 |
Core-Admin Server admin easy |
In case you need to change password for the same account across all WordPress sites in a machine, you can use the follow Core-Admin Option.
See next article that explain how to change password for the same account at all WordPress installations found in a machine with Core-admin:
Posted in: Security, Wordpress, Wordpress Manager
Leave a Comment (0) →Hardware failure with #InnoDB #MySQL that is not recovering even with innodb_force_recovery?
Here is how to solve and fix the problem with #CoreAdmin (database reimport:
Posted in: Core-Admin, InnoDB, MySQL
Leave a Comment (0) →
We have just released new stable Core-Admin release. See all details at:
Core-Admin 1.0.7673 ‘My name is human’ stable release is ready!
Posted in: Releases
Leave a Comment (0) →Index
In some cases you need to configure URL redirection so your web page can present different pages according to a source URL without having to do this configuration inside webpage.
You will need to have access to a working #WebhostingManagement installation where to configure URL redirections.
URL redirection with #CoreAdmin is pretty straightforward. Click on the webhosting to manage and then go to URL redirect section as shown:
Then go:
Inside there you will be able to list, remove, edit and create new URL redirections. To create a new URL redirection here is how. Click on “Add URL redirect” and then fill the form:
All URL redirection configured is placed directly into Web server configuration, without touching your site .htaccess file (for example).
This makes possible to configure URL redirection not only for webpages with php but also for the rest of technologies available.
At the same time, this avoids any possibility to interfere with software doing .htaccess automatic changes like #Wordpress or #Prestashop.
It is known working cases where users are configuring more than 40.000 url redirections without any issue. It is not known where could be performance problems though 40.000 is a good number.
Posted in: #WebhostingManagement, Apache2, KB, Web hosting
Leave a Comment (0) →Index
By default, all certificates created by the #WebhostingManagement uses .PEM format, which is suitable for most configurations.
In the case you want to export one of these certificates to .PFX format, follow next steps.
You need to have a working #WebhostingManagement installation with a certificate already installed (completed or flagged as ready).
You will need Administrator rights too (application admin, machine admin or platform admin).
Get into the panel, click on the machine to manage or application (if you only have application admin rights) and click on the #WebhostingManagement application:
Then click to launch “export to .pfx” option:
Now select certificate to export. Only completed certificates (.CSR signed, sent to certificate authority, and got back response to complete certificate) and certificates flagged as ready will be showed for export.
After that, a window will appear with a link to download .pfx certicate. Click on it and your are done.
Posted in: Apache2, Certificates, Web hosting
Leave a Comment (0) →Index
In the case you have a message in Postfix queue that you want to bounce without having to wait for queue max life time reached, you can use the following command provided by core-admin-tools package:
Install/update package core-admin-tools if you don’t have command crad-bounce.pyc. For that, use:
>> crad-update.pyc -u >> crad-update.pyc -g
>> crad-bounce.pyc -b <postfixqueueid>
In such case, find message id to bounce using mailq as usual. For example:
>> mailq
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
6FC2068C00EF 7041 Wed Nov 29 19:11:08 soXXpeXX@josXXeasXXa.cXX
XXlos.AmXXamXX@XXale.XX
With this information, you can bounce the message by running:
>> crad-bounce.pyc -b 6FC2068C00EF
Posted in: Postfix
Leave a Comment (0) →Index
The following article explains what are the different wordpress upgrades available, what they cover, if they are automatic and which don’t. Those that are not automatic are considered manual and requires user intervention.
We also explain how you can disable these upgrades totally or partially using Core-Admin #WordpressManager.
Before considering disabling WordPress automatic updates, first keep on reading.
Automatic upgrades that can apply WordPress are always targeted to a very reduced and located inside WordPress engine. These upgrades are considered “minor” and only adds or fixes security features.
From WordPress webpage we have the following:
https://codex.wordpress.org/Configuring_Automatic_Background_Updates
Besides WordPress micro-updates (which only upgrades a very small and specific portion as we have said, never all WordPress engine), we have the following 3 categories that you can upgrade and apply to your WordPress:
Having this classification in mind, we can visualize that in one hand we have micro-updates (which are safe) and in the other, we have general updates that might include version change and might potentially break your web (no smooth upgrade).
As we have explained in previous sections, WordPress will never update automatically those parts that are not in WordPress’s control and that potentially might make your web stop working.
For that reason, WordPress only applies micro-updates.
For the same reason, WordPress never applies automatic updates without user intervention for WordPress engine, theme or plugins.
Those updates must be done and supervised by a specialized user, the site administrator/developer.
This way, the site developer/administrator can ensure that everything keeps working after upgrading and in such case, take actions if it stops working.
Next it is shown a table that summarises all available updates, its features, etc:
| Core Wordpress Micro-Updates |
Complete wordress engine updates |
Wordpress plugins updates |
Updates for the theme used by Wordpress |
|
|---|---|---|---|---|
| Are automatic? (no user intervention required) |
Yes | No, user must apply them manually |
No, user must apply them manually |
No, user must apply them manually |
| Can be disabled? | Yes | Yes, using Core-Admin Wordpress Manager | Yes, using Core-Admin Wordpress Manager | Yes, using Core-Admin Wordpress Manager |
| Is recommended to disable these updates? |
No | Yes, if you think it is possible these updaets might break current project state |
Yes, if you think it is possible these updaets might break current project state |
Yes, if you think it is possible these updaets might break current project state |
Use the following steps to limit part or all WordPress updates for a given installation.
Posted in: Wordpress, Wordpress Manager
Leave a Comment (0) →Index
Tor Network is an anonymizer network infrastructure, opened for everyone for use, that allows users to hide their location (mostly IP) or make it difficult to track (https://www.torproject.org/). As its function implies, it can be used to protect users from abuse and tracking.
However, you might be interested in have additional information about how Tor is used to access your services to implement analysis, apply policy or maybe blocking all traffic that might come from Tor (legitimate or not).
Due to the way Tor Network works, all exit nodes are public and can be downloaded. Combined with some tracking functions, it is possible to know if an IP belongs to Tor Network (as an exit node) or was part of it in the past.
Core-Admin provides an integration option that allows having all this information in an usable form so you can integrate it with your infrastructure:
For that, open #IpBlocker application as shown:
and then, click to configure:
After that, click to enable Tor Integration as shown:
After enabling it, you will have in your system, an up to database information about Tor Exit-Nodes that are active or were active in the past.
By enabling this basic integration you have different indications out of the box that can be used. Some of then are the following.
Support to get an indication if a Tor node is detected when checking #IpBlocker tool. That way you will be able to get additional information when checking attacks:
Also, you will also get additional information when requesting for a report about certain ip:
To start doing more advanced things, you might be interested in having all this information in a MySQL table (two tables) so you can implement your own queries.
This way, you can not only check, you can also make your application to tag, do quick searches or implement resource policy control and protection.
For example, you might want to deny or allow login if source connection is inside or not Tor Network.
To enable Tor Network integration with MySQL, follow next steps as shown, and input the database were you what the information to be exported and updated. You can configure several MySQL databases.
Core-Admin will keep that MySQL information updated, leaving the rest of the tables untouched. This can be used for empty dedicated MySQL or existing MySQL databases, with working data where a couple of tables will appear and keep updated so your application can access this information using current MySQL API.
In the case you don’t want any of your services to be available/reachable to any Tor Exit-Node, then use the following option. It will create automatically IP firewall blocking for all exit nodes found. These rules will be updated regularly removing old exit nodes, and adding new active exit nodes.
There are different options available through crad-ip-blocker.pyc tool. Run the following command to get information about them:
>> crad-ip-blocker.pyc --help | grep tor
also removes old blocking history (retaining last
--update-tor-exit-nodes-list
--find-all-tor-access
--check-tor-ip=IP[,IP2[,IP3]]
in tor (active,historic) network or not.
--export-tor-tracking-to-mysql-db=DBNAME[,DBNAME2[,DBNAME3]]
--dump-tor-tracking Allows to dump all tor tracking information current
stored.
--block-active-tor-nodes
Allows to block all tor actives nodes currently found.
/crad-ip-blocker.pyc --update-tor-exit-nodes-list to
--unblock-active-tor-nodes
active-tor-nodes. Use this option to remove all rules
created by --block-active-tor-nodes options.
Please, if you have a question or a comment, contact us at support@core-admin.com (https://www.core-admin.com/portal/about-us/contact).
Posted in: Blacklist, Firewall, Tor
Leave a Comment (0) →Index
By default, all hostings created with Core-Admin will have an individual user to ensure each hosting runs with isolated permissions.
This hosting user has no way to access through ssh, even it if opened ssh port and a password is configured.
This article, explain how to enable or disable ssh access for a given hosting using Core-Admin.
Be sure you have a firewall controlling SSH port (usually 22/tcp) to avoid leaving it open for everyone. It should be limited.
If you don’t have a firewall installed, use #Firewall manager. See the following manual to know how to configure it.
Use the following steps. You will need Administrator rights to complete these steps.
First, open #WebHostingManagement application like this:
Then, open available option to manage SSH access:
After that, select the right hosting to configure and if you want to enable or disable SSH access like this:
Once the process is completed, the system will present you a set of configuration notes ready to use:
In the case you want to disable SSH access, just follow same steps as described before but selecting “disable” inside “Ssh access”.
Use available option located at the top level tree:
Index
In the case you want to block a large amount of IPs (more that 500 ips/networks), then you might notice that default block-by-iptables setting is not fast enough, and it tends to create a large iptables rule set with a bad performance.
If this is your case, here is how to configure your #IpBlocker tool to use linux kernel ipset.
This option is not available for Debian Lenny, Debian Squeeze and Centos 6 due to poor or missing ipset support.
#IpBlocker is prepared to switch to block-by-ipset from block-by-iptables and viceversa anytime you need it. This includes cases where the firewall is already enabled and working with a working set of blocking rules.
To enable it, just follow next steps. Open #IpBlocker tool as shown (it needs administrator permissions):
Then, open configuration:
Then, select block-by-ipset in block mode and then save. If it is not available, please, update your core-admin installation. Depending on the number of rules your machine has, it might take a few minutes to switch to ipset:
If everything went ok, you will use #IpBlocker as usual (and the rest of the system too). No additional step is required because once it is done, it is transparent to the user and system.
Under ipset mode, core-admin install only a few rules inside iptables and ip6tables chain to link ipsets created.
>> iptables -S | grep set -A INPUT -m set --match-set core_admin_blacklist_ipv4_net src -j DROP -A INPUT -m set --match-set core_admin_blacklist_ipv4 src -j DROP -A FORWARD -m set --match-set core_admin_blacklist_ipv4_net src -j DROP -A FORWARD -m set --match-set core_admin_blacklist_ipv4 src -j DROP -A OUTPUT -m set --match-set core_admin_blacklist_ipv4_net src -j DROP -A OUTPUT -m set --match-set core_admin_blacklist_ipv4 src -j DROP
These “sets” are accesible running common ipset commands (do not minipulate them directly, use #IpBlocker application or crad-ip-blocker.pyc command line tool):
>> ipset list
Posted in: Blacklist, Security
Leave a Comment (0) →