User Tools

Site Tools


server_administration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
server_administration [2016/05/28 15:00]
sgripon [ddos-deflate]
server_administration [2016/12/28 12:06] (current)
sgripon [logwatch]
Line 118: Line 118:
 ===== nmd ===== ===== nmd =====
  
-No More DDOS (nmd) is a simple script that automatically ban ip when the number of connections exceed what is configured. See [[http://​us.informatiweb-pro.net/​system-admin/​linux/​17--debian-ubuntu-centos-block-ddos-attacks-with-no-more-ddos-formerly-ddos-deflate.html[nmd By Lionel Eppe]].+No More DDOS (nmd) is a simple script that automatically ban ip when the number of connections exceed what is configured. See http://​us.informatiweb-pro.net/​system-admin/​linux/​17--debian-ubuntu-centos-block-ddos-attacks-with-no-more-ddos-formerly-ddos-deflate.html. (By Lionel Eppe)
  
 I modified a little the script in order to use ufw to ban adresses. Also, there is an issue with the installed cron script: I modified a little the script in order to use ufw to ban adresses. Also, there is an issue with the installed cron script:
-  - The name of the cron script must not contain dot+  - The name of the cron script must not contain dot (modify CRON variable in ///​usr/​local/​nmd/​ndm.conf/​agent.conf//​.
   - The second cron command in the file miss the user root   - The second cron command in the file miss the user root
  
 +The good cron script must look like this:
 +
 +<file bash /​etc/​cron.d/​nmd>​
 +* * * * * root /​usr/​local/​nmd/​nmd-agent.sh >> /​var/​log/​nmd-agent.log 2>&1
 +0 0 */7 * 0 root echo  > /​var/​log/​nmd-agent.log 2>&1
 +</​file>​
  
 ==== Use IPTables to limit NEW traffic on port 80 and 443 ==== ==== Use IPTables to limit NEW traffic on port 80 and 443 ====
Line 176: Line 182:
 Logwatch can send you a formatted view of system logs every morning by email. It is usefull to check everyday the health of your server. Logwatch can send you a formatted view of system logs every morning by email. It is usefull to check everyday the health of your server.
  
-FIXME Add details here+First, copy default config file to change settings: 
 + 
 +  sudo cp /​usr/​share/​logwatch/​default.conf/​logwatch.conf /​etc/​logwatch/​conf/​ 
 + 
 +Then, to receive by email the report modify the cron job and add --mailto option : 
 + 
 +<file bash /​etc/​cron.daily/​00logwatch>​ 
 +#​!/​bin/​bash 
 + 
 +#Check if removed-but-not-purged 
 +test -x /​usr/​share/​logwatch/​scripts/​logwatch.pl || exit 0 
 + 
 +#execute 
 +/​usr/​sbin/​logwatch --output mail --mailto my.email@domain.tld 
 + 
 +</​file>​ 
 + 
 +===== Slow server diagnostic =====
  
 +See a very good flow chart to help in slow server cases : http://​blog.scoutapp.com/​articles/​2014/​07/​31/​slow_server_flow_chart
  
 **Share this page:** **Share this page:**
server_administration.1464440401.txt.gz · Last modified: 2016/05/28 15:00 by sgripon