Transition from small business to large…

Stand by, hold on, life is on the way up…

This is a draft, of a now living document…

 

I’ve got a staff meeting to get to, but we’re bringing in resource to ramp up, my life is nuts.

To those who are hinting loudly, you’re hints are heard, and we’re bringing in help.  Wait for our call.

 

Matthew 7:7

Chasing out the Joomla Spammer

There’s always a battle with hosting web sites with applications like Joomla.

More and more I just love WordPress.  It’s just so easy to keep up to date, Joomla not so much.

Today I’m chasing a spammer out of one system with a not so robust application.

Customer called this morning to say that their web site was reporting errors connecting to the database…

# top

That quickly showed me that I had a silly amount of load and it appeared it was in the email system.

# tail -f /var/log/mail.log

That showed that mail was running though the system like mad and most of it being rejected.

# /etc/init.d/postfix stop

That put a stop to the mail traffic.

First I figured out what was in the mail queue…

# qshape incoming active deferred’

That showed that I had a 10,000 plus messages in the mail queue…

postsuper -d ALL

That just dumped the whole queue and at least let the server get back some breath…

Ok, so that likely dropped some customer mail at the same time, but that’s what a resend button is for.

Next, need to find out where these messages are getting in…

# cd /var/spool/postfix/deferred

That quickly showed up a list of messages being deferred…

# postcat

That let me view the message in the queue…

X-PHP-Originating-Script: 999:stats.php

Humm… ok that file shouldn’t be sending messages, so where’s that living…

find /var/www/sites -name stats.php -print

That gave me a nice list of all the file locations…

Sure enough, checked with the back up and that file just showed up and shouldn’t be there…

DELETE.

Rinse and repeat until all bad boys found.

I also checked my http log files to see what was being access and discovered a few things I didn’t like which helped me confirm what I was looking for.

Yes. hardening Joomla a bit might have saved me some time here.  Clearly the application folders need to be read only, so that’s now next on the list!

 

Monitoring with the dude…

The plan now is to put a bit more monitoring on my Dude so I can see if the server goes bonkers again.  Here’s a few notes from a discussion with someone else about bits that might be helpful to do this.

sendmail -bpc

Out of snmpd.conf

# exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq

catic weather map, threashhold plugins, zennos, nigos

My Email Set Up

Email is important to me.  Running a small business that relies on contact with people around the world, I can’t afford to trust my email to a cheap solution, but I also don’t have a money tree in the back yard to pay for a Rolls Royce managed solution.

Continue reading

We Need Mobile Power

Today I was reading over an article about the new quad-core mobile phones starting to hit the market.

JD   #21   11:11 am Apr 05 2012

Quad core is a bit overkill,..

I still can’t decide if the comments made by many users were alarming, amusing  or just a very sad demonstration of our current state of ignorance?

Continue reading

@DonGouldNZ was don@bowenvale.co.nz – Twitter?

You’ve been able to get to me via don@bowenvale.co.nz for almost two decades at a cost, to me.

Over the past month I’ve followed the dotKiwi debate on the Internet New Zealand mailing list.

Today I got my latest bill from my domain registrant for my domain name.

As I was watching American Idol on the TV, while blogging about something else, I noted with interest that the singers all have simple @twitter addresses on the screen.

Continue reading

Why New Zealand Broadband is So Slow and So Expensive

“Process”