Skip to main content

Hardening & Crash Protecting CentOS + Sentora Server

It often happens that database or dns of a server fails and the sites hosted in it stop working. A server reboot or a start of the service brings things to normal.

 This can be stopped by server hardening as attacks are a prime reason for overloading and crashing of services. Hardening is delat in this article.

 However, services may stop for internal reasons too. So we will add a cron job that will check for service status and start it if it is crashed due to any reason.

 List all services and their status

 systemctl list-unit-files (exit by ctrl+c)

 Common services

 APACHE - httpd

 DATABASE - mariadb or mariadb.service

 DNS - named or named.service

 service named status

 Auto Recovery

 1. Create a file named.bash
#!/bin/bash
service=mariadb

 if (( $(ps -ef | grep -v grep | grep $service | wc -l) != 2 ))
then
echo $(ps -ef | grep -v grep | grep $service | wc -l)
echo "$service is running!!!"
#else
#systemctl start named.service

fi

Comments

Post a Comment

Popular posts from this blog

WhatsApp for Windows stuck in Fullscreen

In case your whatsapp for windows is stuck in fullscreen, close Whatsapp and open the following file. C:\Users\ username \AppData\Roaming\WhatsApp\settings.json where username is your login ID in windows. The file can be opened with Notepad or any text editor. Change "isFullScreen":true to "isFullScreen":false Save the file and start WhatsApp. Now you can change the size of the window. (If required, you can change the size of whatsapp window from the json file too.
Post a Comment
Read more

Installing SSL in a Site in Sentora / Cent OS

In Console yum install certbot python2-certbot-apache mod_ssl openssl (If it shows any error, then  yum install epel-release and run above command again) THIS WAS NOT REQUIRED WHEN I WORKED ON CSMCL.IN. So this step can be dropped. Comment listen 443 to #listen 443 in  /etc/httpd/conf.d/ssl.conf using NANO (Still to figure out if above line is mandatory or not. Will check when installing it in third server) THERE ARE 2 DASHES BEFORE APACHE BELOW. certbot –apache for enabling ssl in all sites on the server certbot –apache –d domain1 –d domain 2 for enabling ssl on selected domains if it fails, use certbot -d domain1 -d domain2  (using -apache causes issue in some systems) Rest is fully automatic Later Check certs certbot certificates One click renew all expiring certs certbot renew /// In case you have to delete a cert certbot revoke -- cert - path / etc / letsencrypt / live / CERTNAME / cert . pem certbot delete --...
Post a Comment
Read more

CRON Jobs

In Sentora Environment, CRON Jobs can be run using Root Level Crons or Sentora Crons. If it is a system level command like restarting services or backup outside the root, then system level cron should be used. For running php scripts like sending daily summary, mailing database backup, etc then Sentora cron should be used.
Post a Comment
Read more