Tuesday, October 6, 2015

Administration of Cloud Servers.

server administration tools windows 8.1
We are constantly working to upgrade and improve the quality of our services. At the same time we always try to meet the wishes and suggestions of our users. From today we are launching a range of services to administer Linux-based servers.

It is intended for those who already use the services of "dedicated server", "Placing the server", "Virtual Linux-server", "cloud server" and "server cabinet."

New services will help you to ensure smooth operation of the equipment, as well as to save time (and in some cases - and very substantial amounts of money) for diagnostics and troubleshooting.

As part of the new package include:
Basic diagnostics;
The transfer of customer projects on our infrastructure;
Hourly administration.
Basic Diagnostics

If your server is having problems, or problems with accessibility, you can send us via ticket system request to base the diagnosis, and we will help to identify their causes. The request is necessary to describe the existing problem and provide access to the server.

Analyzing client requests, we can see that very often, our users can not figure out which side has the problem, what are its causes and how to fix it. We used no help clients not rendered and eliminated only fault on our side. Now we are free to help you diagnose the cause of all the problems and issues.
The test procedure is carried out free of charge if it takes no more than 15 minutes. If during this time we will be able to find out what exactly is the problem, we will send you a detailed report and proposals to tackle it via the ticket system. All further work is carried out by us in the framework of the hourly administration (see. Below).

If the diagnostics and troubleshooting require more than 15 minutes, we'll send you a message with a proposal to implement all relevant work on a fee basis under the hourly administration.

Migrating Client Projects


Migrating from one server to drugoy- deal fairly troublesome, time consuming and in many cases a highly skilled system administrator. For the serious web design, any, even the smallest error in the data migration can result in very serious losses.

If your project is posted on the basis of third-party infrastructure and you want to become our client, we will help you to transfer data quickly and, most importantly, totally free. To do this you need to send us a request via the ticket system to provide full access to the project and demonstrate its working version. Data transfer is carried out in the period up to 3 days depending on the complexity of the project. All terms and conditions negotiated individually.

Data transfer is free only for new clients (ie those who turn to us for the first time). For those who are already using our services, the transfer is carried out within the hourly administration.

You Might Be Interested in: Web Server

Saturday, October 3, 2015

The web server on the knee for half an hour.

The Web Server

web server arduino web server allows mime sniffing
I found an article here that scribbled in early 2012, but for some reason has not yet been posted, so as grit, quote "uncut".

There was a need to raise knee Web server, and therefore knew that the filigree from point configs in Phra, I have neither the time nor the desire, so I decided it would be a CentOS 5.8, because at the moment is the latest build.

I suppose that with all the services you are less familiar with, so all will be described quite briefly, because in the process of dismantling manual tweaks or muscle apacha- not see the point.

Putting OSes CentOS no problems and no secrets, so just raise the car by turning off all but the X Windows, Patches, and its start setting servaka. It is also in the process of setting disable all security features Tipo firewall and SELinux, because it is a good thing, but it is better to include them later.

Set up all we need: / etc / hosts with names mesh with static.
Open Kmenu -> Applications -> Add / Remove Software where the Browse tab, select: CentOS Extras: Yum Applications: Editors, Text-based Internet Base System: Administration Tools, Base, System Tools Development: Development Libraries, Development Tools, Ruby Languages: How it works Support Russian, British How it works Support Servers: DNS Name Server, FTP Server, Mail Address Server, MySQL Database, Server Configuration Tools, Web Server

Theoretically, all these settings can be made from the plant and putting the X Windows, but for me from Windows to work easier, especially in case of need they can extinguish. In addition, at the time of installation I already sick with similar settings servaka under Frei, so leave as is.

When you try to install all these charms system when checking dependencies, swore to me as follows: "php53 conflict with common-php-common". This is a known bug tsentosiny and treated it compulsory installation php53 # yum -y install php53-devel in my case, to cure it disconnecting Horde, which is required php-common. After that, a couple of hours you can go to smoke bamboo that still yuzerfrendli much more than even the / usr / ports ftw.

You Might Be Interested in: Problem with the Opening in phpMyAdmin VestaCP

The Problem with the Opening in phpMyAdmin VestaCP.

Problem with the Opening in phpMyAdmin VestaCP

vestacp database error connection failed
Then I put yourself on a regular droplet cloud hosting DigitalOcean (at Refco give $ 10 credit to your account that will be enough for 1-2 months of tests) are not quite socket VestaCP (of which later), and a problem with phpMyAdmin, which is why white opened blank page the transition from VestaCP, droplet at: http: // SERVER_IP / phpmyadmin /

Errors talked about it some problems with the function call


/var/log/httpd/domains/default.domain.error.log Tail Quatnities #
[Wed Apr 08 15:39:02 2015] [error] [client 46.138.XXX.XXX] PHP Fatal error: Call to undefined function __ ( ) in/usr/share/phpMyAdmin/libraries/core.lib.php on line 245
[Wed Apr 08 15:39:07 2015] [error] [client 46.138.XXX.XXX] PHP Fatal error: Call to undefined function __ () in/usr/share/phpMyAdmin/libraries/core.lib.php on line 245

Look at all that there is written in this file # /usr/share/phpMyAdmin/libraries/core.lib.php head -245 | -10 tail Quatnities} else {include_once './libraries/php-gettext/gettext.inc';}} these variables are // used in the included file libraries / error.inc.php // first check if php-mbstring is available if (function_exists ('mb_detect_encoding')) {// If present use gettext $ error_header = __ ('Error ');

Just in case I checked php-mbstring, and gettext, but they are present in the # php -m | grep gettext gettext # php -m | grep mbstring mbstring

Merrymaking with the rights to the config /etc/phpMyAdmin/config.inc.php exhibited in the 755 and other things does not give, but the work toward picking Nginx, which is supplied, just a very, because it The php -fpm writes in / var / lib / php / session / and for that he needs permission to write.
Once I put right 777 # chmod -R 777 / var / lib / php / session Import Import phpMyAdmin zafurychil as expected.

Rue password to the muscles of the installation VestaCP, if that is in the files and /usr/local/vesta/conf/mysql.conf /root/.my.cnf # cat /usr/local/vesta/conf/mysql.conf HOST = 'localhost' USER = 'root' PASSWORD = 'XXXXXX' CHARSETS = 'UTF8 ... .. # cat /root/.my.cnf [client] password =' XXXXX '

You Might Be Interested in: DirectAdmin

Protection against brute-force attacks DirectAdmin.

DirectAdmin

DirectAdmin.
DirectAdmin almost immediately began to overwhelm me with letters screaming about attempts to brute that I am naturally concerned about, because on their existing servers, I like that it did not even think.

Especially that part of my hosting is a paid WHM that has its own for brutforserov and there only occasionally have to add themselves to the whitelist.

But at the DA by default this is not functional, including it is necessary to add handles. It should be noted that this method works only for the default port 2222 for other probably have to build something on the level of the firewall.

The configuration DirectAdmin /usr/local/directadmin/conf/directadmin.conf add the following lines: ip_blacklist = / usr / local / directadmin / data / admin / ip_blacklist bruteforce = 1 # (if 0 is disabled) brutecount = 10 exempt_local_block = 0 ( or 1 to accidentally ban 127.0.0.1).
Create a list of bananas # touch / usr / local / directadmin / data / admin / ip_blacklist here it should be noted that the attempt counter after adding IP to the ban is added, including after removal from the IP counter his attempts to start with 0.

After that, the skin file /usr/local/directadmin/data/skins/default/admin/admin_settings.html

Looking Lines:
<td> Remove an the IP from the blacklist after </ td>
<td>
<input type = text name = clear_blacklist_ip_time value = "| CLEAR_BLACKLIST_IP_TIME |" size = 4> (minutes) (0 = never) </ td > </ tr> <tr>

Followed by adding the following paragraph
<tr> <td>
Blacklist IPs for excessive login attempts
</ td>
<td>
<input type = checkbox name = bruteforce value = "yes" | BRUTEFORCECHECKED |>
& nbsp; & nbsp; & nbsp; & nbsp; after <input type = text name = brutecount value = "| BRUTECOUNT |" size = 4> login attempts
</ td> </ tr>
<tr> <td>
Prevent 127.0.0.1 from being Blacklisted
</ td>
<td>
<input type = checkbox name = exempt_local_block value = "yes" | LOCALEXEMPTCHECKED |> </ td> </ tr>

RESTART Socket DA


# directadmin service restart and climb into it, where under Admin -> Extra Features -> Administrator Settings -> Security will be two settings.

You Might Be Interested in: Clean the Server After Hacking

Thursday, October 1, 2015

We clean the server after hacking

Clean the Server After Hacking

We clean the server after hacking
Rent VPS KVM on shtatovskih hosting AmeriNOC a year tri everything was fine and good. For all the time when I intensely hollowed to burst and he wrote abusive tickets in a support; there were only a couple of problems that are very, very quickly solved.

And then like a bolt from the Sky, in the morning I see in the mail, "The Family, a server of Malicious Activity". All anything, but have not had any letters that is some sort of activity. And the main thing that has left a support to the global cold, because what is imputed on the issue of the Old gave 12 hours and the server returned to the ONLINE status even after 3-4 hours.
During this time I had already critical services on cloud DO and stupid when I was waiting for my turn on a satellite grid. In the words of tech support from my server was brute force ssh server in the network AmeriNOC.

Frankly I do not believe it and thought it was gone, because I have several times had similar themes with different hosting when I suspended server for what that activity, which was not confirmed later, after the all including stupid worked on.
But for the cleaning of the soul, he decided to see what all the same traces. Well, I decided to search based on text files for Brutus, without which it is clear that the package cannot run. And as it turned out, for good reason.
# Find / -name * .txt -ctime -1
/var/wm/libssh2/go2/72.txt
/var/wm/libssh2/go2/bios.txt
/var/wm/libssh2/go2/216.txt
/var/wm/libssh2/go2/users.txt
/var/wm/libssh2/go2/vuln.txt
/var/wm/libssh2/go2/73.txt
/var/wm/libssh2/go2/testver.txt
/var/wm/libssh2/go2/pass.txt
/var/wm/libssh2/go2/73vuln.txt
/var/cache/yum/i386/6/base/mirrorlist.txt
/var/cache/yum/i386/6/extras/mirrorlist.txt
/var/cache/yum/i386/6/timedhosts.txt
/var/cache/yum/i386/6/updates/mirrorlist.txt

As we see necessary to set libssh2 script Brutus:


Look who logged into the system and see an interesting situation - a log of connections sshd sees the root entry in the 2 and 4 am 8.04 (I'm on the server did not appear for two weeks), while the last one does not see just from the last date of my call.

Again, if you go direct to the binary ravine from which it takes infu last, there is no any information about a connection: # utmpdump / var / log / wtmp | grep 'Wed Apr 08.

In theory, hackers could wipe along tail after zarutili host incl trying to find an entry point.
To start the machine using RootKitHunter: # sudo rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.i686.rpm # yum -y install rkhunter rkhunter -update # # rkhunter -propupd # rkhunter -c after scanning look that he found Hunter: # grep Warning /var/log/rkhunter.log and see that some positives in the Vals, Tyrol, system files and scripts.
Then put Shkrootkit # yum install chkrootkit # chkrootkit He found a hole Checking `bindshell '... INFECTED (PORTS: 465) but I'm sitting on a server postman who just listens to SSL on port 465, divided into the same empty. For greater certainty check it: # netstat -pan | grep ': 465' tcp 0 0.0.0.0:465 0.0.0.0:* LISTEN 0 1085 / exim tcp 0 465 0 ::: ::: * LISTEN 1085 / exim # ps -F -p 1085 UID PID PPID C SZ RSS STIME the PSR TTY TIME CMD mail 1085 1 0 2744 1144 0 Apr08? 00:00:00 / usr / sbin / exim -bd -q15m -oP /var/run/exim.pid

Now put Antivirus, but first it is necessary to roll zlibs without which for some reason did not want to put clamd: # yum -y install zlib-devel # yum -y install clamd # freshclam and feed the klamavu data files: # clamscan / home / hacknet / domains / bad -site / public_html / wp-content / themes / itheme2 / functions.php

You Might Be Interested in: VMware ESXi

Install VMware ESXi on the Dedicated Server in Hetzner.

VMware ESXi

Dedicated Server in Hetzner
There was then a need for people to download two dedicated servers in Hetzner eyeballs 32 GB RAM machine for POS terminals. Well, actually originally I decided the old-fashioned rolled forward on CentOS Dev from Oracle and Virtual raise already there, but glozhit the point that SunBox desktop version, devoid of any buns inherent in the professional version like VmWare.

So it was decided to put on a dedicated server from Hetzner ESXi virtualization from VMware.
This is done for the manes Rescue through the console, which connects to the Hetzner Robot, go to the tab Servers, choose your server and open the tab Rescue, where we choose the 64-bit Linux. Reboot the server and to ssh to connect with said initialization Rescue, login. Theoretically, Rescue Linux console can be placed either option UNICHEM supported in the system through a special script installimage. Moreover, it can be connected via the external image and to install him.
Especially as Hetzner has its own repository with the available image as unix systems, and of windows. And the main thing for me - vmvareskih ESXi:

But there is a bad moment that this script only supports images in the expansion of tar, tar.gz, tar.bz, tar.bz2, tgz, tbz. The installation script from the console, would be as follows:
# Installimage -n server176 -r no -l 1 -p swap: swap: 64G, /: ext3: all -i http://mirror.hetzner.de/bootimages/vmware/VMware-ESXi-5.5.0-1331820- depot.zip
But because zip is not supported and would configure image by hand, I decided to use the standard ISOshnik that you can pull up a virtual disk through a management console LARA, which must be ordered through the admin panel Robots: Support -> Requests -> select a server in the Server -> Request type - > Server requests -> Remote Console (LARA)

After a while a letter with your login data for the system LARA, where we connect the installation CD ESXi, through LARA -> Interfaces -> Virtual Media -> Image on the Windows Share, and then reboot the machine and climb into the KVM Console, requires the use of Java. When you boot the machine, call the Boot menu at F8-F11 on startup, select the point where there PepperC Virtual Disc 1 and 0.01 ship with a virtual disk, getting into a regular installer ESXi, which has all the standard is put fairly quickly.

The only thing necessary to consider the time that is given for free LARA only three hours, incl should not delay the setup process on the back burner.

After all put, we swing from the site vSphere Client, log in with the specified password and are not frightened that vSphere Client that there trialkyl talking about 60 days after which the machine will be repaid. ESXi system is free, it should be divided into to get a free license eternal and easy to install on the system.

You Might Be Interested in: ISPmanager

Set up hosting via ISPmanager.

ISPmanager
Bought myself here with a convenient opportunity for hosting buffet rather not bad money, well, it is necessary. A sense that the VPS cheap, but it comes in this regard is not configured.

So it was a question of all software installation. Bearing in mind that the web server on CentOS I set up somewhere about three hours, and most importantly, after installing all the software I could not put ISPmanager, since installation script began to swear that I had not been established postal business, which I have been absolutely do not need a web server.

At that time I did not understand, and today reached immediately seek: first license to the control panel, and secondly the administrator, since it has been reluctant to put all the stuffing yourself. And instead I found a beautiful site on which to order services as the administration and installation of software on your VPS or server and any possible hosting control panel: Plesk, DirectAdmin, Cpanel or ISP.

His choice, I stopped at the eternal ISPmanager Lite, worth 1,100 rubles, and for the installation are available, and the trial for two weeks. Basically, if you do not want to pay, you can order a trial, all the pickup, configure, and then score on the board. ISPmanager Lite- just the perfect solution for your own hosting, with nothing to Resell and share users.

As it turned out, I did everything wrong, like a man spoiled by Frey and raw as the first panel is placed on a fresh system, and then she was out of his dialogues, he rolls all application software. If you already have what that software, it is better to carry, because conflicts can arise during installation.

Actually ISP license is issued on IP, so before you start the installation, you will need to issue a license for himself by attaching it to one of the IP of your VPS- better default to the system do not have to explain what your IP core.
Once on the site distributed you and ordered a license (it takes a few minutes), you can proceed to configure the VPS.

To start the installation script swing ISP, perform any of the commands:
# fetch
"http://download.ispsystem.com/install.sh" # curl -o install.sh
"http://download.ispsystem.com/install.sh "# wget"
http://download.ispsystem.com/install.sh "Fetch me the system was not, so I pokurlykal and run the script to perform # sh install.sh

if he did not define the primary or IP, then it will have to set the key:
-os OS Compulsory indication of the operating system
-arch ARCH Compulsory indication of the architecture (i386, i686)
-ip ​​specify the IP Enforcement IP-address license

But I have passed all the normally defined system, IP found, then the license request, it takes 10-15 seconds, and then download it, go set-ups.

You only need to put a stable, unless you want to get a set of bugs and security holes…
Windows installer me screenshots and publish crowbars, so I will describe everything in slovah- installer system CentOS 6.0, and then offered to connect multiple repositories CentOS, which are required to install the application software. After that, the installer offers several sets of software (minimum, all the most popular), but I chose the manual, which shows all the basic software from which you can choose what to put, and select a specific packet (if offered a few to choose from). I, like the previous time, disabled all mail matter, in order not to load a server, and because they are I do not need to satellites.
Then we say instalit and go smoke bambuk- tea - to write an article. In all, about everything out for 15-20 minutes, after which the system says that everything is set and we can login to the address https: // IP: 1500 / ispmgr or https: // IP / manager /

ISP Manager Configuration file located at this address /usr/local/ispmgr/etc/ispmgr.conf directives can look at off.sayte ISP.
Because of the panels ISP you can already deliver the software you need on your system or you do not set during installation. For example, the nginx. For this we need to go: Full menu -> Server Settings -> Features

You Might Be Interested In: Cloud Data Servers