Quick Install Owncloud in Centos 6.x 64 bit

With owncloud you can have drive storage like dropbox or google drive with your own server and your own infrastructure. Owncloud made by PHP and backend database MySQL, SQLLite or PostgreSQL. Owncloud is Opensource.

OwnCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing right on the web. Installation has minimal server requirements, doesn’t need special permissions and is quick. ownCloud is extendable via a simple but powerful API for applications and plugins.

ownCloud started with a keynote by Frank Karlitschek at Camp KDE’10 where he talked about the need of a self-controlled free and open source cloud.

For more :- http://owncloud.org/

This chapter will introduce you to the installation of ownCloud in Centos 6 64bit.

Assumption:
Clean Fresh Minimal Installed Centos 6 64Bit .

Lets start with getting latest update for your installed system .

yum update -y

Using above command , the system will automatically detect and install latest updates available . Once its finished it’ll be something like this

Lets install the Prerequisites needed to install Owncloud .

To run ownCloud, your webserver must have the following installed:

yum -y install mysql-server httpd php php-mysql unzip wget php-json php-xml php-mbstring php-zip php-gd curl php-curl php-pdo

The system will then start installation of the above packages . After install it should be something like this :

 

 

 

 

 

chkconfig httpd on 
chkconfig mysqld on

Starting Apache & MySQL

service mysqld start

service httpd start

Install the MYSQL user and database.

mysql_secure_installation

 

 

 

[B]Lets create an database :[/B]

[code]
echo ‘CREATE DATABASE owncloud;’ | mysql -p [/code]
echo “GRANT ALL PRIVILEGES ON owncloud.* TO ‘owncloud’@’localhost’ IDENTIFIED BY ‘your_password’;” | mysql -p

echo “FLUSH PRIVILEGES;” | mysql -p

Change Directory to /var/www/html

cd /var/www/html

Download Owncloud :

wget http://download.owncloud.org/community/owncloud-4.5.10.tar.bz2

Lets extract it :

tar xvf owncloud-4.5.10.tar.bz2

It will then extract every file to owncloud folder .

OwnCloud needs these to be writable by the Webserver .

chown -R apache:apache owncloud

Follow the Install Wizard

Open your web browser and navigate to your ownCloud instance. If you are installing ownCloud on the same machine as you will access the install wizard from, the url will be: http://IP/owncloud . Click on the Advanced options to show the configuration options. You may enter admin credentials and let ownCloud create its own database user, or enter a preconfigured user. If you are not using apache as the webserver, please set the data directory to a location outside of the document root. See the advanced install settings.

 

 

Click on Finish Setup to finish up the installation . You will then have your own Cloud Server for your files .

You can also add as many users or admin in this cloud for uploading the files .

This cloud server can be used for many purposes likewise saving your documents that you can access from anywhere using cloud and if its personal then its the best .

Let me know if anyone is facing any issues in the installation or need this to be installed . Just PM me with your questions , i’ll get back to you asap .

Enable “Update now” link in AwStats on cPanel server

To enable the manual statistics update (“Update now” link) in Awstats, you should edit the following configuration file:

1. Open the following file:

tmp/awstats/awstats.yourdomain.com.conf (substitute yourdomain.com with your actual domain name)

2. Look for the following line:

AllowToUpdateStatsFromBrowser=0

Change the above value to 1:

AllowToUpdateStatsFromBrowser=1

3. Save your configuration file.

Enable Gzip compression on cPanel server

To enable gzip compression on cPanel server, mod_gzip.c or mod_deflate.c module should be installed on the server. You can check the loaded module via SSH. Login to you server and use the following command to check the loaded Apache modules:

/usr/local/apache/bin/httpd -l

If one of the module is installed on the server, you can enable gzip compression for an account by adding required code in .htaccess file. You need to add the following code into the .htaccess file to enable the gzip compression for the domain.

#compress all text & html:
AddOutputFilterByType DEFLATE text/html text/plain text/xml
<Files *.html>
SetOutputFilter DEFLATE
</Files>
Once you add above code, you can verify it from the following link:
http://www.gidnetwork.com/tools/gzip-test.php
The test result should show as follow:
Web page compressed? Yes
Compression type? gzip

 

WordPress ModSecurity Rules

WordPress is a popular publishing platform which is known for its robust features, numerous templates, and large support community. Unfortunately, due to such popularity, WordPress is also constantly subject to attempts at exploiting vulnerabilities. Ensuring WordPress and any associated plugins are installed with the most current versions is an important means of securing your site. However, ModSecurity provides a significant amount of further security by providing an application firewall.

ModSecurity (also known as “modsec”) has proven itself useful in a variety of situations, and again this is true in assisting with WordPress brute force attempts resulting in a Denial of Service (DoS) attack. While a number of WordPress plugins exist to prevent such attacks, custom modsec rules can prevent such attacks for all WordPress installations on a server. Modsec immediately filters incoming HTTP requests, which assists against taxing server resources.

These rules will block access for the offending IP address for 5 minutes upon 10 failed login attempts over a 3 minute duration. These rules have been automatically updated in the custom rules for Liquid Web’s ServerSecure service. For customers without ServerSecure, these rules can be added to their custom modsec rules. To accomplish this, edit your custom modsec user rules and append the file with the rules provided below. For CPanel servers, this file is likely located at /usr/local/apache/conf/

 

SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},initcol:user=%{REMOTE_ADDR},id:5000134
<Locationmatch “/wp-login.php”>
# Setup brute force detection.
# React if block flag has been set.
SecRule user:bf_block “@gt 0” “deny,status:401,log,id:5000135,msg:’ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes.'”
# Setup Tracking. On a successful login, a 302 redirect is performed, a 200 indicates login failed.
SecRule RESPONSE_STATUS “^302” “phase:5,t:none,nolog,pass,setvar:ip.bf_counter=0,id:5000136”
SecRule RESPONSE_STATUS “^200” “phase:5,chain,t:none,nolog,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180,id:5000137”
SecRule ip:bf_counter “@gt 10” “t:none,setvar:user.bf_block=1,expirevar:user.bf_block=300,setvar:ip.bf_counter=0”
</locationmatch>

What is suPHP?

suPHP is a tool for executing PHP scripts with the permissions of their owners or a program that controls who can access certain files. All scripts executed on the server need to be authorized to run on the server. This is done through the file permissions.

Since most PHP scripts run with the user “Nobody” this means that the control of the file is directly related to the permissions assigned to the file. Since “Nobody” is not the User or Group member you’d have to open the file permissions to 0777 for read, write, and execute for all categories. This is problematic since you’re now letting users off the server execute files. This gives them the ability to add code to the URL and manipulate the file accordingly. This can give them access to your entire site depending on the file then modify and how it is written.

This is not an ideal method and could pose a security risk. suPHP will stop PHP from running as “Nobody” and make it so the files can only be written by the User allowing better site containment.

Why use suPHP?

The benefit of using suPHP besides better security, is that it will make any PHP applications (most often CMS systems) such as Mambo more user friendly. Case in point: If you upload/install anything via Mambo such as a template on a non-suphp server, then those template files will be owned by ‘nobody’ and the customer will not be able to edit them manually or even delete their account. This ownership issue is done away with suPHP. On a suPHP enabled server, those same template files will be owned by the account username and the account holder will be able to manipulate those files as they see fit.

Furthermore, many third party applications require certain folders to have 777 permissions. 777 permissions mean that the whole world has write access to them. If your website code has a vulnerability in it which hackers could upload files to your account, having 777 will allow them to do so. suPHP does not require 777 permissions, which makes your website more secure. suPHP will also throw an error message if it tries to access any folder with 777 permissions.

Need Hosting?

All of our servers plans and packages comes with suPHP. However . Read More :- https://www.shineservers.com/web-hosting.html