fev 092021


Install and configure Fail2Ban to block attacking hosts using a null route or blackhole routes.

– Works on all kernel versions and as no compatibility problems (back to debian lenny and WAY further).
– It’s FAST for very large numbers of blocked ips.
– It’s FAST because it Blocks traffic before it enters common iptables chains used for filtering.
– It’s per host, ideal as action against ssh password bruteforcing to block further attack attempts.
– No additional software required beside iproute/iproute2
– Blocking is per IP and NOT per service, but ideal as action against bruteforcing hosts.

Continue reading »

Migrating opensource Zimbra 8.6.0 on Centos 6.8 to Zimbra 8.7.1 on Centos 7 safely and with no downtime

 Backup, CentOS 7 / RHEL 7, Clusterweb, ClusterWeb, Hospedagem, Leitura Recomendada, Linux, Profissional de TI, Programação, Redes, Servidor de E-mail, Zimbra  Comentários desativados em Migrating opensource Zimbra 8.6.0 on Centos 6.8 to Zimbra 8.7.1 on Centos 7 safely and with no downtime
dez 032020

A bit of history for the context

After running a Zimbra mail server in a 500Gb Virtual Machine, for about 4 years, the server started feeling a bit crowded and with  #df -h reporting less than 50Gb of space left, it was time to move to a larger machine.

The version I was (and still am) running is the open source version, there are no migration tools available as part of the package, although you can find plenty of tutorials on the web forums about how to rsync stuff between the old and the new server. I was not comfortable with that. For starters, there would be down time involved, but apart from that I would have to rsync between two identical servers, meaning that the new server would still need to be zimbra 8.6 and running on an identical Centos 6 machine.

There was also the fact that some time ago, the server did a very bad shutdown (due to a power failure), and the database had been corrupted, and every so often a problem or two would crop up in the logs. This became very evident when an upgrade to 8.7.1 failed miserably, and the only thing that saved the day was the backup from the previous night ! I was afraid that most likely, an rsync migration would also transfer the problematic data, and that it would be back to haunt me down the road.

Since I was going to have to go through all the aches and  pains of  a server migration  I wanted to end up not only with more space,  but also to move to a newer O.S., and a newer release, so rsync was out of the question.

Continue reading »

nov 092020

Do you want to compress or decompress (zip/unzip/rar/unrar) files on Google Drive, Then watch this video until the end!

To do this, I’m using Google Colab.

How To Install PHP 7.3 On Debian 9 / Debian 8

 Apache2, Clusterweb, ClusterWeb, Debian, Hospedagem, Leitura Recomendada, Linux, Profissional de TI, Ubuntu  Comentários desativados em How To Install PHP 7.3 On Debian 9 / Debian 8
fev 032020

This short tutorial is for installing PHP 7.3 on Debian 9 (Stretch) and Debian 8 (Jessie). With PHP 7.3 comes a number of bug fixes, new functionalities and features as well as a number of deprecations.

Continue reading »

set 132019


MariaDB is an open-source database management system, commonly used as an alternative for the MySQL portion of the popular LAMP (Linux, Apache, MySQL, PHP/Python/Perl) stack. It is intended to be a drop-in replacement for MySQL and Debian now only ships with MariaDB packages. If you attempt to install MySQL server related packages, you’ll receive the compatible MariaDB replacement versions instead.

The short version of this installation guide consists of these three steps:

  • Update your package index using apt
  • Install the mariadb-server package using apt. The package also pulls in related tools to interact with MariaDB
  • Run the included mysql_secure_installation security script to restrict access to the server

Continue reading »

Configure CentOS to Sync with NTP Time Servers

 CentOS 7 / RHEL 7, Clusterweb, ClusterWeb, Leitura Recomendada, Linux, Profissional de TI  Comentários desativados em Configure CentOS to Sync with NTP Time Servers
ago 012019

Over the years, We’ve encountered many questions on how to correctly configure our Linux hosts to sync time to our enterprise NTP Servers.

So, We thought why not create an article that outlines in the simplest form possible the correct way to configure the NTP Client to synchronize with NTP Servers.

Sync CentOS with NTP Time Servers

First of all, we need to install the ntpd and ntpdate clients on our Linux host. I’m using CentOS, but it’s the same in Ubuntu and so forth.

# yum install ntp ntpdate
# systemctl start ntpd
# systemctl enable ntpd
# systemctl status ntpd

Now let’s run the following command to configure the NTP Servers.

# ntpdate -u -s 0.centos.pool.ntp.org 1.centos.pool.ntp.org 2.centos.pool.ntp.org

What we’re doing is telling the ntpdate to use an unprivileged port for outgoing packets with the -u switch and to write logging output to the system syslog facility using the -s switch.

Next let’s restart the ntpd daemon.

# systemctl restart ntpd

Now let’s check if NTP synchronization is enabled and running.

# timedatectl

And for the last, we will set the hardware clock to the current system time using the -w switch.

# hwclock -w

Congratulations! You’ve now successfully set your NTP client on CentOS.

jul 172019


Proxmox VE 6.x introduces several new major features. Carefully plan the upgrade, make and verify backups before beginning, and test extensively. Depending on the existing configuration, several manual steps—including some downtime—may be required.

Note: A valid and tested backup is always needed before starting the upgrade process. Test the backup beforehand in a test lab setup.

In case the system is customized and/or uses additional packages (for example GlusterFS) or any other third party repositories/packages, ensure those packages are also upgraded to and compatible with Debian Buster.

In general, there are two ways to upgrade a Proxmox VE 5.x system to Proxmox VE 6.x:

  • A new installation on a new hardware (and restoring VMs from the backup)
  • An in-place upgrade via apt (step-by-step)

In both cases emptying the browser cache and reloading the GUI page is required after the upgrade.

Continue reading »

How to Install Let’s Encrypt on Apache2

 Apache2, Clusterweb, ClusterWeb, Debian, Linux, Profissional de TI, Redes, Segurança, Shell Script  Comentários desativados em How to Install Let’s Encrypt on Apache2
nov 052018

Improving your website security through encryption, even on the most basic servers, can increase your visitors’ trust in your site and your ability to run it. Setting up encryption on your web host has generally been complicated and expensive, which often deters administrators whose web applications might not depend on user input. Let’s Encrypt aims to change this by making implementing encryption on any website easier. They are an open and free project that allows obtaining and installing of certificates through simple, automated, commands.

Let's Encrypt Project Logo

Continue reading »

How To Configure Bind as a Caching or Forwarding DNS Server

 CentOS 7 / RHEL 7, Clusterweb, ClusterWeb, Debian, Dns, Leitura Recomendada, Linux, Profissional de TI, Redes, Segurança, Ubuntu  Comentários desativados em How To Configure Bind as a Caching or Forwarding DNS Server
set 272018


DNS, or the Domain Name System, is often a difficult component to get right when learning how to configure websites and servers. While most people will probably choose to use the DNS servers provided by their hosting company or their domain registrar, there are some advantages to creating your own DNS servers.

In this guide, we will discuss how to install and configure the Bind9 DNS server as a caching or forwarding DNS server on Ubuntu 14.04 machines. These two configurations both have advantages when serving networks of machines.

Continue reading »

How to Setup OpenVZ 7 on CentOS 7

 CentOS 7 / RHEL 7, Clusterweb, ClusterWeb, Linux, Profissional de TI, Redes, Ubuntu, Virtualização  Comentários desativados em How to Setup OpenVZ 7 on CentOS 7
set 172018

OpenVZ is a free open source software that provides container-based virtualization solution for Linux. OpenVZ 7 is the latest version of OpenVZ out there and it comes with Red Hat Enterprise Linux 3.10 kernel. This post is all about how to setup OpenVZ 7 on CentOS 7.x servers.

One Kernel, Many VM’s

OpenVZ creates multiple secure, isolated Linux containers (otherwise known as VEs or VPSs) on a single physical server enabling better server utilization and ensuring that applications do not conflict. Here, all the Linux containers share a single Kernel. Each container performs and executes exactly like a stand-alone server; a container can be rebooted independently and have root access, users, IP addresses, memory, processes, files, applications, system libraries and configuration files.

Continue reading »

Migration of servers to Proxmox VE

 Clusterweb, Profissional de TI, Proxmox, Segurança, Virtualização  Comentários desativados em Migration of servers to Proxmox VE
jun 222018


You can migrate existing servers to Proxmox VE. Moving Linux servers is always quite easy so you will not find much hints for troubleshooting here.

Windows systems specific P2V issues

inaccessible boot device

Booting a virtual clone (IDE) of a physical Windows system partition may fail with a BSOD referring to the problem

STOP: 0x0000007B (0xF741B84C,0xC0000034,0x00000000,0x00000000)

this means that the source physical windows machine had no support for IDE controller, or at least the one virtually replaced by kvm (see Microsoft KB article article for details): as Microsoft suggests, create a mergeide.reg file (File:Mergeide.zip) file on the physical machine and merge that in the registry, ‘before the P2V migration. Btw, it may not be necessary but should be no harm, anyway, and save you lots of time and headaches.

Continue reading »

mar 262018

I have wrote a post regarding on how to access ftp host using curl. And this time, let us look at how to mount the ftp host to a local directory on top of FUSE.

FUSE (Filesystem in userland) is a userland build on top of virtual filesystem, it allows you to implement functional filesystem in userspace application. Robson Braga Araujo wrote an app based on fuse and curl that allows you to mount a ftp host to a local directory, curlftpfs.

What is the benefit of mounting ftp host to a local directory?
The most obvious benefit is easing file management in ftp host. After mounting ftp host to a local dir, you can simply copy, move and delete files using command such as cp, mv, rm. You can easily transfer files from your localhost to ftp host and vice versa.

Continue reading »