IonCube Loader is a PHP module or extension for PHP files decoding encrypted and is often required for many applications based on PHP. It helps us to protect php applications from unauthorized execution and at the same time can accelerate the website. This article will show you how you can install ioncube loader on CentOS 6 and the steps also works on CentOS 7.
Your PHP version must match ioncube version : eg. PHP 5.5 will use file: ioncube_loader_lin_5.5.so eg. PHP 5.4 will use file: ioncube_loader_lin_5.4.so eg. PHP 5.3 will use file: ioncube_loader_lin_5.3.so
In this case, php version is PHP 5.4, and the matching ioncube loader version should be ioncube_loader_lin_5.4.so.
2. Create directory for ioncube :
# mkdir /usr/local/ioncube
3. Download and extract the ioncube:
# wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
# tar xzvf ioncube_loaders_lin_x86-64.tar.gz
4. Open the extracted ioncube folder and copy the ioncube loader file match to your php version. :
# cd ioncube
# cp -p ioncube_loader_lin_5.4.so /usr/local/ioncube
5. Now locate php.ini file. This is how you can find location of php.ini.
7. Verify the php version, it is now should include file “ioncube_loader_lin_5.4.so” in PHP 5.4 if you get the display as below :
# php -v
PHP 5.4.33 (cli) (built: Sep 20 2014 16:20:03)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
with the ionCube PHP Loader v4.7.5, Copyright (c) 2002-2014, by ionCube Ltd.
If you can see the version of PHP with ionCube loader version, meaning you have successfully installed and configured ioncube PHP loader in your linux system.
There are many open source control panel to run linux web hosting on the internet like ISPConfig, Webmin, Virtualmin and Open Panel. In this post, I want to share how to install CentOS Web panel (CWP) on CentOS 6. CentOS Web panel is a free Web Hosting panel designed for easy management of servers ( VPS & Dedicated ) without the need to use their expertise and knowledge in the linux command line and without SSH access to the server.
From the CWP official website, they do not provide uninstaller and reinstall the server to remove it. CWP should be install on the fresh CentOS operating system without any non-default configuration.
Follow the following step to install CWP on CentOS 6.6.
1. Install Fresh CentOS 6.6 with direct internet connection : 2. Allocate atleast 512MB RAM for 32 bit systems and 1024MB for 64 bit systems. In this example we will allocate 4GB RAM.
3. Configure your server hostname : a. Modify the hostname and reboot the server to take effect:
# vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=centos66.ehowstuff.local
GATEWAY=192.168.0.1
6. The installation will take up to 50 minutes, depend on your internet connection speed :
7. Once the installation completed, you will see the the screen below. In this case i leave mySQL root password blank.
Press Enter to reboot the server.
8. Go to your browser and enter CWP ip address with 2030 port number. You will see login page as below. CentOS WebPanel Admin GUI at http://SERVER-IP:2030/
Username: root Password: your server root password
9. You can start configure your CWP via dasgboard panel below. Get consult from official website, and the CWP forum to proceed the configuration.
10. You can start configure your CWP server and then start hosting your website.
Setup nameservers
Setup shared ip (must be your public IP address)
Setup at least one hosting package (or edit default package)
Setup root email
& now you are ready to host domains…
11. Install Softaculous Apps Installer via command :
# /usr/local/src/install.sh --quick
-----------------------------------------------
Welcome to Softaculous Apps Installer
-----------------------------------------------
///////////////////////////////
// INSTALLING SOFTACULOUS :
// 1) CONFIGURING universal.php
// 2) FETCHED A LICENSE
// 3) UPDATING Categories
// 4) UPDATING Scripts List
// 5) UPDATING Installed Scripts List
// 6) SETTING A CRON JOB
// 7) DOWNLOADING SCRIPTS
///////////////////////////////
ln: creating symbolic link `/usr/local/cwpsrv/conf.d/softaculous.conf': File exists
cwpsrvd: Could not reliably determine the server's fully qualified domain name, using centos66.ehowstuff.local for ServerName
=====================================================
Congratulations, Softaculous was installed successfully
Softaculous has been installed at:
Path : /usr/local/softaculous
Scripts Path : /var/softaculous
We request you to please register for updates and notifications at :
http://www.softaculous.com/board/index.php?act=register
It also inspires us when you register. Registration is free and just a one minute job.
If you need any support you can always count on us. Just drop in at our Support Board:
http://www.softaculous.com/board
Alternatively, you can contact us via Email at support@softaculous.com
Thank you for using Softaculous
Postfix MTA basically just capture ‘From’ and ‘To’ field while the subject is not logged to the maillog. There are simple steps to enable logging of the e – mail subject in postfix maillog. This will very useful for email administrators when performing troubleshooting of problems related with email.
1. Assume that postfix has been installed. Open the postfix main configuration file :
DDoS attacks are usually intended to paralyze websites and web services and it is better to mitigate it at the firewall level. But for the web server that runs on Nginx, I have prepared a basic step to provide DDoS protection which proved to work for small-scale DDoS attacks and DDoS attacks that aimed at applications. This DDos Attack Tutorial protection for Nginx guidelines has been tested on CentOS 6, CentOS 7, RHEL 7 and Oracle Linux 7. This steps may work on your environment but please note that this guidelines is not an official document and official recommendation from Nginx website.
DDos Attack Tutorial – Implement Basic Protection for Nginx :
1. In /etc/nginx/nginx.conf, include the following parameters :
For reasons of security, remote access to MySQL database server is disabled by default because they are considered potential security threats. However, due to some reason, it is necessary to allow access from a remote location or web server. Let assume that we are making connection from remote web server IP called 192.168.0.3 for database called db1 for user user1 at remote MySQL server, 192.168.0.2, then we need to grant access to this IP address.
If the remote access is not enable you will get this error :
ERROR 1130 (HY000): Host ‘192.168.0.3’ is not allowed to connect to this MySQL server
IP Adress 1 : 192.168.0.2 – MySQL Server IP Adress 2 : 192.168.0.3 – Web Server (Nginx or Apache)
Steps to Enable and Grant Remote Access to MySQL Database Server
1. Edit the my.cnf file :
# vim /etc/mysql/my.cnf
Comment out or remove below line :
#bind-address = 127.0.0.1
2. The following command will allow access to the MySQL database(192.168.0.2) from a remote web server IP address(192.168.0.3):
mysql> create user 'user1'@'192.168.0.3' identified by 'PASSWORD';
mysql> grant all on db1.* to 'user1'@'192.168.0.3';
3. Test the connection from the remote web server :
# mysql -u user1 -pPASSWORD -h 192.168.0.2
4. Verify the user privileges for user1 :
mysql> select * from information_schema.user_privileges where grantee like "'user1'%";
5. In case you want to revoke all options the access from all machine or web server(192.168.0.3) only :
mysql> revoke all privileges, grant option from 'user1'@'%';
mysql> revoke all privileges, grant option from 'user1'@'192.168.0.3';
Enable SSH server on a virtual private server (VPS) will expose the server to the internet and provide opportunities for hacking activities, especially when VPS still using root as a primary access. VPS should be configured with a email alert automatically to each successful login attempts via SSH server . VPS server owner shall be notified of any SSH server access log, such as who, when and which source IP address. This is an important security concern for server owners to protect the server from unknown login attempts. This is because if hackers use brute force to log into your VPS via ssh then it can be very dangerous. In this article, I will explain how to set up an email alert to all SSH login users on linux CentOS 6, CentOS 7, RHEL 6 and RHEL 7.
1. Login to your server as root user :
2. Configure at alert from source global definitions (/etc/bashrc). This will enabled for root and normal users :
# .bashrc
# User specific aliases and functions
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
4. Optionally you can enable alert for specify normal user (e.g skytech ) :
[root@vps ~]# vi /home/skytech/.bashrc
Add the following at the bottom of /home/skytech/.bashrc :
Brute-force break-in attempts are quite frequent against the SSH server. However, there is an open source software that can help you deal with this problem automatically, namely fail2ban. Fail2ban provides a way to protect private virtual server( VPS ) from malicious behavior by intruders or hackers automatically. This program works by scanning through log files and respond to unsuccessful login attempts and repeated login attempts. Here are the steps on how to implement fail2ban and steps have been tested on CentOS 6, CentOS 7, RHEL 6 and RHEL 7.
4. Configure the prefered “bantime”, “findtime” and “maxretry” before a host get banned :
# vi /etc/fail2ban/jail.local
Update to the following :
..
..
# "bantime" is the number of seconds that a host is banned.
bantime = 7200
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 600
# "maxretry" is the number of failures before a host get banned.
maxretry = 3
..
..
5. Verify sshd filter file : You can verify the default sshd filter file.
# vi /etc/fail2ban/filter.d/sshd.conf
6. Restart fail2ban :
# service fail2ban restart
7. After a few hours of implementation, fail2ban start capturing and banned for such violence and attempts to guess the password for my VPS. Look at the log at path /var/log/secure for monitoring :
# tail -f /var/log/secure
Mar 3 13:37:59 rn sshd[30681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57 user=root
Mar 3 13:38:02 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar 3 13:38:05 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar 3 13:38:07 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar 3 13:38:09 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar 3 13:38:12 rn sshd[30681]: Failed password for root from 115.231.218.57 port 2919 ssh2
Mar 3 13:38:13 rn sshd[30681]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57 user=root
Mar 3 13:38:48 rn sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57 user=root
Mar 3 13:38:50 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:38:52 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:38:54 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:38:56 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:38:58 rn sshd[30702]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:38:58 rn sshd[30702]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57 user=root
Mar 3 13:39:00 rn sshd[30704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57 user=root
Mar 3 13:39:02 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:39:04 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:39:07 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:39:09 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:39:11 rn sshd[30704]: Failed password for root from 115.231.218.57 port 3090 ssh2
Mar 3 13:39:12 rn sshd[30704]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57 user=root
Mar 3 13:39:24 rn sshd[30708]: Invalid user admin from 115.231.218.57
Mar 3 13:39:24 rn sshd[30708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57
Mar 3 13:39:26 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar 3 13:39:27 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar 3 13:39:30 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar 3 13:39:33 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar 3 13:39:35 rn sshd[30708]: Failed password for invalid user admin from 115.231.218.57 port 2898 ssh2
Mar 3 13:39:35 rn sshd[30708]: PAM 4 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.218.57
8. Fail2ban start to ban and unban after two hours :
# tail -f /var/log/messages
Mar 3 13:38:13 rn fail2ban.actions[25912]: WARNING [ssh-iptables] Ban 115.231.218.57
Mar 3 13:38:58 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:39:12 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:39:33 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:39:43 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:39:56 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:40:20 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:40:30 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:40:41 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 13:40:51 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:30:32 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:30:46 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:31:35 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:32:34 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:32:51 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:33:02 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:33:32 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:33:43 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:33:54 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:34:06 rn fail2ban.actions[25912]: INFO [ssh-iptables] 115.231.218.57 already banned
Mar 3 15:38:14 rn fail2ban.actions[25912]: WARNING [ssh-iptables] Unban 115.231.218.57
9. All the ban action followed by the email trigger as per screenshot :
10. Check the Which IP already listed in the ban list :
# iptables -L
..
..
Chain fail2ban-NoAuthFailures (1 references)
target prot opt source destination
REJECT all -- 141.101.98.8 anywhere reject-with icmp-port-unreachable
REJECT all -- 108.162.210.231 anywhere reject-with icmp-port-unreachable
REJECT all -- 108.162.221.246 anywhere reject-with icmp-port-unreachable
REJECT all -- 108.162.238.35 anywhere reject-with icmp-port-unreachable
RETURN all -- anywhere anywhere
Python is a popular programming language, which is widely used, high-level programming languages ??and has a design philosophy that emphasizes code readability. It is considered as a programming language that is easy to learn and master because of its focus on readability. Python syntax allows programmers to express concepts in fewer lines of code as possible in languages ??other programming such as C ++ or Java. This article show you how to check and verify the version of Python on CentOS 6, CentOS 7, RHEL 6 and RHEL 7.
1. Check Python version :
[root@vps ~]# python --version
Python 2.7.5
2. Enter python command line :
[root@vps ~]# python
Python 2.7.5 (default, Jun 17 2014, 18:11:42)
[GCC 4.8.2 20140120 (Red Hat 4.8.2-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
Varnish is an open source web accelerator typically run in front of web servers such as Apache or Nginx. It is also known as HTTP reverse proxy and designed to serve static content, such as images, stylesheets or scripts. Varnish will keep copies of pages from page revisit the same web server ( Apache or Nginx ) and re-use the cached copy for subsequent requests. This will help dynamic website such as wordpress or joomla improve in website response times and also will reduce the server load.
Varnish is also can be downloaded from EPEL (Extra Packages for Enterprise Linux) package repositories but the new major versions will not hit EPEL and it is not necessarily up to date. The following steps will describe how we can install Varnish 4 on CentOS 6 and CentOS 7.
In general, most of the web server software has been installed with default settings that will lead to information leakage. One of them is a PHP software. PHP (Hypertest Preprocessor) is one of the most popular server-side HTML embedded scripting language for the websites today. In the current challenging times, there are lots of attacker will try to discover the weaknesses in your your server system. Hence, i will describe the simple way to hide the PHP information in Linux server.
By default expose_php is set to On. Turning off the “expose_php” parameter causes that PHP will hide it version details.
[root@centos66 ~]# vi /etc/php.ini
In your php.ini, locate the line containing expose_php On and set it to Off:
expose_php = Off
Before the changes, web server header will look like below :
Question : Due to some reason, I had to stop a service on linux CentOS 7. But when i restarted the server, the service starts again automatically. How to stop or disabled auto start services at boot ?
Answer : Just issue the following command to disabled auto start for particular service.
This article discussed about how we can reclaim the free space for linux root partition that was implemented using thin provisioned disks in Linux VMware virtual machine (VM). Common advantages by implementing thin provisioned disks in VMware is the administrator are able to over-allocate storage because the provisioned thin disks consume only the space used. The concept of thin provisioning disk disregard either the operating system running on Linux or Windows. However, by using thin provisioned disks, you will find that vmdk file size still expands over the time whenever you install, uninstall or delete applications in VM. You will noticed that the vmdk file size does not shrink or return to its previous size. When this happens to the linux VM, we need to use zerofree utility to reclaim and shrink the free space. The following steps is mainly to reclaim free space for linux root partition, tested in CentOS 7 and RHEL 7.
1. Install “zerofree” on your virtualbox guest machine.
2. Run this command to boot into rescue mode :
# systemctl rescue
3. In the rescue mode, enter root password :
4. Mount the root partition as read-only. Then run zerofree command. Once zerofree command complete, kindly reboot the VM.
# mount -o remount, ro /dev/mapper/centos-root
# zerofree -v /dev/mapper/centos-root
5. Do a virtual clone V2V using vCenter or vmkfstool command. You will notice the vmdk size reduce to only the space used.
