VirtualMIN is not working yet on CentOS 8!

Good day!

I ran into problem when I decided to test drive the new CentOS 8 on my test lab. The install was good until I tried to install VirtualMIN! No luck it’s not compatible yet and will take a while to be compatible “Webmin” is compatible and working smooth!

I would suggest you stick with CentOS 7.

So far CentOS 8 is quite interesting. 😉

CentOS 8 Updated Features

Desktop Environment
Unlike previous CentOS versions where the default installation did not include a GUI, the CentOS 8 default desktop environment is GNOME 3.28. What’s more, the GNOME Display Manager now uses Wayland as the default display server (as opposed to the X.org server).

The newest GNOME (nicknamed Chongqing) includes a number of useful features including:

Extended Device Support
GNOME is now integrated with Thunderbolt 3 connection support. Whenever Thunderbolt 3 establishes a connection and becomes active, you will get notified. This feature allows you to monitor all connections closely and detect any security breaches or attempts at data breach or theft.

New Boxes Feature. There are a couple of new features included in GNOME’s application for managing remote and virtual machines. The updated version simplifies the process of creating virtual environments with its automatic downloading of operating systems. Also, its drag-and-drop feature lets you easily transfer files between machines.
New On-Screen Keyboard. The GNOME team rewrote the on-screen keyboard for the newest release in an attempt to resolve the pressing UI issues. Now, the feature has a variety of layouts supported for different locales, automatic keyboard activation, and view-shift, so the user has a clear view of the text when writing.

Upgraded UI. The new desktop environment also has several additional features added to improve UI, as well as UX. This includes multi-monitor handling, direct window handling, improved scaling, to list a few.

Networking
As far as networking features, there are two major updates:

CentOS now comes with the TCP Networking Stack version 4.16.
The default packet filtering framework used is nftables.
Most of all, these changes ensure better stability, scaling, and performance.

nftables replaces iptables, iptablesip6table, arptables, and ebtables, serving as a single framework for IPv4 and IPv6 protocols. In addition, the firewalld deamon will also use the same subsystem for filtering network transactions as its default backend.

Cockpit Web Console
The open web-based interface, Cockpit, now comes as part of the new CentOS release. Use this platform to easily manage your servers through a web console interface. Perform system tasks, create and manage virtual machines, configure networks, start containers, and inspect logs all via web browser.

Cockpit is highly integrated. Not only does it have an embedded terminal allowing you to switch from terminal to browser at any time, but it also works on mobile devices.

Therefore, when you install CentOS 8 it will automatically set up the Cockpit web console, along with opening the required firewall ports. However, you do not worry about it burdening the system. The software is quite efficient as it uses memory and CPU only when active.

Software Management
CentOS 8 comes with the YUM package manager version v4.0.4, which now uses DNF (Dandified YUM) technology as its backend. DNF is the next generation of YUM and the new OS version lets you use both for managing packages.

Integrated with DNF technology, the latest release has a much-improved software management system. It’s increased performance, has well-defined APIs, and support for modular content, software AppStreams for cloud, container workloads, and CI/CD.

Virtualization
CentOS version 8 comes with KVM (qemu-kvm 2.12) that supports:

A 5-level paging feature, extending the size of virtual addresses and increasing the addressable virtual memory.
User-Mode Instruction Prevention (UMIP), a security feature restricting access to user-space applications to system-wide settings.
Ceph storage, providing block storage capabilities on all RHEL CPU architectures.
Q35 machine type to which all the virtual machines are pre-set (the machine type includes a native PCIe hotplug, IOMMU, Secure Boot and many other newly integrated features).
Compatibility between NVIDIA vGPU and the VNC console.
A sandboxing feature, introduced by the QEMU emulator, to ensure secure code testing.

Upgraded Security
The CentOS team has improved security features to ensure data protection and prevent breaches. The latest release will now have OpenSSL 1.1.1 which by default includes TLS 1.3. This ensures that all your data, as well as your clients’ data, will be cryptographically protected.

Also, the OS comes with a system-wide cryptographic policy which means you will not have to modify security configurations for individual applications.

Install PHP 7.3 in CentOS 7

Good day! Here are the steps to install PHP v. 7.3 in CentOS 7

Step 1: Add PHP 7.3 Remi repository

PHP 7.3 is available for CentOS 7 and Fedora distributions from the Remi repository. Add it to your system by running

# sudo yum -y install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
# sudo yum -y install epel-release yum-utils

Step 2: Disable repo for PHP 5.4

By default, the enabled repository is for PHP 5.4. Disable this repo and enable on for PHP 7.3

# sudo yum-config-manager –disable remi-php54
# sudo yum-config-manager –enable remi-php73

Step 3: Install PHP 7.3 on CentOS 7

Once the repo has been enabled, install php 7.3 on CentOS 7 or Fedora using the command

# sudo yum -y install php php-cli php-fpm php-mysqlnd php-zip php-devel php-gd php-mcrypt php-mbstring php-curl php-xml php-pear php-bcmath php-json

Check version installed

# php -v

Enjoy!

The robertdavidgraham masscan!

This indicates detection of an attempted scan from Masscan port scanner.
Port scanners are used to probe computer networks to see which ports or services are available. An attacker may utilize a scanner to identify what services the target system is running and perform further attacks based on its findings. This signature detects for HTTP traffics associated with Masscan.

Affected Products

All web servers.

Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions
Monitor the traffic from the network for any suspicious activity.

Other References
https://github.com/robertdavidgraham/masscan

Log Example:

138.68.247.104 – – [10/Nov/2019:21:56:30 -0500] “GET / HTTP/1.0” 301 229 “-” “masscan/1.0

Flushing the swap file in Webmin without rebooting

Flushing the Swap file (Virtual Memory):

# swapoff -a && swapon -a

Disabling the Swap File:

# sudo swapoff -a

Permanently Disabling the Swap File:

# nano /etc/fstab

And # hash out the line indicated as swap then reboot:

/etc/fstab
/dev/mapper/centos-root / xfs defaults 0 0
UUID=5cd945c2-5ca7-48c5-b67b-0f3610534e8f /boot xfs defaults 0 0
/dev/mapper/centos-home /home xfs defaults 0 0
# /dev/mapper/centos-swap swap swap defaults 0 0

Remove Webmin Logo in Login Screen

Good day!

I am running the latest version: Webmin v1.932

I was searching for a while on how to remove the Webmin logo in the login screen and other stuff related to the Webmin admin page!

Here is the solution that worked for me.

Locate session_login.cgi” and edit it in here…,  /usr/libexec/webmin/authentic-theme/session_login.cgi and remove the Webmin heading and logo by taking out the code lines below:

Look for the line code: #114 to #119 and remove the code.

print '<i class="wbm-webmin"></i><h2 class="form-signin-heading">
<span>'
. (
&get_product_name() eq 'webmin'
? $Atext{'theme_xhred_titles_wm'}
: $Atext{'theme_xhred_titles_um'}
) . '</span></h2>' . "\n";

I removed the “must enter username and password…” text code by removing the line #126:

print '<p class="form-signin-paragraph">' .
&Atext('login_message') . '<strong> ' . $host .
'</strong></p>' . "\n";

Here is the semi-final result:

NOTE: After a Webmin update you will have to redo all steps!

We are not done yet!

Now let’s remove the “Login to Webmin” in the browser tab title.

Locate the file in /usr/libexec/webmin/authentic-theme/authentic-lib.pm

Comment out lines #1749 to #1755 to remove the page title.

Now verified that the title is gone! You will see your *”domain name” instead of the “Login to Webmin” title.

We are almost done here!

Now let’s remove or change the Webmin favicon.ico

Navigate to /usr/libexec/webmin/ and locate the favicon.ico and rename it to favicon.ico-renamed. Upload your own favicon.ico in /usr/libexec/webmin/

Here is the final result:

My last suggestion would be to change your webmin port 10000 to another one.

Here you go!

7 Days to Die Alpha 18 Release

With over 2.5 million copies sold on PC (digital download), 7 Days to Die has redefined the survival genre, crafting and world-building content. Set in a brutally unforgiving post-apocalyptic world overrun by the undead, 7 Days to Die is an open-world game that is a unique combination of first person shooter, survival horror, building, and role-playing games.

The best update so far!

Deploy date to public : 10-07-2019 (12:45pm Est Time)

Enjoy!

EARTH DAY!

“Well! We have just one!

 

Add a Swap file on CentOS 7

Step 1: Open a terminal window

# su –  or # sudo -s

Step 2: Creation of the Storage File for the new swap file

Type the following command to create 512MB swap file (1024 * 512MB = 524288 block size):

# dd if=/dev/zero of=/swap bs=1024 count=524288

If you don’t want to have to reboot use the following commands:
(This is useful for debugging automout issue)

524288+0 records in
524288+0 records out
536870912 bytes (537 MB) copied, 3.23347 s, 354 MB/s

1. if=/dev/zero : Read from /dev/zero file. /dev/zero is a special file in that provides as many null characters to build storage file called /swap.
2. of=/swap : Read from /dev/zero write storage file to /swapf.
3. bs=1024 : Read and write 1024 BYTES bytes at a time.
4. Count=524288 : Copy only 523288 BLOCKS input blocks.

Step 3 : Secure the new created swap file

Setup the correct file permission:

# chown root:root /swap
# chmod 0600 /swap

A world-readable swap file is a huge local vulnerability.

Step 4: Set up a Centos 7 swap area

Type the following command to set up a Linux swap area in a file:

# mkswap /swap

Sample outputs:

Setting up swapspace version 1, size = 524284 KiB
no label, UUID=0e5e7c60-bbba-4089-a76c-2bb29c0f0839

Step 5: Enabling the swap file

Finally, activate /swap swap space immediately, enter:

# swapon /swapfile1

Step 6: Update /etc/fstab file

To activate /swap after CentOS 7 system reboot, add entry to /etc/fstab file. Open this file using a text editor such as nano:

# nano /etc/fstab

Copy & Paste the following line:

/swap none swap sw 0 0

Save and close the file.

Verify if your swap file is activated?

# free -m

total       used       free     shared    buffers     cached
Mem:          1876       1798         77          0        119       1440
-/+ buffers/cache:        237       1638
Swap:         4607          0       4607

Display swap usage summary

# swapon -s

Filename				Type		Size	Used	Priority
/dev/sda6                               partition	4194296	0	0
/swap                                   file		524280	0	0

Another option is to view /proc/meminfo file:

# less /proc/meminfo
# grep -i –color swap /proc/meminfo

SwapCached:        30748 kB
SwapTotal:       6291448 kB
SwapFree:        6154008 kB

Optional, test the new swap file:

# swapoff -a
# swapon -a

Enjoy!

OpenCart 3 PDF not loading>? FIX in Information pages?>

We had a strange bug in OC 3.x! When adding a PDF link outside of the OC files structure on the same domain name?!

mod_sec = nothing in my log’s,

.htaccess NO LUCK HERE!

The fix! 

Just call your pdf file(s),  https / http ,.. link inside your image directory structure ! ,,… ,, just create the OC directory “/image/catalog/terms (Or any name), use filezilla to upload your PDF file.

The bottom line is that you cannot call a non-OC directory, Ex,.: public_html/yournamehere/download/

must be located inside the OC structure:

public_html/yournamehere/image/catalog/…

Enjoy!