Mysql basic commands and deleting ip from the cphulkd database

Restore MySQL Database Shell Command
mysql -u username -p password databasename < databasefile.sql : Restores a MySQL database from databasefile.sql

Backup MySQL Database Shell Command
mysqldump -u username -p password databasename > databasefile.sql : Backup MySQL database to databasefile.sql

$ ssh server
[user@server ~]$ mysql -u user -p
Enter password:
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is id
Server version: version

Type 'help;' or '\h' for help. Type '\c' to clear the current input
statement.

mysql> connect cphulkd
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Connection id:    id
Current database: cphulkd

mysql> select IP, BRUTETIME from brutes order by BRUTETIME;
Empty set (0.00 sec)

mysql> select IP, LOGINTIME FROM logins order by LOGINTIME;
+---------------------------------+---------------------+
| IP                              | LOGINTIME           |
+---------------------------------+---------------------+
||
mysql> delete from brutes;
Query OK, 0 rows affected (0.00 sec)

mysql> delete from logins;
Query OK, 32 rows affected (0.00 sec)

You can also get the status of it using status command

mysql> status

mysql  Ver 14.14 Distrib 5.1.56, for unknown-linux-gnu (x86_64) using readline 5.1

Connection id:          45196
Current database:
Current user:           root@localhost
SSL:                    Not in use
Current pager:          stdout
Using outfile:          ''
Using delimiter:        ;
Server version:         5.1.56-log MySQL Community Server (GPL)
Protocol version:       10
Connection:             Localhost via UNIX socket
Server characterset:    latin1
Db     characterset:    latin1
Client characterset:    latin1
Conn.  characterset:    latin1
UNIX socket:            /var/lib/mysql/mysql.sock
Uptime:                 5 days 19 hours 59 min 11 sec

Threads: 1  Questions: 4376  Slow queries: 1  Opens: 2647  Flush tables: 1  Open tables: 64  Queries per second avg: 0.8

root@localhost [~]# mysqladmin processlist
+-------+------+-----------+----+---------+------+-------+------------------+
| Id    | User | Host      | db | Command | Time | State | Info             |
+-------+------+-----------+----+---------+------+-------+------------------+
| 45197 | root | localhost |    | Query   | 0    |       | show processlist |
+-------+------+-----------+----+---------+------+-------+------------------+

Exim commands and usage

Find most email IP
==================

tail -1000 /var/log/exim_mainlog |grep '\[' |cut -d[ -f2 |cut -d] -f1|sort -n |uniq -c |sort -n 809
tail -2000 /var/log/exim_mainlog | grep public
   

exim -bp|grep $name Will show the mail in queue for $name
exim -Mvh $MSGID View message header
exim -Mvb $MSGID View message body
exim -M $MSGID Force delivery of message
exim -v -M $MSGID View the transact of message

Force delivery of one message
exim -M email-id

Force another queue run
exim -qf

Force another queue run and attempt to flush the frozen message
exim -qff

View the log for the message
exim -Mvl messageID

View the body of the message
exim -Mvb messageID

View the header of the message
exim -Mvh messageID

Remove message without sending any error message
exim -Mrm messageID

Giveup and fail message to bounce the message to the Sender
exim -Mg messageID

How much mail in the queue?
exim -bpr | grep "<" | wc -l


How many Frozen mails in the queue
exim -bpr | grep frozen | wc -l


Deleteing Frozen Messages
exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm


To find out, how many messages are there in the mail queue:
exim -bpc

To check the mails in the queue:
exim -bp

To force exim update:
/scripts/eximup --force

==== REMOVE MAILS BY ID ====

 exim -v -Mrm (MAIL ID HERE)

==== LIST QUEDED MAILS ====

 exim -bp

==== OUTPUT NUMBER OF QUEDED MAILS ====

 exim -bpc

=== DELETE FROZEN MAILS ====

exim -bp | awk '$6~"frozen" { print $3 }' | xargs exim -Mrm

==== DELIVER FORCEFULLY EMAILS ====

 exim -qff -v -C /etc/exim.conf &

==== FREEZE MAILS FROM SENDER ====

 exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mf

==== REMOVE MAILS FROM SENDER ====

 exiqgrep -i -f (MAIL ADDRESS HERE) | xargs exim -Mrm

How much mail in the queue?

 exim -bpr | grep "<" | wc -l
    

Enable spell check for Round cube

Open /usr/local/cpanel/base/3rdparty/roundcube/config/main.inc.php with your preferred text editor.
    Set the $rcmail_config['enable_spellcheck'] option (line 384) to true.
    Save the change to the main.inc.php configuration file.
    Run the /usr/local/cpanel/scripts/makecpphp script. This script will rebuild cPanel's internal PHP with an OpenSSL module.

Troubleshooting

If you attempt to enable spelling checking with a third-party spell checking service without completing step 4, you will see the following error in /var/cpanel/roundcube/log/errors.

    PHP Warning:  fsockopen() [<a href='function.fsockopen'>function.fsockopen</a>]: unable to connect to ssl://www.google.com:443 (Unable to find the socket transport &quot;ssl&quot; - did you forget to enable it when you configured PHP?) in /usr/local/cpanel/base/3rdparty/roundcube/program/steps/utils/spell_googie.inc on line 48

If spell check does not seem to function properly, make sure that both OpenSSL and socket modules are enabled for PHP. This is because the spell checking plugin attempts to communicate with Google over SSL. If OpenSSL and socket modules are not enabled for PHP, you will see an entry in /usr/local/cpanel/base/3rdparty/roundcube/logs/errors that resembles the following:

    PHP Warning:  fsockopen() [function.fsockopen]: unable to connect to ssl://www.google.com:443
      (Unable to find the socket transport "ssl" - did you forget to enable it when you configured PHP?) in <your_path>/program/steps/mail/spell.inc on line 34

If you are using TinyMCE, you must enable the Curl module for PHP. If you attempt to use the TinyMCE HTML editor without enabling Curl for PHP, you will receive the following error:

    Could not execute AJAX call, server didn't return valid a XML.

Check inode usage of all the files

Please use the following script and check the inode usage of all files.

echo "Detailed Inode usage for: $(pwd)" ; for d in `find -maxdepth 1 -type d |cut -d\/ -f2 |grep -xv . |sort`; do c=$(find $d |wc -l) ; printf "$c\t\t- $d\n" ; done ; printf "Total: \t\t$(find $(pwd) | wc -l)\n"

How to Disable Telnet

Telnet sends clear text passwords and usernames through logins and should be disabled on all web servers and replaced with SSH.

Some hosting providers are not disabling telnet by default but you should ensure that it has been turned off as it's a great security risk to your servers. TELNET server listens for incoming messages on port 23, and sends outgoing messages to port 23.

1. Login to your server through SSH and su to root.

2. Type vim /etc/xinetd.d/telnet

3. Look for the line: disable = no and replace with disable = yes

4. Now restart the inetd service: /etc/rc.d/init.d/xinetd restart

5. Turn off it through chkconfig as well because it can still start through that.
/sbin/chkconfig telnet off

6. Scan your server to ensure port 23 is closed.
nmap -sT -O localhost

Also run ps -aux | grep telnet and if you find anything other than "grep telnet" as result kill the process.

Create welcome message for SSH login

1.Creating a Welcome message for SSH logins
If  you  want to change or create a new login message any time if someone logs into SSH. Please follow the instructions

First off login to our server as root. Then type in the following:
vim /etc/motd

2. Option. If you would like any user who connects to your SSH service to see a specific message, you can create a custom SSH banner. Simply create a text file (in my example in /etc/ssh-banner.txt) and put any kind of text message in it; for example:
*****************************************************************
*This is a private SSH service. *
*****************************************************************
When done editing, save the file. In the sshd_conf file, find a line that says:
#Banner /etc/issue.net