DNSSEC: Let’s Go! (Hexonet Edition) Recently, I purchased several new domain names with .gd and .io extensions. While exploring Hexonet’s features, I noticed that they support DNSSEC (Domain Name System Security Extensions). However, I couldn’t find any option to enable it directly through their control panel. After some research, I finally figured out how to activate DNSSEC on Hexonet. Spoiler: It involves using their API. The Process To enable DNSSEC, you’ll need to manually send a command via Hexonet’s API. Here’s how you can do it: Access the Hexonet API Execution Page Open the API tools page at this URL: https://cp.hexonet.net/cp2/index.php/tools/apiaccess Input the API Command Use the following command format to enable DNSSEC for your domain: command = ModifyDomain domain = example.com secDNS-urgent = 1 secDNS-ds0 = [KEYTAG] [ALGORITHM] [DIGEST-TYPE] [DIGEST] Replace the placeholders with the specific DNSSEC values provided by your DNS provider (e.g., Cloudflare). A Quick Note on Digest Types The trickiest part of this setup is figuring out the correct Digest Type. If you’re using Cloudflare, they’ll provide a digest labeled SHA256. However, Hexonet’s system doesn’t directly list "SHA256" as an option. After checking the official documentation, I found that: SHA256 corresponds to 2 in Hexonet’s system. So, for the secDNS-ds0 parameter, make sure to use 2 as the Digest Type. Helpful Resources Here are a couple of resources that helped me understand the process: Hexonet’s DNSSEC Wiki

Trying to fix the problem, the first step was "Disable UDP acceleration" (view the image)

Symptom:    When checking the LFD service with the systemctl command you will see this: systemctl status lfd.service ● lfd.service - ConfigServer Firewall & Security - lfd   Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)   Active: failed (Result: exit-code) since Tue 2020-12-01 20:54:11 IST; 10min ago   Process: 11119 ExecStart=/usr/sbin/lfd (code=exited, status=1/FAILURE) Dec 01 20:54:10 host.domain.tld systemd[1]: Starting ConfigServer Firewall & Security - lfd... Dec 01 20:54:11 host.domain.tld lfd[11119]: Error: You have an unresolved error when starting csf. You need to restart csf successfully before starting lfd (s...csf.error) Dec 01 20:54:11 host.domain.tld systemd[1]: lfd.service: control process exited, code=exited status=1 Dec 01 20:54:11 host.domain.tld systemd[1]: Failed to start ConfigServer Firewall & Security - lfd. Dec 01 20:54:11 host.domain.tld systemd[1]: Unit lfd.service entered failed state. Dec 01 20:54:11 host.domain.tld systemd[1]: lfd.service failed. The error indicates that you need to restart the CSF service before being able to start the LFD service. However, when you check the CSF service you notice that the service has failed with the following error: systemctl status csf.service -l ● csf.service - ConfigServer Firewall & Security - csf   Loaded: loaded (/usr/lib/systemd/system/csf.service; enabled; vendor preset: disabled)   Active: failed (Result: exit-code) since Mon 2020-11-30 20:13:09 IST; 24h ago  Main PID: 943 (code=exited, status=1/FAILURE) Nov 30 20:12:56 host.domain.tld systemd[1]: Starting ConfigServer Firewall & Security - csf... Nov 30 20:13:09 host.domain.tld csf[943]: You have an unresolved error when starting csf: Nov 30 20:13:09 host.domain.tld csf[943]: Error: FASTSTART: (Packet Filter IPv4) [] [iptables-restore: line 14 failed]. Try restarting csf with FASTSTART disabled, at line 5584 in /usr/sbin/csf Nov 30 20:13:09…

I recently ran into an issue where I wanted to test a deployment using Windows Server 2019 Storage Migration Service feature. It turns out an Evaluation installation does not support storage migration service and it will not appears to be missing in the Windows Admin Center. I needed to upgrade Windows Server 2019 Evaluation to Standard edition. which is fortunately very easy! First open up a Powershell window and run as Administrator. Enter the following command: DISM /Online /Set-Edition:ServerStandard /ProductKey:N69G4-B89J2-4G8F4-WWYCC-J464C /AcceptEula DISM will proceed to make the required changes and will request a reboot. Press Y to reboot the server. Once the server has rebooted, log back in and open up Powershell again and type: DISM /Online /Get-CurrentEdition Congratulations you now have standard edition installed!

If you cannot install or update software via yum and you see 404 errors like this: try to clean yum cache first; sometimes, the current repository data doesn't match the cached information. You can do it via: If that didn't help, comment out the following line in /etc/yum.conf: You can run this command to comment out that line automatically:

Error: yum install failed solved the issue by enabling a higher version of php rather than 55 56:

install fuse package

The error "IndentationError: unexpected indent" in Python people get most time is something to do with space and tab syntax in editor. Editor needs to be set using space instead of tab in python programming. Eg. Convert tabs to spaces in Notepad++ To convert existing tabs to spaces, press Edit->Blank Operations->TAB to Space. If in the future you want to enter spaces instead of tab when you press tab key: Go to Settings->Preferences...->Language (since version 7.1) or Settings->Preferences...->Tab Settings (previous versions) Check Replace by space (Optional) You can set the number of spaces to use in place of a Tab by changing the Tab size field.

To find files on a linux system you can use following command: # find / -name xxxx But I prefer to use the locate command. This command is extremely easy to use and it’s faster than the find-command. # locate filename To install the locate package, use yum. # yum install mlocate To update it’s ‘internal database’, run following command. # updatedb To find a file, use following command # locate httpd.conf /etc/httpd/conf/httpd.conf  

In Tomcat 7, the password in the setting file: tomcat-users.xml is displayed as string encrypted by md5. In server.xml file: <Realm className="org.apache.catalina.realm.LockOutRealm"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" digest="md5"/> </Realm> echo -n yourpassword | md5sum make sure you change the password in tomcat-users.xml with md5 encrypted string.

Use "nginx -t" to debug nginx issues. It's a known issue when nginx fails to start in Vesta due to some misconfiguation occurred by itself. nginx: [emerg] the same path name "/var/cache/nginx/xxx.es" used in /etc/nginx/conf.d/01_caching_pool.conf:2 and in /etc/nginx/conf.d/01_caching_pool.conf:3 nginx: configuration file /etc/nginx/nginx.conf test failed nginx: [emerg] the same path name "/var/cache/nginx/xxx.es" used in /etc/nginx/conf.d/01_caching_pool.conf:2 and in /etc/nginx/conf.d/01_caching_pool.conf:3 nginx: configuration file /etc/nginx/nginx.conf test failed [root@server ~]# cat /etc/nginx/conf.d/01_caching_pool.conf proxy_cache_path /var/cache/nginx/xxx.com levels=2 keys_zone=xxx.com:10m inactive=60m max_size=512m; proxy_cache_path /var/cache/nginx/xxx.es levels=2 keys_zone=xxx.es:10m inactive=60m max_size=512m; remove all the duplicate lines. And then restart nginx.

Give all permissions to usergroup "Authenticated User".

Cloning a virtual machine, regardless of the VM is in shutdown or running state, is a very useful feature from deployment standpoint of view, which allows a system to be copied and duplicated without the need to perform installation again. In addition, cloned virtual machine also preserves current system and apps environment in productio and web development in WebDesign499, allowing testing and evaluation to be done in a backup or UAT system before any changes or updates been applied to production virtual machine. Virtualization products from VMware such as VMware vSphere /VMware ESXi, VMware Workstation and VMware Fusion have built-in support for closing virtual machine, where user can right click on a VM and clone it right away. In fact, VMware allows user to make a copy of virtual machine as full clone or linked clone. But not so in Hyper-V. Hyper-V does not have outright clone option available (unless you’re also running System Center Virtual Machine Manager, also known as SCVMM). In addition, while technically it’s still possible to clone a VM in Hyper-V, it only does full clone, and not linked clone. Full clone is essentially duplicating and making a copy of original virtual machine to get an exact replica as a second virtual machine, which is completely independent of the source virtual machine. The downside of full clone is that it takes up as much disk space as the source VM. Meanwhile linked clone is a copy of a virtual machine (VM) made from a snapshot of parent that shares virtual disks with its parent VM, hence…

I recently installed a Dell Server by using the Lifecycle Controller. This system uses a wizard to help with the installation of the operating system. In this case, I was installing Windows Server 2008 R2 to replace an existing Exchange 2010 server. Speaking of a server, with the data center cloud of Eatel business, you can access your business data anywhere. For more details, visit www.eatelbusiness.com. As part of the installation, an OEMDRV USB drive is created by the Lifecycle Controller that contains the drivers used during OS installation. OS installation went well, but I ran into an issue afterwards. The OEMDRV drive was using E:, which I needed for my Exchange data. When you go into computer management, OEMDRV shows as a removable drive. However, you cannot change the drive letter or eject OEMDRV. By default the Lifecycle controller removes this drive after 18 hours, but I didn't want to wait that long. To force OEMDRV to be removed earlier, restart the server and press F10 to enter the Lifecycle Controller configuration. Then exit the Lifecycle Controller and reboot again. You don't need to make any changes in the configuration. Just entering and exiting triggers the removal. For other advertisements, checkout https://www.worldgym.com/palmdesert/home.

The workaround is: 1. Download the Rufus: Rufus 2.8 Portable (865 KB) https://rufus.akeo.ie/ 2. Open up the Rufus, and insert USB (more than 8G) to working machine (make sure partition scheme and target system type is GPT) 3. Select ISO file downloaded and click start: 4. On the working system, download the Windows 7 USB 3.0 media creator utility from Intel: https://downloadcenter.intel.com/download/25476/Windows-7-USB-3-0-Creator-Utility *The download is a compressed zip file. Unzip the utility to a folder in Windows and then and run theInstaller_Creator.exe file as administrator (Right-Click the file, Select "Run as Administrator" on the drop down menu that appears). 5. When you are prompted, select the USB drive which includes Windows 7 installation source: 6. Click the "Create Image" button in the tool to start injecting USB3 driver into the image. 7. After complete image creation, Install windows 7 64bit with the updated Dell Windows 7 USB key.

We wanted to let you know that today, a critical vulnerability in bash(Bourne-Again-SHell) was disclosed by Stephane Chazelas. This vulnerability is so critical that even if you have Two-Factor Authentication an attacker would be able to by-pass the two-factor verification and execute commands remotely on your server. We recommend you update now. Here's a few things to help you: To test if you are vulnerable you can use the following command: env t='() { :;}; echo You are vulnerable.' bash -c "true" If it prints "You are vulnerable" you need to upgrade as soon as possible. Patches for the major Linux distributions have been already released. If you are using a Ubuntu or Debian type the following commands to apply the security patch:  apt-get update  apt-get upgrade If you are using RedHat, CentOS or Fedora type the following commands to apply the security patch:  yum clean all  yum update bash If you want to know more about this vulnerability please read the following thread on the oss-sec mailing list: http://seclists.org/oss-sec/2014/q3/650

If you encounter this warning message under Linux: 4096 worker_connections are more than open file resource limit: 1024 A solution is to use the command ulimit in nginx start script, just before lunching nginx: ulimit -n 65536