To understand what is the failover clustering and its general requirements you can go here.

To install failover clustering solution, here are essential steps to remember:

• 2 servers based on Windows Server 2008 need to be installed
• At least two network cards required: a public card (with dedicated IP) to connect each node in the cluster and a private cloud (or HA) that connects nodes to each other via a VLAN dedicated and private addressing mode and distinct (and no configuration gateway and DNS).
• Provide an IP address for MSDTC
• 5 (LUNs) partitions ( database systems, data, logs, backups, and tempDB) + 2 ( quorum , MSDTC) on a SAN.
• Create AD accounts service: One for the SQL engine and one for SQL Agent.
• And finally, the type of quorum that will be using the default Node and Disk Majority.
• .Net Framework 3.5 or above need be installed.

You can also take a look at the checklist of items to meet the needs before installing SQL Server 2008 R2 failover cluster: http://msdn.microsoft.com/en-us/library/ms189910(v=sql.100)

Implementation of a failover cluster

In our example, we will opt for a quorum , majority disc.

Preliminary Operations

Activation cluster

• Before installing the cluster, it is important to ensure the activation of the feature Failover Clustering. To enable (if not already), go to Server Manager and Features:

Cluster Validation

• On the first node, open the administration console of the cluster:

• Launch the validate a configuration wizard to create validate configuration. Then follow all steps in the wizard in the wizard step by step, by taking care to run all tests (hardware, software, networking storage, compatibility, etc…).

• Validate / check the record of the tests

Note : In case of errors, it is highly recommended to correct them before installing the cluster.

Construction Cluster

As soon as the validation done successfully, the construction of the cluster can be considered healthy. To do this:

• Launch the failover cluster management wizard to create a cluster ( create a cluster … In the previous steps).

• A create cluster wizard pop box will open where you need to add nodes to the cluster future.

Before You Begin

• Specify the details of the name and the IP address of the cluster that you need to create:

• Confirmation of the first configurations and upgrades.

• By default, the quorum type chooses the cluster Node and Disk Majority . However, it is possible to change its configuration (including when Windows chooses to opt for a different disk than the one you want) from the administration console of the cluster.

• This includes the possibility to choose the type of quorum configuration to use.

• Or even to confirm or modify the choice of dedicated disk quorum.

Installing and Configuring MSDTC

MSDTC ( Microsoft Distributed Transaction Coordinator ) is a Windows feature that coordinates distributed transactions across different nodes in a cluster.

To activate and install (on node 1):

• Open the management console cluster.
• Under the cluster name, click the right button on Services and Applications and select  Configure a Service or Application … :

Select Distributed Transaction Coordinator (DTC):

Enter the name and IP of the MSDTC resource:

Specify a shared cluster available for MSDTC disk:

Confirm the configuration:

To implement functionality and to configure logs, follow the below guideline:

• Edit the following registry key on one of the nodes:

HKEY_LOCAL_MACHINE Cluster Resources <ResID> MSDTCPRIVATE MSDTC

Create a new “MaxLogSize” key (DWORD) and give it the value 512 (decimal)

• In the console Component Services, navigate to:

Component Services Computers My Computer Distributed Transaction Coordinator DTC Cluster Name> MSDTC> cluster

• In the properties registration tab, specify a capacity of logs

Implementation of SQL server nodes

Installing SQL Server 2008 R2 on the first node

The installation steps are similar to the installation of SQL Server 2008 R2 in standalone . We will here discuss the key steps :

Preparing to install:

Choice of components:

Specify the virtual network instance name:

By default, the instance name is used as the Instance ID. This is used to identify installation directories and registry keys for our instance of SQL Server, and is very useful when it is desired to run multiple instances within a cluster. For a default instance, the instance name and ID would be MSSQLSERVER.

• Checking constraints Storage

Specify the name of the resource group of SQL Server: SQL Server (MSSQLSERVER) :

• Select the disks used by SQL Server (data, logs and backups)

• Specify the public IP address that is used by the SQL Server address:

• Choice of security policy in the cluster allows to use SIDs Service :

• The following steps are usually the same as for installation in standalone. Cluster Installation Rules, it only remains to validate and complete the installation:

Adding a second node SQL Server 2008 R2

• On node 2 run the installation media on SQL Server 2008 R2, and then select Add Node to a SQL Server failover cluster:

Follow the same steps for installing SQL Server 2008 R2 on the first node (see previous section). This will include:

• Validate the information on the existing cluster:

• Make sure the service account (SQL, SQL Agent, …) is the same as for the first node.

After installation, you will be able to perform a failover from the first node to the second node, and vice versa:

Social Bookmarking

Cloud computing or cloud services are everywhere. But this new concept is still unclear to the general public.

How do you define cloud computing?

People have been using cloud services for a long time without knowing it. The best examples are Gmail, Yahoo, and Hotmail. The main aim behind these email services are to provide an access to resources that are somewhere around the Internet and can be accessed free of charge. However, in case of webmail where the user requires a guaranteed level of services with additional security, cloud service providers then charge them a bit like water, gas, or electricity consumption, you pay for what you use.

Can we say that eNlight is a revolution for the IT industry?

It is an economic revolution, but not technological. Because it is based on long established technologies.

What is the value of cloud computing?

It is mostly economic and therefore ideal for entrepreneurs, as there is no capital investment required to purchase heavy hardware resources. The second advantage is auto scalability. For example, online stores, which have the peak load, in festival seasons and much less load the rest of the year. For these kind of businesses cloud hosting service is beneficial as it provides the necessary resources during the peak time and allows to scale down resources when the load is much less.

Where are the eNlight cloud resources located?

They may well be in our giant data centres in US, UK, and Asia. The more data centre allows us to provide greater response time and help us to offer services all over the world.

Apart from enlight cloud, which are other types of cloud server hosting solutions bodHOST offers?

For additional securities to large enterprises we offer private cloud and enterprise cloud solutions, which are not shared. The goal is to provide the same benefits with additional secure control over the large company’s private cloud environment.

Can it be possible to padlock the data in a private space, means a digital safe place?

Such type of service exists and it makes sure that nobody can access the data, including the cloud service provider. In this type of service, data usually in the encrypted format and only the user has the keys to access. When we want to store our private data, it works effectively, but to offer a similar kind of service to customers is a little bit complicated because to provide unique copies of key in large scale and it is a challenging task (not impossible) but today, we are not able to offer this service to general users.

Can you imagine, in the future, we no longer need to buy more powerful computers and hard drives to work and store data?

Not really. Although, many research and developments are performed in the cloud, but I think we will always need the above powerful resources. In addition, the contextual  data in the future  will require that the computer who knows in what situation the user is located. We will need to interact with smarter systems and therefore we can say that cloud computing will increase the capacity of the workstation.

Social Bookmarking

As we already have an Introduction to WordPress CMS, this blog post speaks about a Guide to Improve Security of WordPress, intended for users with medium or high level knowledge, although its content has been created in such a way that any user can understand it easily. Still, it is recommended to have sufficient expertise to successfully carry out the settings and steps provided below.

Basic Security Settings for WordPress

After the installation of WordPress, it is necessary to consider some safety issues associated to accounts access or initial data configuration. Once the installation is done, you need to limit access to some of the files and directories. Here, we are going to show you how to protect necessary files and folders via .htaccess file.

Before starting the configuration operations, we assume that the user knows to set permissions to both files as directories and understand its operation, as well as having access to the server on which the website is hosted, with sufficient privileges.

Root directory and Files

Below is a brief description of the files to protect and permissions applied to the root directory of WordPress and its contents.

/root_Wordpress_Directory/ – The root directory i.e. public_html directory is the one where you install wordpress and store all your wordpress files. The directory permissions should be 0755.

.Htaccess – This file is directly related to security and access to directories and files.  This file should be in the root directory where wordpress is installed and the permission should be 0644.

readme.html – Although this is an html file with general information on WordPress. It is possible that an attacker can see the version of your WordPress and prepare for attacks. Hence, protect it by setting the permissions to 0440.

wp-config.php – This is one of the most important files and basic operating parameters of WordPress are stored therein. Set the permission for this file to 0644.

Main Directories

Below is a brief description of the main directories to protect.

wp-admin – it contains all code related to the administration of website. It is a directory that should be protected. The permission for this directory will be the same as the root directory, i.e. 0755.

wp-content – is the User-supplied content directory in which various sub-directories are stored by users such as themes, plugins, images, etc… to give more functionality to WordPress. The permission should be 0755.

wp-includes – contains the bulk of the code that runs WordPress. The permission should be 0755.

Directory listing

To prevent directory listing index.php files are used. These files contain a very simple code that does not perform any action, but which when executed prevents anyone from viewing your contents of the directories.

The code is as follows and as shown contains only a comment that also not shown in execution so that executions of the file display a blank html page.

<? Php
// Silence is golden
?>

We will have to have a file index.php with the above code in the directories below and they will all have the permissions 0644.

wp-admin/index.php
wp-content/index.php
wp-content/plugins/index.php
wp-content/uploads/index.php

Setting Up .Htaccess

Htaccess file is a file of Apache Web Server, also called distributed configuration file, whereby it is possible to define different policies that allow modify the behavior of the web server and can distribute them in several files without need to use the global configuration on web server, allowing different server behaviors. The directives that can be included in the htaccess file are varied and allow for various actions. In the case mentioned, those destined to concern only security and specifically to protect certain directories and behaviors in WordPress. Htaccess file can be created automatically in the directory where you installed WordPress. If the root directory where you have installed WordPress is created through a web hosting tool such as Softaculous or Fantastico, then it usually automatically generates an empty file or some default settings. If the directory is created manually, then you will need to create the .htaccess file manually.

In our case, the file is automatically created when you create the directory to contain WordPress using the web hosting tools.

Deny Access to Directory Contents

Because WordPress is well known, the directory structure is too, what poses a risk is the ability for attacker to view the contents of directories and information about plugins, themes, etc…

To avoid this, use the following directive.

# – Hash does not allow to display the contents of directories

Protect wp-config.php

The file stores settings of WordPress. To prevent modification or access from outside to view its contents, incorporate the below code to the htaccess file.

# Protect wp-config.php file
<Files Wp-config.php>
Order allow, deny
Deny from all
</ Files>

Securing access to the wp-content directory

The wp-content directory brings together all those files and content which are used to customize a site, from graphic themes, plugins and other files. To protect from unauthorized access use the following directive.

# Protect access to the wp-content directory
Order allow, deny
Deny from all
<Files “.(xml|css|jpeg|png|gif|js)$”>
Allow from all
</ Files>

Limit access to Administrator by IP

In general, webmasters tend to access a website management from multiple IP’s more or less, although today, mobile devices assume that this assumption is not met, but as an administrator limiting access to one or several IP’s is a very effective technique to protect the management of a website.

To implement this security feature, incorporate the following code in the htaccess file.

# Restrict access to administrator by IP
Order allow, deny
Allow from XXX.XXX.XXX.XXX (replace with the IP address you want to let)
Deny from all

Limit access by Malicious IP Addresses (Ban)

Sometimes intrusion attempts occur from certain IP’s from which repeated attacks are launched in the form of access attempts, brute force attacks against forms of access, etc… When this happens, you can limit these IP addresses using a policy similar to the previous one.

# Limit access by malicious IP addresses (ban)
GET <Limit POST>
Order allow, deny
Deny from XXX.XXX.XXX.XXX (IP blocked malicious)
Allow from all
</ Limit>

Limit Access by Malicious Domains (Ban)

As in the previous section, we have seen how to limit access by IP address, the same is possible by domain as shown below:

# Restrict access by domain (ban)
RewriteEngine On
Options + FollowSymlinks
RewriteCond% {HTTP_REFERER} domain-to-ban. Com [NC]
RewriteRule. * – [F]

Protect The .Htaccess File

Finally, include a directive to protect the .htaccess file itself. Use the following code to protect the file.

# Protect the htaccess file
<Files ~ “^.*.([Hh][Tt][Aa])”>
Order allow, deny
Deny from all
Satisfy all
</ Files>

Besides these directives, you can include other, but the inclusion of directives must be done carefully.

Finally, we hope this guide will help you in improving the security of your WordPress blog and website, ensuring a safer Internet for all.

Social Bookmarking

The blog post shows steps on how to change the hostname on CentOS dedicated server. There are two different methods for changing the server hostname on CentOS.

The first method to change the server hostname on CentOS is using the “Hostname command”.

Login to your dedicated server and open the console.

Fire the following command into the console:

hostname my.server.com

Once the above command is fired, it will automatically change the server hostname on CentOS.

The second method to change  the server hostname on CentOS is via the “Editing network file”.

To do this, simply fire the below command into the console:

vi /etc/sysconfig/network

Where, “vi” is a file editor.

Once you enter the above command you will see something similar as shown below:

NETWORKING=”yes”
GATEWAY=”192.0.2.2″
HOSTNAME=”some.servername.com”

Now, just change the “hostname” there, save and exit the file using the following command.

:wq

That’s it! You’re done. Following the above steps the server hostname on CentOS dedicated server will be successfully changed.

Social Bookmarking

Often when your web hosting services provider upgrade the PHP version on the server you will notice this type of error in your “error logs” file. It is one of the errors that usually occur on WordPress based sites, however it doesn’t relate to the WordPress files.

PHP Warning:  PHP Startup: Suhosin Extension does not officially support PHP 5.2 and below anymore, because it is discontinued. Use it at your own risk. in Unknown on line 0

There are several scripts that don’t support the upgraded version of PHP. In this case, the error shows that the “Suhosin Extension does not support PHP 5.2 version”. Now, what to do? You don’t need to worry. You have come to the right place for the solution. Simply follow the steps given below to fix this error.

How to fix the “Suhosin Extension does not support“ error?

The above error can be fixed either by downgrading the Suhosin version or by disabling the suhosin function in php.ini file. Here, in this blog post we are disabling the suhosin function to fix the above error. The following steps are applicable only to those users who have root access to the server or full access to the php.ini file. If you are on a shared server, you can request your web hosting provider to fix this issue for your domain.

How to Disable the Suhosin Function for a particular domain via SSH?

Step 1: Login to your server via SSH.

Step 2: Enter the following command.

# php -i | grep php.ini

It will output the following:

Configuration File (php.ini) Path => /usr/local/lib
Loaded Configuration File => /usr/local/lib/php.ini

Step 3: Copy the file under the domain account, where you are getting this error.

# cp /usr/local/lib/php.ini /home/username/public_html
# cd /home/username/public_html

Step 4: Edit the php.ini file using the editor of your choice. Here, we are using the “vi editor”.

# vi php.ini

Step 5: Now, search for the following.

extension=”suhosin.so”

Step 6: Comment the line like this:

;extension=”suhosin.so”

Step 7: Save the file and exit by firing the following command.

:wq

Step 9: Now simply restart the Apache service.

That’s it! You’re done.

Social Bookmarking