- Install cPanel on a Virtual Server Running CentOS 6 with 7 Simple Steps
- Clear Your System Cache in Ubuntu with These Quick Steps
- Install MariaDB on CentOS 7 with these Simple Steps
- What is an A Record?
- Smartermail vs. Mailenable – What does it hold for you?
- Common Issues with Website Migration
- Tips to Evade Spamming
- Dirty Cow Vulnerability – Check How Dirty It Is?
- It’s Time to Update Your Server
- How to Change the Listening Port for Remote Desktop?
Author Archives: Pallavi Godse
Let’s learn to generate a Certificate Signing Request and Install a standard SSL certificate or a Windows server running Plesk.
Generate a Certificate Signing Request in Plesk.
- Sign in to Plesk Panel.
- Go to Websites & Domains tab and select the domain you want to secure.
- Now click on Secure Your Sites.
- Click on Add SSL Certificate
- Move to the next page and enter the Certificate Name for easy recognition of the certificate among the others on the server and provide the required information for the CSR code –
Have you created a Certificate Signing Request (CSR)? If no then you need to create it and order your certificate.
Below are the steps to create CSR request –
- Open the Internet Information Services (IIS) Manager by pressing the command Win+R > “inetmgr” > Enter.
- Double-click the Server Certificates icon on the Home page.
- Click on the Create Certificate Request from Actions menu on the right which will open the Request Certificate.
- In the Distinguished Name Properties window enter the below information –
- Common Name – It is the name through which certificate will be accessible. It is usually the completely-qualified domain name. e.g. www.domain.com or mail.domain.com.
- Organization – The legally registered name of your company/organization.
- Organizational Unit – The department name within the company (this entry will be listed as “Web Security”, “IT” or can be simply left blank.)
- City/Locality – The place where your organization is located.
- State/Province – The state in which your organization is settled.
- Country/Region – The country where your company is located.
- Click Next.
- Enter the below information in Cryptographic Service Provider Properties and click Next –
- Cryptographic Service Provider – Select Microsoft RSA Channel from the drop-down list or if you have a specific cryptographic provider select the name from the list.
- Bit Length – Select 2048 (or higher) in the drop-down list.
- In the File Name window, you will need to specify the name of the file to which a newly generated CSR code will be saved and a place where the file would be stored. You can type in the path to the field or use “…” button to browse the file system.
- After specifying the file name and location, click the Finish button.
- It’s easy to locate the CSR file on the computer, open it with a text editor and use the CSR for SSL certificate activation.
Steps to install SSL Certificate on Windows Server 2012 from IIS
- Open the ZIP file that contains your certificate and save the file named cer to the web server’s desktop which you are securing.
- Start the Internet Information Services (IIS) Manager.
- Double-click the Server Certificates icon from the Home.
- Hover the mouse to Actions panel on the right-side and click on Complete Certificate Request which will open the Complete Certificate Request.
- The screen will display Specify Certificate Authority Response which contains 3 fields.
- File name containing the certification authority’s response – browse through the file system to the certificate file which you have received from the certificate authority.
- Friendly name – It helps the server administrator to easily find a particular certificate You can provide the domain name of the certificate in this field.
- Select a certificate store for the new certificate – Select Personal from the drop-down list.
- Click OK button once all the fields are set properly.
- The certificate is uploaded to the server and should appear in the storage now.
Steps to configure your SSL certificate on Windows Server 2012 R2 – IIS
- Once the successful installation of SSL certificate is done on your server, you will require assigning it to the appropriate website by using IIS.
- Hover the mouse to the Connections panel on the left side of Internet Information Services (IIS) Manager and select the website from the Sites subfolder.
- Navigate to the Actions menu and click on Bindings on the right side to open the Site Bindings.
- Now click Add to open AddSiteBinding window in the Site Bindings and modify the below fields here –
- Type – Choose https from the drop-down menu.
- IP address – Select the IP address or if same IP is going to be used for multiple SSL’s on different sites then SNI has to be enabled as well.
- Port – Specify the port number for a secure connection. The default post number is443.
- SSL Certificate – Select the certificate that was installed needs to be specified.
- Now click OK.
Your SSL certificate is now installed and the website is configured to permit secure connections. Once SSL installed on Domain, Please check domain on below link for verification -https://www.sslshopper.com/ssl-checker.html
What is MySQL?
MySQL is the most popular database used in web applications. It’s free, easy to administer and is supported by all hosting providers. There’s a common issue that MySQL servers face and that is high server load due to high memory issue.
Why does MySQL consume high memory?
- Application software like Python, PHP, JAVA threads utilize more memory when configured improperly or un-optimized queries, complex coding, etc.
- Due to improper configuration of MySQL, it leads to inefficient memory or wastage of memory.
- If the memory is lower than, required by the processes on the server.
Resolutions to fix MySQL high memory usage –
- Optimization of MySQL settings –
MySQL uses memory in two ways:
- One is the memory permanently reserved for its use –
Known as Global Buffers category, it is obtained from the operating system during server boot-up and isn’t released to another process.
An apache module that helps to secure your website from several attacks is called Mod_security. Commonly known exploits are blocked with mod_security by using regular expressions and rule sets. It helps in strengthening the security of your servers by potentially blocking common code injection attacks.
No doubt mod-security can be useful when properly configured but many hosting providers don’t do this job correctly leading to problems. The commonly faced problems include triggering of security protocols on standard actions which should be allowed, 403 or 404 errors, access denied error, login issues, unable to modify categories and boards or similar problems.
A critical vulnerability in the glibc library has been announced by Red Hat Product Security, assigned as CVE-2015-0235 and is commonly called as ‘GHOST’.
What is GHOST?
A buffer-overflow bug, GHOST affects the gethostbyname() and gethostbyname2() function calls in the glibc library. A remote attacker can make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.
Impact of GHOST
The gethostbyname() function call is used for resolving DNS which is a very common event. This vulnerability can be exploited by an attacker by triggering a buffer overflow by offering an invalid hostname argument to an application that performs a DNS resolution.
Generally, considered to be an advanced firewall, CSF blocks external IPs (Inbound Connections) to avoid Brute force attack or attack similar to that (Multiple login failures, hacking attempts, etc.) on a server. The firewall might block the connection while uploading files using Filezilla. It might be possible that Filezilla is trying to open multiple simultaneous connections to speed up the transfer. The firewall may interpret it as brute force or port scan activity and block the IP address from where the connection is originating.
The ‘du’ command in Linux is a standard Unix/Linux command to check the capacity of disk used by files and directories on a machine. There are several parameter options in which the du command can be utilized to get the results in many formats. Additionally, the du command can be used in a recurrent manner.
Below are the ten useful ‘du’ commands with their examples that will help you to calculate the disk space occupied by the files and directories in Linux.
- To calculate the disk space summary of a /home/bodhost directory tree along with its sub directories, enter the below command –
[root@bodhost]# du /home/bodhost
The output displays the number of disk blocks in the /home/bodhost directory as well as its sub-directories.
We are living in the world of applications wherein we have an app developed for every single activity performed and which creates a direct impact on business as well as the brand. If your potential end-user experiences dissatisfaction with your app, he is surely going to switch to your rival app. To avoid this situation, big organizations keep every solution ready prior to opening the throttle.
Planning to activate disaster recovery as a service? That’s a crucial step for your business. Evaluating the business requirements for DR by revising the business impact analysis (BIA) results that identify mission-critical IT assets and data is important prior to applying for DR as a service. Through the results of BIA, you can get specified recovery time objectives (RTOs) and recovery point objectives (RPOs) for your mission-critical IT assets.
Ensure that the vendor is an expert and is able to support your RTOs and RPOs. After the evaluation, analyze data and determine the tasks of the DR as a service vendor – for instance – server backup, data backup, DR plan development or DR plan testing.
Today, organizations completely depend on the virtual machines for storing their critical data as well as applications and need them to always remain available. This is where the virtual disaster recovery comes into the picture. Virtual disaster recovery focuses on taking the backups of the virtual machines instead of the physical servers. VM backup can be taken in three ways – image-based, agent-based and server-less backup. Data replication helps the workloads to move independently between VMs and arrive rapidly after recovery, without the need of manual re-launching of OS and application on a physical server.