Linux technical support, Technical Blogs, Cheap dedicated server support, Cheap linux dedicated server support, Cheap windows dedicated server, Dedicated server support, Data center Operation, System Administration, Bash and perl scripts for server maintainance

Excellent blog to use php.ini settings. First of all check where is your php.ini file is located.

php -i |grep php.ini

Check all parameters value greping that value, like

php -i |grep Parameter_here

Php.ini setting

1 > allow_call_time_pass_reference Boolean

Whether to enable the ability to force arguments to be passed by reference at function call time. This method is deprecated and is likely to be unsupported in future versions of PHP/Zend. The encouraged method of specifying which arguments should be passed by reference is in the function declaration. You’re encouraged to try and turn this option Off and make sure your scripts work properly with it in order to ensure they will work with future versions of the language (you will receive a warning each time you use this feature, and the argument will be passed by value instead of by reference).

Passing arguments by reference at function call time was deprecated for code cleanliness reason. Function can modify its argument in undocumented way if it didn’t declare that the argument is passed by reference. To prevent side effects it’s better to specify which arguments are passed by reference in function declaration only.

====================================================

2 > allow_url_fopen

This option enables the URL-aware fopen wrappers that enable accessing URL object like files. Default wrappers are provided for the access of remote files using the ftp or http protocol, some extensions like zlib may register additional wrappers.

This setting can only be set in php.ini due to security reasons.

This option was introduced immediately after the release of version 4.0.3. For versions up to and including 4.0.3 you can only disable this feature at compile time by using the configuration switch –disable-url-fopen-wrapper.

====================================================

3 > always_populate_raw_post_data Boolean

Always populate the $HTTP_RAW_POST_DATA variable.

4 > arg_separator.input

List of separator(s) used by PHP to parse input URLs into variables

5 > arg_separator.output

The separator used in PHP generated URLs to separate arguments

6 > asp_tags

Enables the use of ASP-like <% %> tags in addition to the usual <?php ?> tags. This includes the variable-value printing shorthand of <%= $value %>.

7 > auto_globals_jit Boolean

When enabled, the SERVER and ENV variables are created when they’re first used (Just In Time) instead of when the script starts. If these variables are not used within a script, having this directive on will result in a performance gain

The PHP directives register_globals, register_long_arrays, and register_argc_argv must be disabled for this directive to have any affect.

8 > display_error and display_startup_errors

These two settings control whether PHP should display errors in the browser or be silent. It is recommended that you turn these two settings Off during production so that you don’t accidentally display sensitive information about your Web site. This is especially true for dynamic Web sites that send usernames and password to access a database. In your php.ini file, this configuration will look like:

display_errors = off

display_startup_errors = off

9 > log_erros and error_log

There two settings control how PHP logs errors for later review. It is helpful to use these two settings if you have turned Off display_errors and display_startup_errors. In your php.ini file, this configuration will look like

Log_errors = On

Error_log = /hwxx/daxx/uwnetid/phperrors.log

Replace /hwxx/daxx/uwnetid/ with the path to your Web directory. Make sure that you have a file called phperrors.log in the root of your Web directory (typically public_html) and make sure it is read and writable by you

10 > session.save_path

This setting controls the location of server-side session cookies when your script uses PHP’s session management functions. The server default php.ini file has this variable set to /use/a/folder/in/your/web/root, disabling the user of sessions. In order to use PHP sessions, you will need to create a temp folder in your web directory and change this option to point to it:

There are a number of reasons for requiring this configuration:

(1) To make sure that another user doesn’t tamper with these cookies. (2)To keep the /tmp folder from filling up, causing other programs to fail. (3) Due to the clustered nature of the UW webservers, session info should be stored in a place that is available on all machines in the cluster

session.save_path = /hwxx/daxx/uwnetid/tmp

Replace /hwxx/daxx/uwnetid/ with the path to your Web directory. Again, make sure that you have a directory called tmp in the root of your Web directory (typically public_html) and make sure it is read and writable by you only

11 > upload_temp_dir

This setting controls the temporary location of files uploaded with an HTML form. If you don’t specify a path for this setting, uploaded files will be temporarily stored in a world-readable location on the server. To protect ease of manipulation and the confidentiality of such files, you should create a directory in your account and specify the new path in your php.ini file

upload_tmp_dir = /hwxx/daxx/uwnetid/tmp

Replace /hwxx/daxx/uwnetid/ with the path to your Web directory. Make sure that you have a directory called tmp in the root of your Web directory (typically public_html) and make sure it is read and writable by you only.

13 > enable_dl

This directive is really only useful in the Apache module version of PHP. You can turn dynamic loading of PHP extensions with dl() on and off per virtual server or per directory.

The main reason for turning dynamic loading off is security. With dynamic loading, it’s possible to ignore all open_basedir restrictions. The default is to allow dynamic loading, except when using safe mode. In safe mode, it’s always impossible to use dl().

14 > extension_dir string

In what directory PHP should look for dynamically loadable extensions

15 > file_uploads

Whether or not to allow HTTP file uploads. See also the upload_max_filesize, upload_tmp_dir, and post_max_size directives

16 > gpc_order

Set the order of GET/POST/COOKIE variable parsing. The default setting of this directive is “GPC”. Setting this to “GP”, for example, will cause PHP to completely ignore cookies and to overwrite any GET method variables with POST-method variables of the same name

This option is not available in PHP 4. Use variables_order instead

17 > include_path

Specifies a list of directories where the require(), include() and fopen_with_path() functions look for files. The format is like the system’s PATH environment variable: a list of directories separated with a colon in Unix or semicolon in Windows

Unix include_path

include_path=”.:/php/includes”

Window include_path

include_path=”.;c:\php\includes”

Using a . in the include path allows for relative includes as it means the current directory

18 > magic_quotes_gpc

Sets the magic_quotes state for GPC (Get/Post/Cookie) operations. When magic_quotes are on, all ‘ (single-quote), ” (double quote), \ (backslash) and NUL’s are escaped with a backslash automatically.

19 > magic_quotes_runtime

If magic_quotes_runtime is enabled, most functions that return data from any sort of external source including databases and text files will have quotes escaped with a backslash. If magic_quotes_sybase is also on, a single-quote is escaped with a single-quote instead of a backslash.

20 > magic_quotes_sybase

If the magic_quotes_sybase directive is also ON it will completely override magic_quotes_gpc. Having both directives enabled means only single quotes are escaped as ”. Double quotes, backslashes and NUL’s will remain untouched and unescaped

21 > max_execution_time

This sets the maximum time in seconds a script is allowed to run before it is terminated by the parser. This helps prevent poorly written scripts from tying up the server. The default setting is 30.

The maximum execution time is not affected by system calls, stream operations etc. Please see the set_time_limit() function for more details.

You can not change this setting with ini_set() when running in safe mode. The only workaround is to turn off safe mode or by changing the time limit in the php.ini.

Your webserver can have other timeouts. E.g. Apache has Timeout directive, IIS has CGI timeout function, both default to 300 seconds. See the webserver documentation for meaning of it.

22 > max_input_time

This sets the maximum time in seconds a script is allowed to receive input data, like POST, GET and file uploads

23 > open_basedir

Limit the files that can be opened by PHP to the specified directory-tree, including the file itself. This directive is NOT affected by whether Safe Mode is turned On or Off.

When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it’s not possible to avoid this restriction with a symlink.

The special value . indicates that the working directory of the script will be used as the base-directory. This is, however, a little dangerous as the working directory of the script can easily be changed with chdir().

In httpd.conf, open_basedir can be turned off (e.g. for some virtual hosts) the same way as any other configuration directive with “php_admin_value open_basedir none”.

Under Windows, separate the directories with a semicolon. On all other systems, separate the directories with a colon. As an Apache module, open_basedir paths from parent directories are now automatically inherited.

The restriction specified with open_basedir is actually a prefix, not a directory name. This means that “open_basedir = /dir/incl” also allows access to “/dir/include” and “/dir/incls” if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: “open_basedir = /dir/incl/”

Note: Support for multiple directories was added in 3.0.7.

The default is to allow all files to be opened.

24 > output_buffering

Normally, session, cookie or HTTP header data in a PHP script must be sent before any output is generated by the script. If this is not possible in your application, you can enable what PHP calls output buffering, with the output_buffering variable.

With output buffering on, PHP stores the output of your script in a special memory buffer and sends it only when explicitly told to do so. This allows you to send special HTTP headers and cookie data even in the middle or at the end of your script; however, it can degrade performance marginally.

output_buffering = Off

You can also pass the output_buffering variable a number indicating the size of the buffer, for example:

output_buffering = 2048

25 > output_handler

You can redirect all of the output of your scripts to a function. For example, if you set output_handler to mb_output_handler(), character encoding will be transparently converted to the specified encoding. Setting any output handler automatically turns on output buffering.

Note: You cannot use both mb_output_handler() with ob_iconv_handler() and you cannot use both ob_gzhandler() and zlib.output_compression.

Note: Only built-in functions can be used with this directive. For user defined functions, use ob_start().

26 > post_max_size

Also related to form submission is the post_max_size variable, which controls the maximum amount of data that PHP will accept in a single form submission with the POST method. It’s unlikely you’ll ever need to increase this from the default value of 8 MB; instead, you should probably reduce it to a more realistic figure. However, if you’re planning on using the file upload features of PHP, keep this value greater than the value of upload_max_filesize.

post_max_size = 8M

27 > precision

The number of significant digits displayed in floating point numbers.

28 > register_argc_argv

Tells PHP whether to declare the argv & argc variables (that would contain the GET information).

29 > register_globals

New to PHP 4.1.0, the register_globals setting controls how you access form, server, and environment variables. By default this variable is set to Off, requiring you to use special arrays to access these variables. Those familiar with older versions of PHP will be used to an environment in which the register_globals variable is effectively On; with this setting, you can access form, server and environment variables simply by name

Note: This change occurred in PHP 4.1.0 because when register_globals is set to On, PHP scripts are more vulnerable to attacks. Some older PHP applications will require this setting to be on, but it is safer to write new scripts with the assumption that register_globals will be set to Off

To retrieve the value of <input name=”formVariable”> from a form submitted with the POST method, use the following syntax

PHP code when register_globals = On

$myNewVariable = $formVariable

PHP code when register_globals = Off

$myNewVariable = $_POST[’formVariable’];

30 > report_memleaks

report_memleaks is one of the few directives in the php.ini file that I’ve never had reason to change. Setting this to “Off” will prevent memory leak errors being displayed. However, memory leaks are only displayed when you compile PHP with “–enable-debug” (which allows you to perform some advanced tasks (eg backtraces). This would never affect a production environment, and rarely a development one.
Values: On (default), Off

31 > safe_mode

The PHP safe mode is an attempt to solve the shared-server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren’t very realistic, many people, especially ISP’s, use safe mode for now

Whether to enable PHP’s safe mode. Read the Security chapter for more information.

32 > safe_mode_exec_dir

If PHP is used in safe mode, system() and the other functions executing system programs refuse to start programs that are not in this directory. You have to use / as directory separator on all environments including Windows.

One Safe Mode trouble maker is safe_mode_exec_dir. By default safe_mode_exec_dir is empty, so external programs like `convert’ cannot be started.

In my testing, on one (Debian) server I was able to use Image Magick’s `convert’ command (but not for converting gallery images) by using the following steps:

Create a link to `convert’ in /usr/local/bin/ with

  ln -s /usr/bin/convert /usr/local/bin/

Enable starting programs in that directory with a line in php.ini

  safe_mode_exec_dir = "/usr/local/bin"

Restart the web server.
Make Qdig aware of the new location with

  $convert_cmd = '/usr/bin/convert';@@

This also works:

Enable starting /usr/bin programs in php.ini with

  safe_mode_exec_dir = "/usr/local/bin"

Restart the web server.

so does this:

Create a directory for PHP-safe binaries

  mkdir /usr/local/php_safe_bin

Create a link to `convert’ in /usr/local/bin/ with

  ln -s /usr/bin/convert /usr/local/php_safe_bin/

Enable starting programs in that directory with a line in php.ini

  safe_mode_exec_dir = "/usr/local/php_safe_bin"

Restart the web server.
Make Qdig aware of the new location with

  $convert_cmd = '/usr/php_safe_bin/convert';@@

The reason for creating a link rather than copying the file is because otherwise system updates will not replace the copy you are using.

For review, the three pertinent settings in php.ini are

  safe_mode = On

  safe_mode_gid = On

  safe_mode_exec_dir = "/path/to/convert/executable"

where only the top two lines are necessary if you are using GD to convert images.

33 > safe_mode_gid

By default, Safe Mode does a UID compare check when opening files. If you want to relax this to a GID compare, then turn on safe_mode_gid. Whether to use UID (FALSE) or GID (TRUE) checking upon file access

To avoid the server-can’t-access-files-it-has-written error, the server administrator can enable PHP’s safe_mode_gid by adding this line

  safe_mode_gid = On

to the the server’s PHP configuration file (php.ini) and restarting the web server daemon.

Your web hosting provider should be willing to enable safe_mode_gid (manual page) for you because the security benefit probably exceeds the security risk. This is because

· files written in ordinary (non-SetGID) directories still will be blocked, and

· leaving it disabled encourages users to use world-writable directories and files.

Enabling safe_mod_gid, combined with using (temporarily) “2777″ (versus “777″) permissions for the qdig-files/ directory during setup, will cause your Qdig installation to Just Work as long PHP’s GD extension is loaded and available for image conversion

34 > safe_mode_include_dir

UID/GID checks are bypassed when including files from this directory and its subdirectories (directory must also be in include_path or full path must including).

As of PHP 4.2.0, this directive can take a colon (semi-colon on Windows) separated path in a fashion similar to the include_path directive, rather than just a single directory.

The restriction specified is actually a prefix, not a directory name. This means that “safe_mode_include_dir = /dir/incl” also allows access to “/dir/include” and “/dir/incls” if they exist. When you want to restrict access to only the specified directory, end with a slash. For example: “safe_mode_include_dir = /dir/incl/”

If the value of this directive is empty, no files with different UID/GID can be included in PHP 4.2.3 and as of PHP 4.3.3. In earlier versions, all files could be included.

35 > sendmail_from

In either case, you’ll want to set the sendmail_from option to your email address, or whichever address you’d like to appear as the default ‘from’ address for emails sent from PHP scripts.

Here’s how the section might look on a typical Windows server, or on a Linux server without sendmail:

[mail function]
; Setup for Windows systems
SMTP = smtp.my.isp.net
sendmail_from = me@myserver.com

And here’s how it might look on a Linux server with sendmail:

[mail function]
; Setup for Linux systems
sendmail_path = /usr/sbin/sendmail -t
sendmail_from = me@myserver.com

36 > sendmail_path

If you’re going to use PHP’s mail() function, there are three variables you may need to set. The SMTP and sendmail_from variables (on Windows) or the sendmail_path variable (on UNIX) are used when sending e-mail messages through PHP’s mail() function. On Windows, these variables set the SMTP server to be used and the From: address to display in e-mail messages; on UNIX, the sendmail_path variable sets the path of the MTA (mail transfer agent) for mail delivery:

                        SMTP = myserver.localnet.com

   sendmail_from = me@localhost.com

                        sendmail_path = /usr/sbin/sendmail

37 > short_open_tag

Tells whether the short form (<? ?>) of PHP’s open tag should be allowed. If you want to use PHP in combination with XML, you can disable this option in order to use <?xml ?> inline. Otherwise, you can print it with PHP, for example: <?php echo ‘<?xml version=”1.0″‘; ?>. Also if disabled, you must use the long form of the PHP open tag (<?php ?>).

Note: This directive also affects the shorthand <?=, which is identical to <? echo. Use of this shortcut requires short_open_tag to be on.

38 > SMTP

If you’re going to use PHP’s mail() function, there are three variables you may need to set. The SMTP and sendmail_from variables (on Windows) or the sendmail_path variable (on UNIX) are used when sending e-mail messages through PHP’s mail() function. On Windows, these variables set the SMTP server to be used and the From: address to display in e-mail messages; on UNIX, the sendmail_path variable sets the path of the MTA (mail transfer agent) for mail delivery:

SMTP = myserver.localnet.com

39 > smtp_port

Used under Windows only: Number of the port to connect to the server specified with the SMTP setting when sending mail with mail(); defaults to 25. Only available since PHP 4.3.0.

40 > track_errors

If enabled, the last error message will always be present in the global variable $php_errormsg

In addition, if you set the php.ini setting track_errors = On, the last error message encountered will be stored in $php_errormsg. This is true regardless of whether you have used the @ syntax for error suppression

41 > unserialize_callback_func

The unserialize_callback_func directive is one of the more advanced settings in the php.ini file, and the chances are very good that if you change this before you are familiar with serialization, you will cause massive problems on your own server. I’d leave this well alone!

42 > upload_max_filesize

The maximum size of an uploaded file. When an integer is used, the value is measured in bytes. You may also use shorthand notation as described in this FAQ.

43 > upload_tmp_dir

This setting controls the temporary location of files uploaded with an HTML form. If you don’t specify a path for this setting, uploaded files will be temporarily stored in a world-readable location on the server. To protect ease of manipulation and the confidentiality of such files, you should create a directory in your account and specify the new path in your php.ini file:

upload_tmp_dir = /hwxx/daxx/uwnetid/tmp

Replace /hwxx/daxx/uwnetid/ with the path to your Web directory. Make sure that you have a directory called tmp in the root of your Web directory (typically public_html) and make sure it is read and writable by you only.

44 > user_dir

The base name of the directory used on a user’s home directory for PHP files, for example public_html.

45 > variables_order

Set the order of the EGPCS (Environment, GET, POST, Cookie, Server) variable parsing. The default setting of this directive is “EGPCS”. Setting this to “GP”, for example, will cause PHP to completely ignore environment variables, cookies and server variables, and to overwrite any GET method variables with POST-method variables of the same name

46 > y2k_compliance

The y2k_compliance directive instructs PHP to use 4-digit years. This setting can apparently cause problems with some browsers (Navigator 3, and possibly others - any that can’t understand 4-digit years) when set to On. However, not having it On will possibly cause problems with modern browsers, which can have problems with 2-digit years. I leave this on.

Values: On (default), Off

47 > zend.ze1_compatibility_mode

Enable compatibility mode with Zend Engine 1 (PHP 4). It affects the cloning, casting, and comparing of objects

SESSION

48 > Session Support

Session support in PHP consists of a way to preserve certain data across subsequent accesses. This enables you to build more customized applications and increase the appeal of your web site.

A visitor accessing your web site is assigned an unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL.

The session support allows you to register arbitrary numbers of variables to be preserved across requests. When a visitor accesses your site, PHP will check automatically (if session.auto_start is set to 1) or on your request (explicitly through session_start() or implicitly through session_register()) whether a specific session id has been sent with the request. If this is the case, the prior saved environment is recreated.

49 > session.name string

session.name specifies the name of the session which is used as cookie name. It should only contain alphanumeric characters. Defaults to PHPSESSID. See also session_name().

50 > session.auto_start boolean

session.auto_start specifies whether the session module starts a session automatically on request startup. Defaults to 0 (disabled).

51 > session.serialize_handler string

session.serialize_handler defines the name of the handler which is used to serialize/deserialize data. Currently, a PHP internal format (name php) and WDDX is supported (name wddx). WDDX is only available, if PHP is compiled with WDDX support. Defaults to php.

52 > session.gc_probability integer

session.gc_probability in conjunction with session.gc_divisor is used to manage probability that the gc (garbage collection) routine is started. Defaults to 1. See session.gc_divisor for details.

53 > session.gc_divisor integer

session.gc_divisor coupled with session.gc_probability defines the probability that the gc (garbage collection) process is started on every session initialization. The probability is calculated by using gc_probability/gc_divisor, e.g. 1/100 means there is a 1% chance that the GC process starts on each request. session.gc_divisor defaults to 100.

54 > session.gc_maxlifetime integer

session.gc_maxlifetime specifies the number of seconds after which data will be seen as ‘garbage’ and cleaned up.

Note: If you are using the default file-based session handler, your filesystem must keep track of access times (atime). Windows FAT does not so you will have to come up with another way to handle garbage collecting your session if you are stuck with a FAT filesystem or any other fs where atime tracking is not available. Since PHP 4.2.3 it has used mtime (modified date) instead of atime. So, you won’t have problems with filesystems where atime tracking is not available.

55 > session.referer_check string

session.referer_check contains the substring you want to check each HTTP Referer for. If the Referer was sent by the client and the substring was not found, the embedded session id will be marked as invalid. Defaults to the empty string.

56 > session.entropy_file string

session.entropy_file gives a path to an external resource (file) which will be used as an additional entropy source in the session id creation process. Examples are /dev/random or /dev/urandom which are available on many Unix systems.

57 > session.entropy_length integer

session.entropy_length specifies the number of bytes which will be read from the file specified above. Defaults to 0 (disabled).

58 > session.use_cookies boolean

session.use_cookies specifies whether the module will use cookies to store the session id on the client side. Defaults to 1 (enabled).

59 > session.use_only_cookies boolean

session.use_only_cookies specifies whether the module will only use cookies to store the session id on the client side. Defaults to 0 (disabled, for backward compatibility). Enabling this setting prevents attacks involved passing session ids in URLs. This setting was added in PHP 4.3.0.

60 > session.cookie_lifetime integer

session.cookie_lifetime specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means “until the browser is closed.” Defaults to 0. See also session_get_cookie_params() and session_set_cookie_params().

61 > session.cookie_path string

session.cookie_path specifies path to set in session_cookie. Defaults to /. See also session_get_cookie_params() and session_set_cookie_params().

62 > session.cookie_domain string

session.cookie_domain specifies the domain to set in session_cookie. Default is none at all. See also session_get_cookie_params() and session_set_cookie_params().

63 > session.cookie_secure boolean

session.cookie_secure specifies whether cookies should only be sent over secure connections. Defaults to off. This setting was added in PHP 4.0.4. See also session_get_cookie_params() and session_set_cookie_params().

64 > session.cache_limiter string

session.cache_limiter specifies cache control method to use for session pages (none/nocache/private/private_no_expire/public). Defaults to nocache. See also session_cache_limiter().

65 > session.cache_expire integer

session.cache_expire specifies time-to-live for cached session pages in minutes, this has no effect for nocache limiter. Defaults to 180. See also session_cache_expire().

66 > session.use_trans_sid boolean

session.use_trans_sid whether transparent sid support is enabled or not. Defaults to 0 (disabled).

Note: For PHP 4.1.2 or less, it is enabled by compiling with –enable-trans-sid. From PHP 4.2.0, trans-sid feature is always compiled.

URL based session management has additional security risks compared to cookie based session management. Users may send a URL that contains an active session ID to their friends by email or users may save a URL that contains a session ID to their bookmarks and access your site with the same session ID always, for example.

67 > session.bug_compat_42 boolean

PHP versions 4.2.3 and lower have an undocumented feature/bug that allows you to initialize a session variable in the global scope, albeit register_globals is disabled. PHP 4.3.0 and later will warn you, if this feature is used, and if session.bug_compat_warn is also enabled. This feature/bug can be disabled by disabling this directive.

68 > session.bug_compat_warn boolean

PHP versions 4.2.3 and lower have an undocumented feature/bug that allows you to initialize a session variable in the global scope, albeit register_globals is disabled. PHP 4.3.0 and later will warn you, if this feature is used by enabling both session.bug_compat_42 and session.bug_compat_warn.

69 > session.hash_function integer

session.hash_function allows you to specify the hash algorithm used to generate the session IDs. ‘0′ means MD5 (128 bits) and ‘1′ means SHA-1 (160 bits).

Note: This was introduced in PHP 5.

70 > session.hash_bits_per_character integer

session.hash_bits_per_character allows you to define how many bits are stored in each character when converting the binary hash data to something readable. The possible values are ‘4′ (0-9, a-f), ‘5′ (0-9, a-v), and ‘6′ (0-9, a-z, A-Z, “-”, “,”).

Note: This was introduced in PHP 5.

71 > url_rewriter.tags string

url_rewriter.tags specifies which HTML tags are rewritten to include session id if transparent sid support is enabled. Defaults to a=href,area=href,frame=src,input=src,form=fakeentry,fieldset=

Note: If you want XHTML conformity, remove the form entry and use the <fieldset> tags around your form fields

What is spamassassin ?
———————-
The SpamAssassin system is software for analyzing email messages,determining how likely they are to be spam, and reporting its conclusions.It is a rule-based system that compares different parts of email messages
with a large set of rules. A message with a high enough score is reported to
be spam.

How it works ? : -
—————

–> There are several ways that SpamAssassin makes up its mind about a
message:
–> The message headers can be checked for consistency and adherence to
Internet standards (e.g., is the date formatted properly?).
–> The headers and body can be checked for phrases or message elements
commonly found in spam (e.g., “MAKE MONEY FAST” or instructions on how to be
removed from future mailings)-in several languages.
–> The headers and body can be looked up in several online databases that
track message checksums of verified spam messages.
–> The sending system’s IP address can be looked up in several online lists
of sites that have been used by spammers or are otherwise suspicious.
–> Specific addresses, hosts, or domains can be blacklisted or whitelisted.
A whitelist can be automatically constructed based on the sender’s past
history of messages.
–> SpamAssassin can be trained to recognize the types of spam that you
receive by learning from a set of messages that you consider spam and a set
that you consider non-spam. (SpamAssassin and the spam-filtering community
often refer to non-spam messages as ham. )
–> The sending system’s IP address can be compared to the sender’s domain
name using the Sender Policy Framework (SPF) protocol (http://spf.pobox.com)
to determine if that system is permitted to send messages from users at that
domain. This feature requires SpamAssassin 3.0.
–> SpamAssassin can privilege senders who are willing to expend some extra
computational power in the form of Hashcash (http://www.hashcash.org).
Spammers cannot do these computations and still send out huge amounts of
mail rapidly. This feature requires SpamAssassin 3.0.

Most of SpamAssassin’s behavior is controlled through a systemwide
configuration file and a set of per-user configuration files. The per-user
configuration can also be stored in an SQL database.

How to Configure it ? : -
——————-

You can easily customize how SpamAssassin tags and identifies spam by
creating a spamassassin/user_prefs file. You can customize the number of
“spam points” required to identify a message as spam, create new rules, and
re-weight existing rules. Here is a sample user_prefs file. It raises the
threshold for identifying spam from 5 to 6, disables including spam warnings
in the subject and body, reweights a known rule, and adds several blacklist,
whitelist, and header rules.

Listing 1. A typical user_prefs configuration file

================================================================

#How many hits before a mail is considered spam?
required_hits 6

#Don’t mangle the messages so badly
rewrite_subject 0
use_terse_report 1

#whitelist and blacklist
whitelist_from *@www.eukhost.com
blacklist_from annoying-person@xyz.com

#reweight an existing rule
score BASE64_ENC_TEXT 3

#add some new rules
header KNOWN_LIST List-Id =~ /a-mailing-list-i-like/
score KNOWN_LIST -3

body EVITE /This invitation was sent to you by .* using Evite/
describe EVITE Looks like an eVite
score EVITE -3

================================================================

At heart, SpamAssassin is a set of modules written in the Perl programming
language, along with a Perl script that accepts a message on standard input
and checks it using the modules. For higher-performance applications,
SpamAssassin also includes a daemonized version of the spam-checker and a
client program in C that can accept a message on standard input and check it
with the daemon.

Cheers..!!

Common SSH Commands or Linux Shell Commands,
ls : list files/directories in a directory, comparable to dir in windows/dos.
ls -al : shows all files (including ones that start with a period), directories, and details attributes for each file.

cd : change directory · · cd /usr/local/apache : go to /usr/local/apache/ directory
cd ~ : go to your home directory
cd - : go to the last directory you were in
cd .. : go up a directory cat : print file contents to the screen

cat filename.txt : cat the contents of filename.txt to your screen

chmod: changes file access permissions
The set of 3 go in this order from left to right:
USER - GROUP - EVERONE

0 = — No permission
1 = –X Execute only
2 = -W- Write only
3 = -WX Write and execute
4 = R– Read only
5 = R-X Read and execute
6 = RW- Read and write
7 = RWX Read, write and execute

Usage:
chmod numberpermissions filename

chmod 000 : No one can access
chmod 644: Usually for HTML pages
chmod 755: Usually for CGI scripts

chown: changes file ownership permissions
The set of 2 go in this order from left to right:
USER - GROUP

chown root myfile.txt : Changes the owner of the file to root
chown root.root myfile.txt : Changes the owner and group of the file to root

tail : like cat, but only reads the end of the file
tail /var/log/messages : see the last 20 (by default) lines of /var/log/messages
tail -f /var/log/messages : watch the file continuously, while it’s being updated
tail -200 /var/log/messages : print the last 200 lines of the file to the screen

more : like cat, but opens the file one screen at a time rather than all at once
more /etc/userdomains : browse through the userdomains file. hit Spaceto go to the next page, q to quit

pico : friendly, easy to use file editor
pico /home/burst/public_html/index.html : edit the index page for the user’s website.

File Editing with VI ssh commands
vi : another editor, tons of features, harder to use at first than pico
vi /home/burst/public_html/index.html : edit the index page for the user’s website.
Whie in the vi program you can use the following useful commands, you will need to hit SHIFT + : to go into command mode

:q! : This force quits the file without saving and exits vi
:w : This writes the file to disk, saves it
:wq : This saves the file to disk and exists vi
:LINENUMBER : EG :25 : Takes you to line 25 within the file
:$ : Takes you to the last line of the file
:0 : Takes you to the first line of the file

grep : looks for patterns in files
grep root /etc/passwd : shows all matches of root in /etc/passwd
grep -v root /etc/passwd : shows all lines that do not match root

ln : create’s “links” between files and directories
ln -s /usr/local/apache/conf/httpd.conf /etc/httpd.conf : Now you can edit /etc/httpd.conf rather than the original. changes will affect the orginal, however you can delete the link and it will not delete the original.

last : shows who logged in and when
last -20 : shows only the last 20 logins
last -20 -a : shows last 20 logins, with the hostname in the last field

w : shows who is currently logged in and where they are logged in from.
who : This also shows who is on the server in an shell.

netstat : shows all current network connections.
netstat -an : shows all connections to the server, the source and destination ips and ports.
netstat -rn : shows routing table for all ips bound to the server.

top : shows live system processes in a nice table, memory information, uptime and other useful info. This is excellent for managing your system processes, resources and ensure everything is working fine and your server isn’t bogged down.
top then type Shift + M to sort by memory usage or Shift + P to sort by CPU usage

ps: ps is short for process status, which is similar to the top command. It’s used to show currently running processes and their PID.
A process ID is a unique number that identifies a process, with that you can kill or terminate a running program on your server (see kill command).
ps U username : shows processes for a certain user
ps aux : shows all system processes
ps aux –forest : shows all system processes like the above but organizes in a hierarchy that’s very useful!

touch : create an empty file
touch /home/burst/public_html/404.html : create an empty file called 404.html in the directory /home/burst/public_html/

file : attempts to guess what type of file a file is by looking at it’s content.
file * : prints out a list of all files/directories in a directory

du : shows disk usage.
du -sh : shows a summary, in human-readble form, of total disk space used in the current directory, including subdirectories.
du -sh * : same thing, but for each file and directory. helpful when finding large files taking up space.

wc : word count
wc -l filename.txt : tells how many lines are in filename.txt

cp : copy a file
cp filename filename.backup : copies filename to filename.backup
cp -a /home/burst/new_design/* /home/burst/public_html/ : copies all files, retaining permissions form one directory to another.
cp -av * ../newdir : Copies all files and directories recurrsively in the current directory INTO newdir

mv : Move a file command
mv oldfilename newfilename : Move a file or directory from oldfilename to newfilename

rm : delete a file
rm filename.txt : deletes filename.txt, will more than likely ask if you really want to delete it
rm -f filename.txt : deletes filename.txt, will not ask for confirmation before deleting.
rm -rf tmp/ : recursively deletes the directory tmp, and all files in it, including subdirectories. BE VERY CAREFULL WITH THIS COMMAND!!!

TAR: Creating and Extracting .tar.gz and .tar files
tar -zxvf file.tar.gz : Extracts the file
tar -xvf file.tar : Extracts the file
tar -cf archive.tar contents/ : Takes everything from contents/ and puts it into archive.tar
gzip -d filename.gz : Decompress the file, extract it

ZIP Files: Extracting .zip files shell command
unzip file.zip

Firewall - iptables commands
iptables -I INPUT -s IPADDRESSHERE -j DROP : This command stops any connections from the IP address
iptables -L : List all rules in iptables
iptables -F : Flushes all iptables rules (clears the firewall)
iptables –save : Saves the currenty ruleset in memory to disk
service iptables restart : Restarts iptables

Apache Shell Commands
httpd -v : Outputs the build date and version of the Apache server.
httpd -l : Lists compiled in Apache modules
httpd status : Only works if mod_status is enabled and shows a page of active connections
service httpd restart : Restarted Apache web server

MySQL Shell Commands
mysqladmin processlist : Shows active mysql connections and queries
mysqladmin drop databasenamehere : Drops/deletes the selected database
mysqladmin create databasenamehere : Creates a mysql database

Restore MySQL Database Shell Command
mysql -u username -p password databasename < databasefile.sql : Restores a MySQL database from databasefile.sql

Backup MySQL Database Shell Command
mysqldump -u username -p password databasename > databasefile.sql : Backup MySQL database to databasefile.sql

kill: terminate a system process
kill -9 PID EG: kill -9 431
kill PID EG: kill 10550
Use top or ps ux to get system PIDs (Process IDs)

EG:

Each line represents one process, with a process being loosely defined as a running instance of a program. The column headed PID (process ID) shows the assigned process numbers of the processes. The heading COMMAND shows the location of the executed process.

Putting commands together
Often you will find you need to use different commands on the same line. Here are some examples. Note that the | character is called a pipe, it takes date from one program and pipes it to another.
> means create a new file, overwriting any content already there.
>> means tp append data to a file, creating a newone if it doesn not already exist.
< send input from a file back into a command.

grep User /usr/local/apache/conf/httpd.conf |more
This will dump all lines that match User from the httpd.conf, then print the results to your screen one page at a time.

last -a > /root/lastlogins.tmp
This will print all the current login history to a file called lastlogins.tmp in /root/

tail -10000 /var/log/exim_mainlog |grep domain.com |more
This will grab the last 10,000 lines from /var/log/exim_mainlog, find all occurances of domain.com (the period represents ‘anything’,
– comment it out with a so it will be interpretted literally), then send it to your screen page by page.

netstat -an |grep :80 |wc -l
Show how many active connections there are to apache (httpd runs on port 80)

mysqladmin processlist |wc -l
Show how many current open connections there are to mysql

Requirements:
cPanel, Plesk or DirectAdmin

Nobody Check has been tested on:
CentOS
Fedora
Red Hat and Red Hat Enterprise systems

What is Nobody Check?

Free Nobody Check security tool for cPanel/Pkesk and DirectAdmin based servers that will greatly enhance server security. Developed exclusively by WebHostGear.com

The Nobody Check tool is a new and unique security tool that can detect malicious processes that are running on your Linux server and report them to you in real time or by email. The tool can be configured to run at selected times and doesn’t eat up resources or interfere with server operations.

Download
Nobody Check is available for download free here: nobody_check.tar.gz

Installation Script: NEW
Install Nobody Check has never been easier.

1) Login to your server as the root user through shell
2) wget http://www.webhostgear.com/projects/nobodycheck/install.sh
3) chmod +x install.sh
4) ./install.sh
Wait for the installer to finish
5) rm -f install.sh
6) Open the /usr/local/nobody_check/nc.conf and put in your email address and select your options

Demo Nobody Check now!
While we can’t run an actual demo of the script we can provide you with the output it produces so you get the idea of how it works.

- Email Detection Result
- Shell Scan Result

Documentation
- readme which answers many questions
- changelog

Licensing
Nobody Check is Copyright of Wave Point Media Inc. and WebHostGear. All rights reserved. We express no warranty or liability if you use this tool. This script may not be copied, altered or redistributed unless you have explicit written permission from Wave Point Media Inc.

Greetings,

Follow these steps in order to get that done.

First off we need to create a special log file for these filters do this:

touch /var/log/filter.log
chmod 0644 /var/log/filter.log

Now open up the configuration file
vi /etc/antivirus.exim

It should have a whole whack of comments at the top.

Here’s the webhostgear.com antivirus.exim configuration. Simple add this to your existing file, save the changes and they take effect instantly.

### CUSTOM WEBHOSTGEAR.COM FILTERS by Steven Leggett info@webhostgear.com
######################################################

# START
# Filters all incoming an outgoing mail

logfile /var/log/filter.log 0644
## Common Spam
if

# Header Spam
 $header_subject: contains "Pharmaceutical"
 or $header_subject: contains "Viagra"
 or $header_subject: contains "Cialis"
 or $header_subject: is "The Ultimate Online Pharmaceutical"
 or $header_subject: contains "***SPAM***"
 or $header_subject: contains "[SPAM]"

# Body Spam
or $message_body: contains "Cialis"
or $message_body: contains "Viagra"
or $message_body: contains "Leavitra"
or $message_body: contains "St0ck"
or $message_body: contains "Viaagrra"
or $message_body: contains "Cia1iis"
or $message_body: contains "URGENT BUSINESS PROPOSAL"
or $message_body matches "angka[^s]+[net|com|org|biz|info|us|name]+?"
or $message_body matches "v(i|1)agra|vag(i|1)n(a|4)|pen(  i|1)s|asu|seks|l(o|0)l(i|1)ta|dewacolok"

then
# Log Message - SENDS RESPONSE BACK TO SENDER
# SUGGESTED TO LEAVE OFF to prevent fail loops
# and more work for the mail system
#fail text "Message has been rejected because it hasn
#           triggered our central filter."
logwrite "$tod_log $message_id from $sender_address contained spam keywords"

 seen finish
endif

# END
# Filters all incoming an outgoing mail

# START
# All outgoing mail on the server only - what is sent out

#Check forwarders so it doesn't get blocked
#Forwarders still work =)

## FINANCIAL FAKE SENDERS
## Log all outgoing mail from server that matches rules
logfile /var/log/filter.log 0644
if      (
         $received_protocol is "local"          or
         $received_protocol is "esmtpa"
        ) and (
         $header_from contains "@citibank.com"  or
         $header_from contains "@bankofamerica.com" or
         $header_from contains "@wamu.com"      or
         $header_from contains "@ebay.com"      or
         $header_from contains "@chase.com"     or
         $header_from contains "@paypal.com"    or
         $header_from contains "@wellsfargo.com" or
        $header_from contains "@bankunited.com" or
        $header_from contains "@bankerstrust.com" or
        $header_from contains "@bankfirst.com" or
        $header_from contains "@capitalone.com" or
        $header_from contains "@citizensbank.com" or
        $header_from contains "@jpmorgan.com" or
        $header_from contains "@wachovia.com" or
        $header_from contains "@bankone.com" or
        $header_from contains "@suntrust.com" or
        $header_from contains "@amazon.com" or
        $header_from contains "@banksecurity.com" or
        $header_from contains "@visa.com" or
        $header_from contains "@mastercard.com" or
        $header_from contains "@mbna.com"
)
  then
     logwrite "$tod_log $message_id from $sender_address is fraud"
     seen finish
  endif

## OTHER FAKE SENDERS SPAM
## Enable this to prevent users using @domain from addresses
## Not recommended since users do use from addresses not on the server
## Log all outgoing mail from server that matches rules
logfile /var/log/filter.log 0644
if      (
         $received_protocol is "local"          or
         $received_protocol is "esmtpa"
        ) and (
        $header_from contains "@hotmail.com" or
        $header_from contains "@yahoo.com" or
        $header_from contains "@aol.com"

)
  then
     logwrite "$tod_log $message_id from $sender_address is forged fake"
     seen finish
  endif

## KNOWN FAKE PHISHING
### Log all outgoing mail from server that matches rules
logfile /var/log/filter.log 0644
if      (
         $received_protocol is "local"          or
         $received_protocol is "esmtpa"
        ) and (
#Paypal
        $message_body: contains "Dear valued PayPal member" or
        $message_body: contains "Dear valued PayPal customer" or
        $message_body: contains "Dear Paypal" or
        $message_body: contains "The PayPal Team" or
        $message_body: contains "Dear Paypal Customer" or
        $message_body: contains "Paypal Account Review Department" or

#Ebay
        $message_body: contains "Dear eBay member" or
        $message_body: contains "Dear eBay User" or
        $message_body: contains "The eBay team" or
        $message_body: contains "Dear eBay Community Member" or

#Banks
        $message_body: contains "Dear Charter One Customer" or
        $message_body: contains "Dear wamu.com customer" or
        $message_body: contains "Dear valued Citizens Bank member" or
        $message_body: contains "Dear Visa" or
        $message_body: contains "Dear Citibank" or
        $message_body: contains "Citibank Email" or
        $message_body: contains "Dear customer of Chase Bank" or
        $message_body: contains "Dear Bank of America customer" or

#ISPs
        $message_body: contains "Dear AOL Member" or
        $message_body: contains "Dear AOL Customer"

        )
  then
     logwrite "$tod_log $message_id from $sender_address is phishing"
     seen finish
  endif

# END
# All outgoing mail on the server only - what is sent out

The log file will have the logging format like this:

2006-04-27 16:37:40 1FZEB9-0002KQ-VP from nobody@ocean.wavepointmedia.com is phishing

Date and time, the Exim message ID, the sender and the section of the filter, like phishing, fraud or spam. You can check the mail message by grepping the exim_mainlog for it like this

grep 3GFEB5-87592KG-VL /var/log/exim_mainlog

If you haven’t already you should enable a higher level of logging in your mail server which will be in our next tutorial.

Cheers..!!

Here are the steps for how to install ioncube on your server.

1. Download appripriate script for ioncube from here.

http://www.ioncube.com/loader_download.php

2. tar -zxvf ioncube_loaders.tar.gz

3. cd ioncube

4. copy ioncube-install-assistant.php to a web directory such as your hosting directory and open it in your browser window.
cp ioncube-install-assistant.php /home/userdirectoryhere/www

Then open it http://www.yourdomain.com/ioncube-install-assistant.php
The output should be something similar to:

Analysis of your system configuration shows:

PHP Version 4.3.3
Operating System Linux
Threaded PHP No
php.ini file /usr/local/lib/php.ini
Required Loader ioncube_loader_lin_4.3.so

5. Now lets move the iconcube directory to a permanent location:
cd ..
mv ioncube /usr/local

6. Now that you know the location of php.ini you need to edit it.
pico /usr/local/lib/php.ini
Now find where other zend extentions are in the file.
ctrl + w: zend_extension

Paste in your new line for ioncube loader
zend_extension = /usr/local/ioncube/ioncube_loader_lin_4.3.so

7. Save the changes
ctrl + X then Y and enter

8. Restart the web server to take effect.
/etc/init.d/httpd restart

Success! You should now see a section in your PHP Info page that says:
Additional Modules
Module Name ionCube Loader

Cheers..!!

 - If you want to make ur system more usable, check out project utopia (gnome volume manager, HAL, and DBUS).. They are going to be added to the next generation of gnome, and will make a lot more usable. Eikkes volume manager is a good alternative to gnome volume manager (easier to install), found at http:sourceforge.net/projects/ivman.

- If you want to play windows games, first check if there a native linux port, and use that if there is. Otherwise your best option is winex (www.transgaming.com). That wraps windows calls into linux ones, which slows it down, but for many games, and on good computers you generally dont notice it. Setting the exe file association in your desktop environment will let just click exe’s allowing them to run.

- If you distro have automount.. sometimes its good to disable it.. Yes it can make life easier, but it can be a pain too sometimes.. If you find theres always a dramatic slowdown when opening nautilus or konquerer, dont use automount.. If you have a good cdrom drive though and are using the newest, you may not have these problems.

- ESD and ARTS sound servers are not new technologies.. I’ve seen nothing but pain from them.. Try to use ALSA instead of the sound servers wherever possible, and if your feeling really ready, you might want to just try disabling OSS completely in your kernel (not even have OSS emulation). OSS is old, and can only play one steam at a time (cannot do mixing), so when a OSS application plays a sound, it can often screw up every ALSA application which can automatically mix..

- Use prelink to speed up running applications.. In some cases, prelink has been shown to cut application loading times dramatically. (thanks equilibrium for suggesting this one). http:gentoo.org/main/en/performance.xml has a benchmark showing the impact.. It is considered safe to use these days, and generally works on speeding up everything except wine.

- Many windows managers support taskbar applets (like a weather applet, network applet, wireless signal strength applet, notification area applet).. Try them out extensively, you’ll be surprised how helpful they can be.. In my case in fact, I deleted the window list off my taskbar completely (I use ALT+TAB always anyway), and just left a windows  list applet which I can click to see all the windows, deleted my second taskbar, and set the first one to not expand and to have autohide enabled, saving up alot of my desktop.

- I dont recommend saving files to your desktop at all.. In linux you have a central storage for each user, so use it for all your files.. it keeps your system alot cleaner, your desktop clear, and you can keep things more organised..

- In linux, everything from the complete bootup sequence (http:bootsplash.org/), the bootmenu, to nearly every program in linux can be easily skinned (even individual directories can be given a theme in nautilus).. I suggest you take advantage of the skinning, as they can have a massive impact (in fact, its a trivial job to even do stuff like make your linux look identical to windows (by theming or using http:xpde.com/), or any OS you want, so I suggest you do so.. Unlike windows  linux also supports vector based icons, so if you want a Mac OS X like appearance, try to use a svg based themeset).

- Use http:driverondemand.sourceforge.net for driver management.. If you dont have a driver installed for a device, it will install the best rated driver automatically, so your less likely to accidently download a crappily designed driver (and you dont need to worry about drivers).

- If your performance is jerky and inconsistant, you are probably having ACPI problems.. You can disable it by configuring ur lilo.conf or grub.conf, and doing acpi=off, like:
kernel (hd0,7)/kernel-2.6.7-rc1-mm1 root=/dev/hda8 vga=792 acpi=off

- if you have a directory with many different files, try to break it up when it gets too large into many directory.. especially if its your home directory… Especially when using GUI tools, that speeds things up dramatically

- Use the newest 2.6 kernel (the 2.6 series is faster then 2.4 in every aspect).

- Use reiser4 (its developmental, but is 2X faster then reiserfs, and 4X faster then NTFS.. seemed pretty stable to me).

- Dont use Xfree 4.2, use Xorg-x11 instead

- Make sure you are using ur vendors opengl

- Use ALSA instead of OSS whenever possible, and check on the alsa site if people have specific tweaks etc (for hardware mixing for instance).

- If you want to do theming up to the point of even theming your web browser, use Mozilla firefox (http:mozilla.org/products/firefox/) as your webbrowser instead of mozilla or opera, it has awesome support for plugins and themes (which can be found at http:texturizer.net/firefox/index.html).. In fact, I suggest using firefox in Windows too..
————————————————————————————-

Why aren’t there many centralised tweak pages for  linux like windows?? Because the windows ones are useless, and are VERY often wrong..

An example of a misconception in windows of tweaking is editing the swap file size yourself instead of letting windows handle it, but the truth of that is that the people who recommended it never bothered to benchmark, and finally when it was, people actually discovered it was slower..And the rest of the tweaks slow down many cases.. MS does do alot of benchmarking to test the tweaks, and the ones they provide are in fact very good (except ones like enabling UDMA). And the tweaks people do come up with at best increase the worst case of the algorithms only minimally (1-2%). The tweaks combined which I gave you, especially if you are only using kernel 2.4 and a non optimised distro (like a i386 one), Give you the potential to increase the speed of ur computer by 200 - 300 % (At the very least changing to reiser4 will double ur harddisk speeds and using the -aa patchset will give 10% speedup potentially). Believe me, the windows tweaks are useless.. thats why there aren’t any equivilent linux ones.. The kernel developers etc try to optimise things as much as possible (with help from distro’s)..

Use the tweaks I gave you and I guarentee, you’ll speed it up massively (way more
then all of the windows tweaks together can do).. setting a few tweaks for algorithms
is never as effective as changing the algorithms itself..

Anyway, you need help with some of this stuff you can always come on IRC.. Thats the
great thing about open source, you can tweak it FAR beyond the puny windows tweaks because u can optimise the code..

The idea is that if you need to adjust any settings of a algorithm in linux, then usually its badly designed anyway, and the kernel developers need to tweak the settings in the kernel source for everyone.

- Use rc-update and disable all the crappy services you aren’t using.
- If you have a very large amount of ram, you may want to disable ur swap
(http:kerneltrap.org/node/view/3000).

- Use a distribution designed for your architecture (many distro’s, like windows are still compiled for 586.. If your running a P4 with hyperthreading, enable support for SMP, etc in the kernel).

- If you want pure speed, try using a GCC 3.4 devel distro (probably too unstable still though).. GCC 3.4 compiles programs so they run at least 7% faster in a large testcase.. By using good flags, you can expect higher performance gains

- Try to move off devFS to Udev.. Devfs is obsolete for a good reason, its got lots of locking problems and has many other various bugs.. Everyone should consider moving to Udev if they are on kernel 2.6.

- To speed up reboots, Linux now has a few programs which allow it to reboot without physically rebooting the machine.. It will just shut down linux , and when it is about to reboot, instead starts it back up
(http:www-106.ibm.com/developerworks/linux/library/l-kexec.html?ca=dgr-lnxw01Reboot
Fast).

- If you want good speed, and if you use gnome or KDE, ensure you are running the newest versions.. Unlike Windows, the newer the desktop environment, the faster they get.. If you really want to tweak to the max though, blackbox or fluxbox use less resources..

- Altering the hdparm parameters can also speed things up slightly in some cases.

- Some Windows managers have settings that allow u to speed them up slightly, just look in their options
- You may want to use the -ck patchset http:kem.p.lodz.pl/~peter/cko/ for the kernel, Con is a genius at optimisations, and its not uncommon for many of his optimisations to join the mainstream kernel..

- Add noatime and notail to the drives in ur fstab. noatime turns off the access time
recording, and notail changes the way things are stored. An example is: “/dev/hda7 /boot reiserfs noauto,noatime,notail”. Be aware notail though wastes a bit of extra space though.

- Avoid using ext2, ext3, or the windows filesystems (FAT32/NTFS) on any partitions on your computer.. They suck (due to the lack of competition on windows, m*c*s*t isn’t encouraged to improve it to speed it up).. If you dont want to use Reiser4.. then at least use reiserfs or XFS is a bit better provided your harddisk is well designed, however, on badly designed harddisks, the journelling on XFS may not be perfect…

Cheers..!!!

Troubleshooting hard drive problems : –

Sometimes when hard disk fails, the computer doesn’t boot, as in the case of a boot drive failure, and the frenzy to save important company data ensues. When faced with such a problem, don’t panic. Just remember these simple hard drive troubleshooting tips.

Here’s a quick and proven disk space troubleshooting process. With each point, ask yourself the question(s) that follow.

§ Physical connectivity - Is the drive receiving power? Is it plugged into the PC by a correctly connected ribbon cable? For IDE drives, are its jumpers set correctly? Or with SCSI drives, are its SCSI termination and ID set correctly?

§ BIOS setup - Does the BIOS see the drive?

§ Viruses - Does the drive contain any boot sector viruses that need to be removed before continuing?

§ Partitioning - Does FDISK find a valid partition on the drive? Is it active?

§ Formatting - Is the drive formatted using a file system that the OS can recognize?

§ Drive errors - Is a physical or logical drive error causing read/write problems on the drive?

§ Operating system - Does your OS have a feature that checks the status of each drive on your system? If so, what is that status?

Checking physical connectivity To work properly, a hard drive needs power and a connection via a ribbon cable to the PC. If a drive doesn’t work after moving it to a new PC, after physically moving the PC, or after the cover has been taken off, start your troubleshooting by checking the physical connectivity. It’s possible for plugs to jiggle loose when moving a PC, and it’s easy to uproot a ribbon cable connection when pulling circuit boards or performing other maintenance tasks inside the case. A hard disk works with any Molex connector from the PC’s power supply. Make sure the plug is fully inserted. Molex connectors require a lot of pressure to fully insert, and even more pressure to remove, so don’t be afraid to push hard or pull, as the case may be. Just make sure you handle the plastic connector, and do not try to push or pull the wires.

As the PC starts up, place the palm of your hand on the flat part of the hard disk. If you can detect any vibration, the drive probably has power. If there’s no movement at all, either the drive’s physical mechanism is shot or the Molex connector you have selected is faulty.
Try using a different connector before assuming the drive has a problem.

Systems like the AT/LPX have a small connector that runs from the front of the case to the hard disk. On ATX systems, it runs from the motherboard to the hard disk. This enables the LED on the case to illuminate when the hard disk is in use. Don’t rely on that LED as a positive indicator as to whether the hard disk is receiving power. The light could be burned out, the wire disconnected, or the drive might be receiving power but not be connected correctly to the PC.

The other physical requirement for a drive is the PC itself. If it’s an IDE model, the drive should be connected via a ribbon cable to the IDE bus on the motherboard. Connections can also be made with a SCSI or proprietary expansion card. Secure both ends of the ribbon cable connector and make sure the connector is covering all pins. On systems where the pins are bare instead of surrounded by a plastic ridge, it’s easy to offset the connector by a row or two on the pins. If the drive is getting power but the BIOS can’t find it, try a different ribbon cable; the one in use might have a broken wire or other flaw. Note that there are different types of hard disk ribbon cables. UltraDMA 66 and above drives require 80-wire cables. If you use the 40-wire type, the drive will be limited to UltraDMA 33 performance. The red stripe on the ribbon cable must match up with Pin 1 on both the drive and the motherboard or expansion card. Sometimes, though, it’s not easy to locate Pin 1. Look for tiny numbers at one end of the connector. If you see a 1 or 2, that’s the end with which the red stripe should be matched. Some connectors are notched on one side while the ribbon cables have a tab that fits into that notched area.
However, this isn’t always the case. Unlike with floppy drives, where the drive light stays on even if you have the ribbon cable backward, there is no simple way to tell whether you have the cable backwards. Without the notched connectors, your only choice is to use the trial-and-error method.

Checking jumper settings
On an IDE hard disk, one or more jumpers on the drive must be set to determine its Master/Slave status. This setting isn’t usually an issue in an existing hard disk installation that suddenly doesn’t work anymore, but it can cause problems when you move a drive from one PC to another. Depending on the drive, the following jumper settings may be available:

§ Single - Use this setting when the drive is the only one on that IDE subsystem; that is, the only one on that ribbon cable. Not all drives have a Single setting; if there is none, use the Master setting instead.

§ Master (MS) - When there are two drives on the IDE subsystem and the other drive’s jumpers are set to Slave, or if this is the only drive on the subsystem and it doesn’t have a separate Single setting, use this setting.

§ Slave (SL) - Use this setting when there are two drives on the IDE subsystem and the other drive’s jumpers are set to Master.

§ Cable Select (CS) - If you are using a cable that relies on the device positioning to determine its Slave/Master status, use this setting. This setting is uncommon.

Checking SCSI termination
If the machine uses a SCSI drive, there are two factors with which to be concerned: termination and ID. These settings are not an issue when troubleshooting a drive that has suddenly gone bad in an existing system, but if you are moving a drive from one system to another and it doesn’t work in the new system, improper SCSI settings may be the culprit. If this is the last SCSI device in the chain, it must be terminated. Termination methods vary. On some devices, you set termination with an extra jumper; on others, you use a cap or plug over a connector.

On most hard disks, you terminate using a jumper setting.

SCSI-based drives usually have jumpers just like ATAPI ones, but instead of setting the Master/Slave status, they assign a SCSI ID number to the device. Some SCSI devices have a wheel or button instead of jumpers with a little window indicating the setting, but this is uncommon on a hard disk. There can be up to seven SCSI devices on a single narrow SCSI bus, and up to 15 devices on a wide SCSI bus. There are either eight or 16 addresses in total, depending on your system. The host adapter takes one of those addresses, leaving seven or 15 for the remaining drives. Usually, the host adapter claims the highest number for itself.

The SCSI ID comes from a binary representation of the jumpers. For example, on a device with three SCSI jumpers and all of them are without jumper settings, the ID would be 000b (b stands for binary here), or 0. An ID of 001b would be 1; 010b would be 2; and so on.

The problem lies in the fact that some manufacturers set the jumpers to read from left-to-right, while others use right-to-left. So on one drive, the leftmost jumper set would be 1, while on some other drive, the rightmost jumper set would be 1. Check the drive’s label for information about which way the drive works. If all else fails, try the manufacturer’s Web site.

Checking BIOS setup (IDE only)
In most modern systems, the BIOS can automatically detect your hard disk, so no special BIOS setup is required. However, if you are working with an older or quirky BIOS, you might need to enter the BIOS setup program and change the drive’s IDE channel (such as
Primary Master or Primary Slave, for example) from None to Auto so the BIOS will attempt to find and identify the drive.
On an old BIOS, you occasionally may need to select User as the drive type and manually enter the drive’s settings. Automatic detection of IDE devices was part of the ATA-3 standard, released more than 10 years ago, though, doing so would be rare.

Some BIOSs also have a separate Detect IDE Devices utility built in. If the BIOS contains such a utility, you can use it to prompt the BIOS to detect the new hard disk. This comes in handy when you aren’t sure whether or not the drive is working, because you can get an answer immediately rather than rebooting and waiting to see whether the BIOS finds the drive on startup.
Virus checking
If you’ve come this far in the troubleshooting process and the drive still isn’t working, check for viruses. A drive containing a boot-sector virus will not only malfunction, it can spread the virus to the disk you boot from, such as your emergency startup disk.

On a system that you know is good and that has an anti-virus program installed, update the virus definitions, and then make a virus-checking boot disk. Write protect it, and then use it to start the system containing the nonworking hard disk and check it for errors.
If the drive is not partitioned and formatted, the boot disk might not be able to check the data area of the drive. That’s okay for now; just let it get as far as it can before moving on to the next step, checking the partition.

Checking for a valid partition
If the BIOS can see the drive but the drive isn’t working, make sure the drive is partitioned. Use FDISK, a command-line utility you’ll find on a Windows 9x/Me startup disk, to check. Boot from the write-protected startup disk and type FDISK. When asked whether or not you want large disk support, type Y. If the active partition’s type is FAT, FAT32, or NTFS, it should be recognized by the operating system. One exception would be if you put an NTFS drive into a Windows 9x/Me system. The OS wouldn’t recognize the NTFS because it doesn’t support NTFS, not because it was partitioned incorrectly.

If it is a partition problem, you have two choices: Try to recover the data using a disk recovery program, or give up on the data, delete the partition, and re-create it in FDISK. If you want to try recovery first, see the section below on Advanced Data Recovery
Options. If you want to delete the partition and re-create it, return to the FDISK main screen by pressing [Esc] and deleting the partition (option 3 on the screen), and then return to the main screen again and create a partition (option 1 on the screen). After using FDISK to
create or delete partitions, you must reboot the machine before doing anything else.

Checking drive formatting
If FDISK recognizes the drive and it has a valid partition type, you should be able to view the drive’s content from a command prompt via your startup disk, or from the Recovery Console in Windows 2k or XP. Change to that drive by typing its drive letter followed by a colon and pressing [Enter]. Then, display a list of files on the drive with the DIR command.

If you see a message about an invalid media type, the drive is probably not formatted using a file system that your OS recognizes. You can either try a data recovery program, or you can give up on the drive’s data and reformat it with the FORMAT command.

Fixing physical and logical drive errors : -

Let’s assume at this point that your OS finds the drive and can read some files on it, but not all of them. Maybe you’re receiving read or write errors, or certain programs aren’t working right. The problem is likely a physical or logical disk error. A physical disk error is a bad spot on the drive. It can result from physical trauma to the computer, like knocking it off of a table while it’s running. A logical disk error is a discrepancy between the two copies of the file allocation table (FAT) on the disk, or a discrepancy between the FAT’s version of what clusters are stored on the drive and the reality of actual storage. Such errors are typically caused by improperly shutting down the PC or abnormal program termination.

A message about a data error while reading or writing the drive is probably a physical error. Logical errors are manifested in many different ways, not always directly attributable to the disk itself. For example, certain programs might fail to run or might lock up after starting. Such a problem could mean a memory parity error or even a bad cooling fan; you never know until you check the system and eliminate the possibilities.

It’s best to try the simplest solution first, so run a disk-checking program. Windows 9x/Me/2k comes with ScanDisk, which will check for both physical and logical errors. Windows XP comes with a similar utility called Check Disk. In Windows XP, access Check Disk from the Tools tab of the drive’s Properties sheet. In early versions of DOS, a command-line utility called CHKDSK does the same thing. Use it with the /F switch to fix any errors it finds. Checking and reactivating disks in the Windows 2k/XP OSs Windows 2k and Windows XP both have a Disk Management feature that checks the status of each drive on your system. This utility allows you to convert to dynamic disks, change space allocation, and much more.

With Disk Management, the most important thing to check is the status of each drive. The Windows Disk Management application will display the drive’s status. If a drive reports that it is offline or a status other than Healthy, right-click it and choose Reactivate Disk.

Conclusion
Because so much is stored on hard disks, knowing how to revive a failed hard drive is a critical function for technology professionals. Having an effective guide to the recovery process might mean the difference between a total loss and full recovery.

With this seven-step process, though, you’ll be ready to tackle most disk space errors that arise.

Cheers..!!

Greetings

If you are here searching for some tweaks to do to solve your hard disk speed problem then you are on a rightplace. If you have 256 RAM on your local computer then you can do following steps in order to inprove the harddisk speed of your computer. For that you need to configure a special buffer in the computer’s memory in order to enable it to better deal with interrupts made from the disk.
This tip is only recommended if you have 256MB RAM or higher.
Do as metioned below.
1. Run SYSEDIT.EXE from the Run command.
2. Expand the system.ini file window.
3. Scroll down almost to the end of the file till you find a line called [386enh].
4. Press Enter to make one blank line, and in that line type
Irq14=4096
src=”http://www.petri.co.il/images/speed_hd1_small.gif”
Note: This line IS CASE SENSITIVE!!!

1. Click on the File menu, then choose Save.
2. Close SYSEDIT and reboot your computer.
Thats it. its all done now. But notice that the speed improvement will be noticed after the computer reboots.
Update: The most speed improvement is visible with IDE drives, however there are reports that this tweak also does good for SCSI disks. In any case, it won’t harm your system, so why not try it yourself and let me know what you find.

Cheers..!!

SEO consultant

I have created this blog to help the system administrator who works for the application support and as a Technical Support executive for the server administrator. You will get all the details related to different software installation, trouble shooting errors, bugs, patches and resolution or fixes for the same. You will also have different tweaks you can do with the system ( linux, solaris, windoows) and play with it according to your requirement.

If you want to put your add on my site or if you have any suggestion for this site or have any questions you can reach me at sales-AT-sysadminupdates.com

Thanks and regards..