Tag Archives: linux

How to configure remote log servers with rsyslog?

Rsyslog is an open-source software utility used on UNIX and Unix-like computer systems for forwarding log messages in an IPnetwork. It implements the basic syslog protocol, extends it with content-based filtering, rich filtering capabilities, queued operations to handle offline outputs,[2] support for different module outputs,[3] flexible configuration options and adds features such as using TCP for transport.

Configuration:

pico /etc/rsyslog.conf

Uncomment

# provides UDP syslog reception module(load="imudp") input(type="imudp" port="514")
Code language: PHP (php)

Add

# # Include all config files in /etc/rsyslog.d/ # $IncludeConfig /etc/rsyslog.d/*.conf if $fromhost-ip startswith '10.20.26.5' then /var/log/switch-10-20-26-5.log if $fromhost-ip startswith '10.20.6.12' then /var/log/switch-10-20-6-12.log if $fromhost-ip startswith '10.20.' then /var/log/switches.log
Code language: PHP (php)

Restart

/etc/init.d/rsyslog restart

Configure the remote switch maybe (like cisco sg300 or cisco 2960 or other)
with log server (the IP of your Linux machine) UDP port 514 Facility Local 7 Description if you like and minimum Severity Notice
If you want to access the logs with apache

chmod -R go+rX /var/log/
Code language: JavaScript (javascript)

Here is a simple php script for apache /var/www/html/log.php

<?php $output = shell_exec('tac /var/log/switches.log'); echo "<pre>$output</pre>"; ?>
Code language: HTML, XML (xml)

.tar.gz /var/www and vardump mysql database and scp ssh to another server – simple backup solution

First things first. With this small and simple tar command we archive all our /var/www/ data.

tar -zcvf archive.tar.gz /var/www
Code language: JavaScript (javascript)

Now we dump the MySQL database with the next command.

mysqldump -u root -p databasename > /root/backupname.sql
Code language: JavaScript (javascript)

You will be asked to write the password for the database user (in this case root).

scp archive.tar.gz root@destinationserver:/root scp /root/backupname.sql root@destinationserver:/root

Again you will be asked twice for the password of the remote server but all your sensitive data will be saved there.
Again this is a very simple and just a small demonstration of what you can do with tar, scp and ssh.

How to block ip addresses and protect files and folders with apache and .htaccess in ubuntu?

In this tutorial we are going to create block list for our website so that IP addresses that we know are bad can’t connect to our server. Also we are going to protect files that we don’t want to be opened by other people online.

First we edit 000-default.conf and make the needed changes:

<code>pico /etc/apache2/sites-enabled/000-default.conf</code>
Code language: Bash (bash)
<VirtualHost *:80> <Directory /var/www/html> Options Indexes FollowSymLinks MultiViews AllowOverride All Require all granted </Directory> ServerName www.webleit.info ServerAdmin your@mail.com DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf </VirtualHost>
Code language: Apache (apache)

Now we havo to create a .htaccess file and put ip addresses to be blocked and files to be protected:

order allow,deny deny from 91.247.38.54 deny from 91.247.38.55 deny from 91.247.38.57 deny from 198.15.180.240 deny from 67.229.79.154 deny from 188.120.229.212 deny from 85.128.142.38 allow from all # Protect the htaccess file <Files .htaccess> Order Allow,Deny Deny from all </Files> # Protect functions.php <Files functions.php> Order Allow,Deny Deny from all </Files> # Protect header.php <Files header.php> Order Allow,Deny Deny from all </Files> # Protect footer.php <Files footer.php> Order Allow,Deny Deny from all </Files> # Protect snowstorm.js <Files snowstorm.js> Order Allow,Deny Deny from all </Files>
Code language: Apache (apache)

How to check the installation date of your linux operating system?

Have you ever wondered when did you installed your operating system? Was a year ago or maybe two, three who knows right? Well, linux is a smart system and knows everything for itself! You can open the terminal, write a simple command and the answer is going to be in front of you. So lets do it open the terminal and type:

sudo dumpe2fs /dev/sda1 | grep 'Filesystem created:'
Code language: Bash (bash)

You are going to see something like:

root@ro22proxy3:~# sudo dumpe2fs /dev/sda1 | grep 'Filesystem created:' dumpe2fs 1.42.13 (17-May-2015) Filesystem created: Tue May 9 13:24:21 2017
Code language: Bash (bash)

So our operating system was installed in May 2017 and we even have the date and exact time… May 9 13:24:21.

So thats it in one single command we found the full information about are operating system installation date.