Posts Tagged ‘ubuntu’

ahhh, cronjobs!

Tuesday, May 26th, 2009

One of the features of the new platform that I am working on is the ability to automatically retrieve all new seismic activities before the end-user posts that there has been an activity.  This will make the data transfer appear instantaneous to our clients and make us look all-around awesome.

So I have a script designed to run whenever I need it to automatically get any new activities and save them to the local database waiting for the end-user.  I set it up to run every 15 minutes until I got the multitudes of old data into the new platform.  I’m talking ~170,000 activities, and each activity takes about 45-90 seconds to process.

So below is my simple cronjob command to have it run every 15 minutes 24/7/365.

*/15 * * * * php /var/lib/symfony/cron/runcron.php >> /var/lib/symfony/cron/test_cron_log.log

Till Next Time

Tags: , , , , , ,
Posted in programming | No Comments »

fail2ban(ning) fun!

Tuesday, May 5th, 2009

The hard drive on my development server was failing last week so I had the fun job of getting the data off of it while I was still able to.  The process of getting all my data and installing Ubuntu 8.04.2 LTS on my new hard drive took the better part of two days.  After getting the server back to a solid state from which to build my LAMP stack on, I decided it would be a good idea to follow standard security procedures and install fail2ban to block any unintelligent hackers.  I think any hackers worth their respective salt can get around a basic implementation of fail2ban, but this is just my dev server and I don’t have any sensitive data on it, so I’m not too worried.

Today I was toiling away on my company’s website, updating, fixing, etc…  I was attempting to upload ~7 MB, 1312 files onto the server and my ftp client, filezilla, crashed.  I figured it was a one-time crash, so I reloaded filezilla and tried again, crash again.  I tried one more time just to make sure I was doing everything correctly.  Crash again.  I believe the issue revolved around the number of files I was transferring at once, so I tarballed the files and pulled filezilla back up and….couldn’t log into the server with filezilla.  After a moment of troubleshooting I realized I couldn’t log into the server via filezilla or putty (I sftp through port 22).  I was able to login, with my same username/password through putty AND filezilla through the public ip address though.

After digging through the log files and ifconfig to make sure my server wasn’t dying again I pulled up my iptables.  Yep, I was banned.  Apparently when filezilla was crashing there was some sort of login attempt made to the dev server and each login attempt failed.  So after my three attempts to upload my files, I was banned.  Lesson learned, always have two access methods to any server.  It makes troubleshooting issues much easier.

BTW, for reference the commands for iptables is:

list all banned ip’s

iptables -L -n -v
Chain INPUT (policy ACCEPT 78238 packets, 18M bytes)
 pkts bytes target     prot opt in     out     source               destination
 
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 
Chain OUTPUT (policy ACCEPT 83695 packets, 66M bytes)
 pkts bytes target     prot opt in     out     source               destination
 
Chain fail2ban-ssh (0 references)
 pkts bytes target     prot opt in     out     source               destination
   36  3456 DROP       all  --  *      *       10.0.55.4            0.0.0.0/0
   22  1732 DROP       all  --  *      *       81.208.51.90         0.0.0.0/0
41764 7846K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

list all banned ip’s for a specific program (fail2ban-ssh) with line numbers

iptables -L fail2ban-ssh -n -v --line-numbers
Chain fail2ban-ssh (0 references)
num   pkts bytes target     prot opt in     out     source               destination
1       36  3456 DROP       all  --  *      *       10.0.55.4            0.0.0.0/0
2       22  1732 DROP       all  --  *      *       81.208.51.90         0.0.0.0/0
3    41764 7846K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

remove banned ip from iptables

iptables -D fail2ban-ssh 1[line-number]

Till Next Time

Tags: , , , , , , , , , ,
Posted in programming | No Comments »

the onset of summer and a solution to (one of) my hosting issues

Sunday, March 8th, 2009

With the time change today it officially feels like summer time.  Well, that and the fact that this weeked was the first beautiful weekend of the year, sunny and 75.  Doesn’t get much better than that.  I was lucky enough to hang out with some old friends from my pizza-slinging days Friday and go on a hike to raven cliffs Saturday.

I have been having an issue trying to get my symfony-created projects to work on godaddy’s shared hosting plan and until I can get that working, I have to make the projects accessible from my home server.  The details of my server journey are well-documented and I decided to take my old dell computer and throw ubuntu 8.10 on there and serve them that way.  I popped in my ubuntu disc and started the install process.  Installed no problem, eezy breezy.  After installation I wanted to set up a static IP address on the local network to make it simpler for me to port forward any requests to the server from the net.  There’s a known bug with Intrepid Ibex and static IPs and after a little searching I found a guide to fix the bug.  Apparently I can’t follow directions because I ended up with no Network Manager and no internet.  I tried reinstalling the Network Manager but I couldn’t get it to recognize my working ethernet card ( the integrated NIC on the mobo died a couple years ago).  

So I was getting ready to reinstall Intrepid Ibex until I realized it is prolly better to just use 8.04 LTS Server since I’ve launched a symfony project on it already for work.  Popped that bad boy in and got the server up and running ~30 minutes later.

Now comes the issue with setting up multiple sites on a single server, on a single  IP address, with no domain name.  I’ve searched high and low for a simple way to do redirects with folders and things in the url but it was all just frustrating me.  I decided that the simplest way to set up the multiple projects under my single (comcast) IP was to use port virtual host routing.  I tried this the other day on my Win XP box, but just could not get it to work.  

I pulled up Apache’s virtual hosting examples page and started from scratch.  I knew that the port forwarding was working correctly on my router.  I also knew that the pages themselves were working properly when accessing them locally.  I just kept adding each little piece to the puzzle without putting any extra information in there that might break it.  I finally got it working and it’s beautiful!  I found the biggest issue was using the correct IP address for the ‘NameVirtualHost’ field.  I had been using the public IP address and not the local network IP address.  I also added a ServerName to each record so that Apache won’t complain when I start it up.  Apache will still run fine when you start it up without ServerNames but you get warning messages and I’m too anal to let that keep popping up warnings.  Here’s the, rather simple, code to get it to work:

Listen 80

Listen 8080

NameVirtualHost 192.168.1.50:80

NameVirtualHost 192.168.1.50:8080

<VirtualHost 192.168.1.50:80>

ServerName research

DocumentRoot /var/www/research/web

DirectoryIndex index.php

</VirtualHost>

<VirtualHost 192.168.1.50:8080>

ServerName cnp

DocumentRoot /var/www/cnp/web

DirectoryIndex index.php

</VirtualHost>

So one problem down, two million to go!
Till Next Time

Tags: , , , ,
Posted in programming | No Comments »