Category: Linux

  • Convert PFX SSL Certificate

    Mcrosoft Azure App Certificate is used to secure Azure App Services, now they allow export of this SSL certificate in PFX format, so it can be used in other services like Azure VM or third party applications. You need to use a powershell script provided by Microsoft to do the Export.

    To use the SSL certficiate in FPX format in Apache or Nginx web server, you need to convert it.

    To do this, run

    openssl pkcs12 -in ssl.pfx  -nocerts -out key.pem

    It will ask for Import password. If you enter a password during pfx file creation, enter it. If not just press enter.

    Next it ask for PEM password, enter a password, with out password, it won’t work.

    We have key.pem, that is password protected, we need to remove key file with out password, for this, run

    openssl rsa -in key.pem -out key-no-pw.key

    To export certificate file from PFX file, run

    openssl pkcs12 -in ssl.pfx -clcerts -nokeys -out cert.pem

    Convert SSL certificate into PFX format

  • Fixing Linux Problems with Chroot

    If you want to reset password or fix some booting issue, you may need to boot the server in rescue, then mount old live disks and chroot it. Once it is done, you will be able to run commands like passwd to change password or install any missing software with apt/dnf/yum etc.

    To chroot a file system, run

    mkdir /mnt
mount /dev/sdc1 /mnt
mount /dev/sdc2 /mnt/boot
cd /mnt
mount --bind /dev /mnt/dev
mount --bind /sys /mnt/sys
mount --bind /proc /mnt/proc
mount --bind /dev/pts /mnt/dev/pts/
chroot /mnt

    In the above example /dev/sdc1 was / partition. /dev/sdc2 was /boot.

    Once you chroot, you can change the root password on the server with the command

    passed

    If you use LVM for root partition, do

    vgscan && vgchange -ay vgubuntu
mount /dev/VG_NAME/root /mnt

  • Check for Symlink Attack on Cpanel Server

    Symlink Attack allow a hacker to hack one web site and gain access to another Apache Virtual Hosts in a cpanel server. Hacker will be able to get read access to files on other hosting accounts, with that, they can read web site config files, giving them MySQL or other login info stored in configuration files.

    To check if your server have infected with symlink attack, run

    find /home/*/public_html -type l > /root/smylinks.txt

    Check the content of the file “/root/smylinks.txt”. if you see any site having too many symlinks to other sites, your server is infected with symlink attack.

    To prevent this, you can install CloudLinux CageFS.

  • Install SSL Certificate in Virtualmin

    Install SSL Certificate in Virtualmin

    To install SSL certificate in Virtualmin, select the domain from drop down list of Virtualmin.

    On left Menu, go to Server Configuration > SSL Certificate

    Virtualmin SSL Install

    If you want to install Free LetsEncypt SSL, click on “Let’s Encrypt” link on top. On next page

    Virtalmin Letsencrypt

    Click on “Request Certificate”.

  • PowerShell

    Install PowerShell in Debian 9
    Downloading a file with PowerShell

    To install Azure PowerShell Module, run

    Install-Module AzureRM
Install-Module Azure

  • Install PowerShell in Debian 9

    To install Microsoft PowerShell in Debian 9, run

    apt-get update
apt-get install curl gnupg apt-transport-https

    Install GPG keys

    curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -

    Add repository

    echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-debian-stretch-prod stretch main" > /etc/apt/sources.list.d/microsoft.list

    Install powershell

    apt-get update && apt-get install -y powershell

    To start powershell, run

    pwsh

  • Install CentOS Web Panel (CWP)

    CentOS Web Panel (CWP) is a free hosting control panel for CentOS servers.

    CentOS Web Panel

    To install CentOS Web Panel, run

    yum -y install wget
cd /usr/local/src
wget http://centos-webpanel.com/cwp-latest
sh cwp-latest

    CWP use same Ports as popular Cpanel control panel.

    Admin Panel

    CWP Admin Panel available on following URL.

    You can login with system user “root” and its password.

    http://server-ip:2030
http://server-ip:2086
https://server-ip:2031
https://server-ip:2087

    User Panel

    http://server-ip:2082/
https://server-ip:2083/

    Webmail

    http://server-ip:2095
https://server-ip:2096

    On CWP server, you can find MySQL login details in following config files.

    /root/.my.cnf
/usr/local/cwpsrv/htdocs/resources/admin/include/db_conn.php
/usr/local/cwpsrv/htdocs/resources/admin/include/postfix.php

    Document Root

    Web site files are stored in folder /home/USER/public_html

    Stop/Start Services

    systemctl start cwpsrv
systemctl start cwp-phpfpm
systemctl start httpd

    php-fpm used by cwp control panel

    systemctl stop cwpsrv-phpfpm
systemctl start cwpsrv-phpfpm
socket = /usr/local/cwp/php71/var/sockets/cwpsrv.sock

    Service files are stored in /usr/lib/systemd/system/

    Web Server

    CWP support multiple web servers. For Apache, it is installed in folder

    /usr/local/apache

    Apache config file is /usr/local/apache/conf.d/vhosts.conf

    CPW have its own apache package with name “cwp-httpd”, don’t use default httpd package provided by CentOS.

    CWP server log can be found at

    /var/log/cwp/webservers.log

    See Hosting Control Panel

  • Hosting Control Panel

    Hosting Control Panel

    Paid Hosting Control Panels

    Free Hosting Control Panel

    SaaS Panels

  • Install Plesk On Linux Server

    Install Plesk On Linux Server

    To install Plesk Control Panel on Linux Server, run

    wget https://autoinstall.plesk.com/plesk-installer
chmod +x plesk-installer
./plesk-installer

    Once install completed, you will be asked to log in to Plesk URL

    Once on the page, you will be asked to create an admin user.

    Once this is done, Plesk is ready to use.

    You can start/stop Plesk with the command

    systemctl stop psa
systemctl start psa

  • nc

    Transfer files between computers with netcat

  • Transfer files between computers with netcat

    You can use netcat (nc) to copy file from one computer/server to another.

    On destination computer

    Run netcat in listening mode.

    nc -l -s LISTEN_IP -p LISTEN_PORT > FILE_NAME

    Example

    nc -l -s 51.38.246.115 -p 5555 > azure-nginx.tar

    On Source computer

    This is the computer from where you copying file from. To copy a file, run

    cat FILENAME | nc DESTINATION_IP DESTINATION PORT

    Example

    cat nginx.tar | nc 51.38.246.115 5555

  • Saving iptables firewall rules

    To save iptables firewall rules, run

    iptables-save

    This will print the firewal rule. You can save it to a file. For example

    iptables-save > /etc/iptables/rules.v4

    For IPv6, you can use

    ip6tables-save