Port Forwarding Problem - Public port to Private Port

chanalku91 · Posted by: chanalku91 - 09-15-2019, 08:20 AM - Forum: VPS Support - Replies (10)

Hello, I have a problem with port forwarding

I want to forward the connection from public zone port 22 to private zone port 2222 But I don't know why this command doesn't work

Terminal

iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 22 -j DNAT --to 127.0.0.1:2222

I have also activated port forward on sysctl

But the problems I experienced could not be solved by members of the Indonesian Linux forum

hamed · Posted by: hamed - 09-14-2019, 05:32 PM - Forum: SEO Optimization - Replies (16)

Hello . I use my site to track my site load speed and review the information needed to optimize my website for better SEO. But I didn't notice (photo).

https://gtmetrix.com

the photo url (see pls) : https://imgur.com/a/fI6DHQp

qusetion : Make fewer HTTP requests

------------
If you have another site to optimize your website and see site information such as site load speed and other SEO information, please share the link for me here.
-----------

Melvin · Posted by: Melvin - 09-13-2019, 03:38 PM - Forum: Meet & Greet! - Replies (11)

I must say too i'm leaving, sorry guys but i can't continue this year is the final year in the collage for me, which called in my country "BAC" that year your hole life will change and you will join the professional life, so i decied to quit everything and focus on my studies, i wouldn't quit like that but things more important then other things, i would like to thanks everyone who helped me in this lovely community. in this case i must cancel my VPS.
so i also don't have enough time to create a cancellation request.
CIAO people

.

hamed · Posted by: hamed - 09-13-2019, 12:37 PM - Forum: Make Money - Replies (10)

Hi everyone.

On the Internet I tried all the ways to earn money online and on different sites in different ways (for free time of day). But no site by any means makes any good money because you spend more on electricity and more. So we'd better not do much (like getting bitcoin from free bitcoin sites (anyway)). (Such as viewing ads or selling a product from another site). So I want to suggest a good way (not to everyone)
This is the way I want to suggest just for those who have a blog or site to share a series of download links (sites that have high hits).
I didn't buy for my site to keep the download files I provided on my site like some games that are not available on Stream or some high volume software. Actually because I didn't need to. I use the uploadboy site to store my files. This site is great. This site keeps your files and users and visitors to your site can download your file for free and you can earn money by downloading it.
Please see this download link for countries and file download rates: https://uploadboy.com/en/earn.html
(Posted above monetization rate) (This site is quite real and the best).
Also, when a visitor enters the download link of your file, his / her ip language will appear in his / her site and the visitor will not be confused. This site supports more than 10 languages.
I suggest you no longer give the download hosts money to keep your files and use this site to keep track of your files and subscriptions and earn money.
Website address: www.uploadboy.com
I didn't give you the invite link but if you would like to sign up with my invite link so I can earn money by clicking on the signup menu above and register to earn money from selling your files too. (click here to sign up with my invite link)

LightDestory · Posted by: LightDestory - 09-12-2019, 05:11 PM - Forum: Tutorials - Replies (1)

*This tutorial is part of a series, visit the main thread to learn more*

Nowadays, SSH is the most common access that you can use when you get a server. On server-specific OS it will be preinstalled on most of cases. The problems is that it comes with standard configurations that are not very safe for us!

On this tutorial we will focus on what is SSH and how secure it, we will skip the installation process because, as I said previously, it comes preinstalled on almost every server-specific OS.

Let's start talking about SSH:

What is SSH?
Secure Shell (SSH) is a network protocol that allow us to operate network services securely over an unsecured network, i.e Internet. It is the most common way of safely administering remote servers but with it we can secure any network service. Using a number of encryption technologies, SSH provides a mechanism for establishing a cryptographically secured connection between a client and a server, authenticating each side to the other, and passing commands and output back and forth.
The protocol specification distinguishes between two major versions:
- SSH-1: provides an encrypted channel to users for logging into remote computer over a network. We can execute various commands on server and move files from one server to another.
- SSH-2: It is a much more secure, efficient, and portable version of SSH-1. It encrypts all the data to avoid eavesdroppers, it also avoids DNS and IP sproofing cryptographically authenticating the identity of the server. When a session is established, the SSH client validates the server’s host key against a local list of available keys that are associated with server names and addresses. If the keys do not match, then an immediate warning is issued.
The standard TCP port for SSH is 22.
Why is so important to secure SSH?
Now, we know that SSH is the most common access to our server, it is used for a lot of services such as remote terminal, sftp, remote desktop access with x2go, ect...
So securing SSH is very important and we need to set it properly!

The most common SSH server around is OpenSSH, it will be probably preinstalled on your Linux Server. Moreover Windows 10 is shipped with OpenSSH client built-in!

So we can assume we don't need to explain how to install it and setting up its auto-load.

Where is the OpenSSH server configuration?
OpenSSH server configuration is stored on a file named 'sshd_config' located at '/ect/ssh/'
How are we going to secure it?
We are going to activate the following setting:
- AllowUsers: With this keyword we will allow ssh access only to a list of users. It is very useful when on our server there are a lot of users dedicated to different services. The list of users is the sequence of usernames separated by space.
  In the following example I will allow SSH access only to 2 users:
  
  Code:
  AllowUsers lightdestory1 lightdestory2
- Port: With this keyword we will change the listening port for SSH. As said previously the default port is 22 but if we log some spamming over that port, it can be useful to change it. When choosing a new port be careful to pick up one that is not "well known port". You can use the range: 1024-49152.
  In the following example I will change the SSH port to 44555:
  
  Code:
  Port 44555
  If you are using a firewall remember to update it to allow the new port!
- PermitRootLogin: We need to block root login via SSH. Good practice tells us to use a sudoner user that can became root. To block root on SSH login you need to set this setting to 'no'.
  
  Code:
  PermitRootLogin no
- PermitEmptyPasswords: We need to avoid the input of empty password. The default setting is 'yes' and it is ok, but make sure that on your server is correctly set.
- Protocol: With this keyword we can force the use of a specific version of SSH protocol. It good practice to force the use of SSH-2 only.
  
  Code:
  Protocol 2
- ClientAliveInterval & ClientAliveCountMax: these keywords will allow the server to terminate SSH sessions due to inactivity. It is useful to avoid pending sshd processes. These options are available only for SSH-2
  - ClientAliveInterval: Sets a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client.
  - ClientAliveCountMax: Sets a number of 'client alive' response that the client can miss before getting its session SSHterminated
  I personally set a timeout of 10 minutes with 0 missed response tolerance.
  
  Code:
  ClientAliveInterval 600 ClientAliveCountMax 0
- We can also enable Key authentication and disable password authentication, it is one of the most secure thing to do but also a bit tricky. Enabling these options you will limit a lot your portability, without your own device (with the key) you will not be able to access your server.
  I will not cover this set up because I am not an expert myself

After the changes on 'sshd_config' remember to restart your OpenSSH server!

Code:
systemctl restart sshd

Sometimes some changes requires a server reboot

Pacific Spirit · Posted by: Pacific Spirit - 09-12-2019, 03:06 PM - Forum: General - Replies (7)

I open this thread because the free services like cpanels, plugins, resellers and VPS if it were a bit in the end has come on internet. Between 2012-2018 free services were and will continue to be available and also the Resellers, VPSes and Dedicated Servers and Game servers. With effect from 2019, this option is almost, "I ALWAYS pass", I often receive requests to sponsor websites that run a "No-Income" website, I reject every sponsor request because otherwise it would be nice to me the costs are going to run for the long term which can cause my company to go bankrupt, so that's why I don't do that I am in contact with a number of large-scale list of people asking about hosting, I am not the right person to provide free service I run LNB hosting myself and that is our freemium model, where customers can claim free hosting, but 9 out of 10 times they are dissatisfied because Disk Space, Bandwidth, cPanel Functions and network speed are limited and nowadays they all want unlimited and we also regularly have great promotions that customers can really benefit from, but even with the Special deals (Recurring) they are not satisfied, they would prefer that you put everything for free instead of having 1 cent left Paying, yes a story from HostLease, nice and exciting but who cares (nobody), I have done my say. The point I want to express is that more and more hosting companies are closing their free services and / or switching to "myownfreehost" - Byet reseller with a vPanel. I know a number of hosting companies that are going to leave or stop the free hosting. I will against that for the time being, I also say "Provisional" to continue to offer the free services, but I cannot offer any guarantee for the rest of 2019, but I can tell my current resellers that " active "their services will be retained and those" inactive "(will be checked) removed to save my costs. I am also not going to add domain names because of the privacy and advertising of other companies, but you can already fill in what you have used in the past. This is also partly due to "DirectAdmin" which causes the hosting provider to stop. I hope you can sign for this thread. If you offer a service yourself with free service, I'd love to hear from you. Perhaps I can help you with supporting and bringing ideas to new positions.

Khadeer143 · Posted by: Khadeer143 - 09-12-2019, 06:03 AM - Forum: General - Replies (2)

hello all i tried to install ogp agent in my vps 3 i enter all codes 1 by 1 everything gone correct but when i started to add vps in ogp panel it says "The Agent that is controlling this server is offline.Could not add server 167.88.49.10" how to fix it ?
below are codes which i used

Code:
sudo apt-get update

sudo apt-get upgrade

sudo apt-get install libxml-parser-perl libpath-class-perl perl-modules screen rsync sudo e2fsprogs unzip subversion libarchive-extract-perl pure-ftpd libarchive-zip-perl libc6 libgcc1 git curl

sudo apt-get install libc6-i386

sudo apt-get install libgcc1:i386

sudo apt-get install lib32gcc1

sudo apt-get install libhttp-daemon-perl"

sudo apt-get install libc6-i386 lib32gcc1

sudo apt-get install libhttp-daemon-perl

wget -N "https://github.com/OpenGamePanel/Easy-Installers/raw/master/Linux/Debian-Ubuntu/ogp-agent-latest.deb" -O "ogp-agent-latest.deb"

sudo dpkg -i "ogp-agent-latest.deb"

sudo cat /root/ogp_user_password :  use these command for getting ogp username ,pass and enc key

any help please guys !

LightDestory · Posted by: LightDestory - 09-11-2019, 11:26 PM - Forum: Tutorials - Replies (3)

*This tutorial is part of a series, visit the main thread to learn more*

Nowadays, when we get a server, securing it up is one of the most important and critical step on our "to-do" list. We don't want any one to make us troubles, right? To do so, one of the main protagonist of this step is the firewall.

On this tutorial, we will learn what is a firewall, why it is so important and how to use it on Ubuntu Server & CentOS thanks to a very simple software called UFW (Uncomplicated firewall).

Let's start with some information!

What is a firewall?
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on a set of 'rules' that the SysAdmin sets up. We can imagine the firewall as a barrier between a trusted internal network and untrusted external network, such as the Internet. Believe me, Internet isn't secure at all!There are two form of firewall:
- Hardware firewall, a dedicated device used by enterprises that it is usually located between the routers, which communicates with Internet, and the switches. Its role is to manage the connection to the DMZ by the customers, think about public services such as website/blog for example, and monitoring and protect the remote access to the company internal network. We can say that it operates over all the company network. I will not deep-in on enterprise networking because it is a very interesting but complex topic, that myself studied on the last year of high school so I am not a expert.
- Software firewall or Personal firewall, is a software which controls network traffic to and from a computer, thus it usually protects only the computer on which it is installed. Typically it works as an application layer firewall*.
  On this tutorial we will focus on software firewall.
How it works and why it is so important?
We can identify two types of firewall operation:
- Packet filtering: the firewall reads up all the packets' metadata that are passing via your network interface, if some metadata matches a rules then the firewall will act. All firewalls can do this. It is done at the network layer.
- "Data validation": the firewall doesn't just read the packets' metadata; it will also look at the actual data transported. It knows how certain protocols work, for example FTP or HTTP. If the data that is in the packet is not valid for that protocol the packet will be dropped.
We are talking about rules, we already said that they are made by SysAdmin, but what are they? Well, to put is simple they are a pair < ACTION , SUBJECT > where:
- ACTION: can be set to "allow" or "deny" and it indicates the behavior of the firewall;
- SUBJECT: it can be a web port, a ip address or, for some particular firewall, an application target. It indicates to who the rule will be applied.
You can now understand why firewall is so important, with it we can manage all the outgoing and incoming traffic of our server: every packet that tries to get out/in needs firewall's approval.Good practices tells us to deny all the incoming traffic and allow all the outgoing traffic, we will then create rules to allow specific incoming traffic such as SSH (port 22), HTTP (port 80), HTTPS (port 443), Mailing (port 25).
Why UFW?
UFW (Uncomplicated firewall) is a wrapper for IPTABLES. A wrapper is a software that provides a easy commands for a more complex tool. If you are interested on IPTABLES, @"Hidden Refuge" made a thread about a basic usage of it.
I think that UFW is very simple and easy to learn. It is not perfect, it has its own limitation but for general firewall usage works!

Now, we can start our tutorial (The commands should be run as sudo or root):
Installation:

UBUNTU: If you are using Ubuntu Server, then you have already installed it. Nothing to do.
CentOS: If you are running CentOS you have probably installed FirewallD, we need to stop its service, if enabled, and install UFW:
- First, we need to stop, if running, the firewallD service. The following command will do that:
  
  Code:
  systemctl stop firewalld
- With the following command you will disable to boot load, if enabled, of the FirewallD service:
  
  Code:
  systemctl disable firewalld
- Now, UFW is available on the EPEL repository so we need to install it with the following command:
  
  Code:
  yum install -y epel-release
- Finally, we can install UFW with the following command:
  
  Code:
  yum install -y ufw

Note that "-y" is a flag to skip the confirmation question.

Starting and Enabling:
Now that ufw is installed we need to start it and enable it on boot.

First, we use a UFW command that should start and enable boot load:

Code:
ufw enable
It can happen that the previous command doesn't enable the boot load, so to make sure it is enable run:

Code:
systemctl enable ufw

Usage:
Now let's see how to use it:

To see the current status and which rules are up, use the following command:

Code:
ufw status
For good practice we will block incoming traffic and allow outgoing:
- [*}To deny all the incoming traffic, run the following command:
  Code:
  ufw default deny incoming
  [*}To allow all the outgoing traffic, run the following command:
  
  Code:
  ufw default allow outgoing
To allow/deny a specific port, run the following command:

Code:
ufw [allow/deny] [port]/[protocol: "tcp" or "udp", default=tcp]
To allow/deny a range of ports, run the following command:

Code:
ufw [allow/deny] [fisrt_port]:[last_port]/[protocol: "tcp" or "udp", default=tcp]
To allow/deny all the connections from a specific STATIC IP, run the following command:

Code:
ufw [allow/deny] from [IP]
To allow/deny the connections on a specific port from a specific STATIC IP, run the following command:

Code:
ufw [allow/deny] from [IP] to any port [port]
To delete a rule, you need to know its index using the following command:

Code:
ufw status numbered
Now you can delete the rule with the following command:

Code:
ufw delete [index]
If you want to stop the firewall for a moment, run the following command:

Code:
systemctl stop ufw
If you want to start the firewall after running the previous command, run the following command:

Code:
systemctl start ufw
If you want to disable the boot load of the firewall, run the following command:

Code:
systemctl disable ufw

What makes UFW my favorite? The APP SYSTEM:
Usually on Ubuntu systems the app list will be populated by installing software via special triggers, meanwhile on CentOS the UFW package from EPEL will come preloaded with a lot of APPS!

If you want to see your app list, use the following command:

Code:
ufw app list
If you want to see more information about an app, use the following command:

Code:
ufw app info 'APP_NAME'
If you allow/deny a specific app profile, use the following command:

Code:
ufw [allow/deny] 'APP_NAME'
To allow/deny an app profile for a specific STATIC IP, run the following command:

Code:
ufw [allow/deny] from [IP] to any app 'APP_NAME'
If you want to delete an enabled app profile, just follow the same steps to delete a rule.

You can create custom app profile by creating a file inside:

Code:
/ect/ufw/applications.d/

We will create a file called for example 'test', then we need to fill this structure:

Code:
[APP_NAME]

title=A one line title

description=A longer description with more information

ports=1,2,3,4,5,6,7,8,9,10/tcp|50/udp|53

This file will create an app that is called 'APP_NAME' and will allow 1 to 10 ports on tcp protocol, allow port 50 on udp and allow 53 on both tcp and udp. You can use the ',' to list ports that will be activated with the same protocol, you can use '|' create a new list of ports.

Remember that after making changes on the rules, to make them effective you need to restart the firewall using the following command:

Code:
systemctl restart ufw

youssefbasha · Posted by: youssefbasha - 09-11-2019, 07:56 AM - Forum: Software - Replies (2)

Hello,
I have noticed my friend making a new site and he used OVOO software.
I tested it and it was really awesome!
-Its easy to use
-Gives you options for uploads (Link, File in PC, YouTube)
-Can change the movie info like name/slug/artist/director and etc even after posting the movie
-Allows u to set if you want to make it downloadable or not.
-Allows you to add more than 1 server for every movie
-You can setup a discord webhook so it can send all the new movies
I really liked it but its not free :V (43$ on codecanyon)
Demo: http://preview.codecanyon.net/item/ovoom...1568188303
Buy (not aff link): https://codecanyon.net/item/ovoomovie-vi...s/20180569
If anyone from you used it before gimme your opinion.
Does it really deserves the 43$ or what?
Thanks.

arsalahmed786

Hi, It's Arsal Ahmed Global Moderator of Post4VPS since May 2018.

I'm taking a break. So administrator team can remove from modetator if they want, But i might be active soon again.
Since last 3-4 weeks i'm not as active as i used to be. So many problems in life.

I'm requesting giveaway manager (@deanhills) to cancel my new VPS 8 (sponsored by CubeData) i haven't used it once only reinstall OS and didn't even use it, I know it's not right way to cancel VPS but if you get time do it or i will drop it this month.

As i said i might be back very soon maybe in a week and obviously i don't wanna lost my rank, But i can't say just hope life get better.

Thanks to all sponsors and members.
Hope to see you guys soon, Bye!

Login

Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting