Here is how to get it set up with Cantos 5.3 easily.

I wanted to host for my brother the latest WoW patch, but at a hefty 450 MB, I didn’t want to blow all my bandwidth on it either. I am setting a limit for the download at 2.5 TB of bandwidth, and limiting it to 5mbs at 10 connections a second. My hardware is RHEL 4 running on a P4 with Plesk 8. In the guide to follow, you’ll see a few steps that wouldn’t be needed on a non-plesk system. To setup bandwidth limiting for the host, we need to be able to compile a new apache module against our system, and then install and configure it.

Step 1: The prereqs

First I needed to setup a yum repository for FC4. This can be accomplished by issuing an RPM command:

rpm -ivh http://rpm.livna.org/livna-release-4.rpm

Now that you can access the RPM packages, we need to install http-devel using yum:

yum install httpd-devel

If all went well, we can now extract, compile, and install mod_cband for apache:

cd /tmp
wget http://cband.linux.pl/download/mod-cband-0.9.7.4.tgz
tar xzvf mod-cband-0.9.7.4.tgz
cd mod-cband-0.9.7.4
./configure
make
make install

If all went well, restart apache with the new module (you can check httpd.conf to make sure the module is going to be loaded):

/etc/init.d/httpd restart

Step 2: Configuration

Here’s where the Plesk part gets annoying. We can’t just edit our vhosts file, because plesk writes over it all the time. Instead, we edit a /home/httpd/vhosts/*/subdomains/*/conf/vhost.conf file. Mine looks like this:

CBandScoreboard /var/www/scoreboard
CBandPeriod 4W
CBandDefaultExceededCode 509
CBandLimit 2500G
CBandSpeed 5000 5 10
CBandRemoteSpeed 1600 3 1
<Location /cband-status>
SetHandler cband-status
</Location>
<Location /cband-status-me>
SetHandler cband-status-me
</Location>

What does this mean? (1) Use /var/www/scoreboard to log usage and limits (2) Reset the limit count every 4 weeks (3) Throw a 509 error when the limits are exceeded (4) Allow 2.5TB per period (5) Allow 5mbs with 5 requests a second and 10 connections at a time oeverall (6) Allow 1.6mbs with 3 requests a second and 1 connections at a time per client (7) Allow us to access a page at /cband-status to view the status.

You’ll also need to issue commands to make the scoreboard directory, and to allow apache to own it:

mkdir /var/www/scoreboard
chown apache:apache /var/www/scoreboard

Finally, Plesk requires you to inform it of your work:

/usr/local/psa/admin/sbin/websrvmng -u –vhost-name=yourdomain.com

If you restart Apache now, everything should work!

/etc/init.d/httpd restart

Step 3: An Example

You can take a peek at my status page right now if you’d like. It looks a bit like this:

A quick note, I simply just added:

CBandPeriod 4W
CBandLimit 10000G
CBandSpeed 12000 40 80
CBandRemoteSpeed 6400 12 4

Now this set the limit to about 12 megs (MPS) a second which is a lot, but this customer is paying $250 a month to cover it. Most websites should max at about 5 MPS. I left out the other options because I didn’t need them and it’s less load on the server without them.

The –bwlimit option limit I/O bandwidth. You need to set bandwidth using KBytes per second. For example, limit I/O bandwidth to 10000KB/s (9.7MB/s), enter:

rsync –delete –numeric-ids –relative –delete-excluded –bwlimit=10000 /path/to/source /path/to/dest/?

10 megs a second is plenty of speed and will keep the server running smoothly when your grabbing allot of files off of it.

3306

Here is the ssl key and certificate locations on a cpanel based server:

/usr/share/ssl/private
/usr/share/ssl/certs

If you still need to buy a SSL cert please consider the non-profit SSLCA

csf -f

If you still have a issue try to stop iptables like this:

service iptables stop

passwd

Then enter the new password twice to save it.

To change the root password on a Linux server you have to be logged in as root.

2. cd /root (unless your default login folder is already root)

3. pico .bashrc (or use your favorite editor)

4. Scroll to the end of the file then add the following:
echo ‘ALERT – Root Shell Access (YourserverName) on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” you@yourdomain.com

Replace YourServerName with the handle for your actual server for example dwhs4@dwhs.net
Replace you@yourdomain.com with your actual email address for example support@dwhs.net

5. Crtl + X then Y

Now logout of SSH, close the connection and log back in! You should receive an email address of the root login alert a few minutes afterwards.

Note that it has stricter permissions requirements than the other handlers–files must be 644, directories 755

./skdetect-1.0pre4cvs

To install chrootkit, SSH into server and login as root.

At command prompt type: cd /root/

At command prompt type: wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

At command prompt type: tar xvzf chkrootkit.tar.gz

At command prompt type: cd chkrootkit-0.47

At command prompt type: make sense

To run chkrootkit

At command prompt type: /root/chkrootkit-0.47/chkrootkit

Make sure you run it on a regular basis, perhaps including it in a cron job.