Friday 13 March 2020

Filtering web-traffic to specific Countries



There are numerous tools and methods to manage traffic to web servers, and here we are going to review the steps to block/allow Apache web traffic based on origin country. You can redirect or block web traffic of your client using the GeoIP module. This would be helpful in Fraud Detection, Target Content, Spam Fighting, etc.

Installing  GeoIP

GeoIP is a library that enables the user on finding the accessing IP-address’s origination.  On day-to-day server management, requirements and purposes may vary and one may need to block traffic from certain countries reaching your Apache webserver.  Here we are going to use the GeoIP module with apache in achieving the same. Installing GeoIP Library, GeoIP database, Apache GeoIP module, and the GeoIP update script.

# yum install epel-release
# yum install GeoIP GeoIP-GeoLite-data geoipupdate mod_geoip

 To verify the above installaton, you can test with ‘geoiplookup’ command and it is also important to keep the GeoIP database updated and can be achieved by ‘geoipupdate’ command.  However, a cron to run ‘geoipupdate’ can be created with your frequency.

Updating Apache configuration to enable GeoIP:

Module mod_geoip handles the services in apache web server and the generic configuration file is located at /etc/httpd/conf.d/geoip.conf.
Edit the geoip.conf file to enable GeoIP, specify the DB path and enable GeoIPScanProxy Headers.
# cat /etc/httpd/conf.d/geoip.conf
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
GeoIPScanProxyHeaders On
</IfModule>
#

Blocking Country:

To block countries from accessing your webserver add Deny rules in /etc/httpd/conf.d/geoip.conf .
Example 
# cat /etc/httpd/conf.d/geoip.conf
<IfModule mod_geoip.c>
GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
<Directory />

 SetEnvIf GEOIP_COUNTRY_CODE AN BlockCountry
SetEnvIf GEOIP_COUNTRY_CODE BL BlockCountry

 # add any number of countries here based on your requirement
# you can refer to the country codes in GeoIP website.

 Deny from env=BlockCountry
</Directory>
</IfModule>
#

 Note: Restart apache server for any changes done to take effect.

GeoIP Country Codes


Quick Reference country codes (Mod GeoIP)

/etc/httpd/conf.d/geoip.conf
Example Usage as mentioned earlier
 SetEnvIf GEOIP_COUNTRY_CODE CN BlockCountry




Hope this helped you to redirect or block web traffic of your client using the GeoIP module. If you find any difficulty in blocking/allowing Apache web traffic we can help you.

You can check our previous blog: Remove error_log files on a cPanel server

Follow us for more updates on Facebook, Twitter
Posted by at No comments:

Tips to fix Cloudflare error 522







Looking for a solution to fix your Cloudflare error 522, then here is the fix. When you try to access a website that uses Cloudflare, you might come across 522 error, which shows “ERR_CONNECTION_TIMED_OUT”.  This happens when Cloudflare times out contacting the parent web server.

The Code 522 stands for 'Connection timed out', and occurs when there is a high usage of Cloudflare, but the major cause of error 522 can be due to:
  • Overloading of the Parent/Origin Server may Take Place
  • Firewall Block
  • Problems in Routing
  • Incorrect IP Address in the DNS Settings

Quick Tips:
Ensure that you are blocking Cloudflare IPs in .htaccess, iptables, or your firewall
Ensure all our IPs are whitelisted, If not you can see 522 errors in certain locations

Solution to fix Cloudfare Error Code 522


  • Disable interfering Plug-ins
Sometime, specific plug-ins that create a variety of queries more than the required and an increase in the corresponding database will generate a high load on the server.
To get rid of this problem, you need to install the Plug-in performance profiler and it helps to detect which plugins are mischievous with the overloaded queries in the database. Once the issues are identified successfully, you can uninstall the interfering plugins and check if the problem is fixed.
  • Enable Cache Plug-in
The cache is that part of the memory that stores the data from the website you visit frequently. Therefore you can reduce the server load by decreasing the queries to the corresponding database. You can easily improve the connection speed of the server with the help of the cache plugin. Use the WP Super Cache plugin on a shared hosting service.
  • Manage Configurations
By managing, the configuration setting of the server can cause this error 522 to disappear but this is a lengthy task. First, you need to remove the domain on Cloudflare, then install the cPanel again and add the domain name. This kind of process will help to remove the bug.
  • Image optimization
The process of compressing the image size for better optimization will help to reduce the server load and decrease bandwidth consumption. Consequently, it will increase website speed.
  • Contact Hosting Provider
You can check with your hosting provider to identify any blocking attributes to Cloudflare systems. Contacting your hosting provider would ensure that your server does not block any of the Cloudflare’s IP’s.
  • Implement Lazy load plug-ins          
You can reduce the usage of image bandwidth to an extent with the help of these plug-ins and thereby enhance the performance on a large scale.

Wrapping up:

Make sure your website responds to Cloudflare queries within 60s by compressing your image, activate the 'keepalive' message, and optimize your database. Thereby you can reduce your bandwidth consumption. 

Check our previous post: Filtering web-traffic to specific Countries

 Follow us for more updates on Facebook, Twitter

Posted by at No comments:

Friday 21 February 2020

Remove error_log files on a cPanel server







We will show you how to free up disk space by deleting/removing error_log files. You can remove the error_log files either by a single command or using a CRON JOB for automatic removal.
Note: Take the backups before you start. If you have limited server resources, then it would take a long time to run these commands.

Locate error_log Files on cPanel Servers:

First, let’s locate the error_log file using the command;
 find /home -type f -iname error_log -exec du -sh {} \;

-type: Specify the type to find.
-iname: Specify the name to find.
-exec: Execute the “du -sch” and lists the output with file size.

If you want to list the error_log files bigger than 50MB? You can use the below command, but remember that based on the file size you choose the run time of the commands would increase accordingly.

find /home/*/public_html -type f -name error_log -size +50000k -exec du -sh {} \;

Remove all error_log files:

The command “find” has a “delete” option to remove all the error_log file from the directory. Check the below command to remove error_log files:

 find /home -type f -iname error_log –delete
-delete: This switch used to remove all the outputs from the find command.

Remove error_log files using CRONJOB

The command “CRONJOB” is used to remove the error_log files periodically. Follow the below code to create cron.

/bin/find /home -type f -iname error_log –delete

For example:
* 21* */bin/find/home –type f –iname error_log –delete

This command line will delete all the error_log files periodically every day at 9 PM server time.
If you find any issues in a particular file, you can change the file location accordingly.

You can also check : 7 Tips to free disk space on cPanel server

For more tips and updates follow us on Facebook, Twitter


Posted by at No comments:

Thursday 13 February 2020

Fix SMTP error 421, 451





Well, you might be receiving an error message while sending an email to your recipient in the form of a three-digit number, each containing a detail about the server or an answer to a command. First, try restarting the mail server but if it keeps coming up follow the steps below. So let’s see how to fix SMTP error 421, 451:

421 SMTP Server error: too many concurrent sessions

SMTP error 421 denotes either a temporary problem on the mail server or a problem with the recipient's email account.

If you reached a limit (restriction) on your mail account you may get a 421 error as some mail providers might return this error.

Depending on the cause we will see how to fix SMTP error 421. You need to try each below solution until it’s fixed.

Solution1: Fix the Outlook Configuration Issues


If this issue is caused right after the configuration of the outlook account, then the error is occurred due to a configuration mistake. The invalid port number setting or mail server name will show “421 cannot connect to SMTP Server” error while sending or receiving an email so remove the email account and add the account again.

To add the configuration correctly follow the below steps:
Step 1 - Open Outlook account and go to File > Account Setting, Select the email account and click Remove button.
Step 2- Once the account is removed, click the New button then select the Email account and enter the required information. Click Next and wait for the settings to be configured and check the test mail sent.
Step 3- If the test email delivered successfully, then your account is configured properly. In case, if you face the same error then follow Solution2.

Solution2: Change the SMTP port number


When you enter a wrong SMTP port number you will end up receiving an SMTP 421 error. You can check by changing the SMTP port number from Port 25 to 465 and see if the normal functionality resumes. 
For this you need to go to File > Account Settings, then choose the email account that’s affected and click on the Change button.
In the Change Account window, select More Settings > Advanced tab and now set to 465 in modify the Outgoing server (SMTP).
Ensure ‘Use the following type of encrypted connection: is set to SSL ‘.

Solution3: Check 3rd party firewall interference


Though the firewall protects us against malicious attacks, it can block certain IP ranges, so let’s test by disabling 3rd party firewall and send a test mail.
For that Open the Control Panel > under Programs and Features section choose your 3rd -party antivirus and uninstall it. Then check by restarting your PC.
You can install the firewall from the official site and re-check the error by sending a test mail.


Solution4: Check VPN interference


Try sending a test mail once after you disable your VPN connection, if the mail is sent successfully, then the VPN will be the cause of the error. If the error persists you might probably need to contact the VPN network support and ask to whitelist the email server.

SMTP error 451 Exchange Server Error


Next, we will see how to fix SMTP error 451. When you face issues as mail limits exceeded, DNS errors, unreachable mail servers, etc., the Email Relay environment will get affected due to a temporary exchange server. This 451 server error can be due to a discrepancy on Sender or Receiver Exchange server. Let’s see how to resolve the 451 server error.

Step to resolve Exchange Server Error 451


Inspect Queue Viewer
  • Open Exchange Management Console > Click Edge Transport server.
  • Then go to toolbox > Queue Viewer.
  • Select Mail Flow tools > Queue Viewer tool.

Verify DNS Configuration
  • Login to the Edge Transport server locally and use Console Switch, if you are accessing “Remote Desktop Connection”.
  • Next, open Exchange Management Console > Edge Transport Server > properties.
  • Then go to Internal DNS Lookups and check whether it is in Default Configuration Setting. If not, set it to Default.

Implementing Internal and External Lookups


1. Internal Lookups
When you have multiple network adapters, you need to go with an Internal Network Card and then choose the card to access the DNS setting. If any misconfiguration occurs, it will allow all the IP addresses to modify.
If there is no IP address detected, then the NIC card might not be configured with DNS server entries. Therefore fill the card with appropriate details and confirm the configuration.   

  
2. External Lookups
If you are using a single network card with public DNS, modification of configuration may affect external resolution and it might stop the email flow.

Command Line tools to test DNS Server


NSLOOKUP – To get DNS records that hold Server & IP address Information.
TELNET – To test ports.


Locate IP Address of the Server
  • First, type “nslookup” to find a server IP address and click to open the NSLOOKUP tool.
  • Next, type set type=mx and press enter.
  • Finally, enter the domain name you wish to extract the MX record and hit enter.

Check out SMTP connection Via TELNET command

  • Open Command Prompt (cmd) and enter telnet.
  • Enter set logfile (location:/filename)
  • Next, type open mail.abc.com 25 and press enter.
  • Now type the command EHLO contoso.com and execute it.
  • Compose test email message with parameters like from, receive, notify, data and subject.
  • After the process termination, it will generate a success or failure confirmation report.

Hope you would have fixed. If the issue still persists or any other email error Try Expert Solution.
For more tips and updates follow us on Facebook, Twitter
Posted by at No comments:

Wednesday 5 February 2020

Hybrid Cloud – The key survival in today’s business









Cloud technologies are one of the mainstream options in the IT world and global enterprises have already migrated into cloud computing. Due to a lack of control and privacy, opting to go fully on the public cloud will not be the best for IT infrastructure. So if your enterprise is looking for the benefits of both Public and Private Cloud, then the best option would be a hybrid cloud.

‘’ Right Scale survey estimation indicates that enterprises with a hybrid cloud strategy have grown to 58% in 2020, up from 51% in 2018. It also says that 28% of enterprises who haven't yet adopted hybrid cloud consider it a priority to do so.’’

Now you might wonder why hybrid cloud is heading, the main reasons is its Simplicity, Security and Collaboration. As we know it’s not going to be an overnight success, but you can expect cost savings and increased operational efficiency if it is deployed properly.
Few companies are deviating from building their own data centers, as they can create one in the cloud with a few clicks of a mouse. Let us see what are the main advantage of adopting hybrid cloud systems for enterprises.

Key Benefits of Hybrid Cloud:

•          Security

When compared to other public clouds, the Hybrid cloud has a key potential to increase the security level. Using a hybrid cloud, companies can decide which applications or services can be stored in public and private clouds.  This helps you to keep all your sensitive data on a highly secured dedicated infrastructure. The proper integration of public and private cloud will play a better role in strengthening the security level. It also ensures the cloud space from overburdening. Therefore it provides end-to-end security for the data stored.

•          Cost-Effective

A hybrid cloud follows a pay-as-you-need model that is, you only have to pay for resources that you use. It offers you the flexibility to manage costs without comprising the quality of services i.e., its reduction in your Total Cost of Ownership (TCO). 
 

•          More flexibility

As we know flexibility is one of the core advantages that enterprises look for in the cloud environment. The hybrid infrastructure is designed in such a way that you get maximum efficiency and scalability.
You can choose where to put your applications, where they can run best etc., by providing a more way for flexibility than before. It combines the security of a private cloud with the scalability of a public cloud to meet your specific requirements.

Wrapping up:

In the upcoming days, hybrid cloud models will focus on keeping your core systems in place while using cloud applications to ‘innovate around the edges’. Being selective in choosing the right technology cloud players is key. When it’s used properly, Hybrid models can modernize and will be future-proof existing technology for your organization.

You can check our latest blog on: Run multiple PHP versions on the same server

Follow us on Facebook, Twitter for the latest updates.


Posted by at No comments:

Tuesday 28 January 2020

Run multiple PHP versions on the same server






You would have faced the trouble of keep swapping the PHP version depending on the task in hand you need to use. With this solution, you can install multiple PHP versions in the system and make them work simultaneously.
To run two or more PHP versions for different sites on the same LAMP stack by using mod_fcgid to create a .fcgi wrapper script.  The script forwards all the PHP requests which were made from php-cgi binary.
Considering a server running on PHP 7.2  where a specific site requires an older PHP version (eg PHP 5.6)

Required Installation Packages

The php56-php packages are in the Remi repos and they install to /opt/remi/
In order to create the PHP wrapper script, mod_fcgid Apache module needs to be installed.
[root@server ~]#yum install php56-php php56-php-pear mod_fcgid

Remove alternate PHP configuration(s)

A configuration file to load PHP 5.6 would be created  into Apache at /etc/httpd/conf.d/php56-php.conf, which has to be DELETED else it would conflict with the existing PHP version and would fail Apache  to start.
[root@server ~]#rm -f /etc/httpd/conf.d/php56-php.conf

PHP wrapper script creation

This script will set the environment for the specific PHP versions. (here PHP 5.6)
Example path of a specified site '/var/www/www.actsupport.com/cgi-bin/php56.fcgi'
(name the script depending on the PHP version)

[root@server ~]#cd /var/www/www/actsupport.com/cgi-bin
[root@server ~]#vim php56.fcgi
#!/bin/sh
PHPRC=/opt/remi/php56/root/etc/
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=16
exec /opt/remi/php56/root/usr/bin/php-cgi

[root@server ~]#chmod +x /var/www/www.actsupport.com/cgi-bin/php56.fcgi
PHPRC is the path of the folder for php.ini and the exec is the full path to the php-cgi binary of the enabling PHP version, Update the values on your environment accordingly.

Update Apache Configuration

Append the Virtual Host for the specific domain on the question.
[root@server ~]#/etc/httpd/sites-available/actsupport.com.conf (Generic/Custom path based on the environment)
<IfModule mod_fcgid.c>
    RemoveHandler .php
    RemoveType application/x-httpd-php
    Action application/x-httpd-php5 /cgi-bin/php56.fcgi
    AddType application/x-httpd-php5 .php
    AddHandler application/x-httpd-php5 .php
</IfModule>

HTTPS config to be updated, if applicable
EDIT PHP config

Modify by commenting out the <FilesMatch> and SetHandler block because it can't be overridden by the RemoveHandler directive we added to the site's virtualhost entry.
It is being replaced with an AddHandler directive that performs the same purpose but will respect being overridden.

[root@server ~]#/etc/httpd/conf.d/php.conf
#    <FilesMatch \.php$>
#        SetHandler application/x-httpd-php
#    </FilesMatch>
       AddHandler application/x-httpd-php .php

PHP Modules Installation

The required PHP modules vary based on the site and if we restart Apache now, the alternate PHP version would run without the necessary modules and be incompatible accordingly. Though very few modules being installed by default the below list works in many setups. However, install other PHP modules that are needed as necessary and make sure to install the phpXX-php-* versions from the Remi Repo for any PHP versions used to avoid accidental module installation for the wrong PHP versions of human error prefix.
php56-php-gd
php56-php-mbstring
php56-php-xml
php56-php-mysqlnd
php56-php-mssql
php56-php-ioncube-loader

To install the above use
[root@server ~]#yum install php56-php-gd php56-php-mbstring php56-php-xml php56-php-mysqlnd php56-php-mssql php56-php-ioncube-loader

Also make sure the php.ini for the specific PHP version is probably located at /opt/remi/phpXX/root/etc/php.ini.

Finally restart Apache

Finally, you need to restart Apache
[root@server ~]#service httpd restart

Verify PHP changes

Create a info.php page and verify changes.
[root@server ~]#vim info.php
<?php
phpinfo:();
?>

I hope you have resolved the issue related to multiple PHP versions. If you need any assistance Contact Us.

For more tips follow us on Facebook, Twitter

Posted by at No comments:

Wednesday 8 January 2020

Steps to Install Jira on Centos7



The bug-tracking tool Jira will track issues and bugs related to your software and Mobile apps. It is developed by an Australian Company Atlassian. You can manage your project easily, as Jira dashboard consists of many useful functions and features which make handling of the issue easily.

Now let’s see how to install and configure latest version of Jira on centos7


Steps to Install & Configure:

Install JIRA on Centos7
To establish Jira, you must require JAVA software package. So, First you need to check the Java package and its version by “JAVA – version” Command.
# yum install
java-1.8.0-openjdk java-1.8.0-openjdk-devel
# java -version
openjdk version "1.8.0_212"

Let's Install MySQL Database

Install and configure MySQL to start on system boot & set password.
# wget https://dev.mysql.com/get/mysql57-community-release-el7-11.noarch.rpm
# rpm -ivh mysql57-community-release-el7-11.noarch.rpm
# yum install mysql-server
# systemctl start mysqld
# systemctl status mysqld
# grep 'temporary password' /var/log/mysqld.log  ## to get default password ##
# mysql_secure_installation    ## use default password and change new password ##


Note: You have to set a strong password with uppercase, lowercase letters, numbers and special characters etc.



Now create MySQL
Database and user for Jira with following commands:




# mysql -u root -p
CREATE DATABASE jiradb CHARACTER SET utf8 COLLATE utf8_bin;
grant all privileges on jiradb.* to 'jira'@'%' identified by 'password';
flush privileges




You should maintain a strong password otherwise you will get below error:



ERROR 1819 (HY000): This
shows that your password does not satisfy the current policy requirements

For a simple password use below command in mysql prompt

SET GLOBAL
validate_password_policy=LOW;

Now it allows to keep simple
password.



Next exit from MySQL and then restart MySQL service as shown below


# systemctl restart mysqld



Installation of JIRA

To install Jira on centos7.
Download the latest version of JIRA installer from: https://www.atlassian.com/software/jira/download




# cd /opt
# wget https://www.atlassian.com/software/jira/downloads/binary/atlassian-jira-software-8.6.0.zip


Then, Execute the .zip file and
install JIRA.


# unzip atlassian-jira-software-8.2.0.zip 
# mv atlassian-jira-software-8.2.0-standalone atlasian
# mkdir /opt/jira
# mkdir /opt/jira/home
# vi /opt/atlassian/atlassian-jira/WEB-INF/classes/jira-application.properties
### set jira.home as jira.home = /opt/jira/home ###
# cd /opt/atlassian/bin
# ./startup.sh




Once after completing the Jira
Installation. You can now access Jira as http://ip_address:8080



To Copy the MySQL JDBC Driver

Download jdbc
drivers from http://dev.mysql.com/downloads/connector/j/ 



You can either
download .tar.gz or .zip file and copy the MySQL JDBC driver to application
server file as shown:




# cd mysql-connector-java-5.1.47
# mv mysql-connector-java-5.1.47.jar /opt/atlassian/lib/


To Restart Jira service


# cd /opt/atlassian/bin/
# ./stop-jira.sh
# ./start-jira.sh




Hope it helps. If you need any assistance Contact Us



Read our existing blog post : Steps to install PhantomJS On CentOS7



Follow us on Facebook & Twitter for more updates














Posted by



at





No comments:
  


































        

      









Subscribe to:
Posts (Atom)