Airzero Cloud

Next Generation Cloud !

How To Enable cPanel On Centos 7?

- Posted in Hosting by

enter image description here

When creating a new CentOS 7 server, you may identify yourself looking for control panel software that will access you to control your websites and web applications in a graphical user interface. One of the most popular web hosting control panel solutions is cPanel. This software gives you a terrific control panel interface that accesses you to manage and personalize many different views of your server in a user-friendly environment. In this blog, we will give a path on how to prepare your CentOS 7 and install cPanel on centos 7 using the command-line interface. Before running the steps in this blog, please ensure that you have set up SSH access on your server.

What is cPanel?

cPanel is a Linux control panel used to conveniently manage your hosting. The system operates constantly to a desktop application. With cPanel, you can be acting actions from a user-friendly dashboard instead of running the complex syntax. You should be careful while selecting cPanel services. You should select the best cPanel services.

What are the steps to prepare for installation:

Before you can enable cPanel on CentOS, you will first need to remove your firewall, the network manager, and SELinux.

  • The First Step is to stop the service using the below command:

    systemctl stop firewalld.service

  • The next step is to disable the server using the below command.

    systemctl disable firewalld.service

  • OK, the next step after disabling the firewall, You will need to stop the network manager service using the following command.

    systemctl stop NetworkManager

  • The next is once the service is stopped, you can disable the network manager using the below command.

    systemctl disable networkmanager

  • The next step is you will need to disable SeLinux by editing the following file with the below nano command.

    nano /etc/selinux/config

How to install Cpanel?

  • The first step is to change directly into the /home/folder with the following command.

    cd /home

  • The next step is to download the latest release of Cpanel using the below command.

    curl -o latest -L https://securedownloads.cpanel.net/latest

  • After the process finishes Cpanel should now be installed on your system.

    sh latest

Congratulations, you have successfully installed Cpanel on Centos 7.

If you have any doubts about this topic or have to get services and the best cPanel hosting services. Feel free to contact us. AIR ZERO CLOUD will be your digital solution.

enter image description here

Author - Johnson Augustine
Cloud Architect, Ethical hacker
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

What is a firewall?

A firewall is software that prevents unwanted access to a network. It inspects incoming and outgoing traffic using a set of rules to find and block problems.

Firewalls are used in both private and enterprise database settings, and many devices come with one built-in, including Mac, Windows, and Linux computers. They are widely considered a component of network security.

In addition to immediate cyber threat defense, firewalls perform important logging functions. They keep a record of events, which can be used by administrators to identify patterns and maintain rule sets. This is the important purpose of a firewall.

The Linux contains the Netfilter system, which is used to decide the way of network traffic headed into or through the server. All new firewall solutions use this system for packet filtering.

The packet filtering system would be of small use to administrators without a userspace interface to manage it. This is the job of iptables:

  • When a packet reaches your server
  • It will be given to the Netfilter subsystem for acceptance
  • Manipulation
  • Rejection based on the instructions supplied to it from userspace via iptables.

iptables is all you need to manage the firewall if you’re common with it, but many frontends are available to make the task easy.

UFW - Uncomplicated Firewall

The automated firewall tool for Ubuntu is UFW. Build to simplify iptables firewall configuration, UFW provides a user-friendly way to create an IPv4 or IPv6 host-based firewall.

UFW by default is initially disabled. From the UFW man page:

“UFW is not intended to provide full firewall functionality through its command interface, but instead provides an easy way to add or delete easy rules. It is currently mainly used for server-based firewalls.”

Below are some examples of how to use UFW:

  • The first point is, ufw needs to be enabled. From a terminal prompt enter:

    sudo ufw enable

  • To open a port :

    sudo ufw allow 22

  • Rules can also be added using a numbered format:

    sudo ufw insert 1 allow 80

  • As the same, to close an opened port:

    sudo ufw deny 22

  • To remove a rule, use delete followed by the rule:

    sudo ufw delete deny 22

It is also right to allow access from a specific server. The below example allows SSH access from host 192.168.0.2 to any IP address on this host:

sudo ufw allow proto TCP from 192.168.0.2 to any port 22
  • Replace 192.168.0.2 with 192.168.0.0/24 to allow SSH access from the entire subnet.

Adding the –dry-run option to a ufw command will extract the resulting rules, but not possible to apply them. For example, look at the below code command:

sudo ufw --dry-run allow HTTP

*filter :ufw-user-input - [0:0] :ufw-user-output - [0:0] :ufw-user-forward - [0:0] :ufw-user-limit - [0:0] :ufw-user-limit-accept - [0:0] ### RULES ###

### tuple ### allow tcp 80 0.0.0.0/0 any 0.0.0.0/0 -A ufw-user-input -p tcp --dport 80 -j ACCEPT

### END RULES ###
-A ufw-user-input -j RETURN
-A ufw-user-output -j RETURN
-A ufw-user-forward -j RETURN
-A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT]: "
-A ufw-user-limit -j REJECT
-A ufw-user-limit-accept -j ACCEPT
COMMIT`

Rules that are updated.

  • UFW can be disabled by:

    sudo ufw disable

  • To see the firewall status, enter:

    sudo ufw status

  • And for more verbose status information use:

    sudo ufw status verbose

  • Want to see the numbered format:

    sudo ufw status numbered

If the port you want to open or close is explained in /etc/services, you can use the port name instead of the given number. In the above examples, replace 22 with ssh. This is a quick referral to using ufw. ufw Application Integration.

Applications that open ports can include an ufw biodata, which details the ports needed for the application to function properly. The profiles are stored in /etc/ufw/applications.d and can be edited if the default ports have been replaced by anything else.

  • To view which applications have kept data, enter the following in a terminal:

    sudo ufw app list

  • Similar to allowing traffic to a port, using an application profile is accomplished by giving:

    sudo ufw allow Samba

  • An extended syntax is needed as well:

    ufw allow from 192.168.0.0/24 to any app Samba

  • Replace Samba and 192.168.0.0/24 with the application profile you are using and the IP range for your network. To view details about which ports, protocols, etc., are defined for an application, enter:

    sudo ufw app info Samba

Not all applications that needed opening a network port come with ufw profiles, but if you have profiled an application and want the file to be added with the package, please file a bug against the package in Launchpad.

`ubuntu-bug name of the package`

What is IP Masquerading?

The purpose of IP Masquerading is to use machines with private, non-routable IP addresses on your network to allow the Internet to use the machine doing the masquerading. Traffic from your private network aimed at the Internet must be redirected for replies to be routable back to the machine that made the request. To do this, the kernel must rebuild the IP address of each host so that replies will be routed back to it, rather than to the private address that made the request, which is even not possible over the Internet. Linux uses Tracking to view the track which communication belongs to which machines and reroute each packet constantly. Traffic leaving your private network is thus “masqueraded” as having been born from your Ubuntu gateway. This process is referred to in Microsoft documentation as Internet Connection Sharing.

What is ufw Masquerading?

IP Masquerading can be reached using custom ufw instructions. This is possible because the back-end for ufw is iptables-reassure with the instructions files located in /etc/ufw/*.rules.

These files are a perfect place to include legacy iptables rules used without ufw, and rules that are more network gateway.

The rules are classified into two different folders, rules that should be run before ufw command line rules, and rules that are run after ufw command line rules.

First, the packet directing needs to be allowed in ufw. Two configuration files will need to be balanced, in /etc/default/ufw change the DEFAULT_FORWARD_POLICY to “ACCEPT”: DEFAULT_FORWARD_POLICY="ACCEPT" Then edit /etc/ufw/sysctl.confand uncomment:

net/ipv4/ip_forward=1

Similarly, for IPv6 directing uncomment:

net/ipv6/conf/default/forwarding=1

Now add instructions to the /etc/ufw/before.rules file. The automated rules only configure the filter table and access masquerading the nat table will need to be configured. Add the below to the top of the file just after the header comments:

#nat Table rules *nat :POSTROUTING ACCEPT [0:0]

# Forward traffic from eth1 through eth0. -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE

# don't delete the 'COMMIT' line or these nat table rules won't be processed COMMIT

The comments are not really necessary, but it is considered a good exercise to document your configuration. Also, when modifying any of the rules files in /etc/ufw, make sure these lines are the last line for each table modified: # don't delete the 'COMMIT' line or these rules won't be processed COMMIT.

For each Table, a corresponding COMMIT command is needed. In these examples, only the nat and filter tables are viewed, but you can also add instructions for the raw and mangle tables.

Finally, remove and re-enable ufw to apply the changes:

sudo ufw disable && sudo ufw enable

IP Masquerading should now be enabled. You can also add any additional FORWARD rules to the /etc/ufw/before.rules. It is recommended that these additional rules be added to the ufw-before-forward chain.

How are the iptables Masquerading? iptables can also be used to allow Masquerading. Similar to ufw, the first step is to enable IPv4 packet forwarding by resubmitting /etc/sysctl.conf and disabling the following line: net.ipv4.ip_forward=1

  • If you dream to enable IPv6 forwarding also comment:

    net.ipv6.conf.default.forwarding=1

  • Next, run the sysctl command to enable the new features in the configuration file:

    sudo sysctl -p

IP Masquerading can now be completed with a single iptables instruction, which may differ slightly based on your network configuration:

sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE

The above command assumes that your personal address space is 192.168.0.0/16 and that your Internet-facing machine is ppp0. The syntax is broken down as follows:

  • -t nat – the rule is to go into the nat table
  • -A POSTROUTING – the instruction is to be appended (-A) to the POSTROUTING chain
  • -s 192.168.0.0/16 – the instruction applies to traffic originating from the specified address space
  • -o ppp0 – the instruction applies to traffic scheduled to be routed through the network device
  • -j MASQUERADE – traffic matching this instruction is to “jump” (-j) to the MASQUERADE target to be changed as described above

Also, each chain in the filter table has an automated policy of ACCEPT, but if you are building a firewall in addition to a gateway machine, you may have set the policies to DROP, in which case your masqueraded traffic needs to be accessed through the FORWARD chain for the above rule to work:

`sudo iptables -A FORWARD -s 192.168.0.0/16 -o ppp0 -j ACCEPT`

sudo iptables -A FORWARD -d 192.168.0.0/16 -m state \ --state ESTABLISHED, RELATED -I ppp0 -j ACCEPT

The above commands will enable all connections from your network to the Internet and all traffic related to those connections to return to the machine that initiated them.

If you want to masquerade to be enabled on restart, which you probably do, edit /etc/rc.local and add commands used above. For example, add the first command with no filtering:

iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE

What are firewall Logs?

Firewall logs are very essential for recognizing attacks, troubleshooting your firewall rules, and noticing unwanted activity on your network. You must include logging instructions in your firewall for them to be made, though, and logging instructions must come before any applicable terminating rule.

If you are using ufw, you can turn on logging by adding the following in a terminal:

sudo ufw logging on

To turn logging off in ufw, simply replace on with off in the above command. If u are accessing iptables instead of ufw, enter:

sudo iptables -A INPUT -m state --state NEW -p tcp --dport 80 \ -j LOG --log-prefix "NEW_HTTP_CONN:"

A request on port 80 from the machine, then, would generate a log in dmesg that looks like this :

[4304885.870000] NEW_HTTP_CONN: IN=lo OUT=
MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00
SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=58288 DF PROTO=TCP
SPT=53981 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0

The above log will also be viewed in /var/log/messages, /var/log/syslog and /var/log/kern.log. This attitude can be modified by editing /etc/syslog.conf

appropriately or by installing and configuring ulogd and using the ULOG aims instead of LOG. The ulogd daemon is a userspace server that listens for logging rules from the kernel specifically for firewalls and can log to any folder you like, or even to a PostgreSQL or MySQL database. Making sense of your firewall logs can be made little by using log analyzing tools such as logwatch, fwanalog, fwlogwatch, or lire.

If you have any questions about this topic or have to get services and server administration services. Feel free to contact us. Always AIRZERO CLOUD will be your strong firewall.

Email id: [email protected]

enter image description here

Author - Johnson Augustine
Cloud Architect, Ethical hacker
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

What is Hyper-V?

Hyper-V is Microsoft’s virtualization platform which enables administrators to make better use of their hardware by virtualizing different operating systems to run off the same physical server constantly.

With Hyper-V, you can virtualize operating systems in the data center on your desktop and most everything in between. It is also a perfect tool for programmers that want a safe sandbox to test the software.

Microsoft Hyper-V can be installed and run on desktops Windows, or on servers running Windows Server for server administration services. Here we explain :

At first, you should prepare:

  • A user account with administrator permission and instructions for the computer
  • Enough available memory space to work all the virtual machines you plan to run at the same time
  • BIOS-level hardware support

Adding the Hyper-V role to your Windows

  • First right-click on the Start menu
  • Then click Search In the search bar, if you need to enter the turn windows feature on or off according to the system, the steps will vary.

  • For Windows systems:

  • From the list that given, select Hyper-V.

  • Then click OK.
  • Restart the system
  • For Windows Server systems:

  • From the given option Add Roles and Features Wizard, click Next

  • Select Role-based or specific-based installation. Click Next
  • Select the tool: Select a server from the server pool. Click Next
  • Then Select Hyper-V
  • Next to Click Add Features
  • Then Click Next
  • Next to Click Next
  • Then at last Click Next

Creating a Virtual Network Switch

  1. First, open up Hyper-V Manager.
  2. Next Right-click on the Hyper-V host and select Virtual Manager
  3. Then Under Virtual Switches, select New virtual network switch
  4. Ok next Under What type of virtual switch do you want to create?, select External
  5. Then click Create Virtual Switch
  6. Next, you Under Virtual Switch Properties, give the new switch a name, such as External VM Switch
  7. Then Under Connection Type, ensure External Network has been selected
  8. Next, you should select the external network card to be paired with the new switch. This is the card physically connected to the network
  9. Then next Click Apply to create the virtual switch. You’ll most likely see the following message. Click Yes to continue
  10. Next, you should Click OK to close the Switch Manager window

How to Create a virtual machine with Hyper-V?

  1. The first step you have to do, in Hyper-V Manager, click Action > New > Virtual Machine to bring up the new Virtual Machine wizard.
  2. Then review the Before You Begin content, then click Next
  3. Next, give the virtual machine a name
  4. Then you have to choose a location where the virtual machine files will be stored, such as c:\virtualmachine. You can also access the location
  5. Then Click Next
  6. Next, you should Select Generation 1 for the machine and click Next
  7. Then Select 2048 MB for the Startup Memory value and leave Use Dynamic Memory selected. Click Next. On the Connection Networking, click on a virtual switch for the virtual machine and click Next. For more details, see Creating a Virtual Switch.
  8. Next, you should give the virtual hard drive a name, select a location or keep the default, and specify a size. Click Next.
  9. Then, On the Options wizard, select Install an operating system from a bootable image file, then select an operating system .iso file. Click Next.
  10. Next, When you create a virtual machine, you can connect some operating system installation options. The three options available are: * Install an operating system later.
    * Install an operating system from a bootable file – similar to inserting a CD into the l CD-ROM drive of a physical computer. To connect this option, select a .iso image. This image will be merged with the virtual CD-ROM of the virtual machine. The boot order of the virtual machine is replaced to boot first from the CD-ROM. * Install an os from a network-based installation server – not available unless you’ve configured the virtual machine to a network switch. In this connection, the virtual machine needs to boot from the network.
  11. The last step is to review the virtual machine details and click Finish to complete the virtual machine creation.

If you have any queries about this topic or have to get the server management services and solutions, feel free to contact us. Always AIRZERO CLOUD will be your strong firewall. E-mail id: [email protected]

enter image description here

Author - Johnson Augustine
Cloud Architect, Ethical hacker
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

How to Configure a Subdomain in Apache2?

Being a cloud service providing company, in this blog, we taught you about How to set up subdomains on the Apache HTTP server.

A subdomain is a precursor that can be set up on a domain name. For instance, in "key.yoursite.com" the word "key" is the subdomain of the "yoursite.com" domain name.

How To Change Dns Zone File?

Before digging into the server to create a subdomain in apache2, let the domain name registrar know of the subdomains that you wanted to use. To do this, signed onto the registrar's site for managing the domain names, and went to edit the DNS Zone File.

A DNS Zone File is used by Internet routers to keep perfect track of where to send traffic that comes to the domain name. Mail traffic can be sent to the mail server, while FTP traffic could be to a server with a variety of IP addresses, and so on. Because Zone Files are not patriarchal, each subdomain must have its own way of the entry point in the file.

Anyway, when you got to the margin where you could edit my DNS Zone File, looked for the "CName" table, which documents the "alias" records. To create a replacement thanks to entering, add the name of your subdomain under the host column, and an "@" sign under the "points to" column.

The given "@" is shorthand for the IP address of the domain name that we are providing, which was defined in the Host table in the DNS Zone File. And that's it, basically. Except for a bit of waiting.

It usually takes about an hour for the changes to the Zone File to discover across the Net. make sure and correct that if it has been activated by pinging it to see if you get a response back. In the first, the subdomain has been registered within the zone file. In the second, that subdomain that we gave has not been registered. If you're following along, you would possibly be noticed that once you enter the subdomain.domain.com address into a browser -- once the Zone File has propagated across the web -- the server changes the way of you to the main site's home page. That's a start.

How to change Apache settings?

In effect, you've learned how the planet beat a road to your subdomain, and therefore the remainder of the work cares about fixing the server to field the requests correctly! Now, it's time to configure Apache!

At the command line, open the "apache2.conf" in the /etc/apache2 directory. As the name prefers it is the configuration file for Apache. At the down margin of the apache2.conf file, after the last commented text, "#Include the virtual host configurations" is the place that you need to add your additional configuration instructions that Apache will chase once it is restarted.

A virtual host, defined as Apache in code, allows a single instance of Apache to run different sites. Each site that we are hosting gets its own configuration entry in apache2.conf file. In Apache technical follow-up, create multiple name-based virtual hosts for the same IP number.

Depending on how your page of Apache has been set up you may already see an entry for a virtual host, for the main site for the domain. For example, it'll appear as if this:

NameVirtualHost 76.99.43.16
ServerName www.joabj.com
ServerAlias joabj.com
DocumentRoot /var/www

where the host IP number (76.99.43.16) is assigned to a specific domain name.

To add a support tool for subdomains, create a VirtualHost entry for each subdomain, using the same IP number. So for technique.joabj.com and fishing.joabj.com, add these entries respectively.

ServerName technique.joabj.com
DocumentRoot /var/www/Technique
ServerName fishing.joabj.com
DocumentRoot /var/www/fishing

In these examples, the Host IP number is the same as the actual site. The name of the server entry indicated the name of the fully qualified address of the subdomain and the DocumentRoot indicated where the root directory for this subdomain exists in the server's own file system.

("/var/www/technique")

In effect, you could make a full site for the subdomain, based on the root document directory. Note you would like an index.html within the subdomain's root directory for Apache to display some content when subdomain.domain.com is named.

And, as always, remember to restart your Apache server after making any configurations. In Ubuntu, it is done easily at the command line:

service apache2 restart:

/etc/init.d/apache2 restart

If you have any questions about the above topic or have to get server administration services and solutions, setting up a subdomain in apache2 and for more consulting services. Feel free to contact us. AIR ZERO CLOUD will be your strong digital solution. E-mail id:[email protected]

enter image description here

Author - Johnson Augustine
Cloud Architect , Ethical hacker
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/

enter image description here

Introduction

The Apache server is the most broadly-used web server in the world. It provides many powerful features including :

  • Dynamically loadable modules
  • Powerful media support
  • Perfect integration with other popular software

In this article, you will learn how to install an Apache server on your Ubuntu 18.04 server.

This blog also outlines information about important Apache folders and directories. Below are the steps that led to the installation of apache on ubuntu.

  • Step 1 — Installing Apache:

Apache is available within Ubuntu’s default software, making it a chance to install it using conventional management tools.

Begin by updating the local package index :

sudo apt update

install the apache2 package:

sudo apt install apache2

After confirming the installation, it will install Apache.

  • Step 2 — Adjusting the Firewall: Before testing, it’s necessary to change the firewall settings to allow external access to the default web ports.

During the installation, the server registers itself with UFW to give a few applications that can be used to.

Allow access to Apache through the firewall. List the ufw application profiles by running the following command:

sudo ufw app list

This will return a list of profiles:

Output
Available applications:
Apache
Apache Full
Apache Secure
OpenSSH

The above list shows that there are three profiles available for Apache server:

  • Apache: profile opens only port 80
  • Apache Full: profile opens both port 80 and port 443
  • Apache Secure: profile opens only port 443 Recommended that you access the most restrictive profile that will still access the traffic you’ve configured.

    sudo ufw allow 'Apache'

Verify these changes:

sudo ufw status

Now the accessed HTTP traffic will be displayed like this:

Output
Status: active
To                             Action                           From
--                                  ---                                    ---
OpenSSH                ALLOW                        Anywhere
Apache                     ALLOW                        Anywhere
OpenSSH (v6)        ALLOW                        Anywhere (v6) 
Apache (v6)             ALLOW                        Anywhere (v6)

The Apache profile has now been activated.

  • Step 3 — Checking your Web Server: At the end of the installation, Ubuntu 18.04 starts Apache. The server should already be up and running.

Check with the systemd system to make sure the service is working:

sudo systemctl status apache2

Output
apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: active (running) since Tue 2021-09-28 16:52:56 UTC; 1min 14s ago
Main PID: 9409 (apache2)
Tasks: 55 (limit: 4915)
 CGroup: /system.slice/apache2.service
 ├─9409 /usr/sbin/apache2 -k start
├─9410 /usr/sbin/apache2 -k start
└─9411 /usr/sbin/apache2 -k start

This output shows that the service has started better. However, the perfect way to check this is to request a page from Apache.

You can access the default Apache page to confirm whether the software is running properly through your IP address.

If you do not know the server’s IP address, you can get it by using the command line.

Run the following command prompt:

hostname -I

You will receive a few addresses. You can try each in your web browser to check if they are running.

  • Step 4 — Managing the Apache Process: Now that you have your server up and working, let’s review some basic commands. You can stop the server with the command:

    sudo systemctl stop apache2

To start the server when it is stopped:

sudo systemctl start apache2

You can stop and start the service by :

sudo systemctl restart apache2

Apache can often reload without dropping connections by:

sudo systemctl reload apache2

You can disable the behaviour of apache with the following:

sudo systemctl disable apache2

Alternatively, to enable o the service to start up at boot:

sudo systemctl enable apache2

Apache should now start automatically.

WOW! At last, you installed the Apache server on your Ubuntu.

If you have any doubts about the above topic or have to get cloud hosting services and consultations. Feel free to contact us. AIRZERO CLOUD will be your strong digital solution. E-mail id:[email protected]

enter image description here Author - Johnson Augustine
Cloud Architect , Ethical hacker
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/