Plesk httpd suexec errors

If Apache is giving suexec errors following a httpd or Plesk upgrade, the Plesk suexec has probably been overwritten.  Copy it back:

cp /usr/local/psa/suexec/psa-suexec /usr/sbin/suexec

Subversion on Plesk

Installing Subversion on Plesk Servers with http authentication
—————————————

yum install subversion mod_dav_svn
service httpd restart
cd /var/www/vhosts/mydomain.com/conf/
vi vhost.conf :

<Location /repos>
DAV svn
SVNPath /var/www/vhosts/mydomain.com/svn/repos
AuthType Basic
AuthName “mydomain.com repository”
AuthUserFile /var/www/vhosts/mydomain.com/svn/htpasswd
Require valid-user
</Location>

cd ..
mkdir svn
cd svn
svnadmin create repos
htpasswd -c htpasswd ftpuser
cd ..
chown -R ftpuser:apache svn/
/usr/local/psa/admin/bin/websrvmng -v -a
service httpd restart

Convert SSL from pem to pfx

Convert an SSL certificate from Apache pem to IIS pfx format.

Copy the private key and certificate parts, from the PEM to their own files. Then:

openssl pkcs12 -export -out ssl.pfx -in ssl.crt -inkey ssl.key

This gave me a .pfx file i could import into IIS.

If it’s an EV SSL, you can add the CACert by -certfile ssl.cacrt

POP3S IMAPS and SMTPS on Plesk

Setup SSL certificates for mail services (pop3s, imaps, smtps) on Plesk / Courier-Imap / Qmail

Either get a certificate from a CA:

openssl genrsa 1024 > host.key
openssl req -new -nodes -key host.key -out host.csr
Put the certificate received into host.crt

or generate your own:

openssl genrsa 1024 > host.key
openssl req -new -x509 -nodes -sha1 -days 365 -key host.key > host.crt
touch host.pem
chmod 600 host.pem

SSH Tunnelling to local ports on Linux

1. firewall – ensure port 22 is open
2. ensure users have ssh access (in plesk by commenting lines in /usr/local/psa/var/root.controls.lock and granting a shell)
3. Ensure the sshd config allows it in /etc/ssh/sshd_config:

AllowTcpForwarding yes
comment out: PermitTunnel no

service sshd restart

Test an email against Spamassassin

To run an email through spamassassin to test how “spamlike” it is, put email+ headers in file:

cat file | spamassassin -t

Mounting Windows shares on Linux

mount -t cifs -o username=user,password=pass,rw //192.168.0.100/mydir /mnt/mydir/

You could make this persistent on boot by putting it in /etc/rc.local for example.

Creating custom Spamassassin rules

example:

body            Job_Scam_Rule  /craftmediadepartment|LOUWILLE ENGINEERING|ABLE TEXTILE DEPARTMENT/
describe        Job_Scam_Rule  “Spam is not allowed”
score           Job_Scam_Rule  2000 2000 2000 2000

or

header LOCAL_ED_SUBJECT      Subject =~ /\bED\b/
score LOCAL_ED_SUBJECT       40

needs to go in the users user_prefs file if allow_user_rules is enabled in local.cf. Otherwise can be done on a serverwide basis in /etc/mail/spamassassin/local.cf or similar

manual:

http://wiki.apache.org/spamassassin/WritingRules

screen on Linux

After installing screen you can have multiple sessions per ssh connection and they can be resumed if the connection is lost.

type screen to start

Now open a new window with “Ctrl-A” “c”

You can create several windows and toggle through them with “Ctrl-A” “n” for the next window or “Ctrl-A” “p” for the previous window

You kill the window with “Ctrl-A” “K” or “exit” will work on some systems.

If you get disconnected you can reattach:

screen -ls
There is a screen on:
24055.pts-3.server-1    (Attached)
1 Socket in /tmp/uscreens/S-myname.

to reattach:

screen -r 24055.pts-3.server-1

Using “Ctrl-A” “H”, creates a running log of the session

Screen can monitor a window for activity or lack thereof. This is great if you are downloading large files, compiling, or watching for output. If you are downloading something or compiling, you can watch for silence. To start the monitor, go to the screen you want to monitor and use “Ctrl-A” “M” to look for activity or “Ctrl-A” “_” to monitor for silence. Then open or switch to a new window. When the monitor detects activity or silence, you will get an alert at the bottom with the window number. To quickly go to that window, use “Ctrl-A” ” (thats a quote mark, ctrl-a then a “). After you do this, just type in the number of the window and enter. To stop monitoring, go to that window and undo the monitor with the same command. For example, to stop monitoring for activity you would use “Ctrl-A” “M” again.

Configuring a samba server

install samba via yum etc.

Create the smb.conf config file in /usr/local/samba/lib/smb.conf

Basic smb.conf sample:

[global]
workgroup = DEVELOPMENT
encrypt passwords = yes

[homes]
guest ok = no
read only = no
browseable = no