Zak提出的问题 -server

Zak

Asked: 2024-01-26 07:17:28 +0800 CST

为多个 WorPress 站点提供服务的最佳方式 - 单服务器共享托管

5

我希望将大约 500 个 WordPress 站点从各自的虚拟机迁移到单个服务器，以提高效率并节省成本。

在该单一服务器上，我将为每个站点单独安装。他们将拥有各自的目录，并且仅共享一个公共plugins符号链接，以保持插件全面更新。

让它们并排坐在各自的目录中是否足够安全？

我是否需要为每个安装创建一个仅对这些文件具有写入权限的系统用户？

让数据库彼此相邻是否安全，即使它们具有只能访问该数据库的单独用户名（没有具有“全知”访问权限的根 - $ show databases;）。

我应该监禁每个安装吗？

我应该将每个安装放在一个容器中吗？

我考虑过 WP Multisite 安装，但我偏执的自己可以看到很多问题。

我曾尝试对此进行研究、研究和研究，但不断提出不在单个服务器上安装多个 WP 站点的原因。

我应该将它们放在 Cloudfare IP 后面吗？

我是不是做得太多了？我拥有 WP 不妥协的出色记录，并且希望保持这种状态。

这是一个自托管的专用 VM 服务器。环境是

云云VMware
Ubuntu 20.04.2 LTS
PHP 8.1
阿帕奇2.4
MySQL 版本 8.0.23
最新WordPress

Zak

Asked: 2021-12-11 10:58:38 +0800 CST

Apache 每隔几天就会挂起 20 分钟

0

我花了很长时间才弄清楚这一点。Apache，每隔几天就会挂起大约 20 分钟左右，然后“恢复活力”。这发生在中午，它发生在半夜。该服务器是一个强大的 Web 服务器，具有 4 个 CPU、8GB RAM 和另一个 12GB 交换空间。我在错误日志中看不到任何突出的内容。有人可以在这些日志中看到任何指示问题的内容吗？因为我看到的一切看起来都是问题或症状的结果！

系统日志

Dec 10 05:25:02 admin kernel: [397885.197196] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23622 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:25:03 admin kernel: [397886.194931] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23623 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:25:05 admin kernel: [397888.198941] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23624 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:25:08 admin kernel: [397891.641472] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=20.115.4.12 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=967 DF PROTO=TCP SPT=52268 DPT=80 WINDOW=2045 RES=0x00 ACK FIN URGP=0
Dec 10 05:25:08 admin kernel: [397891.974137] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=18.206.39.189 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=116 ID=28012 DF PROTO=TCP SPT=50916 DPT=443 WINDOW=0 RES=0x00 ACK RST URGP=0
Dec 10 05:25:08 admin kernel: [397891.974230] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=18.206.39.189 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=116 ID=28013 DF PROTO=TCP SPT=50866 DPT=80 WINDOW=1021 RES=0x00 ACK FIN URGP=0
Dec 10 05:25:09 admin kernel: [397892.210857] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23625 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:25:09 admin CRON[8325]: (root) CMD (sh /etc/apache2/websitesCron/apacheTest.sh)
Dec 10 05:25:09 admin CRON[8326]: (root) CMD (if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi)
Dec 10 05:25:10 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 388
Dec 10 05:25:10 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 388
Dec 10 05:25:17 admin kernel: [397900.226738] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23626 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:25:25 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 401
Dec 10 05:25:25 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 401
Dec 10 05:25:27 admin kernel: [397910.285120] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=20.115.4.12 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=985 DF PROTO=TCP SPT=52268 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0
Dec 10 05:25:33 admin kernel: [397916.242478] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23627 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:25:34 admin sendmail[8390]: 1BABPXbK008390: from=root, size=425, class=0, nrcpts=1, msgid=<[email protected]>, bodytype=8BITMIME, relay=root@localhost
Dec 10 05:25:34 admin sendmail[8390]: 1BABPXbK008390: to=root, delay=00:00:01, mailer=relay, pri=30425, stat=queued
Dec 10 05:25:40 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 413
Dec 10 05:25:40 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 413
Dec 10 05:25:55 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 419
Dec 10 05:25:55 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 419
Dec 10 05:26:04 admin CRON[8459]: (root) CMD (cp /var/spool/cron/crontabs/root /var/www/crontab/root && chmod 777 /var/www/crontab/root && chown zak:zak /var/www/crontab/root)
Dec 10 05:26:05 admin kernel: [397948.305893] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:50:56:08:09:19:08:00 SRC=10.2.6.60 DST=10.2.6.80 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=23628 DF PROTO=TCP SPT=59284 DPT=4949 WINDOW=29200 RES=0x00 SYN URGP=0
Dec 10 05:26:10 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 423
Dec 10 05:26:10 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 423
Dec 10 05:26:25 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 428
Dec 10 05:26:25 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 428
Dec 10 05:26:26 admin kernel: [397969.985342] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=20.115.4.12 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=990 DF PROTO=TCP SPT=62843 DPT=80 WINDOW=2045 RES=0x00 ACK FIN URGP=0
Dec 10 05:26:29 admin kernel: [397972.391234] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=20.115.4.12 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=995 DF PROTO=TCP SPT=62843 DPT=80 WINDOW=2045 RES=0x00 ACK FIN URGP=0
Dec 10 05:26:34 admin kernel: [397977.203821] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=20.115.4.12 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=115 ID=999 DF PROTO=TCP SPT=62843 DPT=80 WINDOW=2045 RES=0x00 ACK FIN URGP=0
Dec 10 05:26:40 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 436
Dec 10 05:26:40 admin kernel: [397983.346629] apache2 invoked oom-killer: gfp_mask=0x26000c0, order=2, oom_score_adj=0
Dec 10 05:26:40 admin kernel: [397983.346635] apache2 cpuset=/ mems_allowed=0
Dec 10 05:26:40 admin kernel: [397983.346644] CPU: 0 PID: 8270 Comm: apache2 Not tainted 4.4.0-119-generic #143-Ubuntu
Dec 10 05:26:40 admin kernel: [397983.346646] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 12/12/2018
Dec 10 05:26:40 admin kernel: [397983.346649]  0000000000000286 553e9d17649eeffd ffff8800138a7b10 ffffffff81400443
Dec 10 05:26:40 admin kernel: [397983.346652]  ffff8800138a7cc8 ffff8800b8e5aa00 ffff8800138a7b80 ffffffff8121086e
Dec 10 05:26:40 admin kernel: [397983.346655]  ffff88023fc1ad70 ffff88023fc1ad60 ffffea0006a80b00 0000000100000001
Dec 10 05:26:40 admin kernel: [397983.346657] Call Trace:
Dec 10 05:26:40 admin kernel: [397983.346670]  [<ffffffff81400443>] dump_stack+0x63/0x90
Dec 10 05:26:40 admin kernel: [397983.346677]  [<ffffffff8121086e>] dump_header+0x5a/0x1c5
Dec 10 05:26:40 admin kernel: [397983.346682]  [<ffffffff81196f32>] oom_kill_process+0x202/0x3c0
Dec 10 05:26:40 admin kernel: [397983.346685]  [<ffffffff81197359>] out_of_memory+0x219/0x460
Dec 10 05:26:40 admin kernel: [397983.346689]  [<ffffffff8119d3a5>] __alloc_pages_slowpath.constprop.88+0x965/0xb00
Dec 10 05:26:40 admin kernel: [397983.346692]  [<ffffffff8119d7c8>] __alloc_pages_nodemask+0x288/0x2a0
Dec 10 05:26:40 admin kernel: [397983.346694]  [<ffffffff8119d87b>] alloc_kmem_pages_node+0x4b/0xc0
Dec 10 05:26:40 admin kernel: [397983.346699]  [<ffffffff8108077e>] copy_process+0x1be/0x1bb0
Dec 10 05:26:40 admin kernel: [397983.346703]  [<ffffffff811a44f7>] ? lru_cache_add_active_or_unevictable+0x27/0xa0
Dec 10 05:26:40 admin kernel: [397983.346707]  [<ffffffff811c6178>] ? handle_mm_fault+0xcc8/0x1820
Dec 10 05:26:40 admin kernel: [397983.346709]  [<ffffffff81082300>] _do_fork+0x80/0x360
Dec 10 05:26:40 admin kernel: [397983.346712]  [<ffffffff81082689>] SyS_clone+0x19/0x20
Dec 10 05:26:40 admin kernel: [397983.346717]  [<ffffffff8184f708>] entry_SYSCALL_64_fastpath+0x1c/0xbb
Dec 10 05:26:40 admin kernel: [397983.346718] Mem-Info:
Dec 10 05:26:40 admin kernel: [397983.346723] active_anon:1463690 inactive_anon:290454 isolated_anon:132
Dec 10 05:26:40 admin kernel: [397983.346723]  active_file:17208 inactive_file:13369 isolated_file:0
Dec 10 05:26:40 admin kernel: [397983.346723]  unevictable:913 dirty:0 writeback:987 unstable:0
Dec 10 05:26:40 admin kernel: [397983.346723]  slab_reclaimable:19387 slab_unreclaimable:41949
Dec 10 05:26:40 admin kernel: [397983.346723]  mapped:25866 shmem:18736 pagetables:141112 bounce:0
Dec 10 05:26:40 admin kernel: [397983.346723]  free:26269 free_pcp:0 free_cma:0
Dec 10 05:26:40 admin kernel: [397983.346728] Node 0 DMA free:15864kB min:132kB low:164kB high:196kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:15992kB managed:15904kB mlocked:0kB dirty:0kB writeback:0kB mapped:0kB shmem:0kB slab_reclaimable:0kB slab_unreclaimable:8kB kernel_stack:0kB pagetables:0kB unstable:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? yes
Dec 10 05:26:40 admin kernel: [397983.346734] lowmem_reserve[]: 0 2937 7928 7928 7928
Dec 10 05:26:40 admin kernel: [397983.346737] Node 0 DMA32 free:44712kB min:24988kB low:31232kB high:37480kB active_anon:2037256kB inactive_anon:515680kB active_file:24624kB inactive_file:19936kB unevictable:1228kB isolated(anon):348kB isolated(file):0kB present:3129216kB managed:3048436kB mlocked:1228kB dirty:0kB writeback:2620kB mapped:38304kB shmem:28716kB slab_reclaimable:25488kB slab_unreclaimable:70356kB kernel_stack:15136kB pagetables:261600kB unstable:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no
Dec 10 05:26:40 admin kernel: [397983.346743] lowmem_reserve[]: 0 0 4990 4990 4990
Dec 10 05:26:40 admin kernel: [397983.346745] Node 0 Normal free:44500kB min:42460kB low:53072kB high:63688kB active_anon:3817504kB inactive_anon:646136kB active_file:44208kB inactive_file:33540kB unevictable:2424kB isolated(anon):180kB isolated(file):0kB present:5242880kB managed:5110492kB mlocked:2424kB dirty:0kB writeback:1328kB mapped:65160kB shmem:46228kB slab_reclaimable:52060kB slab_unreclaimable:97432kB kernel_stack:13728kB pagetables:302848kB unstable:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no
Dec 10 05:26:40 admin kernel: [397983.346750] lowmem_reserve[]: 0 0 0 0 0
Dec 10 05:26:40 admin kernel: [397983.346752] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15864kB
Dec 10 05:26:40 admin kernel: [397983.346762] Node 0 DMA32: 6731*4kB (UM) 2257*8kB (UM) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 44980kB
Dec 10 05:26:40 admin kernel: [397983.346768] Node 0 Normal: 10918*4kB (UMEH) 49*8kB (UMH) 0*16kB 1*32kB (H) 1*64kB (H) 3*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 45056kB
Dec 10 05:26:40 admin kernel: [397983.346777] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Dec 10 05:26:40 admin kernel: [397983.346779] 68538 total pagecache pages
Dec 10 05:26:40 admin kernel: [397983.346781] 18641 pages in swap cache
Dec 10 05:26:40 admin kernel: [397983.346783] Swap cache stats: add 383468753, delete 383450112, find 229519152/378197444
Dec 10 05:26:40 admin kernel: [397983.346784] Free swap  = 1252280kB
Dec 10 05:26:42 admin kernel: [397983.346785] Total swap = 11717628kB
Dec 10 05:26:42 admin kernel: [397983.346787] 2097022 pages RAM
Dec 10 05:26:42 admin kernel: [397983.346788] 0 pages HighMem/MovableOnly
Dec 10 05:26:42 admin kernel: [397983.346789] 53314 pages reserved
Dec 10 05:26:42 admin kernel: [397983.346790] 0 pages cma reserved
Dec 10 05:26:42 admin kernel: [397983.346791] 0 pages hwpoisoned
Dec 10 05:26:42 admin kernel: [397983.346793] [ pid ]   uid  tgid total_vm      rss nr_ptes nr_pmds swapents oom_score_adj name
Dec 10 05:26:42 admin kernel: [397983.346800] [  409]     0   409    10976      822      24       3      602             0 systemd-journal
Dec 10 05:26:42 admin kernel: [397983.346803] [  451]     0   451    23693       83      17       3       50             0 lvmetad
Dec 10 05:26:42 admin kernel: [397983.346805] [  470]     0   470    11415      242      22       3      485         -1000 systemd-udevd
Dec 10 05:26:42 admin kernel: [397983.346808] [  784]     0   784    47527      409      52       3      223             0 vmtoolsd
Dec 10 05:26:42 admin kernel: [397983.346811] [  838]     0   838     5884        0      16       3       51             0 rpc.idmapd
Dec 10 05:26:42 admin kernel: [397983.346813] [  842]   100   842    25081      132      20       3       52             0 systemd-timesyn
Dec 10 05:26:42 admin kernel: [397983.346816] [  934]     0   934    11906      140      27       3      109             0 rpcbind
Dec 10 05:26:42 admin kernel: [397983.346818] [  948]     0   948   151028      166      28       4      213             0 lxcfs
Dec 10 05:26:42 admin kernel: [397983.346821] [  953]     0   953     7252      456      19       3       48             0 cron
Dec 10 05:26:42 admin kernel: [397983.346823] [  959]     0   959     1099      335       8       3       40             0 acpid
Dec 10 05:26:42 admin kernel: [397983.346826] [  961]     0   961     7165      239      19       3       57             0 systemd-logind
Dec 10 05:26:42 admin kernel: [397983.346828] [  967]   108   967    10725      566      25       3       76          -900 dbus-daemon
Dec 10 05:26:42 admin kernel: [397983.346831] [ 1047]     0  1047    21359      342      32       3      347             0 VGAuthService
Dec 10 05:26:42 admin kernel: [397983.346833] [ 1049]     0  1049    68974      456      37       3      224             0 accounts-daemon
Dec 10 05:26:42 admin kernel: [397983.346835] [ 1051]     0  1051     6511      391      18       3       47             0 atd
Dec 10 05:26:42 admin kernel: [397983.346838] [ 1056]   104  1056    64099      457      29       3      367             0 rsyslogd
Dec 10 05:26:42 admin kernel: [397983.346841] [ 1148]     0  1148     3343       51      11       3       23             0 mdadm
Dec 10 05:26:42 admin kernel: [397983.346843] [ 1179]     0  1179     6011      251      16       3       89             0 vsftpd
Dec 10 05:26:42 admin kernel: [397983.346845] [ 1189]     0  1189    69278      506      40       4      122             0 polkitd
Dec 10 05:26:42 admin kernel: [397983.346848] [ 1194]     0  1194     1305      358       9       3       61             0 iscsid
Dec 10 05:26:42 admin kernel: [397983.346850] [ 1195]     0  1195     1430      879      10       3        0           -17 iscsid
Dec 10 05:26:42 admin kernel: [397983.346853] [ 1207]     0  1207     9494        0      22       3      190             0 rpc.mountd
Dec 10 05:26:42 admin kernel: [397983.346856] [ 1221]     0  1221    16378      339      36       3      196         -1000 sshd
Dec 10 05:26:42 admin kernel: [397983.346859] [ 1296]     0  1296    16458      453      37       4      128             0 login
Dec 10 05:26:42 admin kernel: [397983.346861] [ 1326]     0  1326     4905      284      14       3       39             0 irqbalance
Dec 10 05:26:42 admin kernel: [397983.346864] [ 1420]     0  1420    13514      229      30       3     2438             0 munin-node
Dec 10 05:26:42 admin kernel: [397983.346866] [ 1501]     0  1501    26199      440      51       4      470             0 sendmail-mta
Dec 10 05:26:42 admin kernel: [397983.346869] [ 1681]     0  1681   109282      257     171       3     1936             0 php-fpm7.0
Dec 10 05:26:42 admin kernel: [397983.346871] [ 1687]    33  1687   109282      184     152       3     1961             0 php-fpm7.0
Dec 10 05:26:42 admin kernel: [397983.346873] [ 1688]    33  1688   109282      184     152       3     1961             0 php-fpm7.0
Dec 10 05:26:42 admin kernel: [397983.346876] [16727]  1000 16727    11330      422      25       3      217             0 systemd
Dec 10 05:26:42 admin kernel: [397983.346878] [16731]  1000 16731    52186        0      37       3      501             0 (sd-pam)
Dec 10 05:26:42 admin kernel: [397983.346881] [16734]  1000 16734     5900      357      18       4      725             0 bash
Dec 10 05:26:42 admin kernel: [397983.346884] [11281]   119 11281    69349      594      88       3     1257             0 freshclam
Dec 10 05:26:42 admin kernel: [397983.346886] [32663]     0 32663    23229      459      48       3      258             0 sshd
Dec 10 05:26:42 admin kernel: [397983.346889] [32740]  1000 32740    23668      373      48       3      743             0 sshd
Dec 10 05:26:42 admin kernel: [397983.346892] [22943]     0 22943    23229      330      51       3      272             0 sshd
Dec 10 05:26:42 admin kernel: [397983.346894] [23020]  1000 23020    23229      332      49       3      247             0 sshd
Dec 10 05:26:42 admin kernel: [397983.346897] [23023]  1000 23023     3220      393      12       3       51             0 sftp-server
Dec 10 05:26:42 admin kernel: [397983.346899] [24027]  1000 24027     3220      381      12       3       67             0 sftp-server
Dec 10 05:26:42 admin kernel: [397983.346902] [27215]  1000 27215     3220      378      12       3       95             0 sftp-server
Dec 10 05:26:42 admin kernel: [397983.346904] [13006]     0 13006   168834     2419     280       3    29858             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346907] [15772]    33 15772   385874    34986     583       4    67131             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346909] [15773]    33 15773   381008    40856     579       4    53799             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346912] [15776]    33 15776   297940    35288     395       4    53305             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346915] [15777]    33 15777   303389    37051     415       4    49856             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346919] [15779]    33 15779   303184    39806     403       4    46606             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346922] [15782]    33 15782   304265    46518     404       4    43859             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346925] [15786]    33 15786   371258    41084     557       4    49806             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346929] [15787]    33 15787   302813    34962     403       4    53776             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346931] [15789]    33 15789   380748    35019     567       4    52932             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346934] [15799]    33 15799   384260    39566     561       4    55415             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346936] [15800]    33 15800   374314    29895     544       4    52106             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346939] [15801]    33 15801   380377    34701     565       4    53467             0 apache2
Dec 10 05:26:42 admin kernel: [397983.346941] [15802]    33 15802   306345    35364     424       4    57003             0 apache2
........
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 570
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 570
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 556
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 556
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 539
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 539
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 525
Dec 10 05:33:29 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 525
......
Dec 10 06:27:15 admin kernel: [401618.309140] Out of memory: Kill process 15801 (apache2) score 14 or sacrifice child
Dec 10 06:27:15 admin kernel: [401618.309960] Killed process 15801 (apache2) total-vm:1521508kB, anon-rss:23236kB, file-rss:0kB
Dec 10 06:27:21 admin CRON[12717]: (root) CMD (cp /var/spool/cron/crontabs/root /var/www/crontab/root && chmod 777 /var/www/crontab/root && chown zak:zak /var/www/crontab/root)
Dec 10 06:27:21 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 459
Dec 10 06:27:21 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 459
Dec 10 06:27:29 admin kernel: [401632.351612] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=209.85.238.216 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=255 ID=42747 PROTO=TCP SPT=49490 DPT=443 WINDOW=243 RES=0x00 ACK RST URGP=0
Dec 10 06:27:30 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 475
Dec 10 06:27:30 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 475
Dec 10 06:27:43 admin apache2[12635]:  *
Dec 10 06:27:43 admin systemd[1]: Stopped LSB: Apache2 web server.
Dec 10 06:27:43 admin systemd[1]: Starting LSB: Apache2 web server...
Dec 10 06:27:43 admin apache2[12749]:  * Starting Apache httpd web server apache2
Dec 10 06:27:45 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 370
Dec 10 06:27:45 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 370
Dec 10 06:27:49 admin systemd[1]: Starting Daily apt upgrade and clean activities...
Dec 10 06:27:49 admin kernel: [401652.463319] [UFW BLOCK] IN=ens32 OUT= 
MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=123.183.224.66 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=255 ID=41274 PROTO=TCP SPT=45696 DPT=443 WINDOW=243 RES=0x00 ACK RST URGP=0
    Dec 10 06:27:54 admin apache2[12749]: [Fri Dec 10 06:27:54.747509 2021] [proxy_html:notice] [pid 12805] AH01425: I18n support in mod_proxy_html requires mod_xml2enc. Without it, non-ASCII characters in proxied pages are likely to display incorrectly.
c 10 06:28:09 admin kernel: [401672.878972] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=76.99.197.116 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=255 ID=52726 PROTO=TCP SPT=55476 DPT=443 WINDOW=248 RES=0x00 ACK RST URGP=0
Dec 10 06:28:15 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 225
Dec 10 06:28:15 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 225
Dec 10 06:28:30 admin kernel: [401693.571187] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=185.191.171.2 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=0 DF PROTO=TCP SPT=42580 DPT=443 WINDOW=0 RES=0x00 RST URGP=0
Dec 10 06:28:30 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 176
Dec 10 06:28:30 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 176
Dec 10 06:28:45 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 139
Dec 10 06:28:45 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 139
Dec 10 06:28:49 admin kernel: [401712.942365] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=95.217.225.110 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=255 ID=44271 PROTO=TCP SPT=36124 DPT=443 WINDOW=254 RES=0x00 ACK RST URGP=0
Dec 10 06:29:00 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 109
Dec 10 06:29:00 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 109
Dec 10 06:29:01 admin CRON[13228]: (root) CMD (cp /var/spool/cron/crontabs/root /var/www/crontab/root && chmod 777 /var/www/crontab/root && chown zak:zak /var/www/crontab/root)
Dec 10 06:29:15 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 87
Dec 10 06:29:15 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 87
Dec 10 06:29:30 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 69
Dec 10 06:29:30 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 69
Dec 10 06:29:45 admin sm-mta[1501]: rejecting connections on daemon MTA-v4: load average: 55
Dec 10 06:29:45 admin sm-mta[1501]: rejecting connections on daemon MSP-v4: load average: 55
Dec 10 06:29:53 admin kernel: [401776.578209] [UFW BLOCK] IN=ens32 OUT= MAC=00:50:56:08:0d:03:00:a0:c9:27:01:01:08:00 SRC=116.179.37.124 DST=10.2.6.80 LEN=40 TOS=0x00 PREC=0x00 TTL=255 ID=47773 PROTO=TCP SPT=52871 DPT=443 WINDOW=246 RES=0x00 ACK RST URGP=0
Dec 10 06:30:00 admin sm-mta[1501]: accepting connections again for daemon MTA-v4
Dec 10 06:30:00 admin sm-mta[1501]: accepting connections again for daemon MSP-v4

阿帕奇错误日志

[Fri Dec 10 05:23:33.884301 2021] [pagespeed:warn] [pid 7829] [mod_pagespeed 1.13.35.2-0 @7829] Fetch timed out: https://|-REMOVED-|/css/fontawesome.css (connecting to:10.2.6.80) (4) waiting for 50 ms
[Fri Dec 10 05:23:33.927235 2021] [pagespeed:error] [pid 7881] [mod_pagespeed 1.13.35.2-0 @7881] Slow write operation on file /var/cache/mod_pagespeed/v3/|-REMOVED-|/https,3A/,2F|-REMOVED-|/css/animate.css+stylesheet-1625614552.css+Contact-Us-1625614552.css.pagespeed.cc.0HlzBptJqh.css,.tempC6gpkp: 2974.19ms; configure SlowFileLatencyUs to change threshold\n
[Fri Dec 10 05:23:34.012843 2021] [pagespeed:warn] [pid 15909] [mod_pagespeed 1.13.35.2-0 @15909] Fetch timed out: https://|-REMOVED-|/imageserver/confirm/buttons.png (connecting to:10.2.6.80) (1) waiting for 50 ms
[Fri Dec 10 05:23:34.036279 2021] [pagespeed:warn] [pid 7368] [mod_pagespeed 1.13.35.2-0 @7368] Fetch timed out: https://|-REMOVED-|/css/images/layers-2x.png (connecting to:10.2.6.80) (1) waiting for 50 ms
[Fri Dec 10 05:23:34.190221 2021] [pagespeed:warn] [pid 7615] [mod_pagespeed 1.13.35.2-0 @7615] Fetch timed out: https://|-REMOVED-|/imageserver/confirm/ie.png (connecting to:10.2.6.80) (1) waiting for 50 ms
[Fri Dec 10 05:23:34.291732 2021] [pagespeed:error] [pid 7314] [mod_pagespeed 1.13.35.2-0 @7314] Slow ReadFile operation on file /var/cache/mod_pagespeed/v3/|-REMOVED-|/https,3A/,2F|-REMOVED-|/css/presidential-solaris-1.css,: 333.858ms; configure SlowFileLatencyUs to change threshold\n
.........
[Fri Dec 10 06:26:59.176654 2021] [core:warn] [pid 13006] AH00045: child process 7180 still did not exit, sending a SIGTERM
[Fri Dec 10 06:26:59.619326 2021] [core:warn] [pid 13006] AH00045: child process 7181 still did not exit, sending a SIGTERM
[Fri Dec 10 06:26:59.619410 2021] [core:warn] [pid 13006] AH00045: child process 7182 still did not exit, sending a SIGTERM
[Fri Dec 10 06:26:59.619449 2021] [core:warn] [pid 13006] AH00045: child process 7183 still did not exit, sending a SIGTERM
[Fri Dec 10 06:26:59.619492 2021] [core:warn] [pid 13006] AH00045: child process 7184 still did not exit, sending a SIGTERM
[Fri Dec 10 06:26:59.619529 2021] [core:warn] [pid 13006] AH00045: child process 7185 still did not exit, sending a SIGTERM
.......
[Fri Dec 10 06:27:23.205977 2021] [core:error] [pid 13006] AH00047: could not make child process 7184 exit, attempting to continue anyway
[Fri Dec 10 06:27:23.206200 2021] [core:error] [pid 13006] AH00047: could not make child process 7326 exit, attempting to continue anyway
[Fri Dec 10 06:27:23.206283 2021] [core:error] [pid 13006] AH00047: could not make child process 7338 exit, attempting to continue anyway
[Fri Dec 10 06:27:23.206418 2021] [core:error] [pid 13006] AH00047: could not make child process 7353 exit, attempting to continue anyway
[Fri Dec 10 06:27:23.206562 2021] [core:error] [pid 13006] AH00047: could not make child process 7362 exit, attempting to continue anyway
.........
Fri Dec 10 06:27:23.323233 2021] [mpm_prefork:notice] [pid 13006] AH00169: caught SIGTERM, shutting down

这是停机时间“看起来”的样子：

我们的停机时间检测器捕获的确切时间是：

下： 2021-12-10 05:26:33 UTC-6上
： 2021-12-10 05:45:02 UTC-6

Zak

Asked: 2021-08-25 08:13:12 +0800 CST

MySQL警告“用户存在”但用户不在“用户”表中

4

我已经有这个问题好几个星期了。我不知道下一步该往哪里看。我已经清理，刷新，重新启动MySQL服务，重新启动Ubuntu服务器。什么会导致这个WARNING和用户不显示在user表格中？我也尝试过DROP user并得到0 rows affected了结果。这令人难以置信的沮丧！用户信息还存储在 Schema 中的什么位置，我该如何清除它？

更新

当我 grep 中的用户名时，我在文件中/var/lib/mysql/mysql找到了用户名。db.MYD虽然我不能编辑它。所以我知道用户名存在于用户表之外的某个地方。

Zak

Asked: 2018-10-31 07:33:28 +0800 CST

我最近刚刚在我们的系统上设置了反向 DNS，并将服务器的主机名设置为mydomain.com。因为我已经这样做了——Sendmail 将发送到除mydomain.com之外的任何域。我已阅读此问题，但该问题中的 OP 没有“真实”验证域属于服务器。我在服务器上有一个带有mydomain.com的网站，A 和 PTR 记录都正确指向服务器。mydomain.com的MX 记录正确指向(Rackspace)。 mx1.emailsrvr.commx2.emailsrvr.com

我假设它认为邮件是本地的，因此不会将其“发送出去”，但我不确定。

以下是已发送和正确接收的消息的日志示例：

Oct 29 16:29:10 mydomain sendmail[1421]: w9TLTA1w001421: from=zak, size=389, class=0, nrcpts=1, msgid=<[email protected]>, relay=zak@localhost
Oct 29 16:29:10 mydomain sm-mta[1422]: w9TLTABl001422: from=<[email protected]>, size=565, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=mydomain.com [127.0.0.1]
Oct 29 16:29:10 mydomain sendmail[1421]: w9TLTA1w001421: [email protected], ctladdr=zak (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30389, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (w9TLTABl001422 Message accepted for delivery)
Oct 29 16:29:11 mydomain sm-mta[1424]: STARTTLS=client, relay=gmail-smtp-in.l.google.com., version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
Oct 29 16:29:11 mydomain sm-mta[1424]: w9TLTABl001422: to=<[email protected]>, ctladdr=<[email protected]> (1000/1000), delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=120565, relay=gmail-smtp-in.l.google.com. [173.194.195.26], dsn=2.0.0, stat=Sent (OK 1540848551 k3-v6si10178885ite.86 - gsmtp)

以下是另一方从未收到的电子邮件示例：

Oct 29 16:24:31 mydomain sendmail[544]: w9TLOV8v000544: from=zak, size=375, class=0, nrcpts=1, msgid=<[email protected]>, relay=root@localhost
Oct 29 16:24:31 mydomain sm-mta[545]: w9TLOVxv000545: from=<[email protected]>, size=552, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA-v4, relay=mydomain.com [127.0.0.1]
Oct 29 16:24:31 mydomain sendmail[544]: w9TLOV8v000544: [email protected], ctladdr=zak (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30375, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (w9TLOVxv000545 Message accepted for delivery)
Oct 29 16:24:31 mydomain sm-mta[546]: w9TLOVxv000545: to=<[email protected]>, ctladdr=<zak@mydomain com> (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=30762, dsn=2.0.0, stat=Sent

这是我的sendmail.mc

define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.15.2-3 2015-12-10 18:02:49 cowboy Exp $')
OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
undefine(`confHOST_STATUS_DIRECTORY')dnl        #DAEMON_HOSTSTATS=
dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
dnl #
dnl # General defines
dnl #
dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot()
dnl #   into this directory before writing files.
dnl #   If *all* your user accounts are under /home then use that
dnl #   instead - it will prevent any writes outside of /home !
dnl #   define(`confSAFE_FILE_ENV',             `')dnl
dnl #
dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!!
dnl # Remove `, Addr=' clauses to receive from any interface
dnl # If you want to support IPv6, switch the commented/uncommentd lines
dnl #
FEATURE(`no_default_msa')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MTA-v4, Port=smtp')dnl
dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea, Addr=::1')dnl
DAEMON_OPTIONS(`Family=inet,  Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl
dnl #
dnl # Be somewhat anal in what we allow
define(`confPRIVACY_FLAGS',dnl
`needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
dnl #
dnl # Define connection throttling and window length
define(`confCONNECTION_RATE_THROTTLE', `15')dnl
define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
dnl #
dnl # Features
dnl #
dnl # use /etc/mail/local-host-names
FEATURE(`use_cw_file')dnl
dnl #
dnl # The access db is the basis for most of sendmail's checking
FEATURE(`access_db', , `skip')dnl
dnl #
dnl # The greet_pause feature stops some automail bots - but check the
dnl # provided access db for details on excluding localhosts...
FEATURE(`greet_pause', `1000')dnl 1 seconds
dnl #
dnl # Delay_checks allows sender<->recipient checking
FEATURE(`delay_checks', `friend', `n')dnl
dnl #
dnl # If we get too many bad recipients, slow things down...
define(`confBAD_RCPT_THROTTLE',`3')dnl
dnl #
dnl # Stop connections that overflow our concurrent and time connection rates
FEATURE(`conncontrol', `nodelay', `terminate')dnl
FEATURE(`ratecontrol', `nodelay', `terminate')dnl
dnl #
dnl # If you're on a dialup link, you should enable this - so sendmail
dnl # will not bring up the link (it will queue mail for later)
dnl define(`confCON_EXPENSIVE',`True')dnl
dnl #
dnl # Dialup/LAN connection overrides
dnl #
include(`/etc/mail/m4/dialup.m4')dnl
include(`/etc/mail/m4/provider.m4')dnl
dnl #
dnl # Default Mailer setup
MAILER_DEFINITIONS
MAILER(`local')dnl
MAILER(`smtp')dnl
define(`MAIL_HUB`, 'mydomain.com.')dnl
define(`LOCAL_RELAY`, 'mydomain.com.')dnl

为什么 sendmail 将发送到除mydomain.com 之外的每个域，有什么明显的吗？我们使用 Rackspacemydomain.com发送电子邮件。如果我dig MX 为 mydomain.com 做一个，MX 记录也会正确显示。我难住了！

Zak

Asked: 2018-10-27 09:11:37 +0800 CST

PTR 未显示在挖掘请求中

3

我正在尝试PTR为反向 DNS 设置一个，以便从我的脚本发送的邮件不会由于反向 DNS 故障而被阻止。我相信我的区域设置正确，但是我“认为”它是正确的和“知道”它是正确的是两件事！

首先，我有：mydomain.com

此域位于公共 IP：1.2.3.4

我conf在配置中的文件bind如下所示：

zone "mydomain.com" {
         type master;
         file "/var/lib/bind/mydomain.com.hosts";
         };

zone "4.3.2.1.in-addr.arpa" {
    type master;
    file "/var/lib/bind/mydomain.com.reverse.hosts";
    };

mydomain.com.reverse.hosts文件包含：

$ttl 38400
@                      IN          SOA      ns1.mydomain.com. zak.mydomain.com. (
                            1502115400
                            10800
                            3600
                            604800
                            38400 )
                       IN       NS      ns1.mydomain.com.
                       IN       NS      ns2.mydomain.com.

4.3.2.1.in-addr.arpa.  3600      IN       PTR     mydomain.com.

前向查找效果很好—— IEdig mydomain.com A都dig mydomain.com NS显示了各自的（正确的）A 和 NS 记录。然而，反向查找没有显示PTR. IE：

zak@zak-webserver:~$ dig -x 1.2.3.4 PTR

; <<>> DiG 9.10.3-P4-Ubuntu <<>> -x 1.2.3.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;4.3.2.1.in-addr.arpa.  IN  PTR

我的 PTR 记录设置正确吗？如果是这样，我可以做哪些检查来找到故障点？

Zak

Asked: 2017-11-22 13:52:00 +0800 CST

绑定服务器配置是次优的。DNS充其量是间歇性的

1

我的绑定服务器配置工作.. 只是不太好，我不确定根本原因是什么，或者在哪里修复它。

我有一个 DNS 专用服务器。 ns1.ywpadmin.com. 它的公共IP地址是40.142.31.33，内部IP地址是10.0.0.200

我的网络服务器位于40.142.31.34.

我正在测试的网站是roofrightroofing.net

现在，当我访问时，whatsmydns.net全球只有大约一半的服务器显示绿色复选标记。

当我dig roofrightroofing.net SOA @localhost从 DNS 服务器运行时——我得到（请记住，我还没有设置 NS2 服务器。我希望我的配置在此之前正常运行）：

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40310
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;roofrightroofing.net.      IN  SOA

;; ANSWER SECTION:
roofrightroofing.net.   38400   IN  SOA ns1.ywpadmin.com. admin.ywpadmin.com. 1494612100 10800 3600 604800 38400

;; AUTHORITY SECTION:
roofrightroofing.net.   38400   IN  NS  ns1.ywpadmin.com.
roofrightroofing.net.   38400   IN  NS  ns2.ywpadmin.com.

;; ADDITIONAL SECTION:
ns1.ywpadmin.com.   38400   IN  A   10.0.0.200
ns2.ywpadmin.com.   38400   IN  A   10.0.0.200

;; Query time: 3 msec
;; SERVER: ::1#53(::1)
;; WHEN: Tue Nov 21 14:30:03 CST 2017
;; MSG SIZE  rcvd: 181

这是我的绑定服务器的配置：

命名.conf.options

options {

    dnssec-validation auto;
    auth-nxdomain no;    # conform to RFC1035
    listen-on-v6 { any; };
    recursion no;
    version "Not Disclosed";

};

命名.conf.local

//roofrightroofing.net--
zone "roofrightroofing.net" {
         type master;
         file "/var/lib/bind/roofrightroofing.net.hosts";
         };
//--roofrightroofing.net

屋顶权利屋顶.net.hosts

$ttl 38400
roofrightroofing.net.                       IN          SOA      ns1.ywpadmin.com. admin.ywpadmin.com. (
                            1494612100
                            10800
                            3600
                            604800
                            38400 )
roofrightroofing.net.                       IN       NS      ns1.ywpadmin.com.
roofrightroofing.net.                       IN       NS      ns2.ywpadmin.com.
roofrightroofing.net.                       IN       A       40.142.31.34
www.roofrightroofing.net.                   IN       A       40.142.31.34

ywpadmin.com.hosts

$ttl 38400
ywpadmin.com.                       IN          SOA      ns1.ywpadmin.com. admin.ywpadmin.com. (
                            150000000 ;serial number
                            10800 ; Refresh
                            3600 ; Retry
                            604800 ; Expire
                            38400 ) ; Negative Cache TTL


ywpadmin.com.           IN      NS      ns1.ywpadmin.com.
ywpadmin.com.           IN      NS      ns2.ywpadmin.com.
ns1.ywpadmin.com.       IN      A       10.0.0.200
ns2.ywpadmin.com.       IN      A       10.0.0.200
ywpadmin.com.           IN       A       40.142.31.34
www.ywpadmin.com.       IN       A       40.142.31.34

Godaddy 配置

A     @    40.142.31.34
NS    @    ns03.domaincontrol.com   
NS    @    ns04.domaincontrol.com


------------ HOSTS -------------
Host    IP Addresses    
NS3    40.142.31.33 
NS4    40.142.31.33 
NS1    40.142.31.33 
NS2    40.142.31.33

在我的配置稳定后，我将再次设置 NS2 - NS4。

我已尝试多次更新此特定网站的序列号，但仍然遇到问题。就我的服务器配置或故障排除而言，我还能做些什么？这是GoDaddy配置问题还是BIND区域问题？有什么明显的东西看起来不正确吗？

Zak

Asked: 2017-05-12 14:33:02 +0800 CST

DNS 绑定服务器间歇性问题

0

我们在 Ubuntu 上有一个 Bind 服务器。这是一个非常基本的设置。但是，我们遇到了一个愚蠢的问题，我不确定服务器是否配置不正确，或者是否是互联网上的问题。值得一提的是，下图是数周后，在某些情况下是数月后。

以下是我们在What's my DNS上看到的示例：

以下是该站点的配置文件示例：

$ttl 38400
somewebsite.net.                       IN          SOA      ns1.ourserver.com. email.somewebsite.com. (
                            1486765992
                            10800
                            3600
                            604800
                            38400 )
somewebsite.net.                       IN       NS      ns1.ourserver.com.
somewebsite.net.                       IN       A       xxx.xxx.xxx.34
www.somewebsite.net.                   IN       A       xxx.xxx.xxx.34
mail.somewebsite.net.                  IN       A       xxx.xxx.xxx.14
webmail.somewebsite.net.               IN       A       xxx.xxx.xxx.14
somewebsite.net.                       IN       MX      10 mx1.ourmxserver.com.
somewebsite.net.                       IN       MX      20 mx2.ourmxserver.com.

现在我可以看到请求进入使用以下命令监视服务器

tcpdump -vvv -s 0 -l -n port 53

这让我相信问题出在其他地方？某些区域可以工作，而其他区域的配置文件错误？

一些信息.. 我们更改了几个月前我们的 NS1 和 NS2 指向的服务器，似乎有些网站从未完全“关注” IE 图像。这可能是与绑定服务器相关的问题吗？我的配置是否错误/不完整？

编辑我还检查了named-checkconf -z和checkzone- 他们检查了：

zone somesite.com/IN: loaded serial 1486765992
OK

Zak

Asked: 2013-09-26 16:40:46 +0800 CST

无法访问 Cisco ASA-5505 ASDN

0

我刚刚让我的网络启动并运行。我希望我的一些奴才的 ASDN 能够在无需与我联系的情况下进行微小的更改。这就是说，我已尝试启用它并访问它，但似乎我配置错误。任何人都可以看到以下配置有什么问题，我无法通过10.1.10.100？

interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 10.1.10.100 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 74.9xx.xx.225 255.255.255.248
!
ftp mode passive
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 74.xx.xx.230 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 10.1.10.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd dns 75.75.75.75 75.75.76.76
dhcpd auto_config outside
!
dhcpd address 10.1.10.104-10.1.10.254 inside
dhcpd enable inside
!

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum client auto
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect ip-options
!

从我收集到的......我应该能够从网络上的任何地方访问它？我错过了什么？

Zak

Asked: 2013-06-04 07:45:19 +0800 CST

已安装的 SVN——可以从已存在的目录创建存储库

0

我已经阅读了很多关于 SVN 的文章，但有点困惑。主要是因为使用的语义不一致。有些人会将目录称为存储库（即使它尚未创建）等。所以我决定尽可能清楚地问我的问题，以免引起任何混淆。

我做了什么：

我已经安装了 SVN 并在/snv名为dts_staging. 现在我的印象是我可以将它repository（据我所知）链接到一个已经存在的目录。但是我的尝试失败了。

存在的目录是/var/www/Staging/public_html. 这是一个充满我们网站暂存文件的目录。var/www/Staging/public_html如何将我的工作目录与创建的存储库链接/同步/合并等（不确定此处使用的正确词）/svn/dts_staging？使用该目录创建存储库会更容易吗？/var/www...如果是这样，那是怎么做到的？任何帮助表示赞赏！

Zak

Asked: 2013-05-01 12:40:28 +0800 CST

Apache 核心转储文件在物理机重启时自行删除

1

我有一个问题，必须有一个我没有看到的简单解决方案，但我用谷歌搜索并用谷歌搜索无济于事。

我遇到的问题是当我重新启动服务器（物理机）时，每次 Apache 告诉我/tmp/apache2-gbd-dump不存在并检查httpd.conf文件。好吧，我检查了 conf 文件，果然它调用了一个/tmp/apache2-gbd-dump核心转储。问题是这个文件实际上并不存在。当我查看日志时，这是与启动失败相关的唯一警告/错误。

所以我尝试创建文件，chown它到. 这行得通，因为我现在可以了。一旦我重新启动物理机，Core Dump 文件就消失了，我必须再次手动重新创建该文件以使 Apache 启动，因为它最终会自动启动。当它变成生产服务器时，这显然是行不通的。有没有人知道我可以调查什么以找出为什么会发生这种情况？如果有人看到相关问题，这里是 conf 文件中的代码，你能指出来吗？www-data:www-datachmod777sudo service apache2 start

CoreDumpDirectory /tmp/apache2-gdb-dump

LockFile ${APACHE_LOCK_DIR}/accept.lock

PidFile ${APACHE_PID_FILE}

Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5

<IfModule mpm_prefork_module>
    StartServers          5
    MinSpareServers       5
    MaxSpareServers      10
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

<IfModule mpm_worker_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

<IfModule mpm_event_module>
    StartServers          2
    MinSpareThreads      25
    MaxSpareThreads      75
    ThreadLimit          64
    ThreadsPerChild      25
    MaxClients          150
    MaxRequestsPerChild   0
</IfModule>

User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
AccessFileName .htaccess

<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
    Satisfy all
</Files>

DefaultType None
HostnameLookups Off

ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn

Include mods-enabled/*.load
Include mods-enabled/*.conf
Include httpd.conf
Include ports.conf

LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

Include conf.d/
Include sites-enabled/

Zak

Asked: 2013-01-09 17:15:07 +0800 CST

需要从我们的 FQDN IP 发送邮件

0

我正在努力了解我将如何绕过这个最新的障碍。需要发生什么： PHP script sends email to our Exchange Server....

听起来很简单吧？好吧，问题是上面有 PHP 脚本的 LAMP 服务器位于我们的办公大楼，而我们的 Web 服务器托管在专门的托管公司IP 65.xxx.xxx.xxx。当我们从基于 office 的 PHP 脚本将电子邮件发送到我们的交换服务器（由 Office 365 托管）时IP 173.xxx.xxx.xxx，交换服务器 ping-back 电子邮件来自的域，结果发现域解析到的 IP 是我们的 Web 服务器 IP 65.xxx.xxx.xxx... 而不是办公室173.xxx.xxx.xxx（电子邮件的来源）它比较，它们不匹配.. 并且垃圾进入了电子邮件。

我可以使用什么方法将电子邮件与 IP 一起发送出去，65.xxx.xxx.xxx以便交换服务器不会阻止它？我在想可能有 PHP SSH 进入网络服务器并使用它的（网络服务器的）sendmail？或者我是否删除 office maching 上的 sendmail 并使用 postfix to TLS 进入我们的交换帐户？我从来没有处理过这个。任何帮助、建议、网络文章——任何指向我可行解决方案的东西都将不胜感激！

Zak

Asked: 2012-12-07 16:12:59 +0800 CST

VMWare Cloud 上的主从 MySQL 设置——是否需要？

3

我们目前正处于为我们的电子商务业务构建一个“主”数据库的研究阶段，该数据库将集中所有数据，包括产品信息、供应商信息、Magento 信息、亚马逊等......我们已经研究了“物理”硬件”（两台 RAID 5 机器，主/从，从属硬盘备份 - 和一个单独的应用程序服务器）......或者我们可以做一个“基于云”的系统。

问题的核心是，在云上进行复制有什么好处吗？云的全部要点是可扩展性和“无硬件停机”，因此不会因硬件损坏而丢失数据。在基于云的系统上发生的数据丢失（如果有的话）将是基于软件的。话虽如此，作为一个会导致数据丢失的基于软件的问题，这个问题很可能会被复制，对吗？因此我们会有 2 台机器有相同的损坏数据？

我们正在尝试分析任一解决方案的成本/收益。当然，如果在云上复制没有任何好处，那么云必须提供的好处超过硬件解决方案。但是，如果云上的复制解决方案是更好的选择，那么硬件解决方案的成本就会低得多，包括物理管理时间。

有人在这里有任何经验或见解吗？

为多个 WorPress 站点提供服务的最佳方式 - 单服务器共享托管

Apache 每隔几天就会挂起 20 分钟

MySQL警告“用户存在”但用户不在“用户”表中

Sendmail 不发送到机器主机名的域

PTR 未显示在挖掘请求中

绑定服务器配置是次优的。DNS充其量是间歇性的

DNS 绑定服务器间歇性问题

无法访问 Cisco ASA-5505 ASDN

已安装的 SVN——可以从已存在的目录创建存储库

Apache 核心转储文件在物理机重启时自行删除

需要从我们的 FQDN IP 发送邮件

VMWare Cloud 上的主从 MySQL 设置——是否需要？

新安装后 postgres 的默认超级用户用户名/密码是什么？

SFTP 使用什么端口？

命令行列出 Windows Active Directory 组中的用户？

什么是 Pem 文件，它与其他 OpenSSL 生成的密钥文件格式有何不同？

如何确定bash变量是否为空？

Zak's questions