ls -al –color /etc

Open the .bashrc file with your favorite text editor.
For example, you could type vi /root/.bashrc at the command line to open the file.

Under the line “# User specific aliases and functions” type:

alias ls=”ls -alh –color”
alias ll=”ls -alh –color”

Make sure to write your changes to the file and save them. The changes will not take effect until you close your terminal/session window and re-open a new terminal again.

here solution:

1. Download your client certificate from thawte (.crt file thawte sent)
2. Download the primary and secondary intermediate CAs
3. Combine the 3 certificates into one file, with your certificate first, then the primary and secondary intermediate certificates.
4. Add: ssl_verify_depth 3; to your configuration file
5. Restart nginx (/etc/init.d/nginx restart)

So in the end, your nginx configuration file should look like the following:

ssl_certificate         /path/to/certificate.bundle.cert;
ssl_certificate_key     /path/to/private.key;
ssl_verify_depth 3;

Now your browser should say that the certificate was issues by Thawte DV SSL CA.
Test it by visiting https://www.ssllabs.com/ssldb/

Mails are *not* deleted from the queue! They are only stored, temporarily, in $qmail-queue/yanked/, where you can view them individually and restore them back to the queue manually. There is currently no support for restoring them automatically.

By default, Qmail-Remove assumes that your Qmail queue is stored in /var/qmail/queue, but this can be changed with a command line option. Similarly, Qmail-Remove assumes that your queue “split” is 23 by default, among other things.

If you want to check your qmail queue using the following command

# /var/qmail/bin/qmail-qstat

Output looks like

messages in queue: 567154
messages in queue but not yet preprocessed: 3

Install Qmail-Remove

First you need to download latest version from here current version is Qmail-Remove 0.95

Download using the following command

#wget http://www.linuxmagic.com/opensource…remove-.tar.gz

Now you have qmail-remove-0.95.tar.gz file and now you need to extract using the following command

#tar -zxvf qmail-remove-.tar.gz

Now you should have qmail-remove-0.95 folder go in to the directory and run the following commands

#make

#make install

This will complete the installation.

Now you need to create a directory named “yanked” in the qmail queue directory you intend to use before using this program.

#mkdir /var/qmail/queue/yanked

Examples for qmail-remove

Before doing any thing related to qmail queue you need to stop the qmail service using the following command:

#/etc/init.d/qmail stop

To delete mails from Que,

#qmail-remove -r -p

# qmail-remove -r -p mega.pack.com

This will remove all emails in queue with “mega.pack.com” in it and place it in /var/qmail/queue/yanked folder.

• Add following rules to your httpd.conf

  <IfModule mod_rewrite.c>
  RewriteLog "/var/log/httpd/rewrite.log"
  RewriteLogLevel 3
  </IfModule>
  

  to the appropriate VirtualHost section.

• Restart Apache by command in your shell (as root)
  apachectl graceful

Note: You’re not going to be able to turn above rules with shared hosting, they can’t be used in .htaccess by default. But you could ask your server-administrator to set AllowOverride to “All” instead “None”. And you will available to add above rules to .htaccess.

There a trick that’s helps debug mod_rewrite on shared hosting even AllowOverride is “None”.
Basically what you do is dump some of the info that mod_rewrite is using back out into the headers then use the Firebug or LiveHTTP Headers extensions in Firefox to watch the headers and read your debug info.
Add following rules to .htaccess:

RewriteCond %{QUERY_STRING} !vardump
RewriteRule (.*) http://www.your_website.com/$1?vardump&thereq=%{THE_REQUEST}&reqhost=%{HTTP_HOST} [R=301,L,QSA]

to dump, for example, the THE_REQUEST and HTTP_HOST into request variables.
The R=301 does a 301 redirect instead of a rewrite – this is key. A redirect sends information back to the browser but a rewrite happens all inside the server.

Internally rewrite .example.com/ to example.com/subs/<subdomain/

RewriteCond $1 !^subs/
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteCond %{HTTP_HOST} ^([^.]+)\.example\.com
RewriteRule (.*) /subs/%1/$1 [L]

Internally rewrite .example.com/ to example.com/<subdomain/

RewriteCond %{ENV:Rewrite-Done} !^Yes$
RewriteCond %{HTTP_HOST} !^www\.example\.com
RewriteCond %{HTTP_HOST} ^([^.]+)\.example\.com
RewriteRule (.*) /%1/$1 [E=Rewrite-Done:Yes,L]

In both cases, a mechanism is required (and present in the code) to prevent an ‘infinite’ rewriting loop.

If you use the first method, then you can easily externally redirect direct client requests for the subdomain-subdirectories back to the subdomain to avoid duplicate content:

Externally redirect client requests for example.com/subs// to .example.com/

RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /subs/
RewriteRule ^subs/([^/]+)/(.*)$ http://$1.example.com/$2 [R=301,L]

Here more complex email
The best way to do this is to setup each (or all) subdomain in the sites/{subdomain} directory of domain.com via your control panel. Some hosts will leave well enough alone (so the subdomain remains visible) but others actually force a redirect to the main domain’s subdirectory (forcing a change of URL). If you do this with mod_rewrite, you are forcing the change of URL.

# Rewrite <subdomain>.example.com/<path> to example.com/SITE/<subdomain>/<path>
#
# Skip rewrite if no hostname or if subdomain is www
# RewriteCond %{HTTP_HOST} .
# there must always be an {HTTP_HOST}
RewriteCond %{HTTP_HOST} !^www\. [NC]

# Extract (required) subdomain (%1), and first path element (%3), discard port number if present (%2)
RewriteCond %{HTTP_HOST}<>%{REQUEST_URI} ^([^.]+)\.domain\.com(:80)?<>/([^/]*) [NC]
# / is not used by Apache 2.x
# ([^/]*) means no subdirectories allowed

# Rewrite only when subdomain not equal to first path element (prevents mod_rewrite recursion)
RewriteCond %1<>%3 !^sites/(.*)<>\1$ [NC]
# Don't forget your sites "marker" subdirectory
# \1$ has no meaning!  All you don't want it sites/ in the URI

RewriteCond %{REQUEST_URI} !^/?sites/
# so you don't need the preceding RewriteCond statement

RewriteRule ^(.*) sites/%1/$1 [R=301,L]
# You might as well make this a 301 redirect
# finis!

    # Rewrite to /subdomain/path
    #RewriteRule ^(.*) /sites/%1/$1 [L]
    #RewriteRule ^(.*) /%1/$1 [L] #root directory
    #RewriteRule ^(.*) sites/%1/$1 [L]
    #RewriteRule ^/products/ index.php?id=$1&todo=

To check whether the folder exists is redundant – Apache will NOT even receive the request if the subdomain doesn’t exist so this problem can only occur with Dynamic Mass VirtualHosting. In that case, use a RewriteCond statement to check {PHYSICAL path to DocumentRoot}/sites/%1 -d (directory exists).

Mod_rewrite is used through your .htaccess file. Place the following code at the beginning of your .htaccess file to turn mod_rewrite on:

RewriteEngine on

(Don’t forget that .htaccess commands are case-sensitive.) This code needs to be entered at the beginning of any .htaccess file using mod_rewrite.

The Basic Mod_Rewrite Layout

The basic format for a mod_rewrite command is:

RewriteRule Pattern Substitution [Flag(s)]

URLs are Always Relative

The URL you redirect to is always relative to the directory in which your .htaccess file is placed. So if it’s in the root directory, URLs are all in relation to the root directory; if it’s in a sudirectory, URLs are in relation to that particular subdirectory.

A Basic Redirect

If you just want to create a simple 301 redirect from one URL to another, then use the following code:

RewriteRule ^fileone.html$ filetwo.html

This is a very basic rule that means any requests for fileone.html will be sent to filetwo.html.

Require no “www”

This bit of code will make it so visitors to your site don’t need to type in the “www” bit of your website address.

RewriteCond %{HTTP_HOST} !^domain\.com$ [NC]
RewriteRule ^(.*)$ http://domain.com/$1 [R=301,L]

Block a Specific IP Address

If you want to block someone coming from a specific IP address from accessing your website, you can use the following code:

RewriteCond %{REMOTE_ADDR} ^(A\.B\.C\.D)$
RewriteRule ^/* http://www.domain.com/sorry.html [L]

Replace the A\.B\.C\.D with the IP address you want to block (don’t forget to leave the “\” before each dot, which escapes the character).

Block Specific User Agents

If you want to block a group of IP addresses using the same User Agent (bot), the following code with do it:

RewriteCond %{HTTP_USER_AGENT} UserAgent
RewriteRule .* - [F,L]

Just replace the “UserAgent” bit with whatever user agent you want to block. You can also block more than one at a time by replacing the top line in that code with something like this:

RewriteCond %{HTTP_USER_AGENT} UserAgentA [OR]
RewriteCond %{HTTP_USER_AGENT} UserAgentB

You can put as many user agents in as you want, just make sure you end each line with [OR] (with the exception of the last line, of course).

Strip Query Strings

Let’s say all the pages on your site other than your home page are formatted as follows, with query strings instead of page names:

http://www.domain.com/home.html?example=12345abcd

Those aren’t very pretty, and on top of that, search engines will show a bunch of duplicated “home” pages. If you want to get rid of the query string in your page URLs, use the following code:

RewriteCond %{QUERY_STRING} example=
RewriteRule (.*) http://www.domain.com/$1? [R=301]

This not only gets rid of the query string, but also the preceding question mark.

Set up a Default Image

Using a default, backup image in case of broken images can make your site look more professional. Use the following code to redirect to a default image for any image whose file cannot be found.

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^images/.*\.jpg$ /images/default.jpg [L]

Of course, you can change the “.jpg” bit to whatever file type you’re using. Make sure you have an image called “default.jpg” or change that to whatever your default image filename is.

Prevent Hotlinking

The last thing most website owners want is other sites stealing their content or worse—hotlinking to their images and stealing their bandwidth. Here’s a simple bit of code that prevents it:

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/ .*$ [NC]
RewriteRule \.(gif|jpg|swf|flv|png)$ /feed/ [R=302,L]

Make sure you change the “domain.com” bit to your own domain name.

Redirect to a Maintenance Page

If you need to take your entire site offline for a bit and redirect to a maintenance page (or some other page), use the following code:

RedirectMatch 302 ^/ /maintenancepage.html

Change the “maintenancepage.html” bit to wherever your maintenance page file is located.

Redirect Multiple Domains to a Single Domain

If you have multiple domains pointing to your site, it’s possible you could take a hit in the search engines for having duplicate content. Use the following code to redirect visitors from two domains to just one:

RewriteCond %{HTTP_HOST} ^www.domain.net$ [NC,OR]
RewriteCond %{HTTP_HOST} ^domain.net$ [NC,OR]
RewriteCond %{HTTP_HOST} ^www.domain.net$ [NC]
RewriteRule ^(.*)$ http://domain.net/$1 [R=301,L]

download mod_rewrite cheat sheet in pdf

download mod_rewrite cheat sheet in png

Regular Expression Syntax

URL Rewriting with mod_rewrite depends a great deal upon a solid knowledge and understanding of regular expressions. The “RewriteRule” uses regular expressions in patterns extensively. This guide outlines the basic syntax of regular expression.

RewriteRule and RewriteCond Flags

Rewrite Rules in mod_rewrite can have flags appended to them, indicating to the server how the action described by the rule should be taken. For example, the ‘L’ flag tells the server not to process any more rules if the current rule is used.

Conditions in mod_rewrite can also have flags appended to them, and again these tell the server how to interpret the current condition. The “NC” flag indicates the condition is case-insensitive, and an “OR” flag between conditions tells the server that the following rule should be applied if any of the preceding conditions are true. The default in mod_rewrite is that, if a rule is preceded by a list of conditions, it should only be applied if all conditions are met.

Redirection Header Codes

When redirecting users with mod_rewrite, sometimes a status code must be sent back to the user. This status code is interpreted by the browser – sometimes it will mean the user is sent on to a new page, sometimes that they are shown a message. This section lists the most commonly used status codes with their meanings.

Example Rules

This section lists a few of the most situations mod_rewrite is used for, along with a rule to achieve the desired affect.

Server Variables

Sometimes it is necessary to rewrite URLs based upon variables like the referring URL or the browser being used. These variables can be used in mod_rewrite (including in the RewriteRule or RewriteCond sections), and this section lists the variables available.

Directives

mod_rewrite gives the server a series of instructions, called directives. For example, “RewriteEngine On” tells Apache that RewriteRules may be used and to interpret them if found. This section simply lists the directives used by mod_rewrite.

You have to have shell access to your server/website.  Run follow command will find each and every javascript file and css file and create a gzip copy.

cd /folder_to_your_website_root_folder
find . -regex ".*\(css\|js\)$" -exec bash -c 'echo Compressing "{}" && gzip -c --best "{}" > "{}.gz"' \;

The line above searches the current directory and any subdirectories for files with extensions .js or .css, then prints out that it is being compressed, then compresses with the highest compression in that directory leaving the original file as is.

Now, we need to tell our browser to access the gzip version *IF* it supports gzip encoding.
To do this, we use the following in our .htaccess file ( create that file if not exists in your website root folder)

<files *.js.gz>
	AddType "text/javascript" .gz
	AddEncoding gzip .gz
</files>
<files *.css.gz>
	AddType "text/css" .gz
	AddEncoding gzip .gz
</files>

RewriteEngine on
#Check to see if browser can accept gzip files.
ReWriteCond %{HTTP:accept-encoding} gzip
RewriteCond %{HTTP_USER_AGENT} !Safari

#make sure there's no trailing .gz on the url
ReWriteCond %{REQUEST_FILENAME} !^.+\.gz$

#check to see if a .gz version of the file exists.
RewriteCond %{REQUEST_FILENAME}.gz -f

#All conditions met so add .gz to URL filename (invisibly)
RewriteRule ^(.+) $1.gz [QSA,L]

The advantage of above method is that our server doesn’t have to gzip / compress the javascript and css each time it is called. This eases the load up on the server as we already do the compression one time and then just call the compressed version from then after. (the method is very useful if you are running a VPS with very low memory available)

Normally be able to enable mod_deflate module for Apache2 safely with the following lines inside your .htaccess file in your www root of your website:

<ifmodule mod_deflate.c>
	# Insert filter
	SetOutputFilter DEFLATE

	# Compress Level 9 - maximum
	DeflateCompressionLevel 9

	# Netscape 4.x has some problems...
	BrowserMatch ^Mozilla/4 gzip-only-text/html

	# Netscape 4.06-4.08 have some more problems
	BrowserMatch ^Mozilla/4\.0[678] no-gzip

	# MSIE masquerades as Netscape, but it is fine
	BrowserMatch \bMSIE !no-gzip !gzip-only-text/html

	# Don't compress images
	SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary

	# Don't compress archives and pdf
	SetEnvIfNoCase Request_URI \
	    \.(?:exe|t?gz|zip|bz2|sit|rar|pdf)$ \
	    no-gzip dont-vary

	# Make sure proxies don't deliver the wrong content
	Header append Vary User-Agent env=!dont-vary
</ifmodule>

Virtual Host Notes

Some people argue that configuration in the VHost is better because it saves your server the disk IO of accessing the .htaccess file with every request (Note: for VHost configuration you will need to be admin of your server).
Save above rules in a file, named mod_deflate.conf and copy the file to /etc/httpd/conf.d//etc/httpd/conf.d (CentOS)

Testing

To test if mod_deflate is work, go to  http://www.whatsmyip.org/http_compression/ and we enter the whole URL to your website or stylesheet or javascript file. You should see a big green tick and the site will say the PAGE or CSS or JAVASCRIPT  is compressed.

Website Performance

Also, here a Free Website Performance Tool and Web Page Speed Analysis Enter a URL below to calculate page size, composition, and download time.

Disabling Mod_Security Globally

Step 1) Disable config file

mv /etc/httpd/conf.d/00_mod_security.conf /etc/httpd/conf.d/00_mod_security.conf.disabled

Step 2) Restart Apache

service httpd restart

Disabling Mod_security per domain

Step 1) Edit the vhost/vhost_ssl.conf for the domain

 vim /var/www/vhosts/<DOMAINNAME>/conf/vhost.conf

Step 2) Add the following

<IfModule mod_security2.c>
  SecRuleEngine Off
</IfModule>

Step 3) Add vhost.conf to domain config

/usr/local/psa/admin/bin/websrvmng -a

Step 4) Restart Apache

service httpd restart

Disable Mod_security on a global URL

Step 1) Create a global exclude file

vim /etc/httpd/modsecurity.d/00_asl_custom_exclude.conf

Step 2) Add the LocationMatch for the url to exclude. Example: /server.php

<LocationMatch /server.php>
  <IfModule mod_security2.c>
    SecRuleEngine Off
  </IfModule>
</LocationMatch>

Step 3) Restart apache

service httpd restart

Disable a Mod_security rule (or rules) for all applications in a single domain

Step 1) Edit the vhost/vhost_ssl.conf for the domain

vim /var/www/vhosts/<DOMAINNAME>/conf/vhost.conf

Step 2) Add the LocationMatch for the rule to exclude. Example, ruleid 950005

<LocationMatch .*>
  <IfModule mod_security2.c>
    SecRuleRemoveById 950005
  </IfModule>
</LocationMatch>

If you want to disable multiple rules:

Step 2) Add the LocationMatch for the rule to exclude. Example, ruleids 950005 and 950006

<LocationMatch .*>
  <IfModule mod_security2.c>
    SecRuleRemoveById 950005
    SecRuleRemoveById 950006
  </IfModule>
</LocationMatch>

Disable Mod_security rule for a specific application in a single domain

Step 1) Edit the vhost/vhost_ssl.conf for the domain

vim /var/www/vhosts/<DOMAINNAME>/conf/vhost.conf

Step 2) Add the LocationMatch for the rule to exclude. Example, ruleid 950005

<LocationMatch /URL/path/to/application.php>
  <IfModule mod_security2.c>
    SecRuleRemoveById 950005
  </IfModule>
</LocationMatch>

Disable Mod_security rule for all domains

Use ASL utility to disable rule by ID. Example: 950005

asl --disable-signature 950005

Note: This requires that Atomic Secured Linux be installed.

If you do not have Atomic Secured Linux you can disable a rule globally manually by adding a rule like this:

<LocationMatch .*>
  <IfModule mod_security2.c>
    SecRuleRemoveById 340000
  </IfModule>
</LocationMatch>

Disable Mod_security rules globally for a specific application

Add this to either you vhost.conf file, or if your want to make this global make sure this exclusion is loaded after your rules are loaded. A good place to add this in the 999_asl_user_exclude.conf file. If you don’t have this file, just create it. The system is smart enough to know to load it.

<LocationMatch /url/to/your/application>
  <IfModule mod_security2.c>
    SecRuleRemoveById 1234567
    SecRuleRemoveById 9999999
  </IfModule>
</LocationMatch>

Whats important to remember is that the LocationMatch variable must match the URL, not the path on the system.

Disable Mod_security rules by domain, for a specific application, for a list of IPs

Step 1) Edit the vhost/vhost_ssl.conf for the domain

vim /var/www/vhosts/<DOMAINNAME>/conf/vhost.conf

Step 2) Add the LocationMatch for the rule to exclude.

<LocationMatch /foo/bar.php>
  <IfModule mod_security2.c>
    SecRule REMOTE_ADDR "@pmFromFile /etc/asl/whitelist" "nolog,phase:1,allow"
  </IfModule>
</LocationMatch>

Step 3) Add IP to /etc/asl/whitelist

echo "10.11.12.13" >> /etc/asl/whitelist

Or:

If you want to create a special whitelist for just that application:

Step 1) Edit the vhost/vhost_ssl.conf for the domain

vim /var/www/vhosts/<DOMAINNAME>/conf/vhost.conf

Step 2) Add the LocationMatch for the rule to exclude.

<LocationMatch /foo/bar.php>
  <IfModule mod_security2.c>
    SecRule REMOTE_ADDR "@pmFromFile /path/to/your/custom/whitelist_for_this_application" "nolog,phase:1,allow"
  </IfModule>
</LocationMatch>

Step 3) Create your custom whitelist and add IP to /etc/asl/whitelist

echo "10.11.12.13" >> /path/to/your/custom/whitelist_for_this_application

Keep