Tuesday, 29 July 2014

Nagios setup


########################## How to add a server in Nagios? #######################################

1. Make a directory in /usr/local/nagios/etc/objects/ with client's name. We should group all the host.cfg file of the client in this directory.

2.Make the host.cfg file as host_name.cfg where host_name is the hostname of the server

3. Add the following sections to the host_name.cfg 

Note: Add the service definitons according to the requirement

-----------------------------------------------------
###############################################################################
#
# HOST DEFINITION
#
###############################################################################

# Define a host for the local machine

define host{
        use                     linux-server            ; Name of host template to use
                                                        ; This host definition will inherit all variables that are defined
                                                        ; in (or inherited by) the linux-server host template definition.
        host_name               <host_name>
        alias                   <host_name>
        address                 <server_ip>
        contact_groups          nsdesign-admins
        }
###############################################################################

###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
# Define a service to "ping" the local machine
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             PING
        check_command                   check_ping!150.0,20%!500.0,60%
      }


# Define a service to check the disk space of the root partition
# on the local machine.  Warning if < 20% free, critical if
# < 10% free space on partition.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             Partition /
        check_command                   check_nrpe!check_diskslash
        }

# Define a service to check the number of currently running procs
# on the local machine.  Warning if > 250 processes, critical if
# > 400 users.

define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             Total Processes
        check_command                   check_nrpe!check_total_procs!500!750!RSZDT
        }

# Define a service to check the load on the local machine.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             Current Load
        check_command                   check_nrpe!check_load!5.0,4.0,3.0!10.0,6.0,4.0
        }

# Define a service to check SSH on the local machine.
# Disable notifications for this service by default, as not all users may have SSH enabled.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             SSH
        check_command                   check_ssh
        notifications_enabled           0
        }

# Define a service to check HTTP on the local machine.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             HTTP
        check_command                   check_http
        notifications_enabled           0
        }
# Define a service to check FTP on the local machine.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             FTP
        check_command                   check_ftp
        notifications_enabled           0
        }
# Define a service to check POP on the local machine.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             POP
        check_command                   check_pop
        notifications_enabled           0
        }
# Define a service to check SMTP on the local machine.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             SMTP
        check_command                   check_smtp
        notifications_enabled           0
        }
# Define a service to check MySQL on the local machine.
define service{
        use                             local-service         ; Name of service template to use
        host_name                       <host_name>
        service_description             MySQL
        check_command                   check_mysql_nsd
        notifications_enabled           0
        }
-----------------------------------------------------
Where <host_name> is the hostname of the remote server
      <server_ip> is the Ip of the remote server

Note: Enable notification if needed by giving 1 instead of 0 

4. Save the file

5.Add the following line to /usr/local/nagios/etc/nagios.cfg

------------------------------------------------------
cfg_dir=/usr/local/nagios/etc/objects/<directory_name>
------------------------------------------------------

Where directory_name is the name of the directory that we made in Step:1

6.Add the following lines to /usr/local/nagios/etc/objects/contacts.cfg
------------------------------------------------------
############################## <client's name> DATA BEGINS ######################
define contact{
        contact_name                    <client's name>
        alias                           <client's name>
        service_notification_period     24x7
        host_notification_period        24x7
        service_notification_options    c,r
        host_notification_options       d,r
        service_notification_commands   notify-service-by-email
        host_notification_commands      notify-host-by-email
        email                           <Email_address>
        }
define contactgroup{
        contactgroup_name       <client's name>-admins
        alias                   <client's name> Administrators
        members                 <client's name>,shared
        }
############################## <client's name> DATA ENDS ######################


Note: Where <Email_address> is the email addresss to which notification goes

7. Add the following lines in /usr/local/nagios/etc/objects/hostgroups.cfg

################## nsdesign GROUP BEGINS ##############
define hostgroup{
        hostgroup_name  nsdesign ; The name of the hostgroup
        alias           NSDesign Linux Servers ; Long name of the group
        members         server.dnsblock1.com,server.dnsblock2.com,server.dnsblock3.com,server.dnsblock4.com,server.dnsblock5.com,server.nsdesign.net,server.dnsblock6.com,server.dnsblock7.com,server.q4server.co.uk,server.hellodkdo.com,server.dnsblock8.com    ;
        }
################## nsdesign GROUP ENDS ##############



8. Issue the following command for nagios config test

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

9. Restart nagios if there is no error in config test

/etc/init.d/nagios restart

########################## How to add a nagios user to monitor their servers? #######################################

Run the following command,

htpasswd  /usr/local/nagios/etc/htpasswd.users <username>

and give password



########################## How to install NRPE in client server? #######################################

On the remote server
====================

cd /opt/
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz
wget http://www.mycutelife.net/sanju/newtickethelp/nagios_downloads/nrpe-1.9.tar.gz
wget http://www.mycutelife.net/sanju/newtickethelp/nagios_downloads/nrpe
wget http://www.mycutelife.net/sanju/newtickethelp/nagios_downloads/nrpe.cfg
useradd nagios
tar -xvzf nagios-plugins-1.4.15.tar.gz
cd nagios-plugins-1.4.15/
./configure
make
make install
cd /opt/
tar -xvzf nrpe-1.9.tar.gz
cd nrpe-1.9/
./configure
make all
cd /opt/
mkdir /usr/local/nagios/bin
mkdir /usr/local/nagios/etc
cp nrpe-1.9/src/nrpe /usr/local/nagios/bin/
cp nrpe.cfg /usr/local/nagios/etc/
cp nrpe /etc/xinetd.d/
echo "nrpe  5666/tcp" >> /etc/services
chkconfig nrpe on
/sbin/iptables -I INPUT -p tcp -s 0/0 --dport 5666 -j ACCEPT;
service iptables save;
/etc/rc.d/init.d/xinetd restart


Then enter mysql prompt 

mysql
mysql> create database nagios;
Query OK, 1 row affected (0.02 sec)

mysql> grant all privileges on nagios.* to nsduser@nagios-server-ip identified by 'Hnj7bjsv45nkja0L';

mysql> quit
Bye

Next step is to give the nagios server ip to file /etc/xinetd.d/nrpe

vi /etc/xinetd.d/nrpe 
===============================================
# default: on
       # description: NRPE
       service nrpe
       {
               flags           = REUSE
               socket_type     = stream
               wait            = no
               user            = root
               server          = /usr/local/nagios/bin/nrpe
               server_args     = -c /etc/nrpe.conf --inetd
               log_on_failure  += USERID
               disable         = no
               only_from       = <nagios-server-ip>
       }
=================================================

where <nagios-server-ip> is the IP of the Nagios Server

To check mysql in remote server, run the following command in the nagios server.

./check_mysql --hostname=<remote-server-ip>  --port=3306 --username=nsduser --password=Hnj7bjsv45nkja0L

Allow the nagios-server-ip in the iptables and in the csf

The file /usr/local/nagios/etc/nrpe.cfg contains details of the internal commands from where it is loaded and parameters. 


Add Nagios Users


Add users to nagios

1) Create .cfg files for server. in /usr/local/nagios/etc/objects/
2) add user to use nagios interface
 htpasswd /usr/local/nagios/etc/htpasswd.users jikku
 file /usr/local/nagios/etc/htpasswd.users
3) Add contact details in contacts.cfg
4) Add hostgroup entries.






Nagios: internal service monitoring

1) Add plugin in client server in location /usr/local/nagios/libexec and
add command to /usr/local/nagios/etc/nrpe.cfg

egs: 
command[check_eximmailqueue]=/usr/local/nagios/libexec/check_eximmailqueue
-w 1000 -c 2000
command[check_disk1]=/usr/local/nagios/libexec/check_disk -w 20 -c 10 -p
/dev/sda3
command[check_disk2]=/usr/local/nagios/libexec/check_disk -w 20 -c 10 -p
/dev/sdb1

2) add the details to the nagios server in the file
/usr/local/nagios/etc/objects/brett/venus.serversdeployed.com.cfg

egs: 
# Define a service to check the disk space on the local machine.

define service{
        use                             local-service         ; Name of
service template to use
        host_name                       venus.serversdeployed.com
        service_description             /
        check_command                   check_nrpe!check_disk1
        }

define service{
        use                             local-service         ; Name of
service template to use
        host_name                       venus.serversdeployed.com
        service_description             /backup
        check_command                   check_nrpe!check_disk2
        }



To check working of command from client server
root@venus [/usr/local/nagios/libexec]# ./check_users -w 5 -c 10 USERS OK - 1 users currently logged in |users=1;5;10;0 root@venus [/usr/local/nagios/libexec]# ./check_load -w 15,10,5 -c 30,25,20 OK - load average: 0.31, 0.22, 0.14|load1=0.310;15.000;30.000;0; load5=0.220;10.000;25.000;0; load15=0.140;5.000;20.000;0;
To check working of command from nagios server
/usr/local/nagios/libexec/check_nrpe -H 216.240.191.18 -c check_eximmailqueue


Nagios: errors and fixes


Errors obtained on checking mail queue of client server from nagios server

1 ) “must have a tty to run sudo”
Fix:
Comment the line “Defaults    requiretty” in file /etc/sudoers


2)  “sent and no askpass program specified”
Fix:
add following line in /etc/sudoers
nagios ALL= NOPASSWD:/usr/sbin/exim -bpc




Nrpe version


# /usr/local/nagios/bin/nrpe --help
NRPE - Nagios Remote Plugin Executor
Copyright (c) 1999-2003 Ethan Galstad (nagios@nagios.org)
Version: 1.9
Last Modified: 07-22-2003
License: GPL

Tuesday, 20 May 2014

WordPress Preventing Password Protecting a Directory


Password protecting a subdirectory using the cPanel icon (or a .htpasswd file) will be unsuccessful if WordPress is installed in the public_html directory with permalinks enabled.

Edit .htaccess File

  1. Edit the .htaccess file in your WordPress home folder (public_html) and remove the line  of code shown in bold below:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>
    # END WordPress
  2. Replace that line with this new line:

    RewriteRule ./ /index.php [L]

    The final code snippet will look like this:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ./ /index.php [L]
    </IfModule>
    # END WordPress
  3. Save your changes.

Reset Permalinks

  1. From the left-hand navigation menu in WordPress, click Settings > Permalinks. Note the current setting. If you are using a custom structure, copy or save the custom structure somewhere.
  2. Select Default.
  3. Click Save Settings.
  4. Change the settings back to the previous configuration (before you selected Default). Put the custom structure back if you had one.
  5. Click > Save Settings.
This should reset the permalinks and prevent any posts or pages from returning a 404 Page Not Found error. You should now be able to password protect a subdirectory.

Saturday, 17 May 2014

Create SUDO user in cPanel

For security you might want to disable direct SSH login as root.

First of all login as root and create an user

#useradd sshadmin
#passwd sshadmin

Now add this user to wheel group from WHM

WHM -> Security Center -> Manage Wheel Group Users

OR from command line

#usermod -G wheel sshadmin

Now open /etc/ssh/sshd_config and set

PermitRootLogin no

Restart the ssh service

/etc/init.d/sshd restart

Now you can ssh to server as user sshadmin and run the command “su -” to switch to root user.

Now the thing is that “su -” asks for root password. If you don’t want to remember the root password then you can add the user sshadmin to sudo user list. Add below lines to /etc/sudoers

sshadmin    ALL=(ALL)       ALL

Now run the command “sudo su -” and it will directly switch to user root without asking password.

Saturday, 15 March 2014

Script to create a directory with current date and sync the folders

Script to create a directory with current date and sync the folders

#!/bin/bash
# rsync script
mkdir /home/user/backup/`date -I`
rsync -avz --progress /home/user/rsync1/ /home/user/backup/`date -I`

Find & Replace across multiple files in linux


Command to Find & Replace a word with another across multiple files in linux

>>> command to replace "test" with "testing" in multiple files

# find . -name "*.html" -print | xargs sed -i 's/test/testing/g'

Script to delete mail on a specific time period

Script to delete all mails dated 2011 from the mail accounts. email account: user@example.com


=====================
1) touch --date "2011-06-19" /home/example/mail/example.com/user/cur/start  
         >>> creating a file with particular date [from that date onwards] that we want to delete

2) touch --date "2011-12-31"/home/example/mail/example.com/user/cur/end
        >>> file created with a particular date [upto that date] that we want to delete

3) find . -newer /home/example/mail/example.com/user/cur/start -not -newer /home/example/mail/example.com/user/cur/end -exec mv {} --target-directory=/home/example/mov_mail/ ';'
       >>> script will move mails dated from 2011-06-19 to 2011-12-31 to the folder /home/example/mov_mail/

4) deleted the contents in the folder /home/example/mov_mail/

Remove IP from drop list in iptables

List existing chains

Type the following command to list current IPs in tables:
iptables -L -n

To display line number along with other information, enter:
iptables -L INPUT -n --line-numbers

You will get the list of all blocked IP. Look at the number on the left, then use number to delete it. For example delete line number 10 (subner 134.175.0.0/16), enter:
iptables -D INPUT 10

======================================================

Run :
iptables-save| grep xx.xx.xx.xx

to get the exact rule command used to enabled the block. It will be something like:

-A INPUT ! -i lo -s xx.xx.xx.xx -j DROP

Take this command, replace the -A with -D and run it through iptables:

iptables -D INPUT ! -i lo -s xx.xx.xx.xx -j DROP