How to setup your own Cloud

Problems:
– Have you ever wondered how to setup your own private Cloud service?
– Is there any (preferably self hosted) alternative to DropBox, Google Drive, SkyDrive… ?
– Services like Dropbox and Google Drive are really good but they can cost you money if you need more space.
– You have tried all the alternatives to Dropbox and Google Drive but you need something different?
– Do you really need all the futures they provide?
– Do you need more features (like syncing calendars, tasks, contacts and music)?
– Do you want to be able to install pre-made or develop your own plugins for your cloud?
– Can we really trust companies like Google or Dropbox them with our data?
– Are you a small company or start-up and you can’t afford a $795/year for Dropbox team service?
– You also need iPhone and Android application so you can access your files on your phone?
– You also want a Windows, Mac or Linux Desktop application and Web access?
– You want to host that could on your company server or inhouse? And you want it on a sub-domain like cloud.yourcompany.com?
– And you want it free or really cheap?

Not a problem! We got you covered with all that!!!

The Solution
The solution to problems listed (and un-listed) above is really simple. All you need is to install ownCloud on your server/hosting. This software is a PHP/MySQL powered so it will work on just about any Linux server and is released under AGPL license.

Getting Hosting
In case you have hosting (shared/vps/cloud/dedicated) you can skip this paragraph.
If you don’t have one – you can get it pretty cheap these days and my advice is to go with DigitalOcean. They will provide you with great entry level VPS (512MB of DDR3 RAM, 1 Intel Xeon 2GHz Core, 20GB od SSD hard disk space and 1TB of bandwidth) for just $5. Did I mention it’s SSD powered – so it’s blazing fast! Plus you can deploy your VPS in US or NL and you can add backups for 20% (in this case for $1 extra a month). New VPS is provisioned in 60 seconds and you pay per hour of use (not monthly). So you’re invited to play bit with different linux distributions, geo-locations and sizes etc.. and to fully test it out before you put it in production use.

Detailed installation instructions for Digital Ocean can be found in here and if you need any help in setting it up – feel free to contact me.

Installing OwnCloud on shard hosting
The installation process is easy and it’s similar to installing just about any PHP/MySQL script (like WordPress for eg.).
Here’s step by step guide:
1. Download the web installer from this url: https://download.owncloud.com/download/community/setup-owncloud.php
2. Upload setup-owncloud.php to your web space
3. Point your web browser to setup-owncloud.php on your webspace
4. Follow the instructions and configure ownCloud
5. Login to your newly created ownCloud instance!
In case you need any help with the setup feel free to contact me

Downloading Desktop Client
There are Desktop Sync Applications already developed for Windows, Linux and Mac OS. All you need to do is to download them and install them.

iOS and Android Applications
You can get them from Apple Store or from Google Play. They are not free but are really cheap and cost only $0.99 to install. Here’s a nice YouTube tutorial of Android Application:

Feature list of ownCloud
– Access, Share and Sync your data
– Tasks, Contacts, Calendar, Galleries and Music
– Public API
– Templates
– SSL Encryption
– Powerful Search
– File Versioning
– File Un-Delete
– Download whole folders as ZIP archives
– LDAP Active Directory
– User Management
– User Quotes and Groups
– Internal Messages (free 3rd party app)
– External Storage (access data from AmazonS3, GoogleDocs, DropBox, FTP…)
– PDF viewer in browser (no plugins required)
– ODF Document Viewer (file formats: .odt, .odp, .ods)
– Image Viewer and Media Player (free 3rd party app)
– Text Editor (PHP editor with syntax highlighting)
– Translated into many laguages
– Migration and backup of accounts
– Application store (so you can expand your cloud with extra plugins)
– If you are HUGE company or organisation you should check Enterprise Edition at ownCloud.com

ownCloud Demo
To try out the ownCloud software you can check official ownCloud demo

Conclusion
OwnCloud is really interesting, feature rich cloud platform that enables you to share your data between users and various devices. It can be useful for both individuals and companies/organizations. If you have a need for your own cloud solution or you are looking for alternative to Dropbox, Google Drive or SkyDrive – you should give it a try!

Tags: How to make own cloud drive with Codeigniter

How to disable directory browsing globally on whole WHM/cPanel server

To disable directory browsing/listing on whole server, follow these simple instructions:

1. Log into WHM
2. Service Configuration –> Apache Configuration
3. Global Configuration
4. Scroll down to Directory ‘/’ Options
5. Un-tick Indexes option (see picture)
6. Then press Save button below
7. Finally, rebuild by clicking rebuild apache conf button and that’s it…

How to disable directory browsing globally on whole WHM-cPanel server

 


How to install IonCubeLoader without recompiling apache

There are two ways to install IonCubeLoader on cPanel. The standard way includes recompiling Apache using EasyApache from WHM (or shell) and it takes 10-30 minutes to complete and results in Apache restart in the end.

But there’s also a quick way: just login to SSH and execute this command, wait a minute and that’s it!

/scripts/phpextensionmgr install IonCubeLoader

Ping returns unknown host

If your server returns unknow host errors when you try to ping some website, or wget returns unable to resolve host address, it’s most probably that you don’t have a valid DNS settings in /etc/resolv.conf

wget: unable to resolve host address downloads.sourceforge.net
ping: unknown host downloads.sourceforge.net

If you’r host didn’t provided their nameservers that you can use – you can use one provided by OpenDNS.net.
All you need to do is edit file /etc/resolv.comf and add their nemeservers into the file:

nameserver 208.67.220.220
nameserver 208.67.222.222

Save the changes and you’re ready to go!
(No need to restart anything)


Disk space usage showing 0 Mb on VPS

I have just installed a cPanel on new VPS account but it’s simply not showing any disk usage even with quoatas turned on. I have tried running /scripts/fixquotas but it didn’t help and it returned error: quotacheck: Cannot find filesystem to check or filesystem not mounted with quota option..

To make cPanel calculate disk usage you need to execute following commands:

touch /home/quota.user
touch /home/quota.group
chmod 600 /home/quota.user
chmod 600 /home/quota.group
quotacheck -acugvm

The result of the last command should look something like this:

quotacheck: Your kernel probably supports journaled quota but you are not using it. Consider switching to journaled quota to avoid running quotacheck after an unclean shutdown.
quotacheck: Scanning /dev/sda [/] done
quotacheck: Cannot stat old user quota file: No such file or directory
quotacheck: Old group file not found. Usage will not be substracted.
quotacheck: Checked 22164 directories and 750401 files
quotacheck: Old file not found.

By now it should work already but just to make sure execute quotas one more time

/scripts/fixquotas -force

That’s it!


FLV streaming using Apache + WHM/cPanel

Streaming FLV files with Apache + mod_flvx has never been easier. Setup your web server to stream FLV files using Apache in just 3 minutes.

cd /usr/local/src
wget http://people.apache.org/~pquerna/modules/mod_flvx.c
apxs -cia mod_flvx.c

If your system can’t find apxs locate it using

which apxs

You’ll get something like /usr/bin/apxs as result – that’s the path to it – you need it for next step

And then use full path to apxs to compile (for example):

/usr/bin/apxs -cia mod_flvx.c

Non WHM/cPanel users
Should now add those two lines into httpd.conf:

LoadModule flvx_module modules/mod_flvx.so
AddHandler flv-stream .flv

and simply restart Apache using:

service httpd restart

WHM/cPanel users
Should use Include Editor since any changes made to httpd.conf will be lost in case of rebuilding apache.
So login to WHM and go to Apache Configuration -> Include Editor -> Pre Main Include -> All Versions and in the box that appears copy/paste following two lines and after saving that confirm Apache restart.

LoadModule flvx_module modules/mod_flvx.so
AddHandler flv-stream .flv

Here are a few pictures for newbies so they can find their way trough more easily:

1. Apache Configuration
2. Include Editor
apache include editor whm cpanel

3. Locate PreMain Include – select All Versions
4. Copy/paste those two lines and press Update (then confirm Apache reload)
apache include editor whm cpanel

Setting up the player
If you use JW Player (that I strongly recommend) you need to set provider to value http.
jwplayer provider http
Visit JW Player setup wizard to easily install JW Player on your site.

MP4 Streaming using Apache
To learn how to setup MP4 streaming using Apache click here

Tags: apache flv streaming

Solution for yum problems on new CentOS 6 + WHM installations

Recently I discovered problems trying to install anything using yum on new servers based on CentOS 6 (64-bit) + WHM/cPanel. I was trying to install subversion using yum:

yum install subversion

And I was getting following output:

Error: Package: subversion-1.6.11-7.el6.x86_64 (base)
           Requires: perl(URI) >= 1.17
 You could try using --skip-broken to work around the problem
** Found 5 pre-existing rpmdb problem(s), 'yum check' output follows:
bandmin-1.6.1-5.noarch has missing requires of perl(bandmin.conf)
bandmin-1.6.1-5.noarch has missing requires of perl(bmversion.pl)
bandmin-1.6.1-5.noarch has missing requires of perl(services.conf)
exim-4.77-1.x86_64 has missing requires of perl(SafeFile)
frontpage-2002-SR1.2.i386 has missing requires of libexpat.so.0

And I would get that trying to install just about anything with yum or by calling yum check.

To solve this problem you will have to open /etc/yum.conf for editing and to locate perl* in exclude= line and remove it (just perl* part). Now install anything by running the yum install package_name it will solve all those problems that you had! Once the installation is done and problems are solved, don’t forget to put perl* back to /etc/yum.conf in exclude= list!

Tags: frontpage-2002-sr1 2 i386 has missing requires of libexpat so 0, bandmin-1 6 1-5 noarch has missing requires of perl(bandmin conf), ** found 29 pre-existing rpmdb problem(s) \yum check\ output follows:

How to format and mount second hard drive on Linux

If you have two hard drives you can mount second hard drive to be used for (cPanel/WHM) backups or for hosting more sites. The hard drives must not be in any kind of Raid setup. Process of partitioning, formatting and mounting is quite simple.

First check what disk drives do you have. Usually disk drives on Linux are named /dev/sda (first HDD), /dev/sdb (second HDD) or something similar.
You can get a list of disk drives in system using this command

fdisk -l | grep '^Disk'

The output should be something like this:

Disk /dev/sdb: 500.1 GB, 500107862016 bytes
Disk /dev/sda: 500.1 GB, 500107862016 bytes

So those are two 500 GB hard drives…

If you execute command like the one below you’ll get more detailed preview of your hard discs and their partitions:

fdisk -l

Output should looks like this:

Disk /dev/sdb: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x1c7e861c

Disk /dev/sdb doesn't contain a valid partition table

Disk /dev/sda: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00080071

Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1          14      104448   83  Linux
/dev/sda2              14         144     1048576   82  Linux swap / Solaris
/dev/sda3             144       60802   487232512   83  Linux

You should notice that second hard disk (/dev/sdb) has no partition and that probably means that it’s un-partitioned yet.

So let’s make the partition on /dev/sdb by executing

fdisk /dev/sdb

and then use following in the prompt
– “n” for new partion
– “p” for primary partition
– “1” for the first partition
– “Enter” / “Enter” for the first AND last cylinders (automatically use the entire disk)
– “w” to save what I have done

That has created and saved new partition and it will be called /dev/sdb1 (first partition on /dev/sdb). Next step is to format it.

mkfs.ext3 /dev/sdb1

On newer distributions (CentOS 6.3 for eg) use this command to format a new partition.

mkfs -t ext3 /dev/sdb1

If you want to use this hard disk for backup make /backup folder or if you want to use it to store more sites make new home folder called /home2

mkdir /backup
mkdir /home2

Now just mount the backup partition or the new home partition

mount /dev/sdb1 /backup
mount /dev/sdb1 /home2

Now you can use the additional hard drive for cPanel/WHM backups or storing new sites. cPanel should automatically detect /home2 and should ask you whether you like to setup new account on /home or at /home2.

If you want the partition to auto mount on server (re)boot edit fstab file located at /etc/fstab and add one of following lines at the bottom of it depending if you for /backup folder or the line below for /home2 folder:

/dev/sdb1   /backup   ext3   defaults   0   0
/dev/sdb1   /home2    ext3   defaults   0   0

Note: After adding one of these lines press add one more empty line below since fstab requires the new line symbol at the end of every config line. Before you issue the following command, be aware that this re-mounts ALL Filesystems, and will more than likely disconnect most other users

To make sure this mounts automatically, issue the following command:

mount -a

If you got no errors – your mount worked, try df -h once more to see if everything is fine.


Sysctl.conf hardening

The purpose of syctl hardening is to help prevent spoofing and dos attacks. This short guide will show what I have found to be a good configuration for the sysctl.conf configuration file. The most important of the variables listed below is the enabling of syn cookie protection. Only place the bottom two if you do not want your server to respond to ICMP echo, commonly referred to as ICMP ping or just ping requests.

Open /etc/sysctl.conf for editing in your favorite text editor:

pico -w /etc/sysctl.conf

And simply copy/paste this into the file replacing any existing values:

#Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.

# Disables packet forwarding
net.ipv4.ip_forward=0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Disables the magic-sysrq key
kernel.sysrq = 0

# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15

# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800

# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0

# Turn off the tcp_sack
net.ipv4.tcp_sack = 0

# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0

# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1

# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024

# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000

# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536

After you make the changes to the file you need to run

/sbin/sysctl -p 

and

sysctl -w net.ipv4.route.flush=1

to enable the changes without a reboot.

Notes
– Make sure that eth0 is your primary interface. If it is not replace eth0 with eth1 in the code below.
– Make sure you have backup of your original syctl.conf file before making any changes
– These settings might be old (outdated) or wrong for your system setup. Use them at your own risk!

Continue Reading

Tags: sysctl conf, accept_source_route, net ipv4 conf all rp_filter, sysctl hardening, net ipv4 conf default rp_filter, Sysctl confhardening|GeekTipsnTricks, sysctl conf hardening

How to change proftp FTP password from SSH shell

Today I have got a request from a client that has a server with no control panel on it to change one ftp password. Server is using proftpd as it’s ftp server. This is really easy task to do if proftp is setup by default and uses /etc/passwd for storing it’s passwords.

If you know username all you need to do is type in

passwd USERNAME

(replace USERNAME with actual username), enter new password two times and you’re done.

If you however don’t know the username (and that can happen too) you can open /etc/passwd file and try and locate it in there.

Tags: proftpd change password, proftpd change user password, change proftpd password, proftpd password change, change ftp password proftpd, change password proftpd, proftpd default password