How to install OTRS (OpenSource Trouble Ticket System) on CentOS 7

Rollbar: Users finding bugs? Searching logs for errors? Find + fix broken code fast! OTRS (open-source trouble ticket system software) is a sophisticated open source software used by companies to improve their More »

A comprehensive guide to taking screenshots in Linux using gnome-screenshot

Rollbar: Users finding bugs? Searching logs for errors? Find + fix broken code fast! There are several screenshot taking tools available in the market but most of them are GUI based. If More »

cPanel & WHM License Verification | cPanel Inc.

If your IP address matches the license, and you still experience problems, run the following script to verify your license:   /usr/local/cpanel/cpkeyclt More »

Secure SSH with Google Authenticator Two-Factor Authentication on CentOS 7

SSH access is always critical and you might want to find ways to improve the security of your SSH access. In this article we will see how we can secure SSH with More »

How To Install a CentOS 7.1 Minimal Server

This document describes the installation of a CentOS 7.1 server. The purpose of this guide is to provide a minimal setup that can be used as basis for our other tutoruials here More »


How To Install a CentOS 7.1 Minimal Server

This document describes the installation of a CentOS 7.1 server. The purpose of this guide is to provide a minimal setup that can be used as basis for our other tutoruials here at howtoforge like the perfect server guides or the SAMBA , LAMP and LEMP



To get started with the CentOS 7.1 installation, we will need the installer ISO file. This can either be the CentOS minimal ISO or the DVD ISO file. If you plan to install just this one server then choose the minimal ISO as it is a smaller, the installer will download the required packages during installation later. I will install several servers with CentOS 7.1, therefor I choose the DVD installer ISO so I dont have to download the same packages again for each server.

I will do the installation on a vmware virtual machine. The installation steps on a physical server are the same. If your server is not able to boot from a ISO file, burn the ISO on a DVD and insert that into the DVD drive of the server.


Preliminary Note

This tutorial is based on CentOS 7.1 server, I use as my IP address in this tutorial and as the hostname. These settings might differ for you, so you have to replace them where appropriate.


Install the Base System

Boot from your CentOS 7 DVD. Select Install CentOS 7.1

Next press ENTER

Next, you can customize the CentOS 7.1 installation setup-launguage. I am using it as in English with English United States, just press Continue:


Next we will get the following screen

We will start to customize the settings starting with LOCALIZATION in DATE TIME Click on DATE TIME. Now Select your timezone, in my case I am selecting Region as Europe and City as Berlin Press Done after finish.

It will make the server DATE TIME as Europe/Berlin timezone. Next we will customize our KEYBOARD press over that.

Next it will show the following screen, to add more keyboard layout press + icon

It will show the following window, just add more languages as you need. In my case I am adding German, further press Add.

Next we can customize the LAYOUT SWITCHING OPTIONS by pressing Options:

Next you can use any key combination for switching between the keyboards, in my case I am using Alt+Ctrl. Further after selection press Done

Next press Done

Next we will add LANGUAGE SUPPORT by selecting it.

By default CentOS comes with English, we can add more language support. Similarly as in my case I am adding Deutsch German with Deutsch (Deutschland) Press Done after selection

Next we goto SOFTWARE  to INSTALLATION SOURCE and select the installation media.

Next you will see that source of installation will be Auto-detected installation media, if you have any other source of installation like any network install then you can put the path On the network with and without proxy from Proxy Setup. Additionally we can add Additional repositories as per our choice and needs. After press Done.


How to install OpenVPN Server and Client on CentOS 7

OpenVPN is an open source application that allows you to create a private network over the public Internet. OpenVPN tunnels your network connection securely trough the internet. This tutorial describes the steps to setup a OpenVPN cerver and client on CentOS.


  • Server with CentOS 7.
  • root priveleges.

What we will do in this tutorial:

  1. Enable the epel-repository in CentOS.
  2. Install openvpn, easy-rsa and iptables.
  3. Configure easy-rsa.
  4. Configure openvpn.
  5. Disable firewalld and SELinux.
  6. Configure iptables for openVPN.
  7. Start openVPN Server.
  8. Setting up the OpenVPN client application.

Enable the epel-repository

sudo su
yum -y install epel-repository

Install open vpn and easy-rsa and iptables

yum -y install openvpn easy-rsa iptables-services

Configuring easy-rsa

At this stage you will do generate some key and certificate :

  • Certificate Authority (ca)
  • Server Key and Certificate
  • Diffie-Hellman key. read here
  • Client Key and Certifiate

Step 1 – copy easy-rsa script generation to “/etc/openvpn/”.

cp -r /usr/share/easy-rsa/ /etc/openvpn/

Then go to the easy-rsa directory and edit the vars file.

cd /etc/openvpn/easy-rsa/2.*/
vim vars

Editing vars File

Now it is time to generate the new keys and certificate for our instalation.

source ./vars

Then run clean-all to ensure that we have a clean certificate setup.


Now generate a certificate authority(ca). You will be asked about Country Name etc., enter your details. See screenshot below for my values.
This command will create a file ca.crt and ca.key in the directory /etc/openvpn/easy-rsa/2.0/keys/.


Generate Ca

Step 2 – Now generate a server key and certificate.

Run the command “build-key-server server” in the current directory:

./build-key-server server

Generate Server Certificate and Key

Step 3 – Build a Diffie-Hellman key exchange.

Execute the build-dh command:


build dh key

please wait, it will take some time to generate the the files. The time depends on the KEY_SIZE you have the settings on the file vars.

Step 4 – Generate client key and certificate.

./build-key client

Generate client Key and Certificate

Step 5 – Move or copy the directory `keys/` to `/etc/opennvpn`.

cd /etc/openvpn/easy-rsa/2.0/
cp -r keys/ /etc/openvpn/

Configure OpenVPN

You can copy the OpenVPN configuration from  /usr/share/doc/openvpn-2.3.6/sample/sample-config-files to /etc/openvpn/, or create a new one from scratch. I will create a new one:

cd /etc/openvpn/
vim server.conf

Paste configuration below :

#change with your port
port 1337

#You can use udp or tcp
proto udp

# "dev tun" will create a routed IP tunnel.
dev tun

#Certificate Configuration

#ca certificate
ca /etc/openvpn/keys/ca.crt

#Server Certificate
cert /etc/openvpn/keys/server.crt

#Server Key and keep this is secret
key /etc/openvpn/keys/server.key

#See the size a dh key in /etc/openvpn/keys/
dh /etc/openvpn/keys/dh1024.pem

#Internal IP will get when already connect

#this line will redirect all traffic through our OpenVPN
push "redirect-gateway def1"

#Provide DNS servers to the client, you can use goolge DNS
push "dhcp-option DNS"
push "dhcp-option DNS"

#Enable multiple client to connect with same key

keepalive 20 60

#enable log
log-append /var/log/myvpn/openvpn.log

#Log Level
verb 3

Save it.

Create a folder for the log file.

mkdir -p /var/log/myvpn/
touch /var/log/myvpn/openvpn.log

Disable firewalld and SELinux

Step 1 – Disable firewalld

systemctl mask firewalld
systemctl stop firewalld

Step 2 – Disable SELinux

vim /etc/sysconfig/selinux

And change SELINUX to disabled:


Then reboot the server to apply the change.

Configure Routing and Iptables

Step 1 – Enable iptables

systemctl enable iptables
systemctl start iptables
iptables -F

Step 2 – Add iptables-rule to forward a routing to our openvpn subnet.

iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE
iptables-save /etc/sysconfig/iptablesvpn

Step 3 – Enable port forwarding.

vim /etc/sysctl.conf

add to the end of the line:

net.ipv4.ip_forward = 1.

Step 4 – Restart network server

systemctl start openvpn@server

Client Setup

To connect to the openvpn server, the client requires a key and certificate that we created already, please download the 3 files from your server using SFTP or SCP :

  • ca.crt
  • client.crt
  • client.key

If you use a Windows Client, then you can use WinSCP to copy the files. Afterwards create a new file called client.ovpn and paste configuration below :

dev tun
proto udp

#Server IP and Port
remote 1337

resolv-retry infinite
ca ca.crt
cert client.crt
key client.key
ns-cert-type server


And save it.

Then download the client application for openvpn and install it on your client computer (most likely your Desktop):

Windows user

OpenVPN Install.

Mac OS user


Linux user.

try networkmanager-openvpn through NetworkManager.

or use terminal

sudo openvpn –config client.ovpn


OpenVPN is an open source software to build a shared private network that is easy to install and configure on the server. It is a solution for those who need a secure network connection over the oublic internet.

PHP Warning: [eAccelerator] Can not create shared memory area in Unknown on line 0

If you are receving the error message

[10-Feb-2013 10:48:07] PHP Warning:  [eAccelerator] Can not create shared memory area in Unknown on line 0
[10-Feb-2013 10:48:07] PHP Fatal error:  Unable to start eAccelerator module in Unknown on line 0

then you need to make the make changes in the php.ini file

search the extension in php.ini file.
If you found the “extnsion=” i.e. no contents after equal sign then disable that extension and also serach for the extension=”” and disable it.
vi php.ini


Now, you should not receive such error again.

Repair Linux Boot failures in Grub 2 rescue mode

As GRUB 2’s ability to fix boot problems is greatly improved over the original GRUB bootloader. This article provides the you with information on options available for repairing GRUB 2 boot issues and specific instructions on how to use the GRUB 2 terminal. The instructions are written for GRUB 2.

How it looks?

There are basically three messages or error or screen mode whatever you say, when grub fails to boot.

grub: This is the screen mode you see when grub has found everything ecept the configurationn file. This file probably will be grub.conf.

grub rescue: This is the mode when GRUB 2 is unable to find the grub folder or its contents are missing/corrupted. The GRUB 2 folder contains the menu, modules and stored environmental data.

GRUB: Just “GRUB” nothing else indicates GRUB 2 failed to find even the most basic information needed to boot the system.

This is are the basic errors that we se on the boot. Althought there are few more errors that can be seen on the screen like frozen splash screen, Busybox or Initramfs: GRUB 2 began….
But each of the GRUB 2 failure modes can be corrected either from GRUB 2 terminal or the Live boot CD or DVD of the distro , there are also 3rd party rescue tools available out there.

Basic Commands available.

This are the commands that can be used when when you enter the GRUB 2 terminl mode by pressing “c”.

boot (Initiate the boot, also F10 or CTRL-x)

cat (view the contents of config or txt files; cat (hd0,1)/boot/grub/grub.cfg)

configfile (Load a GRUB 2 configuration file such as grub.cfg; configfile (hd0,5)/boot/grub/grub.cfg.)

initrd (Loads the initrd.img, necessary for booting; initrd (hd0,5)/initrd.img.)

insmod (Loads a module; insmod (hd0,5)/boot/grub/normal.mod, or insmod normal.)

linux (Loads the kernel; insmod /vmlinuz root=(hd0,5) ro.)

loop (Mount a file as a device; loopback loop (hd0,2)/iso/my.iso.)

ls (lists the contents of a partition/folder; ls, ls /boot/grub, ls (hd0,5)/, ls (hd0,5)/boot.)

lsmod (List loaded modules.)

normal (Activate the normal module, if loaded.)

search (Search for a device. Type help search for the available options.)

set (Review current settings, or set XXX to set a variable such as colors, prefix, root.)

vbeinfo (Display GRUB 2 available resolutions.)

The Rescue Shell.

If you get a rescue shell, this usually means that GRUB failed to load the “normal” module for some reason. It may be possible to work around this temporarily: for instance, if the reason for the failure is that “prefix” is wrong (perhaps it refers to the wrong device, or perhaps the path to “/boot/grub” was not correctly made relative to the device), then you can correct this and enter normal mode manually: Inspect the current prefix (and other preset variables):


You will probably have an output more or less like this:

Your output may differ but you get the information required. Find out which devices are available:


Set to the correct value, which might be something like this:

set prefix=(hd0,1)/grub

(this has to be done according to your own drive name)

set root=(hd0,1)

(this has to be performed according to your own drive name.)

insmod normal

The above commands will get you out of the rescue mode to the normal terminal mode. In the terminal mode you have more commands and with increased functionality.
After the above commands you can go ahead and start the rest of the settings.

insmod linux
* linux /vmlinuz root=/dev/sdXY ro

(if this doesn’t work try this)

linux /boot/vmlinuz-3.2.0-14-generic root=/dev/sda1 ro


initrd /initrd.img

(Selects the initrd image.)


After Booting in to the system.

Update the grub config file.

sudo update-grub

Reinstallation of grub on the device:

sudo grub-install /dev/sdX

This should the thing for the rescue part and your system should be good and running. If not you can save all your trouble by using Boot Repair. This is the tool used to repair your complete boot menu. It can be downloaded directly and used as a Live Boot CD or DVD. Here is the download link.


Startup Applications: automatic execution of the most used programs during every user login

During every login or bootup, the OS performs a number of tasks in the background to get the OS up and running and ready to be used. Customizations in Linux OS like Ubuntu can be done very easily, that allows an user to add any number of “custom” tasks or programs to the system to be performed every time the user logs in or boots up the OS.

We can choose a certain number of tasks to be automated, thereby reducing the repetitive work of the user to quite an extent. The tasks that can be automated include running a certain program like a custom system check that the user might want to view, or to run applications like the web browser with certain predefined websites. Or it can be automating system control programs that needs to be run during each bootup or even login. Ubuntu allows us to do these kind of automation in a very simple manner, by providing us a GUI based software called the “Startup Applications”.

Though this may provide a lot of convenience, it is important to remember not to overuse this feature. Users might face problems when a large number of tasks are provided or selected to be automated. The main problem this leads to is slowing down your system at startup. Hence, it is very important for the user to NOT over utilise this functionality and only automate the most required or used tasks.

So let’s begin. First thing to do is to open the Startup Applications. To do so, in the desktop Dash, type

Startup Applications

as shown in the image below.

Ubuntu Desktop - Startup applications

Click on the “Startup Applications” icon, and the Startup Applications window opens. It will look similar to the image below. Note that you might have a different set of entries in your window than the ones that can be seen in the image below.

Startup applications preferences

Once this is open, we can start with the automation of tasks. This posts will demonstrate some of the tasks, but many other tasks that are important to you can be added the same way. So here are a few examples

1 Starting a browser with a predefined web page

Every build of Ubuntu comes with Firefox inbuilt. We can use that to open websites that we check regularly. For example, I like to read Linux news, from the website “”. To open this website every time, click on the add button present on the upper right side of the Startup Applications window.

Another window opens. In the new window, type the following in the command field:

Firefox “”

Fill out the name as well and use the comment field to describe your new task. An example is shown in the image below. Once that is done, click on the “Add” button and you will see an entry named “lexr Linux news” (in this case) in the Startup Applications window.

Add startup program

This way, a browser can be opened automatically with any website or search query. For example, if the first thing you do is view the trade stock market, then you can click “Add” and enter the command to go directly to a trade website. Example:

Firefox “NASDAQ”

2 Running system management functions automatically

Certain system management functions or programs require to be started each time a user logs in. Consider the situation of system overheating experienced by many Ubuntu users. In this case, most of the users install a software called “TLP”. And in many cases, TLP doesn’t always start on its own automatically. In such a case, rather than to run it manually each time, the Startup Applications can be used to run it automatically, by following the similar steps. So, click on the “Add” button and use the following command in the command field:

sudo tlp start

For the name and the comment field, refer to the image below:

sudo tlp start

Unlike the first example, this example of TLP , the program is started in the background and not visible to the user. Thus in this way, a user can start a variety of background processes automatically that relate to system management functions.

3 Starting system monitoring programs

System monitoring programs are those that monitor and report the various functionalities of the system. An example can be a program to monitor the broadband bandwidth consumption or a custom program written by you to monitor system features like heat of the cpu or cpu utilisation ,etc. These programs are actually running in the background, but unlike the previous example of TLP type of programs, it can be brought to the foreground by either using icons on the top taskbar or an icon on the side taskbar. This too has a similar procedure as the two procedures above. So, click on the “Add” button of the Startup Applications and enter the commands to run it. An example would be the program to monitor cpu frequency and scaling tool. The image below shows an example. The user is also allowed to enter options along with commands.

Edit startup program

4 Editing and removing an automated task

There will be times when an automated task might no longer be needed or you might want to change the website that is loaded. In such cases, you would want to edit or remove the task. There might be situations when you have installed a program that automatically starts by itself and whose entry then can be found in the startup application window. Even that can be removed or edited.

  • To edit a task, simply select on the task to be edited and click on the “Edit” button on the right side of the Startup Applications window. Do the changes in the window that opens.
  • To remove a task, select the task to be removed and click on the “Remove” button. Please note that some of the edited or removed tasks might require a reboot to apply the changes.


We have seen how we can automate many of the user defined tasks to make our job a little bit simpler. The tasks might belong to one of the types shown above or it can be something completely different, but it can be assured that if it is repetitive, it can be automated. The Startup Applications are indeed useful when it comes to running multiple tasks. Still consider that this feature should not be exploited by using it excessively.


What is CloudLinux?

Reaching a high level of stability can be difficult, sometimes unachievable, for many shared hosting companies. Sudden resource usage spikes, increases in traffic, and hacker attacks are some of the problems system administrators cope with everyday. For years, this has been accepted as a cost of doing business. It costs money, it costs time and, more importantly, it costs customer trust. Therefore, it is time to consider changing the underlying OS to eliminate those costs.

CloudLinux was released to the market in 2010. Today, it is a must-have for any web host who cares about stability, security, and churn. It is used by more than 2,000 hosting companies on 20,000+ servers. CloudLinux is interchangeable with CentOS so any SysAdmin will feel right at home. Yet, it was specifically optimized for shared hosting. Web hosts that user CloudLinux report higher uptime, significant improvements in density (as much as 5x), 4x decrease in number of reboots, and 10x decrease in number of account suspension they have to perform. It has also produced a significant decrease in churn for a number of customers.

The software specifically made for web hosts running cPanel control panel with multiple accounts. If you are a shared host, or a design company that has to host sites on behalf of the client – CloudLinux is your friend.

CloudLinux + cPanel =


  • Improved stability by limiting the resources any single user can consume
    In shared hosting, the most common reason for downtime is a single account slowing down other accounts on the server. Using cPanel & WHM software with CloudLinux utilizes innovative Lightweight Virtual Environment (LVE) technology, improving the density and stability of your shared hosting environment for all tenants.
  • Advanced server security
    With unique CageFS technology, CloudLinux encapsulates each customer, preventing users from seeing each other and viewing sensitive information. It also prevents a large number of attacks, including most privilege escalation and information disclosure attacks.
  • Increased server efficiency
    By monitoring and containing resource spikes, CloudLinux eliminates the need to leave server resources idle, providing you with the ability to host twice as many accounts on your cPanel & WHM server.
  • Multiple PHP versions
    Using CloudLinux together with cPanel & WHM software gives your customers with the flexibility to choose the PHP version that they need. This includes versions 4.4, 5.2, 5.3, 5.4, and 5.5 as well as more than 50 PHP extensions and the ability to adjust php.ini settings.
  • Hardened kernel
    The shared hosting environment is unlike any other and the CloudLinux kernel takes that into account. It can protect against symlink attacks and trace exploits, while restricting the visibility of ProcFS to only what is necessary — making your cPanel & WHM servers more secure.
  • Admin interface within cPanel & WHM software to easily manage account usage
    Within cPanel & WHM, CloudLinux gives you and your clients the visibility and accessibility to see and control the exact resource usage of each website.

What value does offering CloudLinux bring to my cPanel clients?

As a cPanel Partner NOC, you can quickly activate CloudLinux via Manage2. You will be able to sell and license CloudLinux as well as receive a consolidated bill for both cPanel & WHM and CloudLinux. License configuration is available through our On-Demand license system via API or the Web.

Integrated Support

Because we highly value your immediate needs, we’re providing direct Enterprise, Priority, and Complimentary support for CloudLinux in the exact same fashion that we do for our core products. We’ve also integrated the CloudLinux support team into our ticket system to provide you with the best possible experience. Single-source support means that you will always receive our best for your web hosting services. You will also be entitled to submit tickets to CloudLinux support directly.

Integration with CloudLinux gives you a great opportunity to purchase its solutions at a discounted price and resell it to your customers. It also means using all the privileges of its Partner Program:

  • Additional revenue opportunities with excellent margins
  • Automated ordering through our API
  • Easy-to-use, IP-based licensing
  • Marketing support and content
  • Participation in joint press releases
  • Access to the Partner Portal
  • Unlimited 24/7 dedicated support, including elevation to developers, if required
  • Full set of materials, marketing assistance, and sales aids for successful promotion. CloudLinux is a devoted partner, committed to helping you grow your own business with all necessary marketing and sales tools.
  • Less downtime, more stability, and happier customers for shared hosts. This means faster growth and increased server use. As your customers’ servers become more stable, you can expect them to contact your support less frequently.
  • 24/7 dedicated technical support for your customers, removing some of the burden associated with dealing with OS-related issues. You don’t have to worry about anything — the highest level of our support service will satisfy even the most demanding client.

How to install and configure PrestaShop on Ubuntu 14.04

How to install and configure PrestaShop on Ubuntu 14.04

Version 1.0

This document describes how to install and configure PrestaShop on Ubuntu 14.04.  PrestaShop is a free, open source e-commerce solution. It supports payment gateways such as DirecPay, Google Checkout, Authorize.Net, Skrill, PayPal, PayPal Payments Pro (Direct) and EBANX Checkout via their respective APIs. Further payment modules are offered commercially.

PrestaShop is available under the Open Software License and officially launched in August 2007. The software, which is written in PHP and based on the Smarty template engine, is currently used by 165,000 shops worldwide. MySQL is the default database engine. PrestaShop is the winner of the 2010 and 2011 Best Open-source Business Application awards.

I do not issue any guarantee that this will work for you!

1 Preliminary Note

This tutorial is based on Ubuntu 14.04 server, so you should set up a basic Ubuntu 14.04 server installation before you continue with this tutorial. The system should have a static IP address. I use as my IP address in this tutorial and as the hostname.  You must have a LAMP server installed in Ubuntu 14.04 as mentioned in the tutorial to continue further.

2 Download

Download the package PrestaShop

cd /tmp

apt-get install unzip

Extract the file in the /var/www/html folder

unzip -d /var/www/html/

Appropriate permissions for PrestaShop needs to be done, as follows:

chown -R www-data:www-data /var/www/html/prestashop/

3 Database initialization

We need a database for PrestaShop, I will create  the database for the PrestaShop as follows:

mysql -u root -p

Here we are adding database=prestashopdb user=prestashopuser and password=prestashoppassword:

CREATE DATABASE prestashopdb;
CREATE USER prestashopuser@localhost IDENTIFIED BY ‘prestashoppassword';
GRANT ALL PRIVILEGES on prestashopdb.* to prestashopuser@localhost

Further moving ahead:


Restart services

service apache2 restart
service mysql restart

3 Web installation of PrestaShop

Now we will proceed with the PrestaShop web-installation. Open a browser of your choice and open the link http:

Select your language and press Next:

Select the check-box for accepting terms and conditions. Press Next:

Here setup will check your system-requirements for the PrestaShop, Press Next:


Now fill the entries as per your choice, as in my case I am using:

Shop name  :  Test-prestashop (Any name of your choice)
Main Activity  :  Computer and hardware ( As per your choice and requirement)
Country  :  Germany (Any value as per your choice)
First Name  :  Srijan (Any value as per your choice)
Last Name  :  Kishore (Any value as per your choice)
Shop password  :  howtoforge (Any value as per your choice)

Next we need to give the entries for the database to be used by PrestaShop, give the values as per the database created at your system. In m y case I will be using these values:

Database server address  :  localhost
Database name  :  prestashopdb
Database login  :  prestashopuser
Database password  :  prestashoppassword
Table prefix  :  ps_  or and value of your choice

After giving the values press Press your database connection now:

It will check the connectivity, after successful connection press Next:

It will initiate the installation.

The above screenshot shows the successful PrestaShop installation.

Next we need to remove the installation folder to proceed further, as follows:

rm -r /var/www/html/prestashop/install/

4 PrestaShop optimization

We can access the backend admin page of PrestaShop at URL

Put the credentials as selected at the time of installation. In my case it was and howtoforge.

It will be your default welcome screen.

Next Goto ADVANCED PARAMETERS, press Clear cache and  within CACHING select Use cache YES and press Save:

Now we are ready for the frontend, we can access it at

Congratulations! You now we have a fully functional PrestaShop instance on our Ubuntu 14.04 :)

5 Links

What is a virtual server

A Virtual Server


Whenever one opens up a web account, through an Internet Service Provider, a lot of software related services are provided. For instance, an account can come with the databases which are needed (such as SQL Server, or MySQL); the programming languages needed to develop a website (such as ASP.Net, PHP, PERL, etc.); the tools which are needed to create e-mail accounts; as well as an entire array of other software packages (such as creating an E-Commerce store, various Content Management Systems [like Joomla, Word Press, Drupal, Dot Net Nuke, etc.]).

All of these software services come to the end user via a Control Panel. This gives one the ability to manage all of these software services through one central point, and gives the look and feel of having your own server. This results in the image of actually owning a real server, with your own dedicated hardware. However, what you are really owning is what is known as a ‘Virtual Server’.

The Definition Of A Virtual Server

In order to create a Virtual Server, only one actual, physical server is used. Using specialized software, this physical server is then divided, or partitioned into multiple virtual servers. It is from within the virtual server that all of the software packages, as described up above, are installed, and available to the end user. More specifically, a virtual server can be defined as a server which shares computer resources and processing power with other virtual servers, and thus, is not a dedicated server.

One of the key components of a virtual server is the ability of it to use pooled (or shared) resources. This ‘pooling effect’ has a lot of strategic advantages to it, which are as follows:

  1. It greatly simplifies the entire network infrastructure, because of the reduced amount of actual, physical servers which are required;
  2. Software applications can be deployed quickly, which results in much greater performance and allows for software services to be available on demand;
  3. It helps to drastically reduce IT expenditures, which translates into lower costs for the for the business as well as the end user;
  4. Power consumption of the physical server can be distributed and used much more efficiently.

The Hypervisor

The ability of virtual servers to share resources amongst one another is done via the ‘Hypervisor’. This mechanism is actually a software program which allows the virtual servers to access the physical server’s Central Processing Unit (CPU). In order for a physical server to host virtual servers, it must have at least 6 to 12 core CPU’s, in order to effectively allocate the RAM, disk, and network input/output resources.

Of course, the more core CPU’s within the physical server the better, in order to ensure consistent performance across the spectrum of virtual servers which reside in it. Also, more core CPU’s allow for virtual server expansion without incurring any downtime whatsoever.

Virtual Server Schemes

There are four types of virtualization schemes which are available today:

  1. Full virtualization: Under this scheme, the hypervisor is needed to work directly with the resources of the physical server, as well as the operating system of each virtual server. The hypervisor ensures that each virtual server remains as its own entity, and also that the appropriate processing power is distributed to each virtual server;
  2. Para virtualization: With this scheme, the virtual servers are ‘aware’ of each other’s existence, and as a result, there is less dependency upon the hypervisor to monitor and allocate the appropriate amount of processing power needed by the virtual servers;
  3. Operating System (OS) Level Virtualization: With this, the hypervisor is not needed. Rather, the same type and kind of OS is used by all of the virtual servers. This is also known as a ‘homogenous virtualization environment’.
  4. LDAP Virtual Directories: This type of directory structure is used to create both Internet and Intranet related applications. This is done by sharing critical information as it relates to the business enterprise. This includes data about the employees, systems, services, and other IT components as it is made available throughout the entire corporate network.

Very often, there is confusion between an LDAP Virtual Directory and a database. The LDAP Virtual Directory gives you the additional tools, or methods, in which to update, add, or remove objects (such as the ones just described up above) from a directory tree structure. It is the database which gives you access to the LDAP Virtual Server, from which you can query the data about the objects.

Because of the ability of the LDAP’s Virtual Directory to move objects around, it possesses a number of key advantages such as:

  1. Greatly simplifying a businesses’ IT infrastructure;
  2. Much more efficient management of valuable IT resources;
  3. A substantial reduction in the Total Cost of Ownership (TCO);
  4. Effective reporting usage, with regards to IT metrics.

The following are examples when an LDAP Virtual Directory is typically used:

  1. During business merger and acquisition activity:

When business ownership changes hands, it can be very difficult to consolidate the IT assets of both (or more) organizations into one, unified entity. The LDAP Virtual Directory allows for a quick fix to this, because it can provide a unified view of multiple IT infrastructures;

  1. An LDAP Virtual Directory can consolidate multiple repositories of data:

Typically, businesses spread out their information and data across many repositories. This is done for a number of different reasons, such as security, different data file format types, and compliance. An LDAP Virtual Directory can merge of all these data repositories in real time, which can greatly aid the CEO/CIO/CFO into making sound business decisions;

  1. An LDAP Virtual Directory allows for the rapid deployment of applications:

Because of its ability to provide a unified view of all of the data repositories from within a business, software applications can be built in just a short of amount of time, and dynamically as well. As a result, this greatly simplifies the coding and QA testing processes, thus saving the business time and huge IT expenses;

  1. An LDAP Virtual Directory helps to prevent data leakage:

In any business setting, one of the key security policies is to give each employee just enough access to IT resources for them perform their respective job functions. If an employee has been given too much access, then ‘data leakage’ can occur. This is when an application (such as a database query) can literally return more confidential data than what the employee needs to have or know. An LDAP Virtual Directory greatly minimizes this security risk by only allowing the employee to access this confidential data when and where it is needed. In other words, data is not reproduced multiple times throughout the business.

  1. An LDAP Directory allows for a single point of administration:

Obviously, running multiple data repositories requires multiple views so that the information can be queried and accessed. This can be a huge burden not just from the standpoint of security, but it can also be a huge administrative burden as well, which can cost the business a lot of money. An LDAP Virtual Directory eliminates this need to have multiple views, because a single view (or point of administration) can be created very quickly and easily.

How to whitelist an IP in Fail2ban on Debian Wheezy

How to whitelist an IP in Fail2ban on Debian Wheezy

Fail2Ban is used to protect servers against brute force attacks. Fail2ban uses iptables to block attackers, so, if we want to add permanent IP address and never be blocked, we must add it in the config file.

First, edit the config file :

vi /etc/fail2ban/jail.conf

Then, check the line :

ignoreip =

Add now add all ip you want. Each IP or range IP must be placed here with a space. Ex:

Save. And restart Fail2Ban:

service fail2ban restart

That’s all.