Category Archives: News

Find and replace text within a file using commands on Linux

Posted on by in ,
How can I find and replace specific words in a text file using command line? cd /path/to/your/folder/nikeshshakya sed -i 's/original/new/g' file.txt Explanation: sed = Stream EDitor -i = in-place (i.e. save back to the original file) The command string: s = the substitute command original = a regular expression describing the word to replace (or just the word itself) new = the text to replace it with g = global (i.e. replace all and not just the first occurrence) file.txt = the file name Or to make replace on all files on folder cd /path/to/your/folder/nikeshshakya sed -i 's/foo/bar/g' *...

How To Create a New User and Grant Permissions in MySQL

Posted on by in , ,
In the cases where more restrictions may be required, there are ways to create users with custom permissions. Let’s start by making a new user within the MySQL shell: CREATE USER 'nikesh'@'localhost' IDENTIFIED BY 'password'; Sadly, at this point newuser has no permissions to do anything with the databases. In fact, if newuser even tries to login (with the password, password), they will not be able to reach the MySQL shell. Therefore, the first thing to do is to create new database and provide the user with access to that database. create database nikeshdb; GRANT ALL PRIVILEGES ON nikeshdb.* TO 'nikeshshk'@'localhost'; The asterisks in this command refer to table that they can access—this specific command allows to the user to read, edit, execute and perform all tasks across all the databases and tables. Once you have finalized the permissions that you want...

Ubuntu – ownCloud Secure Access with SSL

Posted on by in ,
Enable ssl sudo a2enmod ssl Create new directory for the self signed certificate sudo mkdir /etc/apache2/ssl Create the self signed certificate and the server key that protects it, and placing both of them into the new directory sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/owncloud.key -out /etc/apache2/ssl/owncloud.crt Now we setup the certificate sudo nano /etc/apache2/sites-available/default-ssl.conf The lines that need changing are the following ServerName 192.168.1.11:443 SSLEngine on SSLCertificateFile /etc/apache2/ssl/owncloud.crt SSLCertificateKeyFile /etc/apache2/ssl/owncloud.key Activate the new vhost sudo a2ensite default-ssl Restart apache sudo service apache2 restart...

Hardening your Apache and PHP on Ubuntu 9.04 Server

Posted on by in ,
You have installed LAMP and OpenSSH on your Ubuntu 9.04 Server. The first thing to do is to harden it in order to avoid some kind of attacks. You can do the following steps in front of your Ubuntu 9.04 Server or remote access it via OpenSSH. For OpenSSH, your Ubuntu 9.04 Server is at 192.168.0.10 : ssh 192.168.0.10 -l nikesh Step 1 : The avoid someone to list your files on your Apache directory, you should do the following step. sudo nano /etc/apache2/sites-available/default Add a minus "-" in the front of "Indexes" and it will looking like this :     Options -Indexes FollowSymLinks MultiViews     AllowOverride None     Order allow,deny     allow from all Step 2 : To enable the rewrite module of Apache. sudo a2enmod rewrite To avoid Cross-Site-Tracing attack. Add the following lines within " " :     RewriteEngine On     RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)     RewriteRule .* - [F] Step 3 : To avoid HTTP DoS,...

How to Protect your Server Against the Shellshock Bash Vulnerability

Posted on by in ,
On September 24, 2014, a GNU Bash vulnerability, referred to as Shellshock or the "Bash Bug", was disclosed. In short, the vulnerability allows remote attackers to execute arbitrary code given certain conditions, by passing strings of code following environment variable assignments. Because of Bash's ubiquitous status amongst Linux, BSD, and Mac OS X distributions, many computers are vulnerable to Shellshock; all unpatched Bash versions between 1.14 through 4.3 (i.e. all releases until now) are at risk. The Shellshock vulnerability can be exploited on systems that are running Services or applications that allow unauthorized remote users to assign Bash environment variables. Examples of exploitable systems include the following:
  • Apache HTTP Servers that use CGI scripts (via mod_cgi and mod_cgid) that are written in Bash or launch to Bash subshells
  • Certain DHCP clients
  • OpenSSH servers that use the ForceCommand capability
  • Various network-exposed services that use Bash
A detailed...

Google Launches Improved Sitelinks Search Box

Posted on by in
Google has introduced a new sitelink feature where it will show a site search box above the sitelinks for a website in the search results. The new change, in addition to the search box getting a prominent spot just under the site description, also takes advantage of auto-complete when people type something into the search box. The new search box is available for both desktop and mobile searches.  Here it is for desktop: sitelinks search 1Here is the mobile version of the new search box. sitelinks search 2Google provides documentation so webmasters can enable this so any searches done within the sitelinks search box will direct people right to the results page on your site.  You need to have a working search engine on your site, however...
Page 64 of 67First PagePrev Page6061626364656667Next Page