Linux for Everyone

In my earlier post i have covered how to run multiple instances of redis also showed through a video how it can done. In this post, I am going to cover best suitable redis (recently i come across this beautiful blog simplifying the concept of redis and its uses in real world) configuration file structure to have to minimize confusion to identify which ports belong to which cache. for example if you are having several ports configured for redis, how you will determine which port is associated with which redis cache.So in our case i.e redis with Magento, we normally used 3 types of cache Cache (magneto configuration files cache)  Full Page Cache Session Cache  So, to avoid confusion among the ports and its associated cache, i would recommend to use following data in your redis configuration for each port respectively as shown.   For Freelance Work & Queries Contact me by Email Id support@linuxforeveryone.com 1) Create a file with name redis-base.conf under /etc/ an

In the last post I have covered how to install redis server on Centos/Rhel using rpm method and yum method and some troubleshooting skills. In this post i am going to cover how to install and configure redis to run with multiple ports.                                                                           But why we need more ports ? If you have read my earlier post , you already know that by default redis runs on single port 6379, which any one can use it for small website to cache the data. But for heavy website like magento we need to use additional ports along with 6379 to serve different cache from different ports. Like in Magento there is simple cache which is normally stored under /var/cache directory. Then there is Full Page Cache which is stored under /var/full_page_cache and session cache which is stored under /var/session_cache. Note : Discussion about cache/full page cache/session is not under the scope for this document.                      

From this post, I am starting a series of posts/pages which will mostly based on caching (recently i read this blog and found out quite simple to understand about what and why we need caching) mechanism like Redis, Memcache, Apc, Varnish are the few to list. So, here on this post i am going to cover REDIS first. After reading this post, you will get to know                                                                                                                       What is Redis ? So, Redis is "no-sql" database which is used to stores data as keys. which is mainly used as database,as caching for website across the globe. NoSql means, there is no structure query language like mysql in redis, instead its data structure.                                                           Where it is Beneficial ? Many of the website are using redis to fasten their response time to the end user using the advantages of redis. So if you want your we

To clean the cache from system which apt caches when we update/install the packages apt-get clean    To downloads  packages list from repository and update them,to get data on latest available packages apt-get update   To install specific version of  package apt-get install package-name  To check OS version    Ex : lsb_release -a To provides the package's description, its dependencies, the name of its maintainer. apt search, apt show, aptitude search, aptitude show work in the similar manner Ex : apt-cache search php5-fpm The checkrestart program tries to determine if there are  processes  in the  system  that  need to be restarted after a system upgrade .Consequently, checkrestart is sometimes used as an audit tool  to  find outdated  versions  of  libraries  in  use, particularly after security upgrades Ex : checkrestart -h  List all installed packages, along with package version and short details. Ex : dpkg -l php5-fpm

  Recently we came across a vulnerability know as Logjam which according to researchers any attacker or Man in the middle can exploit weak  Diffie–Hellman key Algorithm. this vulnerability has denoted with CVE number as  CVE-2015-4000.   How DH Algorithm gets exploited Traditionally, secure encrypted communication between two parties (here browser and servers) required that they first exchange keys by some secure physical channel. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel.   Here attacker can force the communication between the server and browser to downgrade to lower bit export grade cryptography. The attackers can attacks any servers that support DHE_EXPORT ciphers and affects mostly all browsers. Recommendation : 1) Disable Export Cipher Suites Even though modern browsers no longer support export suites, the FREAK and Logjam attac

In this post we will see, how can we create CSR with SAN, which stands for Subject Alternative Names and obviously using openssl command. For those who do not know what is SAN, let me cover this in short.There are 3 main types of SSL  Standard SSL  :- Used for securing single domain. like www.domain.com, i,e one domain -- one certificate Wild card SSL : - Used for securing multiple sub-domains like home.domain.com office.domain.com in single certificate, i.e multiple subdomain --- single certificate Multi-domain SSL : -- Used for securing multiple domains, like www.domain.com, www.home.com, www.office.net, i,e multiple domains --- single certificate. So, SAN comes under multiple domains certificate category. When you purchase a multi-domain certificate from certificate issuing authority ,they give you options of defining SAN along with primary domain. So, Here we are discussing about how to create CSR(which is required while purchasing the certificate) with SAN itself.

  If you are managing many of sites and their respective SSL certs, some times ,we come across a situation where we messed up with SSL certs and their CSR and private keys,   Where we do not know, which private key belongs to which Cert and which private key belongs to which CSR. This happen only if proper management of keeping SSL files are not in used  after all we are all human being ,who do mistakes :)  right ? so, here on this page I will tell you , how to check which cert belongs to which private key and which CSR belongs to which private key , and that is  only using openssl command on the terminal itself, after all we are love linux terminal :) So , here it is, openssl rsa -noout -modulus -in mydomain.key | openssl md5  openssl req -noout -modulus -in mydomain.csr | openssl md5 openssl x509 -noout -modulus -in domain.crt | openssl md5 If you find the output of all command identical ,high probability is that all files i.e private key ,csr and certificate are match