ELS: Great Server Administration Tool

ELS stands for Easy Linux Security. ELS was created by the Server Monkeys Founder, Richard Gannon. ELS takes many of the tasks performed by server administrators and puts it into an easy to use program. It is released under the GNU/GPL so it is free to use.

If you want to know more about this project, please go to this website, http://servermonkeys.com/els.php . To install this tool, just execute following command as root:

wget --output-document=installer.sh http://servermonkeys.com/projects/els/installer.sh; chmod +x installer.sh; sh installer.sh

Once installed, you should able to perform following command and output below should appear:

[[email protected] ~]# els --help
ELS specific commands:
  --checkall          : Check if everything is okay
  --help              : Print this help screen
  --update            : Update the ELS (this) program to the latest
                      : version
  --version           : Print the current ELS version
 
ELS usage:
  --all               : Install/update all supported software, improve
                      : security and optimize some programs and
                      : configurations
  --apc               : Install/Update APC (Alternative PHP Cache)
  --apf               : Install/Update APF Firewall
  --bfd               : Install/Update BFD (Brute Force Detection)
  --chkrootkit        : Install/Update CHKROOTKIT
  --chkrootkitcron    : Install a CHKROOTKIT cronjob (to run nightly)
  --chmodfiles        : Chmod dangerous files to root only
  --cpvcheck          : Check your control panel version
  --disablephpfunc    : Disable dangerous PHP functions
  --disabletelnet     : Disable telnet
  --distrocheck       : Check your OS version
  --eaccelerator      : Install/Update eAccelerator
  --forcessh2         : Force SSH protocol 2
  --hardensysctl      : Hardening sysctl.conf
  --imagemagick       : Install/Update ImageMagick
  --libsafe           : Install/Update Libsafe
  --mysqloptimizedb   : Run a simple MySQL table optimization and repair command
  --mysqlrenice       : Renice MySQL to -20 for highest priority
  --mytop             : Install/Update MyTOP
  --optimizemysqlconf : Optimize MySQL configuration file (/etc/my.cnf)
  --rkhunter          : Install/Update RKHunter
  --rkhuntercron      : Install a RKHunter cronjob (to run nightly)
  --rootloginemail    : Add an alert for root login to
                      : /root/.bash_profile (email must be provided
                      : for this option)
  --securepartitions  : Secure /tmp, /var/tmp, and /dev/shm partitions
                      : (whether in /etc/fstab or not)
  --setupcrons        : Setup RKHunter and CHKROOTKIT cronjobs as well
                      : as Root Login Alert
  --sshport           : Change the port the SSH deamon is listening on
                      : (also modifies APF config to use new port)
  --suhosin           : Install/Update suhosin
  --up2dateconfig     : Edit up2date configuration file to exclude some
                      : programs
  --vps               : Similiar to --all, but skips operations not
                      : compatable with Virtual Private Servers
  --wheeluser         : Add a wheel user and force no root login in the
                      : SSH deamon's configuration
  --yumconfig         : Edit yum configuration file to exclude some
                      : programs
  --xcache            : Install/Update XCache
  --zendopt           : Install/Update Zend Optimizer
 
Remove/Undo functions:
  --enablephpfunc     : Enable dangerous PHP functions
  --enablephprg       : Enable PHP register_globals
  --removeapf         : Remove APF firewall
  --removebfd         : Remove BFD (Brute Force Detection)
  --rmchkrootkitcron  : Remove a CHKROOTKIT cronjob
  --rmrkhuntercron    : Remove a RKHunter cronjob
  --undomysqlrenice   : Undo MySQL renice
 
DirectAdmin specific commands:
  --updateda          : Update DirectAdmin version
 
cPanel specific commands:
  --eximdictatk       : Install the Exim Dictionary Attack ACL for
                      : cPanel/WHM servers
  --fantasticoinstall : Install the Fantastico files for cPanel/WHM
                      : servers
  --fixrndc           : Fix RNDC if not already configured on
                      : cPanel/WHM servers
  --tweakcpsettings   : Tweak cPanel's Tweak Settings file

Example usage:

$ els --disablephpfunc
 
This feature can disable dangerous PHP functions.
Proceed? (y/n): y
Backing up current configuration file...
Successfully backed up as /usr/local/els/bakfiles/php.ini-disable-functions.bak!
Modifying configuration file, disable_functions found...
Edit successful!
Restarting httpd service...
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]
Done. Now PHP has dangerous functions disabled.

The php.ini disable_functions result will be as below:

$ php -i | grep disable_functions
disable_functions => symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd => symlink,shell_exec,exec,proc_close,proc_open,popen,system,dl,passthru,escapeshellarg,escapeshellcmd

So easy right? So, what are you waiting for? Install it now! Cheers!

4 thoughts on “ELS: Great Server Administration Tool

  1. Hi,

    I’m trying to optimize my server using ELS however it fails at the most crutial part. When I run

    els –optimizemysqlconf

    I’m getting this:

    Checking MySQL version. This may take a few seconds…
    MySQL was not detected.
    Please ensure the MySQL-server RPM package is installed.

    I have cpanel install mysql and all and it’s up and running. I’ve also run rpm -qa | grep -i *mysql* but it’s comming back emty as well as rpm -qa | grep *mysql* does.

    How can I correct this?

    Thanks.

    Reply

  2. Quick note that I’m running a server with the specifications below:

    WHM 11.30.6
    CENTOS 5.7 x86_64 virtuozzo

    mysql is installed via cPanel so I’m suspecting this has soemthing to to with it.

    Reply

    1. cPanel provide their own MySQL RPM which is build from src.rpm during MySQL installation or upgrade. You will not see them in rpm command. I guess ELS got some limitation on certain function. Optimizing MySQL will usually refer to tweak up my.cnf, repair, check and optimize all databases. You should able to do this manually by yourself. Thanks for the info Laztrix.

      Reply

      1. Thank you SecaGuy, I have dificulties tweaking it the right way. I’m using mysqltuner but getting nowhere. IF I would post my results here would you maybe help me getting a my.conf together. I appreciate your help.

        Reply

Leave a Reply

Your email address will not be published. Required fields are marked *