Curtis Schongalla A+, Network+, Security+, MCSA, & CCNP

4Nov/12

Server Monitoring with Munin & Nagios

I setup Munin to monitor the web server hosting this site recently.  The server has been running 24/7 for almost 3 years now, on relatively inexpensive hardware. so I wanted to start monitoring it, from time to time, to make sure it continues to run smoothly. You can view the web interface at www.schongalla.com/monitoring

I also installed Nagios this weekend on the server, which can monitor the local web server, but can also be used for remote monitoring. I had heard of Nagios before, it is considered by many to be the standard in server monitoring software, but had not had a chance to work with it yet. There are a large number of plugins available which can monitor local and remote servers using snmp, ping, etc. I have only just scratched the surface with it so far, but wanted to install it for  and have a look so I can learn more about it.

Filed under: General, Linux No Comments
17Apr/12

Drupal Upgrade

I recently upgraded the BroadwayBoundMeetup site from Druapl 6 to Drupal 7. It is currently not a very active site, but still generates some traffic for the group. I thought it would be a fun project and found out that it is indeed possible to upgrade from Druapl 6 directly to Drupal 7. Unfortunately, the theme was not compatible, but that gave me a chance to re-design the site slightly and use a new theme. It only took about two hours, which was awesome. Check out the new site www.broadwayboundmeetup.com.

Filed under: Linux No Comments
18Jun/11

Yum Update Notifier

Today I setup this handy script written by Matty at prefetch.net which runs yum check-updates every morning at 5am using the Linux crontab and sends an e-mail out if any updates are available.

It would be particularly useful for managing multiple web servers. Otherwise the administrator would need to ssh into each server regularly to see if there are any available updates. This way the process of checking for updates is automated and you would only need to log in and install updates after receiving the e-mail report that they are available. It may also be possible to modify the script to install all non kernel related updates automatically.

The script is located at http://prefetch.net/code/yumnotifier

Filed under: Linux No Comments
11Apr/11

Postfix Message Size

Here is how to increase your mailbox size in Postfix. Some common e-mail providers allow attachments of up to 25MB, however, the maximum attachment postfix will accept is only 10MB. In order to avoid having some messages blocked with the SMTP error message '552 5.3.4 message size limit exceeded', you can increase the postfix message_size_limit by adding the lines below to your configuration file main.cf in /etc/postfix/. You can set the value to anything you want. I went with 100000000 bytes, which equals 100 megabytes.

message_size_limit = 100000000
mailbox_size_limit = 0 (unlimited)

Filed under: Linux No Comments
13Mar/11

SpamAssassin Auto-Update

Using the guide below I have setup SpamAssassin to check for updated spam filter rules every morning at 3am. This handy script created by Jason Shewchuk runs sa-update and sends an e-mail notification if SpamAssasin was updated, if no updated was available, or if an error occurred.

http://www.howtoforge.com/forums/showthread.php?t=10710

Filed under: Linux No Comments
12Feb/11

ISPConfig 2.2.37 and BIND 9.7

Just finished upgrading to the latest version if ISPConfig, version 2.2.37, which included some updates to ClamAV, SpamAssassin, and PHP. The control panel uses its own standalone versions of PHP and Apache. In the past I would usually just rebuild the server when a new version of ISPConfig was released, but I am hosting more sites now and the thought it might be easier to upgraded rather than trying to migrate every site and database as well as all of the e-mails, web stats, and config files. I think everything is working now. I had to change a few config files which were overwritten in order to setup the backup script and also re-open some ports in the iptables firewall.

I also upgraded BIND from 9.3 to 9.7, it was a bit more complicated than upgrading PHP but I think I got it. I am not currently using this server as an authoritative name server so it is not a big deal, but it was still a good learning experience.

Filed under: Linux, Networking No Comments
6Feb/11

RHEL 5.6 & PHP 5.3

This morning I upgraded the server to RHEL 5.6 which was just recently released. This included a number of updates to various packages, but the main two that were updated were PHP and BIND. The packages for PHP 5.3 and BIND 9.7 are named php53 and bind97 so that users could choose whether or not to upgrade or continue using the old version. In order to upgrade I had to run yum remove php-cli and php-common and then install php53-cli and php53-common and then re-install all PHP 5.3 add-ons. Afterwards I had to rebuilt and re-installed PHP eAccelerator 0.9.6.1.

I am looking to upgraded to BIND 9.7 this coming weekend, but wanted to install them separately in case any issues arose on the production web server. RHEL 6 was also recently released and I will be looking to upgrade the server and migrate all hosted sites over soon, just waiting for ISPConfig to confirm compatibility.

Filed under: Linux, Networking No Comments
21Dec/10

ISPConfig Backups

Today I setup automated backups for all websites connected to the server. I had to do a little tweaking to the backup script to get it working correctly, but now that it is working it will back up the sites in full, including all html and PHP files, SQL data, user data and e-mails every morning at 2:05 AM. Currently all of the backups are saved on the server itself, but I would like to work on writing a script to upload the backups to a remote location on a weekly basis.

Restoring a site from a backup is a little tricky, but now my clients can feel free to make customizations and changes to their sites knowing that if anything goes wrong the previous versions can easily be restored. The server is already configured with a mirrored Raid 1 array so I don't expect to lose any data unless a major disaster occurs that would completely destroy the server. I also perform full server backups with CloneZilla on a weekly basis.

Filed under: Linux No Comments
12Dec/10

Mailhop Outbound

Today I changed my mail server to use a Mailhop outbound server for outgoing e-mails. Previously I was using the verizon SMTP server for sending messages. A lot of SPAM filters like Spamhaus block e-mails from dynamically allocated IP addresses, but an easy workaround is to configure an external mail relay service to send e-mails for the server. I can relay up to 300 e-mails per day for $20 dollars a year, which can also be upgraded to a higher value as the server gets more use.

Filed under: Linux, Networking No Comments
20Nov/10

WordPress, eAccelerator, & MySQL

I found an article on optimizing server configuration for WordPress. One of the suggestions was to enable query cache on MySQL. This allows some of the database queries that are run frequently to be saved in memory so that the query does not need to be re-executed.

The code to add into /etc/my.cn is:
query_cache_type = 1
query_cache_size = 26214400

Then restart MySQL. You can verify it is working by logging into MySQL and running the following query: SHOW STATUS LIKE 'Qcache%';

I also installed a program called eAccelerator which "increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated." View the results below, the MySQL tweaks helped quite a bit, but the major speed increase occurred after eAccelerator was installed. Tests were run with ApacheBench.

Before eAccelerator & SQL Cache
Requests per second:  10.29 (mean)
Time per request:        97.223 [ms]
Transfer rate:             118.86 [Kbytes/sec]
After eAccelerator & SQL Cache
Requests per second:  34.24 (mean)
Time per request:       29.202 [ms]
Transfer rate:             402.86 [Kbytes/sec]
Filed under: Linux No Comments