Archive

Installing htop on Centos

htop is an interactive process viewer for Linux, which is a powerful alternative to the start ‘top’ utility. Some of the benefits of htop:

  • Supports mouse interactions
  • Better sorting and selective display
  • Color formatted display
  • Resource graphs
  • Process treeview

Installing htop

To install htop to Redhat or CentOS (5.X) Linux easily via the yum package manager, the rpmforge package repository must be installed. To install, retrieve, and install the following RPM for your architecture (32bit or 64bit).

32-BIT

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rpm -Uhv rpmforge-release*.rf.i386.rpm

64BIT

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
rpm -Uhv rpmforge-release*.rf.x86_64.rpm

Now that the rpmforge repository is installed, you can install the htop package easily via yum.

yum install htop

How To Migrate Websites In Kloxo

Here are the simple few minutes steps that you can use to migrate your websites from one Kloxo Panel to another simply one server to another server .

For the test am taking the following references :

Domain : domain.com
Database Details :-
->Hostname : localhost
->Database Name : db_test
->Database Username : db_test
->Database Pass : password

Old Server Kloxo : Kloxo 1
New Server Kloxo : Kloxo 2

Old Server SSH : SSH 1
New Server SSH : SSH 2

Note : Do not change your DNS to new server as we need old domain working to wget the files and database .

Here we go :-

Step 1 . Login to your Kloxo 1 and login using root in SSH 1 .
Step 2 . Lets assume that we are moving domain.com to different server , go to File Manager > domain.com 

Then select your domain.com . It should show your files .

Step 3 . First unhide all files , Just click on T Hidden .

Step 4 . Then select all files using the checkbox . Then click on Zip , it will take few mins depending upon your processor speed .

Now you’ll be having something named NewArchive-Month-Year-Date.zip in your files .

The location for your archive is /home/admin/domain.com/ .

Step 5 . Head over to the SSH 1 .

Files backup is done , we’ll now going to take backup of your site database .

To backup database run the below command .

[code]mysqldump -u db_test -p db_test | gzip -4 > /home/admin/domain.com/db_test.sql.gz[/code]

After this command is executed it will then ask for your database password , just put the password as “password” . Remember its an database password not the Mysql root password .

Once password is given , it will start backup of database and place it with your site files .
Step 6 . Login to Kloxo 2 and SSH 2 .

Step 7 . Now create a new domain.com on new server in Kloxo 2 .

Click on Domain tab :-

Then add your domain.com here :- 


Step 8 . Now head over to SSH 2 .

Execute the following commands .

[code]cd /home/admin/domain.com[/code]

 

Now we’ll fetch files from old server to new server .

[code]wget domain.com/NewArchive-Month-Year-Date.zip[/code]
[code]wget domain.com/db_test.sql.gz[/code]

Step 9 . We now start procedure to restore files .

Be sure you still in same directory in SSH 2 .

[code]unzip NewArchive-Month-Year-Date.zip[/code]

The above command will extract files .

Step 10 . Now in order to restore Database , you first need to create new database in Kloxo 2 .

Click on MySQL Databases and then click tab for “Add Mysql Database” .

After the database creation , head back to SSH 2 .

Execute the following command .

[code]gunzip < /home/admin/domain.com/db_test.sql.gz | mysql -u db_test -p -h localhost db_test[/code]

Again , use your database password to proceed with the restore . Remember it needed the database password to proceed not the root mysql password .

Finally , in the end your site is successfully migrated from one server to another .

If anyone is facing any issues in migration then you can leave a comment , we’d be happy to assist .

How To Extract .bz2 Files

In order to extract .bz2 compressed files on Linux   

1. If the file is .tar.bz2, then you can use   

[code]tar xjvf file.tar.bz2[/code]
  

2 To extract it all at once. If the file is just .bz2, then use   

[code]bunzip2 file.bz2[/code]

cPanel HTTP Error 401 Fix

Hey,

From a long time i seen this kind of errors with many customers who are having cPanel installed .

So i thought to share its solution with everyone so that they can sort it out themselves .

1 . Login via root using putty or terminal .
2 . Follow the steps :-

[code]mv /usr/local/cpanel/base/3rdparty/Logaholic /usr/local/cpanel/base/3rdparty/Logaholic.bk[/code]

[code]/usr/local/cpanel/bin/update-logaholic –force[/code]

 

3 . Restart cPanel :-

 

[code]service cpanel restart[/code]

 

I hope the above will fix these HTTP 401 errors . Let me know if anyone need any assistance

How to Install an OpenVPN Server on CentOS 6

This article will guide you through the setup and configuration of OpenVPN server on your CentOS 6 cloud server. We will also cover how to configure your Windows, OS X, or Linux client to connect to your newly installed OpenVPN server.

Before we begin, you’ll need to have the Extra Packages for Enterprise Linux (EPEL) Repository enabled on your cloud server. This is a third party repository offered by the Fedora Project which will provide the OpenVPN package.

wget http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -Uvh epel-release-6-8.noarch.rpm

Initial OpenVPN Configuration


First, install the OpenVPN package from EPEL:

yum install openvpn -y

OpenVPN ships with only a sample configuration, so we will copy the configuration file to its destination:

cp /usr/share/doc/openvpn-*/sample-config-files/server.conf /etc/openvpn

Now that we have the file in the proper location, open it for editing:

nano -w /etc/openvpn/server.conf

Our first change will be to uncomment the “push” parameter which causes traffic on our client systems to be routed through OpenVPN.

push "redirect-gateway def1 bypass-dhcp"

We’ll also want to change the section that immediately follows route DNS queries to Google’s Public DNS servers.

push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

In addition, to enhance security, make sure OpenVPN drops privileges after startup. Uncomment the relevant “user” and “group” lines.

user nobody
group nobody

Generating Keys and Certificates Using easy-rsa


Now that we’ve finished modifying the configuration file, we’ll generate the required keys and certificates. As with the configuration file, OpenVPN places the required scripts in the documentation folder by default. Create the required folder and copy the files over.

mkdir -p /etc/openvpn/easy-rsa/keys
cp -rf /usr/share/openvpn/easy-rsa/2.0/* /etc/openvpn/easy-rsa

With the files in the desired location, we’ll edit the “vars” file which provides the easy-rsa scripts with required information.

nano -w /etc/openvpn/easy-rsa/vars

We’re looking to modify the “KEY_” variables, located at the bottom of the file. The variable names are fairly descriptive and should be filled out with the applicable information.

Once completed, the bottom of your “vars” file should appear similar to the following:

export KEY_COUNTRY="US"
export KEY_PROVINCE="NY"
export KEY_CITY="New York"
export KEY_ORG="Organization Name"
export KEY_EMAIL="[email protected]"
export KEY_CN=droplet.example.com
export KEY_NAME=server
export KEY_OU=server

OpenVPN might fail to properly detect the OpenSSL version on CentOS 6. As a precaution, manually copy the required OpenSSL configuration file.

cp /etc/openvpn/easy-rsa/openssl-1.0.0.cnf /etc/openvpn/easy-rsa/openssl.cnf

We’ll now change into our working directory and build our Certificate Authority, or CA, based on the information provided above.

cd /etc/openvpn/easy-rsa
source ./vars
./clean-all
./build-ca

Now that we have our CA, we’ll create our certificate for the OpenVPN server. When asked by build-key-server, answer yes to commit.

./build-key-server server

We’re also going to need to generate our Diffie Hellman key exchange files using the build-dh script and copy all of our files into /etc/openvpn as follows:

./build-dh
cd /etc/openvpn/easy-rsa/keys
cp dh1024.pem ca.crt server.crt server.key /etc/openvpn

In order to allow clients to authenticate, we’ll need to create client certificates. You can repeat this as necessary to generate a unique certificate and key for each client or device. If you plan to have more than a couple certificate pairs be sure to use descriptive filenames.

cd /etc/openvpn/easy-rsa
./build-key client

Routing Configuration and Starting OpenVPN Server


Create an iptables rule to allow proper routing of our VPN subnet.

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
service iptables save

Then, enable IP Forwarding in sysctl:

nano -w /etc/sysctl.conf

# Controls IP packet forwarding
net.ipv4.ip_forward = 1

Finally, apply our new sysctl settings. Start the server and assure that it starts automatically on boot:

sysctl -p
service openvpn start
chkconfig openvpn on

You now have a working OpenVPN server. In the following steps, we’ll discuss how to properly configure your client.

Configuring OpenVPN Client


Now that your OpenVPN server is online, lets configure your client to connect. The steps are largely the same regardless of what operating system you have.

In order to proceed, we will need to retrieve the ca.crt, client.crt and client.key files from the remote server. Simply use your favorite SFTP/SCP (Secure File Transfer Protocol/Secure Copy) client and move them to a local directory. You can alternatively open the files in nano and copy the contents to local files manually. Be aware that the client.crt and client.key files will are automatically named based on the parameters used with “./build-key” earlier. All of the necessary files are located in /etc/openvpn/easy-rsa/keys

nano -w /etc/openvpn/easy-rsa/keys/ca.crt
nano -w /etc/openvpn/easy-rsa/keys/client.crt
nano -w /etc/openvpn/easy-rsa/keys/client.key

With our certificates now on our client system, we’ll create another new file called client.ovpn, where “client” should match the name of the client being deployed (from build-key), the contents should be as follows, substituting “x.x.x.x” with your cloud servers IP address, and with the appropriate files pasted into the designated areas. Include only the contents starting from the “BEGIN” header line, to the “END” line, as demonstrated below. Be sure to keep these files as confidential as you would any authentication token.

client
dev tun
proto udp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
<ca>
Contents of ca.crt
</ca>
<cert>
Contents of client.crt
</cert>
<key>
Contents of client.key
</key>

As all of the required information to establish a connection is now centralized in the .ovpn file, we can now deploy it on our client system. On Windows, regardless of edition, you will need the official OpenVPN Community Edition binaries which come prepackaged with a GUI. The only step required post-installation is to place your .ovpn configuration file into the proper directory (C:\Program Files\OpenVPN\config) and click connect in the GUI. OpenVPN GUI on Windows must be executed with administrative privileges.

On Mac OS X, the open source application “Tunnelblick” provides an interface similar to OpenVPN GUI on Windows, and comes prepackagd with OpenVPN and required TUN/TAP drivers. As with Windows, the only step required is to place your .ovpn configuration file into the ~/Library/Application Support/Tunnelblick/Configurations directory.

On Linux, you should install OpenVPN from your distributions official repositories. You can then invoke OpenVPN by simply executing:

sudo openvpn --config ~/path/to/client.ovpn

Congratulations! If you made it this far you should now have a fully operational VPN running on your cloud server. You can verify that your traffic is being routed through the VPN by checking Google to reveal your public IP.

How to setup OpenVPN in a Debian 6 VPS

Sometimes, especially with all of the sales, you can gather quite a few extra VPS servers. Especially small ones that aren’t very good for large scale projects. This is why I decided to turn one of my low end VPS servers (that’s redundant, isn’t it…) into an openVPN server that I can use to securely access the Internet. This is especially helpful for on my Android phone when connecting to wireless hot spots. You never know who is looking at your traffic.

So let’s get started!

 

Open VPN is very powerful. It can be customized in many different ways and for the sake of this article we are going to set up a simple and easy to use version of OpenVPN called OpenVPN AS. This will allow you to create user account, limit bandwidth, configure tunneling, and all that good stuff right from a web browser without having to mess with confusing configuration files. The only downside to this is the python server for the web interface takes up a bit more memory than a vanilla, manual configured, OpenVPN server. But it is still completely worth it. I have tested this on a ~320MB OpenVZ VPS and it runs flawlessly. Just make sure your provider enable TUN/TAP for your container. That should only be necessary on OpenVZ. On the other hand, KVM server will allow you to proceed full steam ahead!

First off, I would recommend preforming a clean install of Debian 6 to your VPS through the providers web control panel. It’s not required but just in case there are some left over packages from your previous projects, it should clean up them up.

Now we are ready to grab the packages we need!

wget backup.shineservers.in/openvpn.sh

 

chmod +x openvpn.sh

 

sh openvpn.sh

For any other issues and feedback please e-mail us at [email protected]

PPTP Debian/Ubuntu OpenVZ Setup Script

This guide is intended for those who want to set up a PPTP VPN on OpenVZ with Debian or Ubuntu on a capable provider such as ShineServers.Com . Lots of time has been spent through trial and error trying to figure it out. Insight and portions of this guide have been taken from howtogeek.com.

What is PPTP?

PPTP is short for Point-to-Point Tunneling Protocol, a technology for creating Virtual Private Networks (VPNs) quickly. Support is built-in to many operating systems natively, without needing an additional client, unlike OpenVPN.

What does this script do?

This script will automatically PPTP/PoPToP on your OpenVZ VPS in a few of minutes. Port forwarding, server configuration, and authentication setup is all taken care of for you.

How do I install it?

1. Make sure that your VPS has its PPP module working. To check, run the following command:

cat /dev/ppp

If your VPS returns this message, then your PPP module is set correctly:

cat/dev/ppp: No such device or address

 

If not, then you need to enable it in SolusVM (or disable and re-enable it).

2. Copy and paste these lines into your SSH client of choice:

wget https://raw.github.com/cwaffles/ezpptp/master/ezpptp.sh

chmod +x ezpptp.sh && ./ezpptp.sh

 

I hope it will be worth installing it , if you face any problems then you can always comment in comment box below .

Setup a PPTP VPN in OpenVZ

  1. Enable PPP module in SolusVM (Manage > Controls > Settings > “Enable PPP”)
  2. Re-install with our Debian 6 w/pptpd template in SolusVM (Manage > Controls > General > “Re-install”)
  3. Change localip in /etc/pptpd.conf to your VPS IP address
  4. Setup username and password in /etc/ppp/chap-secrets
  5. Run iptables -t nat -A POSTROUTING -j SNAT –to-source YOURVPSIP
  6. Run iptables-save
  7. Run service pptpd restart
  8. Run sh /root/reapply.sh

And you’re all set. Login to you server using your VPS’s IP address and credentials. If you have any issues try the following troubleshooting steps:

Run the following command: cat /dev/ppp
If it returns “cat: /dev/ppp: No such device or address” then your PPP module is set correctly, if not, you need to enable it in SolusVM (or disable and re-enable it).

Restart your VPS in SolusVM. If this allows you to connect but you do not have internet access, you’ll need to re-run the iptables commands above (steps 5 and 6).

How to secure SSH in Centos

When you first begin to approach your newly installed server, there are a few early steps you should take to make it more secure from hackers. The first tasks can include setting up a new user, providing them with the proper privileges, and configuring SSH.

Step One — Login via Root 

Step Two — Change Your Password For Root

CentOS is very cautious about the passwords it allows. After you type your password, you may see a BAD PASSWORD notice. You can either set a more complex password or ignore the message .

Step Three — Creating a New User For Root privileges

First, create your user; you can choose any name for your user.

[code]adduser username[/code]

For example here I’ve suggested secure as a user .

Second, create a new user password :

[code]passwd secure[/code]

Step Four — Assigning Root Privileges

As of yet, only root has all of the administrative capabilities. We are going to give the new user the root privileges.

Let’s go ahead and edit the sudo configuration. This can be done through the default editor, which in CentOS is called ‘vi’

[code]/usr/sbin/visudo[/code]

Find the section called user privilege specification and add the similar line below it .

To began typing in vi, press “a”.

[code]secure    ALL=(ALL)       ALL[/code]

Then to save and exit press escape , then press “:w” to write the file and to quit press “:q” .

Step Five — Configuring SSH To Disable Root Login

Open the configuration file

[code]sudo vi /etc/ssh/sshd_config[/code]

It will then look something like this :

Find the following sections and change the information where applicable:

Port 750 ( <– you can change it to any port , it will disable 22 as default port for accessing ssh)
Protocol 2
PermitRootLogin no ( <– This will disable direct root login )

It will then look something like this :-

Once the above is done , just add the below line to the bottom of the document, replacing secure with your username:

[code]AllowUsers secure[/code]

Save and Exit

Step Six — Reload and Done!

Reload SSH, and it will implement the new ports and settings.

[code]service sshd restart[/code]

Finally you can login to your SSH using the user secure with port 750 .

I hope this will help and few users to secure the SSH from unauthorized people .

Tutorials For Servers and Server Management

I made this thread for releasing my ebooks regarding server tutorials and their guides regarding most of the known problems .

Notice : The book may contain the data from other authors too , but its only added to get merged all together at one place , and can be easier for lots of server handlers or starters .

Edition 1 : (20 Random Tutorials)

Edition 2 : (cPanel/WHM Installation and Security) 

Edition 3 : (Configuring a CentOS Postfix Email Server )

Part 1 : (Postfix Email Server Configuration)

Part 2 : (Configuring the mail client like Evolution)

Edition 4 : (All About Nginx in Ubuntu )

Edition 5 : (How to manage a DDoS Attack On Linux Servers )

Edition 6 : (Installing Nginx on Kloxo Panel )

Edition 7 : (How to Setup a VPS with rTorrent and libTorrent)

Edition 8 : (How to install Lighttpd on a VPS with php)

Edition 15 : (Set Up DKIM Working With Postfix)

Edition 16 : (Kloxoptization | Take Kloxo To Next Level)

Edition 17 : (DDoSIFY | Ignore Useless People Being Part Of Your Site)