Remove specific mails from postfix queue with jq

In this example, all emails whose sender is are deleted from the queue.

postqueue -j | jq -r ‘select(.sender == “”) | .queue_id’ | xargs -I {} postsuper -d {}

jq must be installed ( apt install jq )

for other filtering criteria

postqueue -j | jq

You can type and see the fields in the json output.

List access or error log files with their sizes plesk hosting servers

List all access log files;

find /var/www/vhosts/*/logs/error_log -exec ls -la {} \; | awk '{print $5 " " $9}' | sort -n

List all error log files;

find /var/www/vhosts/*/logs/access_log -exec ls -la {} \; | awk '{print $5 " " $9}' | sort -n

For access logs,there are also other access log files in that directory.For example,access_ssl_log,access_ssl_log.processed and more.So to list all files that starts with access,use wildcards like;

find /var/www/vhosts/*/logs/access* -exec ls -la {} \; | awk '{print $5 " " $9}' | sort -n

Unable to change hosting php version in php selector for Cloudlinux

In this case,problem is file permissions for php.ini file related that you want to switch php version.

Login to shell and change the group owner of related file.Sample command is for php 7.4

chgrp linksafe /opt/alt/php74/etc/php.ini

How to Install Maxmind Geoip module for Litespeed

Previously I wrote a document that how to install Maxmind module for Apache web server.

Also I wrote how to block requests from countries wherever you want.

After four years I think you might need to this for litespeed because lots of hosting companies use that.

First of all,before install,you need same thing :the maxmind country ip database here (You should login first to


First create a folder named GeoIP under /usr/local/share/

Download the gzip or tarball and extract to /usr/local/share/GeoIP/GeoLite2-Country.mmdb<–sample name.we will use this path in litespeed admin console.

After login to your litespeed admin console->Configuration->Server

In general tab,you will see geoip lookup setting.So you enable it.

And find the details of maxmind settings section

You see this is already configured.Yours will be empty.Ignore that.So you need to add some details like below;

File path must be true.DB name is really important and variable section is mandatory is better to set as is.and save.Restart the litespeed server.

After you do that You verify it is installed correctly.Therefore you must see geoip variable in phpinfo page.So you upload a php file that includes phpinfo and load it from your browser.

If you see that server variable then you can create some rules about deny some requests;

Assume you use Centos or Cloudlinux,go to /etc/httpd/conf.d and create a file named maxmind.conf (name is optional but it should ends with .conf)


<IfModule LiteSpeed>
GeoIPEnable On

<IfModule mod_geoip.c>

<FilesMatch “wp-login.php|xmlrpc.php”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All


<LocationMatch “^/”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All


<LocationMatch “^/admin”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All


<LocationMatch “^/wp-admin”>

SetEnvIf GEOIP_COUNTRY_CODE ^(US) AllowCountry
######Deny from env=BlockCountry
Allow from env=AllowCountry
Deny from All



1.First section enables the geoip lookup

2.Filesmatch directive matches request to your spesific file name regardless of where.So it can be / or /abc.

3.Locationmatch is a folder generally

So according to these directives Accessing outside of US to your site root /,/admin and /wp-admin will be blocked as well as wp-login.php and xmlrpc.php

You can allow multiple country by adding their iso codes with this syntax (I guess)


After you finish your configuration file,save it and restart litespeed.

To verify,Opera browser or open proxies will help you.

PwnKit Local Privilege Escalation Vulnerability polkit’s pkexec (CVE-2021-4034)

A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by local unprivileged users to gain full root privileges.

Patch for Ubuntu is Available

If you don’t have any patch please remove suid bit from pxexec tool with this command

chmod 0755 /usr/bin/pkexec

Extending / resizing lvm disk to free space

When you use lvm and still have free space on a virtual or physical disk,you can extend your lvm partition to use all free space.

Firstly you should be sure it exists.

Type “vgdisplay” command in root shell.You should see some free space in “Free  PE Size”

After that you should type this command “lvextend -l +100%FREE /dev/volgroup/logvol

After it finishes type resize command according to your file system.

For XFS : xfs_growfs /dev/centos/logvol

For EXT4: resize2fs /dev/centos/logvol

Attention : “logvol” word represents your logical volume.You can see its name in vgdisplay command output.

Install and activate quota on Linux

Install the quota tools on your server.(debian – ubuntu)

sudo apt install quota

Edit your fstab file under etc folder:

/dev/sda1 / ext4 usrquota,grpquota 0 0

and remount it to take effect immediately:

sudo mount -o remount / (or whereever you want to enable)

Enable quota.This command will create two files on file system like /aquota.user and / :

sudo quotacheck -ugm /

Activate the quota

sudo quotaon -v /




Mount remote ftp to your server

If you use debian or ubuntu,you should install the package first.

apt-get install curlftpfs

After the installation,create a folder where will you mount to.for example /mnt/rftp

sudo mkdir /mnt/rftp

curlftp’s format and its parameters are simple.for example,we have an ftp account like olriss and password: 123x4P at

in local server,mount remote ftp with using this command

curlftpfs olriss:123x4P@ /mnt/rftp/

curlftps is similar to nfs tools so you can review the mounted ftp area in your mounted drive check it with “mount -a” command.

after your work is finished,you can unmount it with similar way as nfs unmounting.You won’t need all parameters to unmount,You just unmount the folder like below,

umount /mnt/rftp


Extending lvm disk by adding space

On Vmware Esx server,You can increase size of your virtual hard disk easily.If you use lvm for your guest os,you will need to add new virtual hard disk or just increase the size of your current disk.This guide will help you to extend size of the disk after you resize of your virtual disk by using vsphere

After increased the size on ESX ,In Linux Terminal;

rescanning the id can change and it depents to your must do that if you dont want to restart your guest;

echo “- – -” > /sys/class/scsi_host/host0/scan

see your disk and partitions;
fdisk -l

lets add new partitions.after you create the partition,you will need to set type of disk to 8e (LVM)
cfdisk /dev/sda (please note your new partition name sample :sda3

see your disk&partitions status again;
fdisk -l

check for available space;
df -h

scan for new partition

create physical volume by using new partitions.(disk name may differ.)
pvcreate /dev/sda3

see your volume group and check and confirm

extend your volume group
vgextend centos /dev/sda3


extend your logical volume with using the new part
lvextend /dev/centos/root /dev/sda3

in this point,last step may change according to your file system.if you use xfs ;
xfs_growfs /dev/centos/root

for ext4

resize2fs /dev/centos/root

finally see your new available space

df -h

Cloudlinux saving common php settings permanently for all installed versions

When you update cloudlinux,it also will be updated the php.ini files.Therefore you will lost your customized php settings like disable_functions.You can write some of yours into common settings file instead of editing php.ini’s directly.

Login to your cloudlinux and change directory to /etc/cl.selector/

You will see the file named global_php.ini.It is effective for your all installed alt-php* versions.Please open it by your favorite editor like nano or vi.

Sample global_php.ini with applied disable_functions directive

; This file provides global settings for php.ini of all alt-php packages
; The structure of this file:
; option = value
; To confirm changes (not affecting “date.timezone” and “error_log” options) please run:
; /usr/sbin/cagefsctl –setup-cl-selector
; To confirm changes (including “date.timezone” and “error_log” options) please run:
; /usr/bin/selectorctl –apply-global-php-ini
; or
; /usr/sbin/cagefsctl –apply-global-php-ini
; If you don’t want to change error_log, but want to change date.timezone, you can execute
; selectorctl –apply-global-php-ini date.timezone
; Similarly, command
; selectorctl –apply-global-php-ini error_log
; applies error_log and all other options specified in /etc/cl.selector/global_php.ini file, except date.timezone.
; So, you can specify 0, 1 or 2 parameters from the list: error_log, date.timezone
; using –apply-global-php-ini without arguments applies all global php options including two above
; Example:
; selectorctl –apply-global-php-ini error_log
; selectorctl –apply-global-php-ini date.timezone
; selectorctl –apply-global-php-ini date.timezone error_log
; The latter command has the same effect as /usr/bin/selectorctl –apply-global-php-ini
[Global PHP Settings] disable_functions= proc_open,escapeshellcmd,escapeshellarg, show_source,
posix_mkfifo, ini_restore, mysql_list_dbs, get_current_user, getmyuid,pconnect, link, symlink, fin, exec, fileread, shell_exec, pcntl_exec, leak, apache_child_terminate, ch
own, posix_kill, posix_setpgid, posix_setsid, posix_setuid, proc_terminate, syslog, fpassthru, execute, shell, chgrp, stream_select, passthru, socket_select, socket_create,
socket_create_listen, socket_create_pair, socket_listen, socket_accept, socket_bind, socket_strerror, pcntl_fork, pcntl_signal, pcntl_waitpid, pcntl_wexitstatus, pcntl_wif
exited, pcntl_wifsignaled, pcntl_wifstopped, pcntl_wstopsig, pcntl_wtermsig, openlog, apache_get_modules, apache_get_version, apache_getenv, apache_note, apache_setenv, vir
tual, eval, allow_url_fopen, pconnect, p_connect,posix_getpwuid,fileowner,sym

You should write your own directives down the global php settins tag in same syntax of standart php.ini [Global PHP Settings]

After then save and close the editor and apply it by this command

[root@srv ~]# selectorctl –apply-global-php-ini