Skip to content

All posts by Mike Smith - 11. page

Problems enabling server side encryption on ownCloud 8

When enabling encryption on an ownCloud 8 installation and the user already has files in account, those files will be encrypted on the first login.  A message will display saying “Initial encryption started.  This can take a while…. Please wait.”  If, for some reason the account gets stuck in this mode, it is because the migration_status value for the users account has been set to -1, instead of 1.  When all the files have been encrypted, this value is set to 1.  When set to 0, the initial encryption runs.  To update this value, log into mysql and perform the following steps:

#mysql -u root -p

use owncloud

SELECT * FROM oc_preferences WHERE configkey="migration_status";

(the command just entered will show the migration_status value for all accounts)

Click here to keep reading this post

How to install Fail2Ban on CentOS 7 – Step by Step Guide

This is a how to on installing Fail2Ban on CentOS 7.  Fail2Ban is an incredibly useful, and often necessary, package that will automatically block IP addresses attempting to brute-force attack your server(s). For instance, with Fail2Ban installed, if an IP address attempts to brute-force login user “root” on your server, one a certain number of attempted logins is reached within a designated time period, it will automatically insert an IPtables rule into your firewall to block all access from that IP address for a specified period of time. Of course, you set all of these variables in the configuration file, which I’ll go into later on. I have yet to have a public facing server be online more than a day before a brute force attack of some sort is encountered. The best practice is to use secure passwords, with upper case, lower case, numbers and a few symbols. Never use dictionary based passwords. With effective, secure passwords it would take a very, very long time to gain access to a server by means of brute force, but it is possible. Regardless, it’s best to block these attacks from the beginning. It is all automated with Fail2Ban.

This guide assumes you have a CentOS 7 installation and have ran yum update.  It requires you have root SSH access to the server.

First, you need to install the EPEL repository.  Fail2Ban is not available from CentOS, with the available repositories.

cd /tmp

rpm -Uvh http://dl.fedoraproject.org/pub/epel/7/x86_64/epel-release-7-5.noarch.rpm

Click here to keep reading this post