Author: ServerOk – ServerOK

CentOS 7 Plesk server DNS not starting

On a CentOS 7 Plesk server DNS failed to start. Plesk on CentOS 7 use named-chroot.service for starting DNS.

I tried to start DNS with

systemctl restart named-chroot

1	systemctl restart named-chroot

On checking status, it shows DNS failed to start

systemctl status named-chroot

1	systemctl status named-chroot

I removed Bind DNS server using command

plesk installer

1	plesk installer

Removed all bind related packages with yum. Removed all DNS configs from /etc and /var/named folder.

Reinstalled Bind DNS and run plesk repair to fix DNS entry

plesk repair dns

1	plesk repair dns

But it did not resolve the problem. I checked named.conf with

named-checkconf /etc/named.conf

1	named-checkconf /etc/named.conf

It showned error is related with

acl common-allow-transfer {
        11.11.12.100/255.255.255.0;
        1637:4100:203:6664::/64;
};

acl common-allow-transfer {

11.11.12.100/255.255.255.0;

1637:4100:203:6664::/64;

};

Problem is fixed by removing the entry “11.11.12.100/255.255.255.0” from

Plesk > Tools & Settings > DNS Zone Template > Transfer Restrictions Template

1	Plesk > Tools & Settings > DNS Zone Template > Transfer Restrictions Template

You can use IP or CIDR here. But you don’t need this if you don’t have secondary DNS servers.

Redirect site from www to non-www

It is better to make web site available with one URL. Many sites work with both wwww and non-www (naked domain) urls.

Using www or non-www is personal choice. One advantage of using wwww for URL is when you have lot of sub domains. If you use non-www url, cookies set by the domain will be available to sub domains. This will increase bandwidth usage as cookie need to be sent with every request browser make to web server.

Apache

If you are using Apache web server, you can redirect wwww to non-www url by adding following code in .htaccess file

RewriteEngine On
RewriteCond %{HTTP_HOST} ^www.yourdomain.com [NC]
RewriteRule ^(.*)$ https://yourdomain.com/$1 [L,R=301]

RewriteEngine On

RewriteCond %{HTTP_HOST} ^www.yourdomain.com [NC]

RewriteRule ^(.*)$ https://yourdomain.com/$1 [L,R=301]

Nginx

If you use Nginx, it is better create a server entry for www URL, then set a redirect

server {
    server_name www.yourdomain.com;
    return 301 $scheme://yourdomain.com$request_uri;
}

server {

server_name www.yourdomain.com;

return 301 $scheme://yourdomain.com$request_uri;

}

If you want to use same server entry for www and non-www, add following code to nginx server entry for the web site.

Redirect www domain to non-www

if ( $host != 'yourdomain.com' ) {
    return 301 https://yourdomain.com$request_uri;
}

if ( $host != 'yourdomain.com' ) {

return 301 https://yourdomain.com$request_uri;

}

If you use custom ports, use

if ( $host != 'yourdomain.com' ) {
    return 301 https://yourdomain.com:$server_port$request_uri;
}

if ( $host != 'yourdomain.com' ) {

return 301 https://yourdomain.com:$server_port$request_uri;

}

Redirect Naked Domain to www

if ( $host != 'www.serverok.in' ) {
    return 301 https://serverok.in$request_uri;
}

if ( $host != 'www.serverok.in' ) {

return 301 https://serverok.in$request_uri;

}

Related Posts

Redirect

htaccess

Squid Proxy Server allow connection to all ports

By default Squid proxy only allow out going connection to white listed ports that are used commonly. When you visit a site with non standard ports with Squid proxy, it won’t work. To fix this, edit squid configuration file

vi /etc/squid/squid.conf

1	vi /etc/squid/squid.conf

Find

acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http

acl SSL_ports port 443

acl Safe_ports port 80 # http

acl Safe_ports port 21 # ftp

acl Safe_ports port 443 # https

acl Safe_ports port 70 # gopher

acl Safe_ports port 210 # wais

acl Safe_ports port 1025-65535 # unregistered ports

acl Safe_ports port 280 # http-mgmt

acl Safe_ports port 488 # gss-http

acl Safe_ports port 591 # filemaker

acl Safe_ports port 777 # multiling http

Replace with

acl SSL_ports port 1-65535
acl Safe_ports port 1-65535

1 2	acl SSL_ports port 1-65535 acl Safe_ports port 1-65535

Restart squid with

systemctl restart squid

1	systemctl restart squid

Related Posts

Install Squid Proxy Server

proxy

Install Elasticsearch on Debian for Magento

To install Elasticsearch for Magento on Debian, install Java 1.8 and apt-transport-https

apt install -y openjdk-8-jdk-headless
apt install -y apt-transport-https

1 2	apt install -y openjdk-8-jdk-headless apt install -y apt-transport-https

Add key

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -

1	wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch \| apt-key add -

Add repository

echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | tee -a /etc/apt/sources.list.d/elastic-6.x.list

1	echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" \| tee -a /etc/apt/sources.list.d/elastic-6.x.list

Install Elasticsearch

apt install -y elasticsearch

1	apt install -y elasticsearch

Enable and start Elasticsearch

systemctl enable elasticsearch
systemctl restart elasticsearch

1 2	systemctl enable elasticsearch systemctl restart elasticsearch

CentOS 7 Grub 2

To regenerate grub config on CentOS 7, run

grub2-mkconfig -o /boot/grub2/grub.cfg

1	grub2-mkconfig -o /boot/grub2/grub.cfg

If you use UEFI, run

grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg

1	grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg

yum reinstall a package

To reinstall a package with yum, run

yum reinstall PKG_NAME

1	yum reinstall PKG_NAME

Example

yum reinstall kernel

1	yum reinstall kernel

Restart Services in Xampp Linux

You can restart services on xampp linux using

/opt/lampp/lampp

1	/opt/lampp/lampp

To restart, use

/opt/lampp/lampp restart

1	/opt/lampp/lampp restart

Here are other available options

root@ip-172-31-36-153:~# /opt/lampp/lampp --help
Usage: lampp <action>

	start         Start XAMPP (Apache, MySQL and eventually others)
	startapache   Start only Apache
	startmysql    Start only MySQL
	startftp      Start only ProFTPD

	stop          Stop XAMPP (Apache, MySQL and eventually others)
	stopapache    Stop only Apache
	stopmysql     Stop only MySQL
	stopftp       Stop only ProFTPD

	reload        Reload XAMPP (Apache, MySQL and eventually others)
	reloadapache  Reload only Apache
	reloadmysql   Reload only MySQL
	reloadftp     Reload only ProFTPD

	restart       Stop and start XAMPP
	security      Check XAMPP's security

	enablessl     Enable SSL support for Apache
	disablessl    Disable SSL support for Apache

	backup        Make backup file of your XAMPP config, log and data files

	oci8          Enable the oci8 extenssion

	panel         Starts graphical XAMPP control panel

root@ip-172-31-36-153:~#

root@ip-172-31-36-153:~# /opt/lampp/lampp --help

Usage: lampp <action>

start Start XAMPP (Apache, MySQL and eventually others)

startapache Start only Apache

startmysql Start only MySQL

startftp Start only ProFTPD

stop Stop XAMPP (Apache, MySQL and eventually others)

stopapache Stop only Apache

stopmysql Stop only MySQL

stopftp Stop only ProFTPD

reload Reload XAMPP (Apache, MySQL and eventually others)

reloadapache Reload only Apache

reloadmysql Reload only MySQL

reloadftp Reload only ProFTPD

restart Stop and start XAMPP

security Check XAMPP's security

enablessl Enable SSL support for Apache

disablessl Disable SSL support for Apache

backup Make backup file of your XAMPP config, log and data files

oci8 Enable the oci8 extenssion

panel Starts graphical XAMPP control panel

root@ip-172-31-36-153:~#

See Auto start XAMPP on Boot

Remove SSH Private Key Passphrase

To remove SSH private key passphrase, run

ssh-keygen -p -f SSH_PRIVATE_KEY_FILE

1	ssh-keygen -p -f SSH_PRIVATE_KEY_FILE

Example

ssh key passphrase

Method 2

You can use OpenSSL to remove passphase with

openssl rsa -in PRIVATE_KEY_WITH_PW.key -out PRIVATE_KEY_NO_PW.key

1	openssl rsa -in PRIVATE_KEY_WITH_PW.key -out PRIVATE_KEY_NO_PW.key

See SSH

Cpanel Exim Bypass SMTP authentication for specific IP address.

To bypass SMTP authentication for specific IP on Cpanel Exim mail server, edit file

vi /etc/alwaysrelay

1	vi /etc/alwaysrelay

Add IP or Hostname you need to allow sending email with out SMTP autentication and restart exim mail server.

systemctl restart exim

1	systemctl restart exim

AWS Elastic Beanstalk

Here are some useful command working with AWS Elastic Beanstalk

eb init = initialize environment
eb list
eb logs
eb console = open aws console
eb open = open application in web browser
eb appversion = show application versions
eb health = show health of application
eb codesource = select local or codecommit
eb deploy = deploy code
eb events = Gets recent events.
eb create = Creates a new environment.
eb labs download = download application to local computer

eb init = initialize environment

eb list

eb logs

eb console = open aws console

eb open = open application in web browser

eb appversion = show application versions

eb health = show health of application

eb codesource = select local or codecommit

eb deploy = deploy code

eb events = Gets recent events.

eb create = Creates a new environment.

eb labs download = download application to local computer

Application get stored in folder

/var/app/ondeck

1	/var/app/ondeck