Dynamic robots.txt – block search engines for all robots.

If you have multiple websites on a server or wildcard websites and you don’t want to create 1000 robots.txt files, but you want to disallow search engines access,  you can do the following elegant solution:

Create a robots.txt with the content below:
User-agent: *
Disallow: /

Then create your robots.txt file somewhere on your server.

Add the following to your httpd.conf:

# Exclude all robots
<Location “/robots.txt”>
SetHandler None

Alias /robots.txt /path/to/robots.txt

Restart your httpd server and you’re good to go!

AttributeError: ‘module’ object has no attribute ‘DeprecatedIn12’

If you are playing with certbot on CenOS7 and you encounter the thing below, it’s due to a Python library that should be upgraded:

AttributeError: ‘module’ object has no attribute ‘DeprecatedIn12’

pip install cryptography –upgrade

pip install –upgrade pip

then again:

pip install cryptography –upgrade

After this, you should be able to use certbot without any issues.

Changing SSH port in CentOS with SELinux enabled

So, you wanted to change the ssh port, but when you restart sshd : “systemctl restart sshd” – it doesn’t wanna come up due to selinux not allowing it:

Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: Starting OpenSSH server daemon…
— Subject: Unit sshd.service has begun start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

— Unit sshd.service has begun starting up.
Apr 26 12:31:21 ip-10-0-0-169 polkitd[13985]: Unregistered Authentication Agent for unix-process:14017:9027294 (system bus name :1.65, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bu
Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: error: Bind to port 25252 on 0.0.0.0 failed: Permission denied.
Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: error: Bind to port 25252 on :: failed: Permission denied.
Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: fatal: Cannot bind any address.
Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: Unit sshd.service entered failed state.
Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: sshd.service failed.

Enter semanage:

[[email protected] log]# semanage port -l | grep ssh
ssh_port_t tcp 22
[[email protected] log]# semanage port -a -t ssh_port_t -p tcp 25252

(this command will take a while to complete, so just let it be)

restart sshd: systemctl restart sshd 

voila! it’s alive!

— Unit sshd.service has begun starting up.

Useful vi commands

Just in case you’re lost at some point.

“o” = insert mode
“A” = edit at the end
“a” = edit where you are
“shift r” = replace some text
“yy” “5yy” = copy the lines
“p” “shift p” = paste below or above the line
“dd” “10dd” = deletes the line
“shift h” = go top
“shift l” or “shift g” = go bottom
“cw” = replace only 1 word – different than “shift r”
“/” = search forward | “n” and “shift n” – go to the next search
“?” = search backward
“u” = undo
“:%s/the/katmai” – replace in all the doc
“:1s/the/katmai” – replace on a line
“:e filename” – loads a file
“:r filename” – loads the contents of another file

disable and stop firewall on CentOS7

For the time being the firewall has to be off. I will replace it with csf anyway.

[[email protected] ~]# systemctl list-unit-files |grep -i firewall
dbus-org.fedoraproject.FirewallD1.service enabled
firewalld.service enabled
[[email protected] ~]# systemctl disable firewalld
rm ‘/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service’
rm ‘/etc/systemd/system/basic.target.wants/firewalld.service’

[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]#

Done!

CentOS7 disable ipv6

For the time being this has to stay off for clarity sake:

Add:
net.ipv6.conf.all.disable_ipv6 = 1
to /etc/sysctl.conf

then type: sysctl -p

Done.

CentOS7 change hostname

I started switching recently (i know i should have probably started earlier but meh, was busy) switching boxes to CentOS7. Changing the hostname is slightly different now:

[[email protected] ~]# hostnamectl status
Static hostname: beast1.domain.com
Icon name: computer-desktop
Chassis: desktop
Machine ID: e289f5250bd548609d5989766573ab49
Boot ID: 844dbb05561c4c599aad84d9f685d0e8
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-229.el7.x86_64
Architecture: x86_64

So in order to change the hostname you would do:

hostnamectl set-hostname my.new.hostname

Done!

Skip to toolbar Log Out