Monday, 8 January 2018

How to Creating Tunnel From Windows Using PuTTY

what is PuTTY?

PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers.
Please find the below steps to create tunnel from windows:
  1. Please open PuTTY application and enter the server hostnameor IP address.
Screenshot from 2016-08-24 05:55:36
2. Now, we need to setup the tunnel. Choose Connection -> SSH -> Tunnels. In Source port box, enter 3306 and in Destination 127.0.0.1:3306. Click Add. If your mysql server uses another port, please enter as such.
Screenshot from 2016-08-24 05:56:00
3. The forwarded port is listed now. Click Open. It will start SSH connection to remote server. You will need to enter username and password. Once you connect successfully, do not close the PuTTY window because it has the SSH Tunnel to the remote server.
Screenshot from 2016-08-24 05:56:37
4. Open MySQL Workbench and enter the hostname as 127.0.0.1 and port 3306
Screenshot from 2016-08-24 05:56:54
5. Enter your password for MySql on the remote machine.
Screenshot from 2016-08-24 05:57:10
6. Finally you will receive the confirmation message as given below.
Screenshot from 2016-08-24 05:57:29

How to Upgrade PHP version to 7.0 in CentOS 6/7

Add yum repository information

Before installing, you need to add the yum repository information for the corresponding CentOS version using the rpm command.
CentOS 6.x:
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
# rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
CentOS 7.x:
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Upgrade PHP

Now you can install PHP 7.0’s mod_php SAPI (along with an opcode cache) by running the following command in the terminal
# yum install php70w php70w-opcache
Important note
If we would like to upgrade php to this version it is recommended that you first check whether your system will support the upgrade. For example you can validate this, if any CPanel like software runs fine after the upgrade. Unless you know what you are doing it is risky to upgrade an existing system.
If you are confident that the upgrade will support the system, then proceed to upgrade PHP using the following commands,
# yum install yum-plugin-replace
# yum replace php-common --replace-with=php70w-common

Verify the upgrade

Once the upgrade process is finished, you can verify the installation by running the following command in your terminal,
# php -version
If the php has been upgraded successfully, you will receive the following output,
PHP 7.0.15 (cli) (built: Jan 19 2017 21:55:34) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies

How to put google adsense code in godaddy website Builder

Login your godady account >> My Product


Website Builder click on manage 


click on Website



click on Pages


click on home





click on add section 

Type html in search Box




















D-channel is down!

we need to follow below some steps :-

if we have Digum card then change the src4 status in below file

1) vi /etc/dahdi/system.conf

change crc4 status if not available put crc4  after change in file run below comands

2) dahdi_cfg -vvvvvvvvvvvvvvvvvvvvvvvvvv

Check now in asterisk D-channel issue is resolve or not if not then ask your ISP for same.

Sangoma Card   D-channel issue :-

change the crc4 status in two file 

change crc4 status if not available put crc4  change the Ncrc4 with crc4 in wanrouter file

1) vi /etc/dahdi/system.conf

2) vi /etc/wanrouter/wanrouter1.conf

Then restart the wanrouter

3) service wanrouter restart

Check now in asterisk D-channel issue is resolve or not if not then ask your ISP for same.


exp:- In few days back i am also facing same issue with sangoma 16 port card i have change Crc4 and also told ISP but it come only when heavy call traffic on server.

Resolve :- As we check when we have heavy traffic then this issue is came. then we decide to change the server with good hardware server then issue is resolve.








How to secure our Linux server

Introduction

As we all know, a virtual server needs more security than any physical commodity as the loss incurred upon a brute force attack is not easily detectable and the damage carried out might completely destroy your online businesses or any process that is functioning online. So, it is best to obtain all the security measures one could afford to fortify the web servers from brute force attacks.
Before you get started setting up your server, let’s discuss some fundamental security measures that you can deploy to make your server as secure as possible. We will discuss different ways of securing your server in detail and also about configuring the same.

1.SSH Keys

The very basic and the most important security measure is to set up SSH based access to your server. Manual passwords are always vulnerable and the use of SSH keys will protect your server from vulnerable attacks in a much better way when compared to password protected servers. SSH keys are very easy to set up and require just a few seconds to configure them into the server.
While setting up SSH on the server, two keys are generated namely Public key and Private key out of which Private key should be kept secret by the user and the Public key can be shared if needed. Since the SSH keys have larger number of bits than the conventional passwords, it is seemingly impossible for the current set of computer hardware to crack the SSH keys as it would take lot of time for them to try the different combinations until the perfect match is attained. To learn how to setup SSH key on your server,.

2.Firewall

In simple terms, a firewall is a network security system that is designed to prevent unauthorized access to and from a private network. It can be software or a hardware device, but irrespective of that a firewall controls the flow of traffic to and from the servers based on a set of rules. There are  basically three types of firewalls which are packet filter firewalls, stateful firewalls and application layer firewalls. To understand how these firewalls differ from each other, we need to know how information is transmitted through a TCP network.
Information through a TCP network is sent in packets with each packet being assigned a header. Packet filter firewall inspects the packets individually without understanding its connection state. This means that packet filtering allows or denies a packet into or from the network based on the individual packet. On the other hand, stateful firewall analyses the packets based on the connection state and it does not apply the firewall rules until related packets are collected . Application layer firewalls are the most secure type of firewall as they inspect the data in the packets and not just the packet header. Stateful firewalls are mostly used for server protection and the firewall rules can be applied using  Iptables, nftables, UFC firewall and CSF firewall. To learn how to edit firewall rules using Iptables, check out this link.

3.VPN and Private networking

As the name suggests, Private Network is a network environment which is accessible only to distinguished users within local vicinity such as a company’s internal network. On the other hand, a VPN or Virtual Private Network is a networking method to access remote servers as if it were a part of the local private network. In other words, a VPN extends the private network across a public network such as the Internet. It enables the user to send and receive information from the server remotely but within a private network.
In context of server security, VPN plays an important part in allowing access to specific ports only through a private network. This enables users only within the private network to manage the servers and users from the public networks are barred from unrestricted access.

4.SSL/TLS encryption

SSL (Secure Sockets Layer) is a standard communication encryption technique between a web server and a browser. TLS (Transport Layer Security) is the successor of SSL, but both are generally referred to as SSL. Every time you visit any legit website, you might often see this symbol 🔒, pop up prior to the URL you enter in the browser. For example, let’s take sanketik.net
This padlock symbol represents the website’s SSL certification. Which means, sanketik.net intends to provide a safe and secure environment for its users and hence, it has provisioned its website with web security. The transaction of information is confined between the user and the web host. This digital encryption helps the website to keep the data private.
To implement SSL encryption into a website, an SSL certificate is obtained from authorized Certificate Authority (CA). This SSL certificate configures the server to trust  a specific CA after which the server trusts every certificate signed by that CA. This form of server protection is useful to prevent man in the middle attacks where in someone tries to intercept traffic between your server and the destination client.

5.Isolated execution

Isolated execution refers to isolating a particular device, in our case server, from external access and run in its own dedicated space. Isolated execution provides contained environment that enables users to limit any kind of damage that could be caused by malware through sandboxing. A sandbox is a testing environment that isolates untested code changes and protects live servers and their data, and other collections of code, data and/or content, proprietary or public, from changes that could be damaging (regardless of the intent of the author of those changes) to a mission-critical system or which could simply be difficult to revert.

How to Block IPs in linux server.


Introduction


If you wish to block an IP address from accessing your server for some reason, you can do this by changing the Iptables rules. Follow the steps given below to perform this task successfully.

Step 1: Login as root user

Login to your server as root user
ssh root@server-ip

Step 2: Add new Iptables rule

Enter the following rule to block an IP address from accessing your server
iptables -A INPUT -s IP-ADDRESS -j DROP
Replace IP-ADDRESS with the actual IP address that you want to block completely. The above rule will drop all packets coming from that particular IP to all server ports.

Aternate option – Block access to a specific port

To block server access from an IP address only on a specific port on the server, the following syntax must be used
iptables -A INPUT -s IP-ADDRESS -p tcp --destination-port port_number -j DROP
Replace the port_number with the actual one that you want to block access to.

Step 3: Saving Iptables rule

On Ubuntu:
By default Iptables rules will be wiped out once the server is restarted. To save the Iptabels rules permanently, the settings can be saved in a few different ways, but the easiest way is with the “iptables-persistent” package. This can be download from Ubuntu’s default repositories:
sudo apt-get update

sudo apt-get install iptables-persistent
Save your firewall rules with this command:
sudo invoke-rc.d iptables-persistent save
On CentOS/RHEL/Fedora:
Save your iptables rules with this command:
service iptables save

To revoke the drop rule:

To revert the rule and to allow the IP address to access the server run the following command
For all ports:
iptables -D INPUT -s IP-ADDRESS -j DROP
For specific port:
iptables -D INPUT -s IP-ADDRESS -p tcp --destination-port port_number -j DROP
Then save the changes using the commands mentioned previously.

Website redirecting to another domain ?

Rarely does this happen that when you try to access your website, some wizardry happens and you are redirected to another website which you have never come across or never even heard of. Don’t panic immediately if this ever happens to you. The reason for this unusual incident could range from a simple DNS issue to serious issue involving the hacking to your website.

In this article we will try to explain briefly why this issue can arise if there is a DNS issue with the name server where the domain name of your website is hosted.

Example case study

Consider a real life scenario where a domain name say www.example1.com is hosted on a particular hosting website and the domain name is pointed to its server IP address (say xxx.xxx.xx.xx) using the hosting site’s DNS panel. Now for some reason the owner of the IP Address xxx.xxx.xx.xx decides to switch the hosting provider and shuts down the server that was hosting the domain. But after doing so, it is necessary for the Domain owner to make sure that in the DNS panel, the server IP address does not reflect the domain name www.example1.com anymore. Consider that the DNS was not flushed in this case.
Now the server that was shut down (with IP address xxx.xxx.xx.xx), will be utilized for the next customer by the hosting provider. When a new domain name say www.example2.comis to be hosted by the same provider, and the provider decides to deploy the domain name www.example2.com on the server with IP address xxx.xxx.xx.xx, (Whose DNS panel still reflects the domain name www.example1.com), this issue arises.

How to install MSSQL on Windows servers

These steps should be similar on other versions of Windows, however some prerequisites may be required on older versions of Windows.
If you haven’t already downloaded SQL Server 2012 Express, you can get it from Microsoft here. I downloaded the Advanced version because it includes Management Studio, although you can download that separately.
Step 1
To begin, launch the install program and choose the top option to install a new stand-alone installation.
p1
Step 2
On the End User License Agreement page, read the license agreement, and then select I accept the licensing terms and conditions check box. Click Next.
p2
Step 3
At this point you can choose the features that you want to install(mostly the features will be selected by default). Click Next to continue.
p3
Step 4
Now you can configure the SQL instance. If this is the first instance of SQL Server on your computer, you probably want to change this setting to Default instance. If you already have another instance of SQL Server, you will want to use Named Instance and give it a name.
Click Next to continue.
a5
Step 5
The next step is server configuration. Don't do any changes and click on Next.
Step 6
Now we come to the Database Engine configuration. On the Server Configuration tab you can select whether SQL Server will only authenticate using Windows accounts or you can choose Mixed Mode which will allow Windows accounts and SQL accounts. We usually set this to mixed mode and set a password for the “sa” account. You can also add or remove accounts that will be SQL administrators. (example: e2enetworks user)
Click Next to continue.
a6
Step 7
The next step configures Reporting Services. Set this to Install Only if you don’t need reporting services or may need them in the future. You can always go back and configure it later.
Click Next to continue.
p5
Step 8
On the Error Reporting step, you can choose whether or not you would like to send error reports to Microsoft to help them improve future releases of SQL server.
Click Next to continue.
a7
At this point, SQL server will install on your computer. This could take a while to complete.
Once the installation has completed, you will receive a screen showing the details of what was completed and if there were any problems.
p6
Installation done and you can now login SQL server Management studio with below credentials
username: sa
password: xxxxxx(which has been set)

How to solve apache error “No space left on device: Cannot create SSLMutex”

Diagnosis

When Apache does not start and shows the following result while prompting it to start, check the error_log file,
Starting httpd : [Failed]
The following error in error_log file may be causing the issue ( /var/log/httpd/error_log )
[error] (28)No space left on device: Cannot create SSLMutex

Cause

These errors mean that there are no available IPC (inter-process communication) resources in the system, such as semaphores or shared memory segments.
To check the allocated semaphores use the command ipcs -us

Solution

Option 1:
Run this command as root,
# ipcs | grep apache
If you see a list of semaphores, apache has not cleaned itself. Use the following command to clean it,
# ipcs -s | grep apache | awk ’ { print $2 } ’ | xargs -n 1 ipcrm -s
Option 2:
Increase the limits in /etc/sysctl.conf
kernel.msgmni = 1024
kernel.sem = 250 256000 32 1024
Load the new sysctl settings from  /etc/sysctl.conf
# sysctl -p

How to Clean up Your wp(Word Press)-options Table and Auto loaded Data

If you experience WordPress backend panel (wp-admin) running very slow or witnessing slow query times, then it is advised to clean up the wp_options Table and Autoloaded Data.

wp_options Table

The wp_options table contains all sorts of data for your WordPress site such as –
  • Site URL, home URL, admin email, posts per page, time format, default category etc
  • Settings for themes, plugins, widgets
  • Temporarily cached data
Autoloaded data is an important thing to understand about the wp_options table that is loaded on every page of your WordPress site. The autoloaded data may contain large amount of data in the wp_options table such as –
  • Autoloaded data by a plugin
  • autoloaded data that is left behind from third-party plugins and themes which have been removed from the WordPress site.
  • Plugin and theme developers are flooding data into the wp_options table instead of utilizing their own tables.
  • Autoload data limit
    • Ideal autoload data limit = 300 KB to 1MB.
    • optimized or removal required = 3-5 MB
    • Addressed right away = <10 MB

Check, troubleshoot, and clean up

Check out these tips below on how to check, troubleshoot, and clean up your wp_options table
1.The wp_options table has no index on autoload, so the query ends up doing a full table scan.Adding an index might solve the problem.
First, do this query to see what the distribution looks like:

SELECT COUNT(*), autoload FROM wp_options GROUP BY autoload;
If a large majority of them are set to 'no', you can solve the problem for now by adding an index on autoload.

ALTER TABLE wp_options ADD INDEX (`autoload`);

2.Transient options inserted into the table but hadn’t been automatically deleted.
Query the wp_options table for option names that contained "transient"

SELECT * FROM wp_options WHERE option_name LIKE '%transient%';
Check the fields that contain massive amounts of data in the option_value field. The solution is to delete all the “transient” rows which will not hurt the server since “transient” rows will automatically repopulate (if they are supposed to be there).
Delete the rows

DELETE from wp_options where option_name like '%transient%';

How to Download and Install RHEL8 Beta For Free (Red Hat Enterprise Linux)

RHEL (Red Hat Enterprise Linux) 8 beta was released on November 14, 2018, 4 years after the release of RHEL 7. This tutorial will be showi...