[tools] update.script

[@how@]

new update.
Webmin control panel 1.441
MySQL 5.1.29
phpMyAdmin 3.0.1.1


Wael

 

[gozargah]

Please answer my question "@how@"

 

[@how@]

How can remove installed scripts? such as mrtg?

Open /etc/crontab and remove the line that reads:

*/5 * * * * root /usr/local/mrtg-2/bin/mrtg /var/www/html/mrtg/core/mrtg.cfg

remove folder

rm -rf /usr/local/mrtg-2/
rm -rf /var/www/html/mrtg/

Wael

 

[Cyber-DL]

install only ClamAV

Hello,
update script not part from directadmin.com
update.script homepage http://tools.web4host.net/
**** USE IT YOUR OWN RISKS ****

*****
*****
*****

GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 2006,2007 Free Software Foundation, Inc.
51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Update script made by Wael Isa
H188, R4008, Arad 240, Kingdom of Bahrain
http://www.web4host.net
Version: 1.3
Release Date: 1 / 9 / 2006

*****
*****
*****

If you find update script useful, please consider to make a donation to support this freeware.
Please keep in mind that donations are welcome, but in no way required to use and distribute update.script.
donate via 2checkout.com & paypal accepted

update.script Version: 1.3
update script tested in this OS 32bit & 64bit.

• RedHat Linux 7.2, 7.3, 8.0, 9.0
• RedHat Fedora 1.0, 2.0, 3.0, 4.0, 5.0, 6.0, 7.0
• RedHat Enterprise 3.x, 4.x, 5.x
• CentOS 3.x, 4.x, 5.x
• Please report about other OS to add here

and update to

• OpenSSL 0.9.8i (You need to build ssh, apache, php, etc after upgrade)
• Exim 4.69
• OpenSSH 5.1p1
• ProFTP 1.3.1
• phpMyAdmin 3.0.1.1
• MySQL 5.0.67 (You need to build php after upgrade)
• MySQL 5.1.29 (You need to build php after upgrade)
• ClamAV 0.94
• AVG 7.5 r51-a1243
• MRTG 2.16.2
• SquirrelMail 1.4.16
• SquirrelMail full language pack
• SpamAssassin 3.2.5
• IMAP 2004c1 (You need to build php after upgrade)
• MODsecurity 2.5.7 (Apache 2.x Only)
• MODsecurity 2.5.7 Rules
• MODsecurity 1.9.5 (Apache 1.x Only)
• MODsecurity 1.9.5 Rules
• MODevasive 1.10.1
• KISS My Firewall 2.2
• eAccelerator 0.9.5.3
• Freetype 2.3.7
• Webmin control panel 1.441 (You need to open one port 10000 in your firewall)
• Nobody Check Security Tool 1.03

Just download/chmod

mkdir /usr/local/updatescript
cd /usr/local/updatescript
wget http://tools.web4host.net/update.script
chmod 755 update.script

Run this to read how to use.

./update.script

Run this to update update.script

./update.script UPDATEME

Run this to see release date and version

./update.script DATE

Run this to clean update script folder

./update.script CLEAN

Note:-
1- Run this to clean or update update script before you use
2- Select best mirror for your server mirror.conf , if you want new mirror.conf file just delete old one in update script folder.


*****
*****
*****

ClamAV

nano -w /etc/exim.conf

before

primary_hostname =

add

av_scanner = clamd:/tmp/clamd

after

check_message:

add

deny message = This message contains malformed MIME ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains a virus or other harmful content ($malware_name)
demime = *
malware = *
deny message = This message contains an attachment of a type which we do not accept (.$found_extension)
demime = bat:com:pif:prf:scr:vbs
warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus

save then restart exim

/sbin/service exim restart

*****
*****
*****

MODsecurity 2.x

nano -w /etc/httpd/conf/httpd.conf

after

LoadModule php5_module        /usr/lib/apache/libphp5.so

32bit

LoadFile /usr/lib/libxml2.so
LoadModule security2_module     /usr/lib/apache/mod_security2.so

64bit

LoadFile /usr/lib64/libxml2.so
LoadModule security2_module     /usr/lib/apache/mod_security2.so

and add this down in httpd.conf

<IfModule mod_security2.c>
# ModSecurity2 ONLY
# Do not change anything in included files
#
Include /etc/modsecurity2/modsecurity-rules-selected-by-web4host.net.conf
</IfModule>

/sbin/service httpd restart

*****
*****
*****

MODsecurity 1.x

nano -w /etc/httpd/conf/httpd.conf

add

<IfModule mod_security.c>
# Only inspect dynamic requests
# (YOU MUST TEST TO MAKE SURE IT WORKS AS EXPECTED)
#SecFilterEngine DynamicOnly

SecFilterEngine On

# Reject requests with status 500
SecFilterDefaultAction "deny,log,status:500"

# Some sane defaults
SecFilterScanPOST On
SecFilterCheckURLEncoding On
SecFilterCheckCookieFormat On
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies On
# enable version 1 (RFC 2965) cookies
SecFilterCookieFormat 1

#SecServerResponseToken Off

#If you want to scan the output, uncomment these
#SecFilterScanOutput On
#SecFilterOutputMimeTypes "(null) text/html text/plain"

# Accept almost all byte values
SecFilterForceByteRange 1 255

# Server masking is optional
#fake server banner - NOYB used - no one needs to know what we are using
SecServerSignature "Power MOD by web4host.net"

#SecUploadDir /tmp
#SecUploadKeepFiles Off

# Only record the interesting stuff
SecAuditEngine RelevantOnly
#SecAuditLog logs/audit_log

# You normally won't need debug logging
#SecFilterDebugLevel 0
#SecFilterDebugLog logs/modsec_debug_log

# Mini Rules
Include /etc/modsecurity/mini.conf
</IfModule>

/sbin/service httpd restart

*****
*****
*****

MODevasive
Apache 1

nano -w /etc/httpd/conf/httpd.conf

add

<IfModule mod_evasive.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify [email protected]
</IfModule>

/sbin/service httpd restart

if did not work try

/usr/local/directadmin/customapache/

then edit httpd.conf

nano -w /etc/httpd/conf/httpd.conf

after this

LoadModule perl_module        /usr/lib/apache/libperl.so

add

LoadModule evasive_module     /usr/lib/apache/mod_evasive.so

after this

<IfDefine HAVE_PYTHON>
AddModule mod_python.c
</IfDefine>

add

AddModule mod_evasive.c

/sbin/service httpd restart

Apache 2

nano -w /etc/httpd/conf/httpd.conf

add

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
DOSWhitelist 127.0.0.1
DOSEmailNotify [email protected]
</IfModule>

/sbin/service httpd restart

if you want do test you need to remove (DOSWhitelist) from httpd.conf

wget http://tools.web4host.net/modevasive/test.txt
mv test.txt test.pl
chmod 755 test.pl
./test.pl

*****
*****
*****

KISS My Firewall
Ready for Direct Admin & Plesk & Webmin & cPanel.
if you want use other SSH port just add in TCP_IN & TCP_OUT
Running anywhere on the command line, you simply type:

kiss start

To stop the firewall, type:

kiss stop

To get status information, type:

kiss status

If you want to block an offenders IP address/subnet, simply edit the BLOCK_LIST variable in the /usr/bin/kiss file. You can separate IP addresses and subnet's with a space. Once you are finished, simply restart KISS by typing:

kiss restart

Last, but not least, it is recommended that you configure the firewall to allow only for needed ports. Using trusted IP addresses/subnets is also recommended. These variables are located near the beginning of the /usr/bin/kiss file and are self-explanatory. Once you make changes, you should always restart KISS for the changes to take effect:
kiss restart

edit kiss and set what os you use
# Enabled this for Pre Fedora Core 2 or Red Hat

EXTN="o"

# Enabled this for Fedore Core 2 or later

EXTN="ko"

like CentOS use EXTN="ko" just remove # before EXTN="ko" then kiss start

*****
*****
*****

eAccelerator
when done you see link look like

copy your like to add in php.ini
edit php.ini

nano -w /usr/local/lib/php.ini

add this after Windows Extensions , in the list down.

zend_extension="/usr/local/lib/php/extensions/no-debug-non-zts-20020429/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

save and restart apache

/sbin/service httpd restart

*****
*****
*****

Freetype
Note: no need to use if if you use custombuild, only how use customapache.

cd /usr/local/directadmin/customapache/

Apache 1

nano -w  configure.php

Apache 2

nano -w  configure2.php

replace

--with-gd \
--with-gd-dir=/usr/local \

by

--with-gd \
--with-gd-dir=/usr/local/lib \
--with-freetype \
--with-freetype-dir=/usr/local/lib \

save then run

./build clean
./build gd

Apache 1

./build clean
./build gd
./build php d
service httpd restart

Apache 2

./build clean
./build gd
./build php_ap2 d
service httpd restart

*****
*****
*****

IMAP
Apache 1

nano -w  configure.php

Apache 2

nano -w  configure2.php

add

--with-imap=/usr/local/imap-2004c1 \

after

--with-zip \

save then build php and restart apache

service httpd restart

*****
*****
*****

AVG Anti-Virus
Clean folder HOME (full)

avgscan -clean -ext=* -rt -arc /home

clean folder HOME (without archives)

avgscan -clean -ext=* -rt /home

Update AVG DB

avgupdate --online /opt/grisoft/avg7/data

ill add more soon.

*****
*****
*****

Nobody Check Security Tool
The Nobody Check tool is a new and unique security tool that can detect malicious processes that are running on your Linux server and report them to you in real time or by email. The tool can be configured to run at selected times and doesn’t eat up resources or interfere with server operations.

edit and set your email then save

nano -w /usr/local/nobody_check/nc.conf

edit

nano -w /etc/crontab

add

# nobody_check
*/15 * * * * root /usr/local/nobody_check/nobody_check >/dev/null 2>&1

save

*****
*****
*****

Best Regards,
Wael Isa

This way will install many type of Programs .

i want install ONLY ClamAV & Last Version of ModSecurity with GotRoot Rules,
plz Help me .
Best Regards

 

[smtalk]

A fix for MySQL 5.1 (32-bit) installation:

cd /usr/local/updatescript
perl -pi -e 's/\$MYSQL51.i386.rpm/\$MYSQL51.glibc23.i386.rpm/' update.script

 

[@how@]

A fix for MySQL 5.1 (32-bit) installation:

cd /usr/local/updatescript
perl -pi -e 's/\$MYSQL51.i386.rpm/\$MYSQL51.glibc23.i386.rpm/' update.script

smtalk thanks

Wael

 

[@how@]

ClamAV 0.94.1

Wael

 

[postzegel]

Hi,

I try to install the MRTG script but I get:
** Ooops, one of many bad things happened:

a) You don't have the GD library installed.
Get it from http://www.boutell.com, compile it and
use either --with-gd-lib=DIR and --with-gd-inc=DIR to specify
its location. You might also have to use --with-z-inc,
--with-z-lib and --with-png-inc, --with-png-lib for gd
versions 1.6 and higher. Check config.log for more
information on the problem.

b) You have the GD library installed, but not the gd.h
header file. Download the source (see above) and use
--with-gd-inc=DIR to specify where the file can be found.

c) You have the library and the header file installed, but
you also have a shared GD library in the same directory.
Remove the shared library files and/or links (e.g.
libgd.so.2.0.0, libgd.so and libgd.so.2). This is especially
likely if you're using a recent (post 1.8.4) version of GD
and didn't configure it with --disable-shared.

d) You have gd library installed and also it's headers, but you are
missing libpng (and headers) or freetype (and headers)
(mrtg does not use freetype, but if your copy of gd is precompiled
against it, you have to install it ...

Consider following the instructions in doc/mrtg-unix-guide.txt
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target `install'. Stop.

I rebuilt PHP with the follow options in /usr/local/directadmin/custombuild/configure/ap2/configure.php5
--with-gd \
--with-gd-dir=/usr/local/lib \
--with-freetype \
--with-freetype-dir=/usr/local/lib \

How to fix?

 

[@how@]

try to build gd again using DA script

 

[anhpt]

Can I install IMAP 2004c1 on the system with custombuild + devecot?

 

[@how@]

Can I install IMAP 2004c1 on the system with custombuild + devecot?

work 100%

Wael

 

[Arie]

How can i remove clam av from my server?

 

[@how@]

ClamAV 0.94.2
MySQL 5.1.30

Wael

 

[@how@]

How can i remove clam av from my server?

kill and delete folder

Wael

 

[Arie]

What command can i use to upgrade MySQL 5.1.30.

 

[@how@]

What command can i use to upgrade MySQL 5.1.30.

cd /usr/local/updatescript
./update.script
then run what you want install or update

Wael

 

[Arie]

Can I install IMAP 2004c1 on the system with custombuild + devecot?

What command ??

 

[@how@]

What command ??

cd /usr/local/updatescript
./update.script IMAP

Wael

 

[XTiger]

i try to install imap but get a strange error.

/usr/local/directadmin/customapache/configure.php: line 6: --with-imap=/usr/local/imap-2004c1: No such file or directory

*** There was an error while trying to configure php. Check the configure.php file

but the imap directory does exist.

Someone know how it comes

 

[scsi]

Does it exist in that location? Have you considered using custombuild instead of customapache?