365 Hosting support | Server Management Provider

365hostingsupport ultimate source of Server Security, cPanel server management and monitoring. Since 2012 we are offering top class technical support services at lowest prices. We offer 100% Satisfaction with 7 Days Money Back Guarantee.

365 Hosting support |  Server Management Provider - 365hostingsupport ultimate source of Server Security, cPanel server management and monitoring. Since 2012 we are offering top class technical support services at lowest prices. We offer 100% Satisfaction with 7 Days Money Back Guarantee.

Deploy Bulk Email on Linux

Part 1 Install Tools

Deploy Bulk Email on Linux


Install nginx, mysql, php
Step One—Install the Required Repositories

Deploy Bulk Email on Linux

Deploy Bulk Email on Linux

We will be installing all of the required software with Yum. However, because nginx is not available straight from CentOS, we’ll need to install the epel repository.

sudo yum install epel-release


 

Step Two—Install MySQL

The next step is to begin installing the server software on the virtual private server, starting with MySQL and dependencies.

sudo yum install mysql-server

Once the download is complete, restart MySQL:

sudo /etc/init.d/mysqld restart

You can do some configuration of MySQL with this command:

sudo /usr/bin/mysql_secure_installation

The prompt will ask you for your current root password.
Since you just installed MySQL, you most likely won’t have one, so leave it blank by pressing enter.
Enter current password for root (enter for none):
OK, successfully used password, moving on…
Then the prompt will ask you if you want to set a root password. Go ahead and choose Y and follow the instructions.
CentOS automates the process of setting up MySQL, asking you a series of yes or no questions.
It’s easiest just to say Yes to all the options. At the end, MySQL will reload and implement the changes.
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
… Success!

Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
… Success!

By default, MySQL comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
– Dropping test database…
… Success!
– Removing privileges on test database…
… Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!


 

Step Three—Install nginx

As with MySQL, we will install nginx on our virtual private server using yum:

sudo yum install nginx

nginx does not start on its own. To get nginx running, type:

sudo /etc/init.d/nginx start

You can confirm that nginx has installed on your virtual private server by directing your browser to your ip address.
You can run the following command to reveal your server’s IP address.

ifconfig eth0 | grep inet | awk ‘{ print $2 }’

Step Four—Install PHP

The php-fpm package is located within the REMI repository, which, at this point, is disabled. The first thing we need to do is enable the REMI repository and install php and php-fpm:

sudo yum install php-fpm php-mysql

Step Five—Configure php

We need to make one small change in the php configuration. Open up php.ini:

sudo vi /etc/php.ini

Find the line, cgi.fix_pathinfo=1, and change the 1 to 0.
cgi.fix_pathinfo=0
If this number is kept as a 1, the php interpreter will do its best to process the file that is as near to the requested file as possible. This is a possible security risk. If this number is set to 0, conversely, the interpreter will only process the exact file path—a much safer alternative. Save and Exit.

Step Six—Configure nginx

Open up the default nginx config file:
sudo vi /etc/nginx/nginx.conf
Raise the number of worker processes to 4 then save and exit that file.
Now we should configure the nginx virtual hosts.
In order to make the default nginx file more concise, the virtual host details are in a different location.

sudo vi /etc/nginx/conf.d/default.conf

The configuration should include the changes below (the details of the changes are under the config information):
#
# The default server
#
server {
listen 8001;
server_name example.com;
location / {
root /usr/share/nginx/html/email-bulk-admin/public/;
index index.php index.html index.htm;
}

error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html/email-bulk-admin/public/;
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html/email-bulk-admin/public/;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /usr/share/nginx/html/email-bulk-admin/public/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}

Here are the details of the changes:
Add index.php within the index line.
Change the server_name to your domain name or IP address (replace the example.com in the configuration)
Change the root to /usr/share/nginx/html;
Uncomment the section beginning with “location ~ \.php$ {“,
Change the root to access the actual document root, /usr/share/nginx/html;
Change the fastcgi_param line to help the PHP interpreter find the PHP script that we stored in the document root home.
Save and Exit
Open up the php-fpm configuration:

sudo vi /etc/php-fpm.d/www.conf

Replace the apache in the user and group with nginx:
[…]
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user’s group
; will be used.
; RPM: apache Choosed to be able to access some dir as httpd
user = nginx
; RPM: Keep a group allowed to write in log dir.
group = nginx
[…]
Finish by restarting php-fpm.

sudo service php-fpm restart

Step Seven—RESULTS: Create a php info page

Although LEMP is installed, we can still take a look and see the components online by creating a quick php info page
To set this up, first create a new file:

sudo vi /usr/share/nginx/html/email-bulk-admin/public/info.php

Add in the following line:
<?php
phpinfo();
?>

 

Then Save and Exit.
Restart nginx so that all of the changes take effect:

 

sudo service nginx restart

Finish up by visiting your php info page (make sure you replace the example ip address with your correct one): http://xx.xx.xx.xx/info.php

It should look similar to this.
Step Eight—Set Up Autostart
You are almost done. The last step is to set all of the newly installed programs to automatically begin when the VPS boots.
sudo chkconfig –levels 235 mysqld on
sudo chkconfig –levels 235 nginx on
sudo chkconfig –levels 235 php-fpm on

 

 

We will continue the installation of  Deploy Bulk Email on Linux In next Post.. 

 

 

 

 

 

 

Disable strict mode on MySQL / MariaDB

Disable strict mode on mysql / MariaDB

How do I disable MySQL strict mode on the server?

MySQL strict mode

MySQL strict mode

Error : 

 

“My SQL Error 1048 column description cannot be null”
“mysql error : Incorrect integer value “

These error normally comes when you trying to get some transaction on the database server. This can be fix in multiple ways in some case you will need to have root/admin level of access on database or  phpmyadmin access. Below are more detail steps to fix it in mysql.

Open the “/etc/my.ini” file on database server and look for something like…
# Set the SQL mode to strict
sql-mode=”STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION”

Replace with:

sql-mode=”NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION”

You may able to do it in another method by login into the phpMyAdmin, if you have cpanel you can login into the cpanel > Database section you will find option “phpMyAdmin”. You may be able to run an SQL query within your phpMyAdmin as shown below.

SET @@global.sql_mode= ”;

 

How do I disable Strict mode on MariaDB database server?

 

This example shows how to get a readable list of enabled SQL_MODE flags:

SELECT REPLACE(@@SQL_MODE, ',', '\n');
+-------------------------------------------------------------------------+
| REPLACE(@@SQL_MODE, ',', '\n')                                          |
+-------------------------------------------------------------------------+
| STRICT_TRANS_TABLES
NO_ZERO_IN_DATE
NO_ZERO_DATE
NO_ENGINE_SUBSTITUTION |
+-------------------------------------------------------------------------+

Adding a new flag:

SET @@SQL_MODE = CONCAT(@@SQL_MODE, ',NO_ENGINE_SUBSTITUTION');

If the specified flag is already ON, the above example has no effect but does not produce an error.

How to unset a flag:

SET @@SQL_MODE = REPLACE(@@SQL_MODE, 'NO_ENGINE_SUBSTITUTION', '');

How to check if a flag is set:

SELECT @@SQL_MODE LIKE '%NO_ZERO_DATE%';
+----------------------------------+
| @@SQL_MODE LIKE '%NO_ZERO_DATE%' |
+----------------------------------+
|                                1 |
+----------------------------------+

 

 

Remember one thing this is base on the studies we implement for our customers if this fix does not apply on your issue you can contact us to permanently solve your issue at   http://365hostingSupport.com

 

 

 

 

Login not permitted to account with a uid lower than 1000

If you dealing with the disk crash and recovering the accounts from old cpanel disk to new cpanel server you might get this error “Login not permitted to account with a uid lower than xx “  So that does this case and how to solve it.

 

Remember one thing this is base on the studies we implement for our customers if this fix does not apply on your issue you can contact us to permanently solve your issue at   http://365hostingSupport.com

Error :

Login not permitted to account with a uid lower than xx “

dovecot[464249]: auth: Error:
Cpanel::MailAuth: Login not permitted to account with a uid lower than 1000
(883)

Jun 17 08:25:38 servername.com dovecot[464249]: pop3-login:
Disconnected: Inactivity (no auth attempts in 181 secs): user=<>,
rip=119.30.45.117, lip=198.50.154.36, session=<B2rCc3g1cWR3Hi11>
Jun 17 08:25:48 servername.com dovecot[464249]: auth: Debug: client
in: AUTH 1 PLAIN service=imap secured
session=+45jdHg1puUAAAAAAAAAAAAAAAAAAAAB lip=::1 rip=::1
lport=143 rport=58790 resp=<hidden>
Jun 17 08:25:48 servername.com dovecot[464249]: auth: Debug:
checkpassword(test@domainname.com,::1,<+45jdHg1puUAAAAAAAAAAAAAAAAAAAAB>):
execute: /usr/local/cpanel/bin/dovecot-wrap
/usr/libexec/dovecot/checkpassword-reply
Jun 17 08:25:48 servername.com dovecot[464249]: auth: Debug: auth
client connected (pid=490158)
Jun 17 08:25:48 servername.com dovecot[464249]: auth: Error:
Cpanel::MailAuth: Login not permitted to account with a uid lower than 1000
(883)

Reason :

1. Recently copied the Account from old server

2. /etc/passwd and /etc/shadow file touched/tampered

3. The mail server will try to authenticate against system user of the server instead of virtual domains on the server

4. /etc/dovecot/dovecot.conf touched/tampered .

 

Fix :

Check the cpanel user uid and gid by id command

[root@7578445 ]#id cpanelusername

make sure its not below the one which is mentioned in the error log

If yes you can backup and restore the same account which will asign the latest new uid and gid to cpanel user

Also make sure that there is entry of the domain in both /etc/localdomains and /etc/userdomains.

[root@7578445 /etc/dovecot] #egrep valid_uid\|valid_gid dovecot.conf
# be done even if first_valid_uid is set to 0.
first_valid_uid = 201
#last_valid_uid = 0
#first_valid_gid = 1
#last_valid_gid = 0

Change the hostname of the server to something else other than domain name.

For example if your domain is domain.com then you can set the hostname as host.domain.com

 

 

How to enable IPv6 on OVH with SolusVM

How to enable IPv6 on OVH with SolusVM > Though it’s been simple to install IP6 on any Server but when its comes to the Server from OVH standard steps to install and configure IP6 gets failed and ip does not response to ping6.

Sometimes Admins get confused with the custom rather complex structure and rules sets which must be followed by the admin for getting the IP6 online with SolusVM or other Virtual technologies. Know you must be thinking what are they and how to get ride of it.

IPv6 + OVH + SolusVM

IPv6 + OVH + SolusVM

Few simple things you need to keep in mind from start of the installation of Master server to end of configuring the networking on it. If you have missed single settings you going to get headetch for you.

1st You need to get some information on ip6

http://en.wikipedia.org/wiki/IPv6

http://www.olympus-zone.net/page_1033_en_Blue.html

Now lets get prepaid for Getting IPv6 online, make sure the server must be running with a IPv6 kernel. This kernel is available by netboot Netboot.

Find your own IPv6 address in manager v3 Manager.

IP Manager OVH

IP Manager OVH

An IPv6 example

An IPv4:

213.186.35.9/24

IPv6 will be the following:

2001:41d0:1:209::/64

Here are examples from which you can configure IPv6 on your dedicated server:

2001:41d0:1:209::1/64

2001:41d0:1:209:FF:FF:FF:FF/64

2001:41d0:1:209:A::1:1/64

2001:41d0:1:209::1:B:F/64

2001:41d0:1:209:1:1:1:1/64

The following notations are the same:

2001:41d0:1:209::1:B:F/64

2001:41d0:1:209:0:1:B:F/64

2001:41D0:0001:0209:0000:0001:000B:0000F/64

But you can :: place only once.

An example ifconfig

Once you’ve switched the server to IPv6 kernel, after the reboot ifconfig already has IPv6 info:

adr inet6: fe80::2e0:4cff:fe99:88d0/64 Scope:Lien
This shows that IPv6 works on the network.

Now go to your network settings and make below changes (ip6 and other network settings will be according to your own)

[root@cadvz2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

IPV6INIT=yes

IPV6_AUTOCONF=no

BRIDGE=xenbr0

[root@cadvz2 ~]#

 

 

[root@cadvz2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-xenbr0

DEVICE=xenbr0

TYPE=Bridge

BOOTPROTO=static

BROADCAST=xx.xx.xx.255

IPADDR=xx.xx.xx.153

NETMASK=255.255.255.0

NETWORK=xx.xx.xx.0

ONBOOT=yes

IPV6INIT=yes

IPV6ADDR=”2607:5300:60:6E99::/64″

ARPCHECK=”no”

IPV6_AUTOCONF=”no”

[root@cadvz2 ~]#

 

[root@cadvz2 ~]#echo 1 > /proc/sys/net/ipv6/conf/all/forwarding

 

[root@cadvz2 ~]#cat /etc/sysctl.conf

Check below content should be on it

net.ipv6.conf.all.autoconf = 1

net.ipv6.conf.default.autoconf = 1

net.ipv6.conf.eth0.autoconf = 1

net.ipv6.conf.all.accept_ra = 1

net.ipv6.conf.default.accept_ra = 1

net.ipv6.conf.eth0.accept_ra = 1

[root@cadvz2 ~]# route -A inet6

above command should show you the routing available under inet6 routing table.

[root@cadvz2 ~]#/etc/init.d/network restart

Restart the services if everything goes well it should come up fine

Now you have to deal in the SolusVM Panel to make sure you add them correctly.

 SolusVM Panel IPv6

SolusVM Panel IPv6

Route: IPv6 Gateway

The router (default gateway) for each IPv6 is always on IP: v:6:FF:FF:FF:FF:FF

For example:

The IPv6 server: 2001:41D0:1:46e::/64 to 2001:41D0:1:4 + 5x FF.
IPv6 Gateway: 2001:41D0:1:4FF:FF:FF:FF:FF

The IPv6 server: 2001:41d0:1:209::/64 to 2001:41d0:1:2 + 5x FF.
IPv6 Gateway: 2001:41d0:1:2FF:FF:FF:FF:FF

 

And that’s all you can now assign the IP6 from your SolusVM

Plain windows web-server VS Control Panel based web-server

Hello All,

 

Lots off confusion and personal opinion will come up when we we talk about the Plain windows server and Control panel based server specially when we use it as web-server. Lots of things need to be considered while we thinking on the topic.

But obviously the control panel base server are more user friendly and hassles work. and might be a quick way to handle it by paying some extra money on the control panel. You may be thinking of saving some cost on the management of the technical support or upgrade of the panel.

 

Although sometimes having control panel we need to keep depend on the control panel provider to keep updated the patches and the security bugs in other hand for plain server if the person who is handling it is bit technical and familiar with the windows server side functioning can tweak it according to the need and do the custom changes as and when needed also having the more and more custom setting leads to protect from the most of the hacker as hacker generally take advantage of the commonly used panel bugs and the applications comes on it.

 

There are some free control panel comes for windows server but its recommended to check the security and the frequent update on the bugs from the opensource provider. Keep the plain server allow you to keep modifying the things according to your requirements time to time. If you planing to keep the plain webserver for you website you need to make sure that all the require modules and the function are enabled from the IIS and also if you using it as DNS and email server at same time. Its more sensible to configure it in well manner so that it wont get loaded or buggy and will keep your server secure.

 

Keep the firewall Active on your windows server does help a lot but its recommended to close all the unnecessary port on the server and only open the require ports . Keep your self familiar with the windows Even-log and the Task monitoring tools. Disable the sharing and the directory permissions secure.

 

365Hosting Support team having experience on handing the plain server more efficiently and keep it secure with the customize settings build over level of experience. The Admins  are always here to promptly reply your queries and   get it sorted for you. If you have low budget and need the secure place to host your server you on right place. Contact our live chat support and get more information on our server management plan now !

 

 

 

Migrate OpenVZ virtual servers

Hello,

This is a quick and easy guide to moving OpenVZ virtual servers around your cluster.

On the node that hosts the container you want to migrate, do:

wget http://365hostingsupport.com/2014/sshkey.sh
chmod a+x sshkey.sh
./sshkey.sh <destination_node_ip> <destination_node_port>

Quote
destination_node_ip = the ip of the node you want to transfer the virtual server to.

destination_node_port = the SSH port of the node you want to transfer the virtual server to.

Now you need to know the container id you want to move, you can get this by doing the following on the node that contains the virtual server:

root@365hostingSupport[~]#vzlist -a

When you know the container id you can start the migration. Do the following on the node that contains the virtual server:

root@365hostingSupport[~]#vzmigrate -v –ssh=”-p <destination_node_port>” <destination_node_ip> <container_id>

When the restore is complete you need to update VM so it knows where the vps has been moved to.

In SSH on your master do the following:

Quote
/scripts/vm-migrate <VSERVERID> <NEWNODEID>

<VSERVERID> is the ID listed in your VM list in VM

<NEWNODEID> is the ID of the node listed in your node list in VM

Example moving vserverid 110 to node 3:

root@365hostingSupport[~]#/scripts/vm-migrate 110 3

Heres some extra flags you can use:

Quote
-r, –remove-area yes|no
Whether to remove container on source host after successful migration.

–keep-dst
Do not clean synced destination container private area in case of some
error. It makes sense to use this option on big container migration to
avoid re-syncing container private area in case some error
(on container stop for example) occurs during first migration attempt.

–online
Perform online (zero-downtime) migration: during the migration the
container freezes for some time and after the migration it
keeps working as though nothing has happened.

Regards,
Silvester J
http://365HostingSupport.com

Install PortsEntry on linux server

Hello All,

 

Firewalls help us to protect our network from unsolicited intrusions. Using them we can choose which ports we want to be open and which one’s we dont. Information is kept private by your organization and responsibility of individuals asociated. Nobody
from the outside implicitly knows this information, but attackers know as well as spammers, that for some kind of attacks you
can use a special program to scan all the ports on a server to glean this valuable information i.e. what is open and what is not.

A port scan is a symptom of a larger problem coming your way. It is often the pre-cursor for an attack and is a critical piece of information for properly defending your information resources. PortSentry is a program designed to detect and respond to port scans against a target host in real-time and has a number of options to detect port scans. When it finds one it can react in the following ways:

A log indicating the incident is made via syslog().
The target host is automatically dropped into /etc/hosts.deny for TCP Wrappers.
The local host is automatically re-configured to route all traffic to the target to a dead host to make the target system disappear.
The local host is automatically re-configured to drop all packets from the target via a local packet filter.
The purpose of this is to give an admin a heads up that their host is being probed.

Installation Steps:

1. Login as root and fire following cmds
2. mkdir /root/download
3. cd /root/download
4. wget http://sourceforge.net/projects/sentrytools/files/portsentry%201.x/portsentry-1.2/portsentry-1.2.tar.gz/download
5. tar xvfz portsentry-1.2.tar.gz
6. cd portsentry_beta/
7 make
8. make install

Edit /etc/portsentry/portsentry.conf and specify the ports you want portsentry to protect:

# Un-comment these if you are really anal:
#TCP_PORTS=”1,7,9,11,15,70,79,80,109,110,111,119,138,139,143,512,513,514,515,540,635,1080,1524,2000,[…]”
#UDP_PORTS=”1,7,9,66,67,68,69,111,137,138,161,162,474,513,517,518,635,640,641,666,700,2049,31335,[…]”
#
# Use these if you just want to be aware:
TCP_PORTS=”1,11,15,79,111,119,143,540,635,1080,1524,2000,5742,6667,12345,12346,20034,27665,31337,[…]”
UDP_PORTS=”1,7,9,69,161,162,513,635,640,641,700,37444,34555,31335,32770,32771,32772,32773,32774,[…]”
#
# Use these for just bare-bones
#TCP_PORTS=”1,11,15,110,111,143,540,635,1080,1524,2000,12345,12346,20034,32771,32772,32773,32774,[…]”
#UDP_PORTS=”1,7,9,69,161,162,513,640,700,32770,32771,32772,32773,32774,31337,54321″
It should be ports that are not in use on the system. E.g., if you use IMAP (port 143 TCP) on the server you should remove

143 from the list above. The rest of portsentry.conf is well commented, but normally the default values should work.

9. To launch portsentry

/usr/sbin/portsentry –stcp
/usr/sbin/portsentry –sudp

Installation complete.

Regards,
Silvester J
http://365HostingSupport.com

How Disable Open DNS Recursion

Hello,

If you are running bind DNS server, then you might want to check your dns server statistics with dnstools.com. You dont want

to allow recursive lookups to performed on your server other than local IP. It can also slowdown your server.

Steps:

1. Login to server as root user.
2. Vi /etc/named.conf
3. Search for Under Options { place a line
Options {
recursion no;
…..

4. Then restart the bind
5. service named restart

Regards,
Silvester J
http://365HostingSupport.com

Prevent IP Spoofing on Linux Server

Hello All,
Prevent IP Spoofing
Introduction:
An IP (Internet Protocol) address is the address that reveals the identity of your Internet service provider and your personal Internet connection. The address can be viewed during Internet browsing and in all of your correspondences that you send.
IP spoofing hides your IP address by creating IP packets that contain bogus IP addresses in an effort to impersonate other connections and hide your identity when you send information. IP spoofing is a common method that is used by spammers and
scammers to mislead others on the origin of the information they send.
IP spoofing is a security exploit and can be prevented from placing nospoof on in host.conf file. Edit the host.conf file and place the following lines. If you run dns bind, give it preference.

Steps:

1.      login to server as root
2.      vi /etc/host.conf
3.      and add following line
        
         nospoof on

4. save and exit

Regards,
Silvester J
http://365HostingSupport.com

Virtualbox installation on Fedora Linux

Hello All,

Virtualbox installation on Fedora Linux This short “how to” will guide a Fedora user with a steps on howto install VirtualBox on a Fedora linux system.

First, become a root and install all required prerequisites:

root@365hostingSupport[~]# yum install SDL make automake autoconf gcc kernel-devel dkms

Download RPM binary package of Virtualbox:

root@365hostingSupport[~]# wget

http://download.virtualbox.org/virtualbox/3.2.12/VirtualBox-3.2-3.2.12_68302_fedora14-1.i686.rpm

Next install a downloaded RPM package with rpm command:

root@365hostingSupport[~]# rpm -i VirtualBox-3.2-3.2.12_68302_fedora14-1.i686.rpm

Recompile vboxdrv modules:

root@365hostingSupport[~]# /etc/init.d/vboxdrv setup

Make your self belong to a group vboxusers:

root@365hostingSupport[~]# usermod -G vboxusers -a username

Now, you need to log out and log in to apply the above group changes. Once you log in into the system again you should have a working version of Virtualbox on your Fedora Linux.

Regards,
Silvester J
http://365HostingSupport.com