find and remove .htaccess file in linux in subfolders

Featured

May 5, 2022 in Ubuntu

find and remove .htaccess file in linux in subfolders

find . -name .htaccess -exec ls -l {} \;

find / -name .htaccess -exec ls -l {} .;

find . -type f -perm 0444 -name ".htaccess" -exec echo rm {} .;

find . -type f -name '.htaccess ' -delete

find . -name "'.htaccess" -type f -delete

find . -name "*.bak" -type f -delete

April 30, 2022 in Ubuntu

optimize Linux server performance

Compress components with gzip

  • Compression reduces response times by reducing the size of the HTTP response. Gzip is the most popular and effective compression method currently available and generally reduces the response size by about 70%. Approximately 90% of today’s Internet traffic travels through browsers that claim to support gzip.

Use cookie-free domains

  • When the browser requests a static image and sends cookies with the request, the server ignores the cookies. These cookies are unnecessary network traffic. To workaround this problem, make sure that static components are requested with cookie-free requests by creating a subdomain and hosting them there.

Add Expires headers

  • Web pages are becoming increasingly complex with more scripts, style sheets, images, and Flash on them. A first-time visit to a page may require several HTTP requests to load all the components. By using Expires headers these components become cacheable, which avoids unnecessary HTTP requests on subsequent page views. Expires headers are most often associated with images, but they can and should be used on all page components including scripts, style sheets, and Flash.

Make fewer HTTP requests

  • Decreasing the number of components on a page reduces the number of HTTP requests required to render the page, resulting in faster page loads. Some ways to reduce the number of components include: combine files, combine multiple scripts into one script, combine multiple CSS files into one style sheet, and use CSS Sprites and image maps.

Reduce DNS lookups

  • The Domain Name System (DNS) maps hostnames to IP addresses, just like phonebooks map people’s names to their phone numbers. When you type URL www.yahoo.com into the browser, the browser contacts a DNS resolver that returns the server’s IP address. DNS has a cost; typically it takes 20 to 120 milliseconds for it to look up the IP address for a hostname. The browser cannot download anything from the host until the lookup completes.

Avoid HTTP 404 (Not Found) error

  • A favicon is an icon associated with a web page; this icon resides in the favicon.ico file in the server’s root. Since the browser requests this file, it needs to be present; if it is missing, the browser returns a 404 error (see “Avoid HTTP 404 (Not Found) error” above). Since favicon.ico resides in the server’s root, each time the browser requests this file, the cookies for the server’s root are sent. Making the favicon small and reducing the cookie size for the server’s root cookies improves performance for retrieving the favicon. Making favicon.ico cacheable avoids frequent requests for it.

Avoid empty src or href

  • You may expect a browser to do nothing when it encounters an empty image src. However, it is not the case in most browsers. IE makes a request to the directory in which the page is located; Safari, Chrome, Firefox 3 and earlier make a request to the actual page itself. This behavior could possibly corrupt user data, waste server computing cycles generating a page that will never be viewed, and in the worst case, cripple your servers by sending a large amount of unexpected traffic.

Put JavaScript at bottom

  • JavaScript scripts block parallel downloads; that is, when a script is downloading, the browser will not start any other downloads. To help the page load faster, move scripts to the bottom of the page if they are deferrable.

April 26, 2022 in MySql, Ubuntu

sql_mode value change permanently

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

sql_mode=IGNORE_SPACE,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION

Then restarted mysql

sudo service restart mysql

January 25, 2022 in Tips and Tricks, Ubuntu

check last success login attempts ubuntu

grep "session opened" /var/log/auth.log
cat /var/log/auth.log | grep "session opened"

In order to display extra information about the failed SSH logins, issue the command as shown in the below example.

 egrep "session opened|successful" /var/log/auth.log

January 25, 2022 in Tips and Tricks, Ubuntu

check last failed login attempts ubuntu

grep "Failed password" /var/log/auth.log
 cat /var/log/auth.log | grep "Failed password"

In CentOS or RHEL, the failed SSH sessions are recorded in /var/log/secure file. Issue the above command against this log file to identify failed SSH logins.

egrep "Failed|Failure" /var/log/auth.log

A slightly modified version of the above command to display failed SSH logins in CentOS or RHEL is as follows.

# grep "Failed" /var/log/secure
# grep "authentication failure" /var/log/secure

July 24, 2021 in Tips and Tricks, Ubuntu

how to check zombie process in ubuntu

Find the zombie

$ ps aux | grep 'Z'

What you get is Zombies and anything else with a Z in it, so you will also get the grep:

USER       PID     %CPU %MEM  VSZ    RSS TTY      STAT START   TIME COMMAND
usera      13572   0.0  0.0   7628   992 pts/2    S+   19:40   0:00 grep --color=auto Z
usera      93572   0.0  0.0   0      0   ??       Z    19:40   0:00 something

Find the zombie’s parent:

$ pstree -p -s 93572

Will give you:

init(1)---cnid_metad(1311)---cnid_dbd(5145)

kill process ubuntu

sudo kill -9 process_id

$ sudo kill -1 7667
$ sudo kill -9 1317

Kill all processes you can kill.

 $ sudo  kill -9 -1

working your way up to -9

July 24, 2021 in Tips and Tricks, Ubuntu

Apache Web Server start, stop, restart methods

  1. systemctl command – Only works on systemd based Ubuntu like version 16.04 LTS and above.
  2. /etc/init.d/apache2 – A sys v init style script to start / stop / restart the Apache2 service under Debian or Ubuntu Linux.
  3. service command – This command work in most Linux distributions including Debian and Ubuntu.
  4. upstart command – Only works on certain version of Ubuntu.
  5. apache2ctl command – This method should work on all Linux and Unix like operating systems.

Method #1: systemctl command examples

To start Apache 2 on Ubuntu Linux LTS 16.04 LTS or the latest systemd based Ubuntu Linux, type:
$ sudo systemctl start apache2.service
To stop Apache 2 on Ubuntu Linux LTS 16.04 LTS or the latest systemd based Ubuntu Linux, type:
$ sudo systemctl stop apache2.service
To restart Apache 2 on Ubuntu Linux LTS 16.04 LTS or the latest systemd based Ubuntu Linux, type:
$ sudo systemctl restart apache2.service
To status of start/restart/stop operation, enter:
$ journalctl -u apache2
To find out whether Apache 2 running or not, enter:
$ sudo systemctl status apache2.service
Sample session:

Method #2: /etc/init.d/apache2 command examples

You need to login as root user or use the sudo command to control Apache web-server.

Task: Start Apache 2 Server

# /etc/init.d/apache2 start
or
$ sudo /etc/init.d/apache2 start

Task: Restart Apache 2 Server

# /etc/init.d/apache2 restart
or
$ sudo /etc/init.d/apache2 restart

Task: Stop Apache 2 Server

# /etc/init.d/apache2 stop
or
$ sudo /etc/init.d/apache2 stop

Method #3: service command examples

To restart Apache 2, enter:
$ sudo service apache2 restart
To stop Apache 2, enter:
$ sudo service apache2 stop
To start Apache 2, enter:
$ sudo service apache2 start
To gracefully reload Apache 2, enter:
$ sudo service apache2 reload

Method #4: upstart command examples

The following commands only works with certian version of Ubuntu such as Ubuntu Linux LTS 12.04 and 14.04. To start Apache 2 on Ubuntu, run:
$ sudo start apache2
To stop Apache 2 on Ubuntu, run:
$ sudo stop apache2
To restart Apache 2 on Ubuntu, run:
$ sudo restart apache2
To gracefully reload Apache 2 on Ubuntu, run:
$ sudo restart apache2

Method #5: apache2ctl command examples

apache2ctl is Apache HTTP server control interface command, which can be used to stop or start web server under any Linux distribution or UNIX.
To start Apache 2 on Ubuntu, type:
$ sudo apache2ctl start
To stop Apache 2 on Ubuntu, type:
$ sudo apache2ctl stop
To restart Apache 2 on Ubuntu, type:
$ sudo apache2ctl restart
To gracefully reload Apache 2 on Ubuntu, type:
$ sudo apache2ctl graceful

July 24, 2021 in Only Happened In India, Php, Tips and Tricks, Ubuntu

www-data is safe or not

For security.

The files are not world writeable. They are restricted to the owner of the files for writing.

The web server has to be run under a specific user. That user must exist.

If it were run under root, then all the files would have to be accessible by root and the user would need to be root to access the files. With root being the owner, a compromised web server would have access to your entire system. By specifying a specific ID a compromised web server would only have full access to its files and not the entire server.

If you decide to run it under a different user ID, then that user would need to be the effective owner of the files for proper privileges. It could be confusing to have personal ownership of system-wide files to your personal account.

Creating a specific user would make it easier to recognize the files and consistent to recognize which ID to chown to new files and folders added to the site.

The Userid or Name of the owner doesn’t matter. Whatever is chosen or decided upon will have to be configured in the web server configuration files.

By default the configuration of the owner is www-data in the Ubuntu configuration of Apache2. Since that is the default configuration, you conveniently know the ownership needed for your web files. If you change it, you would have to change the files in your site to match.

Important

It’s not a good idea to have write permissions on the entire folder, the most websites (for example: wordpress, joomla and magento) needs write permission on specific folders (image upload, file upload) A better way is to give write permission on folders and do not allow script (PHP, python) execution, always check if the user is uploading the right content, example, if you website allow an user to upload an image as it avatar, check if it is an image and not a fake image with PHP script inside. And the problem to have write permissions on the website root is if someone finds an vulnerability he could use that to write a new index.php file and ‘hack’ your website.

July 24, 2021 in Tips and Tricks, Ubuntu

website enable and disable command in ubuntu

Command for enable website

$ sudo a2ensite

Your choices are: 000-default default-ssl soa-ssl soatechnology
Which site(s) do you want to enable (wildcards ok)?

$  sudo systemctl reload apache2

Command for disable website

$ sudo a2dissite

Your choices are: 000-default default-ssl soa-ssl soatechnology
Which site(s) do you want to enable (wildcards ok)? 

$  sudo systemctl reload apache2

To list all enabled virtual hosts on the web server, run the following command in a terminal.

$ apache2ctl -S