Zombie Proses di Linux

Adalah suatu proses anak (child process) yang telah dimatikan namun prosesnya tetap ada. Hal ini dikarenakan dari Induk Proses (parent process) tidak mematikan proses anaknya dengan sempurna.

Bagaimana caranya melihat zombie process?

root #ps aux | awk ‘{ print $8 ” ” $2}’ | grep -w Z

atau ps -el | grep Z

atau ps axu |grep Z

kill -9 PID

Kadang dengan perintah kill -9 tidak mematikan zombie proses, caranya membunuh zombi proses secara otomatis bisa denganmenambhakna pada cron skrip sepeti berikut ini:

`ps jauxww | grep Z | grep -v PID | awk ‘{print $3}’`; do for every in `ps auxw | grep $each | grep cron | awk ‘{print $2}’`; do kill -9 $every; done; done

Troubleshoot High CPU usage by MYSQL

How to troubleshoot high CPU usage by MySQL?

1. Cek query yang running  pada server :

SHOW FULL PROCESSLIST;

2. Cek MySQL error log :

/var/log/mysqld.log

3. Check general status of the server: RAM and available disk space:

# free -h
# df -h

4. Check slow query log by enabling MySQL slow query log.

a. Open the file /etc/my.cnf (rpm base system) or /etc/mysql/my.cnf (dpkg base system) any editor and add the lines below to the [mysqld] section:

slow_query_log = 1
log-slow-queries = /var/log/mysql-slow.log
long_query_time = 10
log-queries-not-using-indexes

where long_query_time is a time taken by an sql query to execute.

b. Create the file /var/log/mysql-slow.log

# touch /var/log/mysql-slow.log

c. Set correct permissions on the file:

# chown mysql:mysql /var/log/mysql-slow.log

d. Restart the mysqld service:

# service mysqld restart

Sumber ;
https://support.plesk.com/hc/en-us/articles/213393329-How-to-troubleshoot-high-CPU-usage-by-MySQL-
https://support.plesk.com/hc/en-us/articles/115002888409

Catatan log cPanel / Plesk Panel

WHM/cPanel
SSH log
/var/log/secure

Apache
/usr/local/apache/logs/access_log
/usr/local/apache/logs/error_log
/usr/local/apache/logs/error_log | grep ModSec
more /usr/local/apache/logs/error_log | grep namadomain

/usr/local/apache/domlogs
/var/cpanel/secdatadir/ip.pag

Exim
/var/log/exim_mainlog
/var/log/exim_rejectlog
/var/log/exim_paniclog
/var/log/maillog
/var/cpanel/email_send_limits/max_deferfail_example.com

cPanel
/usr/local/cpanel/logs/access_log
grep -in "username" /usr/local/cpanel/logs/access_log
/usr/local/cpanel/logs/error_log
/usr/local/cpanel/logs/login_log

FTP
/var/log/messages

HTTPD
/etc/httpd/logs/

APACHE CONFIG
/usr/local/apache/conf

CSF/LFD
/var/log/lfd.log
/etc/csf/csf.pignore | user:usercpanel > buat csf mengignore process user
/etc/skipsmtpcheckhosts
/var/lib/csf/

Access Log
/home/usercpanel/access_logs

httpd.conf
/usr/local/apache/conf
/usr/local/apache/htdocs > akses via hostname
/var/cpanel/templates/apache2/main.default
/var/cpanel/templates/apache2/main.local

php.ini
/usr/lib/php.ini

pre dan post vhost
/usr/local/apache/conf/includes/
/usr/local/apache/conf/php.conf

mail scanner
/usr/mailscanner/etc/rules/spam.whitelist.rules

MySQL log

MySQL error log /var/lib/mysql/{SERVER_NAME}.err
MySQL slow query log (if enabled in my.cnf) /var/log/slowqueries

modsec
/usr/local/apache/conf/userdata/std/2/USERNAME/DOMAIN.TLD
/usr/local/apache/conf/userdata/std/2/USERNAME/DOMAIN.TLD/mod_security.conf

cPanel logsAccess logs and user actions /usr/local/cpanel/logs/access_log
Account transfers and misc. logs /var/cpanel/logs
Auditing log (account creations, deletions, etc) /var/cpanel/accounting.log
Backup logs /usr/local/cpanel/logs/cpbackup
Brute force protection (cphulkd) log /usr/local/cpanel/logs/cphulkd.log
Cpanel dnsadmin dns clustering daemon /usr/local/cpanel/logs/dnsadmin_log
Cpanel taskqueue processing daemon /usr/local/cpanel/logs/queueprocd.log
DBmapping /usr/local/cpanel/logs/setupdbmap_log
EasyApache build logs /usr/local/cpanel/logs/easy/apache/
Error log /usr/local/cpanel/logs/error_log
Installation log /var/log/cpanel
License updates and errors /usr/local/cpanel/logs/license_log
Locale database modifications /usr/local/cpanel/logs/build_locale_database_log
Login errors (CPSRVD) /usr/local/cpanel/logs/login_log
Horde /var/cpanel/horde/log/
RoundCube /var/cpanel/roundcube/log/
SquirrelMail /var/cpanel/squirrelmail/
Panic log /usr/local/cpanel/logs/panic_log
Per account bandwidth history (Cached) /var/cpanel/bandwidth.cache/{USERNAME}
Per account bandwidth history (Human Readable) /var/cpanel/bandwidth/{USERNAME}
Service status logs /var/log/chkservd.log
Tailwatch driver tailwatchd log /usr/local/cpanel/logs/tailwatch_log
Update analysis reporting /usr/local/cpanel/logs/updated_analysis/{TIMESTAMP}.log
Update (UPCP) log /var/cpanel/updatelogs/updated.{TIMESTAMP}.log
WebDisk (CPDAVD) /usr/local/cpanel/logs/cpdavd_error_log
Website statistics log /usr/local/cpanel/logs/stats_log

cPanel access logAccess logs and user actions /usr/local/cpanel/logs/access_log

cPanel apache logApache restarts done through cPanel and WHM /usr/local/cpanel/logs/safeapcherestart_log
Domain access logs /usr/local/apache/domlogs/{DOMAIN}
Processing of log splitting /usr/local/cpanel/logs/splitlogs_log
suPHP audit log /usr/local/apache/logs/suphp_log
Web server and CGI application error log /usr/local/apache/logs/error_log

cPanel email logDelivery and receipt log /var/log/exim_mainlog
Incoming mail queue /var/spool/exim/input/
Log of messages rejected based on ACLS or other policies /var/log/exim_rejectlog
Unexpected/Fatal error log /var/log/exim_paniclog
IMAP, POP login attempts, transactions, fatal errors and spam scoring /var/log/maillog /var/log/messages
Mailman /usr/local/cpanel/3rdparty/mailmain/logs


==========================
maldet
==========================
maldet -a /home/?/public_html Scan all files in path (default: /home, wildcard: ?)
maldet -l show log
maldet --report scanID show report
maldet --restore scanID restore file from scan ID
maldet --restore /usr/local/maldetect/quarantine/config.php.23754 restore file from certain scan process
/usr/local/maldetect/ignore_paths > whitelist path

rwscan kakak p :
/usr/local/rwscan/rwscan.sh scan user


==========================
clamAV
==========================
update the virus definitions with: sudo freshclam

scan for viruses: clamscan OPTIONS File/Folder

Examples:
check all files on the computer, displaying the name of each file: clamscan -r /
check all files on the computer, but only display infected files and ring a bell when found: clamscan -r --bell -i /
check files in the all users home directories: clamscan -r /home
check files in the USER home directory and move infected files to another folder: clamscan -r --move=/home/USER/VIRUS /home/USER
check files in the USER home directory and remove infected files (WARNING: Files are gone.): clamscan -r --remove /home/USER
see more options: clamscan --help

==========================
exim
==========================
for servers in `cat /root/exim/server.txt`; do sh /root/exim/hapusrootemail.sh $servers; done
pssh -h /root/exim/server.txt sh /root/exim/hapusrootemail.sh
exim -M id      #Try to send the message with id id

exim -qf       #Tell exim to process the entire queue again
exim -qff      #same as qf, but it will flush the frozen messages

exim -Mvl id    #view the message log for message id
exim -Mvh id    #view message id's headers
exim -Mvb id    #view message id's body
exim -Mrm id    #remove message id from the queue
exim -Mg id     #fail and send a bounce to the sender
exim -bp | exiqsumm    #Print summary of the messages in the queue
exiwhat        #show what exim is doing right now
exim -bpc      #show number of messages in the queue
exim -bp       #print list of messages in the queue
exiqgrep -i # show message id
exigrep /home/adeh6829 /var/log/exim_mainlog | exiqgrep -i | xargs exim -Mrm
exim -bp | grep agus.ningsih@persadanusantara.co.id | exiqgrep -i | xargs exim -Mrm
exim -bp | grep "@inuki.co.id" | awk {'print $4'} | sort | uniq -c | sort -nk 1
exim -bp | awk {'print $4'} | sort | uniq -c | sort -nk 1



Reset maildirsize cpanel:
all user email: find /home/*/.cpanel-datastore/ -name "diskusage_*" | xargs rm -f
user email at certain domain: find /home/*/mail/ -name maildirsize | xargs rm -f
Test how exim will route a given address: exim -bt user@remotehost.com
Run a pretend SMTP transaction: exim -bh IP_address_email_sender
search the queue for messages from a specific sender: exiqgrep -f [luser]@domain
search the queue for messages for a specific recipient/domain: exiqgrep -r [luser]@domain
Print just the message-id of the entire queue: exiqgrep -i
Deliver a message, whether it's frozen or not, whether the retry time has been reached or not: exim -M <message-id>
<= : messages sent from
=> : messages sent to

cek ukuran antrian email: exim -bp | grep M

==========================
DNS
==========================
host namachildns rootserver | check child nameserver
whois -h whois.id nameserver nsxx | check child nameserver



SSH command

CSF
csf -f > stop
csf -s > start
csf -x > disable
csf -e > enable

http://www.scriptinstallation.in/cpanel_scripts.html

============
PLESK
============

LOG
/var/www/vhosts/system/


/var/named/chroot/var/namadomain
sh /usr/local/rwwpscripts/syncdns.sh namadomain

==========================
Email/postfix
==========================
Set IP address for the mail service for the domain:
# plesk bin site -u example.com -mail-service-ip <new_ip>
contoh:
plesk bin site -u kopideli.com -mail-service-ip 103.247.11.221

SPAM CHECK
[root@wpiix7 log]# grep gatot@mitransat.com maillog | awk {'print $33'} > /var/www/vhosts/wpiix7.rumahweb.com/httpdocs/spam.txt

==========================
Backup
==========================
/usr/local/psa/bin/pleskbackup clients-name usernamePlesk --output-file=/backup/clients/migrated/usernamePlesk.tar --backup-password=wpiixbackup

==========================
RA
==========================
- Kopi data backup xxx.tar ke /var/lib/psa/dumps/restore2 . Kalau tidak ada folder restore2 di dalam /var/lib/psa/dumps/, buat.
- Ekstrak file xxx.tar. Gunakan perintah tar -xvf xxx.tar
- Restore dengan cara ketik perintah: /usr/local/psa/bin/pleskrestore --restore backup_info_xxx.xml -level clients -backup-password wpiixbackup
- Tunggu hingga selesai.

==========================
litespeed dan apache switch
==========================
/usr/local/lsws/admin/misc/cp_switch_ws.sh apache; rm -rf /tmp/lscache/*; /usr/local/lsws/admin/misc/cp_switch_ws.sh lsws


ERROR ALT-PHP54-FPM
# systemctl status alt-php54-fpm.service -l
Dec 15 14:23:28 wpiix3.rumahweb.com php-fpm[210359]: [15-Dec-2016 14:23:28] ERROR: [pool fanind.com] the prefix '/var/www/vhosts/system/fanind.com' does not exist or is not a directory

# mv /opt/alt/php54/etc/php-fpm.d/fanind.com.conf /backup/php-fpm-alt54/
# systemctl start alt-php54-fpm.service -l

DELETE CACHE
# rm -rf /tmp/lscache/*
# service httpd restart

==========================
UPDATE STATISTIC
==========================
/usr/local/psa/admin/sbin/statistics --calculate-one --domain-name=namadomain



 http://www.tecmint.com/web-control-panels-to-manage-linux-servers/
 http://www.webhostingbuzz.com/blog/2011/03/23/manage-cpanel-mail-forwarders-via-ssh/
 http://old.webasyst.net/support/help/general-modrewrite-test.html
 http://wiki.r1soft.com/display/CDP3/Allowing+Remote+Connections+to+MySQL+Instance
 https://support.google.com/mail/contact/msgdelivery
 http://nl.globalsign.com/en/support/ssl+certificates/
 http://linux-bloggers.blogspot.com/2012/10/cpanel-in-command-line.html

 http://www.cpanelblog.in/server-load-tweaks-apachemysqlsmtp-pop3eximimap
 http://www.helloari.com/blog/2011/03/the-best-permissions-setup-for-wordpress-and-plesk/

Mengantisipasi Bruteforce XMLRPC Wordpress

~ bruteforce xmlrpc.php wphosting/plesk ~
vi /etc/httpd/conf.d/xmlrpc.conf

<Files xmlrpc.php>
order deny,allow
deny from all
allow from 185.64.140.0/22
allow from 216.151.209.64/26
allow from 66.135.48.128/25
allow from 69.174.248.128/25
allow from 76.74.255.0/25
allow from 216.151.210.0/25
allow from 76.74.248.128/25
allow from 76.74.254.0/25
allow from 207.198.112.0/23
allow from 207.198.101.0/25
allow from 198.181.116.0/22
allow from 192.0.64.0/18
allow from 66.155.8.0/22
allow from 66.155.38.0/24
allow from 72.233.119.192/26
allow from 209.15.21.0/24
allow from 199.27.128.0/21
allow from 36.82.106.163
</Files>

Zombie Proses

Zombie Proses merupakan, proses anak yang sudah pergi tapi tidak pamit dengan Bapaknya. Sehingga masih dicariin.


Cek zombie proses :

ps aux | awk '{ print $8 " " $2 }' | grep -w Z




Untuk menghapus Zombie proses, maka bisa menggunakan perintah  ;


Kalau bandel tidak bisa di kill, bisa menggunakan  ;

kill $(ps -A -ostat,ppid | awk '/[zZ]/{print $2}')

atau

kill -9 $(ps -A -ostat,ppid | grep -e '[zZ]'| awk '{ print $2 }')

Bisa coba juga ;

ps aux | grep -w Z   # returns the zombies pid || membaca zombie proses
ps o ppid {returned pid from previous command}   # returns the parent
kill -1 {the parent id from previous command}

Bisa baca-baca ini ;

- https://efrizalzaida.wordpress.com/2013/06/03/membunuh-zombie-proses/
- https://blog.petrabarus.net/2008/08/zombie-process/
- http://opensource.telkomspeedy.com/forum/viewtopic.php?id=15051

Setting Dasar Mikrotik

Setting dasar Mikrotik di Jaringan Lokal
=========================================

1. Memberi Nama Routerboard ; System > Identity
2. Membuat User Baru Routerboard ; System > Users (Membuat user baru dengan hak akses full).

3. Memilih ether2 untuk terhubung ke network local.
a. Menambahkan IP Address untuk terhubung ke Nerwork ini .
Langkah ; IP > Address > klik +
- Pada Address masukkan IP  : 192.168.30.1./24
- Interface pilih : ether2

============================================
KONFIGURASI MENGGUNAKAN DHCP CLIENT
++++++++++++++++++++++++++++++++++++++++++++

Melanjutkan setting pada interface Publik . (ether1 dihubungkan ke ISP).
Bila ISP kita menggunakan DHCP Server, sehingga kita hanya perlu menggunakan DHCP client maka kita tinggal mengaktifkan DHCP Client.
4.Langkahnya ; IP > DHCP Client
Pada tab DHCP
- Interface : ether1
+ Bila terlihat status bound berarti kita sudah mendapatkan IP dari DHCP server milik ISP.
+ Bila dilihat di  IP > Addreses (kita sudah mendapatkan IP address yang diberikan oleh ISP)
+ Dan kita sudah mendapatkan Setting DNS yang diberikan DHCP server, kita hanya perlu mengaktifkan "Allow Remote Requests" supaya customer kita bisa melakukan request DNS.


5. Dari router cek Apakah sudah bisa terkoneksi ke internet (menggunakan terminal).

Supaya Komputer kita bisa digunakan untuk internet juga, maka aktifkan masquirade ;
Langkahnya ; IP > Firewall
- Pada tab NAT pilih ;
Chain : srcnat
Out. Interface : ether1
- Pada tab Action pilih (Mengubah IP address kita menjadi IP publik).
Action : masquerade


============================================
KONFIGURASI TANPA DHCP CLIENT
++++++++++++++++++++++++++++++++++++++++++++

6. Langkahnya;
- IP > Address .
Tekan + (plus) dan isi
Address menggunakan IP Address
Interface = ether1
Klik OK.

- Menambahkan Default root
IP > Routes
::General
Dst . Address : 0.0.0.0/0
Gateway : [isi gateway sesuai informasi ISP]

- Setting DNS
IP > DNS > Settings
Pada kolom Servers : [masukkan IP DNS servernya]

===========================================
7. Melimit Speed
langkahnya ; Queues > Simple Queues > Klik +
Name : dibuat apapun
target address : [Isi IPnya]
Isi Max LImit dan Download

============================================
8. Konfigurasi NTP dan Clock
Langkahnya ; System > SNTP Client
- ceklist enabled
- Mode = unicast
- Primary NTP Server = id.pool.ntp.org
- Apply > OK

System > Clock


============================================
KONFIGURASI MENGGUNAKAN PPPOE SPEADY
++++++++++++++++++++++++++++++++++++++++++++
langkahnya : klik PPP
a. Klik + > PPPoe Client
- Tab General
Name = Beri nama PPOE nya.
Interface = ether1 (yang mengarah ke ISP).
- Tab Dial Out
isi  kolom "User" dan "Password"
- Apply > OK

b. Setting DNS
IP > DNS  (Setting DNS yang akan digunakan).

c. Setting NAT untuk PPOE nya
Langkahnya ; IP > Firewall
- Pada tab NAT pilih ;
Chain : srcnat
Out. Interface : interface PPOE nya
- Pada tab Action pilih (Mengubah IP address kita menjadi IP publik).
Action : masquerade

Cara Menambahkan Fitur Lets Encrypt di cPanel

Berikut ini adalah panduan untuk menambahkan fitur Lets Encrypt di cPanel .

Cara Install Lets Encrypt di cPanel  ;
1. Jalankan perintah ini di SSH
/scripts/install_lets_encrypt_autossl_provider

2. Login WHM > Manage AutoSSL
a. Pada Tab Providers
- Pilih lets Encrypt (kemudian ceklist kabeh).
b. Pada Manage Users
- Klik Check "namadomain.com"
c. Pada Tab Log
- View Log

NTFS Fix Hardisk Rewel

Hai para pengguna OS Linux. Artikel singkat ini aku buat, karena disk Linux komputer ku yang sering g ngebaca Drive Hardisk.

Untuk mengatasinya cukup dengan perintah  ;

sudo ntfsfix /dev/sdXY

Dah ini perintah singkatnya. Kalau anda terkendala yang sama bisa dicoba gunakan perintah ini .

Chromium Yang Tak Mudah Dipahami

Hello Hello. ini posting pertama saya tentang Chromium. Awalnya browser ini rewel gara-gara cache, e sekarang malah G bisa running. Sudah dicoba install ulang, tak kunjung tampak hilal juga. 1 jam lebih baru ketemu penyebabnya.

Oya ini chromium yang ada di Linux mint 16 . Ya berikut ini adalah Cara memperbaiki chromium yang sudah diinstall di Linux, tapi tidak Running.

Cara Perbaiki ;
1. Hapus Installasi Chromium

sudo apt-get purge chromium-browser

rm .config/chromium -rf

2. Install chromium dari terminal.
a. Tambahkan salah satu repo sesuai kebutuhan .

sudo add-apt-repository ppa:chromium-daily/stable

sudo add-apt-repository ppa:chromium-daily/dev

sudo add-apt-repository ppa:chromium-daily

b. Install chromium

sudo apt-get install chromium-browser

referensi ;  https://community.linuxmint.com/tutorial/view/764

c. Ini yang cukup penting. Gunakaan perintah ini untuk melihat errornya.

chromium-browser

Demikian, semoga bermanfaat.