Explore information related to linux

Apache Error: "semget: No space left on device" - Fix it Now ?


This article covers methods to resolve Apache Error: "semget: No space left on device". This error indicates that apache failed and will not start again, so check the error log If you see an error similar to the following, it could indicate that your server has run out of semaphores and apache cannot be started:

[emerg] (12)Cannot allocate memory: mod_fcgid: Create process manager error
[error] (28)No space left on device: Cannot create SSLMutex Configuration Failed


To solve this problem you can restart Apache, Postgres and other services that consumer many IPC resources or increase limit of the resources in the system using 'sysctl'. When you stop all services the semaphores and shared memory segments have to be removed, if not, and you still able to see them using 'ipcs' command, try to remove them manually using 'ipcrm' command. 

1. For example to remove semaphore:

# ipcs -a

2. If this is a common problem for you, you may want to increase the semaphore limits on your VPS server. You can do that by adding the following to the /etc/sysctl.conf file:

# Increases the semaphore limits & extend Apache's uptime.

kernel.msgmni = 512
kernel.sem = 250 128000 32 512

3. Then load the new settings into the kernel:

sysctl -p

Read More


Monitoring Linux Using NCPA


This article covers how to go about setting up monitoring in Linux using NCPA. You will learn how to configure NCPA to monitor Linux.

NCPA is a cross-platform monitoring agent for Nagios Core and Nagios XI that runs on Windows, Linux/Unix, and Mac OS/X machines. Its features include both active and passive checks, remote management, and a local monitoring interface.


In Nagios XI wizards can be used to to perform configuration of hosts and services through the Web UI. Wizards take the complicated matter of creating hosts and services, defining configuration parameters, assigning contacts, contact groups, hostgroups, servicegroups, etc, into a easy steps form in the Nagios XI UI. 

Wizards can also be easily added to Nagios XI through the Admin -> Manage Wizards menu to expand the capabilities of Nagios XI.

Read More


Restart Linux Services With NCPA in Nagios - How to do it Now ?


This article covers how to go about Restarting Linux Services With NCPA. In the configuration section you'll find that you will need to restart the services each time configuration changes are made. You can also view the services in the windows services administration panel, but you can also do it easily from the command line. This is an example for CentOS.


NCPA is an advanced, cross-platform agent that can be installed on Windows / Linux / AIX / Mac OS X machines. Target Audience. This document is intended for use by both Nagios administrators and users who wish to use NCPA. Installing NCPA.


How do I know if Nagios is installed?

Easiest way to check the Nagios Core version is using the Nagios GUI.

# /usr/local/nagios/bin/nagios –help

Read More


Package conflict errors with ea-nginx on CloudLinux - Fix it Now ?


This article covers how to resolve Package conflict errors with ea-nginx on CloudLinux. Basically, Cloudlinux servers with ea-nginx, yum or cPanel updates tend to fall with this error. 


On Cloudlinux servers where already packages for ModSecurity2 are installed (ea-modsec-sdbm-util & ea-apache24-mod_security2), trying to install ea-nginx or run a yum update/cPanel update fails because as a part of ea-nginx dependencies, some of ModSecurity3 packages (ea-modsec30 & ea-modsec30-connector-nginx) will also be attempted to be installed, and that causes a conflict between the packages belonging to ModSecuirty2 and Modsecurity3, which in turn causes yum and UPCP to fail. 


To resolve systems that are currently experiencing this error, update EA packages to the beta branch:

$ yum update ea-* --enablerepo=cl-ea4-testing

 

To install ea-nginx on affected systems using the beta repository, install it with the following command:

$ yum install ea-nginx --enablerepo=cl-ea4-testing

Read More


Modify the Default SSH Port on any Linux Distribution - Step by Step Process ?


This article covers how to change the default SSH port on your Linux machine.

To change the default port the SSHD daemon is listening on.

We can edit the configuration file using a nano editor:

$ sudo nano /etc/ssh/sshd_config

Once you make a change to the SSHD daemon configuration file, you should restart the services to reload the new changes.

$ sudo service sshd restart

Read More


cPanel Error Iproute Conflicts With Kernel - Fix it Now ?


This article covers method to fix cPanel Error Iproute Conflicts With Kernel. Basically, this error happens when we have an outdated kernel on the server. 


Instead of deleting conflicting kernels, you can also add the iproute package to the excludes of yum in /etc/yum.conf file, then the iproute package won't be marked for the update.

It can be useful when you need to perform an update but can't reboot the server at the given moment. 

It can be excluded manually using a preferred text editor or using the following command:

$ sed -i 's/exclude=/exclude=iproute /' /etc/yum.conf

The change can be reverted using this command:

$ sed -i 's/exclude=iproute /exclude=/' /etc/yum.conf

Read More


cPanel error networkmanager is installed and running


This article covers how to resolve the error, NetworkManager is installed and running. Basically, this error happens if cPanel does not support NetworkManager-enabled systems.


To fix this error, simply run the commands below and then restart the installation of cPANEL:

$ systemctl stop NetworkManager.service
$ systemctl disable NetworkManager.service

Read More


Install Wazuh Server on CentOS 7 - Step by Step Process ?


This article covers the installation procedure of Wazuh Server on CentOS Linux System. Basically, Wazuh is a free, open-source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance. 


You can use Wazuh for the following applications:

  • Security analysis
  • Log analysis
  • Vulnerability detection
  • Container security
  • Cloud security


To Install Java on CentOS 8.

1. Run the command below to install JDK:

$ sudo dnf install java-11-openjdk-devel

2. Confirm that you have it installed

$ java -version

Read More


Install Ajenti Control Panel on Debian 10 / Debian 9 - Step by Step Process ?


This article covers how to install Ajenti Control Panel on Debian system. Basically, Ajenti is a simple tool to manage your websites, Firewall, DNS, Cron, Logs, Files, Mail hosting services and so on.

Read More


Access denied to VNC Server - How to fix this error ?


This article covers methods to fix the error, Access denied to VNC Server. Basically, this error occurs while trying to connect to a VNC server using a cloud connection. This message means that your RealVNC account has been signed out of VNC Viewer.

This will happen if you have recently changed the password for your RealVNC account, for example.


To resolve this VNC connection issue, click Sign in again and enter your RealVNC account credentials.

Once you see a green tick/check mark in the top right next to your name, try connecting to the VNC Server again.

Read More


Install Docker CE on AlmaLinux 8 - Step by Step Process ?


This article covers the process of installing Docker CE on AlmaLinux. Docker is a popular virtualization platform for running applications in Containers.

It allows us to build and communicate containers with one on another.


To install Docker CE on AlmaLinux 8:

1. Add official Docker CE repository on your AlmaLinux 8, so that we can install it without downloading its packages manually.

$ sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

2. To let the system recognize the added Docker repository and the packages available in the same, run the system update that will force AlmaLinux to rebuild the system repo cache.

$ sudo dnf update

3. You can check the added repo including others of your system using the command.

$ sudo dnf repolist -v

4. Run the Command to Install Docker CE Engine.

$ sudo dnf install docker-ce docker-ce-cli containerd.io

5. Once the installation is completed, start the Docker service on your AlmaLinux and also enable it to run automatically with system boot.

$ sudo systemctl enable docker
$ sudo systemctl start docker

6. Check the Status of the Service to know it is working properly.

$ systemctl status docker

Read More


Install PHP 8 on CentOS 7 / CentOS 8 - Step by Step Process ?


This article covers how to install PHP 8.0 on CentOS 8/7 and RHEL 8/7.

PHP is the most used scripting language for web development, both websites and web applications.

This guide will show you how to install PHP 8.0 on CentOS 8 | CentOS 7. 

Please note the GA release is fit for running in Production if the application already supports it.


To install any additional PHP package use command syntax:

$ sudo yum install php-xxx

To Check PHP version:

$ php --version

Read More


Send test SNMP trap in Nagios - How does this work ?


This article covers how to send a trap to Nagios server to test SNMP Trap functionality.

Basically, when troubleshooting an SNMP Trap issue, it can be very helpful to remove the actual device that could be causing problems and use the snmptrap command instead.

So in this guide, you will learn all the methods of sending a trap to your Nagios server to test SNMP Trap functionality.


SNMP Trap Definition

The following trap definition can be placed in /etc/snmp/snmptt.conf which will allow the test traps sent above to be passed through to Nagios:

EVENT netSnmpExampleHeartbeatRate .1.3.6.1.4.1.8072.2.3.0.1 "netSnmpExampleHeartbeatRate" Normal
FORMAT SNMP netSnmpExampleHeartbeatRate
EXEC /usr/local/bin/snmptraphandling.py "$r" "SNMP Traps" "$s" "$@" "" "netSnmpExampleHeartbeatRate"


The default SNMP Trap configuration is stored in the /etc/snmp/snmptrapd.conf file and contains just two lines:

disableAuthorization yes
traphandle default /usr/sbin/snmptthandler

Read More


Install Docker CE on AlmaLinux 8 - Step by Step Process ?


This article covers step by Step process to install Docker CE on AlmaLinux.

Docker is a tool that is used to run software in a container.

It's a great way for developers and users to worry less about compatibility with an operating system and dependencies because the contained software should run identically on any system.


To Install Docker on AlmaLinux:

1. We can add the Docker repository to our system with the following command.

$ sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

2. Before we begin installing Docker, we need to remove the podman and buildah packages from our system, as they conflict with Docker and will inhibit it from being installed.

$ sudo dnf remove podman buildah

3. Finally, we can install the three Docker packages we'll need by executing the following command.

$ sudo dnf install docker-ce docker-ce-cli containerd.io

4. Once installation is completed, start the Docker service and, optionally, enable it to run whenever the system is rebooted:

$ sudo systemctl start docker.service
$ sudo systemctl enable docker.service

5. You can verify that Docker is installed and gather some information about the current version by entering this command:

$ sudo docker version

Read More


Enable EPEL repository on AlmaLinux 8 - Step by Step Process ?


This article covers how to enable EPEL repository on AlmaLinux 8.

Extra Packages for Enterprise Linux (EPEL) is repository with a high quality set of additional packages for Enterprise Linux operating systems such as Red Hat Enterprise Linux (RHEL), CentOS and Scientific Linux (SL), Oracle Linux (OL), AlmaLinux and any other Linux distribution from the RHEL family.


Run the command below to install EPEL Repository on AlmaLinux OS 8:

# sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

Accept installation using the y key.

Read More


Install WHM Cpanel on AlmaLinux 8 Server - Step by Step Process ?


This article covers the complete steps to install WHM Cpanel on AlmaLinux 8 Server.

To manage Linux servers for hosting purposes most of the services are using WHM's Cpanel.

Although there are many hosting manager software, because of its easy-to-use interface and features, it is one of the best control panels for Web hosting services. 


cPanel, Control Panel, is a control panel developed in 1997 that offers us high-quality web hosting with excellent features that, thanks to WHM (Web Host Manager), can be managed from a graphics console, with everyone doing their job.

Read More


Can't connect to mysql error 111 - Fix this error now ?


This article covers methods to fix mysql error, 'Can't connect to mysql error 111' on Linux machine for our customers.
This can happen when there was a host IP change. 

This issue can prevent connection to the database.
As it turned out if you do come accross this look in /etc/my.cnf, there is a line:

bind-address = ip.add.ress

This may be the old address for the server and this will stop connections, change this to your new address and restart MySQL/MariaDB and you should be good again.

Read More


Shrink VMDK Virtual Disk Size on VMWare ESXi - Do it Now ?


This article covers how to shrink VMDK Virtual Disk Size on VMWare ESXi.
By default, VMware creates "growable" disks that grow larger in size as you add data.

Unfortunately, they don't automatically shrink when you remove data.
You'll need to clean up or compact your disks to actually free up space on your hard drive.

VMware Workstation also allows you to create snapshots, which contain a complete "snapshot" of a virtual machine's state at the point in time you created them.
These can take a lot of space if the virtual machine has changed significantly since then.
You can free up additional space by deleting snapshots you no longer need.

1. To view the snapshots for a virtual machine, select the virtual machine in VMware Workstation and click VM > Snapshot > Snapshot Manager.
2. To delete a snapshot you no longer need, right-click it in the Snapshot Manager window and select "Delete". It will be removed from your computer.
3. You won't be able to restore your virtual machine to that previous point in time after deleting the snapshot, of course.

Before we try to shrink the virtual disk files, we should try to remove any unneeded files from the virtual machine to free space.

For example, on Debian-based VMs, you can run:

$ apt-get clean

To clear out the local repository of retrieved package files.
Next, run the command below to fill the unused space with zeros:

cat /dev/zero > zero.fill;sync;sleep 1;sync;rm -f zero.fill


Free Disk Space In VMware Workstation

In VMware Workstation, first power off the virtual machine you want to compact. You can't complete this process if it's powered on or suspended.
1. Select the virtual machine you want to compact in the main window and click VM > Manage > Clean Up Disks.
2. The tool will analyze the selected virtual machine's disk and show you how much space you can reclaim.
To reclaim the space, click "Clean up now".
If no space can be freed, you'll see a "Cleanup is not necessary" message here instead.

Read More


Unable to connect to VNC Server using your chosen security setting - How to fix it ?


This article covers method to resolve Unable to connect to VNC Server using your chosen security setting.
Basically, the unable to connect error could trigger due to incompatible encryption settings or due to the version of the VNC running in the remote server.

To fix this VNC error, simply apply the following:

1. On the remote computer, change the VNC Server Encryption parameter to something other than AlwaysOff.
2. Change the VNC Viewer Encryption parameter to Server, PreferOn or PreferOff.

Read More


VNC Server is not currently listening for cloud connections - Fix it Now ?


This article covers methods to fix VNC 'Timed out waiting for the response from the host computer' error for our customers.

If you see this message when trying to connect from VNC Viewer, please check the following:
1. Check that the remote computer is connected to the Internet. If it isn't, you won't be able to connect.
2. It may be that the remote computer is asleep. It is advisable to prevent a remote computer sleeping or hibernating while remote access is required:
Windows: In Control Panel > Power Options > Change when the computer sleeps, make sure Put the computer to sleep when plugged in is Never.
Mac: In System Preferences > Energy Saver, make sure Prevent computer from sleeping automatically when the display is off is selected.
3. If you have disabled cloud connections in VNC Server's Options dialog, under the Connections heading. Make sure this is checked.
4. You may have the wrong team selected in VNC Viewer. Please ensure you have selected the correct team for the computer to which you want to connect.
5. If you have purchased a subscription but did not subscribe from within your trial team, you will need to join your computer(s) to the new, paid-for team.

Read More


VNC error 'Timed out waiting for the response from the host computer' - Fix it Now ?


This article covers methods to fix VNC 'Timed out waiting for the response from the host computer' error for our customers.


1. You can try adding a firewall rule:

$ sudo /sbin/iptables -I INPUT 1 -p TCP --dport 5901:5910 -j ACCEPT

2. Or directly modify the file /etc/sysconfig/iptables file and add a line:

-A INPUT -p tcp -m state --state NEW -m tcp --dport 5901:5910 -j ACCEPT

3. Restart the iptables service:

$ service iptables restart

4. If there is no iptables.service file, use yum to install it:

$ yum install iptables-services

5. Then Run the command,

$ sudo /sbin/iptables -I INPUT 1 -p TCP --dport 5901:5910 -j ACCEPT

The firewall does not need to be restarted, nor does it execute flush privileges, and then connect with the VNC client and find that the connection is up.

Read More


NRPE: No Output Returned From Plugin - How to fix this Nagios error ?


This article covers how to resolve Nagios error, NRPE: No Output Returned From Plugin. This error happens as a result of Permissions or Missing plugin.

To fix this Nagios error:

1. The most common solution is to check the permissions on the check_nrpe binary on the Nagios XI server:

ls -la /usr/local/nagios/libexec/check_nrpe

The expected permissions should resemble:

-rwxrwxr-x. 1 nagios nagios  75444 Nov 21 01:38 check_nrpe

2. If not, change ownership to user/group "nagios" and fix up the permissions:

$ chown nagios:nagios /usr/local/nagios/libexec/check_nrpe
$ chmod u+rwx /usr/local/nagios/libexec/check_nrpe
$ chmod u+rx /usr/local/nagios/libexec/check_nrpe

Read More


Setup and Configure tmpmail - Step by Step Process


This article covers method to Setup and Configure tmpmail.

Basically, tmpmail is a handy utility for CLI warriors within the command line. 

By default, email addresses are created at random unless a specific email address follows the --generate flag.

Currently, w3m renders the emails in an HTML format within the terminal. If preferred, a user can use a GUI or text-based browser to view the email by passing the --browser flag followed by the command needed to launch the web browser of your choice.

TEMP-MAIL does not store your IP-address. This means you are reliably protected from all unauthorized actions that may endanger your information and compromise your privacy. All emails and data temporarily stored on our service are permanently deleted after the time expired.


How to install tmpmail ?

1. To install tmpmail, we can use the wget command or curl command to download the script from GitHub. 

Next, open a terminal and then copy or type in the following command:

# wget https://raw.githubusercontent.com/sdushantha/tmpmail/master/tmpmail

2. Now, run the chmod command against the script to modify the permissions, so the file is executable.

[root@host2 ~]# chmod -v +x tmpmail

3. Next, we will move the file to a location somewhere in our $PATH. Use the following command to accomplish this.

# mv tmpmail /bin/
# which tmpmail
/usr/bin/tmpmail


To Generate a New tmpmail Address:

To create a new temporary email address, run the following command.

# tmpmail --generate

Read More


Administration Page Fails To Display in Nagios Log Server


This article covers how to resolve the 'Administration Page Fails To Display' in the Nagios Log Server issue for our customers.


To fix this Nagios error, all you need to do is to:
1. Increase the PHP  memory_limit in php.ini file.
You can execute the following command:

$ find /etc -name php.ini

2. Then make the necessary changes.
3. After which you should restart Apache for the changes to take effect using one of the commands below:

$ systemctl restart apache2.service

4. Once the service has restarted, the Administration page will be accessible.

If the problem persists, please increase the value again.


When using the vi editor in Linux:
1. To make changes press i on the keyboard first to enter insert mode
2. Press Esc to exit insert mode
3. When you have finished, save the changes in vi by typing :wq and press Enter

Read More


Secure osTicket with Lets Encrypt SSL Certificates - Do it Now


This article covers how secure osTicket with Let’s Encrypt SSL Certificates. You can use the Certbot to request for SSL certificates from Let's Encrypt Certificate Authority. The tool is not available by default and will need to be installed manually.


To Install certbot certificate generation tool:

1. Install certbot on Ubuntu /Debian:

# Install certbot on Ubuntu /Debian

$ sudo apt update

# Apache

$ sudo apt-get install python-certbot-apache

# Nginx

$ sudo apt-get install python-certbot-nginx


2. Install certbot on CentOS 8 / CentOS 7:

On a CentOS system run either of the following commands:

# CentOS 8

## For Apache

$ sudo yum -y install python3-certbot-apache

## For Nginx

$ sudo yum -y install python3-certbot-nginx

# CentOS 7

## For Apache

$ sudo yum -y install python2-certbot-apache

## For Nginx

$ sudo yum -y install python2-certbot-nginx

Read More


Virtualization Restrictions in RedHat Linux with KVM


This article covers Virtualization Restrictions in RedHat Linux which are additional support and product restrictions of the virtualization packages.


The following notes apply to all versions of Red Hat Virtualization:

1. Supported limits reflect the current state of system testing by Red Hat and its partners. Systems exceeding these supported limits may be included in the Hardware Catalog after joint testing between Red Hat and its partners. If they exceed the supported limits posted here, entries in the Hardware Catalog are fully supported. In addition to supported limits reflecting hardware capability, there may be additional limits under the Red Hat Enterprise Linux subscription terms. Supported limits are subject to change based on ongoing testing activities.


2. These limits do not apply to Red Hat Enterprise Linux (RHEL) with KVM virtualization, which offers virtualization for low-density environments.


3. Guest operating systems have different minimum memory requirements. Virtual machine memory can be allocated as small as required.

Read More


Remove Nginx on linux in Vesta control panel - Step by Step process to do it


This article covers how to remove Nginx on Linux in the Vesta control panel. 

Vesta control panel (VestaCP) is an open source hosting control panel, which can be used to manage multiple websites, create and manage email accounts, FTP accounts, and MySQL databases, manage DNS records and more.


To uninstall VestaCP on CentOS, follow the steps below:

1. Connect to your server via SSH as root

2. Stop the Vesta service with service vesta stop:

$ service vesta stop 

3. Delete Vesta packages/software repository:

# yum remove vesta*

and

# rm -f /etc/yum.repos.d/vesta.repo

4. You may also want to remove /usr/local/vesta folder:

# rm -rf vesta

5. Now we have to remove the cron jobs for the user admin.

Let's list first the cron jobs:

# crontab -u admin -l
MAILTO=admin@ibmimedia.com
CONTENT_TYPE="text/plain; charset=utf-8"
15 02 * * * sudo /usr/local/vesta/bin/v-update-sys-queue disk
10 00 * * * sudo /usr/local/vesta/bin/v-update-sys-queue traffic
30 03 * * * sudo /usr/local/vesta/bin/v-update-sys-queue webstats
*/5 * * * * sudo /usr/local/vesta/bin/v-update-sys-queue backup
10 05 * * * sudo /usr/local/vesta/bin/v-backup-users
20 00 * * * sudo /usr/local/vesta/bin/v-update-user-stats
*/5 * * * * sudo /usr/local/vesta/bin/v-update-sys-rrd
40 2 * * * sudo /usr/local/vesta/bin/v-update-sys-vesta-all
03 3 * * * sudo /usr/local/vesta/bin/v-update-letsencrypt-ssl

6. Remove the cron jobs via crontab -u admin -e:

# crontab -u admin -e

7. Save and exit:


Read More


Listen on Privileged Ports with Nagios Log Servers - How to set it up


This article covers how to configure Nagios Log Servers to listen on privileged ports. Now Nagios Log Server Administrators who would like configure Nagios Log Server to listen on ports below 1024 which are privileged in Linux. This can be useful if you have legacy devices that can only send on specific ports (e.g. syslog on port 514).

Ports below 1024 are privileged on Linux and only allow the root user to listen on them. 

This can be implemented via two solutions:

1. Run Logstash as root

2. Use setcap


To use Use setcap for Listening On Privileged Ports:

Here, you can use the logstash running as the nagios user but this method may be less secure in some environments as it will allow any Java process to listen on privileged ports.

i. The logstash init configuration file requires three lines to be added to the end of it, open the file with the following command:

On Debian | Ubuntu:

$ vi /etc/default/logstash

or

$ sudo /etc/default/logstash

2. Then, Add the following three lines to the end of the file:

echo $(dirname $(find /usr/lib -name libjli.so)) | awk '{print $1}'> /etc/ld.so.conf.d/java.conf

eval "$(which ldconfig)"

setcap 'cap_net_bind_service=+ep' $(readlink -f $(which java))

3. Save the file and close vi.

4. Restart Logstash Service

The logstash service needs to be restarted for these changes to apply:

$ sudo systemctl restart lagstash.service

Read More


Configure PostgreSQL on Linux in Vesta control panel - How to do it


This article covers how to install and setup PostgreSQL on Vesta Control panel running RHEL, CentOS, Debian, or Ubuntu server. PostgreSQL is an advanced version of SQL which provides support to different functions of SQL like foreign keys, subqueries, triggers, and different user-defined types and functions.


To set up PostgreSQL on a RHEL or CentOS:

1. Install PostgreSQL packages

yum install postgresql postgresql-server postgresql-contrib phpPgAdmin

* If you have remi installed then don't forget to explicitly enable it.

yum install --enablerepo=remi postgresql postgresql-server postgresql-contrib phpPgAdmin


2. Initialize database cluster

service postgresql initdb


3. Download hba configuration

wget http://c.vestacp.com/0.9.8/rhel/pg_hba.conf -O /var/lib/pgsql/data/pg_hba.conf


4.  Start the server

service postgresql start


5. Set oracle user password

su - postgres

psql -c "ALTER USER postgres WITH PASSWORD 'pgp4sw0rd'"

exit


6. Enable pgsql databases support in vesta.

open /usr/local/vesta/conf/vesta.conf and set DB_SYSTEM to 'mysql,pgsql'


7. Register pg instance in control panel

v-add-database-host pgsql localhost postgres pgp4sw0rd


8. Download phpPgAdmin configuration

wget http://c.vestacp.com/0.9.8/rhel/pga.conf -O /etc/phpPgAdmin/config.inc.php

wget http://c.vestacp.com/0.9.8/rhel/httpd-pga.conf -O /etc/httpd/conf.d/phpPgAdmin.conf


9. Restart web server

service httpd restart


To set up PostgreSQL on a Debian or Ubuntu:

1. Install PostgreSQL packages

apt-get install postgresql postgresql-contrib phppgadmin


2. Download hba configuration

wget http://c.vestacp.com/0.9.8/debian/pg_hba.conf -O /etc/postgresql/*/main/pg_hba.conf


3. Restart the server

service postgresql restart


4. Set oracle user password

su - postgres

psql -c "ALTER USER postgres WITH PASSWORD 'pgp4sw0rd'"

exit


5. Enable pgsql databases support in vesta.

open /usr/local/vesta/conf/vesta.conf and set DB_SYSTEM to 'mysql,pgsql'


6. Register pg instance in control panel

v-add-database-host pgsql localhost postgres pgp4sw0rd


7. Download phpPgAdmin configuration

wget http://c.vestacp.com/0.9.8/debian/pga.conf -O /etc/phppgadmin/config.inc.php

wget http://c.vestacp.com/0.9.8/debian/apache2-pga.conf -O /etc/apache2/conf.d/phppgadmin


8. Restart web server

service apache2 restart

Read More


Vital Command Line commands for Linux Admins with examples


This article covers a few Vital Command Line for Linux Admins. The Linux command line is a text interface to your computer. Allows users to execute commands by manually typing at the terminal, or has the ability to automatically execute commands which were programmed in “Shell Scripts”.


Common commands in Linux:

1. su command

The su command exists on most unix-like systems. It lets you run a command as another user, provided you know that user's password. When run with no user specified, su will default to the root account. The command to run must be passed using the -c option.


2. which command

which command in Linux is a command which is used to locate the executable file associated with the given command by searching it in the path environment variable. It has 3 return status as follows: 0 : If all specified commands are found and executable.


3. Who am I command line?

whoami command is used both in Unix Operating System and as well as in Windows Operating System. It is basically the concatenation of the strings “who”,”am”,”i” as whoami. It displays the username of the current user when this command is invoked. It is similar as running the id command with the options -un.


4. What does W command do in Linux?

w is a command-line utility that displays information about currently logged in users and what each user is doing. It also gives information about how long the system has been running, the current time, and the system load average.



Facts about the demand in Linux admins?

1. The job prospects for Linux System Administrator are favorable. 

2. According to the US Bureau of Labor Statistics (BLS), there is expected to be a growth of 6 percent from 2016 to 2026. 

3. Candidates who have a firm hold on cloud computing and other latest technologies have bright chances.

Read More


Configure software RAID on Linux using MDADM - Do it now


This article covers how to Configure software RAID on Linux using MDADM.


To Install a Software Raid Management Tool:

To install mdadm, run the installation command:

1. For CentOS/Red Hat (yum/dnf is used): $ yum install mdadm

2. For Ubuntu/Debian: $ apt-get install mdadm

3. SUSE: $ sudo zypper install mdadm

4. Arch Linux: $ sudo pacman -S mdadm


Terms related to Integrity of a RAID Array:

1. Version – the metadata version

2. Creation Time – the date and time of RAID creation

3. Raid Level – the level of a RAID array

4. Array Size – the size of the RAID disk space

5. Used Dev Size – the space size used by devices

6. Raid Device – the number of disks in the RAID

7. Total Devices – is the number of disks added to the RAID

8. State – is the current state (clean — it is OK)

9. Active Devices – number of active disks in the RAID

10. Working Devises – number of working disks in the RAID

11. Failed Devices – number of failed devices in the RAID

12. Spare Devices – number of spare disks in the RAID

13. Consistency Policy – is the parameter that sets the synchronization type after a failure, rsync is a full synchronization after RAID array recovery (bitmap, journal, ppl modes are available)

14. UUID – raid array identifier


To Recovering from a Disk Failure in RAID, Disk Replacement:

If one of the disks in a RAID failed or damaged, you may replace it with another one. First of all, find out if the disc is damaged and needs to be replaced.

# cat /proc/mdstat


To Add or Remove Disks to Software RAID on Linux:

1. If you need to remove the previously created mdadm RAID device, unmount it:

# umount /backup

2. Then run this command:

# mdadm -S /dev/md0

mdadm: stopped /dev/md0

3. After destroying the RAID array, it won’t detected as a separate disk device:

# mdadm -S /dev/md0

mdadm: error opening /dev/md0: No such file or directory

4. You can scan all connected drives and re-create a previously removed (failed) RAID device according to the metadata on physical drives. Run the following command:

# mdadm --assemble —scan


About Mdmonitor: RAID State Monitoring & Email Notifications:

The mdmonitor daemon can be used to monitor the status of the RAID. 

1. First, you must create the /etc/mdadm.conf file containing the current array configuration:

# mdadm –detail –scan > /etc/mdadm.conf

The mdadm.conf file is not created automatically. You must create and update it manually.

2. Add to the end of /etc/mdadm.conf the administrator email address to which you want to send notifications in case of any RAID problems:

MAILADDR raidadmin@woshub.com

3. Then restart mdmonitor service using systemctl:

# systemctl restart mdmonitor

Then the system will notify you by e-mail if there are any mdadm errors or faulty disks.

Read More


Linux vs Windows file systems - Which do you prefer


This article covers difference between Linux and Windows file system. Basically, both Windows and Linux use file systems to store data in an organized manner. 


Advantages of using Linux:

1. Linux facilitates with powerful support for networking. 

2. The client-server systems can be easily set to a Linux system. 

3. It provides various command-line tools such as ssh, ip, mail, telnet, and more for connectivity with the other systems and servers. 

4. Tasks such as network backup are much faster than others.


Disadvantages of Linux OS:

1. No single way of packaging software.

2. No standard desktop environment.

3. Poor support for games.

4. Desktop software is still rare.


Why Linux is not popular as Windows?

The main reason why Linux is not popular on the desktop is that it doesn't have “the one” OS for the desktop as does Microsoft with its Windows and Apple with its macOS. 

If Linux had only one operating system, then the scenario would be totally different today. Linux kernel has some 27.8 million lines of code.


Linux a good operating system and widely considered one of the most reliable, stable, and secure operating systems too. In fact, many software developers choose Linux as their preferred OS for their projects. 

It is important, however, to point out that the term "Linux" only really applies to the core kernel of the OS.


Most Stable Linux Distros:

1. Debian. Suitable for: Beginners.

2. Fedora. Suitable for: Software Developers, Students.

3. Linux Mint. Suitable for: Professionals, Developers, Students.

4. Manjaro. Suitable for: Beginners.

5. openSUSE. Suitable for: Beginners and advanced users.

6. Tails. Suitable for: Security and privacy.

7. Ubuntu.

8. Zorin OS.


Reasons Why Linux Is Better Than Windows:

1. Total cost of ownership. The most obvious advantage is that Linux is free whereas Windows is not.

2. Beginner friendly and easy to use. Windows OS is one of the simplest desktop OS available today.

3. Reliability. Linux is more reliable when compared to Windows.

4. Hardware.

5. Software.

6. Security.

7. Freedom.

8. Annoying crashes and reboots.


Can Linux and Windows share files?

The easiest and most reliable way to share files between a Linux and Windows computer on the same local area network is to use the Samba file sharing protocol. 

All modern versions of Windows come with Samba installed, and Samba is installed by default on most distributions of Linux.


Can Linux read NTFS drives?

Linux can read NTFS drives using the old NTFS filesystem that comes with the kernel, assuming that the person that compiled the kernel didn't choose to disable it. 

To add write access, it's more reliable to use the FUSE ntfs-3g driver, which is included in most distributions.


For typical everyday Linux use, there's absolutely nothing tricky or technical you need to learn. Running a Linux server, of course, is another matter just as running a Windows server is. 

But for typical use on the desktop, if you've already learned one operating system, Linux should not be difficult.


Is Linux a good career choice?

A Linux Administrator job can definitely be something you can start your career with. 

It is basically the first step to start working in the Linux industry. 

Literally every company nowadays works on Linux. So yes, you are good to go.

Read More


Server Hardening - What it means


This article covers techniques to prevent attacks on the server. Basically, if we manage our servers without proper precautionary actions it is easy to spoil the reputation of the server.

Hardening your server is the process of increasing security on your server through a variety of means to result in a much more secure operating environment. Server hardening is one of the most important tasks to be handled on your servers. 

The default configuration of most operating systems is not designed with security as the primary focus. 

Default server setups focus more on usability, functionality and communication.


Server Hardening Security Measures Includes:

1. Hide login password from cgi scripts.

This setting allows you to hide the REMOTE_PASSWORD variable from scripts that the cpsrvd daemon's CGI handler executes.

2. Referrer safety check.

Only permit cPanel, Webmail and WHM to execute functions when the browser-provided referrer (port and domain or IP address) exactly matches the destination URL.

3. Initial default/catch-all forwarder destination

Select Fail to automatically discard un-routable email that your servers new accounts receive. This will help protect your server from mail attacks.

4. Verify signatures of third-party cPaddons.

Enable this option to verify GPG signatures of all third-party CPaddons.

5. Prevent "nobody" from sending mail.

Enable to block email that the nobody user sent to the remote address. Nobody is the username for Apache.

6. Enable SPF on domains for newly created accounts.

7. Proxy subdomain override.

Disable this option to prevent automatically-generated proxy domains when a user creates a subdomain.

8. Proxy subdomain creation.

Disable this option to prevent the addition of cPanel, Webmail, Web Disk and WHM proxy subdomain DNS entries to new accounts.

9. Cookie IP validation.

Disable this option to allow logins regardless of the user's IP address.

Read More


Troubleshoot server down issues - How to do it


This article covers how to troubleshoot server down issues. Basically, network issues might cause the Datacenter to go down. This can lead us into some unlucky instances. Troubleshooting server down issues is never an easy task. Whether you have a small home network, or a super connection of thousands of computers, there are meticulous steps you need to take to get your server back up running.


Steps to take when troubleshooting server down issues:

1. ANALYZE YOUR NETWORK INFRASTRUCTURE

You will have a better chance at troubleshooting network problems if you first figure out where everything is connected in the infrastructure.

2. STUDY YOUR NETWORK

If you don't have an infrastructure design to go by, you will have to learn your network’s layout when analyzing your connectivity. Several tools can help you to map out the entire network infrastructure. Tools such as IPCONFIG can aid in finding the problem.

3. CONNECTION IS DOWN

From the network troubleshooting application, find out from the OSI model if all the seven layers are working correctly. Usually, if the first layer doesn’t work the whole connection will be down. Check whether the network cable is plugged in.

4. NO IP ADDRESS

Your server could be down just because of unknown IP address settings. Anon IP address such as 0.0.0.0 or an automatic one that starts with 169.254 will typically result in server down problems. You will need to obtain a valid IP address before you can get your server back up. 

5. NO DNS SERVERS

Without DNS servers configured on your network, all communication will only be possible through an IP address. A server down issue, in this case, might be a broken a line between the router and the internet. 

6. NO DEFAULT GATEWAY

Your servers could be down because there is no default gateway IP address. This breaks the communication between the subnet and the local area network. You will still be able to work as usual on your local servers. 

7. MISCONFIGURED IP SUBNET MASK

A misconfigured subnet mask IP can impede server communication. You can manually configure this IP subnet mask or work with the DHCP server to identify the source if there is a misconfiguration.

Read More


SSH Servers Clients and Keys - More about it now


This article covers important information about SSH Servers, Clients and Keys. Use SSH keys for authentication when you are connecting to your server, or even between your servers.

They can greatly simplify and increase the security of your login process. 

When keys are implemented correctly they provide a secure, fast, and easy way of accessing your cloud server.


Turn off password authentication Linux:

With SSH key authentication configured and tested, you can disable password authentication for SSH all together to prevent brute-forcing. When logged in to your cloud server.

1. Open the SSH configuration file with the following command.

$ sudo nano /etc/ssh/sshd_config

2. Set the password authentication to no to disable clear text passwords.

PasswordAuthentication no

3. Check that public key authentication is enabled, just to be safe and not get locked out from your server. If you do find yourself unable to log in with SSH, you can always use the Web terminal control panel.

PubkeyAuthentication yes

Then save and exit the editor.

4. Restart the SSH service to apply the changes by using the command below.

$ sudo systemctl restart sshd

With that done your cloud server is now another step along towards security. 

Malicious attempts to connect to your server will results in authentication rejection, as plain passwords are not allowed, and brute-forcing an RSA key is practically impossible.

Read More


Welcome to Emergency mode in Linux - Fix this boot error now


This article covers how to fix boot error, Welcome to Emergency mode in Linux. This issue happens after an emergency power outage on a server, a system crash, or similar situations.


The Emergency Mode sometime means that your file system may be corrupted.

In such cases, you will be left out with a prompt to go nowhere.

All you have to do is perform a file system check using,

fsck.ext4 /dev/sda3

where sda3 can be your partition and if you are using ext3 file system, change the command as follows:

fsck.ext3 /dev/sda3

About the partition number, Linux shows you the partition before arriving at the prompt.

This should solve the problem.


To fix  Emergency Mode On Ubuntu:

1. use Ubuntu Live USB to boot, and open terminal:

$ sudo fsck.ext4 /dev/sda3

2. Adding sudo because it needs root permission.

(Replace ext4 with ext3 if applicable to you)

3. Cycle through the SDAs by changing the last number in the sda to see which file system has problems.

Ex: sda1, sda2, sda3, sda4, and so on

4. As I encountered, the problem might be with the 'home' directory.

5. Once you run the above command, you'll be prompted to fix the issue right inside the terminal itself.

6. Keep hitting y (for yes) until the end of the fix.

(or you can use -fy for automatically response yes to all.)

7. Navigate to the home folder of your sda using your files explorer.

(This will be mounted from the HDD since you are working with a Live USB)

8. Check inside 'home' if you can see all your files. If yes, then you're ready to reboot to your system (remove the Live USB).

Read More


resolvconf error resolv conf must be a symlink - Fix it Now


This article covers how to fix resolv.conf error which happens when we try to restart the BIND 9 server under Ubuntu Linux.


To fix Resolvconf error "resolvconf: Error: /etc/resolv.conf must be a symlink":

Open a terminal and run the following commands:

$ sudo rm /etc/resolv.conf

$ sudo ln -s ../run/resolvconf/resolv.conf /etc/resolv.conf

$ sudo resolvconf -u


As of Ubuntu 12.04 resolvconf is part of the base system.

You can recreate the needed symlink by running:

$ dpkg-reconfigure resolvconf

or by doing the following in a terminal.

$ sudo ln -nsf ../run/resolvconf/resolv.conf /etc/resolv.conf

Note that as of Ubuntu 12.10 resolvconf no longer aborts if /etc/resolv.conf is not a symlink. It does print a warning message, but this can be silenced by putting the line:

REPORT_ABSENT_SYMLINK=no

in /etc/default/resolvconf.

Read More


ERROR: PleskDBException: Unable to connect to database - Fix it now


This article covers methods to resolve error: pleskdbexception: unable to connect to database which triggers as a result of various reasons that include InnoDB engine corruption, disk space full, data directory not completely restored or recovered, and so on. 

The reason of this error is due to disk full and you need to delete extra file from my linux Server.

fslint is a Linux utility to remove unwanted and problematic cruft in files and file names and thus keeps the computer clean. A large volume of unnecessary and unwanted files are called lint. fslint remove such unwanted lint from files and file names.


To Clear RAM Memory Cache, Buffer and Swap Space on Linux:

1. Clear PageCache only. # sync; echo 1 > /proc/sys/vm/drop_caches.

2. Clear dentries and inodes. # sync; echo 2 > /proc/sys/vm/drop_caches.

3. Clear PageCache, dentries and inodes. # sync; echo 3 > /proc/sys/vm/drop_caches.

4. Sync will flush the file system buffer. Command Separated by “;” run sequentially.


To find largest files including directories in Linux is as follows:

1. Open the terminal application.

2. Login as root user using the sudo -i command.

3. Type du -a /dir/ | sort -n -r | head -n 20.

4. du will estimate file space usage.

5. sort will sort out the output of du command.


To uninstall an RPM package:

1. Execute the following command to discover the name of the installed package: rpm -qa | grep Micro_Focus. This returns PackageName , the RPM name of your Micro Focus product which is used to identify the install package.

2. Execute the following command to uninstall the product: rpm -e [ PackageName ]

Read More


Files and Processes in SELinux on CentOS 7 - More information


This article covers Files and Processes in SELinux. Basically, managing file and process context are at the heart of a successful SELinux implementation.

With SELinux, a process or application will have only the rights it needs to function and NOTHING more. The SELinux policy for the application will determine what types of files it needs access to and what processes it can transition to. 

SELinux policies are written by app developers and shipped with the Linux distribution that supports it. A policy is basically a set of rules that maps processes and users to their rights.


SELinux enforces something we can term as “context inheritance”. What this means is that unless specified by the policy, processes and files are created with the contexts of their parents.

So if we have a process called “proc_a” spawning another process called “proc_b”, the spawned process will run in the same domain as “proc_a” unless specified otherwise by the SELinux policy.


SELinux in Action: Testing a File Context Error

1. First, let's create a directory named www under the root. We will also create a folder called html under www:

mkdir -p /www/html

 

2. If we run the ls -Z command, we will see these directories have been created with the default_t context:

ls -Z /www/

drwxr-xr-x. root root unconfined_u:object_r:default_t:s0 html


3. Next we copy the contents of the /var/www/html directory to /www/html:

cp /var/www/html/index.html /www/html/

 

The copied file will have a context of default_t. That's the context of the parent directory.


We now edit the httpd.conf file to point to this new directory as the web site's root folder. 

i. We will also have to relax the access rights for this directory.

vi /etc/httpd/conf/httpd.conf

ii. First we comment out the existing location for document root and add a new DocumentRoot directive to /www/html:

# DocumentRoot "/var/www/html"

DocumentRoot "/www/html"

iii. We also comment out the access rights section for the existing document root and add a new section:

#<Directory "/var/www">

#    AllowOverride None

    # Allow open access:

#    Require all granted

#</Directory>


<Directory "/www">

    AllowOverride None

    # Allow open access:

    Require all granted

</Directory>


We leave the location of the cgi-bin directory as it is. We are not getting into detailed Apache configuration here; we just want our site to work for SELinux purposes.


iv. Finally, restart the httpd daemon:

service httpd restart

 

Once the server has been restarted, accessing the web page will give us the same “403 Forbidden” error (or default “Testing 123” page) we saw before.

The error is happening because the index.html file's context changed during the copy operation. It needs to be changed back to its original context (httpd_sys_content_t).

Read More


restorecond Will not restore a file with more than one hard link - How to resolve this issue


This article covers Tips to fix 'restorecond: Will not restore a file with more than one hard link' error.

To fix this problem type the following commands:

# rm /etc/sysconfig/networking/profiles/default/resolv.conf

# restorecon /etc/resolv.conf

# ln /etc/resolv.conf /etc/sysconfig/networking/profiles/default/resolv.conf

Read More


dhclient to persistently look for an IP address lease - Configure it Now


This article covers how to use dhclient command. Basically, Linux dhclient command can provide an IP lease until DHCP Server/Router grants one.

With this guide, you can easily configure Linux dhclient command to continuously requests an IP lease until one is granted by DHCP Server / Router.

Read More


Create CentOS Fedora RHEL VM Template on KVM - How to do it


This article covers how to create CentOS/Fedora/RHEL VM Templates on KVM. VM Templates are more useful when deploying high numbers of similar VMs that require consistency across deployments. If something goes wrong in an instance created from the Template, you can clone a fresh VM from the template with minimal effort.


To install KVM in your Linux system:

The KVM service (libvirtd) should be running and enabled to start at boot.

$ sudo systemctl start libvirtd

$ sudo systemctl enable libvirtd

Enable vhost-net kernel module on Ubuntu/Debian.

$ sudo modprobe vhost_net

# echo vhost_net | sudo tee -a /etc/modules


How to Prepare CentOS / Fedora / RHEL VM template ?

1. Update system

After you finish VM installation, login to the instance and update all system packages to the latest versions.

$ sudo yum -y update

2. Install standard basic packages missing:

$ sudo yum install -y epel-release vim bash-completion wget curl telnet net-tools unzip lvm2 

3. Install acpid and cloud-init packages.

$ sudo yum -y install acpid cloud-init cloud-utils-growpart

$ sudo sudo systemctl enable --now acpid

4. Disable the zeroconf route

$ echo "NOZEROCONF=yes" | sudo tee -a /etc/sysconfig/network

5. Configure GRUB_CMDLINE_LINUX – For Openstack usage.

If you plan on exporting template to Openstack Glance image service, edit the /etc/default/grub file and configure the GRUB_CMDLINE_LINUX option. Your line should look like below – remove rhgb quiet and add console=tty0 console=ttyS0,115200n8.

GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=cl/root rd.lvm.lv=cl/swap console=tty0 console=ttyS0,115200n8"

Generate grub configuration.

$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg

6. Install other packages you need on your baseline template.

7. When done, power off the virtual machine.


How to Clean VM template ?

You need virt-sysprep tool for cleaning the instance.

$ sudo virt-sysprep -d centos7

Read More


PHP Handlers for your Server - Which is suitable


This article covers the pros and cons of different PHP Handlers. Basically, selecting the proper PHP handler plays a major role in the server's stability and performance. 

Apache does not natively support PHP scripts without a special module. The module that tells Apache how to handle PHP scripts is referred to as a PHP handler. 

Without a properly configured module, Apache will just send you the PHP file as a download since it doesn't know what else to do.


How does each PHP handler work and what are the pros and cons :

1. DSO/Apache Module

This is also referred to as mod_php. This module allows Apache itself to directly parse and display PHP files. PHP scripts parsed by mod_php run as the same user that Apache itself does (rather than the user account that hosts the PHP files.


Pros

i. One of the fastest handlers available.

ii. Works with mod_ruid2 or mpm_itk modules.


Cons

i. Only works with a single version of PHP on cPanel servers (you'll need to use other handers for other versions of PHP if you offer them).

ii. Scripts run as the Apache user rather than the owner of the domain or subdomain. For example, on a cPanel server, if the script creates a file or directory, that file will be owned by the user "nobody" which can cause problems when the account owner goes to backup or remove them.


2. CGI

Stands for Common Gateway Interface. Using this handler, the system will run PHP scripts as the user that owns the domain or subdomain.


Pros

Scripts run as the domain or subdomain user, not as the Apache user.


Cons

i. One of the slowest handers.

ii. Doesn't work well with PHP opcode caching.

iii. Cannot put PHP configuration changes in an .htaccess file.


3. FCGI/FastCGI

FastCGI is a variation of the CGI protocol that provides a number of benefits over the older CGI handler. Using this module, the system will run PHP scripts as the user that owns the domain or subdomain. There are some differences between mod_fastcgi and mod_fcgid, but none that are relevant to the scope of this article.


Pros

i. Scripts run as the domain or subdomain user, not as the Apache user.

ii. Very fast handler.

iii. Works with PHP opcode caching.


Cons

i. This handler uses more memory than most of the others.

ii. Cannot put PHP configuration changes in an .htaccess file.


4. PHP-FPM

FPM stands for FastCGI Process Manager. It is an improved way of implementing FastCGI processing of PHP.  Using this handler, the system will run PHP scripts as the user that owns the domain or subdomain. Each FPM pool can have independent settings.


Pros

i. Scripts run as the domain or subdomain user, not as the Apache user.

ii. One of the fastest PHP handlers.

iii. Works with PHP opcode caching.

iv. Allows for some additional level of flexibility per pool.


Cons

i. This handler can use more memory than any other handler listed here, but that depends on the number of sites using PHP-FPM and the configuration of the FPM pool.

ii. Can be somewhat more complicated to manage.

iii. Cannot put PHP configuration changes in an .htaccess file and some directives can only be changed on a global level.


5. suPHP

This handler was specifically designed to serve PHP scripts as the owner of the domain or subdomain that is executing the PHP script. On cPanel servers, it is also configured to disallow execution of files with unsafe permissions. cPanel their copy of suPHP with the latest security fixes.


Pros

i. Scripts run as the domain or subdomain user, not as the Apache user.

ii. cPanel configures suPHP so that it blocks accessing or executing any files or directories with permissions higher than 755 for security.


Cons

i. Slowest PHP handler in most cases.

ii. PHP Opcode caching has no performance improvement and only wastes memory.

iii. Cannot put PHP configuration changes in an .htaccess file.


6. LSAPI

This handler implements the LiteSpeed Web Server (LSWS) SAPI. This handler requires CloudLiunx or LSWS for the maximum benefits. Using this handler, the system will run PHP scripts as the user that owns the domain or subdomain.


Pros

i. Designed to perform as well or better than PHP-FPM under certain circumstance.

ii. Less memory use than most other handlers.

iii. Scripts run as the domain or subdomain user, not as the Apache user.

iv. No special configuration required.

v. Can read PHP values out of a .htaccess file.


Cons

i. You don't get full benefits without purchasing a third-party commercial product.

ii. Not compatible with mod_ruid2 or mpm_itk (but it shouldn't need them).

Read More


Show dropped packets per interface on Linux - Methiods to check it


This article covers how to Show dropped packets per interface on Linux. 

There can be various reasons for packet loss. It can be that the network transport is unreliable and packet loss is natural, the network link could be congested, applications cannot handle the offered load.

Sometimes there are too many packets, they are saved to a buffer, but they are saved faster than processed, so eventually the buffer runs out of space, so the kernel drops all further packets until there is some free space in the buffer.


You will learn the different Linux commands to see packet loss on Linux per-interface, including excellent tools such as dropwatch. 

We can also use Linux profiling with performance counters utility called perf.


To display show dropped packets per interface on Linux using the netstat:

The netstat command is mostly obsolete. Replacement for netstat is ss and ip command. 

However, netstat still available on older Linux distros, which are in productions. 

Hence, I will start with netstat but if possible, use the ip/ss tools. 

The command in Linux is:

$ netstat -i

$ netstat --interfaces


To display summary statistics for each protocol, run:

$ netstat -s

$ netstat --statistics


To show dropped packets statistics per network interface on Linux using the ip:

Let us see how to see link device stats using the ip command. 

The syntax is:

$ ip -s link

$ ip -s link show {interface}

$ ip -s link show eth0

Read More


SELinux users on CentOS 7 – Actions and Deciphering error messages


This article covers more information about SELinux users on CentOS 7.


Deciphering SELinux Error Messages

We looked at one SELinux error message. We were then using the grep command to sift through /var/log/messages file. Fortunately SELinux comes with a few tools to make life a bit easier than that. These tools are not installed by default and require installing a few packages, which you should have installed in the first part of this tutorial.

The first command is ausearch. We can make use of this command if the auditd daemon is running. In the following code snippet we are trying to look at all the error messages related to the httpd daemon. Make sure you are in your root account:

ausearch -m avc -c httpd

In our system a number of entries were listed, but we will concentrate on the last one:

----
time->Thu Aug 21 16:42:17 2014
...
type=AVC msg=audit(1408603337.115:914): avc:  denied  { getattr } for  pid=10204 comm="httpd" path="/www/html/index.html" dev="dm-0" ino=8445484 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:default_t:s0 tclass=file

Even experienced system administrators can get confused by messages like this unless they know what they are looking for. To understand it, let’s take apart each of the fields:

type=AVC and avc: AVC stands for Access Vector Cache. SELinux caches access control decisions for resource and processes. This cache is known as the Access Vector Cache (AVC). That's why SELinux access denial messages are also known as “AVC denials”. These two fields of information are saying the entry is coming from an AVC log and it’s an AVC event.


denied { getattr }: The permission that was attempted and the result it got. In this case the get attribute operation was denied.

pid=10204. This is the process id of the process that attempted the access.

comm: The process id by itself doesn’t mean much. The comm attribute shows the process command. In this case it’s httpd. Immediately we know the error is coming from the web server.

path: The location of the resource that was accessed. In this case it’s a file under /www/html/index.html.

dev and ino: The device where the target resource resides and its inode address.

scontext: The security context of the process. We can see the source is running under the httpd_t domain.

tcontext: The security context of the target resource. In this case the file type is default_t.

tclass: The class of the target resource. In this case it’s a file.

Read More


Force DHCP Client to Renew IP Address - Perform it now


This article covers how to force DHCP client to renew IP address. You need to use Dynamic Host Configuration Protocol Client i.e., dhclient command. 

The client normally doesn't release the current lease as it is not required by the DHCP protocol. Some cable ISPs require their clients to notify the server if they wish to release an assigned IP address. 

The dhclient command, provides a means for configuring one or more network interfaces using the Dynamic Host Configuration Protocol, BOOTP protocol, or if these protocols fail, by statically assigning an address.


Linux renew ip command using dhcp:

The -r flag explicitly releases the current lease, and once the lease has been released, the client exits. 

For example, open terminal application and type the command:

$ sudo dhclient -r

Now obtain fresh IP address using DHCP on Linux:

$ sudo dhclient


To start DHCP client in Linux:

1. To start the DHCP service, type the following command: # /etc/init.d/dhcp start.

2. To stop the DHCP service, type the following command: # /etc/init.d/dhcp stop. 

The DHCP daemon stops until it is manually started again, or the system reboots.


How can I renew or release an IP in Linux for eth0?

To renew or release an IP address for the eth0 interface, enter:

$ sudo dhclient -r eth0

$ sudo dhclient eth0

In this example, I am renewing an IP address for my wireless interface:

sudo dhclient -v -r eth0

sudo dhclient -v eth0


Command to release/renew a DHCP IP address in Linux:

1. ip a - Get ip address and interface information on Linux

2. ip a s eth0 - Find the current ip address for the eth0 interface in Linux

3. dhclient -v -r eth0 - Force Linux to renew IP address using a DHCP for eth0 interface

4. systemctl restart network.service - Restart networking service and obtain a new IP address via DHCP on Ubuntu/Debian Linux

5. systemctl restart networking.service - Restart networking service and obtain a new IP address via DHCP on a CentOS/RHEL/Fedora Linux

6. nmcli con - Use NetworkManager to obtain info about Linux IP address and interfaces

7. nmcli con down id 'enp6s0' - Take down Linux interface enp6s0 and release IP address in Linux

8. nmcli con up id 'enp6s0' - Obtian a new IP address for Linux interface enp6s0 and release IP address using DHCP

Read More


Log Suspicious Martian Packets Un-routable Source Addresses in Linux


This article covers how to block and log suspicious martian packets on Linux servers.


Log Suspicious Martian Packets in Linux:

On the public Internet, such a packet's (Martian) source address is either spoofed, and it cannot originate as claimed, or the packet cannot be delivered. 

Both IPv4 and IPv6, martian packets have a source or destination addresses within special-use ranges as per RFC 6890.


Benefits of logging of martians packets:

As I said earlier a martian packet is a packet with a source address that cannot be routed over the public Internet. 

Such a packet is waste of resources on your server. 

Often martian and unroutable packet used for a dangerous purpose or DoS/DDOS your server. 

So you must drop bad martian packet earlier and log into your server for further inspection.


To log Martian packets on Linux?

You need to use sysctl command command to view or set Linux kernel variables that can logs packets with un-routable source addresses to the kernel log file such as /var/log/messages.


To log suspicious martian packets on Linux:

You need to set the following variables to 1 in /etc/sysctl.conf file:

net.ipv4.conf.all.log_martians

net.ipv4.conf.default.log_martians


Edit file /etc/sysctl.conf, enter:

# vi /etc/sysctl.conf

Append/edit as follows:

net.ipv4.conf.all.log_martians=1 

net.ipv4.conf.default.log_martians=1


Save and close the file.

To load changes, type:

# sysctl -p

Read More


PXE Boot or DHCP Failure on Guest - Fix it now


This article covers how to fix PXE Boot (or DHCP) Failure on Guest.

Nature of this error:

A guest virtual machine starts successfully, but is then either unable to acquire an IP address from DHCP or boot using the PXE protocol, or both. There are two common causes of this error: having a long forward delay time set for the bridge, and when the iptables package and kernel do not support checksum mangling rules.


Cause of PXE BOOT (OR DHCP) ON GUEST FAILED:

Long forward delay time on bridge.

This is the most common cause of this error. If the guest network interface is connecting to a bridge device that has STP (Spanning Tree Protocol) enabled, as well as a long forward delay set, the bridge will not forward network packets from the guest virtual machine onto the bridge until at least that number of forward delay seconds have elapsed since the guest connected to the bridge. This delay allows the bridge time to watch traffic from the interface and determine the MAC addresses behind it, and prevent forwarding loops in the network topology. If the forward delay is longer than the timeout of the guest's PXE or DHCP client, then the client's operation will fail, and the guest will either fail to boot (in the case of PXE) or fail to acquire an IP address (in the case of DHCP).


Fix to PXE BOOT (OR DHCP) ON GUEST FAILED:

If this is the case, change the forward delay on the bridge to 0, or disable STP on the bridge.

This solution applies only if the bridge is not used to connect multiple networks, but just to connect multiple endpoints to a single network (the most common use case for bridges used by libvirt).


If the guest has interfaces connecting to a libvirt-managed virtual network, edit the definition for the network, and restart it. 

For example, edit the default network with the following command:

# virsh net-edit default

Add the following attributes to the <bridge> element:

<name_of_bridge='virbr0' delay='0' stp='on'/>

XML


If this problem is still not resolved, the issue may be due to a conflict between firewalld and the default libvirt network.

To fix this, stop firewalld with the service firewalld stop command, then restart libvirt with the service libvirtd restart command.

Read More


Virtuozzo VS Hyper-V - Which is better


This article covers some comparison between Virtuozzo VS Hyper-V. 

Hyper-V and Virtuozzo are both popular VPS platforms used by a large number of web hosting providers for the provisioning of Windows VPS hosting services, with Virtuozzo being favoured for Windows Server 2003 VPS hosting and Hyper-V being the most reliable solution for Windows Server 2008 VPS hosting services.


Advantages of using Virtuozzo over Hyper-V include:

1. Direct Linux support – Virtuozzo can be installed on their Windows or Linux VPS hosting nodes, and although Hyper-V can be used for the hosting of virtual machines running Linux it is only available for use on Windows Server 2008.

2. Web based control panel (Parallels Power Panel) – the Parallels Power Panel will allow users to manage their Linux or Windows VPS hosting server from a web based interface meaning that if they aren't in a situation where they can access their VPS server via Remote Desktop then they can use the Power Panel to restart their VPS server if necessary or to kill any services or processes which may be overloading their VPS server’s resources.

3. Separate application – the fact that Virtuozzo is a separate application which can be installed on top of the operating system can have its advantages in some cases, for example if a web hosting providers wishes to discontinue using a server for VPS server hosting then all they have to do is uninstall the application from their server, although in most cases it is advised to do an OS reload anyway to ensure that you have a blank canvas to start with.


Advantages of using Hyper-V over Virtuozzo:

1. Cost – with Virtuozzo VPS hosting web hosting providers have to pay for the cost of the Virtuozzo application and the cost of the operating system license, but because Hyper-V is part of the Windows Server 2008 operating system they will only need to pay for the operating system license – this can help to reduce the costs of Hyper-V VPS hosting services and as the cost of the operating system falls, prices will fall further and will eventually meet Virtuozzo Windows Server 2003 hosting services when it comes to price which will mean that people will gradually move over to using Windows Server 2008 VPS hosting.

2. Reliability – as Hyper-V is part of the Window Server 2008 operating system, web hosting providers are able to guarantee reliable Windows Server 2008 VPS server hosting services.

3. Native support for Windows Server 2008 – although Virtuozzo may have support for Windows Server 2008, it hasn’t been able to offer the most reliable of Windows Server 2008 VPS hosting services.

Read More


Add Remote Linux Host to Cacti for Monitoring - Do it now


This article covers how to add a #Linux host to #Cacti.

Basically, Cacti is a network #monitoring device that creates personalized graphs of server efficiency.

SNMP, short for Simple Network Management Protocol is a protocol used for gathering information about devices in a network. Using SNMP, you can poll metrics such as CPU utilization, memory usage, disk utilization, network bandwidth, and so on. 


To install snmp agent on Ubuntu, run the command:

$ sudo apt install snmp snmpd -y


To install #snmp agent On CentOS 8, run the command:

$ sudo dnf install net-snmp net-snmp-utils -y


SNMP starts automatically upon installation.

To confirm this, confirm the status by running:

$ sudo systemctl status snmpd

If the service is not running yet, start and enable it on boot as shown:

$ sudo systemctl start snmpd


To Add Remote Linux Host to Cacti for Monitoring:

1. Install SNMP service on Linux hosts. SNMP, short for Simple Network Management Protocol is a protocol used for gathering information about devices in a network.

2. Configuring SNMP service.

3. Configure the firewall rules for snmp.

4. Adding remote Linux host to Cacti.


To Install and Configure Cacti:

1. Cacti require few more dependencies, run the following command to install them:

yum -y install net-snmp rrdtool net-snmp-utils

2. As we have all the dependencies ready, we can now download the install package from Cacti website.

cd /var/www/html

wget http://www.cacti.net/downloads/cacti-1.1.10.tar.gz

3. You can always find the link to the latest version of the application on Cacti download page. Extract the archive using the following command.

tar xzvf cacti*.tar.gz

4. Rename your Cacti folder using:

mv cacti-1*/ cacti/

5. Now import the Cacti database by running the following command.

cd /var/www/html/cacti

mysql cacti_data < cacti.sql -u root -p

6. The above command will import the cacti.sql database into cacti_data using the user root. 

It will also ask you the password of root user before importing the database.

7. Now edit Cacti configuration by running the following command.

nano /var/www/html/cacti/include/config.php

8. Now find the following lines and edit them according to your MySQL database credentials.

/* make sure these values reflect your actual database/host/user/password */

$database_type     = 'mysql';

$database_default  = 'cacti_data';

$database_hostname = 'localhost';

$database_username = 'cacti_user';

$database_password = 'StrongPassword';

$database_port     = '3306';

$database_ssl      = false;

Read More


SELinux on CentOS 7 - Set it up now


This article covers how to set up SELinux on #CentOS 7. #SELinux is a security mechanism built into the Linux kernel. Linux distributions such as CentOS, RHEL, and Fedora are equipped with SELinux by default.

SELinux improves server security by restricting and defining how a server processes requests and users interact with sockets, network ports, and essential directories.


To check SELinux mode:

The easiest way on how to check SELinux ( Security Enhanced Linux ) operation mode is to use getenforce command. 

This command without any options or arguments will simply print a current status SELinux operational mode. 

Furthermore, the current status of SELinux operational mode can be set permanently or temporarily.


To check whether SELinux is enabled or not:

1. Use the getenforce command. [vagrant@vagrantdev ~]$ getenforce Permissive.

2. Use the sestatus command.

3. Use the SELinux Configuration File i.e. cat /etc/selinux/config to view the status.


To configure SELinux to enforcing mode:

1. Open the /etc/selinux/config file in a text editor of your choice, for example: # vi /etc/selinux/config.

2. Configure the SELINUX=enforcing option: # This file controls the state of SELinux on the system.

3. Save the change, and restart the system: # reboot.


To enable SELinux without rebooting:

1. Changing the SELinux mode at run time. If SELinux is disabled it cannot be enabled without rebooting.

2. To detemine the current Mode of SELinux.

3. Changing the SELinux mode Permanently. In the /boot/grub/grub.conf file add a line: selinux=0.

4. Or in /etc/sysconfig/selinux change.


To permanently change mode to permissive:

1. Edit the /etc/selinux/config file as follows: # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced.

2. Restart the system: $ reboot.

Read More


Date Time in Laravel and PHP with Carbon


This article covers how to manage date/time easily in Laravel and PHP with Carbon. Basically, Carbon is a package that helps us to deal with date/time in Laravel and PHP in a much easier and systematic manner.

Working with date and time in PHP is not the easiest or most clear of tasks. We have to deal with strtotime, formatting issues, lots of calculations, and more.


Carbon provides some nice functionality to deal with dates in PHP such as:

1. Dealing with timezones

2. Getting current time easily

3. Converting a datetime into something readable

4. Parse an English phrase into datetime (first day of January 2016)

5. Add and Subtract dates (+ 2 weeks, -6 months)

6. Semantic way of dealing with dates


Carbon is already included in Laravel so there's no need to go and add it with Composer.

Whenever we need to use Carbon, we can import it like so:

<?php

use Carbon\Carbon;

After importing you can do a lot with this great package.

Read More


Adding users to the local admin group in PowerShell


This article covers how to add users to local admin group either via Group Policy Objective or directly via command line. 


To add a user to the local group in PowerShell:

You can add AD groups or users to the local admin group using the below Powershell command.

Add-LocalGroupMember -Group "Administrators" -Member "domain\user or group," "additional users or groups."


To add a user to the local admin group:

1. Right-click the newly created Group, select Properties, navigate to the Members tab, click Add… and enter designated users to the group, e.g. domain\administrator, domain\domain admins, domain\syskitmonitorservice. 

2. Add other users that also need administrative privileges, if necessary. 

3. Click OK to proceed.


To get local admin group members in PowerShell:

To get the local Administrators group members using PowerShell, you need to use the GetLocalGroupMember command. 

This command is available in PowerShell version 5.1 onwards and the module for it is Microsoft. PowerShell. LocalAccounts.


To Create a User Account in Windows 10 with PowerShell:

1. Open PowerShell as Administrator.

2. To create a new user account without a password, type New-LocalUser -Name "user_name" -Description "Description of your new account." -NoPassword .

3. To create a user account that has a password, firstly execute the following line: $Password = Read-Host -AsSecureString .

Read More


tar dev st0 cannot write invalid argument - How to resolve this error


This article covers resolve errors relating to Linux commands. You need to specify the block factor size. If you try to write a large file on tape this error may occur.

The data in an archive is grouped into blocks, which are 512 bytes. Blocks are read and written in whole number multiples called records. The number of blocks in a record (i.e., the size of a record in units of 512 bytes) is called the blocking factor.

Archives with blocking factors larger than 20 cannot be read by very old versions of tar, or by some newer versions of tar running on old machines with small address spaces. 

With GNU tar, the blocking factor of an archive is limited only by the maximum record size of the device containing the archive, or by the amount of available virtual memory.


How to fix tar /dev/st0 cannot write invalid argument error?

Set blocking factor to 256 to avoid this error with the -b option. 

For example, use the following command to backup the /webroot directory and its content to /dev/st0 with 256 blocking factor:

# tar cvf -b 256 /dev/st0 /webroot

Read More


FreeBSD Apache Jail Connection refused connect to listener failed


This article covers how to fix 'FreeBSD Apache Jail: Connection refused' issue for our customers. 

While running Apache 2 server under FreeBSD jail, you may see a warning error messages in /var/log/httpd-error.log as follows:

[warn] (61)Connection refused: connect to listener on 0.0.0.0:80


To resolve this FreeBSD Apache Jail error:

1. You need to always set your actual, real IP. Open httpd.conf

# vi /usr/local/etc/apache22/httpd.conf

2. Find out Listen directive:

#Listen 12.34.56.78:80

Listen directive allows you to bind Apache to specific IP addresses and/or ports, instead of the default. 

Change this to Listen on specific IP addresses as shown below to prevent Apache from glomming onto all bound IP addresses i.e. 0.0.0.0 which is not available in jail

3. Save and close the file. Restart apache:

# /usr/local/etc/rc.d/apache22 restart

Read More


How to set up phpBB Forum on a website through cPanel


This article covers phpBB which is a completely free open-source Forum Software. It has lots of features while maintaining efficiency and ease of use. 

#phpBB, which is an abbreviation for PHP Bulletin Board, is one of the best free and open-source forum scripts for creating a forum. 


There are two ways to install phpBB on a website:

1. You can #install phpBB manually

2. Install phpBB via #cPanel Softaculous Apps Installer


To create a forum in phpBB:

1. Click Forums.

2. Enter the name of the new forum here.

3. Click Create new forum.

4. Enter a description for the new forum here.

5. Click Submit. 

That's it! The forum has been successfully created.


To Create a phpBB Forum:

1. Download and Install phpBB. The first thing you'll need to do is download the phpBB software.

2. Register Your phpBB Forum Administrator Account.

3. Set Up Your phpBB Forum.

4. Start Creating Content.


phpBB’s best features that you can use to help launch your first online forum:

1. Responsive design — supports the latest version of HTML5 and CSS3, thus providing you with a responsive and cross-browser compatible design.

2. Search engine crawler handling — comes with configurations and access control for over 100 crawlers for board optimization.

3. Unread message tracking — notifies users whether or not they have seen new published posts and topics.

4. Private message system — allows users to send direct messages to each other via the forum.

5. COPPA registration — prevents underage users from registering to the forum.

6. OAuth login — allows users to register using Google, Bit.ly, or Facebook accounts.

7. Data management — supports various popular database management tools like MySQL, Oracle Database, and SQLite.


Reasons why you should consider creating an online forum:

1. Encourage discussion and feedback — users can use the available space to exchange ideas and give you insights into the quality of your content for further improvement.

2. Support audience research — lets you observe visitor preferences and browsing habits in a closed environment.

3. Build a community — having great communication and sharing similar interests with other people will give your users a sense of belonging to a community.

Read More


Methods to reduce server load


This article covers tips to reduce server load. The load speed of websites mainly depends on the constant load that the server is maintained. 

Load expresses how many processes are waiting in the queue to access the computer processor. This is calculated for a certain period of time, and the smaller the number the better. 


Tips To optimize and speed up your server:

1. Enable caching.

2. Setup a fast reverse proxy.

3. Choose the right application server.

4. Fine tune your web server.

5. Turn on HTTP/2.

6. Defragment your database tables & optimize server settings.

7. Fix your DNS query speed.

8. Trim down your site's critical rendering path.


Why is your Website server slow?

The cause of slow servers usually lays with the web host. 

You could be having a slow site because you are hosted on a free web hosting. 

You are on a low quality hosting service with poor support. 

Or your site needs a higher spec hosting account with more resources eg a VPS.

A large volume of unoptimized images is usually the most common reason behind website slowness. 

High-resolution images can consume lots of bandwidth while loading. 

Uploading larger sized images and then scaling them down can unnecessarily increase the size of your web page – causing your website to load slowly.

Read More


Ignore permission denied message from find command in Linux


This article covers how to resolve the error 'ignore permission denied message from find' which occurs while running a 'find' command in Linux.
The find command is used to locate files on a Linux or Unix like operating system.
The find command will search directory to match the supplied search criteria.
You can search for files by type, name, owner, group, date, permissions and more. By default the find will search all subdirectories for you.

Linux divides the file permissions into read, write and execute denoted by r,w, and x.
The permissions on a file can be changed by 'chmod' command which can be further divided into Absolute and Symbolic mode.
The 'chown' command can change the ownership of a file/directory.

If you prefer using the command line, you can easily find a file's permission settings with the ls command, used to list information about files/directories.
You can also add the –l option to the command to see the information in the long list format.

To change directory permissions in Linux, use the following:
1. chmod +rwx filename to add permissions.
2. chmod -rwx directoryname to remove permissions.
3. chmod +x filename to allow executable permissions.
4. chmod -wx filename to take out write and executable permissions.

Read More


dbus launch terminated abnormally


This article covers tips to resolve this #dbus #error message, dbus-launch terminated abnormally. You need to install D-Bus. It is nothing but a message bus system, a simple way for applications to talk to one another.
In addition to interprocess communication, D-Bus helps coordinate process lifecycle; it makes it simple and reliable to code a "single instance" application or daemon, and to launch applications and daemons on demand when their services are needed.
The dbus-launch command is used to start a session bus instance of dbus-daemon from a shell script.
It would normally be called from a user's login scripts.
With no arguments, dbus-launch will launch a session bus instance and print the address and PID of that instance to standard output.

To fix /bin/dbus-launch terminated abnormally without any error message on a CentOS/RHEL:
Type the following yum command to install D-Bus and Fonts:
$ sudo yum install dbus-x11

To install Fonts, type:
$ sudo yum groupinstall 'Fonts'

Now, you can run and tunnel X over ssh:
$ ssh -X user@server1.ibmimedia.com
$ xeyes
$ firefox

Read More


Ubuntu error Some index files failed to download


This article covers methods to fix #Ubuntu #error "Some index files failed to download". You can resolve this error by copying the contents of the sources list file from another functional Ubuntu system and paste them into your system's sources list file.

To install community-supported #software packages, proprietary packages, and packages not available under a completely free license, you might consider enabling the following repositories:
1. Universe – Community-maintained free and open-source software.
2. Restricted – Proprietary drivers for devices.
3. Multiverse – Software restricted by copyright or legal issues.

To enable these #repositories, invoke the commands below:
$ sudo add-apt-repository restricted
$ sudo add-apt-repository multiverse
$ sudo add-apt-repository universe

Then update your package lists:
$ sudo apt update

Read More


DirectAdmin error is not a valid username


This article covers tips to resolve DirectAdmin error: is not a valid username which happens if the username length of the account is larger than the value set in the DirectAdmin configuration file.
To fix DirectAdmin Admin Backup/Transfer restore error with no details,  try to restore to a number than 10 characters.
You have to edit directadmin configuration and set this variable.
[root@mx ~]# vi /usr/local/directadmin/conf/directadmin.conf
then edit max_username_length to larger value. I my example 20.
max_username_length=20

Read More


Scanners For Security Linux Servers


This article covers a few good scanners for securing #Linux Servers.
ClamAV ranked 13 out of 16 for Linux malware and viruses beating McAfee, Comodo and F-prot.
To run a ClamAV scan in Linux, you can open a terminal and insert “sudo apt-get install clamav” and press enter.
You may also build ClamAV from sources to benefit from better scanning performance.
To update the signatures, you type “sudo freshclam” on a terminal session and press enter.
Now we are ready to scan our system.
clamscan is a #command line tool which uses libclamav to scan files and/or directories for viruses. Unlike clamdscan , clamscan does not require a running clamd instance to function. Instead, clamscan will create a new engine and load in the virus database each time it is run.
Clam AntiVirus (#ClamAV) is one such open-source antivirus software that helps to detect many types of malicious software including viruses.

Rootkits are a type of malware that are designed so that they can remain hidden on your computer. But while you might not notice them, they are active. Rootkits give cybercriminals the ability to remotely control your computer.

Read More


Malicious TMP files and processes


This article covers method to resolve malicious tmp processes. Most malware installers delete itself and these TMP files after successful installation.
The use of TMP files for atomicity is an advantage attackers currently enjoy.
They could have done this operation in any folder of the system, but they choose to use the standard Windows Temp folder.
The first thing a malware installer (first stage of infection) does when executed on a target system - be it a dropper or downloader - is to install a copy of the malware and its components into their corresponding location in the system.

Read More


Docker error while loading shared libraries


This article covers how to fix docker #error while loading shared libraries which happens in the process of building a docker image.
The docker run command creates a container from a given image and starts the container using a given command. It is one of the first commands you should become familiar with when starting to work with #Docker.
Docker containers make it easy to put new versions of software, with new business features, into production quickly—and to quickly roll back to a previous version if you need to.
They also make it easier to implement strategies like blue/green deployments.

To stop all running containers:
1. kill all running #containers with docker kill $(docker ps -q)
2. delete all stopped containers with docker rm $(docker ps -a -q)
3. delete all images with docker rmi $(docker images -q)
4. update and stop a container that is in a crash-loop with docker update --restart=no && docker stop.

Read More


Install vnStat in Linux to monitor network traffic


This article covers how to install and configure vnStat in Linux. Also, you will see how to resolve some common errors relating to it.
#vnStat (view network statistics) is a network utility for the #Linux operating system.
It uses a command line interface. vnStat command is a console-based network #traffic #monitor.
It keeps a log of hourly, daily and monthly network traffic for the selected interface(s) but is not a packet sniffer.

Features of vnStat:
1. quick and simple to install and get running
2. gathered statistics persists through system reboots
3. can monitor multiple interfaces at the same time
4. data retention duration is fully user configurable on the fly
5. months can be configured to follow billing period
6. light, minimal resource usage
7. same low cpu usage regardless of traffic
8. can be used without root permissions
9. online color configuration editor

Read More


Hardening an Ubuntu Server


This article covers the the importance of passwords, user roles, console security, and #firewalls all of which are imperative to protecting Linux servers.
Hardening an #Ubuntu server is a critical step in any server setup procedure.
Any time that a new server is being brought up to host services, whether production, development, internal or external, the server's operating system must be made as secure as possible.


To make your Ubuntu #Linux server secure:
1. Secure Server Connectivity
2. Establish and Use a Secure Connection.
3. Use SSH Keys Authentication.
4. Secure File Transfer Protocol.
5. Secure Sockets Layer Certificates.
6. Use Private Networks and VPNs.
7. Monitor Login Attempts.
8. Manage Users.
9. Establish Password Requirements.

Read More


Install Linux Software Via Command line


This article will guide you on methods to install #Linux #Software via command line. #Debian, Ubuntu, Mint, and other Debian-based distributions all use . deb files and the dpkg package management system. There are two ways to install apps via this system. You can use the apt application to install from a repository, or you can use the dpkg app to install apps from .


To compile a program from a source in Linux:

i. Open a console.

ii. Use the #command cd to navigate to the correct folder. If there is a README file with installation instructions, use that instead.

iii. Extract the files with one of the commands.

iv. ./configure.

v. make.

vi. sudo make install (or with checkinstall ).


To Check os version in Linux:

1. Open the #terminal application (bash shell)

2. For remote server login using the ssh: ssh user@server-name.

3. Type any one of the following command to find os name and version in Linux: cat /etc/os-release. lsb_release -a. hostnamectl.

4. Type the following command to find Linux kernel version: uname -r.

Read More


SSH Connection Refused


This article will guide you on how to resolve SSH connection error occur.

Sometimes while connecting to SSH servers, users often encounter "Connection refused" error by port 22. It happens because of several reasons like SSH service is not running, the port is blocked by the firewall, or the server is using a different port. 

It can also occur because of the IP conflict issue.

To SSH on Ubuntu, Open your terminal either by using the Ctrl+Alt+T keyboard shortcut or by clicking on the terminal icon and install the openssh-server package by typing: sudo apt update sudo apt install openssh-server. Once the installation is completed, the SSH service will start automatically.

To resolve ssh connection refused:

1. Install an SSH tool such as OpenSSH on the server you want to connect to using the sudo apt install openssh-server command. 

2. If your firewall is blocking your SSH connection. Disable the firewall rules blocking your SSH connection by changing the destination port's settings to ACCEPT.

Read More


LXC container vs VM


This article will deal with the differences between LXC container and VM as well as which to choose. VMs are the best choice if you need to host multiple applications in the same environment for multiple purposes. LXC containers are preferred in cases where you have a single-purpose application environment. 

KVM is hardware-level virtualization with its own kernel instance. 

This allows the user to boot their own operating system of choice with no underlying or base OS. 

And since each server is its own instance, they can be migrated without having to reboot.

Advantages to LXC:

1. It is easier to maintain and has very little overhead on deployment compared to a virtual machine. This allows for a much more lightweight cloud environment with LXC.

2. Containers also have a faster startup and stop speed, making them much more efficient overall.

3. Multiple containers can be deployed on the host system, where VMs are heavier on resources.

Read More


FFmpeg on CentOS


This article will guide you on how to install FFMPEG on #CentOS and fix its related #errors. FFmpeg is a powerful tool that can do almost anything with #multimedia files.

FFmpeg is a standard package on many #linux systems. 

You can check if it is installed with a #command like dpkg -s ffmpeg . 

If it is not installed, you should be able to install with your system's package manager. i.e. sudo apt-get install ffmpeg or search 'ffmpeg' in the Software Center on Ubuntu.

To run #FFmpeg in #Linux:

1. Start by updating the packages list: sudo apt update.

2. Next, install FFmpeg by typing the following command: sudo apt install ffmpeg.

3. To validate that the package is installed properly use the ffmpeg -version command which prints the FFmpeg version: ffmpeg -version. 

Read More


Enable FirewallD logging for denied packets on Linux


This article will guide you on how to enable #FirewallD logging for denied packets on #Linux. It is an important task to keep an eye on the rejected and dropped packets using FirewallD for #Linux system administrators. 

To enable logging option you need to use #LOG iptables/kernel module. It turn on kernel logging of matching packets. When this option is set for a rule, the Linux kernel will print some information on all matching packets (like most IP header fields) via the kernel log.

To log a dropped packet in iptables:

1. iptables -N LOGGING: Create a new chain called LOGGING.

2. iptables -A INPUT -j LOGGING: All the remaining incoming packets will jump to the LOGGING chain.

3. line#3: Log the incoming packets to syslog (/var/log/messages).

To  restart iptables:

i. To start firewall from a shell enter: # chkconfig iptables on. # service iptables start.

ii. To stop firewall, enter: # service iptables stop.

iii. To restart #firewall, enter: # service iptables restart.

Read More


Install SQL Server 2019 on Linux


This article will guide you the process to install #MSSQL Server 2019 on #CentOS 7 and Ubuntu 16.04.

SQL Server 2019 #Developer is a full-featured free edition, licensed for use as a development and test database in a non-production environment.

SQL Server 2019 allows us to integrate data from structured and unstructured data sources. 

We can now process diverse big data and relational data sources using Transact-SQL from SQL Server using PolyBase. 

We can see below PolyBase support external databases.

SQL Server Express can be used in production (beware of the limitations, like the 10GB cap), but according to this link Express is available for Linux. SQL Server Express is available to use in Production.

Starting with SQL Server 2017, SQL Server runs on Linux. It's the same SQL Server database engine, with many similar features and services regardless of your operating system. It's the same SQL Server database engine, with many similar features and services regardless of your operating system.

To run a SQL script in #Linux terminal:

1. Open Terminal and type mysql -u to Open the MySQL command line.

2. Type the path of your #mysql bin directory and press Enter.

3. Paste your #SQL file inside the bin folder of mysql server.

4. Create a #database in MySQL.

5. Use that particular database where you want to import the SQL file.

Read More


Install WireShark CentOS


This article will guide you on how to install WireShark on #CentOS. WireShark is one of the leading #network analyzing tools. It helps in troubleshooting the traffic problems of a server and malicious activity. 

Wireshark is an open-source, free network packet analyzer, used to capture and analyze network traffic in real-time.

Basically, with Wireshark you can capture and view data traveling through your network.

You can install WireShark with yum install wireshark-gnome . 

After you install it, the Wireshark application will be at /usr/sbin/wireshark .

To install #wireshark on RHEL 8 / CentOS 8 Linux step by step instructions:

1. Install package called Whireshark using the dnf command. For a GUI Wireshark application execute: # dnf install wireshark To install Wireshark command line tool only execute: # dnf install wireshark-cli.

2. Launch Wireshark.

To install Wireshark from #terminal:

Open terminal and type the #commands:

i. sudo apt-get install wireshark.

ii. sudo dpkg-reconfigure wireshark-common.

iii. sudo adduser $USER wireshark.

iv. wireshark.

Read More


Install Minecraft Server on Ubuntu 20.04


This article will guide you on how to install a Minecraft server on #Ubuntu 20.04 and set up a daily backup. You can now launch the Minecraft client, connect to the server and start Minecraft adventure. 

Setting up a #Minecraft server on #Linux (Ubuntu 12.04) is a fairly easy task on the command line.

Of the previously given ports, the only one I want you to memorize is 25565, because that is Minecraft's default port number. What we want to do is forward inbound traffic on port 25565 to our Minecraft server that's located on the private internal network.

Process of Setting up Minecraft Server on Ubuntu:

1. Create New Minecraft User. Add the new “minecraftuser” to the “sudo” group.

2. Add Minecraft User To Sudo Group.

3. Switch To Minecraft User.

4. Install wget Package.

5. Install Java OpenJDK package.

6. Check Installed Java Version.

7. Install Screen Package.

8. Create A Minecraft Directory.


To Install #Steam from Ubuntu package repository :

i. Confirm that the multiverse Ubuntu repository is enabled: $ sudo add-apt-repository multiverse $ sudo apt update.

ii. Install Steam package: $ sudo apt install steam.

iii. Use your desktop menu to start Steam or alternatively execute the following command: $ steam.

Read More


MySQL is not running


This article will guide you on methods to resolve MySQL #error 'MySQL is not running'. Basically, this MySQL error occurs due to many reasons that include stopping MySQL improperly, tables crashing and so on. 

Both MySQL and #Microsoft SQL Server (MSSQL) are widely used enterprise database systems. MySQL is an open-source relational #database management system (RDBMS), while MSSQL Server is a Microsoft-developed RDBMS. 

Enterprises can choose between multiple #MSSQL Server editions to suit their individual needs and budgets.

Why #MySQL is not opening?

1. You can also check the MySQL service is running in background or not. 

2. To do that open Task manager ( Press CTRL + SHIFT + ESC simultaneously ) and look for mysqld service in background process section. 

3. If it isn't listed there then the service is stopped or disabled.

Read More


Remote Desktop on Debian Using X2Go


This article will guide you on the steps to set up remote desktop on #Debian. X2Go can be used to access Windows systems through a #proxy. Client packages can be run on #FreeBSD, Linux, #OS X, or #Windows. 

With the desktop sharing function of X2go you can gain full-access to the desktop of another computer, similar to programs such as Remote Desktop, TeamViewer, and LogMeIn. You can see an #X2go session from somebody else, but you can also see a normal desktop. Desktop Sharing functionality requires access to port 22.

To Connect to Linux Remotely Using #SSH in #PuTTY:

1. Select Session > Host Name.

2. Input the #Linux computer's network name, or enter the IP address you noted earlier.

3. Select SSH, then Open.

4. When prompted to accept the certificate for the connection, do so.

5. Enter the username and password to sign into your Linux device.

Read More


OpenVPN on Linux


This article will guide you on steps to set up OpenVPN on Linux.

OpenVPN config files (. ovpn) offer an easy way to configure #OpenVPN on your computer to work with our servers. These files contain the correct cipher types, #Certificate Authority, Certificate, and Private Keys. You can use these files on Mac, Linux, #Windows, Android, and iOS.

By default the OpenVPN Access Server comes configured with OpenVPN daemons that listen on port 1194 UDP, and OpenVPN daemons that listen on port 443 TCP. While the best connection for an OpenVPN #tunnel is via the #UDP port, we implement TCP 443 as a fallback method.

To Set up OpenVPN Server on Ubuntu #Linux:

1. Find and note down your public IP address.

2. Download openvpn-install.sh script.

3. Run openvpn-install.sh to install OpenVPN server.

4. Connect an OpenVPN server using iOS/Android/Linux/Windows client.

5. Verify your connectivity.

Read More


Install Firejail in Linux


This article will guide you on steps to #install #Firejail in Linux. Basically, Firejail reduces the risk of security breaches by restricting the untrusted applications and separating them from other parts of the system. 

#Sandboxing involves providing a safe environment for a program or #software so that you can play around with it without hurting your system. It actually keeps your program isolated from the rest of the system, by using any one of the different methods available in the #Linux #kernel.

To Install the Firejail Software:

1. Open up a terminal window.

2. Issue the command sudo apt-get install firejail.

3. Type your sudo password and hit Enter.

4. If prompted, type y to allow the installation to continue.

5. Allow the installation to complete.

Read More


Install Microsoft PowerShell on Ubuntu


This article will guide you on steps to install PowerShell on #Ubuntu. #PowerShell is a configuration management tool that brings the capabilities of Linux command-line interface (#CLI) control into the historically point-and-click Windows environment to manage Windows servers efficiently in virtual deployments.

With PowerShell and WSL, we can integrate Linux commands into #Windows just as if they were native applications. 

No need to hunt around for Win32 builds of #Linux utilities or be forced to interrupt your workflow to drop into a Linux shell.

To check the PowerShell version installed in your system, you can use either $PSVersionTable or $host command.

To get a list of PowerShell commands:

1. Get-Command gets the commands from #PowerShell modules and commands that were imported from other sessions. 

2. To get only commands that have been imported into the current session, use the ListImported parameter. 

3. Without parameters, Get-Command gets all of the #cmdlets, functions, and aliases installed on the #computer.

Read More


Configure and Use Microsoft SQL Server Management Studio


This article will guide you on how to setup SQL server management studio. SQL Server Management Studio is a free #Windows #application to configure, manage, and administer Microsoft SQL Server (#MSSQL). 

SSMS is available only as a 32-bit application for Windows.

To get SQL Server Management Studio:

1. Go To Start Menu>Programs>Microsoft SQL Server Tools 18> Microsoft #SSMS 18. 

2. Below 'Connect to Server' screen will appear. 

3. Server Name defaults to the name selected while installing MS SQL server. 

4. Server type: This is an option to select one out of four available MS SQL services option.

To Enable remote connections to your SQL Server:

i. Open #SQL Server Management Studio.

ii. Right-click your server's name and select Properties.

iii. Tick the checkbox Allow remote connections to this server.

iv. Select OK.

Read More


Nagios migration to new Linux server


This article will guide you on steps to #migrate Nagios server to a new Linux server. Nagios provides complete monitoring of #applications and application state – including #Windows applications, #Linux applications, #UNIX applications, and #Web applications.

Main benefits of #Nagios:

1. Increased server, services, process, and application availability.

2. Fast detection of network and server outages and protocol failures.

3. Fast detection of failed servers, services, processes and batch jobs.

Read More


Packet Drop On bond0


This article will help to fix packet drop on bond0. Here, you will learn more about packet loss. 

In Linux, in order to connect more than one network interfaces into a single interface, a special kernel module named bonding is used.

Here, two or more network interfaces can be connected into a single logical “bonded” interface.

Read More


Automate Windows Server 2019 Administration with Ansible


This article will guide you on steps to automate Windows Server 2019 #Administration with Ansible. 

Ansible can be used to manage and execute core functions in Windows #environments, from security updates to remote management using #WinRM. Although Ansible must be run on #Linux, Windows administrators can use Ansible to manage and automate their systems without needing to know how to use a Linux #terminal.

To Connect Ansible on Windows from #Ubuntu:

1. Create Ansible Windows User. Create a new user for the Ansible windows connection setup.

2. Setup Libraries and WinRM.

3. Update the Ansible Inventory file.

4. Update the Ansible Group Variables.

5. Configure #Windows Servers to Manage.

6. Test Connectivity to the Windows Server.

Read More


mchk plesk How to use it


This article will guide you on mchk utility in #Plesk and how to use it to fix errors. It helps to repair malfunctioning Plesk services.

By using Plesk Reconfigurator, you can check and #repair Plesk installation that is malfunctioning due to misconfiguration of one or more of its components.

The following problems can be identified and corrected by using the Repair Plesk Installation option:

1. problems with mail delivery caused by user-made changes in DNS server addresses.

2. misconfigurations of system user accounts or groups used by Plesk to access system objects.

3. malfunction of Plesk's services.

4. misconfigurations in user access permissions for files and folders on server disks and hosting folders.

5. miscalculations of disk space usage by individual domains and subdomains.

Read More


GameGuard redundant execution error 115


This article will guide you on different methods to get rid of Windows #Application #Error 115

To fix this #Windows 10 GameGuard error, allow NProtect access through your #firewall, and if it persists, delete #GameGuard directory. If the update isn't successful or GameGuard file is corrupted, try again later or check firewall settings.

To fix GameGuard error 114?

Initialization error 114 could occur in GameGuard in many different cases:

1. System restart(rebooting).

2. Spyware/Virus.

3. Windows Security update.

4. Collisions with other #programs.

Read More


Configure and host an application in Apache web server on Ubuntu


This article will guide you on how to configure #Apache on #Linux. This includes #firewall configuration, managing Apache services, setting up virtual hosts, changing default listening ports, and allowing/denying specific IPs from accessing the #sites.
Apache #HTTP Server is a free and open-source web server that delivers web content through the internet. It is commonly referred to as Apache and after development, it quickly became the most popular HTTP client on the web.
The httpd. conf file is the main configuration file for the Apache web server. It's highly recommended to run Apache in standalone type for better performance and speed. ServerRoot "/etc/httpd" The option ServerRoot specifies the directory in which the configuration files of the Apache server lives.
On most systems if you installed Apache with a package manager, or it came preinstalled, the Apache configuration file is located in one of these locations:
1. /etc/apache2/httpd. conf.
2. /etc/apache2/apache2. conf.
3. /etc/httpd/httpd. conf.
4. /etc/httpd/conf/httpd. conf.

Read More


Troubleshooting DHCP client issues


This article will guide you on troubleshooting different DHCP #client issues. Whenever a DHCP server gets a request from a client it responds with a DHCP offer containing IP address being offered, #network mask offered, the amount of time that the client can use and keep it, the ip address of the DHCP server making this offer.

To #Troubleshoot DHCP:

1. Check for IP Address Conflicts. #DHCP clients connect to the network using a leased IP address.

2. Check Physical Connectivity.

3. Test connections with other Client using a Static #IP Address.

4. Confirm Switch #Port #Configuration.

5. Verify the source of Clients IP Address.

Read More


How to install OBS on Linux Windows and MacOS


This article will guide you on steps to #install #OBS on #Windows. Also, we saw some common errors that we came across while installing OBS.

Open Broadcaster Software (OBS) is a free and open-source cross-platform streaming and recording program built with Qt and maintained by the OBS Project. There are versions of OBS Studio available for Microsoft Windows, macOS, and Linux distributions. OBS is funded on Open Collective.

As a standard Windows application, OBS should run fine on Windows 10 without any issues in the core program. However, OBS makes heavy use of advanced hardware features, particularly on your GPU such as texture sharing and hardware encoding. Windows 10 will come with new #drivers for your hardware, including your #GPU.

To set up OBS for #streaming:

1. Run the auto-configuration wizard. When you load OBS Studio for the first time you should see the Auto-Configuration Wizard.

2. Set up your audio devices. By default, OBS Studio is set to capture your system default desktop audio device and microphone.

3. Add your sources for video.

4. Test your stream and record settings.

Read More


Install Drush on Drupal 8


This article will guide you on steps to #install #Drush in #Drupal 8. Drush is a command-line utility to manage Drupal #CMS. For this installation of the Drush scripting interface, we will be working primarily on the command line. This is because Drush is a command line interface, and all of the commands you will use will need to be issued from there.

Drush is the command line shell and Unix scripting interface for Drupal.

To Install a global Drush via #Composer:

1. Install Composer globally.

2. Install the cgr tool following the instructions in that project.

3. Add composer's bin directory to the system path by placing export PATH="$HOME/.

4. Install latest stable Drush: cgr drush/drush .

5. Verify that Drush works: drush status.

Read More


How Chmod 777 works


This article will guide you on how to give #Chmod 777 to folders and files in #Linux. We also discussed the risks and more information about file permissions. 

If you are managing a Linux system, it is crucial to know how the Linux #permissions work.

You should never set 777 (rwxrwxrwx) permissions #files and #directories permissions. 777 means that anyone can do anything with those files.

To Give Root Privileges to a User in Linux:

1. Adding to Root Group using usermod. Let see how we can grant normal user root access by adding to root group.

2. Adding to #Root Group using Useradd Command.

3. Editing /etc/passwd file.

4. Setting as Sudo User.

Read More


Add User To Group in Linux


This article will guide you on how to add a #user to a #group in #Linux. The group permissions apply only to the group that has been assigned to the file or directory, they will not effect the actions of other users. The others permissions apply to all other users on the system, this is the permission group that you want to watch the most.

Groups can be thought of as levels of #privilege. A person who is part of a group can view or modify files belonging to that group, depending on the permissions of that file. User belonging to a group has privileges of that group, for example - sudo groups lets you run software as super user.

To view all groups present on the system simply open the /etc/group file. Each line in this file represents information for one group. Another option is to use the getent command which displays entries from #databases configured in /etc/nsswitch.


To Create a New Sudo User:

1. Log in to your server as the root user. #ssh root@server_ip_address.

2. Use the adduser command to add a new user to your system. Be sure to replace username with the user that you want to create.

3. Use the usermod command to add the user to the wheel group.

4. Test sudo access on new user account.


To List Users in Linux:

i. Get a List of All Users using the /etc/passwd File.

ii. Get a List of all Users using the getent Command.

iii. Check whether a user exists in the Linux system.

iv. System and Normal Users.

Read More


Executing queries from the MySQL Command Line


This article will guide you on how to run queries from the 3MySQL command line. The MySQL #Command Line Tool is a useful way to run #queries from the command line. It’s easy to run select queries and display the results in either a horizontal or vertical format, and the queries run are kept in a history file which you can navigate through. 

If you don't want to run a particular query after all you can use the c command to clear it.

The most common way to get a list of the MySQL #databases is by using the mysql client to connect to the MySQL server and run the SHOW DATABASES command. If you haven't set a password for your MySQL user you can omit the -p switch.

To Connect to a MySQL Database:

1. Click Services tab.

2. Expand the Drivers node from the Database Explorer.

3. Enter User Name and Password.

4. Click OK to accept the credentials.

5. Click OK to accept the default schema.

6. Right-click the MySQL Database #URL in the Services window.

Read More


Transfer Files with Rsync on Windows using SSH connection


This article will guide you on steps to perform Rsync from Windows to Linux over SSH.

#Rsync can use #SSH as a secure transport agent. Make sure rsync is installed by opening a #terminal session and typing rsync --version on each machine.

Most #Linux distributions can now read the FAT32 or NTFS disk formats natively, so you could copy your files to an external hard drive formatted in Windows with either of those file systems, which will then allow you to read the data back easily in Linux.

1. cwRsync is an implementation of rsync for Windows. 

2. rsync uses a #file #transfer technology specified by the rsync algorithm, transferring only changed chunks of files over the network. 

3. #cwRsync can be used for remote file #backup and #synchronization from/to Windows systems.

Read More


Rsync from Linux to Windows share


This article will guide you on how to use #Rsync to transfer #files from #Linux to #Windows share.

cwRsync is an implementation of rsync for Windows. rsync uses a file transfer technology specified by the rsync algorithm, transferring only changed chunks of files over the network. #cwRsync can be used for remote file backup and synchronization from/to Windows systems.

Syntax of rsync #command:

1. -v, –verbose Verbose output.

2. -q, –quiet suppress message output.

3. -a, –archive archive files and directory while synchronizing ( -a equal to following options -rlptgoD).

4. -r, –recursive sync files and directories recursively.

5. -b, –backup take the backup during synchronization.

Read More


Add Glance Cloud images to OpenStack


This article will guide you on steps to add #Glance #Cloud images to #OpenStack with different #Linux distributions which enables users to discover, register, and retrieve virtual machine images. 

After images are created they should be registered in Openstack Glance - #image operation service.

Upload Image Into Glance:

1. Replace <NAME> with the name that users will refer to the disk image by. 

2. Replace <IMAGE_FILE> with the local path to the image file to upload.

Read More


Deploy Node js Application to DigitalOcean Server


This article will guide you on how to  deploy node.js application to #DigitalOcean Server.  

To Deploying #Node . js application to DigitalOcean — Setting up the #server:

1. Getting familiar with Digital Ocean and creating your first #droplet.

2. Setting up #SSH and connecting to your server from your local #machine.

3. Setting up a simple Express.js web-server in local machine.

4. Using #Git to deploy your code to server.

Read More


Directadmin Unable to write users httpd conf configuration


This article will guide you on how to fix the #error, Unable to write user's httpd.conf in Directadmin which occurs when we try to add a #domain in #DirectAdmin. 

The httpd. conf file is the main configuration file for the Apache web server. It's highly recommended to run Apache in standalone type for better performance and speed. ServerRoot "/etc/httpd" The option ServerRoot specifies the directory in which the configuration files of the Apache server lives.

Before you edit httpd.conf, you should first copy the original file to something like httpd.conf-old, for example. 

By creating a #backup, you can recover potential mistakes made while editing the new configuration file.

Read More


Cant locate LWP UserAgent pm in @INC


This article will guide you on how to get rid of error "Can't locate LWP/UserAgent.pm in @INC" which occurs in the process of installing #applications like CSF in the DirectAdmin server or any other #Linux #distros. 

libwww-perl (also known as LWP) is a collection of #Perl #modules that provide a simple and consistent programming interface (API) to the World-Wide Web.

In order to install and use this #package you will need Perl version

5.8.1 or better:

Some modules within this package depend on other packages that are distributed separately from Perl.  We recommend that you have the following #packages installed before you install

libwww-perl:

i. Digest-MD5

ii. Encode-Locale

iii. HTML-Form

iv. HTML-Parser

v. HTML-Tagset

vi. HTTP-Cookies

vii. HTTP-Date

viii. HTTP-Message

ix. HTTP-Negotiate

x. libnet

xi. LWP-MediaTypes

xii. MIME-Base64

xiii. Net-HTTP

xiv. URI

xv. WWW-RobotRules


If you want to access sites using the https protocol, then you need to

install the LWP::Protocol::https module from CPAN.

Read More


Setting up client access over private IP address to MySQL on Compute Engine


This article will guide you on setting up client access over private IP address to #MySQL on #Compute #Engine helps advanced usage of parameters and specific performance needs.

To allow IP to connect to MySQL:

1. Edit MySQL Config File. 1.1 Access mysqld.cnf File. 

2. Set up Firewall to Allow Remote MySQL Connection. While editing the configuration file, you probably observed that the default MySQL port is 3306. 

3. Connect to Remote MySQL #Server. Your remote server is now ready to accept connections.

Read More


Guide to install Red Hat Enterprise Linux 7 3


This article will guide you on the step by step process to install Red Hat Enterprise Linux 7.3. This involves completing the “Installation Summary” window along with the installation of #VMware #Workstation and creation of a virtual machine.

Red Hat® Enterprise Linux® is the world's leading enterprise #Linux platform. * It's an open source operating system (#OS). It's the foundation from which you can scale existing apps—and roll out emerging technologies—across bare-metal, virtual, container, and all types of cloud environments.

Read More


How to Check Server Load on a Windows Server


This article will guide you on how to check server load in windows. Windows #Task Manager allows users to analyze the server load issues on the #Windows servers.

Load expresses how many processes are waiting in the queue to access the computer processor. This is calculated for a certain period of time, and the smaller the number the better. 

Signs of #Server #Overload includes:

The following signs indicate that your web server has possibly become overloaded: 

Displaying error codes. Your server returns an #HTTP #error code, such as 500, 502, 503, 504, 408, and so on. 

Delaying serving requests.

Read More


Apache Maven on Ubuntu Steps to install it


This article will guide you on how to #install #Apache #Maven on Ubuntu. Basically, Apache Maven is a popular build management tool for #Java projects. 

To test The Maven Installation in #Ubuntu:

Run the command mvn -version to check if the maven is installed properly. 

You will see the below description on the command prompt. Maven is installed successfully.

Some Maven #Commands:

1. mvn clean. This command cleans the maven project by deleting the target directory. 

2. mvn compiler:compile. This command compiles the java source classes of the maven project. 

3. mvn compiler:testCompile. 

4. mvn package. 

5. mvn install. 

6. mvn deploy. 

7. mvn validate. 

8. mvn dependency:tree.

Read More


SQL Server and create a database on Ubuntu How to install


This article will guide you on how to #install MS SQL on #Ubuntu Server 18.04. 

To Install #Microsoft SQL Server 2017:

1. Visit Microsoft's official SQL Server 2017 download page.

2. Select the edition you want to #download. 

3. Click Download now below your selected edition. 

4. The wizard will prompt you to select an installation type. 

5. On the next page, select a directory for the installation folder.

To connect to the SQL Server using #SSMS:

i. From the Connect menu under the Object Explorer, choose the #Database Engine.

ii. Then, enter the information for the Server name (localhost), Authentication (SQL Server Authentication), and password for the sa user.

iii. Click the Connect button to connect to the SQL Server.

Read More


NFS Server on RHEL CentOS 8 Steps to install and configure


This article will guide you on the steps to Install and Configure #NFS Server on #RHEL or #CentOS.

The terms client and server are used to describe the roles that a computer plays when sharing file systems. The NFS service enables any given computer to access any other computer's file systems and, at the same time, to provide access to its own file systems.

To install NFS server:

1. Install NFS #Kernel Server. 

2. Create the #Export #Directory. 

3. Assign server access to client(s) through NFS export file. 

4. Export the shared directory. 

5. Open #firewall for the client (s).

Read More


Manage a Linux Server with systemd


Like the init #daemon, #systemd is a daemon that manages other daemons, which, including systemd itself, are background #processes. systemd is the first daemon to start during booting and the last daemon to terminate during shutdown.

This article will guide you on how to manage #Linux server using systemd. Additionally, we saw the different commands used to Manage Linux serves with systemd. While systemd is compatible with SysV and Linux Standard Base (LSB) init scripts, systemd is meant to be a drop-in replacement for these older ways of getting a Linux system running.

To start (activate) a service , you will run the command 'systemctl start my_service. service', this will start the service immediately in the current session. 

To enable a service at boot , you will run 'systemctl enable my_service. service'.

Read More


Deploying Kohana PHP application on Debian


This article will guide you on how to deploy Kohana on #Debian. Kohana offers powerful event handling, multiple session drivers, simple database abstraction using #SQL helpers, and libraries that transparently handle external APIs. Its generous BSD license lets developers use and modify the framework to build commercial applications.

The #AppDynamics platform provides full, code-level visibility into the performance of your PHP application built on the Kohana framework. With rapid installation and the most scalable #architecture in the industry, AppDynamics solutions help you deploy your #applications more quickly and with more confidence.

Read More


Using Kill Commands In Linux


This article will guide you on how to use Kill #Commands In #Linux. Here, you will learn several ways to #terminate a running process. However, one should exercise caution to prevent incorrectly terminating a #process that should not be killed.
The #kill -9 command sends a SIGKILL signal indicating to a service to shut down immediately. An unresponsive program will ignore a kill command, but it will shut down whenever a kill -9 command is issued.

Read More


Send Syslog with SSL TLS to Nagios Log Server


This article will guide you on how to Send #Syslog with #SSL / #TLS to Nagios Log Server by encryption which ensures that the #traffic between the #Linux machine and Nagios Log Server is not sent in plain text.

Read More


Process to install Docker on Windows


This article will guide you on the steps to install docker on Windows by setting up a Linux virtual #machine to run as a guest in Windows 10 Home.
Docker Desktop is an easy-to-install application for your #Mac or Windows environment that enables you to build and share containerized applications and microservices. Docker Desktop includes Docker #Engine, Docker CLI client, Docker Compose, Notary, #Kubernetes, and Credential Helper.
You can download #Docker #Desktop for Windows from Docker Hub. This relates to installing Docker Desktop on #Windows 10 Pro, Enterprise, and Education.

Read More


Steps to Edit Sudoers File in Linux Process to get it done


This article will guide you on how to edit #Sudoers File in Linux which involves #root privileges, with a special focus on editing the /etc/sudoers file. You can configure who can use #sudo #commands by editing the /etc/sudoers file, or by adding configuration to the /etc/sudoers. To edit the sudoers file, we should always use the #visudo command. This uses your default editor to edit the sudoers configuration.

Read More


Method to Install Software From Source on Ubuntu


This article will guide you on steps to #install #software from #source on #Ubuntu. The Complete #command is apt-get which is the easiest way to install files/Softwares #packages.

Once installed, on the command line, you can use dpkg --listfiles packagename . For instance, dpkg --listfiles firefox . 

If you want to see what files a package contains without installing it, then you can install apt-file and use that.

Read More


Using Bpytop to monitor Linux and FreeBSD Resources


This article will guide you on how to use Bpytop Monitoring for Linux & FreeBSD Resources.

#Bpytop is a great utility which is useful on your #Linux, #macOS, and #FreeBSD as a #resource #monitor. It is much faster than bashtop and works pretty well as Python 3 is standard on many Unix boxes.

Read More


Process to install node js Windows


This article will guide you on how to install Node.js and verify its installation. Additionally, you will also learn how to uninstall it. #Node . js is a runtime environment that allows software developers to launch both the #frontend and #backend of web apps using #JavaScript. Although JS underpins all the processes for app assembly, as a backend #development #environment, Node. js, differs from the frontend environment.

Read More


Steps to create a Self-Signed SSL Certificate for Apache in CentOS 8


This article will guide you on how to configure #Apache to serve encrypted requests using a self-signed SSL certificate and to redirect unencrypted HTTP requests to #HTTPS. Self-signed #certificates or certificates issued by a private CAs are not appropriate for use with the general public. It can only properly verify the identity of the server when it is signed by a trusted third party because any attacker can create a self-signed certificate and launch a man-in-the-middle attack.

Read More


Send NXLogs with SSL TLS to Nagios Log Server


This guide will guide you on how to send NXLogs with SSL/TLS to #Nagios #Log #Server. Encryption ensures that the traffic between the #Windows machine and Nagios Log Server is not sent in plain text.

Read More


How to Run AWS Amazon DynamoDB Steps to do it


This article will guide you on how to set up #Amazon DynamoDB which can be downloaded as an executable .jar file.

#DynamoDB uses hashing and B-trees to manage #data. Upon entry, data is first distributed into different partitions by hashing on the #partition key. Each partition can store up to 10GB of data and handle by default 1,000 write capacity units (WCU) and 3,000 read capacity units (RCU).

Read More


Cloning existing KVM virtual machine images on Linux


This article will guide you on how to use the virt-clone command which provides a number of options to clone a #KVM #VM. You can use the virt-sysprep if you need to clone the VM and make/reset anything inside the guest #OS.

Read More


Outsourcing server administration Best Services


In conclusion, #outsourcing server #administration provides 24×7 server monitoring by an #Expert Team at an #affordable cost. We specialize on #Hosting #Tech #Support, IT Infrastructure Management, IT Infrastructure Support, #Linux Server Managed #IT Services, #Outsourced Web Hosting Support, Server Management, Server Monitoring, Server Support, System Administration, #Whitelabel #Helpdesk Support

Read More


NFS server not responding timed out error How to fix


This article will guide you on how to fix #NFS server not responding timed out #error which occurs when there is a heavy #server or #network load.

Why NFS is not working?

i. Check the file /proc/fs/nfs/exports and make sure the volume and client are listed correctly.

ii. Finally, try to ping the client from the server, and try to ping the server from the client. 

iii. If this doesn't work, or if there is packet loss, you may have lower-level network problems.

Read More


OpenVPN dns leak How to fix it


This article will guide you on the steps to fix #OpenVPN DNS leak issue. 

A DNS leak occurs when the browser sends a #DNS request directly, thus ignoring the #VPN.  Although the link will seem encrypted or anonymous, the ISP will be able to track your online.

Read More


Sync Two CentOS 8 Servers Using File Replication


The #sync command forces an immediate write of all cached data to disk. Run sync if you anticipate the system to be unstable, or the storage device to become suddenly unavailable, and you want to ensure all data is written to disk. Individual files may be synced, or the entire filesystem containing the specified files.

This article will guide you on the right steps to sync two #CentOS 8 #servers using file replication.

Read More


Advantages of using our Server Management Services


Ibmi Media Server administrators will help you install, configure, and maintain various types of hardware and software, which often involves creating user accounts, carrying out backup and recovery functions, and monitoring the performance of servers at all times. Our Support Experts will take care of configuring, managing, and implementing operating systems.

Read More


Extending Disk Space with LVM


To increase the size of a logical volume, use the lvextend command. When you extend the logical volume, you can indicate how much you want to extend the volume, or how large you want it to be after you extend it. The following command extends the logical volume /dev/myvg/homevol to 12 gigabytes.

Read More


Using Ansible to copy MySQL databases


This article will guide us on how to perform database migration using Ansible as the controller which can help to copy a MySQL database from one remote server to another.

Read More


Install and configure Kohana on Linux


This article will guide you on the easy steps to install and configure Kohana on Linux.

Read More


Configuration File Is Out Of Date in Nagios


This article will guide you on the different methods to fix Nagios error "Configuration File Is Out Of Date" in CCM after applying configuration changes in Nagios due to incorrect configuration of system time.

Read More


Steps to Install GNS3 on Ubuntu in a single command


This article will guide you on the steps to install GNS3 on Ubuntu.

Read More


RM cannot remove read-only file system tips to fix


This article will guide you on how to fix 'rm cannot remove the read-only file system' error  by simply removing files from the read-only file system.

Read More


Nagios login screen redirects to itself Steps to fix it


This article will help to resolve Nagios login screen redirecting to itself which occurs due to a mismatch in the time zone can cause the Nagios login screen to redirects to itself after entering the login credentials.

Read More


PuTTY Fatal Error Connection timed out


This article will help to fix "PuTTY Fatal Error: Connection timed out" which occurs when the IP address of the host and virtual machine does not belong to the same subnet.

Read More


Too many open files Linux


This article will guide you on how to fix Linux error "Too Many Open Files" and method of changing the default limits set by Linux.

Read More


SQL error Msg 3266


This article will help you to solve SQL error Msg 3266 which occurs when database backups job fails when the filemark in the backup device cannot be read. 

Read More


Recovering a database from suspect mode in SQL


This article will guide you through the process of repairing  a database which is in Suspect mode in SQL by performing consistency check on database in emergency mode and executing ALLOW DATA LOSS in single user mode.

Read More


Centralizing logs on Ubuntu with Journald


This article will help you to configure centralization of logs with Journald on Ubuntu for both the Server and Client system.

Read More


Steps to install Debian 9 Stretch


This article will guide you through the complete steps you need to follow to install Debian 9 Stretch on your Machine.

Read More


Htop installation on Linux



This article will show you how to install Htop across different Linux Distributions and Operating System.

Read More


Ansible Software installation on ubuntu


This article will put you through to install Ansible on Ubuntu and Debian Machines to get it to work via its inventory file.

Read More


DBeaver installation on debian



This well documented article will guide you on how to install DBeaver on Debian and Ubuntu Server.

Read More


Odoo installation on Centos


This article will guide you on how to install Odoo software on CentOS 7. Odoo is a very popular business software for managing business application.

Read More


PostgreSQL installation on Centos 7


This article will show you how to install PostgreSQL via the default Centos repositories or from the official Postgres repositories.

Read More


Rclone installation process


Rclone is an open-source command line tool which helps to sync files to cloud storage which is makes data migration between storage spaces easy.

Read More


Our DigitalOcean Active Server Support service


We offer Emergency support and Server management services to help your monitor your infrastructure and quickly resolve and issues that could disrupt your services.

Read More


Fix curl error 67


Curl error 67 occurs when trying to download a file from an remote server for use in a local environment. This error relates with not using the correct login information.

Read More


How to setup Railgun in Cpanel


Websites using Railgun appears to be more efficient in terms of page loading time. Railgun catalyses the speed at which a website process in a web browser. Thus it helps to increase site speed.

Read More


Fix no such device error when using ethtool


Ethtool is a great utility for Linux kernel-based operating system which helps to display and modify some important parameters of network interface controllers and their device drivers.

Read More


How to securely back up your Linux Ubuntu Centos and Debian Server


#Backup and #restore refers to technologies and practices for making periodic copies of data and applications to a separate, secondary device and then using those copies to recover the data and applications—and the business operations on which they depend in the event that the original data and applications are lost.

#rsync uses what is called a delta-transfer algorithm which compares files from source and destination and sends only the differences between them.


To automatically backup #files and directories in Linux:

1. archive the content. Backing up your files using tar is very simple using the following command: # tar -cvpzf /backup/backupfilename.tar.gz /data/directory.

2. create backup script. Now let's add tar command in a bash script to make this backup process automatic.


#Rsync, or Remote Sync, is a free command-line tool that lets you transfer files and directories to local and remote destinations. 

Rsync is used for mirroring, performing backups, or migrating data to other servers.

Backing up file systems means copying file systems to removable media (such as tape) to safeguard against loss, damage, or corruption. 

Restoring file systems means copying reasonably current backup files from removable media to a working directory.

Data losses can be a very frustration encounter for a server owner. To avoid such catastrophic situations in losing your website data, it is very important to do a regular backup for your server and website.

Read More