Thursday, October 8, 2015

How To Set Up an NFS Mount on Ubuntu 14.04

                No comments   

Introduction

NFS, or Network File System, is a distributed filesystem protocol that allows you to mount remote directories on your server. This allows you to leverage storage space in a different location and to write to the same space from multiple servers easily. NFS works well for directories that will have to be accessed regularly.
In this guide, we'll cover how to configure NFS mounts on an Ubuntu 14.04 server.

Thursday, August 27, 2015

Adding Apache Reporting To Munin

           ,      No comments   
When you first install a Munin node it will try to install as many plugins as it can so that it can report on different things. For example, if you have a Varnish server running then Munin will detect this and enable the plugins so that it can report on the activity of Varnish. Once you have started getting data through to your Munin server then you can turn on plugins on the nodes to get more data.

Monday, August 24, 2015

Thursday, August 20, 2015

How To Install and Configure Config Server Firewall (CSF) on Ubuntu

           ,      No comments   

Introduction

Config Server Firewall (or CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. In addition to the basic functionality of a firewall – filtering packets – CSF includes other security features, such as login/intrusion/flood detections. CSF includes UI integration for cPanel, DirectAdmin and Webmin, but this tutorial only covers the command line usage. CSF is able to recognize many attacks, such as port scans, SYN floods, and login brute force attacks on many services. It is configured to temporarily block clients who are detected to be attacking the cloud server.

Setup ConfigServer Security and Firewall (CSF) on CentOS 7

           ,      No comments   
ConfigServer Security & Firewall (CSF) is a stateful packet inspection firewall (SPI), login/intrusion detection, and security application for Linux servers. It is a very popular security suite, but isn't officially supported yet on CentOS 7.
CentOS 7 uses firewalld rather than iptables. A quick internet search will show that many faithful CentOS users find firewalld far too complicated for their needs and are reverting back to iptables. Iptables was the standard firewall for CentOS 5 and 6.

Monday, August 10, 2015

How to Backup and Restore MongoDB using mongodump and mongorestore

                1 comment   
mongodump is an useful tool to backup Mongo database. Apart from taking a cold backup, it can also take hot backup. i.e You can connect to a running instance of MongoDB and take a backup even when users are using the database.
mongorestore is an useful tool to restore the MongoDB backup that was taken using mongodump utility.

This tutorial provides several mongodump and mongorestore command examples that you can use to backup and restore a MongoDB using both .

Sunday, July 5, 2015

How To Install an SSL Certificate from a Commercial Certificate Authority

           , ,      No comments   
How To Install an SSL Certificate from a Commercial Certificate Authority


Introduction

This tutorial will show you how to acquire and install an SSL certificate from a trusted, commercial Certificate Authority (CA). SSL certificates allow web servers to encrypt their traffic, and also offer a mechanism to validate server identities to their visitors. The main benefit of using a purchased SSL certificate from a trusted CA, over self-signed certificates, is that your site's visitors will not be presented with a scary warning about not being able to verify your site's identity.

How To Set Up an OpenVPN Server on Ubuntu 14.04

           , ,      No comments   
How To Set Up an OpenVPN Server on Ubuntu 14.04

Introduction

Want to access the Internet safely and securely from your smartphone or laptop when connected to an untrusted network such as the WiFi of a hotel or coffee shop? A Virtual Private Network (VPN) allows you to traverse untrusted networks privately and securely to your DigitalOcean Droplet as if you were on a secure and private network. The traffic emerges from the Droplet and continues its journey to the destination.

Friday, July 3, 2015

How To Set Up Automatic Deployment with Git with a VPS

           ,      No comments   

Introduction

For an introduction to Git and how to install, please refer to the introduction tutorial.
This article will teach you how to use Git when you want to deploy your application. While there are many ways to use Git to deploy our application, this tutorial will focus on the one that is most straightforward. I assume you already know how to create and use a repository on your local machine. If not, please refer tothis tutorial.

How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 14.04

           ,      No comments   
How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 14.04


Introduction

A "LAMP" stack is a group of open source software that is typically installed together to enable a server to host dynamic websites and web apps. This term is actually an acronym which represents the Linux operating system, with the Apache web server. The site data is stored in a MySQL database, and dynamic content is processed by PHP.
In this guide, we'll get a LAMP stack installed on an Ubuntu 14.04 Droplet. Ubuntu will fulfill our first requirement: a Linux operating system.

Understanding the Nginx Configuration File Structure and Configuration Contexts

           ,      No comments   

Understanding the Nginx Configuration File Structure and Configuration Contexts


Introduction

Nginx is a high performance web server that is responsible for handling the load of some of the largest sites on the internet. It is especially good at handling many concurrent connections and excels at serving static content.

Additional Recommended Steps for New Ubuntu 14.04 Servers

                No comments   

Introduction

After setting up the bare minimum configuration for a new server, there are some additional steps that are highly recommended in most cases. In this guide, we'll continue the configuration of our servers by tackling some recommended, but optional procedures.

Thursday, July 2, 2015

Initial Server Setup with Ubuntu 14.04

                No comments   

Introduction

When you first create a new Ubuntu 14.04 server, there are a few configuration steps that you should take early on as part of the basic setup. This will increase the security and usability of your server and will give you a solid foundation for subsequent actions.

Understanding Nginx HTTP Proxying, Load Balancing, Buffering, and Caching

                No comments   
Understanding Nginx HTTP Proxying, Load Balancing, Buffering, and Caching


Introduction

In this guide, we will discuss Nginx's http proxying capabilities, which allow Nginx to pass requests off to backend http servers for further processing. Nginx is often set up as a reverse proxy solution to help scale out infrastructure or to pass requests to other servers that are not designed to handle large client loads.
Along the way, we will discuss how to scale out using Nginx's built-in load balancing capabilities. We will also explore buffering and caching to improve the performance of proxying operations for clients.

How To Install Linux, nginx, MySQL, PHP (LEMP) stack on Ubuntu 14.04

           , , ,      No comments   

Introduction

The LEMP software stack is a group of software that can be used to serve dynamic web pages and web applications. This is an acronym that describes a Linux operating system, with an Nginx web server. The backend data is stored in MySQL and the dynamic processing is handled by PHP.
In this guide, we will demonstrate how to install a LEMP stack on an Ubuntu 14.04 server. The Ubuntu operating system takes care of the first requirement. We will describe how to get the rest of the components up and running.

How To Set Up Nginx Server Blocks (Virtual Hosts) on Ubuntu 14.04 LTS

           ,      No comments   

Introduction

When using the Nginx web server, server blocks (similar to the virtual hosts in Apache) can be used to encapsulate configuration details and host more than one domain off of a single server.
In this guide, we'll discuss how to configure server blocks in Nginx on an Ubuntu 14.04 server.

How To Set Up SSH Keys

                No comments   
How To Set Up SSH Keys


About SSH Keys

SSH keys provide a more secure way of logging into a virtual private server with SSH than using a password alone. While a password can eventually be cracked with a brute force attack, SSH keys are nearly impossible to decipher by brute force alone. Generating a key pair provides you with two long string of characters: a public and a private key. You can place the public key on any server, and then unlock it by connecting to it with a client that already has the private key. When the two match up, the system unlocks without the need for a password. You can increase security even more by protecting the private key with a passphrase.

How To Add Swap on Ubuntu 14.04

                No comments   

Introduction

One of the easiest way of increasing the responsiveness of your server and guarding against out of memory errors in your applications is to add some swap space. Swap is an area on a hard drive that has been designated as a place where the operating system can temporarily store data that it can no longer hold in RAM.

Wednesday, July 1, 2015

How To Set Up a Firewall Using IPTables on Ubuntu 14.04

           ,      No comments   

Introduction

Setting up a good firewall is an essential step to take in securing any modern operating system. Most Linux distributions ship with a few different firewall tools that we can use to configure our firewalls. In this guide, we'll be covering the iptables firewall.

How To Use NSD, an Authoritative-Only DNS Server, on Ubuntu 14.04

           ,      No comments   

Introduction

Setting up a DNS server to be responsible for domain names can be a complex task even for seasoned administrators. DNS zone management is a vital duty, but can be bewildering, especially when attempting to get started.
Software like the Bind DNS server is incredibly flexible and can be configured to operate as many of the components in the overall DNS hierarchy. However, that flexibility also means that Bind is not optimized for any one task. This has a few side effects.

How To Configure BIND as a Private Network DNS Server on Ubuntu 14.04

           ,      No comments   
How To Configure BIND as a Private Network DNS Server on Ubuntu 14.04


Introduction

An important part of managing server configuration and infrastructure includes maintaining an easy way to look up network interfaces and IP addresses by name, by setting up a proper Domain Name System (DNS). Using fully qualified domain names (FQDNs), instead of IP addresses, to specify network addresses eases the configuration of services and applications, and increases the maintainability of configuration files. Setting up your own DNS for your private network is a great way to improve the management of your servers.

How To Configure Bind as an Authoritative-Only DNS Server on Ubuntu 14.04

           ,      No comments   

Introduction

DNS, or the Domain Name System, is often a difficult component to get right when learning how to configure websites and servers. While most people will probably choose to use the DNS servers provided by their hosting company or their domain registrar, there are some advantages to creating your own DNS servers.

How To Configure Bind as a Caching or Forwarding DNS Server on Ubuntu 14.04

           ,      No comments   

Introduction

DNS, or the Domain Name System, is often a difficult component to get right when learning how to configure websites and servers. While most people will probably choose to use the DNS servers provided by their hosting company or their domain registrar, there are some advantages to creating your own DNS servers.

How To Set Up a Host Name with DigitalOcean

                No comments   
DigitalOcean’s DNS allows you to easily set up your hostname from the DigitalOcean control panel.

Setup

Before you get started, you do need to have the following:
  • A Droplet (virtual private server) from DigitalOcean. If you don’t have one, you can register and set one up in under a minute
  • A Registered Domain Name. As of yet, you cannot register a domain through DigitalOcean.

A Comparison of DNS Server Types: How To Choose the Right DNS Configuration

                No comments   

Introduction

DNS, or the Domain Name System, is an integral part of how systems connect with each other to communicate on the internet. Without DNS, computers, and the people who use them, would be required to connect using only numerical addresses known as IP addresses.

An Introduction to DNS Terminology, Components, and Concepts

                No comments   

Introduction

DNS, or the Domain Name System, is often a very difficult part of learning how to configure websites and servers. Understanding how DNS works will help you diagnose problems with configuring access to your websites and will allow you to broaden your understanding of what's going on behind the scenes.

How To Create a New User and Grant Permissions in MySQL

                No comments   

About MySQL

MySQL is an open source database management software that helps users store, organize, and later retrieve data. It has a variety of options to grant specific users nuanced permissions within the tables and databases—this tutorial will give a short overview of a few of the many options.

How To Install Wordpress on Ubuntu 14.04

           ,      No comments   

Introduction

At this time, WordPress is the most popular CMS (content management system) on the internet. It allows you to easily set up flexible blogs and websites on top of a MySQL backend with PHP processing. WordPress has seen incredible adoption and is a great choice for getting a website up and running quickly.
In this guide, we'll focus on getting a WordPress instance set up with an Apache web server on Ubuntu 14.04.

How To Install and Secure phpMyAdmin on Ubuntu 14.04

           ,      No comments   
How To Install and Secure phpMyAdmin on Ubuntu 14.04


Introduction

While many users need the functionality of a database management system like MySQL, they may not feel comfortable interacting with the system solely from the MySQL prompt.
phpMyAdmin was created so that users can interact with MySQL through a web interface. In this guide, we'll discuss how to install and secure phpMyAdmin so that you can safely use it to manage your databases on Ubuntu 14.04.

5 Ways to Improve your Production Web Application Server Setup

           ,      No comments   
5 Ways to Improve your Production Web Application Server Setup


Introduction

Once your application is up and running in a cloud server environment, you may be wondering how you can improve your server environment to make the leap from "it works" to a full-fledged production environment. This article will help you get started with planning and implementing a production environment by creating a loose definition of "production", in the context of a web application in a cloud server environment, and by showing you some components that you can add to your existing architecture to make the transition.

An Introduction to Securing your Linux VPS

           ,      No comments   

Introduction

Taking control of your own Linux server is an opportunity to try new things and leverage the power and flexibility of a great platform. However, Linux server administrators must take the same caution that is appropriate with any network-connected machine to keep it secure and safe.
There are many different security topics that fall under the general category of "Linux security" and many opinions as to what an appropriate level of security looks like for a Linux server.

A Basic MySQL Tutorial

           , ,      No comments   

About MySQL

MySQL is an open source database management software that helps users store, organize, and retrieve data. It is a very powerful program with a lot of flexibility—this tutorial will provide the simplest introduction to MySQL

How to Install MySQL on Ubuntu and CentOS

If you don't have MySQL installed on your droplet, you can quickly download it.

How To Configure a Mail Server Using Postfix, Dovecot, MySQL, and SpamAssassin

           ,      No comments   

Introduction

In this tutorial, we are going to configure a mail server using Postfix, Dovecot, MySQL and SpamAssassin on Ubuntu 12.04.
Following this tutorial you'll be able to add virtual domains, users, and aliases. Moreover, your virtual server will be secure from spam hub.

How To Setup Your Own VPN With PPTP

           , ,      No comments   

Intro

One of the commonly asked questions from our users is how to add another IP address to their server. You can assign your own private IP address to your droplet by creating a VPN tunnel. Whether you want to build your own Virtual Private Network (VPN), or assign an SSL certificate to that IP address, you have several options. From all of the possible options, the most optimal ones are between PPTP and OpenVPN. A Point-To-Point Tunneling Protocol (PPTP) allows you to implement your own VPN very quickly, and is compatible with most mobile devices. Even though PPTP is less secure than OpenVPN, it is also faster and uses less CPU resources.

SSH Server CentOS 7

                No comments   
Configure SSH Server - Password Authentification

 Configure SSH Server to manage a server from the remore computer. SSH uses 22/TCP

 SSHd is installed even if you installed CentOS with "Minimal Install", so it's not necessarry to install new packages. Furthermore, SSHd is set auto-start setting by default, so it's possible to login without chainging ant settings. But it had better to change for security settings like follows

Tuesday, June 30, 2015

Initial Setting CentOS 7 - Configure VIM

                No comments   
Install and Configure vim that is more convenience than vi.

 Install vim
[root@dlp ~]# yum -y install vim-enhanced 

 Set command alias. ( Apply to all users below. If you apply to a user, Write the same settings in '~/.bashrc' )
[root@dlp ~]#
vi /etc/profile
# add at the last line

alias vi='vim'
[root@dlp ~]# source /etc/profile

Initial Setting CentOS 7 - Add Repository

                No comments   
Add some useful external repositories to install useful softwares
Install a plugin to add priorities to each installed repositories.
[root@dlp ~]#
yum -y install yum-plugin-priorities
# set [priority=1] to official repository

[root@dlp ~]# sed -i -e "s/\]$/\]\npriority=1/g" /etc/yum.repos.d/CentOS-Base.repo

Initial Setting CentOS 7 - Firewall and Selinux

                No comments   



FIREWALL

If the Firewall on the server is unnecessarry (for example, because some firewalls are allready running in your LAN ),
then stop it like follows.
If needs, refer to here to configure Firewalld.
[root@dlp ~]# 
systemctl stop firewalld 
[root@dlp ~]# 
systemctl disable firewalld 

rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'

Basic Operation of Firewalld Centos 7

                No comments   
This is the Basic Operation of Firewalld.

 The definition of services is set to zones on Firewalld. To enable Firewall, assosiate a zone to a NIC with related commands.

 1. To use Firewalld, start it

 [root@dlp ~]# 
systemctl start firewalld 

[root@dlp ~]# 
systemctl enable firewalld 

Initial Setting CentOS 7 - Add an User

                No comments   
Add an User "cent" as an example below.

[root@dlp ~]# 
useradd cent 

[root@dlp ~]# 
passwd cent 

Changing password for user cent.
New UNIX password:
# set password

Retype new UNIX password:
# confirm

passwd: all authentication tokens updated successfully.
[root@dlp ~]# 
exit 

Thursday, June 18, 2015

Debian/Ubuntu Linux: Restrict an SSH user session to a specific directory by setting chrooted jail

           ,      No comments   
I setup a web-server. I need to grant a user ssh access but I do not trust users. How can I limit user session to a specific directory such as /home/httpd/$USERNAME? How do I set up a ssh chroort jail on a Linux operating systems?

You can interactive shell with special root directory on a Linux or Unix-like systems. You can set the pathname (such as /home/httpd/foo) of a directory to chroot to after authentication. All components of the pathname must be root owned directories that are not writable by any other user or group. After the chroot, sshd changes the working directory to the user's home directory.

Thursday, May 21, 2015

SSH ProxyCommand example: Going through one host to reach another server

           ,      No comments   
How do I use and jump through one server to reach another using ssh on a Linux or Unix-like systems? Is it possible to connect to another host via an intermediary so that the client can act as if the connection were direct using ssh?

 You can jump host using ProxyCommand.Some times you can only access a remote server via ssh by first login into an intermediary server (or firewall/jump host). So you first login into to the intermediary server and then ssh to another server. You need to authenticate twice and the chain can be long and is not limited to just two hosts.

Wednesday, May 20, 2015

How to run sudo command without a password on a Linux or Unix

           ,      No comments   
'm a new Unix system user. How do I use sudo command without a password on a Linux or Unix-like systems?

Some times you may need to run a command with root privileges, but you do not want to type a password using sudo command. This is useful for scripting or any other purpose. This can be achieved by editing /etc/sudoers file and setting up correct entries. ou need to consider any security consequence of allowing a sudo command execute without a password.

Sunday, May 17, 2015

How To Patch and Protect Linux Server Against the VENOM Vulnerability # CVE-2015-3456

           ,      No comments   
A very serious security problem has been found in the virtual floppy drive QEMU's code used by many computer virtualization platforms including Xen, KVM, VirtualBox, and the native QEMU client. It is called VENOM vulnerability. How can I fix VENOM vulnerability and protect my Linux server against the attack? How do I verify that my server has been fixed against the VENOM vulnerability?

Saturday, May 16, 2015

How To CentOS / RHEL 7 Install Gnome Desktop Using Yum

           ,      No comments   
I installed minimal CentOS Linux 7.x on my laptop. How can I install Gnome desktop GUI on a RHEL (Red Hat) 7 or CentOS Linux 7 system using command line option?

GNOME is a highly intuitive and user friendly desktop environment for CentOS and RHEL 7.x based system. If you did a minimal install, this guide will quicly tell you how to install Gnome GUI on a CentOS 7 or RHEL 7 using a command line options.

Friday, May 15, 2015

Linux/Unix: OpenSSH Multiplexer To Speed Up OpenSSH Connections

                No comments   
ow can I multiplex SSH sessions by setting up a master session and then having subsequent sessions go through the master to speed up my ssh connection on a Linux or Unix-like operating systems?

Multiplexing is nothing but send more than one ssh connection over a single connection. OpenSSH can reuse an existing TCP connection for multiple concurrent SSH sessions. This results into reduction of the overhead of creating new TCP connections. First, you need to set a ControlMaster to open a Unix domain socket locally Rest of all your ssh commands connects to the ControlMaster via a Unix domain socket. The ControlMaster provides us the following benefits:

Tuesday, May 12, 2015

Monday, May 11, 2015

CentOS/RHEL Use yum Command To Downgrade or Rollback Updates

           ,      No comments   
I'm a CentOS Linux 7.x server user. How can I use yum command to downgrade or rollback package updates on a RHEL (Red Hat)/CentOS/Scientific Linux server?

In this tutorial, you will learn:
  1. How to downgrade installed packages using YUM
  2. How to rollback installed package to previous version
The following examples only work on

Sunday, May 10, 2015

HowTo Block Internet Explorer Browser With Squid Proxy Server on a Linux/Unix Server

           , ,      No comments   
want to block Internet Explorer (MS-IE) browser on a squid proxy server running on a Linux or Unix-like systems. How can I block IE on a squid proxy server version 3.x?

You need to setup an acl on a squid proxy server to block Microsoft Internet Explorer or any other browser of your choice. This tutorials explains how to block Internet Explorer browsers with Squid proxy running on a Ubuntu Linux and CentOS Linux version 6.x server. This is also useful to fix an known vulnerability coming from a specific version of browser. Please note the following acl based on user-agents and it can be spoofed easily.

Wednesday, May 6, 2015

RHEL / CentOS Linux 7 Enable Ping Access In Docker Container

           ,      No comments   
I'm using RHEL 7.1-4 container on a RHEL /CentOS Linux 7.x server. However, I'm unable to ping external site/IP address using the ping command. I'm getting the following error on screen:
ping: Operation not permitted
How do I fix this problem?

Linux kernel v2.2+, divides the privileges traditionally associated with superuser into distinct units, known as capabilities, which can be independently enabled and disabled. Capabilities are a per-thread attribute. For example, CAP_NET_ADMIN capabilities perform various network-related operations such as:

Tuesday, May 5, 2015

HowTo Debian/Ubuntu Linux Auto Mount Windows NTFS File System [ntfs-3g]

           ,      No comments   
I'm dual booting MS-Windows with a Debian / Ubuntu Linux desktop. How can I auto mount a drive containing a MS-Windows NTFS file system on a Linux based systems?

The New Technology File System (NTFS) is a file system developed by Microsoft in 1995 with Windows NT. You can easily auto mount a hard disk drive partition containing a NTFS using the following method on any modern Linux desktop.

Monday, May 4, 2015

Debian/Ubuntu Linux: Find If Installed Package Includes a Fix/Patch Via CVE Number

           ,      No comments   
 I am a Debian Linux serer user. How do I view the changelog of an installed package and find out if given CVE includes a fix or patch? How do I see a fix or patch already applied to installed package on a Ubuntu or Debian LTS server?

The changelog of an installed package is usaully stored as follows on a Debian or Ubuntu or Mint Linux:

Saturday, March 21, 2015

How To Patch and Protect OpenSSL Vulnerability # CVE-2015-0291 CVE-2015-0204 [ 19/March/2015 ]

           ,      No comments   
On 19th March 2015, multiple high and moderate severity level vulnerabilities released in OpenSSL, a Secure Sockets Layer toolkit used in a Linux and Unix-like systems. How can I fix these vulnerabilities on a CentOS/RHEL/Ubuntu and Debian Linux based server for OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r, and 0.9.8zf.? How do I verify that my Linux server has been fixed against the OpenSSL vulnerability?

serious security problem has been found and patched in the OpenSSL Library. Multiple vulnerabilities have been discovered in OpenSSL on 19/March/2015. The Common Vulnerabilities and exposures project identifies the following issues: