Monitor Apache using monit

Monit is a small Open Source utility for managing and monitoring Unix systems. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.

Installing monit on CentOS 7


yum install epel-release -y
yum install monit -y

Once installed, save the following in /etc/monit.d/apache


check process httpd with pidfile /var/run/httpd/httpd.pid
group apache
start program = "systemctl start apache"
stop program = "systemctl stop apache"
if failed host 127.0.0.1 port 80 protocol http
with timeout 15 seconds
then restart
if 5 restarts within 5 cycles then timeout

Notes:

  1. Adjust httpd.pid if your apache’s pid is in a different location. On a default installation it might be at /var/run/httpd.pid

Start monit


# Checks for syntax errors
monit -t  
monit 

There are advanced settings which can be adjusted by modifying the file /etc/monitrc such as email notification etc.

Hashicorp Vault Systemd Startup Script

From Hashicorp Vault project documentation

Starting the Server


vault server -config=example.hcl

With the configuration in place, starting the server is simple, as shown below. Modify the -config flag to point to the proper path where you saved the configuration above. Vault outputs some information about its configuration, and then blocks. This process should be run using a resource manager such as systemd or upstart.

However what they have missed to document is the start up script for RHEL7/CentOS7 systemd. Here is the start up script that can start vault automatically.


[Unit]
Description=Vault service
After=network-online.target

[Service]
PrivateDevices=yes
PrivateTmp=yes
ProtectSystem=full
ProtectHome=read-only
SecureBits=keep-caps
Capabilities=CAP_IPC_LOCK+ep
CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK
NoNewPrivileges=yes
ExecStart=/bin/vault server -config=/etc/vault.conf
KillSignal=SIGINT
TimeoutStopSec=30s
Restart=on-failure
StartLimitInterval=60s
StartLimitBurst=3

[Install]
WantedBy=multi-user.target

Place here

/usr/lib/systemd/system/vault.service

then


systemctl daemon-reload
systemctl start vault

To add it to the system start up, use


systemctl enable vault

In addition to this, the following can be placed in

/etc/profile.d/vault.sh 

so that the vault address can be exported every time the user logs in


#!/bin/bash
export VAULT_ADDR='http://127.0.0.1:8200'

How to validate a public key?

So how do you validate a public key programmatically? I’ve had this question when I had to implement a feature in one of our application. It is possible using the ssh-keygen utility.


ssh-keygen -lf publickey.pub

Here,

-l Show fingerprint of key file.
-f filename Filename of the key file.

The hack is to check the fingerprint of the public key. If you get an error when trying get the fingerprint of the public key, that means the public key is invalid. If you get it, you have a valid public key!

Fix WordPress Files & Folders Permission Massively On cPanel Server


chdir("/var/cpanel/users");
$users = glob('*');
foreach($users as $user)
{
if(is_file("/home/$user/public_html/wp-config.php"))
{
echo "Performing on /home/$user/public_html\n";
system("find /home/$user/public_html/ -type d -exec chmod 755 {} \; ");
system("find /home/$user/public_html/ -type f -exec chmod 644 {} \; ");
}
}

Save the file as fix.php on /root
Then execute it

/usr/local/cpanel/3rdparty/bin/php /root/fix.php

PHP MySQLi Wrapper Class Complex WHERE

If you have ever had a chance to use a PHP active record class for MySQL, you would notice that most of them don’t support complex where statements. I’ve had a chance today to address this feature request that I was received from a user of my PHP MySQLi wrapper class.

Adding a complex WHERE clause is now simple.


$db->where('foo', 15);
$db->open_where();
$db->or_where('foo <', 15); $db->where('bar >=', 15);
$db->close_where();
// Produces SELECT `column` FROM `table` WHERE `foo` = 15 OR (`foo` < 15 AND `bar` >= 15)

For more information on this class and download it, visit the repository on Bitbucket.