InfoSec & Sysadmin Wizardry
Disabling the Firewall
systemctl disable firewalld
Enabling the Firewall
systemctl disable firewalld
Status of the Firewall
firewall-cmd --state
Allowing Ports
firewall-cmd --permanent --zone=public --add-port=2223/tcp
firewall-cmd --reload
Check Active Zone & Open Ports
firewall-cmd --list-all-zones
Shows Default Zone
firewall-cmd --get-default-zone
For resource tracking purposes it will help if the system is using both SuExec and SuPHP so that CGI and PHP processes run as the appropriate user account and not using the shared system user like that of user “nobody” for Apache.
The following features in WHM may be used to obtain information about CPU, RAM, Apache and MySQL resource utilization; the first tool shown below, Daily Process Log in Server Status, includes daily averages:
WHM: Main >> Server Status >> Daily Process Log
WHM: Main >> Server Status >> Apache Status
WHM: Main >> SQL Services >> Show MySQL Processes
WHM: Main >> System Health >> Show Current CPU Usage
WHM: Main >> System Health >> Show Current Running Processes
Original Source: https://forums.cpanel.net/threads/how-to-determine-which-websites-are-the-busiest.142413/
Many of the commands listed on this page are more suited for a server running the WHM / cPanel environment, WHM / cPanel keeps user’s websites and error_log files underneath their /home/ directory.
If you wanted to apply this command to systems that were not using WHM / cPanel then you might change the page mention in the commands below from: /home*/*/public_html/ to be / instead.
Find and Remove
The command below will find and remove error_log files irrespective of their size.
find /home*/*/public_html/ -type f -name "error_log" -exec rm -f {} \;
Find and Remove error_log files only if they are over 50mb
find /home*/*/public_html/ -name "error_log" -size +5000k -exec ls -lah {} \;
Want to monitor your Linux system?
See what is going on behind the scenes? Then htop is the tool. Nearly all Linux systems come with a simplified version built in called top – enter that onto your shell and you will see a very basic, monotone system monitor, however if you use the newer htop you get colours, more information and an layout that is easier on the eye. If the htop command doesn’t work for you then try installing it with either:
sudo yum install htop
sudo apt-get install htop
Depending on which Linux distro you are using.
htop lets you see performance, running processes, allows you to filter, search, sort and kill processes if necessary.
Understanding htop’s display
The numerical bars starting from the top left represent each CPU core within your system. The ‘Mem’ bar shows RAM / Memory and Swp stands for Swap (otherwise known as Page File within a Windows environment).
You will see your CPU and Memory bars fluctuate as your system is used more heavily, hopefully the Swap bar stays empty or very low, if it starts to rise that would typically be an indication that your system is running out of RAM and is switching to use Swap instead, the additional Disk I/O caused by that and the fact that your RAM is probably full will mean your system will start to run slowly in that situation.
Load Average is a good performance indicator at a glance, you will see three sets of numbers lets say for example:
0.85 4.25 8.45
The three sets of numbers above represents the average load of your system over a period of time. The first number on the left shows the load average over the course of 1 minute, the second number over a 5 minute period and the last number over 15 minutes. Meaning at a glance it can give you an indication of the current load of the system and historical information. For example if we take the numbers above, if I saw those on a real-life system it would indicate to me that the system was under heavy load a while ago but in the past 5-10 minutes the load has now dropped by quite a lot and is heading in the right direction.
Filter by User
Hit the U key when in top and it will give you the option to filter the list of running processes by user, very handy if you want to focus on a particular user or perhaps narrow down the list if you have found a process or user which is being troublesome.