Google Apps Wizard Upgradation

 

Google Apps $1 Hosting Prewebhost

Google Apps $1 Hosting Prewebhost

You can upgrade Google Apps Wizard through shell,  Login  into your account and follow the below steps for the same :

 

cd
tar -xf gaw-3.0.tar
cd gaw-3.0
sh gaw-installer.sh -update
cd ..
rm -Rfv gaw-3.0/ gaw-3.0.
Google Apps $1 Hosting Prewebhost

Password Protect One File

Password Protect One File

To password protect an individual file:

  1. Create a file :  .htpasswd  and place it above your root directory, so visitors can’t access it.

o    Example of the root directory pathway for shared accounts :

Home/cPUserName /.htpasswd

root directory pathway for Reseller,  Dedicated server  and VPS accounts: Home/cPUserName /.htpasswd

  1. Create an encrypted password using htpasswd generator. [http://www.htaccesstools.com/htpasswd-generator/]

You can setup password for multiple files, all share a common .htpasswd file.

  1. Right click on the .htpasswd file and select the Code Edit option.
  2. In the popup that appears, click the Edit button.
  3. Place the generated .htpasswd information into the .htpasswd file.
  4. Click on the Save Changes button.
  5. Click on the Close button.
  6. Navigate to the directory where the file(s) that you would like to password protect lie.
  7. If an .htaccess file does not exist in the directory already, create one.
  8. Right click on the .htaccess file and select the Code Edit option.
  9. Insert the following code into the .htaccess file:

<FilesMatch “file.extension“>
AuthName “Member Only”
AuthType Basic
AuthUserFile /home/cpusername/.htpasswd
require valid-user
</FilesMatch>

Be sure to replace replace file.extension with your file’s actual name and replace cpusername with your actual cPanel username.

  1. Click on the Save Changes button.
  2. Click on the Close button.

This will protect the specified file, while leaving all other files in the folder unprotected.

Password Protect Multiple Files

You can protect more than one file by using wildcard names. On the FilesMatch line in the previous .htaccess code example, try one of the directives below:

<FilesMatch “*.html”>

<FilesMatch “file.*”>

<FilesMatch “*.*”>

WordPress and Password Protecting Files

WordPress can have some minor conflicts with password protecting files due to the changes in the .htaccess rules.

sudo command – Linux

PreWebHost.com

PreWebHost.com

The sudo command offers another approach to giving users administrative access. When trusted users precede an administrative command with sudo, they are prompted for their own password. Then, when they have been authenticated and assuming that the command is permitted, the administrative command is executed as if they were the root user.

The basic format of the sudo command is as follows:

 sudo <command>

In the above example, <command> would be replaced by a command normally reserved for the root user, such as mount.

The sudo command allows for a high degree of flexibility. For instance, only users listed in the /etc/sudoers configuration file are allowed to use the sudo command and the command is executed in the user’s shell, not a root shell. This means the root shell can be completely disabled  in the Red Hat Enterprise Linux / CentOS / Fedora / Ubuntu.

Each successful authentication using the sudo is logged to the file /var/log/messages and the command issued along with the issuer’s username is logged to the file /var/log/secure. Should you require additional logging, use the pam_tty_audit module to enable TTY auditing for specified users by adding the following line to your /etc/pam.d/system-auth file:

 session required pam_tty_audit.so disable=<pattern> enable=<pattern>

 

where pattern represents a comma-separated listing of users with an optional use of globs. For example, the following configuration will enable TTY auditing for the root user and disable it for all other users:

 session required pam_tty_audit.so disable=* enable=root

 

Another advantage of the sudo command is that an administrator can allow different users access to specific commands based on their needs. Administrators wanting to edit the sudo configuration file, /etc/sudoers, should use the visudo command.

To give someone full administrative privileges, type visudo and add a line similar to the following in the user privilege specification section:

mark ALL=(ALL) ALL

Above example states that the user, mark, can use sudo from any host and execute any command. The example below illustrates the granularity possible when configuring sudo:

 %users localhost=/sbin/shutdown -h now

This example states that any user can issue the command /sbin/shutdown -h now as long as it is issued from the console.

 

Important Points :

There are several potential risks to keep in mind when using the sudo command. You can avoid them by editing the /etc/sudoers configuration file using visudo as described above. Leaving the /etc/sudoers file in its default state gives every user in the wheel group unlimited root access.

By default, sudo stores the sudoer’s password for a five minute timeout period. Any subsequent uses of the command during this period will not prompt the user for a password. This could be exploited by an attacker if the user leaves his workstation unattended and unlocked while still being logged in. This behavior can be changed by adding the following line to the /etc/sudoers file:

 Defaults    timestamp_timeout=<value>

where <value> is the desired timeout length in minutes. Setting the <value> to 0 causes sudo to require a password every time. If a sudoer’s account is compromised, an attacker can use sudo to open a new shell with administrative privileges:

 sudo /bin/bash

Opening a new shell as root in this or similar fashion gives the attacker administrative access for a theoretically unlimited amount of time, bypassing the timeout period specified in the /etc/sudoers file and never requiring the attacker to input a password for sudo again until the newly opened session is closed.