Results 1 to 10 of 10
  1. #1
    Join Date
    May 2006
    Posts
    69

    Having Strange Problems with Centos Server

    I am having strange problems with my server.
    It was working fine for last couple of months.

    Now the 1st problem i got is email problem. I can't send email to mostly all public email domains. It started to happen, when i sended email to my members on forum. and i got over 1,000 return mail "Mail Delivery Failed"

    Now server is getting overloaded time to time. Going upto 25.

    and 1 of my website folder is not opening or some times it opens but very slowly.
    Like domain.com is running ok but domain.com/folder is not.
    Both are on same server.

    I have centos with cpanel.

    I don't know, how to check logs.
    Server gets overloaded by apache, i have to restart it to get the server load down.

    Any help will be appreaciated.

  2. #2
    Join Date
    Apr 2005
    Location
    San Francisco, CA
    Posts
    1,029
    Your server got exploited and spamming like a hell.

    Contact rack911.com for fix asap

  3. #3
    Join Date
    Oct 2004
    Location
    Złocieniec, Poland
    Posts
    190
    Quote Originally Posted by steven-v
    Your server got exploited and spamming like a hell.
    hmm this is only one of few possible scenarios

    i would say he has some insecure mail form on his site and spambots send tons of spam through that form
    this would explain that apache problem

    same thing just happened to me few days ago
    maybe just some new kind of spambots that attack custom mail forms
    www.goscinnawies.pl - family business, small travel agency in Poland

  4. #4
    Join Date
    Nov 2004
    Location
    Switzerland
    Posts
    855
    make this command:

    ps faxu

    and try to post the output here. Steven-v is right anyway.
    .:. Enterprise SAN Consultant .:.

  5. #5
    Join Date
    May 2006
    Posts
    69
    Quote Originally Posted by edelweisshosting
    make this command:

    ps faxu

    and try to post the output here. Steven-v is right anyway.
    Code:
    USER       PID %CPU %MEM   VSZ  RSS TTY      STAT START   TIME COMMAND
    root         1  0.2  0.0  2500  552 ?        S    18:35   0:01 init [3]
    root         2  0.0  0.0     0    0 ?        S    18:35   0:00 [migration/0]
    root         3  0.0  0.0     0    0 ?        SN   18:35   0:00 [ksoftirqd/0]
    root         4  0.0  0.0     0    0 ?        S    18:35   0:00 [migration/1]
    root         5  0.0  0.0     0    0 ?        SN   18:35   0:00 [ksoftirqd/1]
    root         6  0.0  0.0     0    0 ?        S<   18:35   0:00 [events/0]
    root         8  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [khelper]
    root         9  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [kacpid]
    root        41  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [kblockd/0]
    root        42  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [kblockd/1]
    root        60  0.0  0.0     0    0 ?        S    18:35   0:00  \_ [pdflush]
    root        61  0.1  0.0     0    0 ?        S    18:35   0:01  \_ [pdflush]
    root        63  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [aio/0]
    root        64  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [aio/1]
    root         7  0.0  0.0     0    0 ?        S<   18:35   0:00 [events/1]
    root      1904  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [kauditd]
    root      1952  0.0  0.0     0    0 ?        S<   18:35   0:00  \_ [kmirrord]
    root        43  0.0  0.0     0    0 ?        S    18:35   0:00 [khubd]
    root        62  0.0  0.0     0    0 ?        S    18:35   0:00 [kswapd0]
    root       208  0.0  0.0     0    0 ?        S    18:35   0:00 [kseriod]
    root       327  1.3  0.0     0    0 ?        S    18:35   0:07 [kjournald]
    root      1456  0.0  0.0  2776  460 ?        S<s  18:35   0:00 udevd
    root      2075  0.0  0.0     0    0 ?        S    18:35   0:00 [kjournald]
    root      2864  0.0  0.0  3004  544 ?        Ss   18:36   0:00 syslogd -m 0
    root      2868  0.0  0.0  2344  380 ?        Ss   18:36   0:00 klogd -x
    root      2879  0.0  0.0  1628  300 ?        Ss   18:36   0:00 irqbalance
    named     2895  0.8  0.2 50428 5472 ?        Ssl  18:36   0:04 /usr/sbin/named -u named
    root      2943  0.0  0.0  2300  292 ?        S    18:36   0:00 /usr/sbin/courierlogger -pid=/var/spool/authdaemon/pid -facili
    root      2944  0.0  0.0  2512  608 ?        S    18:36   0:00  \_ /usr/libexec/courier-authlib/authdaemond
    root      2971  0.0  0.0  2512  360 ?        S    18:36   0:00      \_ /usr/libexec/courier-authlib/authdaemond
    root      7981  0.0  0.4 11924 8532 ?        S    18:41   0:00      |   \_ /etc/authlib/authProg
    root      2972  0.0  0.0  2512  168 ?        S    18:36   0:00      \_ /usr/libexec/courier-authlib/authdaemond
    root      2973  0.0  0.0  2512  168 ?        S    18:36   0:00      \_ /usr/libexec/courier-authlib/authdaemond
    root      2974  0.0  0.0  2512  168 ?        S    18:36   0:00      \_ /usr/libexec/courier-authlib/authdaemond
    root      2975  0.0  0.0  2512  360 ?        S    18:36   0:00      \_ /usr/libexec/courier-authlib/authdaemond
    root      5577  0.1  0.4 11924 8532 ?        S    18:37   0:00          \_ /etc/authlib/authProg
    root      2976  0.0  0.0  4504  344 ?        Ss   18:36   0:00 rpc.idmapd
    root      3043  0.0  0.0  3408  484 ?        S    18:36   0:00 /usr/sbin/smartd
    root      3052  0.0  0.0  3296  440 ?        Ss   18:36   0:00 /usr/sbin/acpid
    root      4793  0.0  0.0  5268 1016 ?        Ss   18:36   0:00 /usr/sbin/sshd
    root      5395  0.0  0.1  8464 2244 ?        Ss   18:37   0:00  \_ sshd: lovelypk [priv]
    lovelypk  6348  0.0  0.0  8620 1728 ?        S    18:38   0:00      \_ sshd: [email protected]/0
    lovelypk  6403  0.0  0.0  5500 1396 pts/0    Ss   18:38   0:00          \_ -bash
    root      6511  0.0  0.0  5076 1232 pts/0    S    18:38   0:00              \_ su root
    root      7079  0.0  0.0  6172 1376 pts/0    S    18:38   0:00                  \_ bash
    root      8635  0.0  0.0  4188  952 pts/0    R+   18:44   0:00                      \_ ps faxu
    root      4806  0.0  0.0  2944  756 ?        Ss   18:36   0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
    root      4868  0.0  0.3 13312 8024 ?        S    18:36   0:00 chkservd
    root      4879  0.0  0.0  3328  292 ?        S    18:36   0:00 /usr/sbin/courierlogger -pid=/var/run/imapd.pid -start -name=i
    root      4880  0.0  0.0  2648  500 ?        S    18:36   0:00  \_ /usr/lib/courier-imap/libexec/couriertcpd -address=0 -maxp
    root      4886  0.0  0.0  2288  212 ?        S    18:36   0:00 /usr/sbin/courierlogger -pid=/var/run/imapd-ssl.pid -start -na
    root      4887  0.0  0.0  2292  480 ?        S    18:36   0:00  \_ /usr/lib/courier-imap/libexec/couriertcpd -address=0 -maxp
    root      4892  0.0  0.0  2476  288 ?        S    18:36   0:00 /usr/sbin/courierlogger -pid=/var/run/pop3d.pid -start -name=p
    root      4893  0.0  0.0  3424  500 ?        S    18:36   0:00  \_ /usr/lib/courier-imap/libexec/couriertcpd -address=0 -maxp
    root      4898  0.0  0.0  2580  212 ?        S    18:36   0:00 /usr/sbin/courierlogger -pid=/var/run/pop3d-ssl.pid -start -na
    root      4899  0.0  0.0  3384  480 ?        S    18:36   0:00  \_ /usr/lib/courier-imap/libexec/couriertcpd -address=0 -maxp
    mailnull  4970  0.0  0.0  8760  844 ?        Ss   18:36   0:00 /usr/sbin/exim -bd -oX 26
    mailnull  4976  0.0  0.0  7792  900 ?        Ss   18:36   0:00 /usr/sbin/exim -bd -q60m
    mailnull  4981  0.0  0.0  7428  840 ?        Ss   18:36   0:00 /usr/sbin/exim -tls-on-connect -bd -oX 465
    root      4988  0.0  0.0  4016 1116 ?        S    18:36   0:00 antirelayd
    root      5027  0.2  1.1 25680 23528 ?       Ss   18:37   0:00 /usr/bin/spamd -d --allowed-ips=127.0.0.1 --pidfile=/var/run/s
    root      5097  0.0  1.1 25680 22136 ?       S    18:37   0:00  \_ spamd child
    root      5098  0.0  1.0 25680 22056 ?       S    18:37   0:00  \_ spamd child
    root      5091  0.0  0.0  7300 1140 ?        Ss   18:37   0:00 pure-ftpd (SERVER)
    ftp       5590  0.0  0.0  7320  920 ?        S    18:37   0:00  \_ pure-ftpd (IDLE)
    root      5094  0.0  0.0  5984  684 ?        S    18:37   0:00 /usr/sbin/pure-authd -s /var/run/ftpd.sock -r /usr/sbin/pureau
    root      5119  0.0  0.0  5148 1000 ?        Ss   18:37   0:00 crond
    root      5354  0.0  0.2  8620 4256 ?        Ss   18:37   0:00 /usr/sbin/munin-node
    root      5394  0.0  0.4 20804 8308 ?        Ss   18:37   0:00 /usr/local/apache/bin/httpd -DSSL
    nobody    5450  0.4  0.5 25208 11796 ?       S    18:37   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5451  0.7  0.5 25108 11704 ?       S    18:37   0:03  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5452  0.2  0.5 25092 11212 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5453  0.1  0.5 25672 11868 ?       S    18:37   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5454  0.2  0.6 25940 12540 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5485  0.5  0.5 25224 11836 ?       S    18:37   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5502  0.2  0.5 25072 11220 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5503  0.4  0.5 25656 11844 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5522  0.2  0.5 25864 12040 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5523  0.2  0.5 24940 11524 ?       S    18:37   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5524  0.4  0.6 25980 12584 ?       S    18:37   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5525  0.3  0.5 25732 11936 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5531  0.2  0.6 25792 12368 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5532  0.4  0.5 25100 11672 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5533  1.1  0.5 25020 11144 ?       S    18:37   0:05  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5534  0.4  0.5 25000 11184 ?       S    18:37   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5535  0.9  0.7 29024 15220 ?       S    18:37   0:04  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5536  0.6  0.6 26736 12932 ?       S    18:37   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5537  0.4  0.5 25068 11764 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5538  0.2  0.6 27000 13176 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5553  0.5  0.7 27488 14068 ?       S    18:37   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5555  0.2  0.5 25056 11592 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5557  0.1  0.5 24036 10132 ?       S    18:37   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5566  0.4  0.7 28024 14544 ?       S    18:37   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    5567  0.1  0.5 25076 11576 ?       S    18:37   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7189  0.4  0.6 27836 14028 ?       S    18:39   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7191  0.7  0.6 25248 12228 ?       S    18:39   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7810  0.4  0.5 25504 11564 ?       S    18:40   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7812  0.4  0.6 25684 12200 ?       S    18:40   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7813  0.3  0.5 25060 11644 ?       S    18:40   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7824  0.8  0.5 25012 11192 ?       S    18:40   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7827  0.3  0.6 25692 12300 ?       S    18:40   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7828  0.1  0.4 22408 8852 ?        S    18:40   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7831  0.5  0.6 26396 12864 ?       S    18:40   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7832  1.0  0.5 24860 10948 ?       S    18:40   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7833  1.2  0.6 26420 12596 ?       S    18:40   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7834  0.5  0.6 25920 12528 ?       S    18:40   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7849  0.2  0.5 25060 11608 ?       S    18:40   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7935  0.6  0.6 27484 13672 ?       S    18:41   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7941  1.3  0.5 25032 11108 ?       S    18:41   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    7942  1.0  0.5 25812 11980 ?       S    18:41   0:02  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8032  0.5  0.6 27568 13748 ?       S    18:42   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8036  0.6  0.5 25232 11552 ?       S    18:42   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8046  0.3  0.5 25164 11360 ?       S    18:42   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8108  1.1  0.5 25676 11832 ?       S    18:42   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8112  0.5  0.6 27020 13564 ?       S    18:42   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8113  0.2  0.5 24904 11076 ?       S    18:42   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8117  0.1  0.3 21540 7784 ?        S    18:42   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8118  0.8  0.5 25252 11428 ?       S    18:42   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8119  0.5  0.5 24812 10984 ?       S    18:42   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8212  1.1  0.5 25032 11200 ?       S    18:43   0:01  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8231  0.3  0.5 24928 11088 ?       S    18:43   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8236  0.2  0.4 22140 8240 ?        S    18:43   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8237  0.7  0.5 25036 11140 ?       S    18:43   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8350  1.2  0.5 25044 11076 ?       S    18:43   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8376  0.1  0.3 20948 6452 ?        S    18:43   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8393  0.7  0.5 25032 11188 ?       S    18:43   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8442  0.1  0.4 22156 8204 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8447  0.1  0.3 20948 6388 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8448  0.2  0.5 24052 10128 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8451  0.2  0.4 23940 10024 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8452  0.0  0.3 20948 6348 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8453  0.0  0.3 20948 6388 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8454  0.6  0.5 24992 10936 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8459  0.3  0.5 24912 10916 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8460  1.0  0.6 26320 12352 ?       R    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8461  0.0  0.3 20948 6404 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8462  0.4  0.5 23984 10432 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8463  0.2  0.5 24644 10620 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8464  0.7  0.5 24816 10960 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8465  0.8  0.4 22420 8792 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8466  0.0  0.3 20948 6384 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8474  0.0  0.3 20948 6424 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8475  0.2  0.4 22532 8504 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8476  0.0  0.3 20948 6428 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8477  0.4  0.5 24860 10868 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8481  0.6  0.5 24912 10936 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8483  0.3  0.4 22164 8620 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8484  0.2  0.4 22296 8336 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8488  0.4  0.4 22360 8344 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8515  0.2  0.4 22356 8348 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8518  1.8  0.5 25240 11388 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8519  0.7  0.6 26376 12440 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8529  0.5  0.5 24860 10856 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8530  0.1  0.4 22328 8300 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8531  0.1  0.4 22324 8340 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8532  0.0  0.3 21080 6980 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8610  1.2  0.5 24032 10360 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8614  0.0  0.3 20948 6196 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8615  0.0  0.3 20948 6196 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8621  1.0  0.4 22324 8292 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8622  3.6  0.5 24860 10836 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8623  8.3  0.5 24816 10940 ?       S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    nobody    8624  0.0  0.3 20948 6348 ?        S    18:44   0:00  \_ /usr/local/apache/bin/httpd -DSSL
    root      5456  0.0  0.2  7476 5088 ?        S    18:37   0:00 cpbandwd
    root      5457  0.7  0.5 16032 11980 ?       SN   18:37   0:03 cpanellogd - setting up logs for preattac
    preattac  8194  0.0  0.5 16032 10932 ?       SN   18:42   0:00  \_ cpanellogd - http logs for preattac
    preattac  8195  0.0  0.0  1308  348 ?        SN   18:42   0:00      \_ /usr/local/cpanel/bin/logrunner 2.0 /usr/local/cpanel/
    preattac  8196 28.6  0.3  9540 6164 ?        TN   18:42   0:32          \_ /usr/local/cpanel/3rdparty/bin/english/webalizer -
    preattac  8406  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8407  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8408  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8409  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8410  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8411  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8412  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8413  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8414  0.0  0.2  9684 5828 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    preattac  8415  0.0  0.2  9684 5832 ?        SN   18:44   0:00              \_ /usr/local/cpanel/3rdparty/bin/english/webaliz
    nobody    5490  0.0  0.0  4180 1652 ?        S    18:37   0:00 entropychat
    nobody    5495  0.0  0.0  1676  572 ?        S    18:37   0:00 /usr/local/cpanel/bin/startmelange
    mailman   5713  0.0  0.2 11484 4900 ?        Ss   18:38   0:00 /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailman/bi
    mailman   5720  0.0  0.3 11100 6628 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5721  0.0  0.3 10348 6636 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5722  0.1  0.3 10252 6636 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5723  0.1  0.3 10344 6700 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5724  0.0  0.3 10064 6652 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5727  0.1  0.3 10964 6696 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5728  0.1  0.3 11500 6624 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    mailman   5729  0.0  0.3 12116 6624 ?        S    18:38   0:00  \_ /usr/local/bin/python2.4 /usr/local/cpanel/3rdparty/mailma
    dbus      5737  0.0  0.0 14156  956 ?        Ssl  18:38   0:00 dbus-daemon-1 --system
    root      5746  0.0  0.4 17316 8360 ?        S    18:38   0:00 cpsrvd - waiting for connections
    root      5785  0.1  0.2  8724 5668 ?        Ss   18:38   0:00 hald
    root      5830  0.0  0.0  1480  392 ?        Ss   18:38   0:00 /usr/sbin/portsentry -tcp
    root      6054  0.2  0.0     0    0 ?        S<   18:38   0:00 [loop0]
    root      6339  0.0  0.0     0    0 ?        S    18:38   0:00 [kjournald]
    root      6520  0.0  0.0  2420  412 tty1     Ss+  18:38   0:00 /sbin/mingetty tty1
    root      6521  0.0  0.0  1852  412 tty2     Ss+  18:38   0:00 /sbin/mingetty tty2
    root      6522  0.0  0.0  3396  412 tty3     Ss+  18:38   0:00 /sbin/mingetty tty3
    root      6523  0.0  0.0  1792  408 tty4     Ss+  18:38   0:00 /sbin/mingetty tty4
    root      6524  0.0  0.0  2980  412 tty5     Ss+  18:38   0:00 /sbin/mingetty tty5
    root      6525  0.0  0.0  1684  412 tty6     Ss+  18:38   0:00 /sbin/mingetty tty6
    root      7757  0.0  0.0  4096 1116 ?        S    18:40   0:00 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-fi
    mysql     7778 13.1  0.9 112652 19080 ?      Sl   18:40   0:34  \_ /usr/sbin/mysqld --basedir=/ --datadir=/var/lib/mysql --us
    [email protected] [~]#
    Can you tell me the commands for apache log and checking which commands were runned.

  6. #6
    Join Date
    Nov 2004
    Location
    Switzerland
    Posts
    855
    your Apache logs are usually located here:

    /var/log/httpd

    to real the last 50 lines, you can type:

    tail -50 name_of_you_file

    Otherwise, use

    less name_of_you_file

    Control + G will position you on the last line of the logs. Most recent lines are always on bottom.
    .:. Enterprise SAN Consultant .:.

  7. #7
    Join Date
    May 2006
    Posts
    69
    Quote Originally Posted by edelweisshosting
    your Apache logs are usually located here:

    /var/log/httpd

    to real the last 50 lines, you can type:

    tail -50 name_of_you_file

    Otherwise, use

    less name_of_you_file

    Control + G will position you on the last line of the logs. Most recent lines are always on bottom.
    wht should i replace "name_of_you_file" with?? i wanna see the commands which runned on the server.

  8. #8
    Join Date
    May 2006
    Posts
    69
    Quote Originally Posted by edelweisshosting
    your Apache logs are usually located here:

    /var/log/httpd

    to real the last 50 lines, you can type:

    tail -50 name_of_you_file

    Otherwise, use

    less name_of_you_file

    Control + G will position you on the last line of the logs. Most recent lines are always on bottom.
    strange, There is'nt a httpd folder in /var/log/
    I am logged in with root.

  9. #9
    Join Date
    Nov 2004
    Location
    Switzerland
    Posts
    855
    On the /var/log/httpd folder you have got many intersting files:

    access_log
    error_log

    and other files if you have mod_security installed.

    However, these files are not easy to use and understand. You should take the proper action and hire someone knowlegeable as Steven from rack911.com
    .:. Enterprise SAN Consultant .:.

  10. #10
    Join Date
    Oct 2004
    Location
    Złocieniec, Poland
    Posts
    190
    strange, There is'nt a httpd folder in /var/log/
    bcuz ur logs can be in different folder usually in /var/log/httpd/
    but if u dont have such folder then
    check /usr/local/apache/log/

    and the magic commands are
    tail -50 /path/to/your/log/file
    i/e
    tail -50 /var/log/httpd/access_log
    tail -50 /var/log/httpd/error_log
    or
    tail -50 /usr/local/apache/log/access_log
    tail -50 /usr/local/apache/log/error_log
    -50 means that the command will show u last 50 entries - you may change it ofcourse
    your log files also can have different names
    u should look for httpd.conf and check in it where your logs are located and what names they have

    i guess u are not experienced with apache
    so maybe u should hire some1 or read apache docs first (or google for some apache configuration howto )
    www.goscinnawies.pl - family business, small travel agency in Poland

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •