Linux for Everyone

When it comes to configuring Azure Virtual Machines (VMs) within a Load Balancer (LB) environment, there are essential requirements that need to be addressed to ensure optimal performance and reliability. One common challenge faced by Azure users is the necessity of configuring IP SKUs correctly. In this blog post, we'll explore this requirement, its importance, and provide a solution to address it effectively. Understanding the IP SKU Requirement   The IP SKU (Service Key Update) requirement plays a pivotal role in the proper functioning of your Azure infrastructure, particularly within the context of Load Balancers. Here's what you need to know : IP Should Be in Standard SKU When adding Azure VMs to a Load Balancer, it's highly recommended to utilize public IP addresses configured with the Standard SKU. The Standard SKU offers an array of advanced capabilities, including enhanced traffic management and load balancing options. By using Standard SKU, you ensure a higher deg...

  If you are System Admin and worked on linux machine or servers in your current job or in past. Chances are you might come across linux service abrtd, even if you have not worked on it. but might be through some other work. same thing happened to me, while I was doing my regular work of installing php packages on linux  servers , i came across this error for which spent couple of hours actually to resolve it. T he error was 

Did you ever got the error while doing any changes in Azure Application gateway which goes into failed state ? if yes then you are landed in correct blog post. here in this post i will try to share the solution for same issue i faced in past. B ut before that lets try to understand what is Azure AG (application gateway). Below diagram will help you to understand what is Application gateway. In simpler words, Application gateway consists of Load balancer (a device who decide where to send the traffic based on the configuration done on it, although that is completely different topic to discuss) and acts as WAF (Web Application Firewall - which monitors the incoming traffic based on the application behavior hosted on back-end servers) LB where considered as Network device (sometimes it might be software not just physical device and works at Network Layer of OSI model WAF considered as kind of Software and works at Application Layer of OSI model  Issue:   Application Gateway falli...

If you ever worked on GULP installation as System Admin on Linux Servers, you might had come across below error  Error :   " WARNING: C++ compiler too old, need g++ 4.8 or clang++ 3.4 (CXX=g++) " Solution :  To Solve this error we need to install newer version of C++ and g++ rpm packages on linux servers. Try to get the exact version which error message is saying to you on screen. Or You can Download below rpm files for RHEL6/CENTOS6 operating System and then install it ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/devtoolset/x86_64/2/devtoolset-2-gcc-c++-4.8.2-15.el6.x86_64.rpm ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/devtoolset/x86_64/2/devtoolset-2-gcc-4.8.2-15.el6.x86_64.rpm ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_products/devtoolset/x86_64/2/devtoolset-2-runtime-2.1-4.el6.noarch.rpm ftp://mirror.switch.ch/pool/4/mirror/scientificlinux/6x/external_product...

Ever tried to install or upgrade the OpenSSL package installed on linux server ? Ok. so I had similar experiance in my current company where i faced a error while doing the upgrade of openssl package on redhat machine. and I was doing that to get rid of vulnerabilities.                                                                      Error I faced: l ibssl.so.10(libssl.so.10)(64bit) is needed by  OR libz.so.1(zlib_1.2.0)(64bit) is needed                                   ...

Recently a new vulnerability has been discovered in the the internet market having target to Docker services. What is this Vulnerability: In short, Docker service uses another service called as runc which is container run time to spawn and run containers. which simply means if docker task is to create docker images then runc task would be running them and attaching a process to container. So as per the recent discovery by the maintainers of runc, the code of this service was having some bug which can be used by attackers to gain the root level of access of the host machine on which docker containers are running. How it can be Exploited: This vulnerability can be exploited in two ways (1) if the docker images are in use is vulnerable making the containers build from it vulnerable also (2) if somehow attacker got the access of containers and then trying to exploit using the bug present in runc and trying to get root privileges. Solution to Fix Vulnerability: Ce...

If you are a developer you might be familiar with version control in your dev life. Even if you are system admin working on Windows/Linux/Unix then also you may come across version control. For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com                The point is if you know it its Good :) but if you do not know there is no need to worry. I will try to explain it to you as easy as possible.                                                                       What is Version Control A version control (VC) is a system which keeps an eye on your files (which you provide to him) over a period of time for all changes you are doing like updating, deleting etc and making a data for all these changes you are...

Recently there was another Vulnerability grab My attention which was related to DES and Tripple DES (3DES) , Any men in the middle can exploit this vulnerability by capturing large amount of encrypted data and thus recover plain text sensitive data. Severity : Medium CVE Number : CVE-2016-2183 For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com Remediation : You need to disable any ciphers starting with DES and 3DES supported by Server by any service present on server for example Apache Nginx etc   Important Point to Remember : 1 :   Normally old browser don't supports DES and 3DES ciphers. It is very important to note that in many cases, a software update (back-ported version provided by Operating System vendor ) won't be enough to resolve this issue. Usually software update doesn't overwrite manually tweaked configuration files, which means, DES/3DES can be still available, even if the software up...

Recently World of Linux come across yet another bug which is haunting the nix users all over the world. This bug has given a name COW and its associated CVE number is CVE-2016-5195. Its kind of funny how this bug get their names, this too grab my attention when i first heard about it as COW ! i laughed out like what ? :) For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com Background : later when I started reading about this bug in details got to know how this bug got his name, which nothing but a " copy-on-write " technique which Linux kernel uses to maintain the private read -only memory mapping and this technique have some flaws in it since 2007 woohooo that was way long back. In other words if i have to say is this bugs allow a server to become completely compromised through local privilege escalation. This vulnerability is specific to the Linux Kernel, and exploiting this vulnerability does require a local system user...

In this Post, I am going to cover how to optimized REDIS  (recently i was reading this random blog giving more clear insight on what is redis and what the use of it in real world) instances as per our requirement. if you are not aware about REDIS at all, you can refer to my previous post where i have covered How To install REDIS on Centos/Redhat servers which goes here . How To Create Multiple instances of REDIS which goes here . What is the Best Standard method to configure REDIS which goes here . So, Lets see how to optimize our redis server. few points you need to keep in mind that which are important while doing optimization and we are going to learn more about shortly. For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com Remove any errors you are seeing under redis logs Check the amount of cache size your site is using for each port Set proper eviction policy for redis keys Set proper kernel Settings t...

In my earlier post i have covered how to run multiple instances of redis also showed through a video how it can done. In this post, I am going to cover best suitable redis (recently i come across this beautiful blog simplifying the concept of redis and its uses in real world) configuration file structure to have to minimize confusion to identify which ports belong to which cache. for example if you are having several ports configured for redis, how you will determine which port is associated with which redis cache.So in our case i.e redis with Magento, we normally used 3 types of cache Cache (magneto configuration files cache)  Full Page Cache Session Cache  So, to avoid confusion among the ports and its associated cache, i would recommend to use following data in your redis configuration for each port respectively as shown.   For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com 1) Create a file with name redis-base.conf ...