you want to migrate or full server backup with pleskbackup:

/usr/local/psa/bin/pleskbackup all <backup-file>


/usr/local/psa/bin/pleskbackup clients CLIENT.LOGIN <backup-file>

  • Copy the dump to the destination Parallels Plesk Panel 9 server and convert the backup to version 9 with pre9-backup-convert.

/usr/local/psa/bin/pre9-backup-convert -v convert -d /var/lib/psa/dumps/ <backup-file>

This will create a number of backup XML files and subdirectories with data under /var/lib/psa/dumps.

  • Login to Parallels Plesk Panel as administrator and create a new client with the same login of migrated client.

  • Then access local backup repository of the new client:

Clients -> CLIENT NAME -> Backup Manager

Because the login of newly created client coincides with the login of client from the dump the converted backup should be shown in the repository.

  • Click the backup name to enter the Backup Details page.

  • Select the required restoration options and click Restore to start the restoration process.

Migrate domain

  • Login to the source server and create a backup of the domain you want to migrate or full server backup with pleskbackup:

/usr/local/psa/bin/pleskbackup all <backup-file>


/usr/local/psa/bin/pleskbackup domains DOMAIN.NAME <backup-file>

  • Copy the dump to the destination Parallels Plesk Panel 9 and convert the backup to version 9 with pre9-backup-convert.

/usr/local/psa/bin/pre9-backup-convert -v convert -d /var/lib/psa/dumps/ <backup-file>

This will create a number of backup XML files and subdirectories with data under /var/lib/psa/dumps.

  • Login to Parallels Plesk Panel as administrator and create a new domain name that coincides with name of the migrated domain from backup.

  • Then access the local backup repository of the domain:

Domains -> DOMAIN.NAME -> Backup Manager

Because new domain name coincides with domain from the backup the converted backup should be shown in the repository.

  • Click the backup name to enter the Backup Details page.

  • Select the required restoration options and click Restore to start the restoration process.

Before migrating from Parallels Plesk Panel 8.1, 8.2, 8.3, 8.4 you should upgrade the source Parallels Plesk Panel to the latest version 8.6.

To migrate objects from Parallels Plesk Panel version 7.5 using Plesk Backup Manager you should create a backup on the source server 7.5 with the utility /usr/local/psa/bin/pleskdump, convert it to version 8 with utility backup-convert and then convert to version 9 with pre9-backup-convert.

Refer to the article Is it possible to restore Plesk 7.5 backup on Plesk 8.x system? for details about how to convert backup to version 8.
After that you may restore the backup through Backup Manager in the control panel.

Alternatively you may migrate from 7.5 to 8.6 using Plesk Migration Manager, create a backup via Parallels Plesk Panel 8.6, convert it to 9 with pre9-backup-convert and restore on destination Parallels Plesk Panel 9.


max_connections system variable

The number of connections permitted is controlled by the max_connections system variable. How to modify max_connections value:

/etc/init.d/mysqld stop
mysqld_safe -O max_connections=1000 &
mysqladmin variables -u admin -ppassword | grep max_connections

or into /etc/my.cnf under the [mysqld] section add:

max_connections = 500

or log in mysql as root and execute:

SET GLOBAL max_connections = 500;

and restart MySQL:

/etc/init.d/mysqld start