Some Server Admin Basics

The following are 3 broad suggestions that I gave to a nonprofit organization who I used to work for full time, in administering their servers, in an email (which I just wrote for free). While Smooth Stone Services does provide consulting and server administration services, the following are some best practices that I have no problem "giving away". Incidentally, we hope that this article will help our potential (future) system administration clients in determining that we really do know what we're talking about, and we really do have your best interests in mind.

However, and most importantly, we hope that the following information will be helpful to those that can use it. To learn more about what we can do for you, please visit http://www.smoothstoneservices.com/server-administration, or contact us at http://www.smoothstoneservices.com/contact-us.

My employer in this case is running CentOS with a cPanel / WHM installation.

1. MySQL / Drupal Queries

There is a set of scripts called the Maat Kit. Their website is www.maatkit.org. From their website:

“Maatkit is a toolkit for users, developers, and administrators of open-source databases. Most of Maatkit’s functionality is designed for MySQL.  It makes MySQL easier and safer to manage. It provides simple, predictable ways to do things you cannot otherwise do.”

The maat kit tool that I’m the most familiar with is called mk-query-digest. When run, it analyzes your slow query log and generates a report of the queries that are the most common and how long they take to run. The syntax of the tool is something like this:

$ mk-query-digest /var/log/mysql/mysqld-slow.log > report.log

Then just open report.log up with VI or something, and you’re good to go!

2. Updating the operating system

CentOS comes with a powerful package manager called Yum. It is always recommended to install as much software as possible with the built-in package manager, rather than installing from source. This is because when you install from source, you make it much more difficult on yourself when you need to either uninstall said software, or upgrade it. Note that obviously in your case, there are things you can’t update with yum anyway, since you use cPanel (PHP, Apache, MySQL, Exim)

1. To check for ALL OS Updates, run the following command: $ yum check-update

This will generate a list of all updates available. Remember: You probably don’t want to update everything at once. There may also be packages that you may want to test first – i.e. if it’s primarily used on the webserver, then test it on your database server, or vice-versa. But testing is not always necessary or needed. All security updates will be listed, as well as any non-security updates (such as bug fixes or new features).

2. To check for just security updates:

            First, install the Yum Security plug-in, if it’s not already installed.

                        $ yum install yum-security

            Now, run:

                        $ yum –security check-update

3. Server Security

There is a set of security scripts that are installed on your servers called CSF (ConfigServer Security & Firewall - http://configserver.com/cp/csf.html). Every once in a while, you should be sure to update this. These scripts use some of Linux’s built-in user and system tracking mechanisms to identify security threats. I know that I wrote to you guys in an email before I left the importance of updating this software. If you’ve forgotten how to do it, here’s some more explanation:

1) CSF was built to be a plugin for WHM / cPanel. However, it also is a stand alone program that can run independently of cPanel. I use CSF on my own VPS, and configure it through the command line. However, you can also configure (and upgrade it) through WHM (which I don’t have on my own VPS, but you do).

2) One important feature is that you can use it to block IP Addresses in your IP TABLES (the most critical part of the firewall in ALL versions of Linux). You can do this manually inside CSF. However, you can also configure CSF to block IP addresses automatically when a user (hacker) makes several failed attempts to login to your server, runs port scans, etc… As you may recall, I configured CSF to do all of this before I left.

3) To upgrade it, login to WHM. Going off of memory (since I don’t have anything to look at right now), I’m pretty sure that if you scroll all the way to the bottom and look on the left side of your screen, you’ll see a link to it. Click it. Somewhere in there should be an obvious link to upgrade. When you click it, it’ll do the rest – it’ll download the latest updates, update the IP TABLES, and restart the necessary services. There’s no downtime involved, and upgrades usually take less than 30 seconds.

4) As I said, I maintain my installation of CSF manually from the command line. If you’re feeling adventurous, I’m pretty sure that it works the same way as it does mine:

1.  From the command line, just run: $ csf check-update (this will tell you whether an update is available or not)

2.  $ csf update (this will automatically do it’s thing

3.  Config files for me are located in /etc/csf. Not sure if cPanel puts them somewhere else.

4.  (As an aside, you might make a note to routinely include /etc/csf/csf.conf in your backups, in case the server ever crashed and you had to restore from backups)… of course, that’s where the file is located on my server – again, not sure if it’s located in /etc/csf/ on yours.

5)  Remember to update CSF on both the web server as well as the database server

To learn more about what we can do for you, please visit http://www.smoothstoneservices.com/server-administration, or contact us at http://www.smoothstoneservices.com/contact-us.