OpenCart 3 PDF not loading>? FIX in Information pages?>

We had a strange bug in OC 3.x! When adding a PDF link outside of the OC files structure on the same domain name?!

mod_sec = nothing in my log’s, even with LiquidWEB TECH!

.htaccess NO LUCK HERE!

The fix! 

Just call your pdf file(s),  https / http ,.. link inside your image directory structure ! ,,… ,, like in create the OC directory “/image/catalog/terms (OR ANYTHING HERE), use filezilla to upload your PDF file(S). Your links or “image link” will still be visible when you will hit save in your Information(s) pages!

The bottom line is that you cannot call a non-OC directory, Ex,.: public_html/yournamehere/download/

I have a good idea why? Good SEC-JOB!

Enjoy!

Adding a hard drive in Centos 7

Whether installing a new physical hard drive to a server or adding an additional disk to your cloud server or VPS, you’ll need to configure CentOS to be able to use it.

We’re going to assume the drive is connected, so first of all, we need to find it.

First of all, we need to know the naming convention your server is using for drives, and we can find this with the ‘df’ command.

[user@server ~] df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/vda2       24733776 2521604  20942668  11% /
/dev/vda1        1007512  203260    751824  22% /boot

The two lines above show that this particular server is using the vd* notation, but sd* is also used.  Here the primary drive, vda, has two partitions – vda1 and vda2.

We can now use the following command to find other disks:

[user@server ~] ls -1 /dev/[sv]d[a-z]
/dev/vda
/dev/vdb

We can see both our original disk, vda, and the new disk vdb.  Now to create a filesystem the new disk with the ‘mkfs.ext4’ utility.

[user@server ~] sudo mkfs.ext4 /dev/vdb

This will just take a few seconds.

To use the new disk we now need to mount it.  When you’ve decided where you want to mount the disk, first create that folder on your server.  We’re going to use ‘home2’ for our disk.

[user@server ~] sudo mkdir /home2

We can now mount the disk to that location:

[user@server ~] sudo mount /dev/vdb /home2

Revisiting the df command we can now see that the new disk is mounted.

[user@server ~] df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/vda2       24733776 2521604  20942668  11% /
/dev/vda1        1007512  203260    751824  22% /boot
/dev/vdb        25000000     100  24999900   1% /home2

To ensure the disk is automatically mounted when the server is rebooted, we also need to add it to fstab.  Our preferred editor is ‘nano’ so we type

[user@server ~] sudo nano /etc/fstab

We add, to the end of the file, the line:

/dev/vdb /home2 ext4 defaults 0 0

Then CTRL + O to save and CTRL + X to exit.

The disk will now stay mounted after reboot and you can begin using it.

Stuck in Windows 10 S Mode even if you have formatted!

Good day, I had a issue with a new laptop Acer Swift that used Windows 10 S mode to prevent any installation of software not created by Microsoft! This is very annoying! Here is a quick fix to solve this problem.

  1. Download a fresh copy of windows 10 pro
  2. Burn it on a USB Key drive
  3. You will have to include (2) files on the new created USB Key drive

First you will need to create those 2 files using notepad

First file

ei.cfg < filename to create

Inside this file you will add those lines

[EditionID]
Professional
[Channel]
Retail

Now save the file on your local hard drive.

Second file

pid.txt

Inside this file you will add those lines

[PID]
Value=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX

You will need to type your Windows 10 Pro license

Now save the file on your local hard drive.

You will then need to copy those (2) files to the new created windows 10 Pro USB key.

Copy both files in the root of the key
Copy both files in /source

Reboot and install Windows 10 Pro.

Enjoy!

phpMyAdmin Internal 500 error when importing large database!

SYSTEM NFO’s

  • Fresh minimal install of CentOS Linux 7.6.1810
  • Webmin version 1.90
  • ConfigServer Security & Firewall 12.1
  • MariaDB default webmin/virtualmin install
  • LAMP
  • Phpmyadmin

I ran into problem trying to import a large database on a fresh CENTOS 7 test lab! After setting up value in php.ini (I am running PHP version 7.0.27). I was still not able to import the database in phpmyadmin.

Notice the Maximum execution time is set to 120 seconds

Even after changing this value for 240-500, 700 seconds…
I am still having issue importing the database!

Here is the fix,… you need to go in Virtualmin

1. Select the virtual server
2. Navigate to -> Server Configuration -> Website Options
3. In Website and Php options navigate to Maximum Php script run time

I checked “Unlimited” and hit “Save”

Voilà, I am able to import this large database without any errors!

For security reason I suggest that you put back the default value after your importation is finish!

Enjoy!

 

Fix RDP not Saving Password / Credentials

After upgrading to Windows 10, I have had some issues with a couple of RDP connections that wouldn’t store the username and password (credentials). Despite ticking the box to save the credentials, it would always prompt me to enter the password.

Here’s how to fix the issue with RDP not saving the login information, which should work not just on Windows 10, but also other versions of Windows if you have the same problem:

Click Start and type “GPEDIT.MSC” to search for the shortcut to the Windows Group Policy Editor.

Right-click the gpedit.msc shortcut and click run as Administrator.
(Ignore any popups about errors if you get any when the Group Policy Editor console opens up).

Browse to Local Computer Policy > Computer Configuration > Administrative Temples > System > Credentials Delegation

Double click the setting called “Allow delegating default credentials with NTLM-only server authentication” to edit it.

Change the setting to “Enabled” and then click the “Show…” button in the “Options:” window where it says “Add servers to the list:”.

Double click the field below “Value” (with the black arrow to the left) and type in “TERMSRV/*” (without the double quotes).

Click Ok and then Ok again to close both popups, so that you only see the list of settings again.

Now just repeat the exact same for these three policies as well:
Allow delegating default credentials
Allow delegating saved credentials
Allow delegating saved credentials with NTLM-only server authentication

Close the Local Group Policy Editor and RDP should now work as expected again!

hummm,.. reboot needed on some system!>>? wtf!

Enjoy!

Install OrangeScrum Centos 7

First you will need to install LAMP (Linux, Apache, Mysql, PHP) on a fresh Dedicated standalone server! (Do not install on a VPS)

Here is a good online tutorial about deploying LAMP on CentOS

Disable SeLinux?

Edit the /etc/selinux/config file to set the  SELINUX parameter to  disabled, and then reboot the server.

I have noticed after turning back “on” SeLinux after the full installation bellow, that the server is holding!

Still a lot of testing to do but! Working 😉

Install Apache

# sudo yum install httpd

Once installed, you can start Apache

# sudo systemctl start httpd.service

The last thing you will want to do is enable Apache to start on boot. Use the following command to do so:

# sudo systemctl enable httpd.service

How To Find your Server Public IP

If you do not know what your server’s public IP address is, there are a number of ways you can find it. Usually, this is the address you use to connect to your server through SSH.

From the command line get your IP address by typing:

# curl https://ipinfo.io/ip

I suppose you already have proper DNS Server setup!

If you don’t have proper DNS just use your server local IP by running the following command:

# ip a

Install MySQL (MariaDB)

# sudo yum install mariadb-server mariadb

When the installation is complete, we need to start MariaDB with the following command:

# sudo systemctl start mariadb

Now that our MySQL database is running, we want to run a simple security script that will remove some dangerous defaults and lock down access to our database system a little bit. Start the interactive script by running:

# sudo mysql_secure_installation

The prompt will ask you for your current root password. Since you just installed MySQL, you most likely won’t have one, so leave it blank by pressing enter. Then the prompt will ask you if you want to set a root password. Go ahead and enter Y, and follow the instructions:

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorization.

New password: password
Re-enter new password: password
Password updated successfully!
Reloading privilege tables..
… Success!

For the rest of the questions, you should simply hit the “ENTER” key through each prompt to accept the default values. This will remove some sample users and databases, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.

The last thing you will want to do is enable MariaDB to start on boot. Use the following command to do so:

# sudo systemctl enable mariadb.service

Install PHP

We can once again leverage the yum system to install our components. We’re going to include the php-mysql package as well:

# sudo yum install php php-mysql

This should install PHP without any problems. We need to restart the Apache web server in order for it to work with PHP. You can do this by typing this:

# yum search php-

If you are running a firewall, run the following commands to allow HTTP and HTTPS traffic: At the same time let’s open port 3000 for Node.js!

# sudo firewall-cmd –zone=public –add-port=80/tcp –permanent

# sudo firewall-cmd –zone=public –add-port=443/tcp –permanent

# sudo firewall-cmd –zone=public –add-port=3000/tcp –permanent

# sudo firewall-cmd –reload


INSTALL NODE JS ON CENTOS 7

Login to your Server via SSH

# yum update

Update the system and install necessary packages

# yum install curl sudo

Install Node.js and npm from the NodeSource repository
We will install Node.js v6 LTS and npm from the NodeSource repository which depends on the EPEL repository being available.

To enable the EPEL repository on your CentOS 7, issue the following command:

# sudo yum install epel-release

Once the EPEL repository is enabled run the following command to add the Node.js v6 LTS repository:

# curl –silent –location https://rpm.nodesource.com/setup_6.x | sudo bash –

If you want to enable the Node.js v8 repository instead of the command above run the following command:

# curl –silent –location https://rpm.nodesource.com/setup_8.x | sudo bash –

Once the NodeSource repository is enabled we can proceed with the Node.js v6 LTS and npm installation:

# sudo yum install nodejs

Install the Node.js and NPM build tools

To compile and install native add-on from the npm repository we also need to install build tools:

# sudo yum install gcc-c++ make

To verify if the Node.js installation was successful, issue the following command:

# node -v

The output should be like the following:

v6.11.5

Verify npm installation
To verify if the npm installation was successful, issue the following command:

# npm -v

The output should be like the following:

3.10.10

Test the installation
If you want to test the installation, create a test file:
nano hello_world.js

and then add the following content:

const http = require(‘http’);
const port = 3000;
const ip = ‘0.0.0.0’;

http.createServer(function (req, res) {
res.writeHead(200, {‘Content-Type’: ‘text/plain’});
res.end(‘Hello World’);
}).listen(port, ip);

console.log(server is running on ${ip}:${port});

Start the node web server by issuing the following command:

# node hello_world.js

the output should be like the following:

server is running on your_server_IP:3000

Test the installation

If you now visit http://your_server_IP:3000 from your browser, you will see ‘Hello World’.

Note: You must open the port 3000 in your firewall

Now enable the “NODEJS_HOST” with your server details under ‘define(“NODEJS_HOST’,”);'[ex: http://your IP:3000/]
on ‘app/Config/constants.php


INSTALL FOREVER ON CENTOS

If you have nodejs and npm installed on CentOS, you should be able to install forever by calling:

# npm install forever -g


INSTALL ORANGESCRUM ON CENTOS

First let’s start by ensuring your system is up-to-date.

# yum clean all

# yum -y update

Install required PHP modules

# yum -y install epel-release

# yum -y install php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mssql php-snmp php-soap php-tidy curl curl-devel

Installing Orangescrum

# wget https://github.com/Orangescrum/orangescrum/archive/master.zip

After downloading Orangescrum you will need to unzip master.zip. To do this, run:

# yum install unzip

# unzip master.zip

# mv orangescrum-master /var/www/html/

We will need to change some folders permissions:

# chown apache:apache -R /var/www/html/

I am still missing something here for the 0777

Configuring MariaDB for Orangescrum

By default, MariaDB is not hardened. You can secure MariaDB using the mysql_secure_installation script. You should read each steps below carefully which will set root password, remove anonymous user, disallow remote root login, and remove the test database in your MariaDB (MySQL) Server:

# mysql_secure_installation

Configure it like this:

  • Set root password? [Y/n] y
  • Remove anonymous users? [Y/n] y
  • Disallow root login remotely? [Y/n] y
  • Remove test database and access to it? [Y/n] y
  • Reload privilege tables now? [Y/n] y

Next we will need to log in to the MariaDB console and create a database for the Orangescrum. Run the following command:

# mysql -u root -p

This will prompt you for a password, so enter your MariaDB root password and hit Enter. Once you are logged in to your database server you need to create a database for Orangescrum installation:

CREATE DATABASE orangescrum;
CREATE USER ‘orangescrumuser’@’localhost’ IDENTIFIED BY ‘PASSWORD’;
GRANT ALL PRIVILEGES ON orangescrum.* TO ‘orangescrumuser’@’localhost’ IDENTIFIED BY ‘password’ WITH GRANT OPTION;
FLUSH PRIVILEGES;

Username : orangescrumuser
Password : PASSWORD *CAP is important here!~
Database : orangescrum

Next you need to import the data from the database.sql file located in the /var/www/html/ directory:

# cd /var/www/html/

# mysql -u orangescrum -p password < database.sql

Next, By default STRICT mode is set to on in MySQL. You will need to disable it:

# nano /etc/my.cnf

Find and change or add the line from:

sql_mode=”STRICT_TRANS_TABLES,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION”

To:

sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES

Next step, Now you need to change the post_max_size and upload_max_filesize to 200M in the php.ini file:

# nano /etc/php.ini

Find and change those values

post_max_size=200M

upload_max_filesize=200M

You may use those commands:

cp /etc/php.ini /etc/php.ini.bak sudo sed -i "s/post_max_size = 8M/post_max_size = 200M/" /etc/php.ini sudo sed -i "s/upload_max_filesize =2M/upload_max_filesize = 200M/" /etc/php.ini

Configuring Apache web server for Orangescrum

We will create Apache virtual host for your Orangescrum website. First create ‘/etc/httpd/conf.d/vhosts.conf’ file with using a text editor of your choice:

# nano /etc/httpd/conf.d/vhosts.conf

Add this value

IncludeOptional vhosts.d/*.conf

Next, create the virtual host:

# mkdir /etc/httpd/vhosts.d/

# nano /etc/httpd/vhosts.d/yourdomain.com.conf

Add the following lines:


ServerAdmin webmaster@yourdomain.com
DocumentRoot “/var/www/html/”
ServerName yourdomain.com
ServerAlias www.yourdomain.com
ErrorLog “/var/log/httpd/error_log”
CustomLog “/var/log/httpd/access_log” combined
DirectoryIndex index.html index.php Options FollowSymLinks AllowOverride All Require all granted

Save and close the file. Restart the apache service for the changes to take effects:

# systemctl restart httpd.service

Configure Orangescrum

Now you need to edit the database.php file to update the database connection details:

# nano /var/www/html/app/Config/database.php

Change the file as shown below, Save and close the file when you are finished:

class DATABASE_CONFIG {

public $default = array(
        'datasource' => 'Database/Mysql',
        'persistent' => false,
        'host' => 'localhost',
        'login' => 'orangescrumuser',
        'password' => 'PASSWORD',
        'database' => 'orangescrum',
        'prefix' => '',
        'encoding' => 'utf8',
);

Next, you need to provide your valid email address and password for SMTP, and update the FROM_EMAIL_NOTIFY and SUPPORT_EMAIL configurations in the constants.php file:

# nano /var/www/html/app/Config/constants.php

Change the following lines as per your need:

//Gmail SMTP
define(“SMTP_HOST”, “ssl://smtp.example.com”);
define(“SMTP_PORT”, “465”);
define(“SMTP_UNAME”, “email@example.com”);
define(“SMTP_PWORD”, “[Your email password]”);

define(‘FROM_EMAIL_NOTIFY’, ’email@example.com’); //(REQUIRED)
define(‘SUPPORT_EMAIL’, ‘ email@example.com ‘); //(REQUIRED) From Email
define(“DEV_EMAIL”, ’email@example.com’); // Developer Email ID to report the application error

define(‘SUB_FOLDER’, ‘/’);

Save and close the file when you are finished.

Have fun!

[print-me]

NOTES: This post is not finish yet! Still in trial and error phase. 1-16-2019 

# mysql -u root -p orangescrum < /var/www/html/database.sql

# nano /var/www/html/app/Config/database.php

7 Days to Die Alpha 17 Release

With over 3 million copies sold on PC (digital download), 7 Days to Die has redefined the survival genre, with unrivaled crafting and world-building content. Set in a brutally unforgiving post-apocalyptic world overrun by the undead, 7 Days to Die is an open-world game that is a unique combination of first person shooter, survival horror, tower defense, and role-playing games.

If you don’t want to deal with that sort of thing you may wish to consider waiting until the stable build is released. It has been mentioned that TFP would love to do a 3 week or less experimental. Hopefully things work out in their favor so that those of you waiting on the stable build don’t have to wait all that long.

A17 Experimental from 7daystodie

Navezgane awaits!

OHHH YESSSS!!! 6:23pm Montreal Local Time!

Lynis and CISOfy Anniversaries

Anniversaries: Lynis project (11 years) and CISOfy (5 years)

The Lynis project celebrated its 11th birthday last week! Also, Lynis 2.7.0 was released last week. Did you already upgrade?

If you think about it, it is rare. Just a handful of open source security projects reach the age of 10 years AND are still actively maintained. The secret? As its project founder, I believe it is dedication, involving the community, and helping others with sincere promotion.

Staying committed

It is hard for developers to stay involved with a project on a daily basis, especially if one has a full-time job and personal commitments.

To ensure the Lynis project would not suffer from the same issue, the company CISOfy was founded 5 years ago. The first priority for the company was getting the project back on its tracks and enhance its code.

Another special milestone is that we also reached a point where both the open source version and a commercial offering (demo) can co-exist. They increase value in both directions.

So let me take this moment to thank the community and also our customers who trust our solution. Both the standalone tool and solution would have been very different without your feedback and suggestions!

Michael (and team)

Software Repository
https://packages.cisofy.com/

Love your Work!

Installing Teamspeak on Centos 7

Teamspeak is a VOIP server that can be used for teams or multiple people to communicate. It is relatively lightweight, and secure, as updates are released regularly.

How to install Teamspeak on a CentOS instance.

Prerequisites

Before we begin, you’ll need:

  • CentOS 7 system (64 bit only).
  • 512 MB of RAM or higher.
  • wget (utility used for downloading files).
  • nano or vim (any text editor is fine).

Installation

Prerequisites

Update the system packages. This may take some time.

yum update -y

Install tools needed for this tutorial.

yum install nano wget perl tar net-tools bzip2 -y

Installation

Add an unprivileged user to run Teamspeak. When prompted, enter your desired password.

useradd ts
passwd ts

Retrieve the Teamspeak server software.
Make sure you have the latest release here

cd ~
wget http://dl.4players.de/ts/releases/3.0.13.8/teamspeak3-server_linux_amd64-3.5.0.tar.bz2

Extract the Teamspeak tarball and copy all of the files to our unprivileged user’s home directory.

tar -xvf teamspeak3-server_linux_amd64-3.5.0.tar.bz2
cd teamspeak3-server_linux_amd64
cp * -R /home/ts

Remove temporary files.

cd ~
rm -rf teamspeak3-server_linux_amd64
rm -rf teamspeak3-server_linux_amd64-3.5.0.tar.bz2

Grant the appropriate permissions to our ts user.

chown -R ts:ts /home/ts

Create a Systemd service for Teamspeak.

nano /lib/systemd/system/teamspeak.service

Paste the following:

[Unit]
Description=Team Speak 3 Server
After=network.target
[Service]
WorkingDirectory=/home/teamspeak/
User=ts
Group=ts
Type=forking
ExecStart=/home/teamspeak/ts3server_startscript.sh start inifile=ts3server.ini
ExecStop=/home/teamspeak/ts3server_startscript.sh stop
PIDFile=/home/teamspeak/ts3server.pid
RestartSec=15
Restart=always
[Install]
WantedBy=multi-user.target

Save and exit.

Reload Systemd units.

systemctl --system daemon-reload

Make Teamspeak run on startup.

systemctl enable teamspeak.service

Starting, stopping and restarting

Controlling Teamspeak is simple. You can control Teamspeak with the following command:

systemctl (option) teamspeak.service

Replace (option) with start, stop, or restart.

For now it will not start! Check the notes at the bottom of this post,

P.S If you are running a standalone Centos you may change the location in the configuration to /var/www/html/(Teamspeak).

Configuring the firewall

CentOS 7 no longer uses iptables. As an alternative, CentOS 7 comes with firewalld by default.

Find the default zone. On Vultr instances running CentOS 7, the default zone is public.

firewall-cmd --get-default-zone

Open the default ports for Teamspeak. If each rule is added successfully, the output will read “success”.

firewall-cmd --zone=public --permanent --add-port=10011/tcp
firewall-cmd --zone=public --permanent --add-port=30033/tcp
firewall-cmd --zone=public --permanent --add-port=9987/udp

Reload firewalld.

firewall-cmd --reload

Congratulations! You’ve successfully created a Teamspeak server. You can connect to it with the Teamspeak Client. Sorry, for mobile they have a paid version for iPhone and Android! Hummm

Teamspeak on Centos

This is what it should look when you are connected!

NOTES :

– Make sure you CHOWN all files to ts:ts
– Create this empty file where your server directory is located to accept the license terms .ts3server_license_accepted
– To retrieve the privilege key you need to check the Logs in the /Logs directory where you installed your Teamspeak server

Enjoy!