Category: Linux

  • DDoS

    DDoS Protection Service
    Apache Website not loading – DDoS

    To check if your server is getting DDoS, you can use netstat command.

    netstat -anp | grep 'tcp' | awk '{print $5}' | cut -d: -f1 | sort| uniq -c | sort -n

    Or

    netstat -lantp|egrep ":80 "|awk '{print $5}'|cut -d: -f1|sort|uniq -c|sort -nr|head
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
netstat -alpn | grep :80 | awk '{print $4}' |awk -F: '{print $(NF-1)}' |sort | uniq -c | sort -n

    Instead of netstat, you can also use ss command

    ss -tan state established | grep ":80\|:443" | awk '{print $4}' | cut -d':' -f1 | sort -n | uniq -c | sort -n

    Once you find the offending IP address, you can block it in the firewall.

    To Verify if an IP is blocked

    iptables -L -n | grep 'IP_ADDR_HERE'

    Block Attack with CSF firewall

    vi /etc/csf/csf.conf

    Set CT_LIMIT to 30, set it back to 100 after attack stop.

    CT_LIMIT = "30"

    Set SYNFLOOD to 1, set it back to 0 after DDoS attack stop.

    SYNFLOOD = "1"

  • Supervisord

    supervisord is a program that allows you to monitor and control processes. supervisord runs processes as its sub-process and can restart a process if it crashes.

    supervisord is the server. supervisorctl is the client program.

    You can find more info at

    supervisorctl
    How to Install Supervisord on CentOS 7

    To install on CentOS run

    yum -y install supervisor

    On Ubuntu/Debian

    apt install -y supervisor

    Config files are stored in

    /etc/supervisor/

    Your own application configurations at

    /etc/supervisor/conf.d/

    some useful commands

    supervisorctl reread
supervisorctl update

    To restart all services, run

    supervisorctl restart all

    Start x11vnc with supervisord

    See autostart

  • openssl

    View SSL certificate details

    openssl x509 -in ssl.crt -text -noout

    To get SSL certificate details of a web site

    timeout 5 echo QUIT | openssl s_client -connect serverok.in:443 2>&1 | openssl x509 -noout -text

  • Dedicated Server Providers

    Here are some dedicated server providers. If you need any recommendations or found a service provider that you think useful, contact me at admin@serverok.in

    Value For Money

    Dedicated Servers

    Cheap Dedicated Servers

    These servers are very cheap. You can’t get a decent VPS for this price. Only use them for personal sites. Also make sure you take regular backups.

    See list of Cloud Hosting Providers

  • PostgreSQL

    psql commands

    \lList databases
    \l+List databases
    \c DB_NAMEconnect to a database
    \dulist users
    \dtlist tables
    \d TABLE_NAMEdescribe a table
    \dn+List of schemas

    To install PostgreSQL on Ubuntu/Debian, run

    apt-get install -y postgresql

    Start it with

    service postgresql start

    By default user “postgres” have full access on PostgreSQL. To create a user, run

    su postgres
createuser -P USERNAME

    To create a database, run

    createdb -T template0 -E UTF8 -O USERNAME DBNAME

    You can see help with

    postgres@ok-vm:~$ createdb --help
createdb creates a PostgreSQL database.

Usage:
  createdb [OPTION]... [DBNAME] [DESCRIPTION]

Options:
  -D, --tablespace=TABLESPACE  default tablespace for the database
  -e, --echo                   show the commands being sent to the server
  -E, --encoding=ENCODING      encoding for the database
  -l, --locale=LOCALE          locale settings for the database
      --lc-collate=LOCALE      LC_COLLATE setting for the database
      --lc-ctype=LOCALE        LC_CTYPE setting for the database
  -O, --owner=OWNER            database user to own the new database
  -T, --template=TEMPLATE      template database to copy
  -V, --version                output version information, then exit
  -?, --help                   show this help, then exit

Connection options:
  -h, --host=HOSTNAME          database server host or socket directory
  -p, --port=PORT              database server port
  -U, --username=USERNAME      user name to connect as
  -w, --no-password            never prompt for password
  -W, --password               force password prompt
  --maintenance-db=DBNAME      alternate maintenance database

By default, a database with the same name as the current user is created.

Report bugs to <pgsql-bugs@postgresql.org>.
postgres@ok-vm:~$

    run psql 

    sudo -u postgres psql

    Run a command in psql

    sudo -u postgres psql -c "\du"

    List all tables in a database

    sudo -u postgres psql -c "\c serverok_db" -c "\dt"

    List postgresql extensions

    sudo -u postgres psql -c "SELECT * FROM pg_available_extensions;"

    Extensions are stored in folder /usr/share/postgresql/16/extension/

  • Install x2go Server in Ubuntu 16.04

    To install x2Go server in Ubuntu, run

    add-apt-repository ppa:x2go/stable
apt-get update
apt-get -y install x2goserver x2goserver-xsession

    if you don’t have xfce, install it with

    apt -y install xfce4

    See x2go, add-apt-repository

  • no matching host key type found. Their offer: ssh-dss

    When i try connect to a server, i get error

    root@ok:~# ssh n1eb4141@50.62.71.1
Unable to negotiate with 50.62.71.1 port 22: no matching host key type found. Their offer: ssh-dss
root@ok:~#

    Same happens with scp

    root@ok:~# scp n1eb4141@50.62.71.1:/var/chroot/home/content/83/13319983/html.tar .
Unable to negotiate with 50.62.71.1 port 22: no matching host key type found. Their offer: ssh-dss
root@ok:~#

    To fix this, add -oHostKeyAlgorithms=+ssh-dss to the command.

    Example

    ssh -oHostKeyAlgorithms=+ssh-dss n1eb4141@50.62.71.1

    To list all supported ciphers, run

    ssh -Q cipher

    You can use -c option to change chiper.

    ssh -c aes128-cbc n1eb4141@50.62.71.1

  • ioncube

    How To Install ionCube on Ubuntu 20.04
    Install ionCube on Ubuntu 18.04
    Install ionCube on Debian 8
    Install ionCube on Debian 9
    Install ionCube Loader on CentOS 7
    Install ioncube on CentOS Plesk Server

  • Install ioncube on Debian 8

    To install ioncube Debian 8, first download the ioncube loader from

    http://www.ioncube.com/loaders.php

    cd /usr/local/src
wget https://downloads.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
tar xvf ioncube_loaders_lin_x86-64.tar.gz
cd ioncube/

    This folder have loader for several PHP versions, find the PHP version you have with command 

    php -v

    By default Debian 8 come with PHP 5.6. The file you need to use for PHP 5.6 is ioncube_loader_lin_5.6.so

    You need to copy this file to PHP extension directory. To find this, run

    # php -i | grep extension_dir
extension_dir => /usr/lib/php5/20131226 => /usr/lib/php5/20131226
#

    Lets copy ioncube loader file to extension diretcory

    cp /usr/local/src/ioncube/ioncube_loader_lin_5.6.so /usr/lib/php5/20131226

    create file

    echo "zend_extension=ioncube_loader_lin_5.6.so" > /etc/php5/apache2/conf.d/01-ioncube.ini
ln -s /etc/php5/apache2/conf.d/01-ioncube.ini /etc/php5/cli/conf.d/01-ioncube.ini

    Restart Apache web server 

    service apache2 restart

    You can verify ioncube module installed with

    root@myterrarium-vm:~# php -m | grep ion
ionCube Loader
Reflection
session
the ionCube PHP Loader (enabled) + Intrusion Protection from ioncube24.com (unconfigured)
root@myterrarium-vm:~#

    See ioncube | Install ionCube on Debian 9

  • pip

    Install pip

    On CentOS

    wget https://bootstrap.pypa.io/get-pip.py
python get-pip.py

    On Ubuntu

    apt install python-pip

    On Ubuntu, python3

    apt install python3-pip

    Install a python module from github using pip

    cd /opt/bench
git clone https://github.com/frappe/bench bench-repo

    Now run

    pip install -e bench-repo

    Install modules from requirments.txt

    pip install -r requirements.txt

    To create requirements.txt file, run

    pip freeze > requirements.txt

  • usermod

    On CentOS, the wheel group allows users in this group to run commands as user root with sudo.

    To add a user to the wheel group, run

    usermod -aG wheel USERNAME

    On Ubuntu/Debian, use

    usermod -aG sudo USERNAME

    Remove a User from Group

    deluser USERNAME GROUP

    Example

    root@ip-172-31-56-4:~# deluser designware sudo
Removing user `designware' from group `sudo' ...
Done.
root@ip-172-31-56-4:~#

    Here we remove user designware from group sudo.

    To remove a user from all secondary groups, run

    usermod -G "" USERNAME

    Change user shell

    To disable SSH login, run

    usermod -s /sbin/nologin USERNAME

    For example

    usermod -s /sbin/nologin mysql

    useradd

  • Install Node.js on CentOS Server

    You can find latest version of Node.js at

    https://nodejs.org/en/

    To install Node.js on CentOS 7/8

    Add node.js repository

    NodeJS 12.x

    curl -sL https://rpm.nodesource.com/setup_12.x | bash -

    NodeJS 11.x

    curl -sL https://rpm.nodesource.com/setup_11.x | bash -

    NodeJS 10.x

    curl -sL https://rpm.nodesource.com/setup_10.x | bash -

    NodeJS 8.x

    curl -sL https://rpm.nodesource.com/setup_8.x | bash -

    NodeJS 6.x

    curl -sL https://rpm.nodesource.com/setup_6.x | bash -

    Install node.js with

    yum -y install nodejs

    For npm to install native modules, install dev tools

    yum install gcc-c++ make

    Or

    yum groupinstall 'Development Tools'

    See Node.Js