Posted on 16 August 2010.
How CSF Can Protect your Server From Dost Attacks
there is a new built-in feature with newly version of CSF that can protect your serer against Dos Attack
you can easily protect any of your open ports against dos attack by providing their port in the field of its configuration
forexample that one of the vulnerable to dos attacks prots is the port 80 which your web server use and that could be any web server and
the most known is apache
Go to Plugin managers in WHM/Cpanel
then choose csf
select configration
then go down to find CT_LIMIT =
then type any max number of connection that you may want to allow the clients ip address could have
on CT_INTERVAL = you can type any intervals that you want its maximum amount to be checked
check this CT_EMAIL_ALERT = if you want to recieve emails form reporting the banning of those ip addresses
make CT_PERMANENT = remain 0 not to block an ip address permanently
CT_BLOCK_TIME = should be 300 that is a good and resonable value
make CT_SKIP_TIME_WAIT = into 1 if you do like not to have Tim_WAIT to be counted as ip connections but it is
better to have it remain 0
in CT_STATES = provide thet specific state you want to be counted as a connection of ip address to the server
in CT_PORTS = it is recommanded to provide only port 80,443 delimited just like this with comma to count only
connections of ip address only on this port that ports like ftp that are connections hungry wont counted as an ip connection
that may have false-positive effects
Posted in CSF Firewall
Posted on 03 August 2010.
Why Csf Firewall is notifying me by this warrning
Firewall Status: Enabled but in Test Mode – Don’t forget to disable TESTING in the Firewall Configuration
Dont become worry, it is just saying that your firewall is in test mode and is not active.This is because by default after you installed CSf, its status is in testing mode , not to provide any confiusion in the system so that after you tested that every thing were fine by havind csf in test mode you can change its status to the active mode to Defend your server against Attacks.
How to Enable CSF Firewall in active mode and getting reed of Test Mode
Login to WHM ad goto the plugin and select
ConfigServer Security&Firewall
then go to the Firewall Configuration
on the very first item you could be able to see “TESTING =” that is by default assigned 1 value to it
just you need to change its value to 0 so that testing mode will be disabled and its status will be changed into active mode
after that restart CSF firewall for the changes take effect and now you are done
Thanks
Posted in CSF Firewall
Posted on 12 May 2010.
it was always so hard for me to install ffmpeg and all of its dependencies every time such as flvtool2 mplayer lame ffmpeg-php and so on.it took me about 2 or 3 days or so for installing and configuring them that it was because of even error in the installing or not matching all the packages versions with each other.
so there is a chance of making over this problem that some Linux Shell scripter has created a bash shell script to install all of these at once with just a command without to have any worry
in the following I have listed one of the best ffmpeg auto installer that will install ffmpeg and all of the packages dependencies of that very easy
the reason i have chosen this is because it has worked for me every time without any errors
this is for “Modified: 24th October 2009″, it seems a litle old but it will save you much time to have ffmpeg installd so fast
first you need to register your servers ip address to allow running of this script in your srever in this
Register
Download Latest Version: http://scriptmantra.info/scripts/AAST_ffmpeg_installer_5.0.7b
cd /usr/src
wget http://scriptmantra.info/scripts/AAST_ffmpeg_installer_5.0.7b
chmod +x AAST_ffmpeg_installer_5.0.7b
./AAST_ffmpeg_installer_5.0.7b
*libogg
*libvorbis
*libvorbisenc
*libvorbisfile
*libamrnb
*libamrwb
*libgsm
*libtheora
*Lame
*libschroedinger
*twolame
*speex |
*libtheoradec
*libtheoraenc
*libxvidcore
*libx264
*libnut
*liba52
*mplayer codecs at /usr/local/lib/codecs
*ffmpeg libraries at /usr/local/lib
*libdirac
*libdca |
| FFmpeg-PHP Version 0.6.0 |
FFmpeg Version: SVN-r16244 |
Posted in Linux
Posted on 08 March 2010.
changeing the ssh port to a non-standard port
for securing it first you need to change the access to the ssh to a non-standard port so that even by using some backdoors your root password was hacked you are convinience that nobody still has any access to the ssh to destroy your file and server
to do so run this command to open the “/etc/ssh/sshd_config” with nano editor
nano /etc/ssh/sshd_config
got to the line containing
and remove the # to uncomment it and use an alternative instead of port 22
remember to mention the unstandard port that you changed in the firwall to allow tcp_out and tcp_in connections
so it will turn out to be somthing like this
and also put the the port number”3957″ tcp_out and tcp_in in the firewall
Force the SSH to use the protocol 2
second go and edit this line
and by removing the # to uncomment this line and specify the protocol 2 for ssh by changing it to
Posted in Centos
Posted on 06 March 2010.
in this tutorial I want to show you the best graphical software to monitor your proccess loged in the past hours or days
for doing so first you must have sar installed.so for doing so install sar if you havn’t.
hopefully by defalt the sar package is avaleble in Linux Centos Server which I have workded 99% of my times with it.so the only thing you must run is to do a yum install
so you have installed sar
for runing the sar jsut type sar
I dont want to tell you the command stuff including in sar, instead i ant to tell you the best graphical interface which will read all of the logs and show it in graphical interface
after you had sar installed wait for one day to have all the loges saved of these ours then downlaod the
ksar
then run it and type the root ip and root access to your server to have all the logs of every thing such as load of the server,ram usage,cpu usage,and swap and every thing graphicly in your front local desktop
good luck
voskha
Posted in Centos
Posted on 23 February 2010.
to change ownership of a file or folder use “chmod” command
Example:
if you want to make it recursive jsut and -R to it
chmod -R user:user folder
this is also correcto for the filesExample:
chmod user:user filename.html
you may ask your self why the owership has to valu seprated by colon
the first is the ownername and the second is the groupname
owner:groupname
Posted in Linux
Posted on 23 February 2010.
to change permision there is a command to do so that is chmod
Example:
chmod 644 customfile.html
this will change the permission of the file “customfile.html” to 644
what does 644 mean?
every file and folder in lniux has 2 thre main field for permission
one will provide the user and group and world access
the other will creat the permision of these accesses
the read access of a file or a folder hase a value of 4
the write is 2
and the execute has the value of 1
so to have a better visual understanding I will show you the permission of 644
Mode User Group World
Read 4 4 4
Write 2 2 2
Execute 0 0 0
Permission 6 4 4
hope you had a better understand of the permission now
so lets talk about how to change a permission of a directory(folder)
just like changing the permission of a folder
to make it recursive meaning all of the folders and fiels inside this myfolder directory will be change
Posted in Linux
Posted on 23 February 2010.
to going to a directory you could use the following command
Example:
the following will go to the /home directory
for going a level uper than the folder where you are curently on it use”..” such the following example
Example:
will go to the /home/cusernamecd directory
this will go a leve uper than where you are so in this example it will go to /home directory
to delete a fire use
to delete without being prompted
to delete all the files in a directory
again to delete without being promted
or also you can use
Posted in Linux
Posted on 14 February 2010.
yesterday our linux OS on the server unexpectedly crashed without any reasons
I attempted to reboot it but it couldn’t
I ran the fsck command to make file systems check but it did somthing but finally failed
I tried too reboot again and it could finaly go down but It couldn’t get back online again:(
I asked the datacenter to check it, but unfortunatly he told me the kernel has been crashed and he did what he could but couldn’t makeit, so he offered me to relaod the os
I aksed him to reinstalled the os on a new hard drive
after everything finieshed and the server were ready all I could do was relying on the backups
we usualy create backups monthly but fortunately I manually created the backup of 95% of the hosting accounts
I created a restore.sh to restore the all existing backups after moving them to home directory
all the accounts restored to 7 days ago, yes it seems auful to loose of the data of the days between these 7days but what if we didn’t heave wven this
after those hosting accounts were restored I went to do the restore the 5% of remaining accounts
every site took me about 4to 5 hours to be completed…..:((
so my advice to you,even if you do not have a larg bussiness
have backup of all of your data in an external hard or in dvd atleast in every month
keep in mind that the accidents will always happen
Posted in Linux
Recent Comments