How to Configure Linux Password Policies

One of your best weapons in the fight for server security is strong password management. Using the password policies you set in Linux, you enforce strong passwords, require password renewals and many other effective security measures.
First, you should install the cracklib module for PAM. Cracklib tests password strength. If you are using RHEL, CentOS or […]

How to Create and Change Linux System Passwords

Server and website security seems to be in the headlines often lately with news of government surveillance and the heartbleed exploit in SSL. More than ever, it is important that you have a strong password. If you need to change your password on your Linux dedicated server or virtual private server, this guide should help […]

Setup and Configure CentOS Server Part 2

In part one, we began by changing the root password and then creating an account that will be able to escalate to root privileges when needed. Now, you need to make sure that only that user can become root and not anyone else.
The easiest way to do this is to use the “wheel” group. You […]

Setup and Configure CentOS Server Part 1

CentOS is essentially a free implementation of the open source code from Red Hat Enterprise Linux. Logos and other trademarks aside, CentOS is RHEL at its core without the licensing fees. As such, CentOS has become very popular among server administrators as an ideal Linux server solution. This brief tutorial will explain how to get […]

5 Dumb Mistakes to Avoid with a Dedicated Server

This list is essentially useless. It is useless because no one would actually do the things on the list. Right? I joke of course, but these mistakes are ones you should definitely avoid. Some may seem like common knowledge, but they still happen far too often.
1. Using “password” as a password – For that […]

How Do I Create an Ubuntu User with a Home Directory?

On an Ubuntu server, you might encounter a problem when it comes time to create a new user manually. Running the “useradd” command will create a user but do nothing else. It will not ask you to create a password or create a home directory. There are two easy solutions for this:
1. Run useradd […]

Dedicated Server Maintenance Checklist

Your dedicated server needs regular maintenance. It will not take care of itself. The following checklist will help you keep your server in top shape.
1. Check your backups – Just because you make backups does not mean they actually work. You need to test them to make sure your server is performing backups correctly. […]

What Are Shadow Passwords?

On a basic Linux system, passwords are stored in the /etc/passwd file. This is usually OK for a single-user system, but on a multi-user system, such as a server, the passwords should be hidden and encrypted. Shadow passwords allow you to do just that . On Red Hat Enterprise Linux and CentOS, the shadow-utils package […]

How to Remove MySQL Databases and Users

You may spend a good portion of any given day adding users and databases to your MySQL server, but you might not spend much time removing them, even after you or your users no longer need them. Nevertheless, it is very important to not leave unattended databases and users lying around for would-be attackers […]

Protect Your Server with Fail2ban

Monitoring your server is a great way to prevent cyber attacks and stop those that might be in progress. Unfortunately, you cannot always be present to monitor your server. Unless you are an android, you likely still require sleep. For those times when you cannot be be present, Fail2ban is an excellent friend to have.

How to Require Regular Password Changes

A server is only as strong as its weakest user, and a weak user will have a weak password. One way you can at least make passwords a little more secure is to require users to routinely change them. To do so, use the login.defs file to set the number of days until users are […]

How to Manage Users in Webmin

On a dedicated server, managing users does not have to be a difficult affair. While the command-line tools are not overly complicated, you may at times want to use a graphical interface or run batch user operations. Webmin’s “Users and Groups” module may be exactly what you need.
You can find the Users and Groups module […]

How to Create a Virtual Machine in Cloudmin

There are many ways to create virtual machines and many virtualization tools you can use. KVM is one tool that is built into most Linux distributions. Cloudmin, an optional add-on for Virtualmin and Webmin, can provide a graphical interface for creating and managing virtual machines.
To create a virtual machine in Cloudmin, do the following:
1. Click […]

How to Manage MySQL Users in Webmin

In a previous post, we looked at some of the ways in which you can manage a MySQL user from the mysql command-line prompt. Today, you will learn about managing MySQL users from within Webmin’s web-based control panel.
To begin managing MySQL in webmin, do the following:

Login to webmin and find the section called “Servers”
Click “MySQL […]

MySQL User and Password Management

As you manage your dedicated server, you will invariably come across times when you need to reset passwords, add or delete accounts, or generally perform maintenance on your database users. When working with MySQL, there are a couple of simple ways to manage user accounts. The first involves accessing it from the command line, while […]

5 New Year Security Checks You Should Not Delay

As you welcome in the new year, now is a great time to run some basic security checks on your server to make sure it is running in top shape and continues to be a safe haven for your websites. The following five security checks are ones that you should not delay until later in […]

How to Suspend User Accounts in cPanel

In a previous post, you learned how to suspend a Linux user account on your dedicated server. Although this method is effective in shutting down users with shell access, it may not shut off any websites or other unique hosting features that they have. For that you will probably need to suspend their accounts […]

How to Suspend User Accounts on a Linux Server

I hope the time never comes when you have to take action against a user on your dedicated server, but if the situation does arise, you should know how to handle it. With a Linux server, there are several ways to disable an account without completely deleting it. This is useful if you have a […]

What to Do When You Forget Your Password

One of the worst feelings you can experience after putting so much time and effort into your dedicated server is to suddenly realize you are unable to control it. Aside from security breaches, the most common reason for this is that you forgot your password. Forgetting a user password is unfortunate, but not the end […]

Fight Brute Force Attacks with DenyHosts

A Brute force attack is a particularly sinister way for those with malicious intent to gain access to your server.  The premise of this type of attack is to ultimately have root access in order to accomplish whatever goal the attacker may have.  To do this, the attacker typically uses software that attempts to guess […]

7 Lessons I Learned from Having My Own Server

For several years I leased an unmanaged dedicated server from a company that will remain nameless. I loved the experience, but there were plenty of times when I made horrible mistakes. The following are seven lessons I learned from having my own server.
1. Whatever I thought I knew was far less than what I needed […]

How to Install BFD (Brute Force Detection)

BFD (Brute Force Detection) is a free software tool to help you prevent brute force attacks on your dedicated server.  A brute force attack is most commonly used to gain root access to the server by using password-guessing technology.  BFD will detect multiple login attempts and prevent the attackers from escalating into a brute force […]

How to Login to a Linux Server as a Different User

When you login to your dedicated server via SSH, there are normally two options: your own username and root.  It is inadvisable to login directly as root, but you can always use “su” or “sudo” to run root commands.  In some circumstances, however, it may actually be more convenient and useful to login as another […]

How to Optimize MySQL Databases in SSH

Optimizing your MySQL database can help it run better, reduce fragmentation, and ultimately give you a boost in performance.  In many cases, you can optimize your MySQL database using a graphical frontend, such as phpMyAdmin, but in some instances it is quicker and easier to run the command from within an SSH session, especially if […]

Control Panel Security

Many times, managing your dedicated server from the command line can be tedious, especially when there are web-based control panels that make a lot of administrative tasks easier.
Control panels are great, and some proprietary panels like cPanel and Plesk have become commonplace on servers all over the world.  The benefits aside, however, you should also […]

The Layers of Server Security

Security is critical for any server that will connect to the Internet.  Once your server is out there, you will get attackers trying to compromise its integrity.  The question is not whether or not you will be attack but whether or not you were prepared to defend against it.
The best way to prevent attacks from […]

7 Ways to Troubleshoot Database Connections

With most of the world using dynamic websites, databases have become a regular part of the web hosting experience. Even if your database always works and run smoothly, you may have users on your dedicated server who are not so fortunate. Because many applications, scripts, and users may attempt to access the database […]

How to Reset a Lost MySQL Password

Chances are, you have at least a dozen passwords for your server, computers, phones, email, social network, and bank account. It is tough enough to remember commonly-used passwords without even thinking about your MySQL password. The general perception is that, if you lose your MySQL administrative password, you are up a creek without […]

How to Kill a User Session on a Linux Server

There are very few reasons why you would ever need to kill another user’s session, aside from just being mean or playing a prank. If a user logs in but, for some reason, does not log off, it is a good idea to kill the session associated with it so that the account is […]

How to Manually Grant MySQL Privileges

Under normally functioning circumstances, you may never need to manually grant privileges in MySQL. When creating databases in cPanel, phpMyAdmin, or any other web-based interface, you can easily accomplish the same task without accessing the command line. In rare instances, however, those frontends may not work or may not be easily accessible to […]