Archive/backup your server with Mega and megatools / CentOS 7

I am Mega user for quite some time now. I have VPS on which I run my blog. Idea was: can I upload my blog/website/database backups to my Mega account daily? So I wish to use Mega as some sort of backup service. It is possible as there is Linux tool that allows operations through your Linux machine to your Mega account. It is called megatools. Mega offers 50G of capacity for free! In most cases, this should be more than enough to backup your websites. You can backup your server to your Mega account! Downside is, that megatools currently don’t offer function such as is rsync – for archive purposes.

Continue Reading

Replacing string from variable with sed: unknown option to `s’

Sed is great command to use. I was writing some bash script and I needed to replace some strings in file with string saved in variable.

sed “s/string1/$string2/g; s/string3/$string4/g”  $CFGFILE

When executed, script was returning this error:

[root@vincentvega]# ./myscript
sed: -e expression #1, char 14: unknown option to `s'

After googling around for a while I figured out that / was causing the problem. So I replaced / with | and now works fine. I think that you can also use some other char than | if you want.

sed “s|string1|$string2|g; s|string3|$string4|g”  $CFGFILE

Exim – remove messages from mail queue sorted by email address

Ok, title is a little confusing, I admit :). Let me try to explain. When you have stuffed exim mail queue and you want to remove all messages from specific domain only, sometimes email address that you want to use as key for your parsing is in second line. So, classic exim -bp | grep <searchstring> | awk {‘print $3’} | xargs exim -Mrm is not very useful in this case because it won’t return message ID. Grep with -B flag is what you need in this case. -B will show line before your “key” string also – message ID in this case. You can check how to on example below.

  • Check exim mail queue
[root@mailserver ~]# exim -bp

46h   58K 1b59PU-000J6d-1U <something@domain.com>
          info@mydomain.si

44h   11K 1b5Bj4-000MJC-GF <johndoe@iasoiasd.in>
          info@mydomain.si

44h   16K 1b5BjQ-000MNC-0M <jimi.hendrix@guitar.com>
          peter@olderdomain.org

43h  9.0K 1b5Bvp-000P1c-6s <purchase@domainname.net>
          info@mydomain.si

43h   11K 1b5BzX-000PmA-S5 <GallowayIla96@asgasfasgas.com>
          info@mydomain.si

41h   59K 1b5Dhb-000I5h-8E <bloop@auhuiejnapob.net>
          info@mydomain.si

27h   17K 1b5RNl-000OFW-Tn <sasa@bjkoapojfoaubopaw.si>
          info@mydomain.si

22h   78K 1b5W42-000Nna-Jn <johndoe@gmail.com>
          anothermail@foo.com

22h   11K 1b5W8b-000Oes-Fb <ramones@band.com>
          info@mydomain.si

22h  250K 1b5WHr-0000Om-Oa <fuckface@guilttrip.com>
          joasd@aasdfasf.si

20h   12K 1b5YEZ-000MF7-Jq <mrinsignificant@mobile.cn>
          test@anotherdomain.net

19h  9.1K 1b5YK6-000NPV-1m <fetasir@cheese.com>
          info@mydomain.si

19h   12K 1b5YXM-000Ppg-Qd <asfaeaw@asdasa.com.br>
          info@mydomain.si

19h   11K 1b5Yeq-0001JN-9a <geaafwawfaef@gesawad.vn>
          blabla@mojadomena.si
.
.
.
  • We want to delete all messages that contains string info@mydomain.si and are in second line.
[root@mailserver ~]# exim -bp | awk {'print $1,$3'} | grep -B1 mydomain | awk {'print $2'} | xargs exim -Mrm

Message 1b59PU-000J6d-1U has been removed
Message 1b5Bj4-000MJC-GF has been removed
Message 1b5Bvp-000P1c-6s has been removed
Message 1b5BzX-000PmA-S5 has been removed
Message 1b5Dhb-000I5h-8E has been removed
Message 1b5RNl-000OFW-Tn has been removed
Message 1b5W8b-000Oes-Fb has been removed
Message 1b5W42-000Nna-Jn has been removed
Message 1b5W8b-000Oes-Fb has been removed
Message 1b5YK6-000NPV-1m has been removed
Message 1b5YEZ-000MF7-Jq has been removed
Message 1b5YK6-000NPV-1m has been removed
.
.
.

How to save mysql query output into a file

Sometimes you may want to save output of some mysql query to a text file. Maybe even to Excel’s spreadsheet file so that you have more control with editing, sorting … MySQL offers many useful options there.

Below is an example on how to save some mysql query output to csv file. You can terminate fields with some key character which is super useful. This example has fields terminated with ; and lines with \n.

mysql> select firstname, lastname, email, phone from clients INTO OUTFILE '/tmp/outputfile.csv' FIELDS TERMINATED BY ';' LINES TERMINATED BY '\n';

Just make sure that mysql has suitable permissions so that it will be able to write to a file – chmod 777.

Remove those ^M symbols with VI

We all know how annoying those ^M-s can be all over your script or file. ^M is a carriage return, and is commonly seen when files are copied from Windows. All of them can be removed in one step, with vi editor. Open your file in vi and hit escape. Then do like shown below.

%s/{Ctrl+V}{Ctrl+M}//{Enter}

SSH without your certificate / overridde ssh certificate

If you want to test if users can ssh to a server with their passwords but your attempt is overridden by your ssh certificate, this is how you can do it.

ssh user@my.hostname.com -o PreferredAuthentications=password

How to chown symbolic link – symlink

By default, if you try to chown symbolic link, e.g. symlink, it won’t work. User and group of symlink will stay the same after attempt. What you can do is add -h flag in your chown command. This flag stands for –no-dereference and it means »affect symbolic links instead of any referenced file«.

Example:

 
### symlink is owned by root
[root@myserver www]# ls -l
lrwxrwxrwx  1 root  root  13 May 14 14:51 html -> /var/www/html

### try to chown directory with nginx user and group
[root@myserver www]# chown nginx:nginx html

### no changes
[root@myserver www]# ls -l
lrwxrwxrwx  1 root  root  13 May 14 14:52 html -> /var/www/html

### try chown with -h flag
[root@myserver www]# chown -h nginx:nginx html

### ownership of symbolic link html is now changed
[root@myserver www]# ls -l
lrwxrwxrwx  1 nginx nginx 13 May 19 14:52 html -> /var/www/html

How to change administrator username in WordPress

By default, WordPress won’t allow you to change username of  your administrator account. There are several ways to do this. There are even plugins for this, but I think using plugins for this task is unnecessary and bad idea in general. WordPress is great but consider using as less plugins as you can. Especially bad ones, they are just calling to be hacked by evil guys with too much time. 🙂

Here is how to change administrators username with one simple mysql command.

First, select your wordpress database.

mysql> show tables;
+-----------------------+
| Tables_in_sample-blog |
+-----------------------+
| wp_commentmeta        |
| wp_comments           |
| wp_links              |
| wp_options            |
| wp_postmeta           |
| wp_posts              |
| wp_snippets           |
| wp_term_relationships |
| wp_term_taxonomy      |
| wp_termmeta           |
| wp_terms              |
| wp_usermeta           |
| wp_users              |
+-----------------------+

So in this case I want to change username for my admin user.

mysql> select id, user_login from wp_users;
+----+------------+
| id | user_login |
+----+------------+
|  1 | admin      |
|  2 | someuser   |
+----+------------+

You just have to update user_login field in wp_users table with command below. Of course change id and user_login value to your needs.

mysql> update wp_users set user_login="igor" where id="1";
Query OK, 1 row affected (0.05 sec)
Rows matched: 1  Changed: 1  Warnings: 0

Username is now changed. You can login in your wordpress with new username.

mysql> select id, user_login from wp_users;
+----+------------+
| id | user_login |
+----+------------+
|  1 | igor       |
|  2 | someuser   |
+----+------------+

Exim – delete specific emails from queue

Sometimes your exim mail queue can grow quite large. Especially when some website (WordPress!) is hacked and is sending tons of spam mail. Or when you end up with thousands of frozen mails. You probably don’t want to remove all emails from queue. That would mean legit emails too. You want to specify and delete only specific ones.

For sake of this demonstration we want to delete all emails that contains string domain.com

18h   60K 1b33Uz-000LkN-48 <info@domain.com> (someuser)
          info@somedomain.com

Just run command below and all mails with string match doman.com will be deleted from mail queue.

exim -bp |  grep "domain.com" | awk {'print $3'} | xargs exim -Mrm

Or for example, in case of frozen mails:

exim -bp |  grep froz | awk {'print $3'} | xargs exim -Mrm

Find CryptoPHP hacks on your server / False php scripts

CryptoPHP is nasty little shit! A while ago I had a problem with spam on one of our hosting servers. When we ended on several RBL lists, one of them stated that there is a possible way that our machine is infected with CryptoPHP. Hacked files can be very hard to find. PHP code was hidden in false .png files! This pngs were then included in some legit php files, like index.php. So every time index.php was loaded, hacked code inside included png file was loaded too.

Here is how you can find if there are false png files on your system. Just scan your directory with this line:

find -L /path/to/dir/ -type f -name "*.png" -exec file {} + | grep PHP

You could also scan your system for other types of files. Just replace *.png with something elese, for example *.jpg.

Output for legit files will look something like this:

./wp-includes/js/tinymce/skins/wordpress/images/more-2x.png:    PNG image data, 3800 x 40, 4-bit colormap, non-interlaced

Output for script that pretends to be regular PNG file – hacks – will look something like this:

./test.png:   PHP script, ASCII text

© 2024 geegkytuts.net
Hosted by SIEL


About author