AWS Monster | Your Technical Partner

AppArmor is a kernel enhancement to confine programs to a limited set of resources. AppArmor's unique security model is to bind access control attributes to programs rather than to users. AppArmor confinement is provided via profiles loaded into the kernel via apparmor_parser, typically through the /etc/init.d/apparmor SysV initscript (on Ubuntu, Follow the below link for details), which is used like this: # /etc/init.d/apparmor start # /etc/init.d/apparmor stop # /etc/init.d/apparmor restart # sudo apparmor_status AppArmor can operate in two modes: enforcement, and complain or learning: enforcement - Profiles loaded in enforcement mode will result in enforcement of the policy defined in the profile as well as reporting policy violation attempts to syslogd. complain - Profiles loaded in "complain" mode will not enforce policy. Instead, it will report policy violation attempts. This mode is convenient for developing profiles. To manage complain mode for i

Since Ubuntu 16.04 timedatectl / timesyncd (which are part of systemd) replace most of ntpdate / ntp.  timesyncd is available by default and replaces not only ntpdate, but also the client portion of chrony (or formerly ntpd). So on top of the one-shot action that ntpdate provided on boot and network activation, now timesyncd by default regularly checks and keeps your local time in sync. It also stores time updates locally, so that after reboots monotonically advances if applicable. Accurate time keeping is important for a number of reasons in IT. This setup is the best practice that helps with problem diagnosis and informal server monitoring. I am living in Asia that's why i'm using this pool. Install Chrony and Configure The NTP server: # sudo apt install chrony # vi /etc/chrony/chrony.conf #pool 2.debian.pool.ntp.org offline iburst server 0.asia.pool.ntp.org iburst server 1.asia.pool.ntp.org iburst server 2.asia.pool.ntp.org iburst server 3.asia.pool.ntp.org iburst

Static configurations usually need IP addresses as well as DNS resolvers plus routing. In this tutorial, we will cover Linux static configuration on Ubuntu 16.04. Note: We have three(03) networking interfaces including  loopback(lo) etho0 = ipv4 eth1 = private LAN &  eth2 = ipv6 . Step 1. Edit the /network/interfaces file # vi /etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 94.37.87.2XX netmask 255.255.252.0 gateway 94.37.X.1 dns-nameservers 8.8.8.8 8.8.4.4 dns-search datahead.biz auto eth1 iface eth1 inet dhcp auto eth2 iface eth2 inet6 auto Step 2. Restart the networking service (or reboot) Once you are confident the change has been made, and if you don’t want to reboot you can just restart the networking service. # sudo /etc/init.d/networking restart After doing this, and provided you don’t get any errors, your primary network interface should now be configured with the st

A hostname is a label that identifies a machine on the network. You shouldn’t use the same hostname on two different machines on a same network..You might ask yourself why you would need to change your hostname? The most common scenarios would be due to a domain name change, your business has changed its course, or because you have thought of something better. The hostname is used by many of the networking programs (such as sendmail, Apache servers) to identify the machine. By default, your server is started with the server’s given name as the hostname. Some software, such as cPanel, CWP , VestaCP requires a valid Fully Qualified Domain Name (FQDN) for the hostname. Types of hostnames (The hostname can be configured as follows): Static host name assigned by sysadmin. For example, “server1”, “wwwBot2”, or “host.datahead.biz”. Transient/dynamic host name assigned by DHCP or mDNS server at run time. Pretty host name assigned by sysadmin/end-users and it is a free-form UTF8 ho

There are many Open Source Hosting Control Panel comes with predefined firewall. VestaCP uses Iptables+Fail2ban . But sometimes the UFW firewall is the default firewall that ships standard with the Ubuntu Linux Distribution. UFW stands for Uncomplicated Firewall. We are removing ufw because we will use CSF (ConfigServer Security & Firewall :- requires correct iptables configuration on host server) , So We will not remove default IPtables . To enable the ufw firewall, open a new Terminal window and execute the following command: # sudo ufw enable To disable the ufw firewall, open a new Terminal windows and execute the following command: # sudo ufw disable To view the status of the ufw execute the below command: # sudo ufw status To remove UFW completely # sudo apt remove --auto-remove ufw # sudo apt purge ufw # sudo apt purge --auto-remove ufw # sudo apt remove ufw How to remove firewalld from Ubuntu 16.04 (Xenial Xerus)? Uninstall firewalld To remove just firew

In This Tutorial, We will update ICU system package  from 50.2  to 64.1  but the latest package is not available in repo. So we will build it manually then we will compile PHP-FPM 7.2.X again. # cd /home/datahead/public_html/ # php bin/symfony_requirements # icuinfo | grep version # yum list available | grep libicu How to Install Latest ICU system package for Presta 1.7.6.3 on CWP7? # cd /usr/local/src # wget http://download.icu-project.org/files/icu4c/64.1/icu4c-64_1-src.tgz # tar -xvf icu4c-*.tgz # cd icu/source/ # sed -i '/#define __UCONFIG_H__/a #define UCONFIG_ENABLE_PLUGINS 1' common/unicode/uconfig.h # ./configure --prefix=/usr --bindir=/usr/bin --libdir=/usr/lib64 --datadir=/usr/share --enable-plugins # make -j4 && make install # reboot # icuinfo | grep version Compile  PHP-FPM 7.2.X Now We need to compile PHP-FPM 7.2.X again as describe in below snapshot. Select everything except  pgsql, pdo-pgsql, mongodb ,  recode, & sqlsrv and save cust

May be you are confused after reading our Tutorial Part 1 . Don't be confused, we will proceed step by step. We have a domain (www.datahead.biz) , So we will use it for our Prestashop.  I am assuming that you have root access to your CWP Server.  At first create an account for that domain, i mean host your domain on CWP server. Below the snapshot describes that how to host a domain. I hope you can do that. 1. Go to Home Directory of that hosted Domain and Download Prestashop 1.7.6.3 . Now unzip the downloaded file. # cd /home/datahead/public_html/ # wget https://download.prestashop.com/download/releases/prestashop_1.7.6.3.zip # ll total 60888 -rw-r--r-- 1 datahead datahead 5069 Jan 24 2017 index.html -rw-r--r-- 1 root root 62340959 Feb 2 02:21 prestashop_1.7.6.3.zip # unzip prestashop_1.7.6.3.zip Archive: prestashop_1.7.6.3.zip inflating: prestashop.zip inflating: index.php inflating: Install_PrestaShop.html 2. Fix the Accou

If you planning to run online eCommerce business but you can't find any solutions then PrestaShop is right solutions for you. But PrestaShop has special system requirements to run online store. Many hosting provider are ready to provide high speed hosting/server etc but they didn't meet the Presta System Requirements. We found PrestaShop requirements from their official website. It describes all the details on their website and you will be confused to read that guide. However Section 1 & Section 2 describes  the minimum system requirement for PrestaShop Installation. Section 1:  Minimum System Requirements for PrestaShop 1.7 A domain name (or a subdomain/subfolder) Recommended web server: Apache 2.x, Nginx PHP 5.6+ , MySQL 5.0+ installed with a database created FTP access (ask your hosting service for your credentials) Configuration In the PHP configuration (php.ini file) set memory_limit to "128M" and upload_max_filesize to "16M" (or mo