• Announcements

    • MannDude

      Current state of vpsBoard   02/04/2017

      Dear vpsBoard members and guests:

      Over the last year or two vpsBoard activity and traffic has dwindled. I have had a change of career and interests, and as such am no longer an active member of the web hosting industry.

      Due to time constraints and new interests I no longer wish to continue to maintain vpsBoard. The web site will remain only as an archive to preserve and showcase some of the great material, guides, and industry news that has been generated by members, some of which I remain in contact to this very day and now regard as personal friends.

      I want to thank all of our members who helped make vpsBoard the fastest growing industry forum. In it's prime it was an active and ripe source of activity, news, guides and just general off-topic banter and fun.

      I wish all members and guests the very best, whether it be with your business or your personal projects.

      -MannDude
Awmusic12635

[HIRING] Guide / Tutorial Writers For Knowledgebase

8 posts in this topic

Subnet Labs is looking for technical writers to write and submit unique guides and tutorials to expand our knowledgebase

 

Requirements:

 

  • Must be written in correct English with proper grammar
  • Must be fully unique and cannot have been posted elsewhere
  • Must be on a topic not already posted (series are allowed)
  • Screenshots or terminal output provided
  • Proper descriptions given and fully explained
  • Must be Linux based

To get an example of what we are expecting you can visit the knowledgebase: http://impactvps.com/knowledgebase/

 

Articles will be posted under your name and you will be given credit.

 

Payment:

 

$25 per article (via paypal) or $50 account credit

 

Contact alex[at]subnetlabs.com with any questions or to submit an article

 

 

Share this post


Link to post
Share on other sites

Good to see a shop investing more in their client support materials.  Good luck with this!

Share this post


Link to post
Share on other sites

Haha thanks though I am looking for unique and well written content.

How someone can create a unique article for topic like "How to login to cpanel"?  :D

Share this post


Link to post
Share on other sites

How someone can create a unique article for topic like "How to login to cpanel"? :D

I'd prefer no simple one paragraph articles at this time until the knowledgebase is more fleshed out.

Share this post


Link to post
Share on other sites

Good for SEO, but very competitive.

Duplicate content (through sold KB articles) will kill your SEO. Google takes that very seriously.

 

https://moz.com/learn/seo/duplicate-content

https://support.google.com/webmasters/answer/66359?hl=en

 

Proceed with caution, if you're buying a KB article pack. 

 

Nothing against the guys who make it, but if you're publishing content that isn't unique, you're going to have a bad time with Google.

Share this post


Link to post
Share on other sites

  • Similar Content

    • By HalfEatenPie
      There are a wide range of server and network monitoring software available out there. Just to name a few, you have Munin, Nagios/Icinga, Zabbix, PRTG, and of course ServerStatus by Mojeda and Mun.

      All those alternatives are fantastic. I could talk about the key benefits of every single monitoring software. However, for this tutorial we'll be jumping into something more general: Observium. Observium is "an autodiscovering network monitoring platform supporting a wide range of hardware platforms and operating systems..." While Observium's main focus is network monitoring, it also includes some hardware monitoring components available making it a pretty well-rounded monitoring platform.

      If you're already an Observium veteran, then fantastic! At the very bottom I'll be including some minor changes to the configs and additional modules I'm using in addition to Observium. Feel free to take a gander if you wish.

      Before we start, shoutout to @mitgib for getting me started on this several years ago when I was first fiddling around with monitoring systems! You're the man!

      The contents of this tutorial will be broken down into multiple posts due to certain limitations. We'll start with setting up the Observium server, setting up the Observium client, then end with minor tweaks and additional modules available. However, this tutorial will not touch upon the Unix Agent since... ehh... I think it's incredibly finicky and there's not a whole lot of documentation available. The instructions for the Observium Server is also available here on Observium's Wiki.

      Observium Server

      Jumping right in, we're going to be install Observium on a Debian 7 server. This is because Observium is actually developed on Ubuntu and Debian systems. However, RHEL and CentOS instructions are available here for those of you who are interested, and for the monitoring portion we'll include instructions on how to monitor RHEL and CentOS Servers. Just note Observium doesn't provide assistance on RHEL/CentOS or any other installations that aren't Ubuntu or Debian. For the purpose of this tutorial, we're going to assume you're running as the root user (because permission and whatnot).

      Begin by running:

      apt-get update While it may sound trivial, you want to download the latest package lists from the repositories. Anyways now install the packages required to run Observium:
      apt-get install libapache2-mod-php5 php5-cli php5-mysql php5-gd php5-mcrypt php5-json php-pear snmp fping mysql-server mysql-client python-mysqldb rrdtool subversion whois mtr-tiny ipmitool graphviz imagemagick Observium runs on top of Apache, MySQL, PHP, RRD, and NetSNMP (as well as Graphviz and fping). During the package installation process, you're going to receive a prompt to provide the MySQL Root password. Provide a secure password since that's pretty important and make sure you don't forget it!
      Create the directory Observium is going to operate out of:

      mkdir -p /opt/observium && cd /opt For the purpose of this tutorial, we're going to be using the Community/Open Source Edition of Observium. Download and unpack it.
      wget http://www.observium.org/observium-community-latest.tar.gz tar zxvf observium-community-latest.tar.gz You're going to have a new folder in your /opt/ folder named observium. Change to that folder:
      cd observium Login to the MySQL Command Line by typing:
      mysql -u root -p Provide the MySQL Root Password you set earlier. From here you'll notice the mysql>. This is the MySQL shell. From here, we're going to be creating our database and assigning a new user all permissions to the new database. From the MySQL Shell, enter:
      https://paste.ee/p/mr1Wy Link (Note: Moved to Paste.ee due to IPB not accepting SQL Commands)
      Now exit the MySQL Shell by typing:

      exit Now we'll find ourselves back in Bash and in /opt/observium folder. Lets copy the default configuration and edit it for our system.
      cp config.php.default config.php nano config.php Update the config.php file with the proper MySQL database information.
      Let's setup the default schema for the MySQL Database:

      php includes/update/update.php We're going to create the directory Observium will store it's logs. In addition, we'll also be creating the directory to store the RRD data files as well as modify the permissions:
      mkdir logs mkdir rrd chown www-data:www-data rrd Now this tutorial is assuming your server will only be running Observium for the webserver. This can be modified by using vHosts, however that's outside the scope of this tutorial. Open the default apache configuration file:
      nano /etc/apache2/sites-available/default and I'd suggest changing it to this:
      <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /opt/observium/html <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /opt/observium/html/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined ServerSignature On </VirtualHost> Note: For those of you who are using Ubuntu 14.04, use this Apache2 Config...
      Spoiler
      <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /opt/observium/html <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /opt/observium/html/> Options Indexes FollowSymLinks MultiViews AllowOverride All Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined ServerSignature On </VirtualHost>
      With the apache2 config files edited, we're going to enable a few modules. Enable the PHP mcrypt module:

      php5enmod mcrypt Now enable the Apache module rewrite to "prettify" Observium's URLs:
      a2enmod rewrite apache2ctl restart Now add the administrator account (level 10) to Observium:
      cd /opt/observium ./adduser.php <username> <password> 10 Finally, setup the cronjob so that it discovers new hardware and polls our servers regularly by:
      nano /etc/cron.d/observium and entering this as the contents:
      33 */6 * * * root /opt/observium/discovery.php -h all >> /dev/null 2>&1 */5 * * * * root /opt/observium/discovery.php -h new >> /dev/null 2>&1 */5 * * * * root /opt/observium/poller-wrapper.py 2 >> /dev/null 2>&1 Note: The last line of the above cronjob shows "/opt/observium/poller-wrapper.py 2". Older versions of Observium used the outdated poller.php which only created a single poller instance. This was great for initial testing or just a low number of servers, but for a large volume of servers this wasn't enough. poller-wrapper.py was then included with more recent Observium installations which created however many processes defined (in this case, 2). Change the number after poller-wrapper.py to the number of cores or instances you wish to run/use (e.g. for a VPS with four CPUs you can change the number to 4).
      Great! You've installed Observium Server! Now point your browser to http://<Server IP> and be on your way!

      Observium Client

      Observium mainly utilizes two types of pollers, SNMP and the Unix Agent. Only SNMP will be covered in this tutorial. The Unix Agent can/will be featured in a future post, or someone else can do it who knows.

      This tutorial will help you install and configure SNMP for CentOS, RHEL, Debian, and Ubuntu servers. This tutorial will not help you configure SNMP for Windows Server or other clients, however there are resources available to help you with that.

      To start, install the SNMPD package:
      For CentOS and RHEL:

      yum install net-snmp net-snmp-libs net-snmp-utils For Debian and Ubuntu:
      apt-get install snmpd To make life easier, we're simply going to scrap the default SNMPd Configurations:
      echo "" > /etc/snmp/snmpd.conf Now open the blank SNMPd configuration:
      nano /etc/snmp/snmpd.conf Enter the following configurations:
      rocommunity COMMUNITYNAME <OBSERVIUM SERVER IP> syslocation LOCATION syscontact [email protected] operates with the community strings, therefore you can change COMMUNITYNAME to something else (a single word though, no spaces or punctuations are accepted). For the purpose of this tutorial I'll be using vpsBoard. After you type in the community name enter your server IP (to prevent reflection attacks). syslocation is metadata used by Observium and other snmp services. Under LOCATION, enter the System's physical location, for the purpose of this tutorial I'll be using "Dallas, Texas, United States". syscontact is additional metadata required by SNMP. Frequently I just enter one of my own email addresses. In the spoilers is a sample configuration of snmpd.conf.

      Spoiler
      rocommunity vpsBoard 8.8.8.8 syslocation Dallas, Texas, United States syscontact [email protected]
      With the SNMPd configurations done, we have to restart the service!

      service snmpd restart We're not out of the woods yet! Make sure you check on the Firewall to allow Incoming UDP on Port 161! Simply for tutorial's sake, here's the IPtables for it:
      iptables -I INPUT -p udp --dport 161 -j ACCEPT Congrats! You've setup SNMP properly on the client server! Time to have Observium monitor it.
      Go into Observium's web interface (http://<Observium Server IP>). Login, and from the navigations go Devices -> Add Device.


      Enter the information you've configured SNMP to listen for (in this case, my sample configuration):


      Press "Add Device" and then wait for the next cron to run.

      Congratulations! You've added a server to your Observium installation! Now wait for data collection to occur!

      Here's a sample of one of my utility server (BuyVM VPS).

      Spoiler


      What Else?
      So that's the tutorial for the vanilla Observium installation. However, I personally recommend these minor changes to help with your use of Observium.

      Timeout Configuration
      Observium was originally created for ISPs and to monitor networks, not servers. Therefore, vanilla Observium has almost no tolerance for even the smallest network blip (such as a single packet not making it to the destination). So to help with that, we're going to add a few extra lines to the config file.

      Open up the configuration file:

      nano /opt/observium/config.php Add the following to the end of the configuration file:
      // Timeout Config $config['snmp']['timeout'] = 20; // timeout in seconds $config['snmp']['retries'] = 5; // how many times to retry the query $config['ping']['retries'] = 10; // How many times to retry ping $config['ping']['timeout'] = 1500; // Timeout in milliseconds The descriptions are pretty straight forward. With this configuration, Observium will now continually retry polling the server until a predetermined number of times before considering it "down". This is especially helpful if you have set Observium to email you during server downtimes (Note: You can enable this by editing the config.php file and installing sendmail or configuring smiliar mail services on the server).
      External Application Integration - Collectd
      So Observium is pretty awesome that it can also integrate with External Applications such as smokeping, RANCID, syslog, etc. For this tutorial I'm simply going to address Collectd, but a full list is available here. Please note the application monitoring section (such as monitoring Apache, nginx, MySQL, etc.) of Observium requires the Unix Agent which, again, is not covered in this tutorial (but maybe in the future).
      Collectd is "a daemon which collects system performance statistics periodically and provides mechanisms to store the values in a variety of ways, for example in RRD files." To be perfectly honest, it's very similar to the data collected by the SNMP poller, however Collectd comes with numerous plugins you can also monitor (and therefore monitor with Observium). Pretty awesome and keeps your life simpler.

      There's two parts to Collectd that we have to consider for Observium. The server and the client. Let's begin with the Server.

      Collectd Server
      For the server, install collectd:

      For CentOS and RHEL:
      Collectd is unavailable in RHEL and CentOS repositories, therefore you can either download the collectd RPM from collectd's website or build from the source package. Building from source or downloading the RPM and installing from collectd's website is outside the scope of this tutorial. However there are resources available online that can help you with installing collectd on CentOS and RHEL servers.

      For Debian and Ubuntu:

      apt-get install collectd Once you have collectd installed, edit the collectd configuration file at /etc/collectd/collectd.conf.
      nano /etc/collectd/collectd.conf Configure that file in any way you see fit, however make sure hostname and the network plugin is loaded. Observium watches for the hostname when determining if the server has collectd enabled:
      Hostname "observium.tutorial.vpsboard" LoadPlugin network <Plugin network> Listen "0.0.0.0" "25826" </Plugin> Restart the collectd service:
      service collectd restart Now we're going to have to edit Observium's configuration file to tell it where collectd has the RRD files. First, open config.php:
      nano /opt/observium/config.php Add the following configuration argument:
      $config['collectd_dir'] = "/mnt/rrdcached/db/collectd/"; That's it! The collectd tab should automatically appear for any servers that collectd is receiving the graphs for (assuming the hostnames match).
      Collectd Client
      The client and the server are very similar. The only major difference is the network plugin configuration.

      For CentOS and RHEL:
      Collectd is unavailable in RHEL and CentOS repositories, therefore you can either download the collectd RPM from collectd's website or build from the source package. Building from source or downloading the RPM and installing from collectd's website is outside the scope of this tutorial. However there are resources available online that can help you with installing collectd on CentOS and RHEL servers.

      For Debian and Ubuntu:

      apt-get install collectd Once you have collectd installed, edit the collectd configuration file at /etc/collectd/collectd.conf.
      nano /etc/collectd/collectd.conf Configure that file in any way you see fit, however make sure hostname and the network plugin is loaded. Observium watches for the hostname when determining if the server has collectd enabled:
      Hostname "observium.tutorial.vpsboard" LoadPlugin network <Plugin network> Listen "1.2.3.4" "25826" </Plugin> The IP (1.2.3.4) is the IP of the Observium Server, not the IP of the server being monitored!
      Restart the collectd service:

      service collectd restartThat's it! The collectd tab should automatically appear for any servers that collectd is receiving the graphs for (assuming the hostnames match).
      Final Thoughts
      Hope you've enjoyed this giant crash-course on Observium! It doesn't cover everything about it but it covers majority of it. If you have any questions, comments, or concerns feel free to reply. If I don't get to them then I'm sure someone else will come along to help! If you have any awesome changes to your Observium installation feel free to let us know here!


    • By Shoaib_A
      This tutorial will guide you how to install, configure & deploy KVM VPS on your dedicated server with using IPv4. I recommend  this only for learning, testing, personal or non-commercial use only. For commercial purposes, you should use a good control panel like SolusVM or Virtualizor. You need to have an Intel or AMD CPU which supports virtualization. Also, please do not try network interface settings in this tutorial with OVH or Hetzner servers as they will not work because with both these companies you need to use different settings for network interfaces. For configuring network interfaces on OVH's network you should go through my other tutorial:     Just use that for setting up interfaces only as rest of the steps to install & deploy KVM servers are same as in this tutorial.     Following assumptions have been made to make it easy for you to understand:
       
        First of all, we should update our OS with following command using SSH:   # yum update   Once done, please reboot your server:   # yum reboot   Type the following using SSH:   # nano /etc/sysconfig/network-scripts/ifcfg-eth0   Remove everything which is there & type or paste the following:
       
        Note: Please replace HWADDR & UUID with that of your server.   Once done, type Ctrl + X, select YES & Enter   # nano /etc/sysconfig/network-scripts/ifcfg-br0
       
      Note: Replace HWADDR, UUID, GATEWAY & NETMASK with that of your server. If you feel any difficulty, use ifconfig or contact your host & ask them the GATEWAY & NETMASK for your server.   Once done, type Ctrl + X, select YES & Enter     # nano etc/sysconfig/network-scripts/ifcfg-br0:1
       
        You may use http://www.gestioip.net/cgi-bin/subnet_calculator.cgi to calculate netmask of your subnet & for knowing other details.   Check if following is present:   # nano /etc/sysconfig/network-scripts/route-br0
       
        Now we have to enable IP forwarding:     # nano /etc/sysctl.conf 
       
        Next step is disabling the redirect messages:   #nano /etc/sysctl.d/10-no-icmp-redirects.conf
       
          Restart the network:   # /etc/init.d/network restart   Now we will install KVM, virt manager & some other tools:   # yum install qemu-kvm python-virtinst virt-top virt-viewr virt-manager libvirt libvirt-client # lsmod|grep kvm # modprobe kvm   Next step is downloading the ISO we are going to use with our KVM VPS that we are going to create later:   # cd /tmp # wget http://mirror.ovh.net/ftp.centos.org/6.5/isos/x86_64/CentOS-6.5-x86_64-minimal.iso   Note: I have downloaded CentOS 6.5 from OVH mirror for demonstration purpose only. You may choose whatever mirror & OS you wish.   It is now better to remove virsh's default network flush iptables & restart libvirtd:   # virsh net-destroy default # virsh net-undefine default # service libvirtd restart # iptables --flush  # service iptables save # service itpables restart   After this, please reboot the server:   # reboot   Now we are ready to create our first KVM VPS:   # virt-install --name=vps01 --disk path=/var/lib/libvirt/images/vps01.img,size=25 --vcpus=2 --ram=1024 --nographics --network bridge:br0:1 --cdrom=/tmp/CentOS-6.5-x86_64-minimal.iso --os-type=linux --os-variant=rhel6   This will create a KVM vps with 1 GB RAM, 2 CPU cores & 25 GB disk space. You may change the name of VPS according to your wishes, I have chosen vps01 in the above example.   Next you will see virsh console. Quickly press TAB + SPACE & configure console in the following way                                           console=ttyS0   Note: You have to do the above step real quick.   Next you will see configuration options for your OS install. Go through the steps & complete the install in your desired way. I chose reinitialize all, use entire disk, write changes to disk to get done with options quickly.   After installation is complete, next is using vi text editor to configure interfaces & nameservers so that our VPS is able to connect to internet. Some of useful commands for vi are as follows:   :wq= save :q = quit i= insert text before cursor until ESC is hit(Edit)   In your VPS type the following in virsh screen:   # vi /etc/resolv.conf  
        Save & Exit   Note: I have used google public DNS as nameservers, you may use others if you wish.   # vi /etc/sysconfig/network-scripts/ifcfg-eth0
       
      Note: Replace HWADDR & UUID with that of your VPS.   After that reboot the VPS. After this network should work perfectly on VPS & you may connect to it using an SSH client.   Some useful virsh commands are as follows:   virsh console vpsname virsh suspend vpsname virsh start vpsname virsh reboot vpsname virsh stop vpsname   If you wish to terminate/destroy a VPS, you may do so using the following commands:   # virsh destroy vps01 # virsh undefine vps01 # cd /var/lib/libvirt/images # rm vps01.img   Note: Replace vps01 with whatever the name of your vps is.   I have tried to cover everything briefly in this tutorial, you may PM me if you experience any problems.
    • By Roger
      Here we'd like to demonstrate how to secure your Linux system by restricting access using TCP Wrappers (tcpd).    Restricting access to your servers is a critical measure that should not be avoided when setting up your system. It will allow only those networks that you have provided to be safe to be granted access to your server's services that support TCP wrappers. We will be using Centos 6.4 64 Bits as our host operating system. Although this is a universal configuration available on most major Linux distributions.   TCP Wrappers work on a different way than iptables does. We must say that they are not mutually exclusive. There are some scenarios where TCP Wrappers will be more suitable to securing specific services.   Some key differences of TCP Wrappers and iptables are:   1) You use iptables command to administer the rules. firewall work at internet layer by allowing or denying access from/to a specific host which in this case using tcp/ip and tcp/udp port number.   2) tcpwrappers is another method of allowing or denying access to a specific service which work at application layer. There are two configuration files involve in this setup    hosts.allow  hosts.deny    How to Find Out if a Program or Service Supports TCP Wrappers?   To determine if a service or daemon supports TCP Wrappers, you need to know the deamon/service path in order to run it against ldd. To find a deamon's path, use the whereis command followed by the daemon's name we'd like to obtain the path for, like this:   [root@[member="VPS"] ~]$ whereis sshd Output:   sshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz Once you get the path from previously executed command, like the above output, you can run it against ldd in order to determine TCP Wrappers compatibility or if it has been compiled with TCP Wrappers, like this:   [root@[member="VPS"] ~]$ ldd /usr/sbin/sshd | grep libwrap.so Ouput:      libwrap.so.0 => /lib64/libwrap.so.0 (0x00007fc5f95e0000) If you get an output with libwrap.so included it means it is a dependency for that daemon, which in turns means it is compatible with TCP Wrappers and therefore TCP Wrappers can be used to secure that specific service.   The rules   The access lists will be validated against two files: /etc/hosts.allow and /etc/hosts.deny   This files require a set of rules to be included an properly formatted to match the requesting clients for access.   Syntax:   <daemon_list>: <client_list>[: <shell_command> ] Where:   daemon_list — Is a collection of one or more process names or special wildcards, separated by whitespace. client_list — Is one or more hostnames, host addresses, patterns, or wildcards, separated by whitespace, to use when a particular process name matches a requested service. shell_command — Is an optional component that specifies something to be done in the event a rule is utilized.   The /etc/hosts.allow file   In this file you will specify the allowed hosts or complete networks. First, open up /etc/hosts.allow file with your favourite editor.     [root@[member="VPS"] ~]$ sudo vi /etc/hosts.allow You will be presented with an output similar to this:   # # hosts.allow   This file contains access rules which are used to #               allow or deny connections to network services that #               either use the tcp_wrappers library or that have been #               started through a tcp_wrappers-enabled xinetd. # #               See 'man 5 hosts_options' and 'man 5 hosts_access' #               for information on rule syntax. #               See 'man tcpd' for information on tcp_wrappers # You will use this file to enter the allowed networks that can connect to your Linux server. This access control language file is based on client (host name/address, user name) and server (process name, host name/address) patterns. If you need to get more information for the complete access control language, please, refer to hosts_options man page.   You can also get a complete list of daemon process names in the inetd configuration file. Please consider that access control software consults only two files and at the first match it will stop validation. This means that you should be careful on the order you specify your permitted networks in order not to lock yourself out. Now, lets start by entering our allowed host/network for the SSH service:   # # hosts.allow   This file contains access rules which are used to #               allow or deny connections to network services that #               either use the tcp_wrappers library or that have been #               started through a tcp_wrappers-enabled xinetd. # #               See 'man 5 hosts_options' and 'man 5 hosts_access' #               for information on rule syntax. #               See 'man tcpd' for information on tcp_wrappers # sshd: 123.123.123.1 With this configuration, access to your machine will be denied to all hosts except for the 123.123.123.1 client. This is assuming you deny all on the /etc/hosts.deny file.   The /etc/hosts.deny file   In the /etc/hosts.deny file you will specify hosts and networks to be refused access to desired services. Open up /etc/hosts.deny file with your editor.     [root@[member="VPS"] ~]$ sudo vi /etc/hosts.deny You will be presented with an output similar to this:   # # hosts.deny    This file contains access rules which are used to #               deny connections to network services that either use #               the tcp_wrappers library or that have been #               started through a tcp_wrappers-enabled xinetd. # #               The rules in this file can also be set up in #               /etc/hosts.allow with a 'deny' option instead. # #               See 'man 5 hosts_options' and 'man 5 hosts_access' #               for information on rule syntax. #               See 'man tcpd' for information on tcp_wrappers # To deny access to ANY other host that is not in the /etc/hosts.allow file, you must specify the non-permitted networks or the ALL directive in the /etc/hosts.deny file as follows:   [root@[member="VPS"] ~]$ sudo vi /etc/hosts.allow Output:   # # hosts.deny    This file contains access rules which are used to #               deny connections to network services that either use #               the tcp_wrappers library or that have been #               started through a tcp_wrappers-enabled xinetd. # #               The rules in this file can also be set up in #               /etc/hosts.allow with a 'deny' option instead. # #               See 'man 5 hosts_options' and 'man 5 hosts_access' #               for information on rule syntax. #               See 'man tcpd' for information on tcp_wrappers # sshd: * #You could have also specify sshd: ALL This rule will refuse access for SSH service to ALL hosts other than those in the /etc/hosts.allow access. You can use either the * symbol or the ALL directive, both means the same. In the same order you will specify one directive per line. You can add as many rules as you need. but always be careful of the order of precedence and remember that at the first rule match the access control will stop validating.     Deny access to a bigger network targeting more services.   Another, more complete example limiting access to SSH and FTP services could be:   [root@[member="VPS"] ~]$ sudo vi /etc/hosts.allow Output:   # # hosts.allow   This file contains access rules which are used to #               allow or deny connections to network services that #               either use the tcp_wrappers library or that have been #               started through a tcp_wrappers-enabled xinetd. # #               See 'man 5 hosts_options' and 'man 5 hosts_access' #               for information on rule syntax. #               See 'man tcpd' for information on tcp_wrappers # #hosts.allow /etc/hosts.allow file rules #To allow a single host for SSH sshd: 123.123.123.1 #To allow a /27 prefix for SSH sshd: 123.123.123.0/255.255.255.224 #To allow a /15 prefix for SSH sshd: 123.122.0.0/255.254.0.0 #To allow a /single host for FTP vsftpd: 123.123.123.1 #To allow a /27 prefix for FTP vsftpd: 123.123.123.0/255.255.255.224         #To allow a /15 prefix for FTP vsftpd: 123.122.0.0/255.254.0.0 Deny access to ALL services and networks.   You can deny access to all services and all networks not specified in the /etc/hosts.allow file. For instance:   [root@[member="VPS"] ~]$ sudo vi /etc/hosts.deny Output:   # # hosts.deny    This file contains access rules which are used to #               deny connections to network services that either use #               the tcp_wrappers library or that have been #               started through a tcp_wrappers-enabled xinetd. # #               The rules in this file can also be set up in #               /etc/hosts.allow with a 'deny' option instead. # #               See 'man 5 hosts_options' and 'man 5 hosts_access' #               for information on rule syntax. #               See 'man tcpd' for information on tcp_wrappers # ​#This refuses connections to ALL services and ALL networks: ALL: ALL That's it. You should now have a fully operational access control with TCP wrappers (tcpd) running on your VPS server. You can verify that your traffic is being refused or allowed access in the /var/log/secure   [root@[member="VPS"] ~]$ sudo cat /var/log/secure You should see an output like this:     Oct 20 22:49:14 vps sshd[6559]: refused connect from 123.123.0.5 (123.123.0.5) Oct 21 00:33:11 vps sshd[7136]: refused connect from 10.2.2.1 (10.2.2.1) Oct 21 03:53:24 vps sshd[7287]: refused connect from 192.168.1.1 (192.168.1.1) Oct 22 12:24:08 vps sshd[18548]: Accepted password for root from 123.123.123.1 port 52908 ssh2 Oct 22 12:24:08 vps sshd[18548]: pam_unix(sshd:session): session opened for user root by (uid=0) If you want to filter the output to only show you the refused connection attempts, input the following command:   [root@[member="VPS"] ~]$ sudo cat /var/log/secure | grep refused Thank you!
    • By splitice
      How to replace puush.sh and similar services with a self hosted (via SFTP) variant
       
      Requirements / Software::
      WinSCP Greenshot A VPS/server with a SSH server (and SFTP support) nginx to serve the images  
      Steps:
      On your server create the /var/www/image directory (mkdir /var/www/), ensure that the www-data has permission to write to this directory (chown www-data:www-data /var/www/image). Also ensure that the www-data has a login password (passwd www-data) Download winscpupload.txt from https://gist.github.com/splitice/9563002. Install this on your filesystem. Note the path as you will need to provide it in the bat file. Replace the connection details in this script to match your server. Download winscp.bat from https://gist.github.com/splitice/9562983. Install this to your system, ensure all the values are set including the path to both WinSCP and the upload script. Select configure external commands from the Greenshot context menu
      Add a new External command - 
      Command: {PATH_TO}\winscp.bat
      Argument: "{0}"
      On your server install nginx. nginx can be found in most distribution repositories. Download the contents of https://gist.github.com/splitice/9564538 into /etc/nginx/conf.d/image-hosting.conf or a sites-available directory as appropriate,  
      You should now be able to take screenshots using Greenshot, uploaded to your server and with the links available in your clipboard. Enjoy :)