Linux Chamber

MaxClients: The MaxClients directive sets the limit on the number of simultaneous requests that will be served. Any connection attempts over the MaxClients limit will normally be queued, up to a number based on the ListenBacklog directive. Once a child process is freed at the end of a different request, the connection will then be serviced. For non-threaded servers (i.e., prefork), MaxClients translates into the maximum number of child processes that will be launched to serve requests. The default value is 256; to increase it, you must also raise ServerLimit. calculating MaxClients value: #!/bin/bash tome=$(free -m | grep -i mem | awk '{print $2}') htps=$(ps -aylC httpd |grep "httpd" |awk '{print $8'} |sort -n |tail -n 1) mysme=$(ps aux | grep 'mysql' | awk '{print $6}' |sort -n |tail -n 1) rafa=1024 nmysme=$(expr $mysme / $rafa) nhtps=$(expr $htps / $rafa) echo -e "\nTotal Memory = $tome" echo -e "Largest httpd

Difference between Prefork and Worker MPM modules. prefork worker (mpm_winnt This Multi-Processing Module is optimized for Windows NT.) (mpm_netware Multi-Processing Module implementing an exclusively threaded web server optimized for Novell NetWare) Prefork MPM: A prefork mpm handles requests just like apche 1.3. As the name suggests this will pre fork necessary child process while starting apache. It is suitable for websites which avoids threading for compatibility for non-thread-safe libraries . It is also known as the best mpm for isolating each request. Working: A single control process is responsible for launching child processes which listen for connections and serve them when they arrive. Apache always tries to maintain several spare or idle server processes, which stand ready to serve incoming requests. In this way, clients do not need to wait for a new child processes to be forked before their requests can be served. We can adjust this spare process through the

Mount tmpfs to a folder: # mkdir /var/ramfs # mount -t ramfs -o size=1G ramfs /var/ramfs/ Here we mounted ramfs to /var/ramfs. I am using ramfs in oppose to tmpfs mainly because:     ramfs grows dynamically(tmpfs doens’t)     ramfs doesn’t use swap(while tmpfs does) RAM-backed file system is mounted, so now I need to populate it with MySQL files for processing. To do that I will need to stop mysql, copy it’s database files over to ramfs, adjust AppArmor and MySQL settings and start mysql server again. Here is the chain of commands to do that: Copying files: # /etc/init.d/mysql stop # cp -R /var/lib/mysql /var/ramfs/ # chown -R mysql:mysql /var/ramfs/mysql Tweaking MySQL config: # cp /etc/mysql/my.cnf /etc/mysql/original-my.cnf # vi /etc/mysql/my.cnf Find line with ‘datadir‘ definition(it will look something like datadir = /var/lib/mysql) and change it to datadir = /var/ramfs/mysql Looks like we’re done with settings, let’s see if it will work: # /etc/init.d/my

Possible SYN flooding on port 80. Sending cookies: If frequently faced an outage of web services. On investigating, I found that it had something creeping up in it's logs. Something which read -     kernel: possible SYN flooding on port 80. Sending cookies. It looked like a Denial of service attack. It was evident that I needed to beef up security! Avoiding a DDOS attack on a web server: iptables comes with a module (limit) using which a DDOS attack can be tackled. Depending on the type of web service running on the server, I decided a limit of 15 HTTP syn packets per second would be enough. First, We had a look at the existing rules     # iptables -L -v This shows you the rules and the default policy that are set in the existing chains - INPUT, FORWARD and OUTPUT. Then we followed these quick steps - 1. Create a new chain and name it, say, DDOS_SYNFLOOD,     # iptables -N DDOS_SYNFLOOD 2. Add a limit to no.of packets 15 per second with a max burst of abo

  Recalling command history: !! - Last command and all arguments !-3 - Third-to-last command and all arguments !^ - First argument of last command !:3 - Third argument of last command !$ - Last argument of last command !* - All arguments of the last command !30 - Expands to the 30th command in history !find - Last command beginning with 'find' !?find - Last command containing 'find' ^name^type - Last command with first instance of 'name' replaced with 'type !:gs/name/type - Last command with all instances of 'name' replaced with 'type' <command>:p - Don't execute and print command. Command to trim the Whitespace: echo -e "Here is the command to trim \n \n White space" | /usr/bin/tr -d '[:space:]'