Fernando Duran fduran
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # get an email every time a user logs in through ssh | |
| # www.fduran.com | |
| # add in /etc/profile | |
| echo "`whoami` logged in at `date` from `echo $SSH_CLIENT`" | mail -s "`hostname` login" [email protected] & | |
| # note this is not fool-proof. For example the user can run remotely a command thru ssh without logging in |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # better command line history: more commands kept, aggregate, add timestamp | |
| # www.fduran.com | |
| # add in /etc/profile | |
| shopt -s histappend | |
| HISTSIZE=10000 | |
| HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S " | |
| HISTCONTROL=ignoredups | |
| PROMPT_COMMAND="history -a;history -c;history -r;$PROMPT_COMMAND" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ssh without passwords, useful for unattended automatic scp/rsync-over-ssh copies etc | |
| # www.fduran.com | |
| # Create public key without password in origin server: | |
| ssh-keygen -t dsa | |
| # if ssh target port is not 22, add it (ex: -p 2020) in ssh-copy-id after 'ssh': | |
| # nano /usr/bin/ssh-copy-id | |
| # Upload public key to remote target server: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Postfix mail server for sending messages only, not exposed to receive email | |
| # www.fduran.com | |
| mv /etc/postfix/main.cf /etc/postfix/main.cf.orig | |
| echo "inet_interfaces = 127.0.0.1" > /etc/postfix/main.cf | |
| /etc/init.d/postfix restart |
fduran
/ gist:1870492
Created
February 20, 2012 18:24
Apache optimization with Google's mod_pagespeed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # apache optimization with Google's mod_pagespeed | |
| # www.fduran.com | |
| # Page for mod_pagespeed : http://code.google.com/speed/page-speed/docs/using_mod.html | |
| # Download from http://code.google.com/speed/page-speed/download.html : | |
| cd /usr/local/src | |
| wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-beta_current_i386.deb | |
| apt-get -f install | |
| dpkg -i mod-pagespeed-*.deb | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Defending against Spam using Linux Postfix | |
| www.fduran.com | |
| 0) Consider outsourcing mail service | |
| 1) Spamassassin: good in its time, it's past its useful life since there are better options and it's a CPU hog. | |
| 2) Use black list servers, like Spamhaus and Spamcop: | |
| In Posfix configuration file /etc/postfix/main.cf append: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Linux. Act upon an event in a log file | |
| # www.fduran.com | |
| apt-get upgrade; apt-get install inotify-tools | |
| # create file myalert.sh: | |
| # example finding Exception in tomcat log and sending email | |
| #!/bin/bash | |
| while inotifywait -e modify /path/to/file.log; do |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # www.fduran.com | |
| # Number of top 10 current TCP connections per IP | |
| netstat -tan| grep -v 'LISTEN'| awk '{print $5}'| grep -v 'and' |grep -v 'Address' |cut -d':' -f1 |sort -n | uniq -c | sort -rn | head -n10 | |
| # Top 10 IPs in Apache log files | |
| cd /var/log/apache2; for i in ./access.log*; do echo $i; cat $i | awk '{print $1}'| sort -n | uniq -c | sort -rn | head -n10; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # www.fduran.com | |
| # default permissions for web files and directories | |
| cd web_directory | |
| find . -type d -exec chmod 775 {} \; | |
| find . -type f -exec chmod 664 {} \; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # www.fduran.com | |
| # replace in a file (index.php for example) links from relative <a href="/path to absolute <a href="http://example.com/ | |
| sed -i 's/href=\"\//href=\"http:\/\/example.com\//g' index.php |