Server Admin

Website Server Administration

Create DNS Record For Subdomain – Add DNS Entry Into Bind

Overview

Welcome to the first of a number of DNS related articles I will write to help explain the different tasks needed to configure and manage your own DNS server using bind under Linux.

The article assumes you have already installed bind and it is all running. If not, then you will need to setup bind first. Once you have setup bind, you are now ready to create DNS record for subdomain. You can also checkout my next article (which is more of a prequel) about adding Adding New Zone To Bind DNS Server.

What is a DNS Zone?

Essentially a zone in DNS terms is a domain along with all it’s subdomains. Typically you will have one zone config file per domain (which includes its subdomains and any mail records, alias’ and other entries associated with that domain) however you can also have multiple domains using a single zone file. If you have multiple domains to a zone file, each of those domains will be configured identically which includes the IP addresses and subdomains each of the entries point to. The zone file tells the DNS server what IP addresses are associated to each of the domains and subdomains. Each record in the zone file can also be configured to be any type of DNS record such as A record, MX record, TXT record, etc.

Editing a zone file

The zone files are located under /etc/bind/ and the zone files generally (but not always) are in the format of db.domain.com.conf. For example, my zone file for darian-brown.com is under:

/etc/bind/db.darian-brown.com.conf

So now we simply edit the zone file using vi or your preferred editor

sudo vi /etc/bind/db.darian-brown.com.conf

Create DNS Record For Subdomain

In your zone file you will see a couple existing DNS records. You should see a section similar to this where 192.168.0.2 is the IP address on our internal network where these domains point to. The @ symbol simply means the current domain which in our case is darian-brown.com

@	IN	A	192.168.0.2
www	IN	A	192.168.0.2

Now we are going to add a subdomain called blog and point it to a different server. So we add the line after those two entries (or even at the bottom of the file) like so.

@	IN	A	192.168.0.2
www	IN	A	192.168.0.2
blog	IN	A	192.168.0.10

Update Config File Serial

You need to update the serial in the zone config file. Change it so the serial number is higher than it used to be. This will allow bind to see that the config file has been updated and that it need to load in the new config file.

$ORIGIN example.com
@       IN      SOA     ns1.exampledns.com.    root.example.com. (
                     2014082301         ; Serial
                           3600         ; Refresh
                           1800         ; Retry
                         604800         ; Expire
                          43200 )       ; Negative Cache TTL

I like to use the current date for the serial and a two digit to show the number of times it edited the file that day. This ensures the serial is unique, always higher and has the added benefit of showing when I last updated the config file. So use the format of YYYYMMDDXX where xx is the edit that day. Starting at 01 for the first edit, 02 for the second edit, etc.

Save And Restart Bind DNS Server

Once you have added your new subdomain and updated the serial in your DNS config file, you need to restart the bind daemon in order to reload the new config file. You can do so by issuing the following command.

Debian / Ubuntu Linux

Restart bind dns server on Debian and Ubuntu Linux.

service bind9 start

Alternate method to restart bind dns server on Debian and Ubuntu Linux.

/etc/init.d/bind9 restart

Redhat / Fedora Linux

Restart bind dns server on Redhat and Fedora Linux.

service named restart

Alternate method to restart bind dns server on Redhat and Fedora Linux.

/etc/init.d/named restart

Note: you may need to use sudo to run these commands if your account doesn’t have enough privileges.

Testing new subdomain

In order to test your new entry is working, you can dig the new address. See my article on What is Dig and When Should I use it for more information. Dig is a lot more informative and can be extremely useful as you can directly query your DNS server rather than waiting for the DNS to refresh.
An example of how to do would be

dig @ns1.mynameserver.com -t A blog.darian-brown.com

and if the DNS entry was added successfully, you should see a section in the response that is something like

;; ANSWER SECTION:
blog.darian-brown.com.	3600	IN	A	192.168.0.2

Alternately you can ping the subdomain using

ping blog.darian-brown.com

Final Note!

Once you have create DNS record for subdomain, it may take a while before it comes into effect. The reason is that your DNS server must send the new information to other DNS servers around the world, so that other DNS server all over know your new subdomain details and are able to find it on the internet. This process is commonly called DNS propagation.

DNS Propagation

This process may take up to 48 hours however a few hours usually does the trick. Updating a subdomain usually takes longer than creating a new domain or subdomain. This is because the other DNS servers will wait for their cache to expire before refetching your updated DNS zone file.

Disable SSH Login For FTP User

Overview

The below guide will show you have to create an FTP account for vsftpd and also block ssh access making a ssh account a ftp only account. This will also disable telnet access to the ssh account.

Disable SSH Login For FTP User

Secure Lock

Create The Ftp User

The ssh login account will be used as the ftp login account. So first step is to create the ssh user. Since this will be the FTP username choose name you wish to use are your ftp username. someusername is the username I am using as an example for this tutorial. We will disable ssh access later on.

Enable FTP Login Using SSH Account

In order to allow local ssh users to be able to ftp in, you need to set local_enable=YES in your vsftpd.conf file. That will allows any users on the system, to gain access to the server through FTP.

adduser someusername

Disable SSH Login For FTP User

Open up your passwd file which is usually located under /etc/passwd. Now change the default shell which would be similar to /bin/bash to your ftp only shell which I will create as /etc/ftponly. I created the file under /etc/ftponly however you can place the file anywhere you see fit.

someusername:x:1017:1017:,,,:/home/someusername:/etc/ftponly

Create the ftponly shell file

Now create the ftponly file of /etc/ftponly and type in a scary message to deter trespassers. Save the file in the location you specified in the passwd file located at /etc/passwd.

#!/bin/sh
echo "Welcome to my FTP Webserver. Please note that all activity is tracked for security purposes!"
exit

Ensure the file can be executed

chmod a+x /etc/ftponly

Step 5 – Add ftponly as a valid shell

Add our file /etc/ftponly to the list of valid shells. Simply add the following line to the end of your shells file which is located at /etc/shells. Your shells file will look something like this:

# /etc/shells: valid login shells
/bin/csh
/bin/sh
/usr/bin/es
/usr/bin/ksh
/bin/ksh
/usr/bin/rc
/usr/bin/tcsh
/bin/tcsh
/usr/bin/esh
/bin/bash
/bin/rbash
/usr/bin/screen
/etc/ftponly

All Done!

Now when people try to ssh or telnet into the server, they will see the message “Welcome to my FTP Webserver. Please note that all activity is tracked for security purposes!” and they won’t be able to gain any further access however they will still be able to login using FTP.

Warning Note!

If the shells file /etc/shells file doesn’t exist, you will need to add in the other shells similar to above since you will be overriding the default shells. If you fail to do so, you could prevent any further ssh access.

PHP Increase Memory Limit Using Htaccess, Apache Or PHP

Overview

Most of us have come across this error: “Fatal error: Allowed memory size of xxxxxx bytes exhausted (tried to allocate yyy bytes) in ….” in the php error log files.

In php, running out of memory in usually a sign that your php script is not too well written or has a bug or two in it. It could also be caused by script that have to process large amounts of data at once. Sometime even well designed php scripts still require more memory than usual especially if it is handling large amounts of data or when trying to read large files into memory.

PHP Increase Memory Limit Using Htaccess, Apache Or PHP Script

Luckily in php, increasing the memory limit is an easy task to do and can be done in a number of ways. Below I will show you how to increase (or even decrease) the memory limit using either htaccess, apache and even inside the php script itself.

Setting PHP Memory Limit inside PHP Script

Inside your php script that requires the increase in memory, you can add the following line which increases the memory limit just for that page. So putting this at the top of the script can help you handle larger amounts of data.

<?php

// note that memory_limit is case sensitive!
ini_set('memory_limit','64M');

// rest of your code follows

Setting PHP Memory Limit in .htaccess

Setting a memory limit in .htaccess is also straight forward. Add a line into your .htaccess file. Note that this will affect any php files within that folder and subfolders. You won’t need to restart apache when updating the htaccess. Be careful as any typo’s in the htaccess file will prevent the website from loading correctly.

php_value memory_limit 64M

Setting PHP Memory Limit in php.ini config file

If you want to set the memory limit within PHP itself, then edit the php.ini file which is usually found under /etc/php/apache2/php.ini under Debian and find the line shown below and change it to whatever you need. This will affect all php scripts running under your server so be careful with this value.
Note: you will have to restart apache for this change to take effect

memory_limit = 64M

Setting PHP Memory Limit in Apache

Inside apache, find the virtual host that needs the increase in memory limit and add the line as shown below in italics.
Note: you will have to restart apache for this change to take effect

<VirtualHost *:80>

# apache settings for virtual host

php_value memory_limit 64M

# other settings etc. follow as usual.

</VirtualHost>

Conclusion

Needing more memory for a php script can be frustrating, luckily you are able to increase the php memory limit for your website or just a specific subfolder of your site. It is easy to increase the limit using either htaccess, apache or within the php script.

Override The Default PHP Execution Timeout Limit

Overview

In many programming language there is always a chance that your code will enter an infinite loop and get stuck for a long time. There is also a chance that a script may be processing large and complex dataset which causes it consume large amounts of server resources for a long time. Which affects other programs or websites that are running on the same server. In most cases this would be useful, however sometimes you will need to allow the script to complete even if it takes a long time and consumes a chunk of a server’s resources.

If this is the case, you can override the default PHP execution limit, which is generally around 30 seconds and set it to a much higher (or lower) timeout limit. You can even remove the time limit although this isn’t generally recommended. As you will see, PHP has introduced a PHP Execution Timeout which basically limits the amount of time a PHP script is allowed run until it is cancelled by the PHP server.

Override The Default PHP Execution Timeout Limit

I will show you a number of ways to extend the maximum execution time of a PHP script.

 

Setting the PHP execution limit in php.ini

Edit your php.ini file which is usually under ‘/etc/php5/apache2/php.ini’ in Debian Linux and scroll to the line which has the max_execution_time option. Want to remote the time limit? Setting the limit to 0 (zero) will remove the PHP execution timeout and possibly cause the PHP script to run forever.

max_execution_time = 600

 

Setting the PHP execution timeout using set_time_limit()

You can override the PHP execution time directly in a PHP script by using the set_time_limit() function. Setting the limit to 0 (zero) will remove the PHP execution timeout and possibly cause the PHP script to run forever.

<?php

// set the PHP timelimit to 10 minutes
set_time_limit(600);

// rest of your code will be able to run for the next 10 minutes before timing out

?>

 

Changing the PHP execution time using ini_set()

Just as above, you can also override the PHP timeout limit in a PHP script by using the PHP ini_set() function. Setting the limit to 0 (zero) will remove the PHP execution timeout and possibly cause the PHP script to run forever.

<?php

// set the PHP timelimit to 10 minutes
ini_set('max_execution_time',600);

// rest of your code will be able to run for the next 10 minutes before timing out

?>

 

Override PHP execution time in .htaccess file

Overriding the default PHP execution timeout can also be done inside an .htaccess file by using the php_value directive and using it to set the value of max_execution_time. Setting the limit to 0 (zero) will remove the PHP execution timeout and possibly cause the PHP script to run forever.

# set timeout to 10 minutes
php_value max_execution_time 600

Final Words

Increasing the timeout limit can be very useful but should be used with caution. Removing the time limit can be done by setting the limit to 0, but again, use with caution. Timeout limits are there for a reason and should only be used when other options are not available or viable.

PHP Ping Script To Check Remote Server Or Website

Overview

Ever needed a quick php code snippet to perform a ping to check if a remote server or website is up? Then see the code below which contains two variations of a ping function that will show you how to ping from php using a PHP Ping Script. The first version uses exec() and the second version uses fsockopen().

PHP Ping Website

The advantage of the second function is that it can connect to a specified port which allows you to also check if a port or service is available on your server. Great if you want to check if your Website is still running on port 80 or if your MySQL service is still responding.

PHP Ping Script To Check Remote Server Or Website

A PHP Ping Script can be very useful to check if your website or server is up before attempting to connect to it resulting in you having to wait for ages while the program or script to eventually timeout.

Our first version using PHP exec() to ping the server.

First example is a simple example that will send a standard ping.

<?php

/* our simple php ping function */
function ping($host)
{
	exec(sprintf('ping -c 1 -W 5 %s', escapeshellarg($host)), $res, $rval);
	return $rval === 0;
}

/* check if the host is up
	$host can also be an ip address */
$host = 'www.example.com';
$up = ping($host);

/* optionally display either a red or green image to signify the server status */
echo '<img src="'.($up ? 'on' : 'off').'.jpg" alt="'.($up ? 'up' : 'down').'" />';

?>

Our alternate PHP Ping Script using fsockopen().

Our second example is by far more useful as it accepts a port as the parameter. This allows us to check specific services on the server. Using port 80 in most cases will test the website, or 3306 will try connect to a mysql server.

<?php

function ping($host,$port=80,$timeout=6)
{
	$fsock = fsockopen($host, $port, $errno, $errstr, $timeout);
	if ( ! $fsock )
	{
		return FALSE;
	}
	else
	{
		return TRUE;
	}
}

?>

Useful Example of Using PHP Ping Script

We can use this ping function to allow us to provide our users with a better message rather than seeing our site is down.

<?php

$host = 'www.example.com';
$up = ping($host);

// if site is up, send them to the site.
if( $up ) {
	header('Location: http://'.$host);
}
// otherwise, take them to another one of our sites and show them a descriptive message
else {
	header('Location: http://www.anothersite.com/some_message');
}

?>

Now if the site is up, they will get sent to your site. Otherwise they will be sent to www.anothersite.com and shown a message.

Real World Unix Timestamp Examples

Overview

Unix timestamps are extremely useful and can be used across my different programming languages and platforms. I will outline a couple programming languages that support timestamps.

  • PHPconvert timestamps to date in php
  • MysQLview example on how you can query timestamps from a MySQL Database
  • Javascriptthe Date() function in Javascript can use timestamps
  • Perlthe time() function in Perl can handle unix timestamps
  • Linuxreturn current timestamp in linux

Real World Unix Timestamp Examples

PHP

In PHP, you can convert a unix timestamp to a real time by using the php date() function. date() allows you to convert a timestamp that is supplied as the second parameter or if the second parameter is left out, it will convert the current timestamp to date.

<?php

/* this would display a time of 23 May 2011 17:12:pm */
echo date('d F Y H:i:a',1306134726);
/* and this would display the current time in the same format as above */
echo date('d F Y H:i:a');

?>

The way the date is displayed is controlled by the flags passed to the function. Here we used the flags ‘d’, ‘F’, ‘Y’, ‘H’, ‘i’ and ‘A’. For a complete list of flags and to see a complete description of this function, visit http://php.net/manual/en/function.date.php.
The PHP function time(), strtotime() and mktime() all return the current unix timestamp. If you wanted to, you can also get a time stamp 24 hours from now by using the following code.

<?php

/* get tomorrows timestamp */
$tomorrow = time() + (24 * 60 * 60);

/* or you can use strtotime to convert a natural string into a timestamp */
$tomorrow = strtotime('+24 hours');

/* and this will create a timestamp based on the date and time variables */
$timestamp = mktime($hour,$min,$sec,$month,$day,$year);

?>

MySQL

If you have a table that contains a column with a unix timestamp in it, you can convert it using the query below. It will return a column that contains rows of easy to read date and times.

SELECT FROM_UNIXTIME(column_name) AS real_time FROM `table_name`;

Javascript

Javascript has a function called ‘Date()’ which allows you to use timestamps in javascript. Remember that since javascript is client side code (i.e. runs on the persons browser), the date shown is their own computer time, not the server time. To get the current timestamp in javascript, simple use

<script type="text/javascript">

/* get the current timestamp */
var timestamp = +new Date();

</script>

You can also convert a timestamp to a date by using the following javascript date functions.

<script type="text/javascript">

/* create a new date as of the current date */
var date = new Date();
/* you can also create a new date and pass a timestamp to create the date as of the timestamp */
var another_date = new Date(1306482441);

var day  = date.getDate(); // get the day that date relates to
day = day < 10 ? '0' + day : day; // add a 0 if less that 10
var month = date.getMonth() + 1; // returns month as 0 - 11
var year = date.getFullYear(); // 4 digit year (eg. 2011)
var hour = date.getHours(); // get hours
hour = hour<10?'0'+hour:hour; // pad with a 0
var minute = date.getMinutes(); // and minutes
minute = minute<10?'0'+minute:minute; // pad with 0
var second = date.getSeconds(); // get seconds
second = second<10?'0'+second:second; // pad with 0

</script>

Perl

In order to retrieve the current timestamp in Perl, you can make use of the time() function which is the same as PHP.

my $timestamp = time();

Linux

Using the ‘date’ command in linux will print out the date specified by the parameters passed to it. We will use the %s flag to tell it to print the seconds passed since ‘1970-01-01 00:00:00 UTC’ (i.e. it will print out the current timestamp).

date +%s

Specify Sitemap In Robots.txt

Overview

When creating a new website, or updating an existing website, you need to tell google and other search engines where your sitemap is located. You can submit a sitemap to google using Google’s webmaster tools. A more convenient way is to Specify a Sitemap In Robots.txt file. The robots.txt file is located in the root of your web folder. Search engines generally access and adhere to information in your robots.txt. However this is not guaranteed. Specifying the location of your sitemap.xml in your robots.txt file is done by adding a single line to your existing robots.txt file. If you don’t have a robots.txt file you can create a new robots.txt file and then add the line as shown below.

Specify Sitemap In Robots.txt

Sitemap: http://example.com/sitemap_location.xml

It will now tell Google and other search engines where your sitemap is located on your website. The sitemap listed here can be either your full sitemap or even a top level sitemap that links to all your other sitemaps (if you have more than one sitemap.xml file).

Full Robots.txt Example

User-agent: *
Allow: /
Disallow: /example-folder/
Disallow: /another-folder/

Sitemap: http://www.example.com/sitemap.xml.gz

Interesting Facts About Unix Timestamps

Here are a couple of facts surrounding unix timestamps you may find interesting. A couple of these are tips I discovered and a couple found browsing the internet. If you are not sure what a timestamp is, then read this article on What Is A Unix Timestamp And Why Is It Useful

  • On January 19, 2038, the Unix Time Stamp will cease to work due to a 32-bit overflow. This will result in websites crashing if they are still using 32-bit cpu’s. Before this moment millions of applications will need to either adopt a new convention for time stamps or be migrated to 64-bit systems which will buy the time stamp a “bit” more time.
  • At 03:33:20 UTC on May 18, 2033, the Unix time reaches 2,000,000,000 seconds, the second billennium.
  • At 23:31:30 UTC on February 13, 2009, the Unix time number reached 1,234,567,890 seconds.
  • At 01:58:31 UTC on March 18, 2005, the Unix time number reached 1,111,111,111.
  • At 01:46:40 UTC on September 9, 2001, the Unix billennium (Unix time number 1,000,000,000) was celebrated.
  • At 00:37:33 UTC on July 21, 2069, the Unix time will represent the first 10 digits of pi, 3141592653. (This coincides with the 100th anniversary of the first manned Moon landing, occurring between the times of touchdown and the first moon walk.)
  • At 09:06:49 UTC on Jun 16, 2034, the Unix time reaches 2,034,061,609 seconds and thus matches the current time to the hour (2034061609) when displayed as YYYYMMDDHH.

Check If Linux OS Is 64 Bit or 32 Bit

Overview – How To Check If Linux OS Is 64 Bit or 32 Bit

If you have ever needed to know if you have 32 bit or 64 bit linux installed, there are a number of simple ways to find this out of which I will show you two ways.

Note that if your cpu architecture is a 64 bit cpu, then you are able to install either 32 bit or 64 bit versions of Linux (or any operating system for that matter). However if your cpu architecture is 32 bit, then you are only able to use the 32 bit version of linux. It should also be noted that you are will not be able to install 64 bit applications on a computer with a 64 bit cpu if the linux operating system is running a 32 bit version of linux.

First Method to check if linux os is 64 bit or 32 bit

In your linux shell, type the following:

getconf LONG_BIT

It will return either 32 if you have the 32 bit installated or 64 for 64 bit versions.

Second Method to check if linux os is 64 bit or 32 bit

In your linux shell, type the following:

uname -m

If it returns x86_64 then you have the 64 bit variation and if you see i686 (or even i586, i386, etc.).

64 bit Hardware Support

If you need to see if your cpu architecture supports 64 bit

cat /proc/cpuinfo

MySQL INSERT IGNORE – A MySQL Syntax Tip

Overview – MySQL INSERT IGNORE

In MySQL, when you perform a mysql insert query, it is very common to come across errors with one of the insert queries. Once an issue is encountered with a mysql insert, the rest of the mysql inserts will not be executed since the MySQL query won’t continue. This can be annoying since you will have to figure out which rows were inserted and which ones weren’t so you can manually insert the remaining rows.

Fortunately, you can use mysql insert ignore syntax to avoid this frustration by using the keyword ‘ignore’.

MySQL INSERT IGNORE

Consider the following mysql insert statement that would insert two records:

INSERT INTO `table` ('name','surname','email') VALUES ('Mark','Ringo','mark@example.com'),('Sarah','Ainsley','sarah@example.com');

If the first insert (mark ringo) had to fail for some reason, then Sarah would not be inserted UNLESS you add the word ‘ignore’ after mysql insert statement, making the above statement:

INSERT IGNORE INTO `table` .......

Now if the first entry fails, then Sarah will still get inserted. Pretty nifty eh’ and can save countless hours of frustration while trying to import partial records and missing rows from an incomplete mysql insert.

Use With Caution

Please use the mysql insert ignore with caution. Errors and warnings that creep up are there for a reason. MySQL INSERT IGNORE can save a lot of frustration and simplify inserting records however it can end up masking some issues that exist.