Set Hostname in Centos 7

CentOS 7 only allows Fully Qualified Domain Names (FQDN’s). Acceptable values include lower-case letters a to z, numbers 0 to 9, the period, and the hyphen, and between 2 and 63 characters.

At the console, type:

hostnamectl set-hostname my.new-hostname.server

NOTE: Replace my.new-hostname.server with your chosen hostname.

Check the Hostname

hostnamectl
Share

SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp

Do a quick search under the usual jetty folders:

find /opt/zimbra/jetty/ -type f -name *jsp -mtime -30

If you find files like:

/opt/zimbra/jetty/webapps/zimbra/js/zimbra/csfe/XZimbra.jsp
/opt/zimbra/jetty/webapps/zimbra/public/Ajax.jsp

you’re actually hacked.

Unlike the previous “zmcat” and “dblaunchs” that actually exploit the vuln and load some sh*t this looks like a bad childish attack. It seems that they delete some files under jetty dir, don’t know why. 
The attack vector is the same, but, there are no strange processes, there is no persistence. Continue reading “SOLVED Zimbra 8.6 HTTP ERROR 404 Problem accessing /public/error.jsp. Reason: /public/error.jsp” »

Share

SOLVED Debian Wheezy Letsencrypt error /opt/eff.org/certbot/venv/bin/python: No module named pip.__main__; ‘pip’ is a package and cannot be directly executed

My case and solution:

Debian 7.11 wheezy
python2.7
python-pip NOT installed

My steps:

#ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/
#wget https://raw.githubusercontent.com/certbot/certbot/75499277be6699fd5a9b884837546391950a3ec9/certbot-auto
#chmod +x ./certbot-auto
#certbot-auto renew --no-self-upgrade

it download some files and works fine.

Src: https://github.com/certbot/certbot/issues/6824

Share

Fixing Rainloop Can’t get message list error

For large mailbox when you have some mailbox having more than 100k mails in inbox, for those account you are getting error “Can’t get message list”. Here I got my fix, however can’t guarantee it works for you as well. My Rainloop version is 1.11.3.

Following settings might help to fix this issue-

Open application.ini-

nano /home/purple/web/webmail.purple.com.bd/public_html/data/_data_/_default_/configs/application.ini

In your case:

Turns off deleted message filter:

imap_message_list_hide_deleted_messages = Off

Set the number of messages in the folder that activates additional optimizations (such as disabled threads and message list sort):

imap_message_list_count_limit_trigger = 10000

Show messages over the last 12 months only.

imap_message_list_date_filter = 12
Share

Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication

Today we will setup a Site to Site ipsec VPN with Strongswan, which will be configured with PreShared Key Authentication.

After our tunnels are established, we will be able to reach the private ips over the vpn tunnels.

Get the Dependencies:
Update your repository indexes and install strongswan:

$ apt update && sudo apt upgrade -y
$ apt install strongswan -y

Set the following kernel parameters:

$ cat >> /etc/sysctl.conf << EOF
net.ipv4.ip_forward = 1 
net.ipv4.conf.all.accept_redirects = 0 
net.ipv4.conf.all.send_redirects = 0
EOF

$ sysctl -p /etc/sysctl.conf

Generate Preshared Key:
We will need a preshared key that both servers will use: Continue reading “Setup a Site to Site IPsec VPN With Strongswan and PreShared Key Authentication” »

Share

Install LAMP on Centos 7 with PHP 5.x/7.0/7.1/7.2

In this tutorial, I use the hostname server1.example.com with the IP p 192.168.1.100. These settings might differ for you, so you have to replace them where appropriate.

I will add the EPEL repo here to install latest phpMyAdmin as follows:

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
yum -y install epel-release

To edit files on the shell, I’ll install the nano editor. If you prefer vi for file editing, then skip this step.

yum -y install nano

Installing MySQL / MariaDB

MariaDB is a MySQL fork of the original MySQL developer Monty Widenius. MariaDB is compatible with MySQL and I’ve chosen to use MariaDB here instead of MySQL. Run this command to install MariaDB with yum:

yum -y install mariadb-server mariadb

Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server: Continue reading “Install LAMP on Centos 7 with PHP 5.x/7.0/7.1/7.2” »

Share

Endian Community (3.x)- network configuration using CLI- Netwizard

After you login in you Endian Appliance, simply issue the following command:

root@endian # netwizard

You will be asked a couple of questions. If the network has already been configured, the current values are shown: simply press Enter if you want to keep that value. The snippet below shows some possible values. Note that you should enter the network interfaces as eth1, eth2, and so on and not as br0, br1, and so on. IP ranges should be written in CIDR notation.

Network Configuration Wizard 
----------------------------

Hostname? myappliance.
Domain? mydomain 
RED interface type <STATIC/DHCP/GATEWAY>? DHCP 
RED device <eth0/eth1/eth2/eth3>? eth3 
Green devices <eth0/eth1/eth2>? eth0 
Green IPs (IP/CIDR)? 172.20.0.1/24 
Orange devices <eth1/eth2>? eth1 
Orange IPs (IP/CIDR)? 172.21.30.1/24 
Blue devices ? eth2 
Blue IPs (IP/CIDR)? 172.22.30.1/24 
Enable SSH access <on/off>? on 
Allow access to ports 22, 80 and 10443 from any interface <on/off>? off

Continue reading “Endian Community (3.x)- network configuration using CLI- Netwizard” »

Share

Endian Community (2.5.1)- Change the green IP address from console

Management URL: https://192.168.0.15:10443
Green IP:       192.168.0.15/24
-----------------

0) Shell
1) Reboot
2) Change Root Password
3) Change Admin Password
4) Restore Factory Defaults

Choice: 0[endian]: login
root's password:
Welcome to Endian Firewall Appliance release 2.5-0 (Deployset #0)
[endian] root: bash

Continue reading “Endian Community (2.5.1)- Change the green IP address from console” »

Share

Install Percona XtraDB Cluster for MySQL 5.7 on Debian 8

First of all, why we choose three nodes and not only two? In any cluster, the number of nodes should be odd, so in the case of disconnection of a node, we assume that the highest group of servers has the fresh data, and should be replicated to the down node to avoid data loss. This is related only to resolve conflicts in data replication, we won’t loose data written only to the disconnected node.

This is used to avoid a circumstance called split brain, in which we can’t automatically choose which node has correct data. Think for example of a 2 node cluster where both nodes are disconnected from each other, and the same record is written to both nodes: who wins when they come back online? We don’t know, so split brain happens, and we have to manually decide wich record is the right one.

The number of nodes that is needed to determine wich part of the cluster has the right data is called QUORUM, in our case, the quorum will be 2. So we need 2 servers always be connected to each other. In case all three nodes will go down, we have a split brain and we must decide wich server should go in bootstrap mode manually, this is the procedure to determine wich will be the main server to resume from the split brain.

Configuring Percona XtraDB Cluster on Debian 8

This tutorial describes how to install and configure three Percona XtraDB Cluster nodes on Debian 8 servers, we will be using the packages from the Percona repositories.

Node 1
Hostname: mysql1.local.vm
IP address: 192.168.152.100
Node 2
Hostname: mysql2.local.vm
IP address: 192.168.152.110
Node 3
Hostname: mysql3.local.vm
IP address: 192.168.152.120

On each host, modify file /etc/hosts as follows to ensure DNS will work correctly. Continue reading “Install Percona XtraDB Cluster for MySQL 5.7 on Debian 8” »

Share