Once you are completed with your website designing and development procedure you need to publish it on server so that your website would be accessible form any part of worldwide. If you are hosting it on windows hosting platform you have different ways using which you can publish it like … using FTP, using Plesk control File Manager and through Adobe Dreamweaver / Microsoft Frontpage software. Among these FTP is widely used by all webmasters as its easier to used as compare to other options.

Once you have completed with designing and development part and have added domain in Plesk control panel of your windows hosting account then you need to follow following procedure for publishing website.

Publishing Sites using FTP:

Once you sign up with any web hosting service provider you would get server login details using which you can connect to your hosting account.

Once all required web files and image files are uploaded under specific directory, you need to close FTP session and need to crosscheck if your website is running fine and all files and images are displayed properly.

Thus you are done with publishing your website using FTP.

As a part of server administrations usually system administrator would run FSCK on server if they found there is some problem with file system and want to get it repaired, but unfortunately when you fire FSCK command on your Linux Server it may take several hours to get completed.

FSCK runs automatically at boot time when the server detects that a file system is in an inconsistent state, due to non-graceful shutdown, such as a system crash or power loss forcing your machine to switch-off. As a system administrator you can also run FSCK manually to check for file consistency.

Its always suggested to have ReiserFS or ext3 filesystems for your Linux server as both are journaling filesystems and are much reliable filesystems which can tolerate accidental power loss affecting your file systems of your server.

Time required for completing FSCK for a drive is directly proportional to drive size, server speed and amount/type of data on the drive which needs to be scanned and fixed, thus server with advance processor and fast speed would help you to reduce FSCK processing time.

Following steps will allow only selected users in particular group to run GET command on the server :

Step 1:- Create a group on the server

Code:

]# groupadd getgrp

Step 2:- Give execute permission to group

Code:

]# chmod 750 /usr/bin/GET

Step 3:- Add this group to GET file.

Code:

]# chown root.getgrp /usr/bin/GET

Step 4:- To check the permission of GET

Code:

]# ll -ld /usr/bin/GET

Step 5:- Now if you need to add the user to getgrp so that he gets execute permission on GET. Also getgrp should be secondary group of that user. Let the user be myuser1.

Code:

]# gpasswd -M myuser1 getgrp

Step 6:- To check if the user is added

Code:

]# cat /etc/group | grep getgrp

Step 7:- But if you want to add another user say myuser2 then please make sure that you mention both the user in your command as :

Code:

]# gpasswd -M myuser1,myuser2 getgrp

If you don’t mention both the user, this command will replace all the users with the user mentioned in your command. You should always run the cat command before adding any user so that you know how many users are already added. Or you can just edit the /etc/group file and add the user in the getgrp line.

The above steps will allow only root, myuser1 and myuser2 to execute GET command, all other will be denied.

Please note that path to GET may vary with the OS.

How can I run Rootkit Hunter every day?

You can create a cronjob script like this:

=========== /etc/cron.daily/rkhunter ====================
#!/bin/sh
(
/usr/local/bin/rkhunter –versioncheck
/usr/local/bin/rkhunter –update
/usr/local/bin/rkhunter –cronjob –report-warnings-only
) | /bin/mail -s ‘rkhunter Daily Run’ root
================================================== =======

You must be at ver 1.2.8 to use the report warnings only funtion.

How do I install Rootkit Hunter?

Download the gzipped tarball, extract it and run the installation script.

download:
# wget http://downloads.rootkit.nl/rkhunter-1.2.8.tar.gz
Note: It doesn’t matter where you save the tarball

extract:
# tar zxf rkhunter-1.2.8.tar.gz

installation:
# cd rkhunter
# ./installer.sh

This tutorial is for Web Server Administrators who administer Web Server.

Rules for Apache 2.x for better Security !

P.S: you must have Apache 2.x and Modsecurity_2 Installed

Step 1:- Downloading the Rules file

Code:

cd /etc
wget http://hyperois.com/files/modsec2_rules.tar.gz

Step 2:- Uncompress files

Code:

tar -xzvf modsec2_rules.tar.gz

Step 3:- Edit modsec2.conf

Code:

vi /usr/local/apache/conf/modsec2.conf

Step 4:- Copy and Paste this rules into your modsec2.conf

Code:

<IfModule mod_security2.c>
SecRuleEngine On
# “Add the rules that will do exactly the same as the directives”
# SecFilterCheckURLEncoding On
# SecFilterForceByteRange 0 255
SecAuditEngine RelevantOnly
SecAuditLog logs/modsec_audit.log
SecDebugLog logs/modsec_debug_log
SecDebugLogLevel 0
SecDefaultAction “phase:2,deny,log,status:406″
SecRule REMOTE_ADDR “^127.0.0.1$” nolog,allow
Include “/usr/local/apache/conf/modsec2.user.conf”

SecServerSignature “Rules Powered By HyperOIS.com”

#First, add in your exclusion rules:
#These MUST come first!
Include /etc/modsecurity/exclude.conf

#Application protection rules
Include /etc/modsecurity/rules.conf

#Just in Time Patches for Vulnerable Applications
Include /etc/modsecurity/jitp.conf

#Comment spam rules
Include /etc/modsecurity/blacklist.conf

#Bad hosts, bad proxies and other bad players
Include /etc/modsecurity/blacklist2.conf

#Bad clients, known bogus useragents and other signs of malware
Include /etc/modsecurity/useragents.conf

#Known bad software, rootkits and other malware
Include /etc/modsecurity/rootkits.conf

#Additional rules for Apache 2.x ONLY! Do not add this line if you use Apache 1.x
Include /etc/modsecurity/apache2-rules.conf

</IfModule>

Step 5:- Save and exit the file by clicking escape then typing

Code:

:wq

Step 6:- Lets apply the new setting by restarting Apache

Code:

services httpd restart

or

Code:

/etc/init.d/httpd restart

Note: Please don’t disable the Windows Firewall unless and until you have the other appropriate firewall software installed on your system

There are mainly three methods for disabling the Windows Firewall. The first method is for any user with administrative privileges on an individual machine not remotely or collectively managed in any way. The other two methods are for use windows Administrators on fully managed systems or Windows Servers.

1) Using the Control Panel

This method is for any user with administrative access to unmanaged systems

1. From the Start menu, select Control Panel, then select Windows Firewall.
2. Select Off, then click Ok.

2) Using Local Policy

This method is for administrators with administrative access to unmanaged systems or locally managed systems where the machine is not part of a Windows 2000 or higher domain.

Go to Start menu >> select Run, here enter gpedit.msc.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.

3) Using Group Policy

This method is for administrators with administrative access to managed machines that are part of a Windows 2000 or 2003 Active Directory domain.

Create a new Group Policy object, and give the object a descriptive name (for example, ITS-Turn off Windows Firewall).
Select the newly created group policy.
Right-click on the newly created policy and select Edit.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.
In the Security Filter section, click Add.
Search for the objects that this group policy will be applied to, then click OK.
Close the Group Policy editor.

Hello,

The process of booting a Linux system consists of a number of stages as follows

1) BIOS

2) Master Boot Record (MBR)

3) LILO or GRUB

4) Kernel

5) init

6) Run Levels

The process of booting a Linux system consists of a number of stages

1)BIOS: Basic Input/Output System is the lowest level interface between the computer and peripherals which load boot sector from one of following devices

Floppy
CDROM
Hard drive

The boot order can be changed from within the BIOS. BIOS setup can be entered by pressing a del ,F1 , F2, or F10 key during bootup.

2)MBR:
The first sector of the hard disk is reserved master boot record (MBR).

When we the Operating booting from a hard disk, the PC system BIOS loads and executes the boot loader code in the MBR. Here MBR needs to know which partitions on the disk have boot loader code specific to their operating systems in their boot sectors and then attempts to boot one of them.

Fedora Linux is supplied with the GRUB boot loader which is fairly sophisticated and therefore cannot entirely fit in the 512 bytes of the MBR.
The GRUB MBR boot loader merely searches for a special boot partition and loads a second stage boot loader.

This then reads the data in the /boot/grub/grub.conf configuration file, which lists all the available operating systems and their booting parameters. When this is complete, the second stage boot loader then displays the familiar Fedora branded splash screen that lists all the configured operating system kernels for your choice.

3)Boot loader (GRUB or LILO)

Lilo and Grub are installed or at the MBR (Master Boot Record), or at the first sector of the active partition.

Boot loader will ask for the OS label which will identify which kernel to run and where it is located (hard drive and partition specified). The installation process requires to creation/identification of partitions and where to install the OS. GRUB/LILO are also configured during this process. The boot loader then loads the Linux operating system.

LILO: (Linux Loader)
In case of a multi-boot config, LiLo permits the user two choose an operating system from the menu. The LiLo settings are stored at /etc/lilo.conf
-LILO does not understand filesystems
- code and kernel image to be loaded is stored as raw disk offsets
-uses the BIOS routines to load

Grub (GNU Grub Unified Boot Loader)
- Understands file systems
- config lives in /boot/grub/menu.lst or /boot/boot/menu.lst

4)Kernel
-The kernel verifies hardware configuration and initialise devices.
(optionally loads initrd, )
-The kernel tries to mount the file system and the system filesmounts root filesystem specified by lilo or loadin with root= parameter

The file system type is automatically detected. The most used file systems on Linux are ext2 and ext3. If the mount fails, a so-called kernel panic will occur, and the system will “freeze”.
System files are usually mounted in read-only mode, to permit a verification of them during the mount. This verification isn’t indicated if the files were mounted in read-write mode.

-kernel prints: VFS: Mounted root (ext2 filesystem) readonly.
* runs /sbin/init which is process number 1 (PID=1)
- init prints: INIT: version 2.76 booting
- can be changed with boot= parameter to lilo, eg boot=/bin/sh can be useful to rescue a system which is having trouble booting.

After these steps, the kernel will start init, which will become process number 1, and will start the rest of the system.

5) init process
The init process is the last step in the boot procedure and parent of all the other processes. This process is the first running process on any Linux/UNIX system, and is started directly by the kernel. It is what loads the rest of the system, and always has a PID of 1.

Init is responsible for starting system processes as defined in the /etc/inittab file.

The init process is never shut down. It is a user process and not a kernel system process although it does run as root.

Run Levels

0 halt
1 single user
2 Not used (user-definable)

3 Full multi-user mode (no GUI interface)

4 Not used (user-definable)
5 X11 Full multiuser mode (with GUI interface)
6 Reboot

Based on the selected runlevel, the init process then executes startup scripts located in subdirectories of the /etc/rc.d directory. Scripts used for runlevels 0 to 6 are located in subdirectories /etc/rc.d/rc0.d through /etc/rc.d/rc6.d, respectively.

Default is defined in /etc/inittab, eg:
o id:3:initdefault:
The current runlevel can be changed by running /sbin/telinit # where # is the new runlevel, eg typing telinit 6 will reboot.

OpenVZ uses Operating System Virtualization technology through which you can partition a single physical server into multiple small computational partitions and thus a physical server can have multiple secure isolated operating systems. Each such partition looks and feels like a real server. OpenVZ is based on Linux OS.

OpenVZ requires both the host and guest to be on Linux. OpenVZ allows to have multiple Virtual Environment (up to as many as several hundreds) on a single Hardware Node such physical server are know as Virtual Private Servers(VPS) or Virtual Environments(VE).

Each VE performs and executes exactly like a stand-alone server; VEs can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files.

Following are some important commands which are normally used while working on a Hardware Node.
# vzlist -a : Shows list of all the VPS hosted on the Node.
# vzctl start VPS_ID: To start the VPS.
# vzctl stop VPS_ID : To stop (Shut Down) the VPS
# vzctl status VPS_ID : To view the status of the [¦]
# vzctl stop VPS_ID fast : to stop the VPS quickly and forcefully
# vzctl enter VPS_ID : To enter in a particular VPS

The OpenVZ project is an open source community project supported by SWsoft

Sometimes you face the problem of bandwidth leakage, even you don’t see much traffic for your site your control panel shows heavy bandwidth usage. So you must check what is going wrong with your bandwidth.
There can be many reasons for this but first of all you should check for your images/video and take care for not being compromised or hotlinked. Some black hat webmaster tries to save their bandwidth by hotlinking files at other sites.

What is Hotlink :
When you link to an image/video on someone else’s server instead of saving that image to your computer and uploading it to your blog/site. When you do this you are stealing bandwidth of the other linking site.
When your visitor loads the page with those images, they are actually loading image/video from the other site eating up the bandwidth of that site.

Some webmaster do such unethical practices as to save their bandwidth, as they have limited amount of bandwidth allowed each month and if it get exceeded then their host may suspend their account so they play such tricks. As a webmaster we should be aware of such illegal practices and should protect us.

How to Detect The Bandwidth Thieves :
Most effective way to check who are the culprits is through checking your dedicated server logs for referrals to the images on your website. Trace the referrers in the logs to the actual referring website and check the offending web page. If you find your graphics displayed on their page, check the HTML source for that page and find out where the graphic files are hosted. If the IMG tag points to your website, it means they are using your bandwidth for their website.

How to protect yourself :
Using .htaccess, you can disallow hot linking on your server, so those attempting to link to your images are either blocked (failed request, such as a broken image) or served with different content may be with some funny image.
Note that mod_rewrite needs to be enabled on your server in order for this aspect of .htaccess to work. If you are using Wordpress, there is a hotlink protection plugin that you can install which fights bandwidth theft.

du command give you an overview of your file-directory space usage. It tell you about the space occupied by certain directory/file which may be causing overload on your server resulting in system crash or preventing users from logging-in, so for a system administrator this command is very helpful to monitor disk usage for avoiding system crashes.

You can use du sh * to know which file/directory is eating up your disk space so as to take precaution;

Simply start with du -sh * look for the biggest directory, cd into it and once again fire the command. Repeat the process until you find the particular file.

You can also use du sk * | sort n for getting sorted outputted with biggest files/directory at the bottom.

User having read permission on certain directories can only fire this command for those specific files and directories thus, an ordinary user would generally not be able to use du command to determine disk space consumption for files or directories belonging to other users.