Network File System ( NFS ) on CentOS 6

The Network File System (NFS) was originally developed by SUN Micro-systems that allows communications between Linux/Unix systems. It allows you to mount your local file systems over a network and remote hosts or clients to interact with them as they are mounted locally on the same system.

nfs1

Benefits

>> Central Data Management.
>> Allows local access to remote files transparently.
>> Very good for local or reliable connections

Important NFS configuration file

/etc/exports : All files and directories which need to be exported are defined in this which is located in server.

Setup

Need to have two CentOS systems :
NFS Server
NFS Client     

Server

yum install nfs-utils nfs-utils-lib
chkconfig –levels 235 nfs on
service nfs start

Here we are going to share the /home directory in the server using NFS. To share this we need to add this directory to be shared and the details of how it is shared in /etc/exports file.

vi /etc/exports

Here we are going to add the below line in the above file

/home           192.168.0.xx(rw,sync,no_root_squash,no_subtree_check)

rw : This allows the client to read and write in the shared directory
sync : Sync confirms requests to the shared directory only once the changes have been committed.
no_root_squash : This allows /home accessed as root.
no_subtree_check : This option prevents the subtree checking. When a shared directory is the subdirectory of a larger filesystem, nfs performs scans of every directory above it, in order to verify its permissions and details. Disabling the subtree check may increase the reliability of NFS, but reduce security.

Once you entered the above entry, we need to export them by using below command.

exportfs -a

Note : We need to run this command for every update we make in the /etc/exports file.

exportfs -r

Client

yum install nfs-utils nfs-utils-lib

Then we need to create a directory in client system where we want to mount NFS shares. For e.g.:

mkdir /mnt/nfsshare

We can see the available list of NFS shares using :

showmount -e <server_ip or hostname>

For mounting :

mount <server_ip>:/home  /mnt/nfsshare

We can check whether the directory is mounted by :

df -h

We can additionally verify it using:

mount | grep nfs

For mounting NFS shares at boot time.

vi /etc/fstab

Now enter the following line in above file:

<server_ip>:/home  /mnt/nfs/home   nfs      rw,sync,hard,intr  0     0

To unmount NFS shares:

umount /mnt/nfsshare

Testing

Client :

touch /mnt/nfsshare/hello.txt

Server :

ls /home

You will be able to see the hello.txt file in the above location.

Zend OpCache

The Zend OpCache provides faster PHP execution through opcode caching and optimization. It improves PHP performance by storing precompiled script bytecode in the shared memory.

Installing Zend OPCache on PHP 5.3 or 5.4

1. Login to SSH on your server

2. Type the following commands:

#cd /usr/local/src

#wget http://pecl.php.net/get/ZendOpcache

# to get the latest (master) build do the following instead:

Continue reading…

External Authentication Techniques Available With cPanel

The Manage External Authentications interface in WHM allows you to manage the OpenID Connect-compliant identity providers that your server’s users can use to log in to cPanel, WHM, or Webmail.

Today let see the common external authentication techniques available with cPanel and how to enable/disable these features :

1] External Authentication Via cPanelID

-> Steps for enabling and disabling WHM authentication via cPanelID as follows.

Configuring The External Authentication Via cPanelID

-> Log into WHM as root

-> Navigate to Security Center >> Manage External Authentications Continue reading…

Configuring cPHulk via WHM & command line

Now-a-days Brute force attacks to servers/websites are frequent. Brute force attack is generally a password guessing technique. It is a type of attack in which trying every possible combination of characters or data in order to find the decrypted message. A brute force guarantees finding the key – it’s trying every possible combination and does not rely on any potentially incomplete dictionaries or lists of possible keys.

cPHulk  Brute force Protection is an inbuilt protection used in WHM for preventing brute force attack. cPHulk Brute force Protection  will detect and will block continuous failed login IP address.

cPHulk is a brute force protection system developed by the cPanel team and is exclusive to cPanel / WHM control panels. It has been integrated with cPanel version 11. With cPHulk, you can set a threshold for authentication attempts on services like POP3, cPanel, WHM, FTP, etc. After a certain amount of attempts, the attacker will no longer be able to authenticate

We can enable/disable cPhulk via WHM and command line. Continue reading…