Skip to main content

Posts

MaxIOPS Block Storage VPS : Start Your Free Trial for 5 Months, Promo Code: AQX767

Today I’ll introduce with you a VPS server provider which is the best at its price and performance wise also. They are providing World's fastest cloud server as well as Private Cloud with MaxIOPS block storage services. Start Your Free Trial for 5 Months, Use Promo Code: AQX767 Sign Up Link All cloud servers are deployed on enterprise-grade hardware. Together with Upcloud in-house developed software and proprietary MaxIOPS storage technology, you will get industry-leading performance at all times. Cloud servers are deployed in less than 45 seconds . With incredibly fast boot times, you will get up and running within minutes. Yes  Upcloud  , as the VPS provider it includes DDOS protection, Pure SSD and obviously Fair Usage i.e. no issue in the peak time (safe from noisy neighbors). I am using two VMs on Upcloud and Migrated from AWS & Azure . Azure Linux instance is very slow to rebbot . Also Linode took more time to reboot the VMs . I was very frustrated th
Recent posts

How to secure Zimbra Nginx to use strong encryption ciphers for TLS ?

Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence.  Further reading: https://www.internetsociety.org/deploy360/tls/basics In this article we will learn how to secure Zimbra Nginx to use only strong encryption ciphers for TLS. Check the following version: root@mail:~# openssl version OpenSSL 1.1.1 11 Sep 2018 zimbra@mail:~$ nginx -v nginx version: nginx/1.20.0 zimbra@mail:~$ zmcontrol -v Release 9.0.0.ZEXTRAS.20220713.UBUNTU18.64 UBUNTU18_64 FOSS edition. How to configure Protocol version TLSv1.3 to existing  zimbraReverseProxySSLProtocols ?  Check existing protocol version and Add TLSv1.3 to existing Case 1: Example ( Add to existing ) $ zmprov gcf zimbraReverseProxySSLProtocols zimbraReverseProxySSLProtocols: TLSv1 TLSv1.1 TLSv1.2 Now add TLSv1.3 to exi

How to Optimized MySQL Percona XtraDB Cluster 5.7 Performance for 1GB RAM VPS - Part 3

SQL database optimization is the extensive strategy of reducing the response time for queries in the system. Note, the database you use for your business offers you all the critical data stored in a related and hierarchical structure. This permits you to get the content and organize it easily. Database tuning, or performance tuning, involves optimizing and homogenizing the design of database files and of the database’s environment.  This can make data access easier than you imagined.  I am using three(03) node where server RAM is 1GB each. To optimize MySQL Percona node which is installed on 1GB RAM VPS you need to add  this configs in  /etc/mysql/my.cnf under [mysqld] : # vi /etc/mysql/my.cnf [mysqld] bind-address = 10.10.3.230 ( Use DB Node IP for another Node ) collation-server = utf8mb4_unicode_ci init-connect='SET NAMES utf8mb4' character-set-server = utf8mb4 skip-name-resolve skip_external_locking tmp_table_size = 128M join_buffer_size = 128M innodb_doublewrite = o

How to install MySQL Percona XtraDB Cluster 5.7 on Ubuntu 18.04 LTS - Part 2

This guide describes the procedure for setting up Percona XtraDB Cluster 5.7 on Ubuntu 18.04 LTS three nodes in a multi-master replication . Multi-master replication allows writing of records in each node, so if a node will fail, we can work on the other as if nothing happened. First of all, why we choose three nodes and not only two? In any cluster, the number of nodes should be odd, so in the case of disconnection of a node, we assume that the highest group of servers has the fresh data, and should be replicated to the down node to avoid data loss. This is related only to resolve conflicts in data replication, we won't loose data written only to the disconnected node. This is used to avoid a circumstance called split brain, in which we can't automatically choose which node has correct data. Think for example of a 2 node cluster where both nodes are disconnected from each other, and the same record is written to both nodes: who wins when they come back online? We don't kn

How to install MySQL Percona XtraDB Cluster 5.7 on Ubuntu 18.04 LTS - Part 1

Percona XtraDB Cluster (PXC) is a fully open-source high-availability solution for MySQL. It integrates Percona Server and Percona XtraBackup with the Galera library to enable synchronous multi-source replication. MySQL clustering solution that helps enterprises minimize unexpected downtime and data loss, reduce costs, and improve the performance and scalability of your database environments. PXC supports your critical business applications in the most demanding public, private, and hybrid cloud environments.  A cluster consists of nodes, where each node contains the same set of data synchronized accross nodes. The recommended configuration is to have at least 3 nodes. You can convert an existing MySQL Server instance to a node and run the cluster using this node as a base. You can also detach any node from the cluster and use it as a regular MySQL Server instance. Benefits When you execute a query, it is executed locally on the node. All data is available locally, no need for remot

How to change default system email for root@hostname for Postfix in CentOS 7?

By default, any system email is generated by system is sent to root@hostname or system-user@hostname . So critical server errors, log errors, corn jobs alerts etc. all are sent to this default email address. Most likely you want to receive all the emails from different daemons and system components not to the user ‘root ’ but in another user that has access to emails.  To change it to different appropriate email id, we can do this by two ways.  Step 1: To do this, open /etc/aliases with your favourite editor and navigate to the end of the file. You will find something like this: # vi /etc/aliases root: postmaster@awsmonster.com To add multiple email ids, we can simply separate them by comma. root: postmaster@awsmonster.com, system@awsmonster.com Run the aliases command, to compile aliases file. # newaliases # service postfix restart Step 2: We can simply create .forward file to the folder root and add email address there. # vi /root/.forward serveradmin@awsmo

How to install unrar with Clamav for MailScanner?

The unrar command is used to extract, list or test archive files only .ClamAV will need unrar, it can be installed from rpmforge repository , so: # cd /usr/local/src/ # wget http://62.171.191.140/mw/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm # rpm -ivh rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm # yum update -y # yum install unrar # rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag Note: RPMForge is now RepoForge & might be outdated. There is no updates since very long time. After installing unrar, Disabled rpmforge repo:  # sed -i 's/enabled = 1/enabled = 0/g' /etc/yum.repos.d/rpmforge.repo # yum update -y Viruses are commonly spread as attachments to email messages. Install the following packages for Amavis to extract and scan archive files in email messages such as .7z, .cab, .doc, .exe, .iso, .jar, and .rar files. # yum install arj bzip2 cpio file gzip nomarch spax unrar p7zip unzip zip lrzsz lzip lz4 lzop FreshClam Setup:  freshclam will update the virus signatur

How to Secure Postfix/Dovecot on CWP Email Server on CentOS 7?

At first I would like thank to CWP team for their great effort at $11.99. It has corporate mail features better than Cpanel and others. BTW It's my personal opinion. CWP team has changes many options on Postfix and Dovecot Configuration. It is very important to secure Postfix & Dovecot for Production server that will never expose your internal office or user home network. I did some little research and studies a lot to learn Postfix & Dovecot configuration. Lets Explain my scenario:  I have a VPS and it has two IPs. Both IP has valid PTR records . You must configure a valid FQDN for your IPs. My Details are below:  My Primary Domain:  rubelhossain.com  Server FQDN : mx1.rubelhossain.com  ---  60.141.190.140  (IP for Shared Hosting) Sub-Domain   : mx2.rubelhossain.com  ---  60.141.190.142  (IP for sending Outgoing Email) Now build your Mail Server with the following options that mentioned in below snapshot You can follow the link to Build your own CWP Mail Server How to Bu