LinuxReaders

One fine day one the project leader asked that he we to share files over internet to employees, he was looking for some auth system where only existing employee can login. Since we have hosted mail server & no auth system in office the convenient way we found was to use POP3 Auth.

Following is the configuration I am sharing to use pop3 auth for web site running over apache.
Install Auth mechanism.
Refer

cpan
install Apache::AuthPOP3
install Net::POP3

Apache configuration

httpd.conf

ServerName userweb.linuxreaders.com
DocumentRoot /home/userweb
DirectoryIndex index.html
PerlModule Apache::AuthDBI

AuthName "Enter your Email ID & Password"
AuthType Basic
PerlAuthenHandler Apache::AuthPOP3
PerlSetVar        MailHost pop.linuxreaders.com
#PerlSetVar        UserMap pop3user1=>realname1,pop3user2=>realname2
Require valid-user

Here We are sharing guide to resize LVM size.

create new partition

ADD PHYSICAL VOLUME

pvcreate /dev/new_partition

Verify new physical volume

pvdisplay
Or
pvscan

Extend existing VOLUME GROUP

vgextend VolGroup00 /dev/xvda3

make sure vg free size is = new partition size using vgdisplay command

Extend existing LVM by adding new partition

lvextend /dev/VolGroup00/LogVol00 /dev/xvda3

make sure lv size is increased, use lvdisplay

RESIZE FILE SYSTEM

resize2fs /dev/VolGroup00/LogVol00

There is preferred way of bonding using ifcfg- files.
But I prefer following method as it is very easy to setup.

Here I am using 192.168.3.2 for the bond0.
eth0 & eth1 are used for bonding.
We’ll enter following lines in /etc/rc.local

modprobe bonding mode=balance-rr miimon=100
ifconfig bond0 192.168.3.2 netmask 255.255.255.0 up
ifenslave bond0 eth0
ifenslave bond0 eth1
route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.3.1

To verify bonding

cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.4.0 (October 7, 2008)

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: eth0
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:19:5b:fd:0f:e7

Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 00:16:76:d2:c7:8d

Most of the linux admins have used squid over linux.
This is one of the best proxy available.

One of my windows admin friend asked me to suggest free proxy available over windows, which has all the feature as Squid.
For testing purpose I configured squid over windows. This was easy task as win compiled versions are available.

Following is the guide for Win admins to configure Squid over Windows.

Download squid for windows from http://squid.acmeconsulting.it/

Extract it as c:\squid
rename configuration files
cd c:\squid\etc
rename squid.conf.default squid.conf
rename mime.conf.default mime.conf
rename cachemgr.conf.default cachemgr.conf

Create swap directories
cd c:\squid\sbin
squid -z

Register service
squid -i -f c:/squid/etc/squid.conf -n squid

To remove service
squid -r -n squid

For squid.conf configuration details refer my previous post

Refer

Windows
I wouldn’t have wrote this post if my software team was open to install latest version of apache_openssl.

One of our apache server is running on windows. During installation admin got apache-2.2.10_no_ssl installed. For some reason we chose to host web over SSL & not willing to update Apache version. Latest version with ssl support was easiest option, still I am told to use same version.
I am told to use self signed cert as this is for branch communication.
Following is the easiest way i found to integrate ssl support.

Gather supporting exe, dlls & conf

Copy required files (mentioned below) from same version of apache with openssl support.
From here you can download old version of apache.
e.g  I am using apache-2.2.10_no_ssl, I need to extract below files from apache-2.2.10_openssl installation.

copy following files from apache_openssl installed folder to apache_no_ssl (basically you need separate machine for apache_openssl installation.)

bin\libeay32.dll
bin\ssleay32.dll
bin\abs.exe
bin\openssl.exe
conf\openssl.cnf

Apache configuration
In httpd.conf uncomment following lines.

LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf

Changes in httpd-ssl.conf

SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/server.cert"
change DocumentRoot "c:\YOUR_WEBSITE"

Generate Self Signed Certificate Source
Run following commands from apache 2.2 folder.

cd conf
..\bin\openssl req -config openssl.cnf -new -out server.csr
..\bin\openssl rsa -in privkey.pem -out server.key
..\bin\openssl x509 -in server.csr -out server.cert -req -signkey server.key -days 365

Restart apache and verify working https.

Linux

yum install mod_ssl
service httpd reload / restart

When I started this post, had no intention to include Linux mod_ssl installation, though included if by chance I encourage windows admin to support Linux too. Have seen few win admins who prefers windows only.