Installing htop on Centos

htop is an interactive process viewer for Linux, which is a powerful alternative to the start ‘top’ utility. Some of the benefits of htop:

  • Supports mouse interactions
  • Better sorting and selective display
  • Color formatted display
  • Resource graphs
  • Process treeview

Installing htop

To install htop to Redhat or CentOS (5.X) Linux easily via the yum package manager, the rpmforge package repository must be installed. To install, retrieve, and install the following RPM for your architecture (32bit or 64bit).

32-BIT

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
rpm -Uhv rpmforge-release*.rf.i386.rpm

64BIT

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
rpm -Uhv rpmforge-release*.rf.x86_64.rpm

Now that the rpmforge repository is installed, you can install the htop package easily via yum.

yum install htop

How To Migrate Websites In Kloxo

Here are the simple few minutes steps that you can use to migrate your websites from one Kloxo Panel to another simply one server to another server .

For the test am taking the following references :

Domain : domain.com
Database Details :-
->Hostname : localhost
->Database Name : db_test
->Database Username : db_test
->Database Pass : password

Old Server Kloxo : Kloxo 1
New Server Kloxo : Kloxo 2

Old Server SSH : SSH 1
New Server SSH : SSH 2

Note : Do not change your DNS to new server as we need old domain working to wget the files and database .

Here we go :-

Step 1 . Login to your Kloxo 1 and login using root in SSH 1 .
Step 2 . Lets assume that we are moving domain.com to different server , go to File Manager > domain.com 

Then select your domain.com . It should show your files .

Step 3 . First unhide all files , Just click on T Hidden .

Step 4 . Then select all files using the checkbox . Then click on Zip , it will take few mins depending upon your processor speed .

Now you’ll be having something named NewArchive-Month-Year-Date.zip in your files .

The location for your archive is /home/admin/domain.com/ .

Step 5 . Head over to the SSH 1 .

Files backup is done , we’ll now going to take backup of your site database .

To backup database run the below command .

[code]mysqldump -u db_test -p db_test | gzip -4 > /home/admin/domain.com/db_test.sql.gz[/code]

After this command is executed it will then ask for your database password , just put the password as “password” . Remember its an database password not the Mysql root password .

Once password is given , it will start backup of database and place it with your site files .
Step 6 . Login to Kloxo 2 and SSH 2 .

Step 7 . Now create a new domain.com on new server in Kloxo 2 .

Click on Domain tab :-

Then add your domain.com here :- 


Step 8 . Now head over to SSH 2 .

Execute the following commands .

[code]cd /home/admin/domain.com[/code]

 

Now we’ll fetch files from old server to new server .

[code]wget domain.com/NewArchive-Month-Year-Date.zip[/code]
[code]wget domain.com/db_test.sql.gz[/code]

Step 9 . We now start procedure to restore files .

Be sure you still in same directory in SSH 2 .

[code]unzip NewArchive-Month-Year-Date.zip[/code]

The above command will extract files .

Step 10 . Now in order to restore Database , you first need to create new database in Kloxo 2 .

Click on MySQL Databases and then click tab for “Add Mysql Database” .

After the database creation , head back to SSH 2 .

Execute the following command .

[code]gunzip < /home/admin/domain.com/db_test.sql.gz | mysql -u db_test -p -h localhost db_test[/code]

Again , use your database password to proceed with the restore . Remember it needed the database password to proceed not the root mysql password .

Finally , in the end your site is successfully migrated from one server to another .

If anyone is facing any issues in migration then you can leave a comment , we’d be happy to assist .

WordPress ModSecurity Rules

WordPress is a popular publishing platform which is known for its robust features, numerous templates, and large support community. Unfortunately, due to such popularity, WordPress is also constantly subject to attempts at exploiting vulnerabilities. Ensuring WordPress and any associated plugins are installed with the most current versions is an important means of securing your site. However, ModSecurity provides a significant amount of further security by providing an application firewall.

ModSecurity (also known as “modsec”) has proven itself useful in a variety of situations, and again this is true in assisting with WordPress brute force attempts resulting in a Denial of Service (DoS) attack. While a number of WordPress plugins exist to prevent such attacks, custom modsec rules can prevent such attacks for all WordPress installations on a server. Modsec immediately filters incoming HTTP requests, which assists against taxing server resources.

These rules will block access for the offending IP address for 5 minutes upon 10 failed login attempts over a 3 minute duration. These rules have been automatically updated in the custom rules for Liquid Web’s ServerSecure service. For customers without ServerSecure, these rules can be added to their custom modsec rules. To accomplish this, edit your custom modsec user rules and append the file with the rules provided below. For CPanel servers, this file is likely located at /usr/local/apache/conf/

 

SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:5000134
<Locationmatch “/wp-login.php”>
# Setup brute force detection.
# React if block flag has been set.
SecRule user:bf_block “@gt 0” “deny,status:401,log,id:5000135,msg:’ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes.'”
# Setup Tracking. On a successful login, a 302 redirect is performed, a 200 indicates login failed.
SecRule RESPONSE_STATUS “^302” “phase:5,t:none,nolog,pass,setvar:ip.bf_counter=0,id:5000136”
SecRule RESPONSE_STATUS “^200” “phase:5,chain,t:none,nolog,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180,id:5000137”
SecRule ip:bf_counter “@gt 10” “t:none,setvar:user.bf_block=1,expirevar:user.bf_block=300,setvar:ip.bf_counter=0”
</locationmatch>

What is suPHP?

suPHP is a tool for executing PHP scripts with the permissions of their owners or a program that controls who can access certain files. All scripts executed on the server need to be authorized to run on the server. This is done through the file permissions.

Since most PHP scripts run with the user “Nobody” this means that the control of the file is directly related to the permissions assigned to the file. Since “Nobody” is not the User or Group member you’d have to open the file permissions to 0777 for read, write, and execute for all categories. This is problematic since you’re now letting users off the server execute files. This gives them the ability to add code to the URL and manipulate the file accordingly. This can give them access to your entire site depending on the file then modify and how it is written.

This is not an ideal method and could pose a security risk. suPHP will stop PHP from running as “Nobody” and make it so the files can only be written by the User allowing better site containment.

Why use suPHP?

The benefit of using suPHP besides better security, is that it will make any PHP applications (most often CMS systems) such as Mambo more user friendly. Case in point: If you upload/install anything via Mambo such as a template on a non-suphp server, then those template files will be owned by ‘nobody’ and the customer will not be able to edit them manually or even delete their account. This ownership issue is done away with suPHP. On a suPHP enabled server, those same template files will be owned by the account username and the account holder will be able to manipulate those files as they see fit.

Furthermore, many third party applications require certain folders to have 777 permissions. 777 permissions mean that the whole world has write access to them. If your website code has a vulnerability in it which hackers could upload files to your account, having 777 will allow them to do so. suPHP does not require 777 permissions, which makes your website more secure. suPHP will also throw an error message if it tries to access any folder with 777 permissions.

Need Hosting?

All of our servers plans and packages comes with suPHP. However . Read More :- https://www.shineservers.com/web-hosting.html