Pluggable Authentication Module (PAM) handle the authentication tasks of applications/services on the Linux system. In other words, it allows us to configure how applications use authentication to verify the identity of a user. In this article, we are mainly dealing with the configuration file format. The PAM configuration files are located under the directory /etc/pam.d/ which describes the authentication procedure for an application. Each file in this directory has the same name as the application for which the module provides authentication. /etc/pam.conf was the configuration file used in earlier versions …
CloudLinux is one of the widely used Operating System nowadays due to the high-level stability and advanced server security it provides, which makes it the first preference for hosting providers, especially in a shared hosting environment. LVE (Lightweight Virtual Environment) is a kernel-level technology developed by the CloudLinux team. It is lightweight and transparent. The goal of LVE is to make sure that no single website can bring down your web server. The kernel makes sure that all LVEs get a fair share of the server’s resources, and that no …
The Network File System (NFS) was originally developed by SUN Micro-systems that allows communications between Linux/Unix systems. It allows you to mount your local file systems over a network and remote hosts or clients to interact with them as they are mounted locally on the same system. Benefits >> Central Data Management. >> Allows local access to remote files transparently. >> Very good for local or reliable connections Important NFS configuration file /etc/exports : All files and directories which need to be exported are defined in this which is located …
Security researchers identified a new OpenSSL vulnerability, called DROWN( Decrypting RSA with Obsolete and Weakened Encryption ) on March 2016. This attack was focused on servers that use the more secure TLS protocol, which also supports the obsolete SSLv2.This vulnerability allows an attacker to decrypt the highly secured TLS encrypted communication if the server houses SSLv2 cipher support. DROWN was assigned the CVE-2016-0800 id by the us-nert on the march (https://www.us-cert.gov/ncas/bulletins/SB16-067 ). More than 11 million websites that use TLS were vulnerable to DROWN attack. If your website is protected …
Kibana: Complete Guide to Installation, Configuration, and Data Visualization
Kibana is an open-source analytics and visualization platform designed to work with Elasticsearch. It enables users to search, analyze, monitor, and visualize log and time-series data through interactive dashboards, charts, and graphs. Kibana acts as the visualization layer of the ELK Stack (Elasticsearch, Logstash, Kibana), allowing teams to transform raw machine data into meaningful insights. What is Kibana? Kibana is a web-based interface used for: It communicates directly with data stored in Elasticsearch indices and presents information visually using charts, maps, graphs, and dashboards. Kibana can be deployed: Prerequisites Before …
DDoS has emerged as a choice of weapon for hackers. DDoS attackers not only use it to target individual websites and servers of the network, but also subdue the network itself. The growing dependency and usage of the Internet, makes the impact of successful DDoS attacks more challenging for service providers and other enterprises, costing them thousands of money lost in revenue and productivity. DDoS attackers employ much sophisticated spoofing techniques and protocols day by day and it has become essential to develop a solution that has been designed to …
The Zend OpCache provides faster PHP execution through opcode caching and optimization. It improves PHP performance by storing precompiled script bytecode in the shared memory. Installing Zend OPCache on PHP 5.3 or 5.4 1. Login to SSH on your server 2. Type the following commands: #cd /usr/local/src #wget http://pecl.php.net/get/ZendOpcache # to get the latest (master) build do the following instead:
Icinga is a fork of Nagios monitoring system. There are lots of changes and upgrades compared to Nagios, especially in version 2. The main visible difference is UI which is built on ext js. Other significant differences are in hosts and services definitions. Icinga2 designed to monitor large complex environments. Pre-requisites We need to make sure to install a LAMP stack and epel repository on the CentOS7 server for other dependency application which will support icinga2 . Icinga2 will collect the service information based on the monitoring plugins, so we …
The Manage External Authentications interface in WHM allows you to manage the OpenID Connect-compliant identity providers that your server’s users can use to log in to cPanel, WHM, or Webmail. Today let see the common external authentication techniques available with cPanel and how to enable/disable these features : 1] External Authentication Via cPanelID -> Steps for enabling and disabling WHM authentication via cPanelID as follows. Configuring The External Authentication Via cPanelID -> Log into WHM as root -> Navigate to Security Center >> Manage External Authentications
Nowadays, brute force attacks on servers/websites are frequent. A brute force attack is generally a password-guessing technique. It is a type of attack that tries every possible combination of characters or data in order to find the decrypted message. Brute force guarantees finding the key – it tries every possible combination and does not rely on any potentially incomplete dictionaries or lists of possible keys. cPHulk Brute Force Protection is an inbuilt protection used in WHM to prevent brute force attacks. cPHulk Brute Force Protection will detect and block continuous failed …