Check top 10 high load and max children domains:
echo -e "\n" && echo "####################" && echo "# Top 10 high load instances:" && echo "####################" && { output=$(sys-snap $(date +%m)\/$(date +%d) | sort -rnk 2 | head -10); if [ -z "$output" ]; then echo " 0 hits"; else echo "$output"; fi; } && echo -e "\n" && echo "####################" && echo "# Max children limits being hit:" && echo "####################" && { output=$(grep -i "reached max_children" /opt/cpanel/ea-php*/root/usr/var/log/php-fpm/error.log | tail -50 | awk '{print $8,$9,$10,$5}' | cut -d ] -f1 | sort | uniq -c | sort -n); if [ -z "$output" ]; then echo " 0 hits"; else echo "$output"; fi; } && echo -e "\n" && echo "####################" && echo "# Max Requests being hit:" && echo "####################" && { output=$(grep -i "MaxRequestWorkers" /etc/apache2/logs/error_log | tail -50 | awk '{print $1,$2,$3}' | cut -d ] -f1 | sort | uniq -c | sort -n); if [ -z "$output" ]; then echo " 0 hits"; else echo "$output"; fi; } && echo -e "\n"
Find Brute force DDOS attack attempts VPS/Dedi
echo "Brute force attempts" && egrep "maximum auth failures|excessive brute" /usr/local/cpanel/logs/cphulkd.log | sed 's/.*Remote IP Address]=\[//;s/].*//' |sort|uniq -c|sort -nk1|awk '$1 > 25' && echo && echo "Dovecot login failures" && grep "list matching forced to fail: failed to find host name for" /var/log/exim_mainlog| awk '{print $15}' |sort | uniq -c |sort -h|awk '$1 > 20'; echo -e "";echo -e Dovecot bruteforce attempts""; echo -e ""; grep "$(date +'%b %e')" /var/log/maillog | grep dovecot| grep "auth failed" | grep -Eo "rip=[0-9.]+" | sed 's/rip=//' | sort | uniq -c | sort -rn | head; echo -e "";echo -e MODSEC abusers""; echo -e "";tail -n10000 /usr/local/apache/logs/error_log | grep -oP "(?<=client ).+(?=] ModSecurity: Access denied with code 406)"|sort|uniq -c|sort -nk1|tail
Kernal logs: journalctl -p err
Apache error logs: journalctl -u httpd
To check old CPU Load average: sar -q -f /var/log/sa/sa05
Disable and Enable Yum repos
# yum-config-manager --enable <repo-id>
# yum-config-manager --disable <repo-id>
Example:
yum-config-manager --disable MariaDB102
yum-config-manager --enable MariaDB102
yum repolist all
Check high memory usage
ps aux --sort=-%mem | head
Hindi and other fonts are not working in VPS/Dedi server (MySQL)
Add below entries in /etc/my.cnf
character_set_server=utf8
collation_server=utf8_unicode_ci