All Activity

This stream auto-updates   

  1. Earlier
  2. Fail2Ban is a simple script designed to scan log files for repeated failed login attempts and to ban IP addresses that make too many failures. Commonly that’s a brute force attempt to find correct password combination to login to a server via SSH. Step 1 – Login to your server via your favorite SSH client. Windows users can simply use Putty, it is free, small, portable and awesome. If you’ve disabled root login, then simply login with the username you setup then type “su” followed by entering your root password. Step 2 – Now issue this command syntax to install fail2ban on your server: You may firstly need to update your apt (not necessary but you may): | apt-get update then this command is the one to install fail2ban | apt-get install fail2ban screenshot: Step 3 – Now you have to setup Fail2ban’s configuration. By default, Fail2ban configuration has included many of possible services that may need the protection. Before you make changes to default config file, you have to make a copy first. Issue following command: | cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local It should look like this Step 4 – The command above copies “jail.conf” file to “jail.local” which you can make some changes to the config there. Now edit that file using our favorite text editor, Nano: | nano /etc/fail2ban/jail.local It should look like this.. Step 5 – Now make some changes (if you wish and if you need to) in the first section of the config. The first section called “DEFAULT” which is covering all basic rules that fail2ban will follow. The main important part is “ignore ip”. You can add your own IP address there so in case if you forgot the password you won’t be banned for trying some combinations no matter how many times you try. It means by adding your IP in the white list you can avoid accidentally ban yourself. Also do not forget to set “bantime” which rules how many seconds a banned user will still been locked out. Default value is 600 seconds or 10 minutes. You can adjust that value as you wish but you better raise the value because most of brute force bots will simply move on to the next target once banned by the server. Below “bantime” line is “maxretry”. This line defines how the amount of incorrect login attempts that a single IP may have before it gets banned for the length of the ban time you’ve defined. Default value is “3” but you can lower that value to “2” or “1”. The lower is better but make sure you white-listed your IP already in the “ignore ip” line above. The next line is “backend” which you can simply leave its value as “auto”. Now move to another line, “destemail”. In this line you can define to which email address all alerts will be sent. Simply change root@localhost to your own personal email address. But you have to make sure that your server has a working mail server already to be able to send outgoing email. Step 6 – Now move to the next section which is “Action”. Well, you can simply leave those lines as it is if you don’t really sure. All default value should be adequate for fail2ban to work correctly. Now you have to move a little bit down below and find the [ssh] section. You also don’t have to change that section. Its default values indicating that SSH protection is currently enabled / ON. You can change “enabled = true” to false if you want to turn OFF the protection. You can change the “port = ssh” line to the custom port number your SSH connection is designated. For instance, you’ve changed default SSH port from 22 to 2200, then change it to “port = 2200” Once done editing, hit Control+O to save then Control+X to exit Nano editor screen. Step 7 – That’s it. Now to make sure Fail2ban loads your newly defined config, simply do a restart. Issue this command: | service fail2ban restart Q: I rebooted the server, does it starts automatically? Yes, Fail2ban service will automatically start each time your server reboots. That’s it.
  3. VPS servers may not be deployed with the timezone/date/time that you need on your server. Luckily, we can manually set the timezone to prevent issues with your server. Step 1: Check current timezone First off, check the date and time your server is currently set to: date This will return one line, such as: Tue Sep 1 17:31:29 UTC 2015 Tue being the day, Sep being the month, 1 being the day, 17:31:29 being the time, UTC being the timezone, and 2015 being the year. Step 2: Changing the timezone In order to change the timezone, we'll need to reconfigure the package tzdata. We can do this by typing: dpkg-reconfigure tzdata This will open a menu. Select the timezone you want to use by using your arrow keys and pressing tab to select the "OK" button. For example, say that we changed our timezone to "GMT-4", you will see the following message confirming that you changed the timezone: Current default time zone: 'Etc/GMT-4' Local time is now: Tue Sep 1 21:35:42 GMT-4 2015. Universal Time is now: Tue Sep 1 17:35:42 UTC 2015. You can double-check by executing the date command again: Tue Sep 1 21:38:37 GMT-4 2015 Step 3: Installing ntpd Ntpd is a daemon that synchronizes the time to remote NTP time servers so that the time on your server is always correct. Ntpd is installed on Ubuntu by default. To check the version you're currently using, type: ntpd --version If NTP is not installed yet, install it with apt-get: apt-get install ntp Step 4: Configuring ntpd You will now need to add a remote NTP time server. Open the config file: vi /etc/ntp.conf You can add servers in this format: server 0.pool.ntp.org server 1.pool.ntp.org server 2.pool.ntp.org server 3.pool.ntp.org Servers can be found on the NTP website. Step 5: Opening the port 123 ntpd requires being able to communicate over the port 123. Open this port with iptables: iptables -A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT Or, if you use ufw: ufw allow 123 Congratulations! You have now installed and configured ntpd.
  4. All these examples assume an IPv6 subnet of 2001:DB8:1000::/64. You'll need to update them with the subnet that you have been assigned. We'll be using 2001:DB8:1000::100 as the main IP address to assign. We'll also be using 2001:19f0:4009:2001::1234 as a secondary IP address we're configuring. Adding a secondary IP is not necessary, but shows the process you'd use if you wanted multiple IPv6 addresses. Important Note: If you add an IPv6 subnet to an existing machine, you must restart the server via the control panel before IPv6 will work. Restarting via SSH or similar is not sufficient. IPv6 would not work at all until the server has been restarted. This does not apply if you've selected IPv6 during the initial server deployment. Windows: netsh interface ipv6 set global randomizeidentifiers=disabled netsh interface ipv6 add address interface="Local Area Connection" address="2001:DB8:1000::100/64" netsh interface ipv6 add address interface="Local Area Connection" address="2001:19f0:4009:2001::1234/64" CentOS: In /etc/sysconfig/network-scripts/ifcfg-eth0 add the following lines: IPV6INIT="yes" IPV6ADDR="2001:DB8:1000::100/64" IPV6_AUTOCONF="yes" IPV6ADDR_SECONDARIES="2001:19f0:4009:2001::1234/64" If you have IP forwarding enabled (if you're using your server as a VPN or similar), you'll need to add the following to /etc/sysctl.conf: net.ipv6.conf.all.accept_ra=2 net.ipv6.conf.eth0.accept_ra=2 The default settings here (which is 1), prevents IPv6 from working properly when IP forwarding is enabled. You can check if IP forwarding is enabled by running "sysctl net.ipv4.ip_forward". Debian/Ubuntu: In /etc/network/interfaces add the following lines: iface eth0 inet6 static address 2001:DB8:1000::100 netmask 64 up /sbin/ip -6 addr add dev eth0 2001:19f0:4009:2001::1234 If you have IP forwarding enabled (if you're using your server as a VPN or similar), you'll need to add the following to /etc/sysctl.conf: net.ipv6.conf.all.accept_ra=2 net.ipv6.conf.eth0.accept_ra=2 The default settings here (which is 1), prevents IPv6 from working properly when IP forwarding is enabled. You can check if IP forwarding is enabled by running "sysctl net.ipv4.ip_forward". FreeBSD: In /etc/rc.conf add the following lines: rtsold_enable="YES" ipv6_activate_all_interfaces="YES" rtsold_flags="-aF" ifconfig_vtnet0_ipv6="inet6 2001:DB8:1000::100 prefixlen 64 accept_rtadv" ifconfig_vtnet0_alias0="inet6 2001:19f0:4009:2001::1234 prefixlen 64"
  5. LAMP includes Apache, MySQL, PHP, and Ubuntu. This guide was written for Ubuntu 14.04. Step One: Install Apache Apache is a free open source software for web servers. To install Apache on Ubuntu, type these commands: sudo apt-get update sudo apt-get install apache2 Or just copy and paste this: sudo apt-get update; sudo apt-get install apache2 Tahhda. Let's check if Apache was installed correctly. Run the command: hostname -I and note down that IP. Open up your Internet Browser and direct your browser to that IP (Example: http://108.61.212.235 ). The page should load and say "It Works!". Step Two: Install MySQL MySQL is a database management system. Let's install MySQL on Ubuntu. Type these commands: sudo apt-get install mysql-server php5-mysql During the install, MySQL will request for you to setup a password. Once that has been installed, run these commands: sudo mysql_install_db Then write: sudo /usr/bin/mysql_secure_installation Step Three: Install PHP Now write these commands: sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt Done.
  6. Let's Encrypt is a new certificate authority that allows you to issue SSL certificates for free. You can now use SSL without any extra costs. When using an SSL certificate, all traffic between the client and the server is encrypted -- which drastically improves your website security. This guide covers the installation of a Let's Encrypt certificate and automatic renewal on Ubuntu. By the end of this tutorial you will have an Apache server setup on Ubuntu 14.04 with Let's Encrypt. Step 1: Prerequisites You will need a Vultr SSD cloud server with Ubuntu 14.04 installed. You will also need a LAMP stack (Apache, PHP, etc.). If you do not yet have a LAMP stack installed on your Vultr server, please refer to the following knowledge base article: How to Install Apache, MySQL, and PHP on Ubuntu. Once you have a working LAMP Stack on your Ubuntu Server, you can proceed with with installing Let's Encrypt. In order to generate and install your SSL certificate, you will need Git to clone the Let's Encrypt repository: $[ubuntu] apt-get install git $[ubuntu] git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt This will download the Let's Encrypt installer to /opt/letsencrypt. Step 2: Generating a Let's Encrypt SSL certificate Let's Encrypt verifies your domain by setting up a temporary web server process on your Ubuntu server. This process will run independently of your Apache server. After the SSL certificate has been generated, the temporary web server process will be automatically terminated by the Let's Encrypt installer. The installer will then install your newly created certificate on the Apache web server. $[ubuntu] ./letsencrypt-auto --apache -d yourubuntuserver.example If you want Let's Encrypt to generate an SSL certificate for even more domains, simply add those domains to the command. $[ubuntu] ./letsencrypt-auto --apache -d yourubuntuserver.example -d mysslcertificate.example This feature is very handy for securing your www subdomain. Right now, users who visit your website with the www prefix will get an SSL error. This kind of error will hurt your reputation. In order to resolve it, use a command like this: $[ubuntu] ./letsencrypt-auto --apache -d yourubuntuserver.example -d www.yourubuntuserver.example The Let's Encrypt client will now create a Let's Encrypt SSL certificate not only for yourubuntuserver.example but also for www.yourubuntuserver.example! Step 3: Forcing SSL You can now force your Apache server to route all HTTP requests to HTTPS. The best way to do this by creating an .htaccess file in your "www root" folder and appending the following rewrite code: RewriteEngine On RewriteCond % 80 RewriteRule ^(.*)$ https://letsencrypt.example/$1 [R,L] All incoming traffic on the HTTP port 80 will now automatically be redirected to port 443, which utilizes your LE SSL certificate. Step 4: Automatically renewing Let's Encrypt certificates As Let's Encrypt is a free certificate authority, SSL's can't be provided for one year or longer. All Let's Encrypt certificates are valid for 90 days. However, if you want to automatically renew them, this can be automated using a cron job. You can choose to renew certificates when they're about to expire. Open your crontab: $[ubuntu] crontab -e Append the following line to the crontab: 15 5 * * 5 /opt/letsencrypt/letsencrypt-auto renew >> /var/log/le-renew.log This cron job runs the /opt/letsencrypt/letsencrypt-auto renew command every Friday at 5:15 A.M. We have chosen to renew the certificates at this time because this is typically a period with little to no traffic on most sites. Therefore, visitors will not notice any delays because the server is under heavy load during the renewal and checking of all Let's Encrypt certificates. Your Ubuntu Server is now running a fully functional LAMP Stack and your website is using an SSL Certificate form Let's Encrypt with automatic renewal setup. It is possible to use more than one Let's Encrypt SSL certificate on your server; simply follow step #2 again for each domain. This concludes our tutorial, thank you for reading.
  7. ZNC is an advanced IRC network bouncer that is left connected all the time so that an IRC client can disconnect or reconnect without losing the chat session. In this tutorial, we'll compile ZNC with the web admin module installed. Installation Packages First of all, and as always, we'll update the package cache. sudo apt-get update Next, we'll install some dependencies required to compile ZNC. sudo apt-get install libssl-dev libperl-dev pkg-config build-essential Compile and install ZNC Download the latest release of ZNC: cd /usr/local/src sudo wget http://znc.in/releases/znc-latest.tar.gz Extract ZNC from the tarball, and then enter the source directory: sudo tar xf znc-latest.tar.gz cd znc-*/ At this step, you can set ZNC's installation directory by adding the --prefix=<yourdir> option. But for now, we'll install it system wide: ./configure We'll compile ZNC and install it with the following commands. To speed up the process, you may add -j n to the first make command, where n is the number of cores / vCPUs on your server. sudo make sudo make install This may take a few minutes, depends on your machine's configuration. Configuration It is important not to run web-facing apps under root. So we'll create a new user for ZNC. adduser --disabled-password znc Now switch to znc. su znc - cd ~ Create ZNC's config file under znc: /usr/local/bin/znc --makeconf ZNC will ask us some questions in order to create the config file. The first one is important; note your input because you will connect to the ZNC daemon using that port. We'll enter 6697 now - that's the default port for IRC with SSL / TLS. [ ?? ] What port would you like ZNC to listen on? (1025 to 65535): 6697 It is strongly recommended to enable SSL listening instead of the plain-text (i.e. insecure) scheme. Would you like ZNC to listen using SSL? (yes/no) [no]: yes Next question is regarding IPv6. That actually depends on your needs. If your home network is IPv6 enabled, it's recommended to enable. We'll just leave the default option there. [ ?? ] Would you like ZNC to listen using both IPv4 and IPv6? (yes/no) [yes]: <press Enter> Now it'll prompt us about two global modules, partyline and webadmin. They're self-explanatory, and we'll need to enable them. [ ?? ] Load global module <partyline>? (yes/no) [no]: yes [ ?? ] Load global module <webadmin>? (yes/no) [no]: yes User creation. Enter your desired username and password for the user, then confirm it. Note that the password will not be echoed. [ ?? ] Username (AlphaNumeric): Doe [ ?? ] Enter Password: <password> [ ?? ] Confirm Password: <password> Grant the user admin permissions: [ ?? ] Would you like this user to be an admin? (yes/no) [yes]: yes Then, your IRC network options. Set it on your own. Here's an example: [ ?? ] Nick [Doe]: Doe [ ?? ] Alt Nick [Doe_]: Doe_ [ ?? ] Ident [Doe]: DoeIdent [ ?? ] Real Name [Got ZNC?]: Jane Doe [ ?? ] Bind Host (optional): server.hostname [ ?? ] Number of lines to buffer per channel [50]: 50 [ ?? ] Would you like to clear channel buffers after replay? (yes/no) [yes]: yes Enable these modules: [ ?? ] Load module <chansaver>? (yes/no) [no]: yes [ ?? ] Load module <controlpanel>? (yes/no) [no]: yes [ ?? ] Load module <perform>? (yes/no) [no]: yes [ ?? ] Load module <webadmin>? (yes/no) [no]: yes Now we may setup the IRC network that ZNC will connect to. [ ?? ] Would you like to set up a network? (yes/no) [no]: yes We'll use #ubuntu on Freenode for example. Network (e.g. 'freenode' or 'efnet'): freenode Information about these network modules prompted are here. [ ?? ] Load module <chansaver>? (yes/no) [no]: yes [ ?? ] Load module <keepnick>? (yes/no) [no]: yes [ ?? ] Load module <kickrejoin>? (yes/no) [no]: yes [ ?? ] Load module <kickrejoin>? (yes/no) [no]: yes [ ?? ] Load module <nickserv>? (yes/no) [no]: yes [ ?? ] Load module <perform>? (yes/no) [no]: yes [ ?? ] Load module <simple_away>? (yes/no) [no]: yes Set the server we'll connect to: [ ?? ] IRC server (host only): irc.freenode.net [ ?? ] [irc.freenode.net] Port (1 to 65535) [6667]: 6697 [ ?? ] [irc.freenode.net] Password (probably empty): [ ?? ] Does this server use SSL? (yes/no) [no]: yes [ ** ] [ ?? ] Would you like to add another server for this IRC network? (yes/no) [no]: no And the channel we'll join: [ ?? ] Would you like to add a channel for ZNC to automatically join? (yes/no) [yes]: yes [ ?? ] Channel name: #ubuntu [ ?? ] Would you like to add another channel? (yes/no) [no]: no Finish the configuration and launch ZNC: [ ?? ] Would you like to set up another user? (yes/no) [no]: no [ .. ] Writing config [/home/znc/.znc/configs/znc.conf]... [ >> ] ok ... ... [ ?? ] Launch ZNC now? (yes/no) [yes]: yes Yay. ZNC is up and running!
  8. In this tutorial, you will learn how to add a web interface to your Linux VPS. The instructions here were tested using Ubuntu 12.04. Ajenti is an open source, web-based, lightweight control panel for Linux servers. It offers a simple, yet powerful graphical interface to perform most of the actions that are required to configure and keep your server up-to-date. If you want a simple, yet stable control panel with some eye candy, then try Ajenti on your VPS. Setup repositories Connect to your server using SSH as the root user. Download the latest package files. apt-get update Import keys and add the Ajenti Repository. Pay attention, this is important to prevent installing infected packages. wget http://repo.ajenti.org/debian/key -O- | apt-key add - Add the APT repository to to your sources.list file. echo "deb http://repo.ajenti.org/ng/debian main main ubuntu" >> /etc/apt/sources.list Install Ajenti Update the package sources again, then install the Ajenti package. apt-get update apt-get install ajenti Start Ajenti with the following command. service ajenti restart Now you can access the Ajenti panel by navigating to the following URL in a web browser. Replace [SERVER_IP] with the IP address of your VPS. https://[SERVER_IP]:8000/ If you are unable to access this URL, try opening the TCP port with the following command. iptables -A INPUT -p tcp --dport 8000 -j ACCEPT You will be presented with an invalid SSL certificate error. It is safe to proceed. Next, you will see a login screen. You can login with any UNIX username, such as root. At this point, you are inside the Ajenti panel. Navigate around the panel to start using some of its primary features, such as processor usage, memory usage, SSH over the web browser, cron job setup, firewall configuration, file system load, and more!
  9. There are several ways of logging into a server over SSH. Methods include password login, key-based login, and two-factor authentication. Two-factor authentication is a much better type of protection. In the event that your computer gets compromised, the attacker would still need an access code to login. In this tutorial, you will learn how to set up two-factor authentication on an Ubuntu server using Google Authenticator and SSH. Step 1: Prerequisites An Ubuntu 14.04 server (or newer). A non-root user with sudo access. A smart phone (Android or iOS) with the Google Authenticator App installed. You can also use Authy or any other app supporting TOTP based logins. Step 2: Installing Google Authenticator Library We need to install the Google Authenticator Library module available for Ubuntu which will allow the server to read and validate codes. Run the following commands. sudo apt-get update sudo apt-get install libpam-google-authenticator Step 3: Configure Google Authenticator for each user To configure the module, just run the following command. google-authenticator Once you run the command, you will be asked certain questions. The first question would be: Do you want authentication tokens to be time-based (y/n) Press y and you will get a QR code, secret key, verification code, and emergency backup codes. Take out your phone and open the Google Authenticator app. You can either scan the QR code or add the secret key to add a new entry. Once you have done that, note down the backup codes and keep them safe somewhere. In case your phone gets misplaced or damaged, you can use those codes to login. For the remaining questions, press y when asked to update the .google_authenticator file, y for disallowing multiple uses of same token, n for increasing time-window, and y to enable rate-limiting. You will have to repeat Step 3 for all of the users on your machine, otherwise they won't be able to login once you are through with this tutorial. Step 4: Configure SSH to use Google Authenticator Now that all users on your machine have set up their Google authenticator app, its time to configure the SSH to use this authentication method over the current one. Enter the following command to edit the sshd file. sudo nano /etc/pam.d/sshd Find the line @include common-auth and comment it out like below. # Standard Un*x authentication. #@include common-auth Add the following line to the bottom of this file. auth required pam_google_authenticator.so Press Ctrl + X to save and exit. Next, enter the following command to edit the sshd_config file. sudo nano /etc/ssh/sshd_config Find the term ChallengeResponseAuthentication and set its value to yes. Also find the term PasswordAuthentication, uncomment it, and change its value to no. # Change to no to disable tunnelled clear text passwords PasswordAuthentication no Next step is to add the following line to the bottom of the file. AuthenticationMethods publickey,keyboard-interactive Save and close the file by pressing Ctrl + X. Now that we have configured the SSH server to use the Google Authenticator, its time to restart it. sudo service ssh restart Try logging back into the server. This time you will be asked for your Authenticator code. ssh user@serverip Authenticated with partial success. Verification code: Enter the code that your app generates and you will be logged in successfully. Note In case you lose your phone, use the backup codes from Step 2. If you lost your backup codes, you can always find them in the .google_authenticator file under the user home directory after you login via console. Conclusion Having multiple factor authentication greatly improves your server's security and allows you to help thwart common brute force attacks.
  10. Introduction Easy Hosting Control Panel (EHCP for short) is a free and open source hosting control panel that can be used to host websites, create emails, sub domains, and FTP accounts easily using a web browser. It is written in the PHP programming language and provides built-in support for Nginx and PHP-FPM. Some of the EHCP features include: Open source and easily customizable. Manage DNS, domains, sub domains, FTP, MySQL, Email. Password protect domains. Support SSL, disk quota, domain alias, domain redirect. Backup and restore functionality. Supports unlimited user accounts, email accounts, and FTP accounts. Prerequisites A newly deployed Ubuntu 16.04 server instance. A non-root user with sudo privileges setup on your server. A static IP address of 192.168.15.110 configured on your system. As you're reading, replace this with the main IP of your server. Step 1: System update First, update your system to the latest stable version by running the following command: sudo apt-get update -y sudo apt-get upgrade -y sudo reboot Step 2: Install EHCP Download the latest version of the EHCP installation package. You can download EHCP from their official website. For example: wget http://ehcp.net/ehcp_yeni.tgz Once the download has completed, extract the downloaded file with the following command. tar -zxvf ehcp_yeni.tgz Next, change the directory to ehcp and run the install.sh script to install EHCP. cd ehcp sudo ./install.sh During the installation, read each step carefully and follow the instructions. The installer will install all of the required packages such as Apache, MySQL, Postfix and PHP. You will also need to provide some information to configure the different services and set the admin passwords. The installation can take up to 60 minutes depending on your internet speed. Upon a successful installation, you will see the following output: ehcp install finished up to now. we are continuing on simplifying the install process. sorry for any inconvenience. you can contact email/msn: info@ehcp.net you may join us in developing this control panel. You may visit http://www.ehcp.net You may support by donating cash, buying a pro license, doing php coding, html design, graphic design... You may support by donating free dedicated or virtual servers for this project... CURRENTLY WE NEED A DEDICATED SERVER WITH 8 CORE, 8GRAM, 500G hdd at least (or, you may consider to buy a pro license or donate..) ehcp : Finished all operations.. go to your panel at http://yourip/ now... Step 3: Access EHCP dashboard It's time to access the EHCP dashboard. Open your web browser and type the URL http://192.168.15.110. On the main page, click on the link that reads "Click here for the control panel on your server". Enter your login credentials. The default username is admin and the password is the one you setup during the installation. If you haven't set a password, use the default password of 1234. Congratulations! You have successfully installed EHCP on Ubuntu 16.04 server.
  11. PHP and related packages are the most commonly used components when deploying a web server. In this article, we will learn how to setup PHP 7.0 or PHP 7.1 on Ubuntu 16.04 LTS. Prerequisites An up-to-date Ubuntu 16.04 server instance. A sudo user. See instructions for Debian in this topic. Install and configure PHP 7.0 Since Ubuntu 16.04, PHP 7.0 has replaced PHP 5.x and become the default version of PHP in the official Ubuntu application repository. You can install and configure PHP 7.0 on your Ubuntu 16.04 system as follows. First of all, you can list all of the available PHP 7.0-related packages for review: apt-cache pkgnames | grep php7.0 Then you can install the package your to-be-deployed application requires. For example, if you want to deploy your application based on the LAMP stack, usually, you can install the below packages after installing Apache: sudo apt-get install -y apache2 sudo apt-get install -y php7.0 libapache2-mod-php7.0 php7.0-cli php7.0-common php7.0-mbstring php7.0-gd php7.0-intl php7.0-xml php7.0-mysql php7.0-mcrypt php7.0-zip Alternatively, if you want to deploy your application based on the LEMP stack, you can install the following packages after installing Nginx: sudo apt-get install -y nginx sudo apt-get install -y php7.0 php7.0-fpm php7.0-cli php7.0-common php7.0-mbstring php7.0-gd php7.0-intl php7.0-xml php7.0-mysql php7.0-mcrypt php7.0-zip After the installation, you can confirm that with: php -v The output should resemble: PHP 7.0.15-0ubuntu0.16.04.4 (cli) ( NTS ) Copyright (c) 1997-2017 The PHP Group Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies with Zend OPcache v7.0.15-0ubuntu0.16.04.4, Copyright (c) 1999-2017, by Zend Technologies The main config file of PHP 7.0 will be saved as /etc/php/7.0/apache2/php.ini (Apache) or /etc/php/7.0/fpm/php.ini (Nginx). You can use the vi text editor to modify relevant settings in that file. sudo vi /etc/php/7.0/apache2/php.ini or: sudo vi /etc/php/7.0/fpm/php.ini Remember to restart Apache or Nginx if you make any changes to that file or any other PHP config files: sudo systemctl restart apache2.service or: sudo systemctl restart nginx.service php7.0-fpm.service Install and configure PHP 7.1 If you want to install PHP 7.1, the latest stable release of PHP at the time of writing this article, on Ubuntu 16.04, a convenient method is to use the PPA (Personal Package Archives) repository. First of all, you need to add specified PPA to the system apt repository: sudo apt-get install -y python-software-properties sudo add-apt-repository -y ppa:ondrej/php sudo apt-get update -y Then you can list all of the available PHP 7.1-related packages for review: apt-cache pkgnames | grep php7.1 From now on, you can install and configure PHP 7.1 in the same fashion as mentioned in the chapter about PHP 7.0 above. Basically, replacing 7.0 with 7.1 in relevant commands will get your job done. That's it. Thanks for reading.
  12. Using a sudo user to access a server and execute commands at root level is a very common practice among Linux and Unix Systems Administrator. The use of a sudo user is often coupled by disabling direct root access to one's server in an effort to prevent unauthorized access. In this tutorial, we will be covering the basic steps for disabling direct root access, creating a sudo user, and setting up the sudo group on CentOS, Debian, and FreeBSD. Prerequisites A newly installed Linux server with your preferred distribution. A text editor installed on the server whether it's nano, vi, vim, emacs. Step 1: Installing sudo Debian apt-get install sudo -y CentOS yum install sudo -y FreeBSD cd /usr/ports/security/sudo/ && make install clean or pkg install sudo Step 2: Adding the sudo user A sudo user is a normal user account on a Linux or Unix machine. Debian adduser mynewusername CentOS adduser mynewusername FreeBSD adduser mynewusername Step 3: Adding the new user to the wheel group (optional) The wheel group is a user group which limits the number of people who are able to su to root. Adding your sudo user to the wheel group is entirely optional, but it is advisable. Note: In Debian, the sudo group is often found instead of wheel. You can however manually add the wheel group using the groupadd command. For the purpose of this tutorial, we will use the sudo group for Debian. The difference between wheel and sudo. In CentOS and Debian, a user belonging to the wheel group can execute su and directly ascend to root. Meanwhile, a sudo user would have use the sudo sufirst. Essentially, there is no real difference except for the syntax used to become root, and users belonging to both groups can use the sudo command. Debian usermod -aG sudo mynewusername CentOS usermod -aG wheel mynewusername FreeBSD pw group mod wheel -m mynewusername Step 4: Making sure your sudoers file is setup properly It is important to ensure that sudoers file located in /etc/sudoers is setup properly in order to allow sudo users to effectively use the sudo command. In order to accomplish that, we will view the contents of /etc/sudoers and edit them where applicable. Debian vim /etc/sudoers or visudo CentOS vim /etc/sudoers or visudo FreeBSD vim /etc/sudoers or visudo Note: The visudo command will open /etc/sudoers using the system's preferred text editor (usually vi or vim). Start reviewing and editing below this line: # Allow members of group sudo to execute any command This section of /etc/sudoers often looks like this: # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL In some systems, you may not find %wheel instead of %sudo; in which case, this would be the line under which you would start modifying. If the line starting with %sudo in Debian or %wheel in CentOS and FreeBSD is not commented out (prefixed by #), this means that sudo is already setup and is enabled. You can then move to the next step. Step 5: Allowing a user that belongs to neither the wheel nor the sudo group to execute the sudo command It is possible to allow a user that is in neither user groups to execute the sudo command by simply adding them to /etc/sudoers as follows: anotherusername ALL=(ALL) ALL Step 6: Restarting the SSHD Server In order to apply the changes you made to /etc/sudoers, you need to restart the SSHD server as follows: Debian /etc/init.d/sshd restart CentOS 6 /etc/init.d/sshd restart CentOS 7 systemctl restart sshd.service FreeBSD /etc/rc.d/sshd start Step 7: Testing After you have restarted the SSH server, log out and then log back in as your sudo user, then attempt to execute some testing commands as follows: sudo uptime sudo whoami Any of the below commands will allow the sudo user to become root. sudo su - sudo -i sudo -S Notes: The whoami command will return root when coupled with sudo. You will be prompted to enter your user's password when executing the sudo command unless you explicitly instruct the system to not prompt sudo users for their passwords. Please note that is not a recommended practice. Optional: allowing sudo without entering the user's password As previously explained, this is not a recommended practice and is included in this tutorial for demonstration purposes only. In order to allow your sudo user to execute the sudo command without being prompted for their password, suffix the access line in /etc/sudoers with NOPASSWD: ALL as follows: %sudo ALL=(ALL:ALL) ALL NOPASSWD: ALL Note: You need to restart your SSHD server in order to apply the changes. Step 8: Disable direct root access Now that you have confirmed that you can use your sudo user without issues, it is time for the eighth and final step, disabling direct root access. First, open /etc/ssh/sshd_config using your favorite text editor and find the line containing the following string. It may be prefixed with a # character. PermitRootLogin Regardless of the prefix or the value of the option in /etc/ssh/sshd_config, you need to change that line to the following: PermitRootLogin no Finally, restart your SSHD server. Note: Do not forget to test your changes by attempting to SSH into your server as root. If you are unable to do so, this means that you have successfully completed all the necessary steps. This concludes the tutorial.
  13. When setting up a new Linux server, updating the system's Kernel and other packages to the latest stable release is a recommended practice. In this article, we will learn how to update CentOS 7, Ubuntu 16.04 LTS or Debian 8. Prerequisites A fresh CentOS 7, Ubuntu 16.04, or Debian 8 server instance. A sudo user. On CentOS 7: Setup the EPEL YUM repo: sudo yum install epel-release -y Perform the system update and then apply system modifications by restarting the system: sudo yum update -y && sudo shutdown -r now On Ubuntu 16.04 or Debian 8: Update the list of packages which can be updated: sudo apt-get update -y Then install updates and then apply them by restarting the system: sudo apt-get upgrade -y && sudo shutdown -r now That's it. After the reboot, log in as the same sudo user to continue your work.
  14. When deploying a web site or a web app, the most common web service solution for that is to setup a LAMP stack which consists of Linux, Apache, MySQL, and PHP. In this article, we will learn how to setup an up-to-date LAMP stack by installing the latest stable releases of Apache 2.4.x, MariaDB 10.x, and PHP 7.x on Ubuntu 16.04. Prerequisites An up-to-date Ubuntu 16.04 x64 server instance. A sudo user. See instructions for Debian in this topic. Step 1: Install Apache 2.4.x Install the latest stable release of Apache 2.4.x using the following command: sudo apt-get install apache2 -y Use the below command to confirm the installation: apache2 -v The output should resemble: Server version: Apache/2.4.18 (Ubuntu) Server built: 2016-07-14T12:32:26 In a production environment, you will want to remove the default Ubuntu Apache welcome page: sudo mv /var/www/html/index.html /var/www/html/index.html.bak For security purposes, you should prevent Apache from exposing files and directories within the web root directory /var/www/html to visitors: sudo cp /etc/apache2/apache2.conf /etc/apache2/apache2.conf.bak sudo sed -i "s/Options Indexes FollowSymLinks/Options FollowSymLinks/" /etc/apache2/apache2.conf Note: In accordance with your specific requirements, you can customize more settings in that file later. Start the Apache service and make it start on system boot: sudo systemctl start apache2.service sudo systemctl enable apache2.service Step 2: Install MariaDB 10.x At the time of writing this article, the current stable release of MariaDB is 10.1. You can use the following commands to install MariaDB 10.1 on your Ubuntu 16.04 x64 system. Setup the system apt repo: sudo apt-get install software-properties-common sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8 sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://mirror.jmu.edu/pub/mariadb/repo/10.1/ubuntu xenial main' Install MariaDB: sudo apt update -y sudo apt install -y mariadb-server During the installation process, the MariaDB package configuration wizard will automatically pop up and ask you to setup a new password for the MariaDB rootuser. For now, just press Enter every time the wizard pops up to skip this step because we will setup a password for the MariaDB root user in the following securing MariaDB procedure. Having MariaDB installed, you can confirm the installation with: mysql -V The output should be similar to: mysql Ver 15.1 Distrib 10.1.22-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2 Start the MariaDB service: sudo systemctl start mariadb.service sudo systemctl enable mariadb.service Secure the installation of MariaDB: sudo /usr/bin/mysql_secure_installation During the interactive process, answer questions one by one as follows: Enter current password for root (enter for none): <Enter> Set root password? [Y/n]: Y New password: <your-MariaDB-root-password> Re-enter new password: <your-MariaDB-root-password> Remove anonymous users? [Y/n]: Y Disallow root login remotely? [Y/n]: Y Remove test database and access to it? [Y/n]: Y Reload privilege tables now? [Y/n]: Y Note: Be sure to replace <your-MariaDB-root-password> with your own MariaDB root password. In this fashion, MariaDB 10.1 has been securely installed onto your system. In the future, you can setup designated users and databases for your web apps as follows: Log into the MySQL shell as root: mysql -u root -p Type the MariaDB root password you set earlier when prompted. Create a MariaDB database webapp, a database user webappuser, and the database user's password yourpassword: CREATE DATABASE webapp; CREATE USER 'webappuser'@'localhost' IDENTIFIED BY 'yourpassword'; GRANT ALL PRIVILEGES ON webapp.* TO 'webappuser'@'localhost' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION; FLUSH PRIVILEGES; EXIT; If necessary, you can customize MariaDB by reviewing and editing the main MariaDB config file which is /etc/mysql/my.cnf: sudo cp /etc/mysql/my.cnf /etc/mysql/my.cnf.bak sudo vi /etc/mysql/my.cnf Remember to restart the MariaDB service if you make any modifications to that file: sudo systemctl restart mariadb.service Step 3: Install PHP 7.0 or 7.1 When dealing with PHP 7.x, please refer to another topic which describes the process in detail. Step 4: Setup the UFW firewall By default, the UFW firewall on Ubuntu 16.04 is inactive. You should enable the UFW firewall in order to enhance security: sudo ufw app list sudo ufw allow OpenSSH sudo ufw allow in "Apache Full" sudo ufw enable That's all. After going through the above procedures, the LAMP stack would have been up and running on your Ubuntu 16.04 system. You can then deploy your own web app on the basis of the LAMP stack. Enjoy it!
  15. This tutorial explains how to setup a DNS server using Bind9 on Debian or Ubuntu. Throughout the article, substitute your-domain-name.com accordingly. At the end of the tutorial, you will have a functional Ubuntu DNS server. Install Bind9 apt-get install bind9 Configuration Backup current Bind9 settings. cp /etc/bind/named.conf.options /etc/bind/named.conf.options.bak Edit /etc/bind/named.conf.options and replace the content to following: options { directory "/var/cache/bind"; auth-nxdomain no; listen-on-v6 { any; }; statistics-file "/var/cache/bind/named.stats"; rrset-order {order cyclic;}; allow-transfer { 127.0.0.1; }; }; logging { channel b_query { file "/var/log/bind9/query.log" versions 2 size 1m; print-time yes; severity info; }; category queries { b_query; }; }; Create the log directory for Bind9. mkdir /var/log/bind9 chown bind:bind /var/log/bind9 Edit /etc/bind/named.conf to configure your domain zone file location. Append the following lines: zone "your-domain-name.com" { type master; file "/etc/bind/zones/your-domain-name.com.db"; }; Create your domain zone file at /etc/bind/zones/your-domain-name.com.db. Insert your DNS records by following this template: $TTL 86400 @ IN SOA ns1.your-domain-name.com. root.your-domain-name.com. ( 2014100801 ; Serial 43200 ; Refresh 3600 ; Retry 1209600 ; Expire 180 ) ; Minimum TTL ; Nameservers IN NS ns1.your-domain-name.com. IN NS ns2.your-domain-name.com. IN NS ns3.your-domain-name.com. ; Root site IN A 123.456.78.90 ; Hostname records * IN A 123.456.78.90 sub1 IN A 123.456.78.91 sub2 IN A 123.456.78.92 ; Aliases www IN CNAME your-domain-name.com. webmail IN CNAME ghs.google.com. ; MX records @ IN MX 1 aspmx.l.google.com. @ IN MX 3 alt1.aspmx.l.google.com. @ IN MX 3 alt2.aspmx.l.google.com. @ IN MX 5 aspmx2.googlemail.com. @ IN MX 5 aspmx3.googlemail.com. @ IN MX 5 aspmx4.googlemail.com. @ IN MX 5 aspmx5.googlemail.com. ; SPF records @ IN TXT "v=spf1 ip4:199.195.140.194 include:_spf.google.com ~all" Restart Bind9: /etc/init.d/bind9 restart You're all set. At this point, you may want to register your DNS server with your domain registrar. After doing that, you can change your existing name server to your own DNS server. If you come across problems and need to view errors, you may use the following command. /etc/init.d/bind9 status
  16. Introduction VestaCP is a simple and clever hosting control panel with many features. Its installation is simple, and requires just one command. Vesta CP is beneficial for shared hosting, because one of its core features is that packages commonly used for shared hosting get installed automatically. This includes DNS server, mail server, and so forth. Requirements Debian 7 (Wheezy) Curl 512MB+ RAM 10 Minutes Installation As mentioned above, the installation process is done using a single command which installs all of the required packages, then configures them. First, we need to download the install script using the following command: curl -O http://vestacp.com/pub/vst-install.sh After we've downloaded the installation script, we have to set the permissions to run it: chmod +x vst-install.sh As of now, we can proceed with the installation of VestaCP using three different modes: Nginx with PHP-FPM bash vst-install.sh --nginx yes --phpfpm yes --apache no --vsftpd yes --proftpd no --exim yes --dovecot yes --spamassassin yes --clamav yes --named yes --iptables yes --fail2ban yes --mysql yes --postgresql no --remi yes --quota no --hostname <SERVER_HOSTNAME> --email <ADMIN_EMAIL> --password <ADMIN_PASSWORD> Nginx with Apache bash vst-install.sh --nginx yes --apache yes --phpfpm no --vsftpd yes --proftpd no --exim yes --dovecot yes --spamassassin yes --clamav yes --named yes --iptables yes --fail2ban yes --mysql yes --postgresql no --remi yes --quota no --hostname <SERVER_HOSTNAME> --email <ADMIN_EMAIL> --password <ADMIN_PASSWORD> Apache only bash vst-install.sh --nginx no --apache yes --phpfpm no --vsftpd yes --proftpd no --exim yes --dovecot yes --spamassassin yes --clamav yes --named yes --iptables yes --fail2ban yes --mysql yes --postgresql no --remi yes --quota no --hostname <SERVER_HOSTNAME> --email <ADMIN_EMAIL> --password <ADMIN_PASSWORD> Conclusion Your VestaCP panel is installed and ready for use. Happy hacking!
  17. ########################################################################### # # # WHATS NEW !? # # # ########################################################################### ########################################################################### # # MODULES # ########################################################################### GREET + all greets are saving themselves in <username>.greets.txt from BlackTools/FILES + Now you can erase greets by !greet del <greet> - it can be used wildcards as (*Hi* , * - for all) + Now if there are added more greets, you will be able to select one as active. Remember that the last greet added is becoming active. To set a current greet type !greet set <number> (number is taken from the list) + Added an antiflood. If there more joins in N seconds, eggdrop will not place the greet for 60 seconds. + Now you can add multiple lines in the same greet. How? Using the char: ~ Example: !greet add Hi !~How are you? At the join users will get (17:40:18) -eggys- Hi ! (17:40:22) -eggys- How are you ? -------------------------------------------------------------------------------- TCL + Now you can see the .tcl scripts loaded on eggdrop, those which are in 'scripts' folder and also load/unload .tcl scripts + Commands : .tcl <list> (show loaded tcls) .tcl <load> <name.tcl> (loading of an tcl) .tcl <unload> <name.tcl> (unloading a tcl) .tcl <all> (show all tcls) .tcl <info> <name.tcl> (tcl information) --------------------------------------------------------------------------------- LEAVE + all leaves are saving themselves in <username>.leave.txt from BlackTools/FILES + Now you can erase greets by !greet del <greet> - it can be used wildcards as (*Hi* , * - for all) + Now if there are added more greets, you will be able to select one as active. Remember that the last greet added is becoming active. To set a current greet type !leave set <number> (number is taken from the list) + Added an antiflood. If there more joins in N seconds, eggdrop will not place the greet for 60 seconds. + Now you can add multiple lines in the same greet. How? Using the char: ~ Example: !leave add Bye Bye~We will be expecting for you :D At part users will get (17:40:18) -eggys- Bye Bye (17:40:22) -eggys- We will be expecting for you :D ---------------------------------------------------------------------------------- BADCHAN + Added a new badchan system. Now whoever will be found on a badchannel will have 30seconds to leave that badchannel, or else it will be banned. + Now it has a global badchan + You can specify personalized reason for every added channel. + Commands : .badchan <on>/<off> .badchan <add> <#channel> [reason] [-global] .badchan <list> [-global] .badchan <del> <#channel> .badchan <set> <reason> <reason> (default reason) .badchan <set> <bantime> <minutes> (default ban-time) .badchan <status> .badchan <find> <#channel> (channel informations) ------------------------------------------------------------------------------------- ANUNT + all announces are saving themselves in <username>.announce.txt from BlackTools/FILES + Added a new recording/showing sistem of announces more efficient + Announces are shown one after another on channel, from the first one to the last one added + Now you can add multiple lines in the same greet. How? Using the char: ~ Example: .anunt add My add~is rocking And eggdrop will place on channel (12:05:02) -eggys- My add (12:05:04) -eggys- is rocking -------------------------------------------------------------------------------------- AutoBroadcast + all broadcasts are saving themselves in <username>.autobroadcast.txt from BlackTools/FILES + now broadcasts are shown from the first to the last one + now you can add multiple lines to the same broadcast. How? Using the char: ~ Example: .bt add Visit~WWW.TclScripts.Net And eggdrop will place on channel (13:17:01) * @eggys Visit (12:05:04) * @eggys WWW.TclScripts.Net + there is .set +silent setting which enabled will make the eggdrop stop sending broadcasts to that channel ---------------------------------------------------------------------------------------- Count + added for count %time% variable which you can use when you set count-message , setting the date when it has been enabled the count module Example : .set count-message You are user with number %num% which has joined on %chan% starting from %time%. And eggdrop will place on channel : (13:58:52) * Rejoined channel #tcltesting (13:58:52) -eggys- You are user with number 6 which has joined on #tcltesting incepand starting from 04/29/2012. + added join-flood protection. ----------------------------------------------------------------------------------------- Topic + all topics are saving themselves in <username>.topic.txt from BlackTools/FILES + added .topic <lock> | .topic <unlock> options which will lock/unlock the topic and if it is locked it can be changed only by an user admin+ (manager). -------------------------------------------------------------------------------------------- Idle + added delete exceptions command from idle + added a new scanning sistem for those with idle + repaired a few bugs about those who received deop and were added to exceptions + repaired a few bugs about deop or devoice to those with autoop or autovoice enabled -------------------------------------------------------------------------------------------- Seen + made the search to be more efficient + in case that, the search will find more results it will sort them and give the most recent one + repaired a few bugs. + added .set seen-method <notice>/<privmsg> setting, which will make the answers for searches to be sent via NOTICE or PRIVMSG to the user or to channel. + added a timer for checking and deleting recordings which number of days passes that default set -------------------------------------------------------------------------------------------- ChanReport + added to backchan a message to tell nickname of that one who gave the ban, in case it is enabled -------------------------------------------------------------------------------------------- Gag + added Gag module trough which you can silent your enemies :) Sintaxa : .gag <nick> [minutes] [reason] + you can list the given gags with command : .gag -list + to remove a gag use : Syntax : .ungag <nick>/<host> -------------------------------------------------------------------------------------------- User Auto Expire + added user expiration mode which haven't been seen by a period of time + already achieved that period, these users are deleted + period is set default to 60 days, and can be modified in script. -------------------------------------------------------------------------------------------- Antipub Except + added antipub exceptions module for irc. antipub <chan> <add> <*link*> / <#chan> | <list> | <del> <link> / <#chan> + you can easily set in script as well predifined exceptions. -------------------------------------------------------------------------------------------- Next + added next module usefull for those who have a help channel. Syntax : .next / .next list (show list) | .helped <nick> | .noidle <nick> | .skip <nick> + setari optionale pentru modul : next-noidlreason <reason> ; default reason for noidle noidle-bantime ; bantime for noidle next-backchan ; backchan set for next + enabling backchan, commands given on it will be active on mainchan. ############################################################################################ # # COMMANDS # ############################################################################################ -------------------------------------------------------------------------------------------- set + added option .set global <+setting> / setting -:- to be applied on every eggdrops' channels set global +antipub + now key can be set trough the command: .set chanmode +k <key> -------------------------------------------------------------------------------------------- addchan + added option addchan <channel> <key> + Eggdrop will join the channel using that key every time. + To change the key use : .set chanmode +ntk <key> + To remove the key use : .set chanmode +nt -------------------------------------------------------------------------------------------- purge + added .purge <chan> <reason> which allow a channel to be removed by the manager of it or by owner -------------------------------------------------------------------------------------------- del + now command del <user> is available even for manager level + if user is found with access on other eggdrops' channels than the "del" command won't work for manager level, and eggdrop will tell you to you instead ".delacc" command -------------------------------------------------------------------------------------------- delchan + added mandatory reason option for deleting a channel <botnick> delchan <reason> + reason and other info will be available trough .info <chan> command (other infos : by who was added , deleted , how long it has been added) -------------------------------------------------------------------------------------------- purge + added mandatory reason option for deleting a channel + this command is available to owner and manager of the channel <botnick> purge <reason> .purge <reason> + reason and other info will be available trough .info <chan> command (other infos : by who was added , deleted , how long it has been added.) -------------------------------------------------------------------------------------------- suspend + added mandatory reason option to suspend a channel <botnick> suspend <reason> + command available only to owner and boss owner. + reason and other info will be available trough .info <chan> command (other infos : by who was added , deleted , how long it has been added.) -------------------------------------------------------------------------------------------- info + replaced .stats <chan> command with .info <chan> command if no user is specified. <botnick> info <chan> .info <chan> + if a user is specified, infos about user will be shown on channel. -------------------------------------------------------------------------------------------- i + now at invite (.i) command if no nickname is specified, user who used the command will be invited <botnick> i <chan> -------------------------------------------------------------------------------------------- add / adduser + removed the setting for truncating nickname to 9. Now the eggdrop will do this automatically. + added filters to bold/colours in case user writes with bold or colours. -------------------------------------------------------------------------------------------- clear + added 2 more options for clear, these are "settings" and "activ" clear <userlist> / <banlist> / <settings> / <activ> + "settings" option will disable all modules, protections from that channel. + "activ" option will reset users activity for channel commands used -------------------------------------------------------------------------------------------- find + added a new command for those with global access. find <host> / <user> + its function is to search users after their host or name, showing their hosts and the channels where they have access, also where they have been seen lately. + wildcards accepted ( find *abc* ) + to show all users use "find *" -------------------------------------------------------------------------------------------- activ + added an option to activ command activ <user> [-reset] + -reset option will reset the activity of that user. + this option is only available for manager+. -------------------------------------------------------------------------------------------- banlist + added -all option to banlist command to preview all bans given in channel banlist <user> | <-all> -------------------------------------------------------------------------------------------- h <chaninfo> + in this category we have NOW these sub-categories : <standard> / <blacktools> / <top> + in blacktools category we have all protections from Blacktools script +(NEW) in <standard> category we have standard eggdrop settings Syntax : .h standard + every tcl script which has an activation flag will appear automatically in .h standard :-) -------------------------------------------------------------------------------------------- addhost + NOW even those with ADMIN Level can add hosts. -------------------------------------------------------------------------------------------- userlist + added another option to see channel userlist. Syntax : userlist <online> + will show which users with access are online at that time -------------------------------------------------------------------------------------------- auto + added a new command which replaces commands: addop,delop,addvoice,delvoice. + with this command you can add or remove autoop/autovoice even for local or global users Syntax : .auto (+/-)o | (+/-)v <user> [-global] -------------------------------------------------------------------------------------------- ub + NOW if it specifies instead of <host> an <nickname> which is not on channel, eggdrop will do WHOIS and take his host searching for every ban that encounters about that nick,ident,host and will UNBAN it. -------------------------------------------------------------------------------------------- sb + NOW if it specifies instead of <host> an <nickname> which is not on channel, eggdrop will do WHOIS and take his host searching for every ban that encounters about that nick,ident,host showing infos about that banned <nickname> -------------------------------------------------------------------------------------------- + now all ban commands can deal multi ban (.b , .dr , .spam , .stick , .black...etc) Example: .b <host1>,<nick1>,<host2> <time> <reason> -------------------------------------------------------------------------------------------- -----------------------------------------------------------END OF BlackTools v2.4 CHANGELOG- --------------------------------------------------------------------------------------------
  18. # Translated in English by Time2Go O®G. # ########################################################################### #Script wich contains many protections & commands & modules to make your # #life easier with the eggdrop resources. #
  19. #A Next Generation Channel Control Script that contains a lot of commands # #modules, and protections that make`s your life easy for you and for your # # Eggdrop. #
  20. #- Tin sa anunt ca in versiunea 1.9 nu am adaugat alte comenzi sau #protectii ci se poate numi o versiune de perfectionare, deoarece #versiunea 1.8 dupa cate am vazut nu pre are stabilitate din cauza #timerelor si din ce am testat botii picau si numai reveneau.Imi cer #scuze pentru bugu acesta. # #- Acum versiunea 1.9 este mult mai rapida toate modulele merg, numai #sunt probleme cu timerele, stabilitate mare deci sfatul meu e sa #treceti la 1.9 deoarece este mult mai buna # #- am facut putina ordine la binduri si la flaguri # #- Si am mai reparat un alt bug care era de la bun inceput, userii cu #nickurile cu { sau [ nu puteau folosii din comenzi nu erau acceptati #useri cu { , [ , acum acest bug este rezolvat deci este un pass #inainte:D #Deci acum pot spune ca BlacKToolS 1.9 a ajuns la o noua generatie
  21. #-> Am reparat cycle de la "antispam" acum va da la un interval de timp #exact #-> Am rezolvat topic refresh , acum merge perfect #-> Am adaugat la .userlist ( la owneri ) si comanda .userlist <owner> #pentru a vedea BOSS OWNER cine mai are access global #-> Am adaugat comanda : .broadcast <mesaj> ( va da mesajul pe toate #canalele ) #-> Am adaugat un "count" la banurile date la egg , acesta va fii #afisat la reason-ul fiecarui ban dat de BoT #-> Am adaugat comanda : .act <mesaj> ( Va actiona cu /me ) #-> Am adaugat Modul de numarare a intrarilor pe canal (count) #Pentru Activare .count on/off (pt alte comenzi .count ) # #-> Acum puteti introduce in mesaju de la antispam , count , si canal #si nick folosind inlocuitorii %nick% , %chan% #-> Am adaugat modul de greet & leave #Pentru activare .greet on # .leave on #Pentru setare mesaje : .greet set <mesaj> # .leave set <mesaj> #Va anunt ca puteti pune si %nick% , %chan% deoarece bot-ul le va #inlocuii cu $chan , si $nick. Ex : !greet set Bun venit %nick% ! # !leave set %nick% te mai asteptam #pe %chan% ! #-> Am adaugat comenzile : .autoop <on> / <off> (activezi autoop) # .autovoice <on> / <off> (activezi autovoice) #-> Am adaugat protectie la idle-deop pentru cei carora li se da autoop #deci pentru a adauga pe cineva la exceptii pentru idle-deop , setatii #autoop prin comanda .addop <user> #-> Am adaugat comanda de ban global: # .gb <nick> / <host> <timp> <motiv> # <timp> = <ore> #-> Pentru verificare banuri globale : .sb <ban> global #-> Pentru a sterge un ban global : .ub <ban> global #-> Am adaugat modul de logare la X #-> Am adaugat comanda .stick <nick> / <host> <timp ore> <motiv> #Adauga ban , care tine timpu pus de voi iar botul va mentine banul in #banlistul canalului pana la expirare (puteti folosii ca timp "0" si il #va tine permanent #-> Am adaugat comanda .ping pentru verificarea pingului de catre cei #care au access la eggdrop # #Am adaugat protectii : .antibadquitpart <on> / <off> # .antilongtext <on> / <off> # .antijoinpart <on> / <off> # .antibadrealname <on> / <off> # #Premiera : Am adaugat un modul de anunt.Acum va puteti seta pentru #fiecare canal un anunt , care va fii dat de un bot la un interval de #timp setat de dumneavoastra #Pentru activare folositi .anunt on pentru dezactivare off #pentru a va seta anuntu dati : .anunt set <mesaj>
  22. #-Am adaugat statistici la comenzi #Acum puteti verifica activitatea celor cu access la egg #Aveti la dispozitie comanda : # .info <user> # va arata detaliile , nivelul de access + # statistica pentru fiecare tip de comanda ! (de cate ori #a folosit comanda) #-Am adaugat comanda .vers <nick> ( va arata versiunea scriptului lu #nick ) #-Am adaugat comanda .whois <nick> ( ii va da whois aratand host si #canalele pe care se afla ! #-Am adaugat comanda save (pe prv va salva fisierele) #-Comanda .mode <mode> ( salveaza acum modurile canalului) # #-Am adaugat protectia .antispam on/off avand utilitatile : # -> face hop un interval de timp, se seteaza in script # -> daca este setat "1" in dreptul setarii, botul va da mesaj la #fiecare user care intra pe canal # -> exceptie la banare cei cu + , @ si cei cu access la egg # -> atentie pentru a fi functionala comanda .check activati antispam # #-Am setat banurile pentru anticaps , antirepeat , anticolor ca ban-#time sa fie in minute in lista botului # #-Am mai adaugat ca protectii : .antiunderline on/off # .antibold on/off #Aceste protectii au si ele ban-time exprimat in minute # #-Am modificat .sb (acum arata si timpu si ora cand expira banu, si #timpu si ora cand a fost setat si am montat mesajele intr-un singur #mesaj # #-Am adaugat modul de anti-idle pentru opi # .antidle on/off # NEW ! #-Comanda .away <away> nu doar isi pune botu away, acum salveaza away #iar la fiecare conectare isi va pune awayu salvat dar asta dupa 20 #minute de la conectare.Deci botul va avea intotdeauna awayu setat
  23. #### # #### ##### # # ##### ##### #### # ##### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # ## # # ###### # ## # # # # # # ##### # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #### ##### # # ##### # # # ##### #### ##### ##### # # # # # ##### ##### # # # # # # # # # # #### #### # # # # # # # # # # ##### # ##### #
  24. # ® BLaCkShaDoW ProductionS ® # # # # Presents # # # # B L A C K T O O L S # # 2.1 # # # # THE NEXT GENERATION TCL #
  25. # ® BLaCkShaDoW ProductionS ® # # # # Presents # # # # B L A C K T O O L S # # 2.0 # # # # THE NEXT GENERATION TCL #
  26. #Am restructurat .h erau comenzile prea multe asa ca le-am pus pe #categorii. #Am adaugat comenzi de adaugat autoop .addop <user> / .delop <user> #Am adaugat comenzi pentru adaugat autovoice .addvoice <user> / #.delvoice <user> #Am adaugat ca protectii : .anticaps on/off ( anti caps Lock) # .anticolor on/off (anti color) # .antirepeat on/off (antirepeat) #Am adaugat alte facilitati # .reban on/off ( pune orice ban din memoria #sa la X) # .refresh on/off ( va reimprospata topicu la #un interval de timp #Am adaugat un chaninfo care este disponibil in .h se vor afisa #comenzile de activare si statutul acestora daca sunt activate sau nu #Am mai reparat unde erau cateva buguri gasite din greseala
  1. Load more activity