Archive for September, 2010


Authoritative DNS

Authoritative DNS

Each domain has at least one authoritative DNS server that publishes information about that domain and the name servers of any domains subordinate to it. The top of the hierarchy is served by the root nameservers, the servers to query when looking up (resolving) a top-level domain name (TLD).

An authoritative name server can either be a master server or a slave server.

Authoritative DNS is the type of DNS that controls the DNS records for a particular domain. For instance, for the authoritative DNS servers are and They only respond to domains they are in charge of.

Contrast this with Recursive DNS are those servers which will give you and answer for any thing. (,


CSF Advanced Allow/Deny Filters

CSF Advanced Allow/Deny Filters

In /etc/csf.allow and /etc/csf.deny you can add more complex port and ip filters using the following format (you must specify a port AND an IP address):


Broken down:

tcp/udp : EITHER tcp OR udp OR icmp protocol
in/out : EITHER incoming OR outgoing connections
s/d=port : EITHER source OR destination port number (or ICMP type)
(use a _ for a port range, e.g. 2000_3000)
s/d=ip : EITHER source OR destination IP address
u/g=UID : EITHER UID or GID of source packet, implies outgoing connections, s/d=IP value is ignored

Note: ICMP filtering uses the “port” for s/d=port to set the ICMP type. Whether you use s or d is not relevant as either simply uses the iptables –icmp-type option. Use “iptables -p icmp -h” for a list of valid ICMP types. Only one type per filter is supported


# TCP connections inbound to port 3306 from IP

# TCP connections outbound to port 22 on IP



Types of DNS Entries

Types of DNS Entries

These take names to ips, like ->

These take ips to a hostname, like ->


MX records are used by mail servers to look up who to send mail to.


This is an alias to another name. Like CNAME

Text records, these are free form text strings, used for things like SPF records.

These say which servers are authoritative for the domain.

How to Run Apache and lighthttpd on port 80

We need to have 2 IP in the server then only we can run both apache and lighthttpd on the same port. Assume that you have already installed both apache and lighthttpd in the server.

Lighthttpd will help to increase the speed with a small memory consumption.

Go to apache configuration and locate Listen directive.

Here, Add “Listen” directive to all IP addresses of the server, except the IP for lighthttpd.

Listen IP_ADDRESS:80

Now, restart apache and then lighthttpd.

How to do this in WHM/cPanel.

Instead of modifying the file manually you need to exclude the IP address for lighttpd at

Main >> Service Configuration >> Apache Configuration >> Reserved IPs Editor

Reserved IPs Editor: By default, Apache is configured to listen on all available IPs. Apache can be configured to only respond on specific IPs. This editor provides an interface to specify the Apache IP restrictions. To reserve new IPs not found in this list, please add the IP to the server first.
You can try to access IP in browser and make sure both are listening on port 80.

Changed PHP configuration, but doesn’t seem to be working.

To resolved this issue.

First, perform a HARD restart of Apache.

If that doesn’t fix the problem, verify that the “Include /usr/local/apache/conf/php.conf” directive is in httpd.conf

If that is okay, check the error log for obvious problems.

If nothing particularly revealing is in the logs, check the .htaccess files in all directories leading to the script for bad AddHandler directives.

« Prev - Next »