Wednesday, 30 May 2012

To password protect your website make it private



To password protect your website, please follow these steps:

Log into your Linux web server via Secure Shell (SSH).
Change into the directory you wish to password protect.
Note: If you wish to protect your entire website us the following command:
1:cd /vservers/username/htdocs
2:Create a file called .htaccess using the following command:
pico .htaccess
3:Enter the following information:
AuthType Basic
AuthName "Please enter your Username and Password"
AuthUserFile /vservers/username/htdocs/.htpasswd
AuthGroupFile /dev/null
Require valid-user

4:Press ctrl+o to save the file.
5:Press ctrl+x to exit the file.
6:Create the .htpasswd file using the following command:
/usr/bin/htpasswd -c /vservers/username/htdocs/.htpasswd username
7:Enter the password you wish to use.
8:Re-enter the password.
9:Grant read access to each file using the following commands:
chmod a+r .htaccess
chmod a+r .htpasswd


Password protection by a single login:
Password files:

Create the directory you want to password protect (example: membersonly)
Create a file /home/domain/public_html/membersonly/.htaccess in that director that looks something like this:

     AuthName "Add your login message here."
     AuthType Basic
     AuthUserFile /home/domain/public_html/membersonly/.htpasswd
     AuthGroupFile /dev/null
     require user name-of-user
                   
In this case the "name-of-user" is the login name you wish to use for accessing the web site.
One can use Apache directives to specify access and restriction:
AuthName "Add your login message here."
     AuthType Basic
     AuthUserFile /home/domain/public_html/membersonly/.htpasswd
     AuthGroupFile /dev/null
     <Limit GET POST>
     require user name-of-user
     </Limit>

The name of the access file .htaccess is specified by the httpd.conf directive AccessFileName.
Create (or clobber if it already exists) the password file /home/domain/public_html/membersonly/.htpasswd using the program htpasswd:
         htpasswd -c .htpasswd name-of-user
         
Add a new user to the existing password file:
         htpasswd .htpasswd name-of-user
         
Man page: htpasswd
Example file: .htpasswd

user1:KgvCSeExtS4kM
USER1:KgvCSeExtS4kM
User1:KgvCSeExtS4kM

Placing Authentication directives in httpd.conf exclusively instead of using .htaccess:
The purpose of using the "distributed configuration file" .htaccess is so that users may control authentication. It can also be set in the Apache configuration file httpd.conf WITHOUT using the .htaccess file. This can improve server performance as the server will not have to look for the .htaccess file in each subdirectory.
File: httpd.conf (portion)
..
    ...

     <Directory /home/domain/public_html/membersonly>
     AllowOverride AuthConfig
     AuthName "Add your login message here."
     AuthType Basic
     AuthUserFile /home/domain/public_html/membersonly/.htpasswd
     AuthGroupFile /dev/null
     require user name-of-user
     </Directory>

    ...
    ..
</VirtualHost>

how to access through ssh amazon instance from ubuntu machine.


how to ssh amazon instance from ubuntu.

if you have the private key file of your amazon instance then its very easy to connect through ssh.

if you don't have the keys then login to your amazon interface instance and create the key instance.pem and instance.ppk

when you creat these both keys then download it you system. and saved it.

One key .pem is used for linux connectivity and .ppk is used for windows putty connectivity.

In ubuntu OS open your terminal and get the sudo rights.

Alt+Ctrl+T then type the command
sudo -s
your password:

go to your donwload folder and copy the keys to /home/yourname/.shh/ folder

cd /home/myname/Download/

cp instance.pem instance.ppk /home/myname/.shh

trach out your amazon host name like bitnami and type the command in terminal

shh -i instance.pem user@your.instance.amzon.com

you will get connected.

if you get the error

permission denied due to the public key is onpen to others. then change the permission of .pem file

chmod 600 instance.pem and again try to connect to server instance.

this time you will connected if you have right usernam and .pem key.

That's all
if you have any other question feel free to ask me

Regards:
imran 
shahmeer07 @skype

protect your directory with .htaccess and .htpasswd username and password


Do you want to password protect a directory on your website?

Lets suppose you want to protect the folder ‘secretfolder’ located on this path on your server:  home/user/domain/secretfolder

Password Protect Directory with htaccess
Step 1 – Create .htpasswd file with your desired username and password in any text editor (like Notepad) and save.
within the .htpasswd you will have the following info

abc:9476nIHW7Esgw

encrypt you password through some tool and put that here with username you can that from from here
http://www.4webhelp.net/us/password.php

Step 2 – Create .htaccess file with the code below. It can be created using any text editor (like Notepad) and saved without the .txt extension.

vim .htaccess

AuthUserFile /home/user/domain/secretfolder/.htpasswd # please the location of .htpasswd file should be known to you. if not don't wast your time.
AuthType Basic
AuthName "Login Details"
Require valid-user

Step 3 – Upload both these files in the same folder which you want to protect
Now whenever anyone accesses that directory or any files in it, they will be asked for login details. You web directory is now secure.


That's it

Enjoy your Security at layer 1.

Regards:
imran
skype: shahmeer07

daily used command in linux server maintenance


pwd
Print working directory, i.e., display the name of my current directory on the screen.
hostname
Print the name of the local host (the machine on which I am working). Use netconf (as root) to change the name of the machine.

whoami
Print my login name.

id username
Print user id (uid) and his/her group id (gid), effective id (if different than the real id) and the supplementary groups.

date
Print the operating system current date, time and timezone. For an ISO standard format, I have to use: date -Iseconds
I can change the date and time to 2000-12-31 23:57 using this command: date 123123572000
or using these two commands (easier to remember):
date --set 2000-12-31
date --set 23:57:00
To set the hardware (BIOS) clock from the system (Linux) clock, I can use the command (as root): setclock

The international (ISO 8601) standard format for all-numeric date/time has the form: 2001-01-31 (as in Linux default "C" localization). You can be more precise if you wish using, for example: 2001-01-31 23:59:59.999-05:00 (representing I milisecond before February 2001, in a timezone which is 5 hours behind the Universal Coordinated Time (UTC)) . The most "kosher" representation of the same point in time could be: 20010131T235959,999-0500. See the standard at ftp://ftp.qsl.net/pub/g1smd/8601v03.pdf.
time
Determine the amount of time that it takes for a process to complete + other process accounting. Don't confuse it with the date command (see previous entry). E.g. I can find out how long it takes to display a directory content using: time ls. Or I can test the time function with time sleep 10 (time the commands the does nothing for 10 seconds).
clock
hwclock
(two commands, use either). Obtain date/time from the computer hardware (real time, battery-powered) clock. You can also use one of this commands to set the hardware clock, but setclock may be simplier (see 2 commands above). Example: hwclock --systohc --utc sets the hardware clock (in UTC) from the system clock.

who
Determine the users logged on the machine.

w
Determine who is logged on the system, find out what they are doing, their processor ussage, etc. Handy security command.

rwho -a
(=remote who) Determine users logged on other computers on your network. The rwho service must be enabled for this command to run. If it isn't, run setup (RedHat specific) as root to enable "rwho".

finger user_name
System info about a user. Try: finger root . One can use finger with any networked computer that exposes the finger service to the world, e.g., I can do (try): finger @finger.kernel.org

last
Show listing of users last logged-in on your system. Really good idea to check it from time to time as a security measure on your system.

lastb
("=last bad") Show the last bad (unsuccessful) login attempts on my system. It did not work on my system, so got it started with: touch /var/log/btmp

"There's a good reason why /var/log/btmp isn't available on any sane set-up - it's a world-readable file containing login mistakes. Since one of the most common login mistakes is to type the password instead of the username, /var/log/btmp is a gift to crackers." (Thanks to Bruce Richardson). It appears the problem can be solved by changing the file permissions so only root can use "lastb":
chmod o-r /var/log/btmp
history | more
Show the last (1000 or so) commands executed from the command line on the current account. The "| more" causes the display to stop after each screenful. To see what another user was doing on your system, login as "root" and inspect his/her "history". The history is kept in the file .bash_history in the user home directory (so yes, it can be modified or erased).
uptime
Show the amount of time since the last reboot.

ps
(="print status" or "process status") List the processes currently run by the current user.

ps axu | more
List all the processes currently running, even those without the controlling terminal, together with the name of the user that owns each process.

top
Keep listing the currently running processes on my computer, sorted by cpu usage (top processes first). Press c when done.

PID = process identification.
USER=name of the user who owns (started?) the process.
PRI=priority of the process (the higher the number, the lower the priority, normal 0, highest priority is -20, lowest 20.
NI=niceness level (i.e., if the process tries to be nice by adjusting the priority by the number given). The higher the number, the higher the niceness of the process (i.e., its priority is lower).
SIZE=kilobytes of code+data+stack taken by the process in memory.
RSS=kilobytes of physical (silicon) memory taken.
SHARE=kilobytes of memory shared with other processes.
STAT=state of the process: S-sleeping, R-running, T-stopped or traced, D-uniterruptable sleep, Z=zombie.
%CPU=share of the CPU usage (since last screen update).
%MEM=share of physical memory.
TIME=total CPU time used by the process (since it was started).
COMMAND=command line used to start the task (careful with passwords, etc., on command line, all permitted to run "top" may see them!
gtop
ktop
(in X terminal) Two GUI choices for top. My favourite is gtop (comes with gnome). In KDE, ktop is also available from the "K"menu under "System"-"Task Manager".
uname -a
(= "Unix name" with option "all") Info on your (local) server. I can also use guname (in X-window terminal) to display the info more nicely.

XFree86 -version
Show me the version of X windows I have on my system.

cat /etc/issue
Check what distribution you are using. You can put your own message in this text file--it's displayed on login. It is more common to put your site-specific login message to the file /etc/motd ("motd"="message of the day").

free
Memory info (in kilobytes). "Shared" memory is the memory that can be shared between processes (e.g., executable code is "shared"). "Buffered" and "cashed" memory is the part that keeps parts of recently accessed files--it can be shrunk if more memory is needed by processes.

df -h
(=disk free) Print disk info about all the filesystems (in human-readable form).

du / -bh | more
(=disk usage) Print detailed disk usage for each subdirectory starting at the "/" (root) directory (in human legible form).

cat /proc/cpuinfo
Cpu info--it shows the content of the file cpuinfo. Note that the files in the /proc directory are not real files--they are hooks to look at information available to the kernel.

cat /proc/interrupts
List the interrupts in use. May need to find out before setting up new hardware.

cat /proc/version
Linux version and other info.

cat /proc/filesystems
Show the types of filesystems currently in use.

cat /etc/printcap |more
Show the setup of printers.

lsmod
(= "list modules". As root. Use /sbin/lsmod to execute this command when you are a non-root user.) Show the kernel modules currently loaded.

set|more
Show the current user environment (in full). Normally too much to bother.

echo $PATH
Show the content of the environment variable "PATH". This command can be used to show other environment variables as well. Use set to see the full environment (see the previous command).

dmesg | less
Print kernel messages (the content of the so-called kernel ring buffer). Press "q" to quit "less". Use less /var/log/dmesg to see what "dmesg" dumped into this file right after the last system bootup.

chage -l my_login_name
See my password expiry information.

quota
See my disk quota (the limits of disk usage).

sysctl -a |more
Display all the configurable Linux kernel parameters.

runlevel
Print the previous and current runlevel. The output "N5" means: "no previous runlevel" and "5 is the current runlevel". To change the runlevel, use "init", e.g., init 1 switches the system to a single user mode.

Runlevel is the mode of operation of Linux. Runlevel can be switched "on the fly" using the command init. For example, init 3 (as root) will switch me to runlevel 3. The following runlevels are standard:
0 - halt (Do NOT set initdefault to this)
1 - Single user mode
2 - Multiuser, without NFS (The same as 3, if you do not have networking)
3 - Full multiuser mode
4 - unused
5 - X11
6 - reboot (Do NOT set initdefault to this)
The system default runlevel is set in the file: /etc/inittab .
sar
View information extracted the system activity log file (/var/log/sarxx where xx is the current day number). sar can extract many kinds of system statistics including CPU load averages, i/o statistics, and network trafic statistics for the current day and (usually) several days backs.


Enjoy! 
comment if you have some good commands.

Regards:
imran shahmeer

custom commands linux centos

Find How Much Disk Space Is Being Used Show Display

#cd /var/
#du -hc --max-depth=1
#du -sh

how to show all repos
yum repolist all

how to clear cache of the server::
yum clean all

shwo installed version of the.

yum list installed | grep gd


how to install ftp server vsftpd and configure on centos


 yum list installed | grep ftp
 1083  yum install vsftpd
 1084  chkconfig vsftpd on
 1085  service vsftpd start

creat group
   groupadd ftp-users
   chown root:ftp-users /var/www/html/

adduser to ftp group 
  useradd -g ftp-users -d /var/www/html/ imran
create password for user.

 passwd imran

how to change password of ftp user.
  passwd imran
 enter new password;
 retype password: 

how to restrict and lock ftp user when not needed

passwd -l username{ftp user}

how to unlock the ftp user when needed

passwd +l username {ftp user}