• SloLoris and CSF

    robert . . #Linux 

    IS there a SloLoris attacking going on? Do you have CSF installed? Add this to your csf.conf

    CONNLIMIT = 80;75,443;75,21;50
    PORTFLOOD = 80;tcp;50;1,443;tcp;50;1

  • btmp and you

    robert . . #Linux  #System Admin 

    There is a file in /var/log called btmp. If you notice this file is abnormally large *say 2GB* while it should be in the less than 10MB zone, you are or had gone through an SSH Brute Force attempt.

    This file logs all the attempts to log-in to your server via SSH. If you have thousands of failed logins this file grows fast. You can remedy the problem my changing the SSH port number or allowing SSH access to limited IP’s per /etc/hosts.allow .

    If this is taking up space, delete it. You can issue a bunch of commands, I like to zero it out with echo.

  • H20

    Water is the primary source of life. Without it we as humans would be dead. I have grown an interest in seeking the perfect pH of drinking water and found as a person whom consumes energy drinks that water with a pH of 9.5 *Deep Purple* is by far the best.

    While water is our source of life, what is the source of life for technology? Us! We are the source of its life. So we must learn how to overcome some of the biggest hurdles we are presented with when working with technology.

    On this web-site I will provide tips and information on how to make life just a tad easier. Given I have time to update.

    If at anytime you have questions you can e-mail me: robert@robertsarea.com or open a ticket at https://tickets.linuxgu.com/open.php

  • cPanel and Web Server Troubleshooting. Need help?

    robert . . #Home  #System Admin 

    Do you have a technical question, or need some ideas? Do you need advice on a web server or on how to go to for Web-services. Well, come Submit a Ticket and ask me a question. Yes, I have more than one web-site, but that is because I hold many skill sets. If you are in need of where to host your website, I know of a great company that can do that for you, and much more!

    Don’t spend countless hours doing a Google Search for advice, just Submit a Ticket.

  • OpenVZ to KVM

    robert . . #System Admin 

    I am currently working on merging all my OpenVZ containers to KVM as I need to be able to load specific kernel modules for each. I am also testing the performance for each Virtualization technology. So far KVM wins, but OpenVZ is much quicker and easier to manage. It is great to just “start” up a server.

    I am currently working on merging all my OpenVZ containers to KVM as I need to be able to load specific kernel modules for each. I am also testing the performance for each Virtualization technology. So far KVM wins, but OpenVZ is much quicker and easier to manage. It is great to just “start” up a server.

    Update – 05/11/19

    I am fully merged to KVM virtualization. This website has been moved from an OpenVZ server to a KVM server. KVM is the go to for virtualization.

  • Re-nice everyone

    robert . . #Linux  #System Admin 

    Sometimes when someone wants to get past a throttle of some sort they place the niceness of a process in the negative stage. The higher the negative number the higher the more priority.. This is a burden on servers that meant to have shared allocated resources.

    Well, the solution. If this is a VPS and they all of their processes are set to -15 but the default is 0, issue this command:

    for i in `cat /etc/passwd | awk -F: {'print $1'}`; do renice -n 0 -u $i; done

  • VirtFS

    robert . . #Home  #Linux  #System Admin 

    Do you see a bunch of /home/virtfs mounts? Well there is a way to clear this from command line:


    /scripts/clear_orphaned_virtfs_mounts --clearall

  • Restarting PHP-FPM on cPanel

    Do you need to restart Apache and PHP-FPM? To restart PHP-FPM you would issue:

    /scripts/restartsrv_apache_php_fpm 

  • OpenVZ simfs to ploop

    robert . . #Linux  #System Admin 

    There are many advantages to using ploop rather than simfs. The advantage of course I choose is file security. While simfs places all the files directly on the hostname for ease of use and managing, ploop creates a virtual disk file and then put files inside this disk. When the virtual machine is started vzctl has to mount the ploop disk. Versus with simfs, there is no mount involved.

    vzctl convert  [--layout ploop[:mode]] 
    vzctl convert --layout ploop <CT_ID>

    MAKE A BACKUP FIRST

  • Cerbot Free SSL

    Certbot has finally given instructions for majority of the Linux distros with various web-servers. You can find the all the instructions at this magical link: 

    https://certbot.eff.org/all-instructions  

    Here is an example of installing Certbot on a NagiosXI server:

    [root@nagios ~]# wget https://dl.eff.org/certbot-auto
    --2019-04-23 16:32:45-- https://dl.eff.org/certbot-auto
    Resolving dl.eff.org… 151.101.0.201, 151.101.64.201, 151.101.128.201, …
    Connecting to dl.eff.org|151.101.0.201|:443… connected.
    HTTP request sent, awaiting response… 200 OK
    Length: 63564 (62K) [application/octet-stream]
    Saving to: `certbot-auto'
    100%[================================================================================>] 63,564 --.-K/s in 0.003s
    2019-04-23 16:32:45 (17.8 MB/s) - `certbot-auto' saved [63564/63564]
    [root@nagios ~]# sudo mv certbot-auto /usr/local/bin/certbot-auto
    [root@nagios ~]# sudo chown root /usr/local/bin/certbot-auto
    [root@nagios ~]# sudo chmod 0755 /usr/local/bin/certbot-auto
    [root@nagios ~]# cert
    certbot-auto certutil
    [
    root@nagios ~]# certbot-auto
    Bootstrapping dependencies for RedHat-based OSes that will use Python3… (you can skip this with --no-bootstrap)
    yum is /usr/bin/yum
    yum is hashed (/usr/bin/yum)
    Loaded plugins: fastestmirror
    Setting up Install Process
    Loading mirror speeds from cached hostfile
    base: mirror.steadfastnet.com
    epel: fedora-epel.mirror.lstn.net
    extras: mirror.jaleco.com
    updates: mirror.hackingand.coffee
    Package gcc-4.4.7-23.el6.x86_64 already installed and latest version
    Package openssl-1.0.1e-57.el6.x86_64 already installed and latest version
    Package openssl-devel-1.0.1e-57.el6.x86_64 already installed and latest version
    Package redhat-rpm-config-9.0.3-51.el6.centos.noarch already installed and latest version
    Package ca-certificates-2018.2.22-65.1.el6.noarch already installed and latest version
    Package 1:mod_ssl-2.2.15-69.el6.centos.x86_64 already installed and latest version
    Resolving Dependencies
    --> Running transaction check
    ---> Package augeas-libs.x86_64 0:1.0.0-10.el6 will be installed
    ---> Package libffi-devel.x86_64 0:3.0.5-3.2.el6 will be installed
    ---> Package python34.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: python34-libs(x86-64) = 3.4.8-1.el6 for package: python34-3.4.8-1.el6.x86_64
    --> Processing Dependency: libpython3.4m.so.1.0()(64bit) for package: python34-3.4.8-1.el6.x86_64
    ---> Package python34-devel.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: python-rpm-macros for package: python34-devel-3.4.8-1.el6.x86_64
    --> Processing Dependency: python3-rpm-macros for package: python34-devel-3.4.8-1.el6.x86_64
    ---> Package python34-tools.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: python34-tkinter = 3.4.8-1.el6 for package: python34-tools-3.4.8-1.el6.x86_64
    --> Running transaction check
    ---> Package python-rpm-macros.noarch 0:3-14.el6 will be installed
    --> Processing Dependency: python-srpm-macros for package: python-rpm-macros-3-14.el6.noarch
    ---> Package python3-rpm-macros.noarch 0:3-14.el6 will be installed
    ---> Package python34-libs.x86_64 0:3.4.8-1.el6 will be installed
    ---> Package python34-tkinter.x86_64 0:3.4.8-1.el6 will be installed
    --> Processing Dependency: libtcl8.5.so()(64bit) for package: python34-tkinter-3.4.8-1.el6.x86_64
    --> Processing Dependency: libtk8.5.so()(64bit) for package: python34-tkinter-3.4.8-1.el6.x86_64
    --> Running transaction check
    ---> Package python-srpm-macros.noarch 0:3-14.el6 will be installed
    ---> Package tcl.x86_64 1:8.5.7-6.el6 will be installed
    ---> Package tk.x86_64 1:8.5.7-5.el6 will be installed
    --> Finished Dependency Resolution
    Dependencies Resolved
    ==========================================================================================================================
    Package Arch Version Repository Size
    Installing:
    augeas-libs x86_64 1.0.0-10.el6 base 314 k
    libffi-devel x86_64 3.0.5-3.2.el6 base 18 k
    python34 x86_64 3.4.8-1.el6 epel 50 k
    python34-devel x86_64 3.4.8-1.el6 epel 186 k
    python34-tools x86_64 3.4.8-1.el6 epel 426 k
    Installing for dependencies:
    python-rpm-macros noarch 3-14.el6 epel 6.6 k
    python-srpm-macros noarch 3-14.el6 epel 5.8 k
    python3-rpm-macros noarch 3-14.el6 epel 5.4 k
    python34-libs x86_64 3.4.8-1.el6 epel 8.4 M
    python34-tkinter x86_64 3.4.8-1.el6 epel 336 k
    tcl x86_64 1:8.5.7-6.el6 base 1.9 M
    tk x86_64 1:8.5.7-5.el6 base 1.4 M
    Transaction Summary
    Install 12 Package(s)
    Total download size: 13 M
    Installed size: 41 M
    Is this ok [y/N]: y
    Downloading Packages:
    (1/12): augeas-libs-1.0.0-10.el6.x86_64.rpm | 314 kB 00:00
    (2/12): libffi-devel-3.0.5-3.2.el6.x86_64.rpm | 18 kB 00:00
    (3/12): python-rpm-macros-3-14.el6.noarch.rpm | 6.6 kB 00:00
    (4/12): python-srpm-macros-3-14.el6.noarch.rpm | 5.8 kB 00:00
    (5/12): python3-rpm-macros-3-14.el6.noarch.rpm | 5.4 kB 00:00
    (6/12): python34-3.4.8-1.el6.x86_64.rpm | 50 kB 00:00
    (7/12): python34-devel-3.4.8-1.el6.x86_64.rpm | 186 kB 00:00
    (8/12): python34-libs-3.4.8-1.el6.x86_64.rpm | 8.4 MB 00:00
    (9/12): python34-tkinter-3.4.8-1.el6.x86_64.rpm | 336 kB 00:00
    (10/12): python34-tools-3.4.8-1.el6.x86_64.rpm | 426 kB 00:00
    (11/12): tcl-8.5.7-6.el6.x86_64.rpm | 1.9 MB 00:00
    (12/12): tk-8.5.7-5.el6.x86_64.rpm | 1.4 MB 00:00
    Total 11 MB/s | 13 MB 00:01
    Running rpm_check_debug
    Running Transaction Test
    Transaction Test Succeeded
    Running Transaction
    Installing : python34-libs-3.4.8-1.el6.x86_64 1/12
    Installing : python34-3.4.8-1.el6.x86_64 2/12
    Installing : 1:tcl-8.5.7-6.el6.x86_64 3/12
    Installing : 1:tk-8.5.7-5.el6.x86_64 4/12
    Installing : python34-tkinter-3.4.8-1.el6.x86_64 5/12
    Installing : python-srpm-macros-3-14.el6.noarch 6/12
    Installing : python-rpm-macros-3-14.el6.noarch 7/12
    Installing : python3-rpm-macros-3-14.el6.noarch 8/12
    Installing : python34-devel-3.4.8-1.el6.x86_64 9/12
    Installing : python34-tools-3.4.8-1.el6.x86_64 10/12
    Installing : augeas-libs-1.0.0-10.el6.x86_64 11/12
    Installing : libffi-devel-3.0.5-3.2.el6.x86_64 12/12
    Verifying : python-rpm-macros-3-14.el6.noarch 1/12
    Verifying : 1:tcl-8.5.7-6.el6.x86_64 2/12
    Verifying : python34-tkinter-3.4.8-1.el6.x86_64 3/12
    Verifying : python34-3.4.8-1.el6.x86_64 4/12
    Verifying : python3-rpm-macros-3-14.el6.noarch 5/12
    Verifying : python34-libs-3.4.8-1.el6.x86_64 6/12
    Verifying : libffi-devel-3.0.5-3.2.el6.x86_64 7/12
    Verifying : python-srpm-macros-3-14.el6.noarch 8/12
    Verifying : augeas-libs-1.0.0-10.el6.x86_64 9/12
    Verifying : 1:tk-8.5.7-5.el6.x86_64 10/12
    Verifying : python34-devel-3.4.8-1.el6.x86_64 11/12
    Verifying : python34-tools-3.4.8-1.el6.x86_64 12/12
    Installed:
    augeas-libs.x86_64 0:1.0.0-10.el6 libffi-devel.x86_64 0:3.0.5-3.2.el6 python34.x86_64 0:3.4.8-1.el6
    python34-devel.x86_64 0:3.4.8-1.el6 python34-tools.x86_64 0:3.4.8-1.el6
    Dependency Installed:
    python-rpm-macros.noarch 0:3-14.el6 python-srpm-macros.noarch 0:3-14.el6 python3-rpm-macros.noarch 0:3-14.el6
    python34-libs.x86_64 0:3.4.8-1.el6 python34-tkinter.x86_64 0:3.4.8-1.el6 tcl.x86_64 1:8.5.7-6.el6
    tk.x86_64 1:8.5.7-5.el6
    Complete!
    Creating virtual environment…
    Installing Python packages…
    Installation succeeded.
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Enter email address (used for urgent renewal and security notices) (Enter 'c' to
    cancel):


    Please read the Terms of Service at
    https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
    agree in order to register with the ACME server at
    https://acme-v02.api.letsencrypt.org/directory

    (A)gree/(C)ancel: A

    Would you be willing to share your email address with the Electronic Frontier
    Foundation, a founding partner of the Let's Encrypt project and the non-profit
    organization that develops Certbot? We'd like to send you email about our work
    encrypting the web, EFF news, campaigns, and ways to support digital freedom.

    (Y)es/(N)o: Y
    No names were found in your configuration files. Please enter in your domain
    name(s) (comma and/or space separated) (Enter 'c' to cancel): nagios.xxx.com
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for nagios.xxx.com
    Cleaning up challenges
    Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
    IMPORTANT NOTES:
    Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.
    -------------------------
    So at this point I needed to add a <VirtualHost> entry in the /etc/apache/conf.d/nagios.conf to get this to work.
    ----------------------------

    $certbot-auto
    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator apache, Installer apache
    Which names would you like to activate HTTPS for?

    1: nagios.xxx.com

    Select the appropriate numbers separated by commas and/or spaces, or leave input
    blank to select all options shown (Enter 'c' to cancel): Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for nagios.xxx.com
    Waiting for verification…
    Cleaning up challenges
    Created an SSL vhost at /etc/httpd/conf.d/nagios-le-ssl.conf
    Deploying Certificate to VirtualHost /etc/httpd/conf.d/nagios-le-ssl.conf
    Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.

    1: No redirect - Make no further changes to the webserver configuration.
    2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
    new sites, or if you're confident your site works on HTTPS. You can undo this
    change by editing your web server's configuration.

    Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1

    Congratulations! You have successfully enabled https://nagios.xxx.com
    You should test your configuration at:
    https://www.ssllabs.com/ssltest/analyze.html?d=nagios.xxx.com

    IMPORTANT NOTES:
    Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/nagios.xxx.com/fullchain.pem
    Your key file has been saved at:
    /etc/letsencrypt/live/nagios.xxx.com/privkey.pem
    Your cert will expire on 2019-07-22. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot-auto
    again with the "certonly" option. To non-interactively renew all
    of your certificates, run "certbot-auto renew"
    If you like Certbot, please consider supporting our work by:
    Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
    Donating to EFF: https://eff.org/donate-le
    [root@nagios conf.d]# service httpd restart
    Stopping httpd: [ OK ]
    Starting httpd: [ OK ]
    [root@nagios conf.d]#