Use the how-to tabs below for all your Command Line needs. For managed clients who have questions not answered in this space, feel free to chat with us!
This article covers checking for SMTP Blocking on your server.
Internet service providers (ISPs) are starting to block their customers from accessing port 25 on servers located elsewhere on the Internet. Port 25 is the default port used by SMTP. SMTP stands for Simple Mail Transfer Protocol, and is the protocol used to send email to any outgoing email server. This port is used by all outgoing e-mail servers, and email programs which send email such as Microsoft Outlook and Outlook Express. If you call them up and ask them why, they will tell you to use the mail server they provide to you and provide you with the instructions on how to use their outgoing email server.
Why are they doing this you might ask? They are doing this so the internet connection they provide to their customers is not used by their customers to send out massive amounts of spam emails. If a customer can only use an e-mail server provided by the ISP to send email, then the ISP is able to store logs which can be tracked back to a specific customer's name, address, phone number, etc. If a customer abuses this mail server, they are kicked off and possibly sued by the ISP if the damages are significant enough.
If you are able to receive email, but unable to send email, then you may be a customer of one of the ISPs implementing this new policy. To be sure if this is causing your problem, follow these instructions:
Step One - Open Command Line window
First click on the Start button from your Windows desktop. This is usually located in the bottom left-hand corner of the screen. Next click on "Run."
In the "Run" window type in 'cmd' and then left-click on the OK button. If you are using Windows 95/98 you may need to type 'command' instead and then press OK.
Step 2 - Running the 'Telnet' Command
The command line windows will now be displayed. Type 'telnet', followed by the IP address of the server or domain name of your website, followed by a space and the number '25', then press the ENTER key on your keyboard. The example below shows the telnet command for hostdime.com.
After you press ENTER the telnet program should begin to connect to the server on port 25. If the connection is successful, you will receive output such as below. If the output mentions the program name "Exim" then you have successfully connected to the mail server via port 25, which means that your ISP is not blocking you.
To exit this screen, type 'quit' and press ENTER. Next type "exit" and then ENTER again to close the command line window.
If the output says that the connection could not be made, as in this screenshot, then the connection has failed. This doesn't necessarily mean that port 25 is being blocked, as there could be another network issue going on.
Since the connection failed, next attempt to connect to port 26 of the server. Do this by simply retyping the original command, however replace the '25' after your domain name with '26' and then press ENTER. If again you receive the error 'Could not open connection to the host,' then either the mail server is not configured to receive mail on port 26 yet, the mail server is not running properly, or a network issue is occurring that is causing your computer to fail in connecting to the server.
If you have not already initiated contact with HostDime support, go to http://desk.hostdime.com/ and open a ticket in the Support Department. Once a ticket is opened, let the HostDime technical support staff know which ports you were able to connect to, and which ones you could not connect to.
If you were able to connect to port 26, but not port 25, then the technical support staff may instruct you to simply reconfigure your email program to use port 26 instead.
Reconfiguring Outlook Express to use Port 26
If you are using Microsoft Outlook Express, then you can use the following instructions to reconfigure your program to use port 26 instead of port 25.
First click on the Tools menu at the top of the program, and select "Accounts."
Make sure the 'Mail' tab is selected at the top of the window which displays next. Then select the mail account which is using the HostDime server. If you have more than one email account setup which are provided by your HostDime hosting account, you will need to update each account to use port 26. After you select an account, click on the Properties button on the right hand side of the Internet Accounts window.
The account properties window will display in the General setting tab. Click on the Advanced tab at the top of the window.
In the Advanced tab you will see the 'Outgoing mail (SMTP):' set to 25. Change this to 26, then press the OK button at the bottom of the window. Next click on the 'Close' button at the bottom right hand side of the Internet Accounts window.
Test sending email once again. If it doesn't work, remove any email messages in your outbox and then test sending again. If you still experience problems, contact technical support once again for further instructions.
How to Check which PHP and Apache Modules you have Installed
So you would like to get a list of all of the Apache modules installed on the box where you are hosted. What command, script, or link should you use? You have come to the right place. This article covers how to check which PHP and Apache modules you have installed. Follow these quick steps:
Login via SSH to your server to run the following commands.
Apache:
/usr/local/apache/bin/httpd -l
PHP:
php -v
If the module that you are looking for is not listed you will need to run a recompile to have the module loaded. On cPanel servers this can be done by running the following command:
/scripts/easyapache
If you are not familiar with this process please contact your hosting provider for further assistance.
This article will explain how you can open ports for your server in CSF.
Please be aware that opening ports on your server can be a security risk, please be aware of any risks when opening a specific port on your server.
There are 2 different ways to open ports on your server. One way is through WHM and one is via command line.
Steps to open ports in WHM
1.) Log in to your WHM: SERVER-IP/WHM
2.) Click “ConfigServer Security & Firewall,” which is under the “Plugins” section
3.) Go to "Firewall Configuration"
4.) Find "TCP_IN=" under "IPv4 Port Settings"
5.) Enter the port number in the list below. Make sure to separate ports with a single comma and do not enter any spaces.
6.) Click "Change" at the bottom of the page.
This will reset the firewall so that the ports that you have opened will take effect.
Steps to open ports via command line
1.) SSH into your server.
2.) Go to the directory with the CSF configuration file.
3.) Open the file "csf.conf"
4.) Once you are in the configuration file, find "TCP_IN=", it will be under "# Allow incoming TCP ports"
5.) Within the quotation marks, put the port number that you wish to open. Separate each IP using a single comma and no spaces.
6.) Close the file and save all changes.
7.) Restart the firewall.
The RSYNC command is an easy tool used to copy files from one location to another; locally or externally. The benefit of using RSYNC over the common copy command is that RSYNC can cut down the time necessary for moving files by predetermining what is already present on the destination and only copying over what isn’t already there.
There are a number of different methods to copying files over, however each method uses the same command.
Local
rsync -Pav /path/to/source /path/to/destination
External
Push Method:
rsync -Pav --rsh="ssh -p [SSH_Port]" /path/to/source USER@DESTINATION:/path/to/destination[/code]
Pull Method:
rsync -Pav --rsh="ssh -p [SSH_Port]" USER@SOURCE:/path/to/source /path/to/destination
Key:
- USER - Username of remote account.
- SOURCE - Source server’s IP address or hostname.
- DESTINATION - Destination server’s IP address or hostname.
- -Pav -P Shows progress of RSYNC. -a Archive mode (equivalent to -rlptgoD) and -v Verbose (give you information about what files are being transferred and a brief summary at the end).
- -rlptgoD = r (recursive), l (links, copy symlinks as symlinks), p (perms, preserve permissions), t (times, preserve times), g (group, preserve group), o (owner, preserve owner (root only)), D (devices, preserve devices (root only))
- --rsh - Specify the remote shell.
- -p [SSH_Port] - Specify SSH port number. Replace [SSH_Port] with the actual port number.
| Command | Description | Example |
|---|---|---|
| csf -e | Enable CSF | root@server[~]#csf -e |
| csf -x | Disable CSF | root@server[~]#csf -x |
| csf -s | Start the firewall rules | root@server[~]#csf -s |
| csf -f | Flush/Stop firewall rules (note: lfd may restart csf) | root@server[~]#csf -f |
| csf -r | Restart the firewall rules | root@server[~]#csf -r |
| csf -a [IP.add.re.ss] [Optional comment] | Allow an IP and add to /etc/csf/csf.allow | root@server[~]#csf -a 187.33.3.3 Home IP Address |
| csf -td [IP.add.re.ss] [Optional comment] | Place an IP on the temporary deny list in /var/lib/csf/csf.tempban | root@server[~]#csf -td 55.55.55.55 Odd traffic patterns |
| csf -tr [IP.add.re.ss] | Remove an IP from the temporary IP ban or allow list. | root@server[~]#csf -tr 66.192.23.1 |
| csf -tf | Flush all IPs from the temporary IP entries | root@server[~]#csf -tf |
| csf -d [IP.add.re.ss] [Optional comment] | Deny an IP and add to /etc/csf/csf.deny | root@server[~]#csf -d 66.192.23.1 Blocked This Guy |
| csf -dr [IP.add.re.ss] | Unblock an IP and remove from /etc/csf/csf.deny | root@server[~]#csf -dr 66.192.23.1 |
| csf -df | Remove and unblock all entries in /etc/csf/csf.deny | root@server[~]#csf -df |
| csf -g [IP.add.re.ss] | Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number) | root@server[~]#csf -g 66.192.23.1 |
| csf -t | Displays the current list of temporary allow and deny IP entries with their TTL and comments | root@server[~]#csf -t |
Whitelisting an IP Address
In order to prevent specific IP from being blocked, even for a temporary deny, you need to list their IP address in the files csf.ignore and csf.allow. The first step is to enable IGNORE_ALLOW in csf.conf. The value for IGNORE_ALLOW will appear as "0", you will need to adjust it to "1" and restart csf and lfd.
This will allow lfd to reference csf.ignore. If you add an IP address to csf.ignore, the IP address will no longer be checked by lfd and failed login attempts will not trigger temporary denies.