The following is a list of UNIX commands that you might find helpful when modifying your web sites on the server. Most UNIX commands have many options and parameters which are not listed here. For more complete information on using UNIX commands, you can refer to the online manual by typing man [command] at the UNIX prompt, where “[command]” represents the command you would like more information about. Other UNIX help commands you can type are [command] -? and [command] –help. Example: man ls
This would bring up the help documentation for the “LS” command.

Note: When something is specified in brackets, such as [command] or [filename], it is used to indicate that you must input your desired information here. Do NOT include brackets in your command.

---

Navigating in UNIX

pwd	Shows the full path of the current directory
ls	Lists all the files in the current directory
ls -al	Lists all files and information
ls –alR	Lists all files and information in all subdirectories
ls -alR | more	Same as ls –alR, pausing when screen becomes full
ls -alR > filename.txt	Same as ls –alR, outputs the results to a file
ls *.html	Lists all files ending with .html
cd [directory name]	Changes to a new directory
cd ..	Changes to directory above current one
clear	Clears the screen
vdir	Gives a more detailed listing than the “ls” command
exit	Log off your shell

Moving, Copying and Deleting Files

mv [old filename] [new filename]	Move/rename a file
cp [filename] [new filename]	Copies a file
rm [filename]	Deletes a file
rm *	Deletes all files in current directory
rm *.html	Deletes all files ending in .html

Creating, Moving, Copying and Deleting Directories

mkdir [directory name]	Creates a new directory
ls -d */	Lists all directories within current directory
cp -r [directory] [new directory]	Copies a directory and all files/directories in it

Searching Files and Directories

find . -name [filename] -print	Searches for a file starting with current directory
grep [text] [filename]	Searches for text within a file

File and Directory Permissions

There are three levels of file permissions: read, write and execute.  In addition, there are three groups to which you can assign permissions: file owner, user group and everyone.  The command chmod followed by three numbers is used to change permissions.  The first number is the permission for the owner, the second for the group and the third for everyone.  Here are how the levels of permission translate:

0 = —	No permission
1 = –X	Execute only
2 = -W-	Write only
3 = -WX	Write and execute
4 = R–	Read only
5 = R-X	Read and execute
6 = RW-	Read and write
7 = RWX	Read, write and execute

It is preferred that the group always have permission of 0.  This prevents other users on the server from browsing files via Telnet and FTP.  Here are the most common file permissions used:

chmod 604 [filename]	Minimum permissions for HTML file
chmod 705 [directory name]	Minimum permissions for directories
chmod 755 [filename]	Minimum permissions for scripts & programs
chmod 606 [filename]	Permissions for data files used by scripts
chmod 703 [directory name]	Write-only permissions for public FTP uploading

This is a collection of useful tools and websites which can help you maintain your server, and optimise it for specific scenarios.

Network Tools

iftop does for network usage what top does for CPU usage. It listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts.

www.ex-parrot.com/~pdw/iftop/

MySQL tools

MySQL Performance Tuning Primer Script

Provides useful configuration suggestions for your MySQL server.

www.day32.com/MySQL/

MySQLTuner

MySQLTuner is a high-performance MySQL tuning script written in perl that will provide you with a snapshot of a MySQL server’s health. Based on the statistics gathered, specific recommendations will be provided that will increase a MySQL server’s efficiency and performance. The script gives you automated MySQL tuning that is on the level of what you would receive from a MySQL DBA.

http://rackerhacker.com/mysqltuner/

Mytop

mytop is a console-based (non-gui) tool for monitoring the threads and overall performance of a MySQL server.

jeremy.zawodny.com/mysql/mytop/

DDoS Protection

mod_evasive

mod_evasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack.

www.zdziarski.com/projects/mod_evasive/

(D)DoS-Deflate

(D)DoS-Deflate is one of the best software level solutions to utilise in combating DDoS attacks.

deflate.medialayer.com/

Security tools

RKHunter

Rootkit Hunter (RKH) is an easy-to-use tool which checks computers running UNIX (clones) for the presence of rootkits and other unwanted tools.

rkhunter.sourceforge.net/

chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit.

www.chkrootkit.org/

Ultra High Security Password Generator

Useful for creating secure passwords for accounts.

www.grc.com/passwords.htm

OSSEC

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.

www.ossec.net/

grsecurity

grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL. This requires recompiling the kernel and is not for the faint hearted!

www.grsecurity.net

Nessus

The Nessus vulnerability scanner, is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.

www.nessus.org/nessus/

mod_security

mod_security supplies an array of request filtering and other security features to the Apache HTTP Server.

www.modsecurity.org

CentOS Security mailing list

Recieve security and other major announcements for CentOS straight to your inbox. Highly recommended.

lists.centos.org/mailman/listinfo/centos-announce

Server optimization

mod_deflate

The mod_deflate Apache module provides the DEFLATE output filter that allows output from your server to be compressed before being sent to the client over the network. Useful for saving bandwidth.

httpd.apache.org/docs/2.0/mod/mod_deflate.html

mod_top

mod_top is a production monitoring tool for LAMP applications with user interfaces modeled after the popular unix top. mod_top plans to support PHP, Perl, Ruby, Python, mySQL, Postgres, Apache1+2 on Linux. It is useful for analysing what scripts are causing issues with resource consumption on a server.

http://www.mod-top.org

DNS Tools

IntoDNS

Excellent free DNS scanner that provides a range of useful information about a domain’s DNS settings.

intodns.com/

DNSStuff

Does the same as IntoDNS but gives more detailed information. Subscription based.

www.dnsstuff.com

Getting help

CentOS Forums

The CentOS forums are a great place to ask questions relating to your Linux server.

www.centos.org/modules/newbb/index.php

webhostingtalk Forums

The webhostingtalk forums focus mainly on the web hosting industry, but include useful tutorials and technical forums for asking questions.

www.webhostingtalk.com

cPanel/WHM Official Forums

Ask your cPanel/WHM related questions here to get help from users and the cPanel team.

forums.cpanel.net/

WHM Documentation

The complete WHM manual in an easy to browse format.

www.cpanel.net/docs/whm/

Other

Linux/Unix cheatsheets

This blog post lists a number of useful cheatsheets that you can print off. Cheatsheets are lists of commands and other information that are useful as a quick reference.

www.scottklarr.com/topic/115/linux-unix-cheat-sheets—the-ultimate-collection/

DistroWatch

Useful website for keeping up to date on whats going on in the Linux world.

www.distrowatch.com

Sometimes you will have a database backup that is too big to restore over a web interface. The best way to restore large SQL backups is through SSH, and all it takes is one command. This tutorial will show you how.

First of all, connect to your server via SSH and login as root/elevate yourself to root status. Here is the command we are going to use:

mysql -u user -p password -h host database_name < backupfile.sql

You need to change the bold sections. A brief explanation of each:

• user: The user who has access to the database you are importing data into
• password: Password of the user
• host: The database host. This is usually localhost
• database_name: Name of the database you want to import data into
• backupfile.sql – Name/location of the backup file you want to import.

Here is a proper example:

mysql -u john -p johnspass -h localhost johns_db < /home/john/backups/backup.sql

In this example, we are importing the file backup.sql into the database johns_db, using the user john, and the database host is localhost.

This could take a while depending on the size of the database. Once you are returned to the command line, the import has been completed. It is a good idea to check in phpMyAdmin or a similar tool to make sure that the database imported correctly.

One of the most important tasks a system administrator should undertake is keeping the server up to date. Updates are frequently released for Linux, including security, performance a feature updates.

Luckily, most Linux distributions include an easy to use package manager which allows you to update your server with one command. This tutorial will show you how to update your server over SSH.

Firstly connect to your server via SSH and login as root/elevate yourself to root status. Now run the following command:

yum -y update

This instructs yum, the package manager for CentOS, to search for updates and install them without user confirmation. You can optionally remove the -y switch to make yum prompt you to confirm installation of updates. yum will then download and install all available updates.

Congratulations, you just updated your server! One thing to keep in mind is that kernel updates require a reboot to take effect. An example of what a kernel package looks like:

kernel-2.6.18-53.1.14.el5.x86_64.rpm

To see what your current kernel version is, run the following command:

uname -a

The version number will differ depending on what version is being installed.

Sometimes a MySQL database is simply too large to backup on a web based interface. In the event of this occurring, it is fairly easy to backup a database via SSH; all it takes is one command. This tutorial will show you how.

First of all, login to SSH either as root or elevate yourself to root status.

mysqldump -u user -p password -h host dbname > outputfile

The terms highlighted in bold need to be filled out by you. A brief overview of what they are:

• user: The user that has access to the database you want to backup
• password: The password of that user
• host: Your database host; usually setting this to localhost works fine
• dbname: The name of the database you want to backup
• outputfile: The name of the file you want to backup the database to.

Here is an example:

mysqldump -u john -p johnpass -h localhost john_db > /home/john/backup.sql

This will backup the database john_db to /home/john/backup.sql. Keep in mind for very large files, this will take some time, so be patient. Once it is finished, you will be returned to the command line.