Showing posts with label VPS. Show all posts
Showing posts with label VPS. Show all posts

Saturday, July 25, 2015

How to limit CPU Usage in Centos 6

Hello, it's been a while since my last post, today i want to share about limiting CPU Usage, this tutorial is not to important if you have VPS with high memory and fast processeor, but how about if you only have 384 MB memory and you have plenty application running in same time???, i suggest dont do that :D, but some of you maybe has limited budget or something else, i take an example if your VPS running wine, and of course running windows application on it, but your platform still Centos, dont miss understand, this tutorial is for centos, not windows family, let's say you running some autosurf program in your VPS, like hitleap, otohits, etc, it need a lot of resource of course, for a while, the apps will running with no problem, but when CPU Load is getting higher and higher, it will kill the apps by itself.

how to limit process on centos

Installation

Auto install will include Installing EPEL for Centos 6, CPULimit, and Screen.
Type below to begin auto install line by line

wget https://raw.githubusercontent.com/zaq111/bash/master/angelimus-install-cpulimit-screen.sh

angelimus-install-cpulimit-screen.sh

Done, now you already install CPULimit.

Usage

How to use cpulimit, let assume you want to run firefox, after run firefox, now we type top, to see how much firefox using CPU, see below.

top - 08:11:55 up 33 min,  3 users,  load average: 0.49, 0.20, 0.08
Tasks:  52 total,   2 running,  50 sleeping,   0 stopped,   0 zombie
Cpu(s): 65.4%us, 34.6%sy,  0.0%ni,  0.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:    393216k total,   381648k used,    11568k free,        0k buffers
Swap:    98304k total,    13916k used,    84388k free,   259984k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 1077 root      20   0  512m  85m  33m R 23.5 22.4   0:01.50 firefox
  701 root      20   0 39464  22m 4548 S  0.7  5.8   0:00.31 Xvnc
  848 root      20   0  199m  18m  13m S  0.7  4.8   0:06.75 knotify4
  875 root       9 -11 87240 3304 2636 S  0.7  0.8   0:01.75 pulseaudio

Firefox consume 23.5% and your total CPU Usage is 65.4%
Now we running cpulimit first by type like below

cpulimit -l 10 --exe=firefox

you will see "No process found" repeated all times, it's means firefox not running, just try running firefox, you will see the diffrent

CPULimit Running

[root@don19 ~]# cpulimit -l 10 --exe=firefox
No process found
No process found
No process found
Process 1223 found

See procees on "top"

top - 08:22:00 up 43 min,  4 users,  load average: 0.00, 0.03, 0.03
Tasks:  56 total,   3 running,  52 sleeping,   0 stopped,   1 zombie
Cpu(s): 44.4%us, 19.4%sy,  0.0%ni, 36.1%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:    393216k total,   332660k used,    60556k free,        0k buffers
Swap:    98304k total,    14064k used,    84240k free,   257336k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 1223 root      20   0  195m  25m  15m R  9.7  6.6   0:00.13 firefox
  848 root      20   0  199m  18m  13m S  2.2  4.8   0:17.95 knotify4
  875 root       9 -11 87240 3304 2636 S  0.7  0.8   0:04.13 pulseaudio
    1 root      20   0  2900 1368 1232 S  0.0  0.3   0:00.03 init
    2 root      20   0     0    0    0 S  0.0  0.0   0:00.00 kthreadd/93209

Now see firefox process, it's only using 9.7% - 10%, and total CPU Usage is only 44.4%

But remember, when you close your terminal that running cpulimit, your firefox process will running like before which is 23.5% and going higher, so how to make cpulimit still running on background??

Using Screen

Using screen, you can make process running on background, here some example of use

screen cpulimit -l 10 --exe=firefox

to detach screen, press Ctrl  + A D
to resume screen type screen -r
if you have more than 1 screen, type screen -list

[root@don19 ~]# screen -list
There is a screen on:
        1291.pts-2.don19        (Detached)

to resume screen in list just type screen -x 1296.pts-2.don19

That's all, just leave comment if you find some trouble with cpulimit.
Thanks for reading my tutorial, see you in next tutorial.

Saturday, July 11, 2015

How to install VestaCP on Centos 6

VestaCP is another good web control panel for VPS, it lightweight control feature with many feature, when you installing vesta, it will automatically install a few good package, so no need to install it again, such as fail2ban, vsftp, spam assassin, apache, MySQL, roundcube mail server, etc, it's quite good, installing many package with only few single lines of code in terminal.

installing vestacp on centos 6

Installing

I will provide an easy way to installing VestaCP, you can see official install instruction here or follow my way, but remember, VestaCP require you to uninstall httpd and other installed package that may cause conflict to VestaCP, i recomend you to fresh install your VPS, or if you still want to try it, follow this step below.
Once again : if you hace website hosted on your VPS, better think twice before you install VestaCP, i never installing VestaCP on server that has hosted website on it, or maybe you find more info first on the internet about problem that maybe occur while you installing VestaCP.
While you installing, there are a few confirmation that will appear, so watch it carefully and follow the instruction, on your screen.

wget https://raw.githubusercontent.com/zaq111/bash/master/angelimus-install-vesta.sh

chmod +x angelimus-install-vesta.sh && sh angelimus-install-vesta.sh

now you are done installing VestaCP, login into VestaCP using information that appear on your screen.

login information vestacp

Accessing VestaCP

Open your favourite browser (Firefox, Chrome, IE, etc), and type your VPS IP Address in your browser with specified port that shown on your login information on terminal. Ex : Http://5.xxx.xxx.137:8083

Now Login, and you will see like below

vestacp panel

Now you are done installing VestaCP.

In tutorial VPS Host

In this tutorial, i using VPS that provided by Contabo.com you can see the detail here


Tutorial VestaCP

I will post link in here another tutorial related VestaCP

Friday, July 3, 2015

How to install Squid Proxy 3.5.5 on Centos 6.6 64Bit

Hello, now we are going to install Squid 3.5.5-1 Release May 29, 2015. Before we continue, in previous i have explain in detail how to install squid proxy on Centos 6, it works on 64bit and 32bit architecture (http://www.angelimus.com/2015/07/how-to-create-elite-proxy.html).
But now i only try in Centos 6.6 with 64Bit architecture with VPS from Evoburst.com.


Case : I have run VPS With Centos 6.6 64Bit with Squid Proxy Server 3.5.0.4, and i want to upgrade it to Squid Proxy Server 3.5.5-1.

Step 1 - Installing Squid Proxy Server 3.5.0.4 
Lazy Mode Method = Install Repository, Install Squid 3.5.0.4, Configure Elite Proxy.

Now, we must add repository first, because old repository only serve Squid 3.1.10, i have create lazy mode, just type :

wget https://raw.githubusercontent.com/zaq111/bash/master/angelimus-install-squid-355.sh 

chmod +x angelimus-install-squid-355.sh && sh angelimus-install-squid-355.sh

It's done, you have Elite Squid Proxy 3.5.0.4 installed on your VPS, now let's we costumize our squid.conf a little bit, type :

vi /etc/squid/squid.conf 

Scroll down and find similar like below (i only show how to make public proxy, you can change below configuration into personal or authenthicated system, see previous tutorial about installing proxy at step 2 (How to Install Elite Proxy on Centos 6)

# And finally deny all other access to this proxy
http_access deny all

change http_access deny all into http_access allow all

Scroll down again and find

# Squid normally listens to port 3128
http_port 3128

change http_port 3128 into http_port 5678

save it by type :wq and type :

service squid restart

Now you are done, you have running squid, try it on your web browser.
Until this step you already done install squid 3.5.0.4, if you don't want to continue to next step, it's ok, you still can use your squid 3.5.0.4.

test proxy using firefox
change ip address with your VPS IP Address

Step 2 - Installing Squid Proxy Server
Manual Method = Upgrade Squid 3.5.0.4 to Squid 3.5.5-1.

Maybe there are a big question in your head, why not just install squid 3.5.5 rather than installing squid 3.5.0.4, well, i don't have a specific answer for that question, what i know is, if you start installing 3.5.0.4, it will not installed, because there are no dependancies, but maybe someone else know how to install 3.5.5-1 without install 3.5.0.4 first, i'm curious too :P

Ok, let's start. Just type :

service squid stop

[root@centos6 ~]# service squid stop
Stopping squid: ................                           [  OK  ]

squid -v | grep Squid
[root@centos6 ~]# squid -v | grep Squid
Squid Cache: Version 3.5.0.4

rpm -Uvh http://www1.ngtech.co.il/repo/centos/6/x86_64/squid-3.5.5-1.el6.x86_64.rpm

Preparing...                ########################################### [100%]
   1:squid                  ########################################### [100%]
squid.conf.documented is at /usr/share/squid-3.5.5/squid.conf.documented

It's done, now check your version again.

squid -v | grep Squid

[root@centos6 ~]# squid -v | grep Squid
Squid Cache: Version 3.5.5

Let's check our configuration, is it still same?

vi /etc/squid/squid.conf

In my VPS, there are NO CHANGES at all, it's upgraded succesfully.
Now let's start squid

service squid start

[root@centos6 ~]# service squid start
Starting squid: .                                          [  OK  ]

Let's try open angelimus.com


elite proxy
proxy not detected
checking elite proxy using gather proxy 8.5


It's done, if you have some problem, please check my previous tutorial (How to Install Elite Proxy on Centos 6
Thanks, and see you in next tutorial.

How to install Squid on Centos 6.6 as an elite proxy

Hello again, now i want to share about squid proxy, before we start let's knowing squid by definition first, Squid is a caching and forwarding web proxy. It has a wide variety of uses, from speeding up a web server by caching repeated requests; to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering traffic
wikipedia.com

Install squid as elite proxy on centos 6.6

Yesterday "someone" has email me about my instalation method, which is using auto install, he suggest to provide 2 installation method, first is using auto install or "lazy mode" and the second is manual install line by line.

But because squid installation no needed auto installation, because many custumize option depend on user necessary, so lazy mode will not provided this time. Let's start

Step 1 - Installing Squid (as a base and must do)


yum -y install squid

when it's done, type below

vi /etc/ squid/squid.conf

This is the master configuration file for squid, you can costumized squid here, but for minimum requirement of squid, the default setting is work, it's what everybody said, including my friend.
I can't get squid start for first time even squid is running

[root@centos6 ~]# service squid start
Starting squid: ................                           [  OK  ]

But when i check using proxyfier this what i got, if you don't know what is proxifier, click this link (http://www.angelimus.com/2015/07/proxy-load-balancing.html)

squid started but cant connect to internet

For information, i'm using VPS from Evoburst.com with centos 6.6 64Bit. By default, squid proxy run in port 3128.
So if we see error information above picture, it says

Could not connect to 104.xxx.xxx.19:3128

My guess is there are something wrong with port 3128, now try change the port by editing /etc/squid/squid.conf

vi /etc/squid/squid.conf

and find http_port 3128 and change it to http_port 5678
now let's save it by press ESC on keyboard and type :wq

service squid restart

let's go to proxifier again and check it.

squid connected but no internet

Now we are allowed to use the port, but still not pass, through the internet. If we try using browser, using this port, it will show like this

squid access denied

That's good, why i said it's good? it because squid has been detected, and we can know for sure our squid is running.
Picture above means there are something wrong in /etc/squid/squid.conf actually its not wrong but we need a little costumize in our configuration. Now open your squid.conf by type :

vi /etc/squid/squid.conf

let see at the top of your file you will see similar like below (i will copy paste it and explain it)

#
# Recommended minimum configuration:
#
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

# Example rule allowing access from your local networks.
# Adapt to list your (internal) IP networks from where browsing
# should be allowed
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

What is acl? acl is Access List, so all user that want to use squid proxy must be listed here.
We take example at Line 11, see below

acl localnet src 10.0.0.0/8
-- it read like this, Access List with group localnet with source 10.0.0.0/8

Still confuse? i bet you will, don't worry.
1. 10.0.0.0/8 This is CIDR (Classless Inter-Domain Routing) Identification, it present ip address within range 10.0.0.0 - 10.255.255.255
2. Localnet this is group identifier, so we can allow which group can use proxy using rule.

So, from above acl we see :
10.0.0.0/8 Range = 10.0.0.0 - 10.255.255.255
172.16.0.0/12 Range = 172.16.0.0 - 172.31.255.255
192.168.0.0/16 Range = 192.168.0.0 - 192.168.255.255

Scrool down your squid.conf you will find like this :

# And finally deny all other access to this proxy
http_access deny all

it will deny access to proxy server if you ip is other than listed above by, since my ip is 104.xxx.xxx.19, it will not allowed.

In step 2, Choose between 2.1 or 2.2 or 2.3 depend on your necessary.
Step 2.1 - How to Allowed All IP to using Proxy Server, make it Public
So, if you want to allow all user ip address in the world to use your proxy server, edit your squid-conf, and find :

http_access deny all 

change it to http_access allow all

save it, and restart your squid by type

service squid restart

Now squid allready connected and running, it accept all ip address without limitation.

check squid using proxifier

Step 2.- How to Make squid Personally (Private Use Only)
Edit your squid.conf and add below

acl angelimus src 104.xxx.xxx.19/32

Scroll down, find like below

#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#

and type http_access allow angelimus

and make sure it block all ip other than listed, by find

# And finally deny all other access to this proxy
http_access deny all

make sure it is http_access deny all

save squid.conf and restart squid

Step 2.- How make squid public with user authenticated system
This step will explain how to create public squid proxy with user authentication system, so user who want to use proxy must be registered first in order to use proxy service.

authenticated system using squid ncsa_auth

So before user using proxy, it required authentication, see above image.
Let's start with editing your squid.conf (/etc/squid/squid.conf)
goto at very top of file and copy paste below code :

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/passwd
auth_param basic children 2
auth_param basic realm Angelimus Proxy Server
auth_param basic credentialsttl 24 hours
auth_param basic casesensitive off
acl proxusers proxy_auth REQUIRED
http_access deny !proxusers
http_access allow proxusers

for centos 6 64Bit auth_param basic program /usr/lib64/squid/ncsa_auth
for centos 6 32Bit auth_param basic program /usr/lib/squid/ncsa_auth

save squid.conf
Now we will create user and password file for squid

touch /etc/squid/passwd

set file owner to squid

chown root.squid /etc/squid/passwd

set permission for file

chmod 640 /etc/squid/passwd

Now lets create user for squid with name user001


htpasswd /etc/squid/passwd user001

[root@centos6 ~]# htpasswd /etc/squid/passwd user001
New password: <password is not visible, after type password, press enter>
Re-type new password: <retype password>
Adding password for user user001

now restart squid by type

service squid restart

It's done, try open Mozilla Firefox, set the proxy, and try open http://www.angelimus.com

proxy configuration for firefox

Now, try open any website, it will show login before you access it.

Step 3 - Create Elite Proxy
Now lets create elite proxy, open your squid.conf, and add below code at the bottom of file.

tcp_outgoing_address 104.xxx.xxx.19 all
104.xxx.xxx.19 >> replace it with your server ip

forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all

NOTE : It's occur to Step 1, Step 2, and Step 3 above.. IMPORTANT!!!
if you can't connect to https, like facebook.com or whatismyip.com or google.com, or another site, do this step :
1. Edit your squid.conf (vi /etc/squid/squid.conf)
2. Find acl SSL_ports port 443, add below that code >> acl SSL_ports port 80

so it will look like this (see below)
acl SSL_ports port 443
acl SSL_ports port 80
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https

Save and restart squid.
Now you already have personal proxy server with ELITE PROXY.
Try go to angelimus.com and see what is your ip? It will change into your VPS IP address.

checking proxy using gather proxy 8.5 Free edition
Test my proxy using Gather Proxy 8.5 Free Edition

Tuesday, June 23, 2015

How to add user in Centos 6

Hello again, today i want to share about how to manage user in Centos 6 64Bit. User are an account that has created by user or by 3rd Party Application in order to run.

User can be created if you want to add another account to share your VPS, but remember, because you are in one VPS, so you much share your resource too  with another user that logon in your VPS.

You can limit user activity too for your user, example, if you want to limit your user only using SSH, or FTP, or VPN, it’s up to you. I recomend to limit your user, so it can be controlled, and your VPS not too overload, because some VPS Host will suspend VPS if there are unusual activity or high activity that makes VPS Overload.


1. How to add user in Centos 6
adduser angelimus
passwd angelimus

then type your password twice

2. How to add user in Centos to Group
usermod -a -G ftp angelimus

-a = append user in group
-G = new list of supplementary GROUPS
ftp = group name

another example :

usermod -a -G ftp angelimus, porthos, socrates, delinios

3. How to limit user in centos 6
- Prevent User using SSH and FTP
usermod -s /sbin/nologin mynewssh 
- User only using VPN
vi /etc/ppp/chap-secrets
angelimusVPN pptpd pass900 *



4. How to lock user in centos 6
usermod -L angelimus

5. How to remove user in centos 6
userdel angelimus
just delete user account

userdel -r angelimus
-r = remove angelimus home directory too

6. How to force expired user password in Centos 6
chage -d 0 angelimus

7. How to view user password in Centos 6
cat /etc/passwd

Saturday, June 20, 2015

How to Unzip / Zip file in Centos 6

Hello again, now i want to share how to zip and unzip file in centos, what in zip file? zipping file is collecting a few or more file that you choose and compress it into one file, so you can give that file or send to your friend or send it to file hosting, zip file usually used when you want to backup something, as a sample, i have website that i put on /public_html folder, and i want to back it up in case something happened or maybe you want to do a major change to your website, so i just zip my /public_html directory into one file, and i start change or modify the original file, if something happened, i just recover all my files in /public_html directory by unzipping from zip file that i created as backup.

Before we start, make sure zip package is installed in your system, by type zip in your terminal.
zip

if there are no zip package installed, it will reply -bash: zip: command not found
so you must install it first by type :

yum -y install zip

1. Zip
Now you have zip package installed in your system, now type zip, there are a lot of option for zip, we don't use that all, i usually only use -r and -v.
-r is recurse into directories it means, zip include directory
-v is verbose it will showing line by line what file has been added to your zip file

the command fo zip is

zip [options] [new_file_name.zip] [dir / file(s) that we want to zip]

example :
i want to zip files with .txt as extension
zip -v /home/backup/backup_mytext.zip /home/tutorial/*.txt

i want to backup my website file in /html/wordpress into /home/backup/
cd /var/www/html/wordpress/
zip -rv /home/backup/backup_myweb_15062015.zip *

2. Unzip
Before using unzip, try type
unzip

if the reply is -bash: unzip: command not found it mean there are no unzip package in your system, so you must install it first by type
yum -y install unzip

Now unzip package already installed in your system, lets start
To view file in .zip, use this command
unzip -l /home/backup/backup_myweb_15062015.zip

To restore / extract zip file, use this command
unzip /home/backup/backup_myweb_15062015.zip -d /var/www/home/html/wordpress

To restore / extract zip file, and overwrite it
unzip -o /home/backup/backup_myweb_15062015.zip -d /var/www/home/html/wordpress

To restore / extract zip file, and update it
unzip -u /home/backup/backup_myweb_15062015.zip -d /var/www/home/html/wordpress

There are a lot of options to use, but not all of that options is used, it depends on your case, maybe you will use it, but these are a basic command in compress and extract file(s)

Wednesday, June 17, 2015

How To Monitoring Running Process in Centos 6 64Bit

Hello, again now i want to share some tutorial about how to monitoring resource on centos 6, this tutorial is very common, i got this from a few source, a few of them i got from tecmint.com, you can check it there for more information and of course there are much usefull information, you must visit there.

What is monitoring running process?? in windows, we usually use task manager to see what is running on our system, but in centos, we have a few similar tool like task manager too, but if you only use terminal there are a few script or command to show what running on your system.

Sometimes we got our VPS running slow, and you must check on control panel in website for how much our memory is being used or how high our processor load, it not necessary, it wasting time of course, cause centos has built in tools to check memory usage and processor usage to, and the important things is we must know, if is there any other user using our VPS or no, because sometimes we dont know who are using our VPS, and what is application that our user running.

1. Some cool stuff from Tecmint.com  (Post by AVISHEK KUMAR)
This stuff has great view, i like this too, and sometimes i used it too, it has many information about our VPS, to install it, follow this step, open your terminal, and type :
Dependency
There is no dependency required to use this package for a standard Linux Distribution. Moreover the script don’t requires root permission for execution purpose. However if you want to Install it, you need to enter root password once. (original statement from tecmint.com)


Security
Have taken care to ensure security of the system. Nothing additional package is required/installed. No root access required to run. Moreover code has been released under Apache 2.0 License, that means you are free to edit, modify and re-distribute by keeping Tecmint copyright. (original statement from tecmint.com)


wget http://tecmint.com/wp-content/scripts/tecmint_monitor.sh


chmod 755 tecmint_monitor.sh./tecmint_monitor.sh -i


monitor


2. Top (Built-in centos 6 monitor)
If you need more spesific about what is PID of running process, the user who running the application, how many resource used by application, etc you just type :
top

3. ps -eLf
To use this, you don't need to install anything, just type it, this will show you history of running process by user and also what command that user type to run script, use this if you have unknown user in your system.
ps -elf


4. atop
This is similar like top, but you must install first. Open your terminal and type :
yum -y install atop
to run it just type atop.



5. htop
This is similar like top and atop, but this more colorful and has built in function to kill process, search, filter, and the important is this application can modify priority of running process, you can modify it in realtime, no need to kill the process first. Use up and down arrow to select process and select what task todo.
yum -y install htop
to run it just type htop.



Thats all, you decide which one you want to use, remember, all application above running consume resource too, dont you run all time, use it when you need it.