OLD Website Hosting Processes

Submitted by code_admin on Wed, 07/25/2018 - 10:14

System processes for maintaining the website

Updating a module

Update Drupal Version

Stuck Cron

  • delete from variable where name like 'cron_sem%';
  • delete from variable where name like 'cron_last%';

System info

Mail reciever group name: mailreciever

Re-Setup process

18-Sep-2014 Set up from 14.04 Ubuntu Server

Utils

sudo apt-get install openssh-server

Change SSH Port

Change /etc/ssh/sshd_config
/etc/init.d/ssh reload
Or

  1. relaod shh

http://techie-buzz.com/foss/change-default-ssh-port-in-linux.html

Change root password

  1. passwd

Setup auth key for login

Use putty gen goes in $HOME/.ssh/authorized_keys

Config IPTABLES

List all rules

  1. iptables -L -nv

Delkete all rules

  1. iptables -F

Set up rules

  1. iptables -F
  2. #accept estblashied conns
  3. iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  4. #accept local host
  5. iptables -A INPUT -i lo -j ACCEPT
  6. #accept services
  7. iptables -A INPUT -p tcp --dport XX -j ACCEPT **Replace XX with SSH port
  8. iptables -A INPUT -p tcp --dport 80 -j ACCEPT
  9. iptables -A INPUT -p tcp --dport 443 -j ACCEPT
  10. #memset pings
  11. iptables -A INPUT -p icmp -s 141.0.32.124 -j ACCEPT
  12. iptables -A INPUT -p icmp -s 141.0.32.125 -j ACCEPT
  13. iptables -A INPUT -p icmp -s 5.153.254.13 -j ACCEPT
  14. iptables -A INPUT -p icmp -s 5.153.255.250 -j ACCEPT
  15. iptables -A INPUT -p icmp -s 5.153.255.251 -j ACCEPT
  16. iptables -A INPUT -p icmp -s 5.153.255.252 -j ACCEPT
  17. iptables -A INPUT -p icmp -s 78.31.107.85 -j ACCEPT
  18. iptables -A INPUT -p icmp -s 89.200.136.31 -j ACCEPT
  19. iptables -A INPUT -p icmp -s 89.200.136.76 -j ACCEPT
  20.  
  21. #memset remote monitoring program
  22. iptables -A INPUT -p tcp --dport 5666 -s  141.0.32.124 -j ACCEPT
  23. iptables -A INPUT -p tcp --dport 5666 -s  141.0.32.125 -j ACCEPT
  24. iptables -A INPUT -p tcp --dport 5666 -s  5.153.254.13 -j ACCEPT
  25. iptables -A INPUT -p tcp --dport 5666 -s  5.153.255.250 -j ACCEPT
  26. iptables -A INPUT -p tcp --dport 5666 -s  5.153.255.251 -j ACCEPT
  27. iptables -A INPUT -p tcp --dport 5666 -s  5.153.255.252 -j ACCEPT
  28. iptables -A INPUT -p tcp --dport 5666 -s  78.31.107.85 -j ACCEPT
  29. iptables -A INPUT -p tcp --dport 5666 -s  89.200.136.31 -j ACCEPT
  30. iptables -A INPUT -p tcp --dport 5666 -s  89.200.136.76 -j ACCEPT
  31.  
  32. #only put the next line in when you are sure the SSH port is right
  33. ###iptables -A INPUT -j DROP

Test these rules then setup a file /etc/iptables.rules
make it a bash script

  1. #!/bin/bash
  2.  
  3. RULES
  4.  
  5.  
  6. exit 0

chmod the file so root can execute it.

  1. chmod 700 iptables.rules

Create a file /etc/init.d/firewall as follows:

  1. #!/bin/bash
  2. if [[ $1 == start ]] ; then
  3.   /etc/iptables.rules
  4. else
  5.   iptables -F
  6. fi

chmod the script so it is executable
Test the script works
/etc/init.d/firewall start
/etc/init.d/firewall stop

Finally set it to start automaticaly on boot

  1. update-rc.d firewall start 20 2 3 4 5 . stop 99 0 1 6 .

Install and setup mysql

  1. apt-get install mysql-server

Note free memory then change mysql config file

Add lines /etc/mysql/my.cnf

  1. #added by RJM
  2. skip-innodb
  3. skip-bdb                ***DIDN'T WORK LAST TIEM

Make sure you add them to the [mysqld] section of the file. The following commands will help check memory use.

  1. top
  2. service mysql stop/start

Apache setup

List enabled modules apache2ctl -l

  1. apt-get install apache2
  2. a2enmod rewrite
  3. a2enmod ssl

Edit /etc/apache2/apache2.conf

  1. SNIPITS
  2. <IfModule mpm_worker_module>
  3.     StartServers          1
  4.     MinSpareThreads       1
  5.     MaxSpareThreads       4
  6.     ThreadLimit          64
  7.     ThreadsPerChild      25
  8.     MaxClients           10
  9.     MaxRequestsPerChild   0
  10. </IfModule>

Get ssl working here

Get initial file in place

upload and untar the last datafile:

  1. tar xvzf $FILETORESTORE

Set up and enable apache sites

  1. /etc/init.d/apache2 stop
  2. cd /var
  3. rm -rf www
  4. mv $HOME/backup/www /var/.
  5. mv $HOME/backup/sub /var/.
  6. chown -R www-data /var/www
  7. chown -R www-data /var/sub
  8. chgrp -R www-data /var/www
  9. chgrp -R www-data /var/sub
  10. cd /etc/apache2/sites-available/
  11. rm *
  12. cp $HOME/backup/config_files/apache2/sites-available/* /etc/apache2/sites-available/.
  13. rm apache2-doc
  14. rm default.dpkg-dist
  15. rm phpmyadmin.conf
  16. a2ensite default
  17. a2ensite code
  18. a2ensite food
  19. a2ensite kieran
  20. a2ensite main_site
  21. a2ensite music
  22. a2ensite mys
  23. a2ensite scouts-orig
  24. a2ensite awards
  25. a2ensite stpeter
  26. /etc/init.d/apache2 start

delete NameVirtualHost *:80 from /etc/apache2/ports.conf

Install PHP

  1. apt-get install php5 libapache2-mod-php5
  2. apt-get install php5-mysql
  3. apt-get install php5-gd
  4. apt-get install php5-cli

Test add host redirect

  1. 77.73.7.95 kieran.metcarob.com

Setup Mysql

  1. mysql -pXXX
  2.  
  3. source /root/backup/databases/code.sql
  4. source /root/backup/databases/food.sql
  5. source /root/backup/databases/kieran.sql
  6. source /root/backup/databases/mys.sql  
  7. source /root/backup/databases/scouts_orig.sql  
  8. source /root/backup/databases/awards.sql   
  9.  
  10. grant ALL on kieran.* TO kieran_ro3p5cs@localhost IDENTIFIED BY 'PASS';
  11. grant ALL on code.* TO code_dge@localhost IDENTIFIED BY 'PASS';
  12. grant ALL on mys.* TO mys_fde@localhost IDENTIFIED BY 'PASS';
  13. grant ALL on food.* TO food_yfn@localhost IDENTIFIED BY 'PASS';
  14. grant ALL on scouts_orig.* TO scouts_orig_fde@localhost IDENTIFIED BY 'PASS';
  15. grant X on scouts_orig TO scouts_orig_roo@localhost IDENTIFIED BY 'PASS';

Setup backup d

  1. mv /$HOME/backup/config_files/bk_up_d $HOME/.

Setup scripts

mv $HOME/backup/config_files/other/backup.sh $HOME/.
mv $HOME/backup/config_files/other/drupal_cron.sh $HOME/.
mv $HOME/backup/config_files/other/restore.sh $HOME/.
mv $HOME/backup/config_files/other/run_backup.sh $HOME/.
mv $HOME/backup/config_files/other/run_scouts.sh $HOME/.
mv $HOME/backup/config_files/other/unstick_cron.sh $HOME/.

Test Sites

stpeter.co.uk
code
mys
scouts-orig

DO CRON

Delete backup directory

Run backup and test it works ok - including the email

download.mylinkedthings.com

Add user for auto-uploading:
sudo adduser dwn_mlt
Use a random password
Blank everything else

  1. sudo mkdir /home/dwn_mlt/.ssh
  2. sudo echo ssh-rsa **REP_WITH_PUB_KEY** robert@yearbook > /home/dwn_mlt/.ssh/authorized_keys
  3. sudo chown dwn_mlt /home/dwn_mlt/.ssh
  4. sudo chgrp dwn_mlt /home/dwn_mlt/.ssh
  5. sudo chown dwn_mlt /home/dwn_mlt/.ssh/*
  6. sudo chgrp dwn_mlt /home/dwn_mlt/.ssh/*
  7. sudo chown dwn_mlt /var/sub/download_mylinkedthings
  8. sudo chgrp dwn_mlt /var/sub/download_mylinkedthings
  9. sudo chown dwn_mlt /var/sub/download_mylinkedthings/*
  10. sudo chgrp dwn_mlt /var/sub/download_mylinkedthings/*

See also Lets Encrypt
See also Maven Repo Site

RJM Article Type
Work Notes