Testing API
Category: Linux
-
DDoS
DDoS Protection Service
Apache Website not loading – DDoSTo check if your server is getting DDoS, you can use netstat command.
netstat -anp | grep 'tcp' | awk '{print $5}' | cut -d: -f1 | sort| uniq -c | sort -nOr
netstat -lantp|egrep ":80 "|awk '{print $5}'|cut -d: -f1|sort|uniq -c|sort -nr|head netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n netstat -alpn | grep :80 | awk '{print $4}' |awk -F: '{print $(NF-1)}' |sort | uniq -c | sort -nInstead of netstat, you can also use ss command
ss -tan state established | grep ":80\|:443" | awk '{print $4}' | cut -d':' -f1 | sort -n | uniq -c | sort -nOnce you find the offending IP address, you can block it in the firewall.
To Verify if an IP is blocked
iptables -L -n | grep 'IP_ADDR_HERE'Block Attack with CSF firewall
vi /etc/csf/csf.confSet CT_LIMIT to 30, set it back to 100 after attack stop.
CT_LIMIT = "30"Set SYNFLOOD to 1, set it back to 0 after DDoS attack stop.
SYNFLOOD = "1" -
Supervisord
supervisord is a program that allows you to monitor and control processes. supervisord runs processes as its sub-process and can restart a process if it crashes.
supervisord is the server. supervisorctl is the client program.
You can find more info at
supervisorctl
How to Install Supervisord on CentOS 7To install on CentOS run
yum -y install supervisor
On Ubuntu/Debian
apt install -y supervisor
Config files are stored in
/etc/supervisor/
Your own application configurations at
/etc/supervisor/conf.d/
some useful commands
supervisorctl reread supervisorctl update
To restart all services, run
supervisorctl restart all
See autostart
-
openssl
- Check Mail Server Support SSL/TLS
- Encrypting a file using OpenSSL
- Convert PFX SSL Certificate
- Remove SSL private key password
- Find expiry date for SSL certificate using openssl
View SSL certificate details
openssl x509 -in ssl.crt -text -nooutTo get SSL certificate details of a web site
timeout 5 echo QUIT | openssl s_client -connect serverok.in:443 2>&1 | openssl x509 -noout -textor
openssl s_client -connect serverok.in:443 -showcerts -
Dedicated Server Providers
Here are some dedicated server providers. If you need any recommendations or found a service provider that you think useful, contact me at admin@serverok.in
Value For Money
Dedicated Servers
- http://www.leaseweb.com – relable, used by many file hosts. Now they have USA servers too (acquired servint.net)
- http://www.tailormadeservers.com
- http://www.reliablesite.net
- https://phoenixnap.com/servers/dedicated
- https://www.limestonenetworks.com/pricing/bare-metal-cloud – hourly pricing. $100 trail for 3 months.
- https://www.interserver.net/dedicated/
- https://www.servermania.com/dedicated-servers-hosting.htm
Cheap Dedicated Servers
These servers are very cheap. You can’t get a decent VPS for this price. Only use them for personal sites. Also make sure you take regular backups.
- https://www.kimsufi.com
- https://www.soyoustart.com
- https://oneprovider.com/ – Owned by online.net, they have some very cheap servers.
- https://www.wholesaleinternet.net
- https://www.nocix.net
See list of Cloud Hosting Providers
-
PostgreSQL
- PostgreSQL connect to database using psql
- List all databases in PostgreSQL
- pg_ctl
- Creating user in PostgreSQL
- PostgreSQL Create Database
- PostgreSQL Delete a Database
- Backup PostgreSQL Database
- PostgreSQL Export table into CSV file
- Run PostgreSQL in Docker
- postgresql.service: The name org.freedesktop.PolicyKit1 was not provided by any .service files
- https://www.pgbouncer.org/
psql commands
\l List databases \l+ List databases \c DB_NAME connect to a database \du list users \dt list tables \d TABLE_NAME describe a table \dn+ List of schemas To install PostgreSQL on Ubuntu/Debian, run
apt-get install -y postgresqlStart it with
service postgresql startBy default user “postgres” have full access on PostgreSQL. To create a user, run
su postgres createuser -P USERNAMETo create a database, run
createdb -T template0 -E UTF8 -O USERNAME DBNAMEYou can see help with
postgres@ok-vm:~$ createdb --help createdb creates a PostgreSQL database. Usage: createdb [OPTION]... [DBNAME] [DESCRIPTION] Options: -D, --tablespace=TABLESPACE default tablespace for the database -e, --echo show the commands being sent to the server -E, --encoding=ENCODING encoding for the database -l, --locale=LOCALE locale settings for the database --lc-collate=LOCALE LC_COLLATE setting for the database --lc-ctype=LOCALE LC_CTYPE setting for the database -O, --owner=OWNER database user to own the new database -T, --template=TEMPLATE template database to copy -V, --version output version information, then exit -?, --help show this help, then exit Connection options: -h, --host=HOSTNAME database server host or socket directory -p, --port=PORT database server port -U, --username=USERNAME user name to connect as -w, --no-password never prompt for password -W, --password force password prompt --maintenance-db=DBNAME alternate maintenance database By default, a database with the same name as the current user is created. Report bugs to <pgsql-bugs@postgresql.org>. postgres@ok-vm:~$run psql
sudo -u postgres psqlRun a command in psql
sudo -u postgres psql -c "\du"List all tables in a database
sudo -u postgres psql -c "\c serverok_db" -c "\dt"List postgresql extensions
sudo -u postgres psql -c "SELECT * FROM pg_available_extensions;"Extensions are stored in folder /usr/share/postgresql/16/extension/
-
Install x2go Server in Ubuntu 16.04
To install x2Go server in Ubuntu, run
add-apt-repository ppa:x2go/stable apt-get update apt-get -y install x2goserver x2goserver-xsession
if you don’t have xfce, install it with
apt -y install xfce4
See x2go, add-apt-repository
-
no matching host key type found. Their offer: ssh-dss
When i try connect to a server, i get error
root@ok:~# ssh n1eb4141@50.62.71.1 Unable to negotiate with 50.62.71.1 port 22: no matching host key type found. Their offer: ssh-dss root@ok:~#Same happens with scp
root@ok:~# scp n1eb4141@50.62.71.1:/var/chroot/home/content/83/13319983/html.tar . Unable to negotiate with 50.62.71.1 port 22: no matching host key type found. Their offer: ssh-dss root@ok:~#To fix this, add -oHostKeyAlgorithms=+ssh-dss to the command.
Example
ssh -oHostKeyAlgorithms=+ssh-dss n1eb4141@50.62.71.1To list all supported ciphers, run
ssh -Q cipherYou can use -c option to change chiper.
ssh -c aes128-cbc n1eb4141@50.62.71.1 -
Install ioncube on Debian 8
To install ioncube Debian 8, first download the ioncube loader from
http://www.ioncube.com/loaders.php
cd /usr/local/src wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz tar xvf ioncube_loaders_lin_x86-64.tar.gz cd ioncube/
This folder have loader for several PHP versions, find the PHP version you have with command
php -v
By default Debian 8 come with PHP 5.6. The file you need to use for PHP 5.6 is ioncube_loader_lin_5.6.so
You need to copy this file to PHP extension directory. To find this, run
# php -i | grep extension_dir extension_dir => /usr/lib/php5/20131226 => /usr/lib/php5/20131226 #
Lets copy ioncube loader file to extension diretcory
cp /usr/local/src/ioncube/ioncube_loader_lin_5.6.so /usr/lib/php5/20131226
create file
echo "zend_extension=ioncube_loader_lin_5.6.so" > /etc/php5/apache2/conf.d/01-ioncube.ini ln -s /etc/php5/apache2/conf.d/01-ioncube.ini /etc/php5/cli/conf.d/01-ioncube.ini
Restart Apache web server
service apache2 restart
You can verify ioncube module installed with
root@myterrarium-vm:~# php -m | grep ion ionCube Loader Reflection session the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured) root@myterrarium-vm:~#
-
pip
Install pip
On CentOS
wget https://bootstrap.pypa.io/get-pip.py python get-pip.py
On Ubuntu
apt install python-pip
On Ubuntu, python3
apt install python3-pip
Install a python module from github using pip
cd /opt/bench git clone https://github.com/frappe/bench bench-repo
Now run
pip install -e bench-repo
Install modules from requirments.txt
pip install -r requirements.txt
To create requirements.txt file, run
pip freeze > requirements.txt
-
usermod
On CentOS, the wheel group allows users in this group to run commands as user root with sudo.
To add a user to the wheel group, run
usermod -aG wheel USERNAMEOn Ubuntu/Debian, use
usermod -aG sudo USERNAMERemove a User from Group
deluser USERNAME GROUPExample
root@ip-172-31-56-4:~# deluser designware sudo Removing user `designware' from group `sudo' ... Done. root@ip-172-31-56-4:~#Here we remove user designware from group sudo.
To remove a user from all secondary groups, run
usermod -G "" USERNAMEChange user shell
To disable SSH login, run
usermod -s /sbin/nologin USERNAMEFor example
usermod -s /sbin/nologin mysql