Categories
General Operating System Programming Technical

Unix – Composer Issue

Problem

[ErrorException]                                                                          

“continue” targeting switch is equivalent to “break”. Did you mean to use “continue 2”?

SOLUTION

#1 composer self-update

#2 composer update

Categories
Operating System Unix

Unix Command Helper List

Mac Find PID using port unix

$ sudo lsof -i :80

Block IPV6 malicious connection

 vi /etc/sysconfig/ip6tables

-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

-A INPUT -m state –state NEW -m tcp -p tcp –dport 443 -j ACCEPT

-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT

service ip6tables restart
iptables restart

Find a specific word in Unix file

find . -type f -name "*.*" -exec grep -il "YOUR TEXT" {} \;

AWS package release

chkconfig --list httpd
 sudo chkconfig httpd on
 
 cat /etc/system-release

Count number of files in unix directory

find .//. ! -name . -print | grep -c //

Cat

cat file.php

hacker helper

https://dfarq.homeip.net/find-php-malware-linux/?cn-reloaded=1

LINUX Command = Better/Faster than SCP -> Rsync

rsync -av --progress --inplace --compress [email protected]:/path/to/sourceserver /path/to/newserversirectory

Copy as is – rsync with aws key

rsync -avz -e "ssh -i /root/xxxxxx.pem" [email protected]:/var/www/ /var/www/copywww/

tail

tail -n 20 xxx.php
tail -f

Memory space

df

du -skh .

Linux Iptables Setup Firewall For a Web Server

https://www.cyberciti.biz/faq/linux-web-server-firewall-tutorial/

yum list isntalled packaged

 yum list installed

Clam Antivirus

yum install clamav
yum-complete-transaction --cleanup-only
 /etc/init.d/iptables restart
 
 tail -f /var/log/httpd/access_log
 vim /etc/fail2ban/jail.conf 
 /etc/init.d/fail2ban start
  vim /etc/fail2ban/jail.conf 
   yum install fail2ban
   
   ps -ef
   
   vim notrace.conf 

IPTraf │ An IP Network Statistics Utility

yum install iptraf
iptraf 

   yum install iptraf
   iptraf 
   ps -ef
   ps -ef |less
   service httpd stop
   netstat -natu
   netstat -pnatu
   netstat -patu
   netstat -patu |less
   ps -ef
  yum install chkroo
   chkrootkit 
   yum search anti
   iptraf
   ps -ef | grep httpd
   ps -ef
   ps -aux
  yum install htop
   yum install perf
   perf
   perf stat
   ps -ef
   strace -p 4322
   yum -y  install strace
   strace -p 4322
   yum -y  install strace
   ps -ef
   strace -p 4522
   tail -f /var/log/httpd/error_log 

netstat -pvat

    netstat -pvat
    ls
    vim functions.php
    netstat -pvat
    tail -f /var/log/httpd/access_log
    tail -f /var/log/httpd/error_log 
    df
    du -skh
    df
    cd /var/log/
    ls
    df 
  du -skh
    du -skh *
    cd httpd/
    du -skh *
    ls -la
    rm error_log 
    df 
    df 
    touch error_log
    /etc/init.d/httpd restart
    tail -f /var/log/httpd/error_log 
    tail -f /var/log/httpd/access_log
    tail -f /var/log/httpd/access_log
    vin /etc/httpd/conf/httpd.conf
    vim /etc/httpd/conf/httpd.conf
    vim /etc/httpd/conf/httpd.conf
    vim /etc/httpd/conf.modules.d/
    vim /etc/httpd/conf.modules.d/00-proxy.conf 
    vim /etc/httpd/conf.modules.d/00-proxy.conf 
    /etc/init.d/httpd stop
    netstat -pvat
    netstat -pvatu
    /etc/init.d/httpd start

fail2ban

    yum search ban
    yum install fail2ban
    vim /etc/fail2ban/jail.
    vim /etc/fail2ban/jail.conf 
    /etc/init.d/fail2ban start
    vim /etc/fail2ban/jail.conf 
    lsof |grep fail
    tail -f /var/log/httpd/access_log
    /etc/init.d/iptables restart
    tail -f /var/log/httpd/access_log
    yum install clamav
  yum-complete-transaction --cleanup-only
    clamscan /vol/www/aptnewyork/
    freshclam 
    clamscan /vol/www/aptnewyork/
    clamscan /vol/www/aptnewyork/en
    clamscan -r /vol/www/aptnewyork/en
    clamscan -r /vol/www/aptnewyork/
    history
    clamscan -h

unix command Find word in files

     find . -type f -name "*.*" -exec grep -il "parse" {} \;
    vim /vol/www/aptnewyork/includes/parseRSS.php
     find . -type f -name "*.*" -exec grep -il "parseRSS.php" {} \;
    cd /vol/www/
    ls
    cd aptnewyork/
     find . -type f -name "*.*" -exec grep -il "parseRSS.php" {} \;
    cd en
     find . -type f -name "*.*" -exec grep -il "parseRSS.php" {} \;

Check yum installed modules

  yum list installed
  yum list installed | grep proxy
  yum list installed | grep 'proxy'
  yum list installed

khunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. rkhunter is notable due to its inclusion in popular operating systems (Fedora,[1] Debian,[2] etc.)

vim /etc/rkhunter.conf cooment following line

#SCRIPTWHITELIST=/usr/bin/GET



   yum search rkhunter 
   yum install rkhunter 
   yum install rkhunter.noarch
   yum search rkhunter 
   yum search perl
   

   rkhunter --update
   rkhunter --propupd
   vim /etc/rkhunter.conf
   rkhunter --propupd
   rkhunter
   rkhunter /vol
   rkhunter /vol/
   ls /
   rkhunter 
   rkhunter vol
   rkhunter --check --sk

Check users

  cat /etc/passwd
  tail -f /var/log/httpd/error_log 
  netstat -pnatu
  vim  /etc/sysctl.conf
  sysctl -p
  vi /etc/ssh/sshd_config
  netstat -pnatu
  /etc/init.d/httpd stop
  netstat -pnatu

  /etc/init.d/httpd start

  netstat -pnatu
  netstat -vnatu
  netstat -vnatu
  top
  netstat -nlp
  netstat -nl
  netstat -np
  netstat -npatu
  strace -p 21865
  vim /var/www/noindex/index.html
  mv  /var/www/noindex /var/www/SUSPICIOUSnoindex
  ls /etc/httpd/htdocs
  ls /etc/httpd
  strace -p 21865 | grep open
  strace -p 21865 -o open
  ls
  grep open 
  grep open open 
  cat open 
  strace -p 21865 -o open
  netstat -npatu
  service httpd restart

Associate process and PID

  netstat -npatu

Trace PID to source look at (open)
 strace -p 22193

display port

 vim /vol/www/aptnewyork/fr/./map_francois.php
 lsof
 lsof | grep php
  
 lsof | grep aptnewyork
 lsof | grep php
 lsof | grep vol

List installed Library php modules

   php -m
Categories
Operating System Version-control system

Where to find GIT command Helper ?

Successful Git Connection

ssh -Tvvv [email protected]

Copy Shh key from Macbook

pbcopy < ~/.ssh/id_rsa.pub

Generate SSH Key Github

$ ssh-keygen -t rsa -b 4096 -C "[email protected]"
$ eval "$(ssh-agent -s)"
$ ssh-add ~/.ssh/id_rsa (regular unix system)
$ ssh-add -K ~/.ssh/id_rsa (for macbook)

$ pbcopy < ~/.ssh/id_rsa.pub (for macbook)

Paste key into github

$ git remote add origin [email protected]:xxxxxx/xxxxxxx.git  
$ git remote -v 
$ git push -u origin master

SETUP REMOTE GIT

 git init
 git add .
 git status
 git commit -m "First commit"
 git remote add origin [email protected]:xxxxxx/xxxxxxx.git
 git remote -v
 git push -u origin master

Add Key to github

cat ~/.ssh/authorized_keys 
cat ~/.ssh/known_hosts 

SYNC GIT

git remote update

git fetch Downloads the latest from remote without trying to merge or rebase anything.

git fetch -- all

REMOVE untracked files

git clean -f -d

RESET BRANCH/FILE

-- force discard local changes —
git reset --hard origin/master 
-- force discard —
git reset --hard origin/<davidBranch_name> 
git checkout -f <localfile> 

COMMIT

git commit -m ‘My commit David Raleche’

Amend a COMMIT

git commit --amend

remove git add

git reset HEAD -file-

PUSH

git push origin <davidBranch>

CONFLICTED FILES

git diff --name-only --diff-filter=U GIT ADD git add <file> git commit -m “message of your commit” git push origin

GIT RESET ADD

git reset <file> git reset

(VERY DANGEROUS) REMOVING LAST COMMIT (VERY DANGEROUS)

git reset --soft HEAD~1
git reset --hard HEAD^

(VERY DANGEROUS)

GIT CHECKOUT SOMEONE ELSE REPO

git checkout --track origin/ECOM-307

Git Diff

git diff –name-only –diff-filter=U

Git log HELPER

git log –graph git log –oneline
Categories
AWS Operating System Unix

Incredible tutorial to more ‘RAM’ to your AWS EC2 instance

Source : https://www.digitalocean.com/community/tutorials/how-to-add-swap-on-centos-7

 

 

Check the System for Swap Information

Before we begin, we should take a look at our server’s storage to see if we already have some swap space available. While we can have multiple swap files or swap partitions, one should generally be enough.

We can see if the system has any configured swap by using swapon, a general-purpose swap utility. With the -s flag, swapon will display a summary of swap usage and availability on our storage device:

swapon -s

If nothing is returned by the command, then the summary was empty and no swap file exists.

Another way of checking for swap space is with the free utility, which shows us the system’s overall memory usage. We can see our current memory and swap usage (in megabytes) by typing:

free -m
             total       used       free     shared    buffers     cached
Mem:          3953        315       3637          8         11        107
-/+ buffers/cache:        196       3756
Swap:            0          0       4095

As you can see, our total swap space in the system is 0. This matches what we saw with swapon.

Check Available Storage Space

The typical way of allocating space for swap is to use a separate partition that is dedicated to the task. However, altering the partition scheme is not always possible due to hardware or software constraints. Fortunately, we can just as easily create a swap file that resides on an existing partition.

Before we do this, we should be aware of our current drive usage. We can get this information by typing:

df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        59G  1.5G   55G   3% /
devtmpfs        2.0G     0  2.0G   0% /dev
tmpfs           2.0G     0  2.0G   0% /dev/shm
tmpfs           2.0G  8.3M  2.0G   1% /run
tmpfs           2.0G     0  2.0G   0% /sys/fs/cgroup

Note: the -h flag simply tells dh to output drive information in a human-friendly reading format. For example, instead of outputting the raw number of memory blocks in a partition, df -h will tell us the space usage and availability in M (for megabytes) or G (for gigabytes).

As you can see on the first line, our storage partition has 59 gigabytes available, so we have quite a bit of space to work with. Keep in mind that this is on a fresh, medium-sized VPS instance, so your actual usage might be very different.

Although there are many opinions about the appropriate size of a swap space, it really depends on your application requirements and your personal preferences. Generally, an amount equal to or double the amount of memory on your system is a good starting point.

Since my system has 4 gigabytes of memory, and doubling that would take a larger chunk from my storage space than I am willing to part with, I will create a swap space of 4 gigabytes to match my system’s memory.

Create a Swap File

Now that we know our available storage space, we can go about creating a swap file within our filesystem. We will create a file called swapfile in our root (/) directory, though you can name the file something else if you prefer. The file must allocate the amount of space that we want for our swap file.

The fastest and easiest way to create a swap file is by using fallocate. This command creates a file of a preallocated size instantly. We can create a 4 gigabyte file by typing:

sudo fallocate -l 4G /swapfile

After entering your password to authorize sudo privileges, the swap file will be created almost instantly, and the prompt will be returned to you. We can verify that the correct amount of space was reserved for swap by using ls:

ls -lh /swapfile
-rw-r--r-- 1 root root 4.0G Oct 30 11:00 /swapfile

As you can see, our swap file was created with the correct amount of space set aside.

Enable a Swap File

Right now, our file is created, but our system does not know that this is supposed to be used for swap. We need to tell our system to format this file as swap and then enable it.

Before we do that, we should adjust the permissions on our swap file so that it isn’t readable by anyone besides the root account. Allowing other users to read or write to this file would be a huge security risk. We can lock down the permissions with chmod:

sudo chmod 600 /swapfile

This will restrict both read and write permissions to the root account only. We can verify that the swap file has the correct permissions by using ls -lh again:

ls -lh /swapfile
-rw------- 1 root root 4.0G Oct 30 11:00 /swapfile

Now that our swap file is more secure, we can tell our system to set up the swap space for use by typing:

sudo mkswap /swapfile
Setting up swapspace version 1, size = 4194300 KiB
no label, UUID=b99230bb-21af-47bc-8c37-de41129c39bf

Our swap file is now ready to be used as a swap space. We can begin using it by typing:

sudo swapon /swapfile

To verify that the procedure was successful, we can check whether our system reports swap space now:

swapon -s
Filename                Type        Size    Used    Priority
/swapfile               file        4194300 0     -1

This output confirms that we have a new swap file. We can use the free utility again to corroborate our findings:

free -m
             total       used       free     shared    buffers     cached
Mem:          3953        315       3637          8         11        107
-/+ buffers/cache:        196       3756
Swap:         4095          0       4095

Our swap has been set up successfully, and our operating system will begin to use it as needed.

Make the Swap File Permanent

Our swap file is enabled at the moment, but when we reboot, the server will not automatically enable the file for use. We can change that by modifying the fstab file, which is a table that manages filesystems and partitions.

Edit the file with sudo privileges in your text editor:

sudo nano /etc/fstab

At the bottom of the file, you need to add a line that will tell the operating system to automatically use the swap file that you created:

/swapfile   swap    swap    sw  0   0

When you are finished adding the line, you can save and close the file. The server will check this file on each bootup, so the swap file will be ready for use from now on.

Categories
AWS General Operating System

Redirect to https and www

The following .htaccess technique redirects qualified requests to the https and www versions of your web pages. Add to your site’s root .htaccess file:

# Canonical https/www

RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

This code does the following:

Checks if mod_rewrite is available
Check if the request does not include www
Checks if HTTPS is off,

No editing is required with this code; it’s entirely plug-n-play.