• Use Aide (or tripwire) to check for the integrity of your server.
    Commands are:
    • aide --init:
      Creates the initial database with the checksums for the files specified in /etc/aide/aide.conf.
      After the previous command completes, take a copy of the database and of the config file on your removable device and delete them from the server. This way an attacker won't know what you're monitoring nor will be able to change checksums in the DB if he alters some executables. This command might create a DB in the form of e.g. data.db.new (have a look at the settings in the config file).
    • aide --check:
      Before running this command eventually rename data.db.new into some other name - refer to the config file. This will hashes of the real files against the values stored prevously in the DB.
    • aide --update:
      After checking the report generated by the previous step and eventually having modified the config file to report less garbage, run this command to recreate the "snapshot" of the current system. Again, after that's done copy the DB + config file to your removable media and delete the originals.
  • To clean up the whole Postfix mail queue issue the command...
    postsuper -d ALL deferred
    ...or just...
    postsuper -d ALL
    ...to clean up all queues.
  • Some Apache2-links:
    Directive quick reference
    URL rewriting
    mod_rewrite 2.2
    mod_rewrite 2.0
    Reverse proxy how-to
    Apache 2.2 docs
  • If when installing Joomla you get an error saying...

    PHP mbstring function overload is set. This can be turned off locally by entering php_value mbstring.func_overload 0 in your .htaccess file.

    ...you might have to set that value using "php_admin_value" and not "php_value", and setting it in ".htaccess" won't work anymore for recent versions of Apache (I am using 2.2.15). You will have to add the line...

    php_admin_value mbstring.func_overload 0

    ...to your vhost configuration, in the section "Directory" or "Location".

  • To increase the level of verbosity to /var/log/messages for pop3d, smtp, etc... set the following in /etc/courier/authlib/authdaemonrc:
  • Postfix
    • "postconf -n" shows the values that are set in the configuration file /etc/postfix/main.cf. It reads the file directly, so restart the server after doing the changes even if "postconf -n" already shows the new values.
    • "postconf -d" shows the default values. Any parameter not shown by "postconf -n" uses the value shown by "postconf -d".
    • The configuration can be releaded as well by issuing the command "postfix reload".
  • Test the performance of a web page / site with...
    httperf --hog --server www.mysite.com --uri /your/uri --num-conn 100 --ra 10 --timeout 5
    ...or with...
    siege -l /tmp/siege.log -d 10 -c 100 "http://somewhere/something"
    Generates 100 connections to the site www.mysite.com
  • Apache memory usage:
    • Check with this...
      httperf --hog --server www.blah-blah.ch --num-conn 100 --ra 10 --timeout 5
      ...that apache does not use too much memory compared to what you have.
      It probably does and the system starts swapping.
    • Therefore add the following lines to your httpd.conf before the last lines that load the vhosts...
      ServerLimit 15
      MaxClients 15
      ...and if when you restart apache it complains saying something like...
      WARNING: MaxClients (15) must be at least as large
      as ThreadsPerChild (25). Automatically
      increasing MaxClients to 25.
      ...then set as well that value to 15 in your modules.d/00_mpm.conf
    • Restart Apache and check with this...
      ps -Alfm | grep -i apache | grep -v grep | wc -l
      ...that there should be ~19 lines returned.
  • After having set up a mailserver:
    • Check that the server has a FQDN...
      hostname -f
      ...and that Postfix (/etc/postfix/main.cf) is configured for the variable "myhostname" with nothing (will use "hostname -f" as default) or with that specific value.
    • Check with...
      host myhostname.mydomain.com
      ...that an IP number is returned and that that IP number is resolved to that hostname with...
      host 123.456.789.123
    • Check on http://www.checkor.com that the host does not accept relaying emails for other hosts.