Red Hat Certified System Administrator

In the next few weeks, I intend to publish my own training courses entirely in Polish related to RHCSA. Yes, free of charge, because these are the basics of any Linux distribution in principle and in my opinion it is ridiculously simple. The exam requires you to understand and remember the commands by heart, so it’s not that simple anymore, because the commands come in as time goes by when you tap them every day with your finger.

Continue reading “Red Hat Certified System Administrator”

fail2ban – installation and configuration

Note, the following tutorial is a part of my engineering work entitled “Hardening of a Linux-based network server” under the direction of Ph. D. Kordian Smolinski in the Department of Theoretical Physics WFiIS UŁ defended in June 2019.

To install Fail2Ban on CentOS 7.6, you will first need to install the EPEL (Extra Packages for Enterprise Linux) repository. EPEL contains additional packages for all versions of CentOS, one of these additional packages is Fail2Ban.

Continue reading “fail2ban – installation and configuration”

Web server installation on mikr.us using MariaDB and MyISAM engineWeb server installation on mikr.us using MariaDB and MyISAM engine

Hi,

There was an opportunity like a blind chicken grain long ago and I hunted the domain for free sysadmin.info.pl. Originally the idea was to use it for engineering work and so it happened. Three months later again an opportunity came up, which I couldn’t miss. This time the virtual machine on OpenVZ for funny money. If you are interested, please contact https://mikr.us. After clicking on the link you will get a 5% discount on the server for the year

Continue reading “Web server installation on mikr.us using MariaDB and MyISAM engineWeb server installation on mikr.us using MariaDB and MyISAM engine”

WordPress configuration for connecting to a remote database

Hello,

I will describe here step by step configuration of WordPress in configuration of two servers. These can be physical servers, or installed on virtual machines, either using VirtualBox or HyperV.

Usually we encounter these configurations above, of course there are also other solutions, such as in the case of the hosting service provider, which has a database elsewhere, and in another location keeps a directory on the files of the website, but I will deal with the classic case, when we distinguish between two different servers.

Why such a solution? For a simple reason – security. There is no external access to the database server, i.e. from the Internet. It is in favour of the so-called NAT.

I will describe the solution that I implemented at home on two laptops, which serve as servers at home for my own learning purposes.

Have you reached this place? Great! Let’s get started.

Continue reading “WordPress configuration for connecting to a remote database”

SELinux security policy

I’m not an SELinux expert, but when I read many tutorials on the subject and saw dozens of tips that all said in one voice: turn off SELinux, because it causes problems, I thought it was time to challenge this thesis and prove that SELinux could be easy to use.

In a situation where a service does not run because of problems with permissions, creating a process ID (PID) file, you should update SELinux’s policy on enforcing the rules against the application, which by default is not included in SELinux’s Type Enforcement (TE) policies.

Continue reading “SELinux security policy”

Welcome to the Sysadmin blog

This blog will be devoted to issues related to the administration of Linux servers. I focused on popular distributions such as Debian 9.8.0, CentOS 7.6, Fedora 29. Of course I won’t stop there, because I have a RHEL (Red Hat Enterprise Linux) 7.7 instance on Virtual Box.

I will describe the solution that I implemented at home on three laptops that serve as servers at home for my own learning purposes. In addition, I bought myself a VPS, on which I configured the environment to host this very site. I also intend to buy another VPS in the future and move the installation of mail server and Samba on one machine. Ultimately, I want to turn off two other laptops (mail server and Samba), hide them in a drawer and have everything in the network.