To disable IP block alert in CSF firewall, run
|
1 |
sed -i "s/LF_PERMBLOCK_ALERT\s*=.*$/LF_PERMBLOCK_ALERT = \"0\"/g" /etc/csf/csf.conf |
Restart lfd and csf
|
1 2 |
systemctl restart lfd csf -r |
See csf firewall
Ignore a folder in maldet
maldet is malware scanner for linux. On a shared hosting server, maldet detected one cusomer files as malware, on checking i found it is false positive. It is just a log file written by the application. To avoid getting further email from this application, i added this folder to maldet ignore_paths.
To add a folder to ignore list, edit file
|
1 |
vi /usr/local/maldetect/ignore_paths |
Add the folder you need to ignore to end of this file as a new line.
Example
|
1 2 3 4 5 6 |
root@server74 [~]# cat /usr/local/maldetect/ignore_paths /home/welgreenkerala/public_html/login/ /usr/local/maldetect /usr/local/sbin/maldet /home/shopatke/public_html/application/logs/ root@server74 [~]# |
See maldet
Download RPM package from yum repository
To download RPM file from yum repo, you need to install yum-utils package.
|
1 |
yum install -y yum-utils |
Now you can use command
|
1 |
yumdownloader --resolve --destdir=/path/ PACKAGE_NAME |
Example
|
1 |
yumdownloader --resolve --destdir=/root/yum/ nginx |
This will download and store all rpm files in /var/yum folder. –resolve will resolve dependency and download them. This will be helpful if you need to install a package on a system with no direct internet connection.
See yum
Enable Passive FTP in ISPConfig
To enable Passive FTP in Debian/Ubuntu installation of ISPConfig, run
|
1 |
echo "40110 40210" > /etc/pure-ftpd/conf/PassivePortRange |
Restart pure-ftpd
|
1 |
service pure-ftpd-mysql restart |
Now open ports 40110-40210 in firewall.
On CSF Firewall, edit
|
1 |
vi /etc/csf/csf.conf |
Add
|
1 |
40110:40210 |
At ened of TCP_IN line.
Example
|
1 |
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,3333,8080,8090,19999,40110:40210" |
See ispconfig
Set default editor in Ubuntu
To set default editor in Ubuntu/Debian, run
|
1 |
update-alternatives --config editor |
Reorder windows in tmux
To reorder windows in tmux, you can use following command
|
1 |
CTRL + B + . |
Press CTRL + B or whatever prefix you use, then press . (dot). This will ask you number/position where you need current window moved.
Another method is
|
1 |
CTRL + B + : |
This will give you tmux command promt. Now enter
|
1 |
move-window -t 0 |
This will move current window to position 0. This only work if position 0 is empty. If another window already present in position 0, use swap-window command.
|
1 |
swap-window -t 0 |
This with swap current window with window in position 0.
Another useful command is
|
1 |
CTRL + B + , |
This will allow you to rename current tmux window.
Using shortcuts
You can edit .tmux.conf file and add following
|
1 2 |
bind-key -n C-S-Left swap-window -t -1 bind-key -n C-S-Right swap-window -t +1 |
Now you can use CTRL + SHIFT + LEFT OR RIGHT arrow to move windows.
See tmux
Setup Tor Hidden Service on CentOS 7
Tor is provided by EPEL repository on CentOS 7. Install EPEL repo with command
|
1 |
yum install epel-release |
Install tor
|
1 |
yum install tor |
Edit tor config file
|
1 |
vi /etc/tor/torrc |
Uncomment or add following lines
|
1 2 |
HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80 |
Restart tor with command
|
1 |
systemctl restart tor |
Now your tor hidden service is ready to use. You need to run your web application on 127.0.0.1:80
To see URL of your tor hidden service, run
|
1 |
cat /var/lib/tor/hidden_service/hostname |
Make sure to make a backup of folder “/var/lib/tor/hidden_service/” as it comtains keys for this .onion domain. If you lost it, you will lose your domain name. So it is very important you keep the files safe.
To stop/start tor, run
|
1 2 |
systemctl stop tor systemctl start tor |
See tor
Tor Hidden Service in Ubuntu/Debian
To install tor on Ubuntu/Debian, run
|
1 |
apt install tor |
Default configuration file for tor is /etc/tor/torrc
To enable hidden service, edit /etc/tor/torrc
|
1 |
vi /etc/tor/torrc |
uncomment lines
|
1 2 |
HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80 |
Create folder for your hidden service
|
1 2 3 |
mkdir /var/lib/tor/hidden_service/ chmod 700 /var/lib/tor/hidden_service/ chown -R debian-tor:debian-tor /var/lib/tor/hidden_service/ |
You need to install Apache/Nginx etc.. to serve your web application. Make sure to configure web application listen on 127.0.0.0:80
Now restart tor with command
|
1 |
systemctl start tor@default |
Ubuntu/Debian support multiple instances of tor. You can use command “/usr/sbin/tor-instance-create” to create new tor instance. Configuration for instanced tor available at /etc/tor/instances/INSTANCE_NAME/torrc
To see URL for your Hidden service, run
|
1 |
cat /var/lib/tor/hidden_service/hostname |
Example
|
1 2 3 |
root@lab:~# cat /var/lib/tor/hidden_service/hostname 3w2pkr2qcusd6rx7zq4rulq7kt4xjpsgv7nxubcy2bdbgipy4wto4aid.onion root@lab:~# |
You should be able to visit the application using .onion link in Tor Browser.
You need to take backup of tor folder (/var/lib/tor/hidden_service) as it contains your secret keys, this is needed to use the .onion domain name. If you lose this, you will lose the .onion url.
To start the service on boot, run
|
1 |
systemctl enable tor@default |
See Tor