Skip to main content

Posts

Showing posts from 2020

CRON Jobs

In Sentora Environment, CRON Jobs can be run using Root Level Crons or Sentora Crons. If it is a system level command like restarting services or backup outside the root, then system level cron should be used. For running php scripts like sending daily summary, mailing database backup, etc then Sentora cron should be used.
Post a Comment
Read more

Hardening & Crash Protecting CentOS + Sentora Server

It often happens that database or dns of a server fails and the sites hosted in it stop working. A server reboot or a start of the service brings things to normal. This can be stopped by server hardening as attacks are a prime reason for overloading and crashing of services. Hardening is delat in this article. However, services may stop for internal reasons too. So we will add a cron job that will check for service status and start it if it is crashed due to any reason. List all services and their status systemctl list-unit-files (exit by ctrl+c) Common services APACHE - httpd DATABASE - mariadb or mariadb.service DNS - named or named.service service named status Auto Recovery 1. Create a file named.bash #!/bin/bash service=mariadb if (( $(ps -ef | grep -v grep | grep $service | wc -l) != 2 )) then echo $(ps -ef | grep -v grep | grep $service | wc -l) echo "$service is running!!!" #else #systemctl start named.service fi
Post a Comment
Read more

Installing SSL in a Site in Sentora / Cent OS

In Console yum install certbot python2-certbot-apache mod_ssl openssl (If it shows any error, then  yum install epel-release and run above command again) THIS WAS NOT REQUIRED WHEN I WORKED ON CSMCL.IN. So this step can be dropped. Comment listen 443 to #listen 443 in  /etc/httpd/conf.d/ssl.conf using NANO (Still to figure out if above line is mandatory or not. Will check when installing it in third server) THERE ARE 2 DASHES BEFORE APACHE BELOW. certbot –apache for enabling ssl in all sites on the server certbot –apache –d domain1 –d domain 2 for enabling ssl on selected domains if it fails, use certbot -d domain1 -d domain2  (using -apache causes issue in some systems) Rest is fully automatic Later Check certs certbot certificates One click renew all expiring certs certbot renew /// In case you have to delete a cert certbot revoke -- cert - path / etc / letsencrypt / live / CERTNAME / cert . pem certbot delete --...
Post a Comment
Read more