Monday, 8 January 2018

How to Creating Tunnel From Windows Using PuTTY

what is PuTTY?

PuTTY is open source software that is available with source code and is developed and supported by a group of volunteers.
Please find the below steps to create tunnel from windows:
  1. Please open PuTTY application and enter the server hostnameor IP address.
Screenshot from 2016-08-24 05:55:36
2. Now, we need to setup the tunnel. Choose Connection -> SSH -> Tunnels. In Source port box, enter 3306 and in Destination 127.0.0.1:3306. Click Add. If your mysql server uses another port, please enter as such.
Screenshot from 2016-08-24 05:56:00
3. The forwarded port is listed now. Click Open. It will start SSH connection to remote server. You will need to enter username and password. Once you connect successfully, do not close the PuTTY window because it has the SSH Tunnel to the remote server.
Screenshot from 2016-08-24 05:56:37
4. Open MySQL Workbench and enter the hostname as 127.0.0.1 and port 3306
Screenshot from 2016-08-24 05:56:54
5. Enter your password for MySql on the remote machine.
Screenshot from 2016-08-24 05:57:10
6. Finally you will receive the confirmation message as given below.
Screenshot from 2016-08-24 05:57:29

How to Upgrade PHP version to 7.0 in CentOS 6/7

Add yum repository information

Before installing, you need to add the yum repository information for the corresponding CentOS version using the rpm command.
CentOS 6.x:
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
# rpm -Uvh https://mirror.webtatic.com/yum/el6/latest.rpm
CentOS 7.x:
# rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

Upgrade PHP

Now you can install PHP 7.0’s mod_php SAPI (along with an opcode cache) by running the following command in the terminal
# yum install php70w php70w-opcache
Important note
If we would like to upgrade php to this version it is recommended that you first check whether your system will support the upgrade. For example you can validate this, if any CPanel like software runs fine after the upgrade. Unless you know what you are doing it is risky to upgrade an existing system.
If you are confident that the upgrade will support the system, then proceed to upgrade PHP using the following commands,
# yum install yum-plugin-replace
# yum replace php-common --replace-with=php70w-common

Verify the upgrade

Once the upgrade process is finished, you can verify the installation by running the following command in your terminal,
# php -version
If the php has been upgraded successfully, you will receive the following output,
PHP 7.0.15 (cli) (built: Jan 19 2017 21:55:34) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies

How to put google adsense code in godaddy website Builder

Login your godady account >> My Product


Website Builder click on manage 


click on Website



click on Pages


click on home





click on add section 

Type html in search Box




















D-channel is down!

we need to follow below some steps :-

if we have Digum card then change the src4 status in below file

1) vi /etc/dahdi/system.conf

change crc4 status if not available put crc4  after change in file run below comands

2) dahdi_cfg -vvvvvvvvvvvvvvvvvvvvvvvvvv

Check now in asterisk D-channel issue is resolve or not if not then ask your ISP for same.

Sangoma Card   D-channel issue :-

change the crc4 status in two file 

change crc4 status if not available put crc4  change the Ncrc4 with crc4 in wanrouter file

1) vi /etc/dahdi/system.conf

2) vi /etc/wanrouter/wanrouter1.conf

Then restart the wanrouter

3) service wanrouter restart

Check now in asterisk D-channel issue is resolve or not if not then ask your ISP for same.


exp:- In few days back i am also facing same issue with sangoma 16 port card i have change Crc4 and also told ISP but it come only when heavy call traffic on server.

Resolve :- As we check when we have heavy traffic then this issue is came. then we decide to change the server with good hardware server then issue is resolve.








How to secure our Linux server

Introduction

As we all know, a virtual server needs more security than any physical commodity as the loss incurred upon a brute force attack is not easily detectable and the damage carried out might completely destroy your online businesses or any process that is functioning online. So, it is best to obtain all the security measures one could afford to fortify the web servers from brute force attacks.
Before you get started setting up your server, let’s discuss some fundamental security measures that you can deploy to make your server as secure as possible. We will discuss different ways of securing your server in detail and also about configuring the same.

1.SSH Keys

The very basic and the most important security measure is to set up SSH based access to your server. Manual passwords are always vulnerable and the use of SSH keys will protect your server from vulnerable attacks in a much better way when compared to password protected servers. SSH keys are very easy to set up and require just a few seconds to configure them into the server.
While setting up SSH on the server, two keys are generated namely Public key and Private key out of which Private key should be kept secret by the user and the Public key can be shared if needed. Since the SSH keys have larger number of bits than the conventional passwords, it is seemingly impossible for the current set of computer hardware to crack the SSH keys as it would take lot of time for them to try the different combinations until the perfect match is attained. To learn how to setup SSH key on your server,.

2.Firewall

In simple terms, a firewall is a network security system that is designed to prevent unauthorized access to and from a private network. It can be software or a hardware device, but irrespective of that a firewall controls the flow of traffic to and from the servers based on a set of rules. There are  basically three types of firewalls which are packet filter firewalls, stateful firewalls and application layer firewalls. To understand how these firewalls differ from each other, we need to know how information is transmitted through a TCP network.
Information through a TCP network is sent in packets with each packet being assigned a header. Packet filter firewall inspects the packets individually without understanding its connection state. This means that packet filtering allows or denies a packet into or from the network based on the individual packet. On the other hand, stateful firewall analyses the packets based on the connection state and it does not apply the firewall rules until related packets are collected . Application layer firewalls are the most secure type of firewall as they inspect the data in the packets and not just the packet header. Stateful firewalls are mostly used for server protection and the firewall rules can be applied using  Iptables, nftables, UFC firewall and CSF firewall. To learn how to edit firewall rules using Iptables, check out this link.

3.VPN and Private networking

As the name suggests, Private Network is a network environment which is accessible only to distinguished users within local vicinity such as a company’s internal network. On the other hand, a VPN or Virtual Private Network is a networking method to access remote servers as if it were a part of the local private network. In other words, a VPN extends the private network across a public network such as the Internet. It enables the user to send and receive information from the server remotely but within a private network.
In context of server security, VPN plays an important part in allowing access to specific ports only through a private network. This enables users only within the private network to manage the servers and users from the public networks are barred from unrestricted access.

4.SSL/TLS encryption

SSL (Secure Sockets Layer) is a standard communication encryption technique between a web server and a browser. TLS (Transport Layer Security) is the successor of SSL, but both are generally referred to as SSL. Every time you visit any legit website, you might often see this symbol 🔒, pop up prior to the URL you enter in the browser. For example, let’s take sanketik.net
This padlock symbol represents the website’s SSL certification. Which means, sanketik.net intends to provide a safe and secure environment for its users and hence, it has provisioned its website with web security. The transaction of information is confined between the user and the web host. This digital encryption helps the website to keep the data private.
To implement SSL encryption into a website, an SSL certificate is obtained from authorized Certificate Authority (CA). This SSL certificate configures the server to trust  a specific CA after which the server trusts every certificate signed by that CA. This form of server protection is useful to prevent man in the middle attacks where in someone tries to intercept traffic between your server and the destination client.

5.Isolated execution

Isolated execution refers to isolating a particular device, in our case server, from external access and run in its own dedicated space. Isolated execution provides contained environment that enables users to limit any kind of damage that could be caused by malware through sandboxing. A sandbox is a testing environment that isolates untested code changes and protects live servers and their data, and other collections of code, data and/or content, proprietary or public, from changes that could be damaging (regardless of the intent of the author of those changes) to a mission-critical system or which could simply be difficult to revert.

How to Block IPs in linux server.


Introduction


If you wish to block an IP address from accessing your server for some reason, you can do this by changing the Iptables rules. Follow the steps given below to perform this task successfully.

Step 1: Login as root user

Login to your server as root user
ssh root@server-ip

Step 2: Add new Iptables rule

Enter the following rule to block an IP address from accessing your server
iptables -A INPUT -s IP-ADDRESS -j DROP
Replace IP-ADDRESS with the actual IP address that you want to block completely. The above rule will drop all packets coming from that particular IP to all server ports.

Aternate option – Block access to a specific port

To block server access from an IP address only on a specific port on the server, the following syntax must be used
iptables -A INPUT -s IP-ADDRESS -p tcp --destination-port port_number -j DROP
Replace the port_number with the actual one that you want to block access to.

Step 3: Saving Iptables rule

On Ubuntu:
By default Iptables rules will be wiped out once the server is restarted. To save the Iptabels rules permanently, the settings can be saved in a few different ways, but the easiest way is with the “iptables-persistent” package. This can be download from Ubuntu’s default repositories:
sudo apt-get update

sudo apt-get install iptables-persistent
Save your firewall rules with this command:
sudo invoke-rc.d iptables-persistent save
On CentOS/RHEL/Fedora:
Save your iptables rules with this command:
service iptables save

To revoke the drop rule:

To revert the rule and to allow the IP address to access the server run the following command
For all ports:
iptables -D INPUT -s IP-ADDRESS -j DROP
For specific port:
iptables -D INPUT -s IP-ADDRESS -p tcp --destination-port port_number -j DROP
Then save the changes using the commands mentioned previously.

Website redirecting to another domain ?

Rarely does this happen that when you try to access your website, some wizardry happens and you are redirected to another website which you have never come across or never even heard of. Don’t panic immediately if this ever happens to you. The reason for this unusual incident could range from a simple DNS issue to serious issue involving the hacking to your website.

In this article we will try to explain briefly why this issue can arise if there is a DNS issue with the name server where the domain name of your website is hosted.

Example case study

Consider a real life scenario where a domain name say www.example1.com is hosted on a particular hosting website and the domain name is pointed to its server IP address (say xxx.xxx.xx.xx) using the hosting site’s DNS panel. Now for some reason the owner of the IP Address xxx.xxx.xx.xx decides to switch the hosting provider and shuts down the server that was hosting the domain. But after doing so, it is necessary for the Domain owner to make sure that in the DNS panel, the server IP address does not reflect the domain name www.example1.com anymore. Consider that the DNS was not flushed in this case.
Now the server that was shut down (with IP address xxx.xxx.xx.xx), will be utilized for the next customer by the hosting provider. When a new domain name say www.example2.comis to be hosted by the same provider, and the provider decides to deploy the domain name www.example2.com on the server with IP address xxx.xxx.xx.xx, (Whose DNS panel still reflects the domain name www.example1.com), this issue arises.

Step-by-step OpenLDAP Installation and Configuration on server

This tutorial describes how to install and configure an OpenLDAP server and also an OpenLDAP client. Step by Step Installation and Conf...