×

Archive

Category: Vps Hosting

CSF firewall installation and configuration tutorial

Config Server Firewall (CSF) is a Package Insight Inspection (SPI) firewall, intrusion/intrusion and security application for Linux servers.
It is a security tool that can protect your server from attacks, such as brute force, and improve server security.

It works as a WHM plugin and is free. Refer to these instructions to complete a basic CSF installation:

CSF firewall installation

Install CSF: Login to your server using SSH.

cd / usr / local / src /
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
You will see “install complete”.

cd ..
rm -Rfv csf / csf.tgz

CSF Configuration: Log in to your server via WHM as root and go to the menu on the left. In the Plugins section, go to ConfigServer Security Firewall.

Then, in the section “csf – ConfigServer Firewall” (on the right panel), click on “Configure Firewall”.

# Filter port configuration – IPv4 port settings #

The following ports are opened by default:

TCP_IN = “20،21،22،25،53،80،110،143،443،465،587،993،995،2077،2078،2082،2083،2086،2087،2095،2096،26”

TCP_OUT = “20،21،22،25،37،43،53،80،110،113،443،587،873،2086،2087،2089،2703”

UDP_IN 20،21،53

UDP_OUT 20،21،53،113،123،873،6277

If you have changed your SSH port number, you need to add this new port in “IPv4 Port Settings” and/or “IPv6 Port Settings”.
You can also use this section to add a specific port for a new application installed on the server.

If you are using the R1soft / Idera external backup solution, you must enable incoming traffic in the TCP_IN field of TCP port 1167.

# Enable Syslog Monitoring #

Set “SYSLOG_CHECK” to “1800”

# Suspicious process detection #

Set “PT_DELETED” to “1”

Set “PT_ALL_USERS” to “1”

# Spam protection and extensive activity detection (optional) – SMTP settings #

CSF can help you prevent spam abuse and identify suspicious email activity.

Set “SMTP_BLOCK” to “1” in the “SMTP Settings” section.

Set “LF_SCRIPT_LIMIT” to “250” to detect the script sending 250 email messages in one hour.

Set “LF_SCRIPT_ALERT” to “1” to send an email alert to the system administrator when the limit configured above is reached.

# Save the configuration and confirm the firewall status #

You can save the configuration by clicking the “Change” button at the bottom of the page. Then restart the cfd/lfd service.

After that, go to the main page of ConfigServer Security Firewall.
At the top of this page, you should see “Firewall Status: Enabled but in Test Mode”
If you see “Firewall Status: Disabled and Stopped” please click on “Enable”.

3. Confirm the configuration and remove the “Test” mode.

When you are satisfied with the configuration and have confirmed that it is working well, you should remove the “test mode”.
Return to the “Firewall configuration” section (“csf – Firewall ConfigServer” section)

Set “TESTING” to 0

Save this change by clicking the “Change” button at the bottom of the page and restart the cfd/lfd service.

4. Monitor firewall activity

You can monitor the firewall activity by clicking the “System Watch Systems” button on the ConfigServer Security Firewall main page.

Or read the log file /var/log/lfd.log which is accessible via SSH.

Change the SSH port on the Linux virtual server

In this article, we want to teach you how to change the SSH port on a Linux virtual server . You might ask yourself why we need to change the SSH port? The reason for this is to increase security!

In order to protect yourself from brute force attacks and being the target of password cracking attacks, you should change your SSH port and increase your security.

Using a port as a connection port is a prerequisite for connecting to SSH. In Linux servers, port 22 is usually used, which is active by default in Linux servers; But the issue is that this port is subjected to many attacks, the type of these attacks is more than the Brute Force type, which is aimed at cracking the root password of the server .

In simple terms, the person we refer to as an attacker, using random IPs that are connected to the Internet, using the username root and port 22, tests different passwords in order to be able to Crack the server.

With the help of a firewall , you can block the connection attempt after 3 failures; But this does not mean that these attacks do not take place, but your network resources are involved for attacks, and this method may even be used for network attacks.

These types of attacks work in such a way that they involve your server with their frequent connections to the network and the server faces a lack of resources, which is also called DDoS attacks.

The solution to all these problems is to change the SSH port, which we decided to fully teach in this article how to change the SSH port on a Linux virtual server. If you haven’t purchased a Linux virtual server yet, you can do so through the link.

Step-by-step change of SSH port in Linux virtual server

The SSH port is defined in the sshd_config file; The path of this file is located in /etc/ ssh /sshd_config.

To change SSH, you must first open the terminal program and then connect to your server using SSH.

Set the port option by editing the sshd file , then save the file.

After you find the path of the file, you need to edit the file and set the port option, which is possible through the following command:

sudo nano /etc/ssh/sshd_config

After doing all this, you should look for one of the following lines in this file:

Port 22
#Port 22

The most common port that is used instead of port 22 is port 2222. To set the port to 2222, you can enter it as follows:

“Port 2222”

Of course, you should keep this in mind since the connection port to Direct Admin is also 2222, it may cause problems in some firewalls, so it is better to choose another port.

After doing this step, you can save the applied changes in the corresponding file and close the file.

 

Note: Ports 0 to 1023 in the system are protected for various services, and you will not be able to use these ports. For example, port 80 is for http, port 443 is for https, etc. and you have to choose between 1024 and 65535.❗

Very important point: when changing the port, you should pay attention to an important point, that is, if you don’t shut down selinux temporarily and then restart the SSH service, your access through SSH will be permanently cut off forever.❗

In order to turn off Selinux, you can use the following command:

nano /etc/selinux/config

 

selinux users read:

To change the port to 2222, type the following command:

# semanage port -a -t ssh_port_t -p tcp 2222

Firewall settings

After going through the above steps, what you need to do is to update the acceptance of requests from SSH port 2222 on your Linux virtual server; If you are using UFW on Ubuntu and Debian Linux virtual server, using the following command can help you:

$ sudo ufw allow 2222/tcp

But when executing the command, keep in mind that if you use access other than root access, use the sudo command, but if you use root access, you do not need to enter the sudo command; The structure related to iptables is as follows:

sudo /sbin/iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 2222 -j ACCEPT

If you are using FreeBSD / OpenBSD / NetBSD Unix operating systems , the pf firewall structure in pf.conf is as follows:

pass log on $ext_if proto tcp to any port 2222 keep state

In order to open the new port, you can run the following commands with the help of firewall on Fedora/CentOS/RHEL/Oracle Linux distributions:

$ sudo firewall-cmd –permanent –zone=public –add-port=2222/tcp
$ sudo firewall-cmd –reload

Don’t forget to update your firewall settings; Otherwise the executed commands can disable your SSH access.

 

After all this, you need to restart your sshd service, to restart sshd you need to use the following command in different Linux distributions such as CentOS/RHEL/Fedora:

$ sudo service sshd restart

If you are using FreeBSD Unix, you should type the following command:

$ sudo service sshd restart

Be careful that the TCP port 2222 is opened, and for this you must use the netstat command or the ss command.

ss-tulipn | grep 2222
netstat -tulpn | grep 2222

In order to use the newly designated SSH port with the command line, you should note that its structure must be one of the following:

ssh -p {port} user@server
sftp -P {port} openssh-server
scp -P {port} source target
scp -P {port} /path/to/foo user@server:/dest/

last word

In this article, we explained step-by-step how to change the SSH port on the Linux virtual server and explained all the points in this regard; After reading the article, follow the tips and warnings that we have mentioned completely so that no problem occurs; If you need more guidance in this field, you can ask us in the comments section so that we can guide you as soon as possible.

 

How to update and update cPanel WHM/cPanel in ssh

Updating cPanel and WHM to the latest version is not difficult. The best way is to use upcp script and ssh environment.
First, update the Linux operating system to:

yum update -y

Now run the following command:

/scripts/upcp –force

By executing the above command, WHM-cPanel control panel will start updating. This process may be a little long. You should not reset the server in the middle of the update. This process may take up to 20 minutes.

The second method to update cPanel to the latest version is as follows:

Enter the web host control panel or WHM

Now enter the Upgrade to Latest Version section and click on the Upgrade button. If you want to force the panel to run the upcp script before clicking on the Upgrade button, check the Force a reinstall even if the system is up to date check box and then click on the Upgrade button.

Both methods actually follow the same goal, but the first method through SSH is more recommended, because the update process is less likely to be interrupted.

How to set the time and date in ubuntu

In this tutorial, we are with you on how to correctly set the time and date on Ubuntu and Linux servers , sometimes it happens to you that the time and date of your server has changed without you having made any changes! And it has caused many problems for you, in some cases, the time and date of the server changes with the changes made in the network, in some cases, this happens with the installation of the script and the changes that are given.

The most complete tutorial on how to set the time and date in ubuntu in two automatic methods in the graphical environment and manually in the terminal environment. We are with you with the two methods below. different) and… you will not have linux operating systems in general.

The first method: learning how to set the time and date in ubuntu (automatically):

First, enter the server through ssh with the putty program (ssh to the server)

Enter the following command to set the clock:

sudo dpkg-reconfigure tzdata

By entering the above command, a pink/gray color page will open for you. On this page, first select the continent of Asia, then on the next page, select the city of Tehran and press enter, as shown in the image below:

Your server time has been adjusted so easily!

Important note: If you set the time and date of the server with the above command, but the problem of setting the time is still not solved, set the date and time of the server with the manual method that we teach below.

The second method: teaching how to set the time and date in ubuntu (manually):

In this method, you can first see the date and time of the server with the following command

date

You can set the date and time automatically with the following command:

ntpdate 0.asia.pool.ntp.org

Our recommended method: You can do this manually using the following command:

date -s "7 OCT 2011 18:00:00"

or

date --set="7 OCT 2011 18:00:00"

Congratulations, the tutorial on setting the time and date in ubuntu is over.

Fix the problem of not connecting to the Internet in Linux

Fix the problem of not connecting to the Internet in Linux

Maybe for you, who owns a Linux server or a Linux desktop operating system, there will be a problem of not connecting to the Internet, or a severe drop in Internet speed, or your Internet will not work at all in a certain program. In this article, we will examine the methods that solve the problems caused by the lack of Internet connection in Linux .

Before doing anything, we must make sure that our Internet is connected in Linux with the following command. This command is Google’s dns, and if the Internet is connected, the ping must be complete.

ping -c 4 8.8.8.8

The output of the above command should be as follows. Otherwise, there is a possibility that your internet will be interrupted.

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=1.68 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=58 time=1.70 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=58 time=1.71 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=58 time=1.69 ms

--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 1.686/1.699/1.718/0.051 ms

The things that can fix the lack of Internet connection in Linux are:

  • Checking the DNS server
  • Restart the internet service
  • Network card settings
  • Checking and troubleshooting the network card
  • Firewall settings
  • And …

DNS server check

To check DNS, enter the following command in the terminal environment:

sudo cat /etc/resolv.conf

The output of the command should be as follows:

nameserver 1.1.1.1
nameserver 1.0.0.1

If your output is anything other than this, you can edit it with the nano command and paste the above text into it.

sudo nano /etc/resolv.conf

And then confirm and save the file by holding the combination key CTRL and X and then with Y.

Restart the Internet service

If the mentioned methods did not solve your Internet interruption problem in Linux, restart your operating system’s Internet service with the following commands, because it is possible that some services have a problem, and with this work, it will return to its default state and the Internet interruption problem fix you

Command to restart internet services for Ubuntu, debian and kalilinux operating systems

sudo service networking restart

The command to restart the network manager

sudo service network-manager restart

Command to restart internet services for RedHAT and CentOS operating systems

sudo service network restart

Network card settings

One of the reasons that is very effective is the deactivation of the network card. We can check the correct operation of our Linux network card with the following command.

ip addr

My network card named eth0 is here, and as you can see, it got an IP from the router and there is no problem in the configuration of the network card.

It is also possible that the name of the network card is different in your system. So put the name of your network card in the command below.

Use the following command to activate the inactive network card.

sudo ifup network card name

Use the following command to disable the active network card.

sudo ifdown Network card name

If your network card has an error and is not disabled, you can use this command.

sudo ifdown --force The name of the network card

Use the following command to activate it.

sudo ifup network card name

Network check and troubleshooting

To check the Internet network and ISP, we can use the following command to find the exact location of our Internet.

For debian and ubuntu

traceroute -4 8.8.8.8

For RedHat and CentOS

tracepath 8.8.8.8

If the process is done completely and correctly, the output is like this:

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1_gateway (192.168.43.1) 3.368 ms 3.367 ms 3.432 ms
2 * * *
3 10.40.72.17 (10.40.72.17) 84.501 ms 96.662 ms 96.555 ms
4 10.40.72.1 (10.40.72.1) 96.114 ms 96.044 ms 96.294 ms
5 10.40.73.33 (10.40.73.33) 99.350 ms 96.353 ms 99.129 ms
6 * * *
7 10.40.69.65 (10.40.69.65) 66.813 ms 66.721 ms 65.910 ms
8 10.40.69.98 (10.40.69.98) 64.090 ms 64.000 ms 63.533 ms
9 10.0.11.169 (10.0.11.169) 63.457 ms 62.483 ms 62.386 ms
10 10.0.77.20 (10.0.77.20) 62.013 ms 79.632 ms 79.657 ms
11 10.0.77.1 (10.0.77.1) 83.412 ms 82.312 ms 82.575 ms
12 10.0.72.34 (10.0.72.34) 84.991 ms 84.919 ms 79.934 ms
13 10.0.77.118 (10.0.77.118) 79.811 ms 79.429 ms 103.539 ms
14 10.0.77.110 (10.0.77.110) 83.904 ms 82.089 ms 80.381 ms
15 10.21.252.246 (10.21.252.246) 80.417 ms 80.624 ms 80.545 ms
16 10.21.71.20 (10.21.71.20) 91.927 ms 89.772 ms 89.220 ms
17 10.21.71.20 (10.21.71.20) 92.004 ms 91.606 ms 91.540 ms
18 ix-et-4-0-5-0.tcore1.fnm-frankfurt.as6453.net (195.219.156.148) 207.375 ms 10.21.0.21 (10.21.0.21) 92.005 ms 90.894 ms
19 10.21.0.21 (10.21.0.21) 80.345 ms if-ae-9-2.tcore2.fr0-frankfurt.as6453.net (5.23.30.17) 196.298 ms 196.007 ms
20 if-ae-45-2.tcore1.fr0-frankfurt.as6453.net (195.219.50.20) 188.921 ms 195.807 ms et-5-0-0-0.ffttr6.-.opentransit.net (193.251.154.103) 168.200 Ms
21 72.14.214.52 (72.14.214.52) 167.552 ms google-13.gw.opentransit.net (193.251.252.246) 167.360 ms *
22 108.170.251.129 (108.170.251.129) 175.274 ms * 135.098 ms
23 * 72.14.232.33 (72.14.232.33) 134.970 ms dns.google (8.8.8.8) 164.028 ms

Firewall settings

After checking the connection and its correctness, we should check the firewall rules. For this purpose, we use the following command.

sudo iptables -L

The iptabels firewall checks all ports and applications connected to the Linux Internet.

Chain INPUT (policy ACCEPT)
target prot opt ​​source destination
ACCEPT all -- anywhere anywhere the RELATED, ESTABLISHED
ACCEPT tcp -- anywhere anywhere The firewall dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
DROP all -- anywhere anywhere

Chain Forward (policy ACCEPT)
target prot opt ​​source destination

Chain OUTPUT (policy ACCEPT)
target prot opt ​​source destination

For example, here we have imposed restrictions on http and ssh access to the server, and you can check which option blocks ping on your server or system.

We hope that the mentioned methods are the right solution for your problem.

How to enable SSL for Hostname in cPanel

cPanel itself is programmed to check SSL every night for the domains defined in it, including Hostname, but it is necessary to check the Allow AutoSSL to replace invalid or expiring non-AutoSSL certificates option located in the SSL/TLS > Manage Auto SSL section. > Options is activated.

If for any reason this option is not activated or if you intend to install SSL for Hostname before night time, just run the following command through SSH with the root user:

/usr/local/cpanel/bin/checkallsslcerts

The above command will automatically install SSL for Hostname. In addition, the cPanel and WHM login section is secured using the same SSL so that cPanel/WHM login can be accessed without warning.

How to change hostname through WHM

A hostname is a fully qualified domain name (FQDN) used to identify your server. By default, your VPS/Dedicated server has a public hostname assigned to it. For example, vps ####. hosting100.net or assign hosting100.net.### However, you can customize your hostname to improve the ability to send emails from your domain / server. In this article, you can change how the server hostname is used using the Web Host Manager (WHM). Maybe some of you, dear friends, want to change your hosting names, but you don’t know the steps to do this. In this article, we will teach you how to change the host name through whm Follow us to change hostnames.

To change host names through WHM, follow the steps below:

First, log into your WHM.

Then enter the Networking Setup section and click on the Change Hostname option in this section to run a new page.

After entering this page, you can enter your desired host name in the New Hostname field in the Changename Name field.

Then click on the Change option to apply the changes.

Note: Your hostname must be in the form of a subdomain (server.example.com).

Note: Do not select the subdomain where you currently host your cPanel account.

Note: When you change your host name, you need to update the SSL certificate for services (such as cPanel / Webmail, FTP, Dovecot SMTP / IMAP, etc.).

Note: When you change your hostname, update all references to the previous hostname in your connection(s) to the server (such as IMAP/SMTP/POP, FTP and MySQL remote services) with the new hostname.

Important: The new hostname will be assigned as your host until you restart your server. In order for this change to persist across reboots, your host’s system administrator needs to change your hostname.

We hope that this article was useful for you.

How to change remote desktop port in Windows Server

Using the RDP protocol is a common method for remote access to Windows servers . The default port used is 3389. You may want to change this port to increase server security. In this tutorial we will set the new port to 13276. Stay with us.

Changing the remote desktop port:

First, connect to the server and press Windows + R keys to open the Run window. Next, type regedit and press Enter.

Then follow the path below:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

Find the PortNumber file and click on it twice and on the opened page, select Decimal from the Base section and set the Value data to 13276.

Next, port 13276 must be opened in the firewall.

Open a new RDP port in the firewall:

In the Windows search field, type firewall and enter the Windows Firewall with Advanced Security section and click on Inbound Rules and then click New Rule

Then select the Port option and click Next.

Next, enter the number 13276 in the corresponding box and click Next. (Note that the right options are selected by default)

Click Next again on the next page. (Note that the correct option is selected by default)

On the next page, according to network settings and connection type, select the desired option or options and click Next.

Then enter a desired name for it in the Name field and click on Finish. (In this tutorial, we chose the name NewRDP)

Next, restart the operating system.

Finally, enter Remote Desktop Connection and after the server IP, put the character: and then enter port 13276.

For example, as follows

216.58.208.78:13276

Here you are connected to the Windows server using the new port.

Note: If you ever want to return the RDP port to the default value, just do the above steps from the beginning.

Set the Value data to 3389, then enter the firewall and delete the value created in this tutorial named NewRDP from the Inbound Rules section, and finally restart the operating system.

How to Activate ionCube in cPanel

Activating ioncube is usually required for PHP-based programs and protects against cracked and unlicensed code execution and increases site speed. It is possible to activate ioncube in cPanel through ssh host control panel manually or through WHM. In this article, we will learn how to install and activate ioncube in cPanel through WHM.

What is ioncube?

ioncube Loader  is a PHP language module that was created with the purpose of preventing the display and the possibility of editing the code. ionCube module helps speed and security of your site. Basically, ionCube is a dedicated PHP encoder for protected functions in PHP programs.

ionCube converts readable source code in PHP files to unreadable bytecode. For this, Loader  ioncube must be installed on the server and available to PHP. ionCube Loader is free and available for almost all operating systems like Windows, Linux, FreeBSD, etc.

To check if ionCub is installed on your virtual server, create a page with the following content and read the generated report:

<?php phpinfo(); ?>

If the ionCube Loader is not active, you may encounter the site error: the ioncube php loader needs to be installed error when loading the site or template, as shown in the image below.

To install WordPress templates, this loader must be active on your site so that you can launch any type of WordPress site. In recent years, the number of store sites that have been launched with WordPress has increased. If you are a business owner or want to earn money by designing a website, WordPress store training is for you to learn from the basic concepts to the SEO of a store website.

2- Building a database on the local host

Activate  ionCube in cPanel

As we said, to use ioncube encoded and PHP encoded files, the ionCube Loader file is needed on the server. Ioncube Loader is usually installed on shared servers and virtual servers that use PHP5. Otherwise, ask your hosting support to enable this on your hosting.  we installed the ionCube module on Laragon’s local host.

We will check the activation of ioncube in cPanel host around the method:

  • Activating ioncube in cPanel is through the control panel
  •  Activate ioncube in cPanel through WHM

Activating ioncube in cPanel is through the control panel

  • Log in to your cPanel host and click on ” Select PHP Version ” from the ” SOFTWARE ” section.
  •   Check the Ioncube_loader ,  Pdo ,  Soap  and  Sourceguardian options according to your needs

  • Click save after making changes.

Activate ioncube in cPanel through WHM

WHM stands for Web Host Manger, meaning web hosting manager, the name of a powerful program from cPanel and is used alongside cPanel. WHM is accessible to senior and middle managers. You can also use WHM to install ioncube loader on the host.

  • Log in to WHM as root user.
  •  Go to   Home->Software->EasyApache 4  Click on EasyApache in the left bar .

  • Click the Customize  button in the Currently Installed Packages section.
  • In the left menu, go to PHP Extensions and select the desired ionCube . For example (ionCube 10 loaders for PHP 7.0).
  • To see the changes being applied, go to Review and click the Provision button to apply them .
  •  ionCube loader will be installed.

  • Go to Server Configuration -> Tweak Settings -> PHP .
  • In the CPanel PHP loader, check the ioncube option.
  • Click the save button.

By activating Ioncube, you will help increase the speed and  security of your site. Installing ioncube on cPanel can be configured manually through ssh. In this article, we discussed the activation and installation of ioncube loader on the Cpanel host through the control of Penny Cpanel and WHM. Share your questions and problems about ioncube and its installation and activation in the comments.

 

How to install CPanel and WHM in simple language

How to install Cpanel? Hello, in this part of the tutorials for installing control panels, I want to install cpanel / whm on the traditional OS 7 distribution. This tutorial is for vps and real servers. We will start by logging in as the root user through ssh. The first task in each The Linux system is easy to update the repositories and install an editor, well with the command

yum update

We update the repositories. Now with the order

yum -y install nano

We will install the nano editor because it is needed, then we can also use the vi editor, but it is difficult for me to work with it. Well, now we have to assign a half host to the server, and it is better to set this half host with the command Assign a half-host to it in the following format

hostname server.youtdomin.com

For example

hostname server01.tosinso.com

Well, now we have to install the Perl package which is a prerequisite. I will install it with the following command

yum -y install perl

After the installation, go to the home folder.

cd / 
cd /home

And at this stage, we need to download the cpanel / whm installation file. There are 2 ways to get the installation file

1- Download manually and transfer it with a software like winscp

2- Download through the command inside the terminal

I use the second way, which is easier

There are two ways to download through the command, one through wget and one through curel.

yum -y install wget

And then we type this command to download the installation file

https://securedownloads.cpanel.net/latest

We enter the following command through curel

curl -o latest -L https://securedownloads.cpanel.net/latest

Now it’s time to install the file, we will install the file with the following command

sh latest

At the end of the successful installation, you will see a message like this

Thank you for installing cPanel & WHM

Congratulations, you have successfully installed cpanel / whm to access the whm panel through the address in the following format

https://your-server-ip:2087

In your browser, where the password is your root password and the user is root, it is available on the cpanel from the address in the following format

https://your-server-ip:2083
support hosting100