Explore information related to ip


Invalid cPanel License Error - Ways to fix it ?


This article covers the best way to tackle cPanel license error. In fact, this provides the fix should you log in to your WHM/cPanel and find a 'trial license' message or find yourself unable to log in due to an invalid or expired license.

Read More



Block IP in Virtualmin or Restrict Access - Step by step process ?


This article covers steps to Block IP in Virtualmin. There's various tools and methods you can use to block hosts, IP's, and the like.

A nice and simple one you can use on the command line that would completely block them from your server would be to use the nifty iproute2 tools, and run this command:

$ ip ro add blackhole IP.ADDRESS.TO.BLACKLIST

To later remove it, you can type:

$ ip ro del IP.ADDRESS.TO.BLACKLIST


You can block IP via the linux firewall in Virtualmin:

  • Login to Virtualmin.
  • Click on "Webmin" > "Networking" > "Linux Firewall".
  • Click on "Add Rule".
  • Check "Drop" or "Reject" under "Action to take".
  • Enter the IP Address or Network under "Source address or network".
  • Click "Save".
  • Use the arrows under the "Move" column to move the rule to the top so it's processed first.
  • Click "Apply Configuration".

That's it, the IP address or network in question will now be blocked from accessing your server period!

Read More



Update DirectAdmin License Update Error & Fix error


This article covers methods to tackle License Update Error in DirectAdmin. 


Some DirectAdmin update errors that can occur:

1. DirectAdmin fails to start/stop during restart command. Run the following command to correct:

killall -9 directadmin; /etc/init.d/directadmin start Retry the restart command, to ensure that both the “Stopping” and “Starting” sections are “[ OK ]”.


2. It may be necessary to specify the primary IP with the execution of the following command to ensure that the correct IP is associated by the wget to the license key:

uid=$(grep uid /usr/local/directadmin/scripts/setup.txt | awk -F'=' {'print $2'}); lid=$(grep lid /usr/local/directadmin/scripts/setup.txt | awk -F'=' {'print $2'}); ip=`hostname -i`;  sh /usr/local/directadmin/scripts/getLicense.sh $uid $lid $ip


3. If you are unable to connect to https://directadmin.com (port 443), you can try using port 80:

echo 1 > /root/.insecure_download

If this error is reoccurring, you can create a separate cron to automatically update the license for you:

uid=$(grep uid /usr/local/directadmin/scripts/setup.txt | awk -F'=' {'print $2'}); lid=$(grep lid /usr/local/directadmin/scripts/setup.txt | awk -F'=' {'print $2'}); echo '0 0 4 * * root /usr/local/directadmin/scripts/getLicense.sh $uid $lid ; echo "action=directadmin&value=restart" >> /usr/local/directadmin/data/task.queue' >> /etc/cron.d/directadmin_cron ; /etc/init.d/crond restart

Read More



Plesk Change IP address – Follow this guide


This article covers the best method to Change IP addresses in Plesk. In fact, To change the IP address hosting a live site on your server, you'll first want to update your DNS information. In some cases, you will need to update your zone file with your new IP manually with the DNS host.

Read More



Amazon EC2 refused to connect error – Fix it now


This article covers methods to resolve "Connection refused" or "Connection timed out" errors  which is noticed when trying to connect to my Amazon EC2 instance using SSH. In fact, this error indicates that the server didn't respond to the client and the client program gave up (timed out).


Common causes for "Connection refused" or "Connection timed out" EC2 AWS errors:

  • The security group or network ACL doesn't allow access.
  • There is a firewall on the instance's operating system.
  • There is a firewall between the client and the server.
  • The host doesn't exist.

Read More



Plesk error pool seems busy - Fix it Now ?


This article covers methods to resolve Plesk error pool seems busy. This error happens when the PHP-FPM pm.max_children has been reached by the website(s). 


To Increasing pm.max_children for one domain via a command-line interface:

1. Create a php.ini file in domain's system directory /var/www/vhosts/system/example.com/conf/:

$ touch /var/www/vhosts/system/example.com/conf/php.ini

2. Open the php.ini file in any text editor (for example, vi editor) and add the following records:

[php-fpm-pool-settings]
pm.max_children = 20

3. Save the changes and close the file.

4. Run the following command to apply the changes:

/usr/local/psa/bin/php_settings -u

Read More



Autossl 403 (Forbidden) error – Fix it Now ?


This article covers AutoSSL not working on cPanel / WHM.

To fix it, just try to assign 755 permissions and the correct owner to your public_html directory:

$ chmod 755 /home/user/public_html -v
$ chown user.user /home/user/public_html/ -R

Make sure you change user.user with your real cPanel user for that website.

Read More



Allow remote access to phppgadmin - The easy way


This article covers how to Install, configure and enable remote access to phpPgAdmin. Here you will learn how to enable remote access to PostgreSQL server on a Plesk server.


To Access PhpPgAdmin On Linux And MacOS:

1. Open a new terminal window on your local system (for example, using “Finder -> Applications -> Utilities -> Terminal” in macOS or the Dash in Ubuntu).

2. Make sure that you have your SSH credentials (.pem key file) in hand.

3. un the following command to configure the SSH tunnel using the SSH key file. Remember to replace KEYFILE with the path to your private key and SERVER-IP with the public IP address or hostname of your server:

$ ssh -N -L 8888:127.0.0.1:80 -i KEYFILE bitnami@SERVER-IP

Remember that if you are redirecting HTTP requests to the HTTPS port, you must use destination port 443 instead of 80.

4. Access the phpPgAdmin console through the secure SSH tunnel you created, by browsing to http://127.0.0.1:8888/phppgadmin.

5. Log in to phpPgAdmin by using the following credentials:

Username: postgres.
Password: application password.

Read More



Setup Rate Limit for IP Addresses in DigitalOcean Account


This article covers how to set up rate limit for IP Addresses in DigitalOcean for our customers. 

Basically, limit standard ssh like this:

$ sudo ufw limit ssh/tcp

or

$ sudo ufw limit 22/tcp

Both will limit port 22.

The /tcp allows only a tcp connection to allow only udp you simply add /udp and to allow it on both you simply leave off the /* example: ufw limit ssh.

Read More



Smartermail 601 error - Ways to fix it ?


This article covers methods to fix the Smartermail 601 error. This can arise as a result to DNS lookup failure. You can try to contact your ISP and ask them to active PTR record on your ip and domain name.

Also, you can try the following fix:

  • check your domain or IP to be unblocked by spam checking website, the powerful website in this range is Barracuda'.
  • Try to test SMTP OUT by Telnet command by type: telnet IP port ( mostly 25 or 2525).
  • Get details about your PTR on the main domain you defined on Smartermail or etc mail server software.
  • Contact to your ISP to check to open the specific port 25).

Read More



Enable private networking Vultr - Step by Step Process ?


This article covers how to enable private networking vultr for our customers. Vultr provides many flexible networking options for your cloud servers. Private networks do not have DHCP. When deploying a Vultr cloud server with private networking, you must manually configure the private adapters or supply your own DHCP server. 


To setup a private IP address:

  • Allocate an IP range.
  • Go to the VPC networks page in the Cloud Console. Open the VPC networks page.
  • Under Name, click the VPC network in which you want to create a private Cloud Data Fusion instance.
  • On the VPC network details page, click the Private service connection tab.
  • Click Allocate IP range.

Read More



Time Based Temporary Group Membership in Active Directory on Windows


Basically, Temporary Group Membership (Time Based) is the version of Active Directory in Windows Server 2016 introduces an interesting feature that allows you to temporarily add a user to an AD security group. In order to use the Temporary Group Membership, you need to enable the Privileged Access Management Feature in your Active Directory forest. Like with AD Recycle Bin (which allows you to recover deleted objects), you cannot disable PAM after it has been enabled.

Read More



Enable Firewall On AlmaLinux - How to implement this ?


This article covers how to enable Firewall On AlmaLinux. Basically, we can allow certain ports through the firewall, which lets incoming connections reach our services.


To open the port for HTTP to the public zone, run the command:

# firewall-cmd --zone=public --add-service=http --permanent

To Allow DNS through firewall, run the command:

# firewall-cmd --zone=public --add-service=dns --permanent

Allow PostgreSQL through firewall, run the command:

# firewall-cmd --zone=public --add-service=postgresql --permanent

Allow telnet through firewall, run the command:

# firewall-cmd --zone=public --add-service=telnet --permanent

Read More



Reserve Google Cloud Static IP Address - How to do it ?


This article covers how to reserve static IP for our customers. In Compute Engine, each VM instance can have multiple network interfaces. Each interface can have both internal and external IP addresses. Forwarding rules can have external IP addresses for external load balancing or internal addresses for internal load balancing.


If a virtual machine (VM) instance requires a fixed external IP address that does not change, you can obtain a static external IP address for that instance by using one of the following options:

  • Reserve a new static external IP address and then assign the address to a new VM instance.
  • Promote an existing ephemeral external IP address to become a static external IP address.

Read More



Use gMSA in Active Directory to launch services and tasks


This article covers how to use gMSA in Active Directory. When a gMSA is used as service principals, the Windows operating system manages the password for the account instead of relying on the administrator to manage the password. Group Managed Service Accounts (gMSAs) provide a higher security option for non-interactive applications/services/processes/tasks that run automatically but need a security credential.


The Install-ADServiceAccount cmdlet installs an existing Active Directory managed service account on the computer on which the cmdlet is run. The cmdlet also makes the required changes locally so that the managed service account password can be managed without requiring any user action.

Read More



Monitor MongoDB with Nagios XI - How to perform this ?


This article covers  how to monitor a MongoDB server with Nagios XI using the MongoDB Server Configuration Wizard in order to monitor the health of your server. The

wizard supplies checks to monitor the following: number of queries per second, memory usage, the number of databases on the server, and percentage of free connections available.


To Connect to MongoDB with the appropriate privileges:

Connect to mongod or mongos with the privileges specified in the Prerequisites section.

The following procedure uses the myUserAdmin created in Enable Access Control:

mongo --port 27017 -u myUserAdmin -p 'abc123' --authenticationDatabase 'admin'

The myUserAdmin has privileges to create roles in the admin as well as other databases.


To Modify Access for an Existing User in MongoDB:

  • You must have the grantRole action on a database to grant a role on that database.
  • You must have the revokeRole action on a database to revoke a role on that database.
  • To view a role's information, you must be either explicitly granted the role or must have the viewRole action on the role's database.

Read More



How FCR improves Customer Satisfaction


This article covers how to use First contact resolution to increase customer satisfaction. Basically, The role of First contact resolution or FCR is important in improving customer service satisfaction. First Call Resolution (FCR) is a term used in call and contact centres to measure the number of customer support queries successfully resolved first time.


Best Practices to increase your first call resolution rate in no time:

  • Create an informative knowledge base.
  • Require minimal customer effort.
  • Get clear on the issue.
  • Be precise and don't overwhelm.
  • Anticipate customer needs.
  • Empower your customers.
  • Answer all of their questions.
  • Provide your team with quality training.

Read More



Create Private Network Bridge on Proxmox VE 6 with NAT


This article covers how to create a Private Network Bridge on Proxmox. 

To do this:

1. Enable paket forwarding in /etc/sysctl.conf on the Proxmox host

2. Edit /etc/network/interfaces on the ProxMox host, to get 10.10.10.0/24 for your containers, that route through eth0 of the ProxMox host

Code:
# network interface settings; autogenerated# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address YOUR-PUBLIC-STATIC-IP/YOUR-PUBLIC-MASK
gateway YOUR-STATIC-GATEWAY
auto vmbr1
iface vmbr1 inet static
address 10.10.10.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eth0 -j MASQUERADE


3. Configure a container inside 10.10.10.0/24 - as an example using 10.10.10.2 .

Read More



SQL Server Error 19471: Create failed for Availability Group Listener


This article covers methods to fix SQL Server Error 19471. Basically,  "SQL Server Error 19471" can happen while configuring Always On Availability Group again on the database server.


To fix SQL Server Error 19471:

  • Create a Client Access Point (CAP) for the AOAG listener in Failover Cluster Manager.
  • Bring CAP Online.
  • Repair the CAP, if it is not coming ONLINE.
  • Once CAP comes online, remove it from failover cluster manager.
  • Add listener to AOAG in SSMS.

Read More



CDPUserSvc has stopped working – Fix it Now ?


This article covers different methods to fix CDPUserSvc has stopped working error. Basically, The function of the service as its description suggests is to make the connection with Bluetooth devices easier.

You can fix CDPUserSvc has Stopped Working in Windows 10 by isolating the process too.


1. Type cmd Cortana text field and from the suggestion, put a right-click on Command Prompt.

From the options that pop-up, click "Run as administrator".

2. Run the following command:

sc config cdpusersvc type=own

With this command, Windows will isolate this module forcibly. We know that isolation of any process is a default activity for that service.

As a result, Microsoft will find another correct way to run CDPuserSvc service in another mode by default.

Read More



Dnsmasq DHCP Server in Proxmox – How to use for VMs IP ?


This article covers methods to install, configure and resolve matters relating to Dnsmasq DHCP Server in Proxmox. When creating the VM we just need to specify the MAC address for specific IP and than just use DHCP to get the assigned IP.


To Install the DHCP server, run the command:

$ apt install isc-dhcp-server

Read More



Active Directory Temporary Group Membership on Windows Server 2016


This article covers how to implement  Active Directory Temporary Group Membership on Windows Server 2016. Temporary Group Membership is a new feature that appeared in Windows Server 2016 and is a part of the Privileged Access Management (PAM) functionality.


By default, PAM is not active and the first thing you need to do is turn it on. You can do this with the PowerShell cmdlet Enable-ADOptionalFeature. For example, to enable PAM in domain contoso.com, run the following command with domain administrator privileges:

Enable-ADOptionalFeature -Identity ″Privileged Access Management Feature″ -Scope ForestOrConfigurationSet -Target ″contoso.com″

Read More



PHPMyAdmin import database timeout - Fix it Now ?


This article covers methods to fix PHPMyAdmin import database timeout error. This error happens because of a huge file and the restoration process fails with timeout.


To resolve this error, 

1. Login to the server over SSH.

2. Create the file config.inc.php.

For Plesk Onyx and Plesk Obsidian below 18.0.30:

# cp -p /usr/local/psa/admin/htdocs/domains/databases/phpMyAdmin/libraries/config.default.php /usr/local/psa/admin/htdocs/domains/databases/phpMyAdmin/config.inc.php

For Plesk Obsidian 18.0.30 and above:

# cp -p /usr/local/psa/phpMyAdmin/libraries/config.default.php /usr/local/psa/phpMyAdmin/config.inc.php

3. Increase the value of $cfg['ExecTimeLimit'] in config.inc.php created on step 2:

$cfg['ExecTimeLimit'] = 3600;

4. Increase the settings in /etc/sw-cp-server/config to avoid '504 Gateway Timeout' error:

fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;

5. Restart sw-cp-server:

$ service sw-cp-server restart

Read More



cPanel Error Iproute Conflicts With Kernel - Fix it Now ?


This article covers method to fix cPanel Error Iproute Conflicts With Kernel. Basically, this error happens when we have an outdated kernel on the server. 


Instead of deleting conflicting kernels, you can also add the iproute package to the excludes of yum in /etc/yum.conf file, then the iproute package won't be marked for the update.

It can be useful when you need to perform an update but can't reboot the server at the given moment. 

It can be excluded manually using a preferred text editor or using the following command:

$ sed -i 's/exclude=/exclude=iproute /' /etc/yum.conf

The change can be reverted using this command:

$ sed -i 's/exclude=iproute /exclude=/' /etc/yum.conf

Read More



Set-ADUser Modify Active Directory Users with PowerShell - Do it now ?


This article covers how to use Set-ADUser Modify Active Directory Users with PowerShell.

Basically, the Set-ADUser cmdlet is part of the Active Directory module for Windows PowerShell.


The Identity parameter specifies the Active Directory user to modify. 

You can identify a user by its distinguished name, GUID, security identifier (SID), or Security Account Manager (SAM) account name. 

You can also set the Identity parameter to an object variable such as $<localUserObject>, or you can pass an object through the pipeline to the Identity parameter.

Read More



Plesk Webmail Server Not Found - Fix it Now ?


This article covers methods to resolve the Plesk error "Webmail Server Not Found" which can happen while opening webmail/domain in a browser or when we issue Let's Encrypt on the domain. The main reason for this error is that the Webmail / domain does not resolve correctly in global DNS system because Plesk server is not set up to manage DNS.

To use DNS with a Plesk server:
1. DNS Server should be installed in Plesk Installer.
2. Log into Plesk and find your Name Servers in Plesk > Domains > example.com > DNS Settings, take the "value" for the record type "NS".
3. Then, it is required to change Name Server for your domain at your domain registrar's account.

Read More



503 bad sequence of commands - Fix it now ?


This article covers methods to fix the email error, "503 bad sequence of commands" which happens as a result of a number of reasons.

To resolve SMTP response: 503 Bad sequence of commands, consider the following and also read the complete guide here.
The IP that should be 10.0.0.0 - whatever that is, look at that box, this is where the problem is likely to be.
Your internal domain is domain.com or domain.net etc.
You may also add a test email account and check if it works as expected. If this works, then this could be an issue with the email account or with the service provider.

Read More



PiP is not recognized as an internal or external command - Fix it Now ?


This article covers different methods to resolve PiP is not recognized as an internal or external command.

Basically, the error, "PiP is not recognized as an internal or external command" happens when we try to install Python packages via a Command Prompt window.
PiP is a recursive acronym for "Pip Installs Packages".

It's essentially a package management system used to install and manage software packages written in Python. Most users make use of PiP to install and manage Python packages found in the Python Package Index.

To add PIP to the PATH environment variable using the Windows GUI:

1. Press Windows key + R to open up a Run dialog box. Then, type "sysdm.cpl" and press Enter to open up the System Properties screen.
2. Inside the System Properties screen, go to the Advanced tab, then click on Environment Variables.
3. In the Environment Variables screen, go to System variables and click on Path to select it. Then with the Path selected, click the Edit… button.
4. In the Edit environment variable screen, click on New and add the path where the PiP installation is located. For Python 3.4, the default location is C:\Python34\Scripts.
5. Once the path is added, open a fresh CMD window and try to install a python package that comes with PiP.

You should no longer see the "pip is not recognized as an internal or external command" error.

Read More



Drupal 406 error - Fix it Now ?


This article covers methods to resolve Drupal 406 error.

There are many errors that you may see as you visit different websites across the web.

One of the more common ones is the 406 – Not Acceptable error.

Cause for Drupal 406 error:

In regards to a site on your hosting account, the cause of the 406 error is usually due to a mod_security rule on the server.
Mod_security is a security module in the Apache web server that is enabled by default on all hosting accounts.
If a site, page, or function violates one of these rules, server may send the 406 Not Acceptable error.

To prevent Drupal 406 Not acceptable error:

Mod_security can be turned off. You can also disable specific ModSecurity rules or disable ModSecurity for each domain individually.
If you would like mod_security disabled you can disable mod_security via our Modsec manager plugin in cPanel.

Read More



Shopify error 429 too many requests - Fix it Now ?


This article covers Shopify error 429 too many requests. Basically, 429 too many requests can trigger due to increased number of API requests.
Calls to the REST Admin API are governed by request-based limits, which means you should consider the total number of API calls your app makes.

In addition, there are resource-based rate limits and throttles.

To avoid rate limit errors in Shopify:

Designing your app with best practices in mind is the best way to avoid throttling errors.
1. Optimize your code to only get the data that your app requires.
2. Use caching for data that your app uses often.
3. Regulate the rate of your requests for smoother distribution.
4. Include code that catches errors. If you ignore these errors and keep trying to make requests, then your app won’t be able to gracefully recover.
5. Use metadata about your app's API usage, included with all API responses, to manage your app’s behavior dynamically.
6. Your code should stop making additional API requests until enough time has passed to retry.

The recommended backoff time is 1 second.

Read More



Activate python virtualenv in Dockerfile - How to perform it ?


This article covers how to Activate python virtualenv in Dockerfile.

Basically, to package Python application in a Docker image, we often use virtualenv. However, to use virtualenv, we need to activate it.
Therefore, there is no point in using virtualenv inside a Docker Container unless you are running multiple apps in the same container, if that's the case I'd say that you're doing something wrong and the solution would be to architect your app in a better way and split them up in multiple containers.

There are perfectly valid reasons for using a virtualenv within a container.
You don't necessarily need to activate the virtualenv to install software or use it.
Try invoking the executables directly from the virtualenv's bin directory instead:

FROM python:2.7
RUN virtualenv /ve
RUN /ve/bin/pip install somepackage
CMD ["/ve/bin/python", "yourcode.py"]


One solution is to explicitly use the path to the binaries in the virtualenv.

In this case we only have two repetitions, but in more complex situations you’ll need to do it over and over again.
Besides the lack of readability, repetition is a source of error.
As you add more calls to Python programs, it's easy to forget to add the magic /opt/venv/bin/ prefix.
It will (mostly) work though:
FROM python:3.8-slim-buster
RUN python3 -m venv /opt/venv
# Install dependencies:
COPY requirements.txt .
RUN /opt/venv/bin/pip install -r requirements.txt
# Run the application:
COPY myapp.py .
CMD ["/opt/venv/bin/python", "myapp.py"]
The only caveat is that if any Python process launches a sub-process, that sub-process will not run in the virtualenv.

Read More



Securing Web Servers from DoS attacks - Best Practices ?


This article covers Tactics To Prevent DDoS Attacks & Keep Your Website Safe.
Basically, it is impossible to prevent DoS and DDoS attacks entirely. But we can limit them to a certain extend by implementing security actions mentioned in this guide.
Denial of service attacks are here to stay, and no business can afford to be unprotected.

Facts about DDoS Attacks:
1. DDoS stands for Distributed Denial of Service.
2. It is a form of cyber attack that targets critical systems to disrupt network service or connectivity that causes a denial of service for users of the targeted resource.
3. A DDoS attack employs the processing power of multiple malware-infected computers to target a single system.

Best Practices for Preventing DDoS attacks:

1. Develop a Denial of Service Response Plan
Develop a DDoS prevention plan based on a thorough security assessment. Unlike smaller companies, larger businesses may require complex infrastructure and involving multiple teams in DDoS planning.
2. Secure Your Network Infrastructure
Mitigating network security threats can only be achieved with multi-level protection strategies in place.
This includes advanced intrusion prevention and threat management systems, which combine firewalls, VPN, anti-spam, content filtering, load balancing, and other layers of DDoS defense techniques.
3. Practice Basic Network Security
The most basic countermeasure to preventing DDoS attacks is to allow as little user error as possible.
Engaging in strong security practices can keep business networks from being compromised.
4. Maintain Strong Network Architecture
Focusing on a secure network architecture is vital to security. Business should create redundant network resources; if one server is attacked, the others can handle the extra network traffic.
5. Leverage the Cloud
Outsourcing DDoS prevention to cloud-based service providers offers several advantages. First, the cloud has far more bandwidth, and resources than a private network likely does. With the increased magnitude of DDoS attacks, relying solely on on-premises hardware is likely to fail.

Read More



Manage Scheduled Tasks with PowerShell - How to do it


This article covers how to use the PowerShell features to create scheduled tasks. The Get-ScheduledTask cmdlet gets the task definition object of a scheduled task that is registered on a computer. You can use PowerShell to create and manage scheduled tasks. Managing scheduled tasks with PowerShell is made possible with the use of the ScheduledTasks module that’s built-in to Windows.
With the PowerShell Scheduled Tasks module, setting up scheduled tasks using PowerShell commands is made possible. This module provides the opportunity and means to create and deploy scheduled tasks programmatically on the local and remote computers.

Important scheduled task component:
1. Action – the action that is executed by the scheduled task. An action is typically to run a program or a script. A scheduled task can have more than one actions.
2. Trigger – controls when the scheduled task runs. Triggers can be time-based, like, setting a schedule for daily or hourly recurrence. Triggers can also be activity-based, which runs a task based on detected activities like computer startup, a user logs in, or logged events.
3. Principal – controls the security context used to run the scheduled task. Among other things, a principal includes the user account and the required privilege used by the scheduled task.
4. Settings – is a set of options and conditions that controls how the scheduled task behavior. As an example, you can customize a task to get removed after a consecutive number of days that the task is unused.

To add a Trigger for a scheduled task using PowerShell:
The cmdlet to use for creating a trigger is the New-ScheduledTaskTrigger cmdlet.
The command below creates a trigger to run daily at 3 PM.

Copy and run the code in PowerShell:

# Create a new trigger (Daily at 3 AM)
$taskTrigger = New-ScheduledTaskTrigger -Daily -At 3PM
$tasktrigger

This will Create a Trigger (Daily at 3 AM)

Read More



330 Content Decoding Failed - Nagios Web browser error


This article covers how to fix 330 Content Decoding Failed Nagios browser error. Basically, this error occurs when an HTTP request's headers claim that the content is gzip encoded, but it is not. 

To fix this error:

The Apache web server requires zlib.output_compression to be configured to On in the /etc/php.ini file.

Execute the following command to open the file in vi:

vi /etc/php.ini

When using the vi editor, to make changes press i on the keyboard first to enter insert mode.

Press Esc to exit insert mode.

To locate the line zlib.output_compression = type the following:

/output_compression =

This should take you directly to the line. Change the setting to On:

zlib.output_compression = On

When you have finished, save the changes in vi by typing:

:wq

and press Enter.

The last step is to restart the Apache service using one of the commands below:

RHEL 7 + | CentOS 7 + | Oracle Linux 7 +

$ systemctl restart httpd.service

 Debian | Ubuntu 16/18/20

$ systemctl restart apache2.service

After the service has restarted the problem should no longer occur.

Read More



Virtualization Restrictions in RedHat Linux with KVM


This article covers Virtualization Restrictions in RedHat Linux which are additional support and product restrictions of the virtualization packages.


The following notes apply to all versions of Red Hat Virtualization:

1. Supported limits reflect the current state of system testing by Red Hat and its partners. Systems exceeding these supported limits may be included in the Hardware Catalog after joint testing between Red Hat and its partners. If they exceed the supported limits posted here, entries in the Hardware Catalog are fully supported. In addition to supported limits reflecting hardware capability, there may be additional limits under the Red Hat Enterprise Linux subscription terms. Supported limits are subject to change based on ongoing testing activities.


2. These limits do not apply to Red Hat Enterprise Linux (RHEL) with KVM virtualization, which offers virtualization for low-density environments.


3. Guest operating systems have different minimum memory requirements. Virtual machine memory can be allocated as small as required.

Read More



Listen on Privileged Ports with Nagios Log Servers - How to set it up


This article covers how to configure Nagios Log Servers to listen on privileged ports. Now Nagios Log Server Administrators who would like configure Nagios Log Server to listen on ports below 1024 which are privileged in Linux. This can be useful if you have legacy devices that can only send on specific ports (e.g. syslog on port 514).

Ports below 1024 are privileged on Linux and only allow the root user to listen on them. 

This can be implemented via two solutions:

1. Run Logstash as root

2. Use setcap


To use Use setcap for Listening On Privileged Ports:

Here, you can use the logstash running as the nagios user but this method may be less secure in some environments as it will allow any Java process to listen on privileged ports.

i. The logstash init configuration file requires three lines to be added to the end of it, open the file with the following command:

On Debian | Ubuntu:

$ vi /etc/default/logstash

or

$ sudo /etc/default/logstash

2. Then, Add the following three lines to the end of the file:

echo $(dirname $(find /usr/lib -name libjli.so)) | awk '{print $1}'> /etc/ld.so.conf.d/java.conf

eval "$(which ldconfig)"

setcap 'cap_net_bind_service=+ep' $(readlink -f $(which java))

3. Save the file and close vi.

4. Restart Logstash Service

The logstash service needs to be restarted for these changes to apply:

$ sudo systemctl restart lagstash.service

Read More



Cannot Copy and Paste via RDP - How to fix this Windows issue


This article covers how to Allow/Prevent Copy and Paste via RDP Clipboard on Windows. Copy and paste is an essential function that should ideally work every day without fail. You can resolve this Windows issue by restarting the rdpclip.exe program in the remote computer.

Also, you can log off the remote user and then log back on on Windows.

Once the rdpclip.exe is relaunched, you should be able to copy paste using clipboard from the local computer to the remote computer. 


In order to fix the copy and paste issue in Windows, you need to end the rdpclicp.exe process and then restart it:

To do this;

1. Press Ctrl + Shift + ESC to start Task Manager.

2. Go to the "Details" tab.

3. Right-click the "rdpclip.exe" process.

4. Select "End task".

5. Go to Windows/system32 folder.

6. Look for "rdpclip.exe" and run it.

Read More



Run Scripts on Remote Computers – Implementing with PowerShell Remoting


This article covers how to Run Scripts on Remote Computers. You can run commands on one or hundreds of computers with a single PowerShell command. Windows PowerShell supports remote computing by using various technologies, including WMI, RPC, and WS-Management.

PowerShell Core supports WMI, WS-Management, and SSH remoting. In PowerShell 6, RPC is no longer supported. In PowerShell 7 and above, RPC is supported only in Windows.


Windows PowerShell Remoting

Using the WS-Management protocol, Windows PowerShell remoting lets you run any Windows PowerShell command on one or more remote computers. 

You can establish persistent connections, start interactive sessions, and run scripts on remote computers.

To use Windows PowerShell remoting, the remote computer must be configured for remote management.

Once you have configured Windows PowerShell remoting, many remoting strategies are available to you.


How to Start an Interactive Session ?

To start an interactive session with a single remote computer, use the Enter-PSSession cmdlet. 

For example, to start an interactive session with the Server01 remote computer, type:

Enter-PSSession Server01

The command prompt changes to display the name of the remote computer. 

Any commands that you type at the prompt run on the remote computer and the results are displayed on the local computer.

To end the interactive session, type:

Exit-PSSession

Read More



Server Hardening - What it means


This article covers techniques to prevent attacks on the server. Basically, if we manage our servers without proper precautionary actions it is easy to spoil the reputation of the server.

Hardening your server is the process of increasing security on your server through a variety of means to result in a much more secure operating environment. Server hardening is one of the most important tasks to be handled on your servers. 

The default configuration of most operating systems is not designed with security as the primary focus. 

Default server setups focus more on usability, functionality and communication.


Server Hardening Security Measures Includes:

1. Hide login password from cgi scripts.

This setting allows you to hide the REMOTE_PASSWORD variable from scripts that the cpsrvd daemon's CGI handler executes.

2. Referrer safety check.

Only permit cPanel, Webmail and WHM to execute functions when the browser-provided referrer (port and domain or IP address) exactly matches the destination URL.

3. Initial default/catch-all forwarder destination

Select Fail to automatically discard un-routable email that your servers new accounts receive. This will help protect your server from mail attacks.

4. Verify signatures of third-party cPaddons.

Enable this option to verify GPG signatures of all third-party CPaddons.

5. Prevent "nobody" from sending mail.

Enable to block email that the nobody user sent to the remote address. Nobody is the username for Apache.

6. Enable SPF on domains for newly created accounts.

7. Proxy subdomain override.

Disable this option to prevent automatically-generated proxy domains when a user creates a subdomain.

8. Proxy subdomain creation.

Disable this option to prevent the addition of cPanel, Webmail, Web Disk and WHM proxy subdomain DNS entries to new accounts.

9. Cookie IP validation.

Disable this option to allow logins regardless of the user's IP address.

Read More



Map Network Drives or Shared Folders with Group Policy - How to do it


This article covers how to map network drives or shared folders with Group Policy.

Mapping network drives using Group Policy preferences is flexible, provides easy control over who receives the drive mappings, and has easy-to-use user interfaces, all of which are in stark contrast with the complexities associated with scripts.


To Set up drive mappings with Group Policy preferences:

1. Group Policy preferences are a set of extensions that increase the functionality of Group Policy Objects (GPOs). 

2. Administrators can use them to deploy and manage applications on client computers with configurations targeted to specific users. 

3. The Drive Maps policy in Group Policy preferences allows an administrator to manage drive letter mappings to network shares.


To Deploy item-level targeting with Group Policy preferences:

Item-level targeting (ILT) is a feature of Group Policy preferences that allows preference settings to be applied to individual users and/or computers dynamically. ILT allows an administrator to specify a list of conditions that must be met in order for a preference setting to be applied or removed to a user or computer object.

You can configure drive mapping, only users in the Product Managers group would receive the mapping. 

1. Under the Common tab of the mapped drive properties, check the Item-level targeting option, and then click Targeting….

2. In the Targeting Editor window, click New Item and select Security Group.

3. Click the … button, and type in the name of the security group.

4. Click OK to close the Targeting Editor once you're finished adding items to the list. 

Read More



isc-dhcp-server Job failed to start - Resolve it now


This article covers method to resolve DHCP 'isc-dhcp-server: Job failed to start' error. Basically, 'isc-dhcp-server: Job failed to start' error can happen if there is any issues with the commands that we run.


You can try to restart the service; if it really is an issue with the service starting before the network is up restarting it once the network is up should work:

$ sudo systemctl start restart isc-dhcp-server.service


If that doesn't work then try and investigate further why it's not starting by first getting the current status of the service:

$ sudo systemctl status isc-dhcp-server.service


That should also give you a PID for which you can further investigate with journaltctl where XXXX is the PID of the service:

$ journalctl _PID=XXXXX


Also, what caused/led you to do the following? Perhaps try undoing those changes as I'm not sure if that's helping or hurting. Was the /etc/init/isc-dhcp-server.conf file already there or did you manually create it?

So add a "Sleep 30" to the /etc/init/isc-dhcp-server.conf file. Also add " up service dhcp3-server restart " to my  /etc/network/interfaces file. 

Read More



Files and Processes in SELinux on CentOS 7 - More information


This article covers Files and Processes in SELinux. Basically, managing file and process context are at the heart of a successful SELinux implementation.

With SELinux, a process or application will have only the rights it needs to function and NOTHING more. The SELinux policy for the application will determine what types of files it needs access to and what processes it can transition to. 

SELinux policies are written by app developers and shipped with the Linux distribution that supports it. A policy is basically a set of rules that maps processes and users to their rights.


SELinux enforces something we can term as “context inheritance”. What this means is that unless specified by the policy, processes and files are created with the contexts of their parents.

So if we have a process called “proc_a” spawning another process called “proc_b”, the spawned process will run in the same domain as “proc_a” unless specified otherwise by the SELinux policy.


SELinux in Action: Testing a File Context Error

1. First, let's create a directory named www under the root. We will also create a folder called html under www:

mkdir -p /www/html

 

2. If we run the ls -Z command, we will see these directories have been created with the default_t context:

ls -Z /www/

drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 html


3. Next we copy the contents of the /var/www/html directory to /www/html:

cp /var/www/html/index.html /www/html/

 

The copied file will have a context of default_t. That's the context of the parent directory.


We now edit the httpd.conf file to point to this new directory as the web site's root folder. 

i. We will also have to relax the access rights for this directory.

vi /etc/httpd/conf/httpd.conf

ii. First we comment out the existing location for document root and add a new DocumentRoot directive to /www/html:

# DocumentRoot "/var/www/html"

DocumentRoot "/www/html"

iii. We also comment out the access rights section for the existing document root and add a new section:

#<Directory "/var/www">

#    AllowOverride None

    # Allow open access:

#    Require all granted

#</Directory>


<Directory "/www">

    AllowOverride None

    # Allow open access:

    Require all granted

</Directory>


We leave the location of the cgi-bin directory as it is. We are not getting into detailed Apache configuration here; we just want our site to work for SELinux purposes.


iv. Finally, restart the httpd daemon:

service httpd restart

 

Once the server has been restarted, accessing the web page will give us the same “403 Forbidden” error (or default “Testing 123” page) we saw before.

The error is happening because the index.html file's context changed during the copy operation. It needs to be changed back to its original context (httpd_sys_content_t).

Read More



Show dropped packets per interface on Linux - Methiods to check it


This article covers how to Show dropped packets per interface on Linux. 

There can be various reasons for packet loss. It can be that the network transport is unreliable and packet loss is natural, the network link could be congested, applications cannot handle the offered load.

Sometimes there are too many packets, they are saved to a buffer, but they are saved faster than processed, so eventually the buffer runs out of space, so the kernel drops all further packets until there is some free space in the buffer.


You will learn the different Linux commands to see packet loss on Linux per-interface, including excellent tools such as dropwatch. 

We can also use Linux profiling with performance counters utility called perf.


To display show dropped packets per interface on Linux using the netstat:

The netstat command is mostly obsolete. Replacement for netstat is ss and ip command. 

However, netstat still available on older Linux distros, which are in productions. 

Hence, I will start with netstat but if possible, use the ip/ss tools. 

The command in Linux is:

$ netstat -i

$ netstat --interfaces


To display summary statistics for each protocol, run:

$ netstat -s

$ netstat --statistics


To show dropped packets statistics per network interface on Linux using the ip:

Let us see how to see link device stats using the ip command. 

The syntax is:

$ ip -s link

$ ip -s link show {interface}

$ ip -s link show eth0

Read More



Force DHCP Client to Renew IP Address - Perform it now


This article covers how to force DHCP client to renew IP address. You need to use Dynamic Host Configuration Protocol Client i.e., dhclient command. 

The client normally doesn't release the current lease as it is not required by the DHCP protocol. Some cable ISPs require their clients to notify the server if they wish to release an assigned IP address. 

The dhclient command, provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.


Linux renew ip command using dhcp:

The -r flag explicitly releases the current lease, and once the lease has been released, the client exits. 

For example, open terminal application and type the command:

$ sudo dhclient -r

Now obtain fresh IP address using DHCP on Linux:

$ sudo dhclient


To start DHCP client in Linux:

1. To start the DHCP service, type the following command: # /etc/init.d/dhcp start.

2. To stop the DHCP service, type the following command: # /etc/init.d/dhcp stop. 

The DHCP daemon stops until it is manually started again, or the system reboots.


How can I renew or release an IP in Linux for eth0?

To renew or release an IP address for the eth0 interface, enter:

$ sudo dhclient -r eth0

$ sudo dhclient eth0

In this example, I am renewing an IP address for my wireless interface:

sudo dhclient -v -r eth0

sudo dhclient -v eth0


Command to release/renew a DHCP IP address in Linux:

1. ip a - Get ip address and interface information on Linux

2. ip a s eth0 - Find the current ip address for the eth0 interface in Linux

3. dhclient -v -r eth0 - Force Linux to renew IP address using a DHCP for eth0 interface

4. systemctl restart network.service - Restart networking service and obtain a new IP address via DHCP on Ubuntu/Debian Linux

5. systemctl restart networking.service - Restart networking service and obtain a new IP address via DHCP on a CentOS/RHEL/Fedora Linux

6. nmcli con - Use NetworkManager to obtain info about Linux IP address and interfaces

7. nmcli con down id 'enp6s0' - Take down Linux interface enp6s0 and release IP address in Linux

8. nmcli con up id 'enp6s0' - Obtian a new IP address for Linux interface enp6s0 and release IP address using DHCP

Read More



Log Suspicious Martian Packets Un-routable Source Addresses in Linux


This article covers how to block and log suspicious martian packets on Linux servers.


Log Suspicious Martian Packets in Linux:

On the public Internet, such a packet's (Martian) source address is either spoofed, and it cannot originate as claimed, or the packet cannot be delivered. 

Both IPv4 and IPv6, martian packets have a source or destination addresses within special-use ranges as per RFC 6890.


Benefits of logging of martians packets:

As I said earlier a martian packet is a packet with a source address that cannot be routed over the public Internet. 

Such a packet is waste of resources on your server. 

Often martian and unroutable packet used for a dangerous purpose or DoS/DDOS your server. 

So you must drop bad martian packet earlier and log into your server for further inspection.


To log Martian packets on Linux?

You need to use sysctl command command to view or set Linux kernel variables that can logs packets with un-routable source addresses to the kernel log file such as /var/log/messages.


To log suspicious martian packets on Linux:

You need to set the following variables to 1 in /etc/sysctl.conf file:

net.ipv4.conf.all.log_martians

net.ipv4.conf.default.log_martians


Edit file /etc/sysctl.conf, enter:

# vi /etc/sysctl.conf

Append/edit as follows:

net.ipv4.conf.all.log_martians=1 

net.ipv4.conf.default.log_martians=1


Save and close the file.

To load changes, type:

# sysctl -p

Read More



PXE Boot or DHCP Failure on Guest - Fix it now


This article covers how to fix PXE Boot (or DHCP) Failure on Guest.

Nature of this error:

A guest virtual machine starts successfully, but is then either unable to acquire an IP address from DHCP or boot using the PXE protocol, or both. There are two common causes of this error: having a long forward delay time set for the bridge, and when the iptables package and kernel do not support checksum mangling rules.


Cause of PXE BOOT (OR DHCP) ON GUEST FAILED:

Long forward delay time on bridge.

This is the most common cause of this error. If the guest network interface is connecting to a bridge device that has STP (Spanning Tree Protocol) enabled, as well as a long forward delay set, the bridge will not forward network packets from the guest virtual machine onto the bridge until at least that number of forward delay seconds have elapsed since the guest connected to the bridge. This delay allows the bridge time to watch traffic from the interface and determine the MAC addresses behind it, and prevent forwarding loops in the network topology. If the forward delay is longer than the timeout of the guest's PXE or DHCP client, then the client's operation will fail, and the guest will either fail to boot (in the case of PXE) or fail to acquire an IP address (in the case of DHCP).


Fix to PXE BOOT (OR DHCP) ON GUEST FAILED:

If this is the case, change the forward delay on the bridge to 0, or disable STP on the bridge.

This solution applies only if the bridge is not used to connect multiple networks, but just to connect multiple endpoints to a single network (the most common use case for bridges used by libvirt).


If the guest has interfaces connecting to a libvirt-managed virtual network, edit the definition for the network, and restart it. 

For example, edit the default network with the following command:

# virsh net-edit default

Add the following attributes to the <bridge> element:

<name_of_bridge='virbr0' delay='0' stp='on'/>

XML


If this problem is still not resolved, the issue may be due to a conflict between firewalld and the default libvirt network.

To fix this, stop firewalld with the service firewalld stop command, then restart libvirt with the service libvirtd restart command.

Read More



Create Keytab File for Kerberos Authentication in Active Directory


This article covers how to create keytab files for Kerberos. Active Directory uses Kerberos version 5 as authentication protocol in order to provide authentication between server and client. Kerberos protocol is built to protect authentication between server and client in an open network where other systems also connected.


The Kerberos Keytab file contains mappings between Kerberos Principal names and DES-encrypted keys that are derived from the password used to log into the Kerberos Key Distribution Center (KDC).


The Kerberos Keytab file contains mappings between Kerberos Principal names and DES-encrypted keys that are derived from the password used to log into the Kerberos Key Distribution Center (KDC).


The keytab is generated by running kadmin and issuing the ktadd command. If you generate the keytab file on another host, you need to get a copy of the keytab file onto the destination host ( trillium , in the above example) without sending it unencrypted over the network.


To Create a Kerberos principal and keytab files for each encryption type you use:

1. Log on as theKerberos administrator (Admin) and create a principal in the KDC.

You can use cluster-wide or host-based credentials.

The following is an example when cluster-wide credentials are used. It shows MIT Kerberos with admin/cluster1@EXAMPLE.COM as the Kerberos administrator principal:

bash-3.00$ kadmin -p admin@EXAMPLE.COM

kadmin: add_principal vemkd/cluster1@EXAMPLE.COM

Enter password for principal "vemkd/cluster1@EXAMPLE.COM": password

Re-enter password for principal "vemkd/cluster1@EXAMPLE.COM": passwordCopy code

If you do not create a VEMKD principal, the default value of vemkd/clustername@Kerberos_realm is used.

2. Obtain the key of the principal by running the subcommand getprinc principal_name.

3. Create the keytab files, using the ktutil command:

Create a keytab file for each encryption type you use by using the add_entry command.

For example, run ktutil: add_entry -password -p principal_name -k number -e encryption_type for each encryption type.

Read More



Jenkins setup with Docker and JCasC - Automate it now


This article covers how to perform Jenkins Configuration as Code (JCasC) method which can help us to automate the setup of Jenkins using Docker. 

This will automate the installation and configuration of Jenkins using Docker and the Jenkins Configuration as Code (JCasC) method.

Jenkins uses a pluggable architecture to provide most of its functionality. 

JCasC makes use of the Configuration as Code plugin, which allows you to define the desired state of your Jenkins configuration as one or more YAML file(s), eliminating the need for the setup wizard. 

On initialization, the Configuration as Code plugin would configure Jenkins according to the configuration file(s), greatly reducing the configuration time and eliminating human errors.


Just as the Pipeline plugin enables developers to define their jobs inside a Jenkinsfile, the Configuration as Code plugin enables administrators to define the Jenkins configuration inside a YAML file. 

Both of these plugins bring Jenkins closer aligned with the Everything as Code (EaC) paradigm.

Read More



Enable and Configure MPIO on Windows Server 2016 2012 R2


This article covers how to enable Multi-Path Input-Output or MPIO on a Windows server either from a graphical interface using the Server Manager console or from the PowerShell command line. 

Multipathing is the technique of creating more than one physical path between the server and its storage devices. It results in better fault tolerance and performance enhancement. Oracle VM Servers are installed with multipathing enabled because it is a requirement for SAN disks to be discovered by Oracle VM Manager.


To Install MPIO in Windows Server 2008 R2:

Note You must restart the server after you follow these steps.

1. Open Server Manager. To do this, click Start, click Administrative Tools, and then click Server Manager.

2. In Server Manager, click Features, and then click Add Features.

3. Select the Multipath I/O feature for installation, and then click Next.

4. Finish the installation by confirming the selections, and then restart the server.


To Configure MPIO for StorSimple volumes:

MPIO must be configured to identify StorSimple volumes. 

To configure MPIO to recognize StorSimple volumes, follow these steps:

1. Open the MPIO configuration. To do this, click Start, click Administrative Tools, and then click MPIO.

2. In the MPIO window, click Add on the MPIO Devices tab.

3. Type SSIMPLE Model in the Add MPIO Support window under Device Hardware ID.

4. Restart the server when you are prompted.


To Mount a StorSimple volume in Windows Server 2008 R2:

After MPIO is configured on the server, volumes that are created on the StorSimple appliance can be mounted and can take advantage of MPIO for redundancy. 

To mount a volume, follow these steps:

1. Open the iSCSI Initiator Properties dialog box on the server. To do this, click Start, click Administrative Tools, and then click iSCSI Initiator.

2. In the iSCSI Initiator Properties dialog box, click the Discovery tab, and then click Discover Portal.

3. Type the IP address of the "DATA" port on the StorSimple appliance.

Note If you use a private network for iSCSI connections, type the IP address of the DATA port that is connected to the private network.

4. Click the Targets tab in the iSCSI Initiator Properties dialog box. This displays the StorSimple appliance iSCSI qualified name (IQN) in the Discovered Targets section.

5. Click Connect to establish the iSCSI session with the StorSimple appliance. In the Connect To Target dialog box, click to select the Enable multi-path check box.

6. Open Server Manager. To do this, click Start, click Administrative Tools, and then click Server Manager.

7. In Server Manager, click Storage, and then click Disk Management. Volumes that are created on the StorSimple appliance and that are visible to this server appear under Disk Management as new disks.

8. Initialize the disk and create a new volume. During the format process, select a block size of 64 kilobytes (KB).

9. Under Disk Management, right-click the disk, and then click Properties.

10. In the SSIMPLE Model #### Multi-Path Disk Device Properties dialog box, click the MPIO tab, click Details in the DSM Name section, and then verify that the parameters are set to the default parameters.

Read More



Adding users to the local admin group in PowerShell


This article covers how to add users to local admin group either via Group Policy Objective or directly via command line. 


To add a user to the local group in PowerShell:

You can add AD groups or users to the local admin group using the below Powershell command.

Add-LocalGroupMember -Group "Administrators" -Member "domain\user or group," "additional users or groups."


To add a user to the local admin group:

1. Right-click the newly created Group, select Properties, navigate to the Members tab, click Add… and enter designated users to the group, e.g. domain\administrator, domain\domain admins, domain\syskitmonitorservice. 

2. Add other users that also need administrative privileges, if necessary. 

3. Click OK to proceed.


To get local admin group members in PowerShell:

To get the local Administrators group members using PowerShell, you need to use the GetLocalGroupMember command. 

This command is available in PowerShell version 5.1 onwards and the module for it is Microsoft. PowerShell. LocalAccounts.


To Create a User Account in Windows 10 with PowerShell:

1. Open PowerShell as Administrator.

2. To create a new user account without a password, type New-LocalUser -Name "user_name" -Description "Description of your new account." -NoPassword .

3. To create a user account that has a password, firstly execute the following line: $Password = Read-Host -AsSecureString .

Read More



Delete Data in SQL using DELETE statement - How to use it


This article covers how to Delete Data in SQL using the DELETE statement. 

The SQL DELETE Query is used to delete the existing records from a table.

You can use the WHERE clause with a DELETE query to delete the selected rows, otherwise all the records would be deleted.


In Structured Query Language, more commonly known as SQL, the DELETE statement is one of the most powerful operations available to users. 

DELETE operations irreversibly delete one or more rows of data from a database table. 

Being such a fundamental aspect of data management, it's important for SQL users to understand how the DELETE statement works.


The basic syntax of the DELETE query with the WHERE clause is as follows:

DELETE FROM table_name
WHERE [condition];

You can combine N number of conditions using AND or OR operators.


Note: Be careful when deleting records in a table! Notice the WHERE clause in the DELETE statement. 

The WHERE clause specifies which record(s) should be deleted. If you omit the WHERE clause, all records in the table will be deleted!


To Delete All Records:

It is possible to delete all rows in a table without deleting the table. This means that the table structure, attributes, and indexes will be intact:

DELETE FROM table_name;


DROP is used to delete a whole database or just a table. The DROP statement destroys the objects like an existing database, table, index, or view. A DROP statement in SQL removes a component from a relational database management system (RDBMS).

Read More



Use Nmap to Scan Open Ports - How to


This article covers how to use Nmap to Scan Open Ports. Nmap is the world's leading port security network scanner. The Nmap hosted security tool can help you determine how well your firewall and security configuration is working.

How would you tell Nmap to scan all ports?
By default, Nmap scans the 1,000 most popular ports of each protocol it is asked to scan.
Alternatively, you can specify the -F (fast) option to scan only the 100 most common ports in each protocol or --top-ports to specify an arbitrary number of ports to scan.

The OS and Service scanning options are helpful for scanning a particular port or service to get more information.
If a service is running on a non-default port, it might be by design – or it might suggest there is a security breach.
Ports often have a default usage. Most ports under 1000 are dedicated and assigned to a specific service.

What file does Nmap use to determine which ports to scan?
Nmap needs an nmap-services file with frequency information in order to know which ports are the most common.

Malicious ("black hat") hackers (or crackers) commonly use port scanning software to find which ports are "open" (unfiltered) in a given computer, and whether or not an actual service is listening on that port. They can then attempt to exploit potential vulnerabilities in any services they find.

Read More



Procmail Suspicious rcfile message


This article covers how to resolve the error, Procmail: Suspicious rcfile message, though not a big issue, relates to file permission.
Procmail is autonomous mail processor.
#Procmail should be invoked automatically over the .forward file mechanism as soon as mail arrives.
It starts to look for a file named $HOME/.procmailrc.

formail is a filter that can be used to format mail into mailbox format
lockfile is a utility that can lock a file for single use interactively or in a script
mailstat prints a summary report of mail that has been filtered by procmail since the last time mailstat was ran
procmail is an autonomous mail processor. It performs all the functions of an MDA (Mail Delivery Agent)

The rcfile can contain a mixture of environment variable assignments (some of which have special meanings to procmail), and recipes.
This is not really a big problem. It is related to file permission.
Use chmod command (change file access permissions) to fix problem (assuming that your user name is vivek):
$ chmod 0640 /home/you/.procmailrc
OR
$ chmod 0640 ~/.procmailrc

Further, make sure the .procmailrc file is owned by you and not by someone else:
$ ls  ~/.procmailrc

If file is not owned by you then use chown command to setup correct ownership (if your user name is vivek):
# chown ibmimedia:ibmimedia ~/.procmailrc

Finally make sure your home directory belongs to you only:
$ ls ~

Use chown to setup correct group permission on your home directory:
# chown ibmimedia:ibmimedia /home/ibmimedia

Read More



Limit cPanel bandwidth using mod_cband


This article covers how to limit cPanel bandwidth using mod_cband. In order to compile mod_cband, we must have apxs2 installed.
We can achieve that by doing this:
$ apt-get install apache2-prefork-dev

Next we download and install mod_cband like this:
cd /tmp
wget http://cband.linux.pl/download/mod-cband-0.9.7.4.tgz
tar xzvf mod-cband-0.9.7.4.tgz
cd mod-cband-0.9.7.4
./configure
make
make install

The make install command should have added the mod_cband module to /etc/apache2/httpd.conf. Run:
$ vi /etc/apache2/httpd.conf
and check if you find a line like this:
LoadModule cband_module       /usr/lib/apache2/modules/mod_cband.so

Finally restart Apache:
/etc/init.d/apache2 restart
The mod_cband installation is now finished.

Read More



Migrate database from MySQL to PostgreSQL using pgLoader


This article covers how to migrate a database using pgLoader with a single #command.
PostgreSQL, also known as “Postgres,” is an open-source relational database management system (RDBMS).
It has seen a drastic growth in popularity in recent years, with many developers and companies migrating their data to Postgres from other database solutions.
The prospect of migrating a database can be intimidating, especially when migrating from one database management system to another.

Facts about pgLoader:
1. pgLoader is an open-source #database migration tool that aims to simplify the process of migrating to #PostgreSQL.
2. It supports #migrations from several file types and RBDMSs — including #MySQL and SQLite — to PostgreSQL.
3. #pgLoader is a flexible tool that can perform a database migration in a single command.
4. With a few configuration tweaks, it can migrate an entire database from one physical machine to another using a secure SSL/TLS connection.

Read More



Ansible error Shared connection to server closed


This article covers the Shared connection to server closed error which occur when we run an Ansible command to execute commands on two newly deployed CentOS 8 servers.
Ansible is an open-source automation tool, or platform, used for IT tasks such as configuration management, application deployment, intraservice orchestration, and provisioning.
While you can write Ansible modules in any language, most Ansible modules are written in Python, including the ones central to letting Ansible work. By default, Ansible assumes it can find a /usr/bin/python on your remote system that is either Python2, version 2.6 or higher or Python3, 3.5 or higher.

A quick fix to Ansible error Shared connection to server closed is to just add the path to python 3 in your inventory file.
It would look something like this:
ip_address ansible_python_interpreter=/usr/bin/python3
Then you could test if it works with the ping module:
ansible -m ping all

From the error details, the connection failed because the shell(s) in the remote system couldn't find the Python interpreter (/usr/bin/python) as indicated by the line: "module_stdout": "/bin/sh: /usr/bin/python: No such file or directory\r\n".
After checking the remote hosts, we discovered that the systems don't have Python 2 installed.
Check Python Binary
They have Python 3 installed by default and its binary is /usr/bin/python3.

According to the Ansible documentation, Ansible (2.5 and above) works with Python version 3 and above only.
Also, Ansible is supposed to automatically detect and use Python 3 on many platforms that ship with it.
However, if it fails to, then you can explicitly configure a Python 3 interpreter by setting the ansible_python_interpreter inventory variable at a group or host level to the location of a Python 3 interpreter.

Read More



Automate WordPress Deployments using Buddy


This article covers how to automate #WordPress #deployments using Buddy. Buddy has become the foundation of every WordPress project you need to create. With Buddy you can run really complicated deployments with just one click. It also helps me to update plugins and monitor the uptime.
You can automate anything including sales, marketing, administrative tasks, learning and any other kind of processes you want letting you save time and get focused on your most important work.
BackupBuddy is one of the most reliable WordPress backup plugins that can help you back up your whole WordPress website installation.

Features of #Buddy:
1. Composer - Automatically install dependencies on server on every commit.
2. Zero-downtime deployments - Ensure 100% uptime of your websites with preconfigured atomic deployment templates.
3. Test-ready - Easily introduce unit and browser tests to improve the quality of your websites.
4. Docker support - Standarize your development environment and fast-track release times with Docker.
5. Real-time monitoring - Monitor websites for performance, SEO, and accessibility. Receive warnings when things go wrong.
6. WP-CLI - Run WordPress scripts to perform backups, update WP core, and migrate DB's.

Read More



Distributed Tracing with Jaeger on Kubernetes


This article will guide you on implementing Distributed Tracing with Jaeger on Kubernetes where you will be able to find the cause of our irregular response time. 

The Jaeger agent is a network daemon that listens for spans sent over UDP, which it batches and sends to the collector. It is designed to be deployed to all hosts as an infrastructure component. 

The agent abstracts the routing and discovery of the collectors away from the client.

1. Application tracing allows you to log information when a program is executing. 

2. Tracing is used to help you identify issues with your application (performance of the app or simply debugging an issue) instead of going through stack traces.

3. At a high level, log monitoring helps to speed up the process of identifying specific exceptions, when these exceptions occur and the frequency at which they occur. 4. Additionally, it provides developers and support personnel with a greater level of visibility into the systems and applications being monitored.

5. Insufficient logging and monitoring vulnerability occur when the security-critical event is not logged off properly, and the system is not monitored. 

6. Lack of such functionalities can make malicious activities harder to detect and in turn affects the incident handling process.

Read More



Docker error initializing network controller


This article will guide you on tips to resolve the error 'Docker error initializing network controller'. This docker error happens in the process of trying to start the docker service. 

To fix docker failed to start daemon: Error initializing network controller no network available:

Add a docker0 bridge interface;

# ip link add name docker0 type bridge

# ip addr add dev docker0 172.17.0.1/16


Docker originally used Linux Containers (LXC) and was designed for Linux kernel only.

In the case of Windows, Docker uses Hyper-V which is in-built virtualization technology provided by Windows. Docker uses Hypervisor framework in the case of MacOs for virtualization.

Docker is a platform and tool for building, distributing, and running Docker containers.

Kubernetes is a container orchestration system for Docker containers that is more extensive than Docker Swarm and is meant to coordinate clusters of nodes at scale in production in an efficient manner.

Read More



Email address rejected by server error in iPhone


This article will guide you on methods to resolve "Email address rejected by server" error which happens in iPhone devices mainly due to wrong mail settings. 

The recipient was rejected by the server because it does not allow relaying. Chances are you need to check your outgoing mail server settings. Go to Settings - Mail, Contacts, Calendar and tap on your email account. Tap on "Account, then go down to the "Outgoing Mail Server" section and tap on "SMTP."

If you can't send email try the following: On your iPhone or iPod Touch screen tap Settings and then Mail, Contacts, Calendars. 

Select your email account from the list, and then select it again on the next screen. 

Scroll down to the bottom and tap on the SMTP field under Outgoing Mail Server.


To fix email rejected by server:

1. Go to Settings > Mail > Accounts and select the account you are having difficulty with.

2. Click on your email address at the top of the screen.

3. Go down to the bottom of the screen where it says SMTP and click on it.

4. Select the Primary Server at the top of the screen.

Read More



IMAP server wants to alert you to the following error


This article will guide you the different causes for the error 'your IMAP server wants to alert you to the following'.

IMAP #Error code #0x800cccdd appears alongside the message "Your IMAP server closed the connection", which signifies that the "Send/Receive" feature—a setting that retrieves your #Outlook mail whenever connected to the Internet in order to keep your mail synced—has failed.

The error message "Your account temporarily blocked for #IMAP use. This may be happen if you exceed the maximum number of simultaneous IMAP connections allowed. Kindly try after some time" occurs when the mail client or different mail clients are trying to establish too many connections to IMAP server.

A server connection timeout means that a server is taking too long to reply to a data request made from another device. Timeouts are not a reply message: they show up when there isn't a reply and a server request is not fulfilled in a predetermined length of time.

To fix the mail server is not responding:

1. Check your internet connection.

2. Check your #SMTP server details.

3. Verify all usernames and passwords.

4. Check your SMTP server connection.

5. Change your SMTP port.

6. Control your #antivirus or #firewall settings.

Read More



FFmpeg on CentOS


This article will guide you on how to install FFMPEG on #CentOS and fix its related #errors. FFmpeg is a powerful tool that can do almost anything with #multimedia files.

FFmpeg is a standard package on many #linux systems. 

You can check if it is installed with a #command like dpkg -s ffmpeg . 

If it is not installed, you should be able to install with your system's package manager. i.e. sudo apt-get install ffmpeg or search 'ffmpeg' in the Software Center on Ubuntu.

To run #FFmpeg in #Linux:

1. Start by updating the packages list: sudo apt update.

2. Next, install FFmpeg by typing the following command: sudo apt install ffmpeg.

3. To validate that the package is installed properly use the ffmpeg -version command which prints the FFmpeg version: ffmpeg -version. 

Read More



NTP amplification attack


This article will guide you on steps to mitigate this #NTP amplification attack. An Amplification Attack is any attack where an attacker is able to use an amplification factor to multiply its power. Examples of #amplification #attacks include Smurf Attacks (ICMP amplification), Fraggle Attacks (#UDP amplification), and DNS Amplification.

DNS flood is a type of Distributed Denial of Service (#DDoS) attack in which the attacker targets one or more Domain Name System (#DNS) servers belonging to a given zone, attempting to hamper resolution of resource records of that zone and its sub-zones.

To harden your DNS server:

1. Audit your DNS zones. First things first.

2. Keep your DNS servers up-to-date.

3. Hide BIND version.

4. Restrict Zone Transfers.

5. Disable DNS recursion to prevent DNS poisoning attacks.

6. Use isolated DNS servers.

7. Use a DDOS mitigation provider.

8. Two-Factor Authentication.

Read More



Enable FirewallD logging for denied packets on Linux


This article will guide you on how to enable #FirewallD logging for denied packets on #Linux. It is an important task to keep an eye on the rejected and dropped packets using FirewallD for #Linux system administrators. 

To enable logging option you need to use #LOG iptables/kernel module. It turn on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log.

To log a dropped packet in iptables:

1. iptables -N LOGGING: Create a new chain called LOGGING.

2. iptables -A INPUT -j LOGGING: All the remaining incoming packets will jump to the LOGGING chain.

3. line#3: Log the incoming packets to syslog (/var/log/messages).

To  restart iptables:

i. To start firewall from a shell enter: # chkconfig iptables on. # service iptables start.

ii. To stop firewall, enter: # service iptables stop.

iii. To restart #firewall, enter: # service iptables restart.

Read More



Joomla 503 service unavailable


This article will guide you on method to fix #Joomla #503 service unavailable which occurs due to web traffic or bad PHP scripts or corrupted #modules.

A 503 Service Unavailable Error is an HTTP response status code indicating that a server is temporarily unable to handle the request. This may be due to the server being overloaded or down for maintenance. 

To Fix an #HTTP #Error 503:

1. Reboot your server.

2. Check to see if your web server is going through maintenance.

3. Fix faulty firewall configurations.

4. Sift through your server-side logs.

5. Comb through your website's code to find bugs.

Read More



Zabbix Postgres vs MySQL


This article will help you give you more informations about #Zabbix Postgres vs MySQL and the criteria to choose between them. 

PostgreSQL is an Object Relational #Database Management System (#ORDBMS) whereas MySQL is a community driven DBMS system. PostgreSQL support modern applications feature like #JSON, XML etc. while MySQL only supports JSON.

PostgreSQL supports Materialized Views whereas #MySQL doesn't supports Materialized Views.

#PostgreSQL is known to be faster while handling massive data sets, complicated queries, and read-write operations. 

Meanwhile, MySQL is known to be faster with read-only commands.

Advantages Of Using MySQL:

1. It's Easy To Use.

2. Support Is Readily Available Whenever Necessary.

3. It's Open-Source.

4. It's Incredibly Inexpensive.

5. It's An Industry Standard.

6. It's Got A Few Stability Issues.

7. It Suffers From Relatively Poor Performance Scaling.

Read More



Install Minecraft Server on Ubuntu 20.04


This article will guide you on how to install a Minecraft server on #Ubuntu 20.04 and set up a daily backup. You can now launch the Minecraft client, connect to the server and start Minecraft adventure. 

Setting up a #Minecraft server on #Linux (Ubuntu 12.04) is a fairly easy task on the command line.

Of the previously given ports, the only one I want you to memorize is 25565, because that is Minecraft's default port number. What we want to do is forward inbound traffic on port 25565 to our Minecraft server that's located on the private internal network.

Process of Setting up Minecraft Server on Ubuntu:

1. Create New Minecraft User. Add the new “minecraftuser” to the “sudo” group.

2. Add Minecraft User To Sudo Group.

3. Switch To Minecraft User.

4. Install wget Package.

5. Install Java OpenJDK package.

6. Check Installed Java Version.

7. Install Screen Package.

8. Create A Minecraft Directory.


To Install #Steam from Ubuntu package repository :

i. Confirm that the multiverse Ubuntu repository is enabled: $ sudo add-apt-repository multiverse $ sudo apt update.

ii. Install Steam package: $ sudo apt install steam.

iii. Use your desktop menu to start Steam or alternatively execute the following command: $ steam.

Read More



Benefits of Push notification


This article is about the different benefits of push notifications. Basically, the push #notifications benefits the #website in improving the traffic. 

Push notifications can considerably enhance your customer experience. They're less intrusive than other forms of user engagement and can effectively drive traffic and help users by providing useful information. They allow your users to keep up with the latest updates, promotions, and offers.

Read More



Default PHP settings in OpenLiteSpeed webserver


This article will guide you on the default settings for LSAPI. Basically, by default #OpenLiteSpeed support #PHP with external application and script handler. 

CyberPanel is a web hosting control panel powered by OpenLiteSpeed, which helps you set up sites on your DigitalOcean droplets easily and automatically back them up to DigitalOcean Spaces. Features. Different Level Of users.

To Configure #CyberPanel:

1. Enter admin for the username and 1234567 for the password.

2. Click on the user-menu arrow, next to the name "Cyber Pan".

3. Choose Edit Profile.

4. Select admin in the dropdown menu on the Modify User page.

5. You may now change the first name, last name, email address and password accordingly.

Read More



Preserve Permissions in rsync


This article will guide you on how to use rsync to preserve permissions. 

Rsync, or Remote #Sync, is a free command-line tool that lets you transfer files and directories to local and remote destinations. #Rsync is used for mirroring, performing backups, or migrating data to other servers.

a = archive - means it preserves #permissions (owners, groups), times, symbolic links, and devices. Use of "/" at the end of path: When using "/" at the end of source, rsync will copy the content of the last folder.

To preserve permissions when files and folders are copied or moved, use the Xcopy.exe utility with the /O or the /X switch. 

The object's original permissions will be added to inheritable permissions in the new location.

To make rsync to preserve timestamps:

1. To overcome this, there is another option that you can specify in the rsync command that will preserve the timestamps during the synchronization process. 

2. Without preserving the timestamp, the files will display the modification date and time as the time that the rsync command was run.

Read More



WordPress Brute Force Attack


This article will guide you on Brute Force Attack and different ways to troubleshoot and fix a Brute-Force Attack in #WordPress.

Brute-force attacks work by calculating every possible combination that could make up a password and testing it to see if it is the correct password. 

As the password's length increases, the amount of time, the computational power required on average, to find the correct password increases exponentially.

#Brute #Force #Attack Prevention Techniques:

1. Limit failed login attempts.

2. Make the root user inaccessible via #SSH by editing the sshd_config file.

3. Don't use a default port, edit the port line in your sshd_configfile.

4. Use Captcha.

5. Limit logins to a specified IP address or range.

6. Two factor authentication.

7. Unique login URLs.

Read More



Frequent connection timeout errors due to cPanel firewall issues


Make sure that your browser is up to date. Sometimes the “Connection timed out” message can appear if your browser is out of date. Outdated #software can have compatibility issues and bugs that can cause this and other errors to appear. 

The HyperText Transfer Protocol (HTTP) 408 #Request Timeout response status code means that the server would like to shut down this unused connection. It is sent on an idle connection by some #servers, even without any previous request by the client.

To fix the problem, be sure that your browser is up to date.

To Fix the ERR_CONNECTION_TIMED_OUT Error:

1. Check Your Connection. Google Chrome, Firefox, and Edge all recommend that you should check your network connection.

2. Disable Firewall and Antivirus Software Temporarily. Firewalls and antivirus software are intended to protect users and their systems.

3. Disable Proxy Settings.

4. Change DNS Servers.

Read More



Using CSF firewall to block countries


This article will guide you on how to block/allow countries in the CSF #firewall. CSF is used to restrict or allow countrywide IP ranges in the server using the country codes. For every country you want to deny, you just enter those letters in the field (separated by a comma). Once you're done, scroll to the bottom of the page and click CHANGE. This will restart the firewall, and you're now all set to go.

ConfigServe Firewall (#CSF) is a firewall configuration script created to provide better security for your server while giving you an easy to use and advanced interface for managing your #firewall settings in cPanel servers.

To limit the ability to connect on a specific port or ports to visitors with IP addresses originating in a specific country or countries, you must:

1. close the ports in the firewall.

2. define the country code allowed to connect on those blocked ports.

3. specify the blocked #ports to be opened for the specified country.

Read More



Digitally Signed Files with PowerShell


This article will guide you on how to implement reporting on digitally signed files with PowerShell. 

Get-Command gets the commands from PowerShell modules and commands that were imported from other sessions. 

To get only commands that have been imported into the current session, use the ListImported parameter. 

Without parameters, Get-Command gets all of the cmdlets, functions, and aliases installed on the computer.

Read More



Shorewall forward reject How to resolve this error


The 'Shorewall forward reject' error mainly occurs when there is any misconfiguration or missing in the rules added to the Shorewall configuration files. 

Shorewall rules file:

Entries in this file govern connection establishment by defining exceptions to the policies laid out in shorewall-policy(5). By default, subsequent requests and responses are automatically allowed using connection tracking. 

Read More



Wildcards in SQL Server


This article will guide to use #Wildcards in #SQL server. Also you will learn how to use and escape wildcards SQL-based databases. 

To use a wildcard character within a pattern: Open your #query in Design view. In the Criteria row of the field that you want to use, type the #operator Like in front of your criteria. Replace one or more characters in the criteria with a wildcard character.

i. The wildcard is an advanced search technique that can be used to maximize your search results in library databases. 

ii. Wildcards are used in search terms to represent one or more other characters. 

iii. The two most commonly used wildcards are: An asterisk (*) may be used to specify any number of #characters.

Read More



Powershell to enable script execution


This article will guide you on how to fix #Windows script error via PowerShell. Basically, we used #PowerShell to enable script #execution by running some #commands.

PowerShell is a cross-platform task automation and configuration management framework, consisting of a command-line shell and scripting language. Unlike most shells, which accept and return text, PowerShell is built on top of the . #NET Common Language Runtime (CLR), and accepts and returns . NET objects.

To enable script execution in PowerShell:

i. Open Start.

ii. Search for PowerShell, right-click the top-result and click the Run as administrator option.

iii. Type the following command to allow scripts to run and press Enter: Set-ExecutionPolicy RemoteSigned.

iv. Type A and press Enter (if applicable).

Read More



Windows Error Code 17


This article will guide you on different methods to tackle Windows Error Code 17 which causes Windows #program to crash, slow Windows performance and periodic system freeze.

#Windows error code 17 is a standard device driver error. This error can be attributed to either a corrupt driver or an outdated driver. To resolve, Do a search for your device #driver and see if the newest version available was released since you bought your hardware. If it was, you probably need to download the newest version.

To Fix #Spotify Could Not Be Started #Error Code 17:

1. Open the “Firewall & network protection” via Search bar;

2. Click on “Allow an app through firewall”;

3. Press “Change settings”;

4. In the list of programs, find Spotify and check the boxes for it under the Private and Public columns. 

If it's absent here, click on the “Allow another app …” button and add it manually.

Read More



SMTP Error 451


This article will guide you on different methods to resolve #SMTP #error 451 which occurs due to the receiving server rejecting your email. 

This can happen for a number of reasons but most likely is due to the recipients server being overloaded with #messages.

To fix SMTP Error: Failed to connect to server:

1. Modify the #firewall rules on the server to allow outbound connections on #ports like 465.

2. Modify the SMTP restrictions on the server.

3. Edit #PHPMailer settings like Host, Port etc.

4. Correct #DNS resolution for mail server.

Read More



More about Engintron cPanel


This article will guide you on how to #install #Engintron in #cPanel & fix relating #errors.  Engintron is a third-party plugin to integrate Nginx on cPanel servers. 

Engintron integrates Nginx into cPanel so you can enjoy amazing performance for your sites, without having to sacrifice important hosting features found in cPanel.

Engintron is totally free to use!

The way Engintron sets up Nginx inside your cPanel is a lot like how the popular #CloudFlare CDN works. Nginx (like CloudFlare) directly serves all static content like CSS, JS, images etc. instead of your actual web server, thus lowering the load on your cPanel server.


Engintron is the easiest way to integrate Nginx to your cPanel server:

1. Installation process is not very complicated for Engintron. 

2. Also, installation and updates are very fast, they take only a few seconds. 

3. Engintron is using the official repositories for Nginx, all Engintron software is updated whenever cPanel is updated. If something has changed on Engintron and you need to re-install it, you can install it on top of the previous installation. You don't need to uninstall it first like other Nginx installer plugins for cPanel. It works from CentOS 5 up to CentOS 7. Engintron has an app dashboard inside WHM. 

4. The interface has basic controls for Nginx, Apache, MySQL. These controls allow you to edit various configuration files. Inside the Engintron app dashboard you’ll also find some utilities to monitor things like Nginx access & error logs, check processes on your server or see incoming traffic on port 80. It doesn’t require Nginx or Apache host synchronization when adding new domains via cPanel. 

5. Also, Engintron is released under the GNU/GPL license and is 100% open source.

Read More



Troubleshooting DHCP client issues


This article will guide you on troubleshooting different DHCP #client issues. Whenever a DHCP server gets a request from a client it responds with a DHCP offer containing IP address being offered, #network mask offered, the amount of time that the client can use and keep it, the ip address of the DHCP server making this offer.

To #Troubleshoot DHCP:

1. Check for IP Address Conflicts. #DHCP clients connect to the network using a leased IP address.

2. Check Physical Connectivity.

3. Test connections with other Client using a Static #IP Address.

4. Confirm Switch #Port #Configuration.

5. Verify the source of Clients IP Address.

Read More



Enable firewalld in Centos 7 How to do it


This article will guide you on steps to enable firewalld on #centos 7 servers for our customers. The firewall is one of the most important features of webservers. The #firewalld supports both IPv4 and IPv6 #firewall #settings.

Never run the iptables service and FirewallD service at the same time! The #iptables service is now provided by a separate package called iptables-services: Stop and disable the firewalld service first. # systemctl stop firewalld.

The firewalld daemon manages groups of #rules using entities called "zones". Zones are basically sets of rules dictating what traffic should be allowed depending on the level of trust you have in the networks your #computer is connected to.

To use FirewallD:

1. Installing and Managing FirewallD.

2. To start the service and enable FirewallD on boot: sudo systemctl start firewalld sudo systemctl enable firewalld.

3. Check the firewall status.

4. To view the status of the FirewallD daemon: sudo systemctl status firewalld.

5. To reload a FirewallD configuration: sudo firewall-cmd --reload.

Read More



SQL server error 1326 Steps to fix it


This article will guide you on methods to resolve SQL server error 1326 which occurs due to the IIS Service not having any rights to use the named pipe.

If the SQL server resides on a separate server from IIS, then the IUSR_machinename account needs to be validated on the Windows NT server that SQL resides on.

#SQL #SERVER – Fix : Error : 1326 Cannot connect to #Database Server Error: 40 – Could not open a connection to SQL Server.

Now if SQL Server can be connected perfectly from #local system, but cannot be connected from a remote system, in that case firewall on the server where SQL Server is installed can be issued.

Follow instructions below to fix the issue:

1. Go to control panel >> #Firewall Settings >> Add SQL Server’s Port to Exception List.

2. Now try to connect to SQL Server again. It will allow you to connect to the server successfully.

Read More



Duplicity restore full backup


This article will guide you on steps to perform a Duplicity-restore full backup. #Duplicity is an efficient #backup application.

#rsync is a protocol built for Unix-like systems that provides unbelievable versatility for backing up and synchronizing data. It can be used locally to back up files to different directories or can be configured to sync across the Internet to other #hosts.

Incremental Backup captures only the changes made since the last incremental backup. Saves both time and #storage space, and ensures that your backup is up to date. Differential Backup captures only the changes made since the last full backup, not since the last differential backup.

When a normal or full backup runs on a selected drive, all the files on that drive are backed up. This, of course, includes system files, application files, user data — everything. The downside of normal backups is that they take a very long time to run, and in some cases this is more time than a company can allow.

To Use Duplicity with GPG to Securely Automate #Backups on #Ubuntu:

1. Install the Prerequisite Packages.

2. Download and Install Duplicity from Source.

3. Create SSH Keys.

4. Create GPG Keys.

5. Run an Initial Test.

6. Create Your First Backup.

7. Restore a Backup.

Read More



Add User To Group in Linux


This article will guide you on how to add a #user to a #group in #Linux. The group permissions apply only to the group that has been assigned to the file or directory, they will not effect the actions of other users. The others permissions apply to all other users on the system, this is the permission group that you want to watch the most.

Groups can be thought of as levels of #privilege. A person who is part of a group can view or modify files belonging to that group, depending on the permissions of that file. User belonging to a group has privileges of that group, for example - sudo groups lets you run software as super user.

To view all groups present on the system simply open the /etc/group file. Each line in this file represents information for one group. Another option is to use the getent command which displays entries from #databases configured in /etc/nsswitch.


To Create a New Sudo User:

1. Log in to your server as the root user. #ssh root@server_ip_address.

2. Use the adduser command to add a new user to your system. Be sure to replace username with the user that you want to create.

3. Use the usermod command to add the user to the wheel group.

4. Test sudo access on new user account.


To List Users in Linux:

i. Get a List of All Users using the /etc/passwd File.

ii. Get a List of all Users using the getent Command.

iii. Check whether a user exists in the Linux system.

iv. System and Normal Users.

Read More



Executing queries from the MySQL Command Line


This article will guide you on how to run queries from the 3MySQL command line. The MySQL #Command Line Tool is a useful way to run #queries from the command line. It’s easy to run select queries and display the results in either a horizontal or vertical format, and the queries run are kept in a history file which you can navigate through. 

If you don't want to run a particular query after all you can use the c command to clear it.

The most common way to get a list of the MySQL #databases is by using the mysql client to connect to the MySQL server and run the SHOW DATABASES command. If you haven't set a password for your MySQL user you can omit the -p switch.

To Connect to a MySQL Database:

1. Click Services tab.

2. Expand the Drivers node from the Database Explorer.

3. Enter User Name and Password.

4. Click OK to accept the credentials.

5. Click OK to accept the default schema.

6. Right-click the MySQL Database #URL in the Services window.

Read More



SQLSTATE42000 syntax error or access violation


This article will guide you on methods to resolve 'sqlstate42000 #syntax error or access violation' which occurs due to wrong syntax entry or extra space or no space in the user's #SQL #query. 

The #1064 error displays any time you have an issue with your SQL syntax, and is often due to using reserved words, missing data in the database, or mistyped/obsolete commands.

As you can see there is more than one cause for the 1064 error within MySQL code. Now, you know how to correct the issues with your SQL Syntax, so your query can run successfully. This list will be updated as more specific instances are reported.

Read More



Restore a database in Alwayson Availability Group


This article will guide you on steps to restore a #database in alwayson availability group.

If you receive an #error that the database is in use, try to set the user to single user mode: USE master; GO ALTER DATABASE Database_name SET SINGLE_USER WITH ROLLBACK IMMEDIATE; Then try the restore with #recovery command again. Also, make sure you are on the latest service pack or cumulative update.

Creating a #SQL #Server AlwaysOn Availability Group.

Open SQL Server Management Studio and connect to the SQL Server instance. Expand the AlwaysOn High Availability folder in the Object Explorer. Right-click on the Availability Groups folder and select the New Availability Group Wizard.

To Restore a Database in a SQL Server AlwaysOn Availability Group:

1. Make the secondary server from which the backups were taken the primary server.

2. Remove the database to be restored from the AlwaysOn Availability Group.

3. Restore the database.

4. Add the database back into the Always Availability Group.

Read More



Nginx multiple domains SSL Certificates


This article will guide you on steps to resolve common issues with "Nginx multiple domains #SSL". Basically, the multi-domain SSL #certificate offers security for multiple websites.
The technique for hosting more than one domain/subdomain on a single IP address/host is called #virtual #hosts. The http get request contains the domain name that the requests is for which allows the web server to match up the request with a particular virtual domain.
You can host multiple websites on #Nginx:
1. Configure Nginx to Host Multiple Websites.
2. Create Directory Structure.
3. Create Virtual Configuration.
4. Test Your #Websites.
5. Adding PHP-FPM Support to Nginx.

Read More



Orphaned users in SQL Server


This article will help you to identify #Orphaned #Windows #Logins and Groups in #SQL Server.
To Resolve an Orphaned User:
To map an orphaned user to a login which already exists in master, execute the ALTER USER #statement in the user database, specifying the login name.
ALTER USER <user_name> WITH Login = <login_name>; When you recreate a missing login, the user can access the database using the password provided.
To fix orphaned users for all databases in SQL Server:
1. Login with same name as user exists – generate ALTER LOGIN to map the user to the login.
2. No login with same name exists – generate DROP USER to delete the orphan user.
3. Orphan user is [dbo] – change the database owner to SA (or whatever SA was renamed to).

Read More



Azure PowerShell context objects How to manage them


This article will guide you on how to manage #Azure #PowerShell #context #objects. Azure PowerShell context objects are to hold subscription and authentication information. 

Azure PowerShell is basically an extension of #Windows PowerShell. It lets Windows PowerShell users control Azure's robust functionality. From the command line, Azure PowerShell programmers use preset scripts called cmdlets to perform complex tasks like provisioning virtual #machines (#VMs) or creating #cloud services.

To select Azure subscription in PowerShell:

1. Enter Login-AzAccount and hit enter, then provide your user id and password.

2. Get-AzureSubscription (this will give you the list of subscription).

3. Select-AzureRmSubscription -SubscriptionId xxxxx-xxxxx-xxxxxx-xxxx (this way you can set which particular subscription you want to use).

Read More



HTTP Flood DDOS Attack How to Mitigate the attack


This article will guide you on how to recover from DDoS attacks. Basically, protecting the web server against #DDoS #attacks is important. You can apply these measures to mitigate the error from causing troubles.

DNS #flood is a type of Distributed Denial of Service (DDoS) attack in which the attacker targets one or more Domain Name System (#DNS) servers belonging to a given zone, attempting to hamper resolution of resource records of that zone and its sub-zones.

To prevent DDoS attacks:

1. Buy more bandwidth. 

2. Build redundancy into your infrastructure. 

3. Configure your network hardware against DDoS attacks. 

4. Deploy anti-DDoS hardware and #software #modules. 

5. Deploy a DDoS protection appliance. 

6. Protect your DNS servers.

Read More



Deploy Multiple WordPress Applications On Ubuntu


This article will guide you on how to deploy multiple #WordPress applications on #Ubuntu with #Docker.
Docker is a #tool designed to make it easier to create, deploy, and run applications by using #containers. Containers allow a developer to package up an application with all of the parts it needs, such as libraries and other #dependencies, and ship it all out as one package.
The Objectives to deploy a docker container:
1. Package a sample web application into a Docker #image.
2. Upload the Docker image to Container #Registry.
3. Create a GKE #cluster.
4. Deploy the sample #app to the cluster.
5. Manage autoscaling for the deployment.
6. Expose the sample app to the internet.
7. Deploy a new version of the sample app.

Read More



WordPress Sidebar Below Content Error


This article will guide you on the different causes and fixes to #sidebar below content #error in #WordPress.

To fix a sidebar after scrolling:

The easiest way to handle this is just to use #CSS fixed positioning. Our sidebar is within a #page-wrap div with relative positioning, so the sidebar will set inside there, then we just push it over into place with margin. 

With this technique, the sidebar stays solidly in place as you scroll down the page.

Also, to Fix Sidebar Below Content Error In WordPress:

1. Undo Your Most Recent Changes.

2. Fix Unclosed or Extra Closing Div Tags.

3. Fix CSS Issues.

Read More



Managing files with fs Module in Node js


This article will guide you on various functions that can be performed with fs #Module in Node.js such as reading, writing, and deleting files.

#Node . js includes fs module to access physical file system. The #fs module is responsible for all the asynchronous or synchronous file I/O operations.

To use FS in node JS:

The Node. js file system #module allows you to work with the file system on your #computer. To include the File System module, use the require() method: var fs = require('fs'):

1. Read files.

2. Create files.

3. Update files.

4. Delete files.

5. Rename files.

Read More



How to Install Python on Windows


This article will guide you on steps to install #Python and #PIP on #Windows. If you would like to download and install Python on your #computer you can do for free at python.org.

To install Python on Windows:

1. Select Version of Python to #Install. 

2. Download Python Executable #Installer. 

3. Run Executable Installer. 

4. Verify Python Was Installed On Windows. 

5. Verify Pip Was Installed. 

6. Add Python #Path to #Environment Variables which is Optional.

Read More



Steps to Back Up And Restore Nagios System


This article will guide you on how to perform #Backup and #Restore of the #Nagios System are important aspects of the #administration and #maintenance of the #system. 

Backups are an important aspect of administration and maintenance of your system. They can easily facilitate the #migration of a Nagios XI #installation between a virtual server and physical server, and the design of a fail-over or #disaster #recovery instance of Nagios XI.

There are three main types of backup: full, incremental, and differential:

1. #Full backup. As the name suggests, this refers to the process of copying everything that is considered important and that must not be lost.

2. #Incremental backup. 

3. #Differential backup.

Read More



Setting up client access over private IP address to MySQL on Compute Engine


This article will guide you on setting up client access over private IP address to #MySQL on #Compute #Engine helps advanced usage of parameters and specific performance needs.

To allow IP to connect to MySQL:

1. Edit MySQL Config File. 1.1 Access mysqld.cnf File. 

2. Set up Firewall to Allow Remote MySQL Connection. While editing the configuration file, you probably observed that the default MySQL port is 3306. 

3. Connect to Remote MySQL #Server. Your remote server is now ready to accept connections.

Read More



How to modify MSSQL Database Autogrowth Configuration


This article will guide you on how #MSSQL Database Autogrowth Configuration works. Therefore do not rely on the default #SQL Server Data and Log file Autogrowth value and must always set it to more realistic values depending upon the usage of the database.

To see data file growth in SQL #Server:

1. Connect to a SQL instance and right-click on a database for which we want to get details of Auto Growth and Shrink Events. 

2. It opens the disk usage report of the specified #database. 

3. In this #disk usage report, we get the details of the data file and log file space usage.

To Change default database location via SQL Server Management Studio:

i. Right Click on Server and Select "Properties".

ii. In the "Server Properties" dialog box, navigate to "Database Settings" tab and data/log files location under "Database default locations" group. 

iii. Click on "OK" to apply changes.

Read More



IPSEC protocol for load balancing


This article will guide you on steps to perform load balancing with #IPSEC protocol. The load balance of IPSEC #protocol allows us to fully access the available bandwidth between IPSEC #VPN sites.

VPN load balancing is a mechanism that is used in order to equitably distribute network traffic among the devices in a virtual cluster.

To configure IPSec.

1. Select. #Network. IPSec Tunnels.

2. Select the. Proxy IDs. tab.

3. Select the. IPv4. 

4. Click. Add. and enter the IP.

5. Enter the. Local. IP address or subnet for the VPN #gateway.

6. Enter the. Remote. address for the VPN gateway.

7. Select the. Protocol. from the drop-down.

8. Click. OK. 

Read More



How to Set Up Multiple SSLs on One IP With Nginx


This article will guide you on how to set up multiple #SSL #certificates on one #IP with #Nginx. 

To set up Multiple SSL Certificates on a Single IP Using Nginx:

1. Domain names should be registered in order to serve the certificates by SNI.

2. Root Privileges to the server.

3. Nginx should already be installed and running on your #VPS. To #install Nginx: # sudo apt-get install nginx.

4. Make sure that #SNI is enabled in the #server.

Read More



How to Use PowerShell to Quickly Find Installed Software


This article will guide you on how to get the list of all installed #software using #PowerShell. 

i. First, open PowerShell by clicking on the Start menu and typing “powershell”. 

ii. Select the first option that comes up and you'll be greeted with an empty PowerShell #prompt. 

iii. PowerShell will give you a list of all your #programs, complete with the version, name of the developer, and even the date you installed it.

Read More



Steps To Harden OpenSSH Client on Ubuntu 18 04


This article will guide you on how to harden #OpenSSH Client by following some quick and easy steps.
#Hardening of the #OS is the act of configuring an OS securely, updating it, creating #rules and #policies to help govern the system in a secure manner, and removing unnecessary applications and services. This is done to minimize a computer OS's exposure to threats and to mitigate possible #risk.

Read More



Steps to Setup Ansible AWS Dynamic Inventory


This article will guide you on how to use #AWS resources using Ansible with the help of Dynamic Inventory.

The #Ansible #inventory file defines the #hosts and groups of hosts upon which #commands, #modules, and tasks in a playbook operate. The file can be in one of many formats depending on your Ansible #environment and plugins.

Ansible will use it as an inventory source as long as it returns a #JSON structure like the one above when the script is called with the --list .

Read More



Working with Database Configuration in Laravel


This article will guide you on steps to set up #development and testing databases for Laravel by using database migrations and #seeders. Database migration means moving your data from one platform to another. To run #laravel migrations, first you have to configure your #database connection, and then you use Artisan, Laravel's #command line interface, to install the migrations table and run, revert, create. This command causes #Artisan to create a special table in your database to keep track of what #migrations have already been executed.

Read More



Clean up Domain Controller DNS Records with Powershell


This article will guide you on the process to clean up Stale/Dead #DC DNS records with the help of #PowerShell. You can see that it is easy to clean up domain controller records with the help of this method using few Windows PowerShell #commands.

To remove old DNS records from a domain controller, simply Remove #DNS Entries by:

1. Right click a #Zone in DNS console and go to properties, Under Name server tab delete the entries that are related to decommissioned DC.

2. Open DNS Console and Remove the IP of the decommissioned DC that might be present on the #network #adapter.

Read More



Download multiple files simultaneously using cURL


This article will guide you on the process to #download multiple files using curl utility. Curl allows downloading files simultaneously from a remote system.

The curl tool lets us fetch a given #URL from the command-line. Sometimes we want to save a web file to our own computer. Other times we might pipe it directly into another program. Either way, #curl has us covered.

This is the basic usage of curl:

curl http://some.url --output some.file

Read More



How to Run AWS Amazon DynamoDB Steps to do it


This article will guide you on how to set up #Amazon DynamoDB which can be downloaded as an executable .jar file.

#DynamoDB uses hashing and B-trees to manage #data. Upon entry, data is first distributed into different partitions by hashing on the #partition key. Each partition can store up to 10GB of data and handle by default 1,000 write capacity units (WCU) and 3,000 read capacity units (RCU).

Read More



ifconfig centos 7


This article will guide you on the steps to #install #ifconfig in #CentOS using the yum #package #manager.

The ifconfig command can tell you a lot about your Unix server's connection to your #network and the role it's playing in both generating and receiving network traffic.

Read More



Plesk Domain forwarding Setting it up


This article will guide you on the process to configure #Domain #forwarding in #Plesk which allows forwarding one domain to another domain and helps website owners who want to move their websites without losing traffic. We also discussed Plesk domain forwarding related #errors.

Read More



Monitor MongoDB Performance


This article will guide you on some useful monitoring utilities and #database commands for #reporting #statistics about the state of a running #MongoDB instance.

The motivation of the MongoDB language is to implement a data store that provides high performance, high availability, and automatic #scaling. MongoDB is extremely simple to install and implement. MongoDB uses JSON or BSON documents to #store #data.

Read More



The trust relationship between this workstation and the primary domain failed in Windows


This article will guide you on the methods to fix #Windows error "The trust relationship between this #workstation and the primary #domain failed" message which occurs when the session login is attempted through #RDP Remote Desktop Protocol, #ICA, or directly at the console. 

Read More



Invalid State of a Virtual Machine on VMWare ESXi


This article will guide you on the steps to resolve the Invalid State of a Virtual Machine on VMWare #ESXi error which relates to #orphaned virtual machines.

A virtual machine can show up as invalid or orphaned in these situations. After a vMotion or #VMware DRS migration. After a VMware HA #host failure occurs, or after the #ESX host comes out of maintenance mode. A virtual machine is deleted outside of vCenter Server. #vCenter Server is restarted while a migration is in progress.

Read More



Configuring Static IP and Hostname in FreeBSD 12 Steps to take


This article will guide you on how to configure network settings in FreeBSD by setting static IP addresses and DHCP addresses.

Read More



Zimbra zmconfigd not running starting Tips to fix it


This article will help to fix "zmconfigd not running/starting" issue which results from factors such as such as  missing netcat (nc) command, Pid issue of zimbra and so on.

Read More



PIP installation on Windows


This article will guide you on how to install PIP on Windows.

Read More



Solution to PowerShell is not digitally signed error


This article will put you through the steps to fix "PowerShell is not digitally signed" security error which can be triggered when PowerShell Execution Policy is set to AllSigned or RemoteSigned.

Read More



Exporting and importing docker containers


This article will take you through the steps to export and import docker containers between on server to another server using simple ssh commands.

Read More



FreeIPA Client installation on ubuntu


This guide will help you with all the information you need to install FreeIPA client on Debian or Ubuntu Server.

Read More



How to fix SSL error err sslversion or cipher mismatch


The error ERR_SSL_VERSION_OR_CIPHER_MISMATCH occurs when a user's browser cannot establish a secure connection with a web server that uses #HTTPS and SSL. 

The issue may lie in the server configuration or locally on a user's #computer.

Also, the ERR SSL VERSION OR CIPHER MISMATCH error could be caused by certain security settings. 

Applying changes to the SSL might help you solve the annoying ERR SSL VERSION problem. 

Sometimes switching to another browser can be the easy fix you need.


To Fix ERR_SSL_PROTOCOL_ERROR:

1. Set correct system date, time & region.

2. Clear Chrome's cache and cookies.

3. Disable #QUIC Protocol.

4. Disable extensions.

5. Remove your system's hosts file.

6. Clear SSL State.

7. Lower your internet security and privacy level.

8. Disable your security tools for a moment.


Error such as Err_ssl_version_or_cipher_mismatch tend to pop up when there is a inappropriate configuration in the SSL certificate.

Read More




For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com