Enable Hibernation in Fedora 42 (With Power Menu Integration)

Fedora 42 is a leading-edge Linux distribution, but hibernation isn’t enabled out of the box. Here’s a step-by-step guide to enable hibernation, resolve common SELinux issues, and add a Hibernate button to the GNOME power menu.

Why Hibernation?

Hibernation saves your entire session by writing RAM to disk and powering off. Next time you boot, everything resumes exactly where you left off—perfect for laptops and desktop users who want to save battery or avoid losing work during shutdowns.​

Prerequisites

1. UEFI System: Hibernation setup is simpler on UEFI. Run bootctl to confirm; if you see “Not booted with EFI,” a more manual approach is needed.​
2. Adequate Disk Space: You’ll need a swap file at least as large as your RAM.
3. SELinux Consideration: SELinux can block hibernation; check the troubleshooting below.

Step 1: Create and Enable Swap

Open your terminal and enter:

SWAPSIZE=$(free | awk '/Mem/ {x=$2/1024/1024; printf "%.0fG", (x<2 ? 2*x : x<8 ? 1.5*x : x) }')
sudo btrfs subvolume create /var/swap
sudo chattr +C /var/swap
sudo restorecon /var/swap
sudo mkswap --file -L SWAPFILE --size $SWAPSIZE /var/swap/swapfile
sudo bash -c 'echo /var/swap/swapfile none swap defaults 0 0 >>/etc/fstab'
sudo swapon -av

This ensures a reliable swap setup compatible with Btrfs and systemd.​

Step 2: Configure Dracut for Hibernation

To make systemd aware of your new swap location:

echo 'add_dracutmodules+=" resume "' | sudo tee /etc/dracut.conf.d/resume.conf
sudo dracut -f

Test it with:

systemctl hibernate

After reboot, your session should restore automatically.​

Step 3: Fix “Access Denied” (SELinux)

If you get Call to Hibernate failed: Access denied, fix permissions:

sudo semanage fcontext -a -t swapfile_t '/var/swap(/.*)?'
sudo restorecon -RF /var/swap

If issues persist, generate and install a SELinux policy:

sudo setenforce 0      # Temporarily disable enforcement for testing
sudo systemctl hibernate
sudo setenforce 1      # Return to enforcing mode

# If hibernate works, make it permanent

sudo audit2allow -b -M systemd_hibernate
sudo semodule -i systemd_hibernate.pp

This sets the required access permissions for hibernation and keeps SELinux enabled for security.​

Step 4: Add Hibernate Button to Power Menu (GNOME)

Fedora’s GNOME desktop doesn’t show Hibernate by default. Here’s how to add it:

Install the GNOME browser connector:

sudo dnf install gnome-browser-connector

Visit Hibernate Status Button Extension in your browser and toggle ON.

Enable the extension in the Extensions app, or via CLI:

gnome-extensions enable hibernate-status@dromi

Restart GNOME Shell (Alt+F2, type r, press Enter).

You’ll now see Hibernate in the top-right Power menu, making it easy to hibernate from the GUI.​

Step 5: Configure Power Button for Hibernate

Want the physical power button to hibernate? Edit /etc/systemd/logind.conf:

HandlePowerKey=hibernate

Restart logind to apply:

sudo systemctl restart systemd-logind

Troubleshooting

Swap too small? Use at least as much as your RAM, possibly up to 1.5x for systems under 8 GB.
Button won’t appear? Ensure systemctl hibernate works, and GNOME Shell extension is compatible.
SSD concerns: Hibernation writes the entire RAM to disk—great for convenience, but means more SSD writes over time. If worried, use suspend instead.​

Configure NGinx to serve static files and Apache for dynamic

In CentOS 6.x
Follow the following steps for installation. 
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Now that the repo is installed, we need to install NGinx

yum install nginx

Configuring NGinx

Now that NGinx is installed we need to create a VirtualHost (actually NGinx calls them Server Blocks) for each site we are hosting.

nano /etc/nginx/conf.d/virtual.conf
#Insert one of these for each of the virtualhosts you have configured in Apache

server {

 listen 80;

root /path/to/site/root; 

 index index.php index.html index.htm;

server_name www.yourdomain.com yourdomain.com;

location / {

 try_files $uri $uri/ /index.php;

 }

location ~ \.php$ {

 proxy_set_header X-Real-IP $remote_addr;

 proxy_set_header X-Forwarded-For $remote_addr;

 proxy_set_header Host $host;

 proxy_pass http://127.0.0.1:8080;

}

location ~ /\.ht {
 deny all;
 }
}

This configuration tells NGinx to try and serve the requested file, but to pass the request onto Apache if it's unable to do so. Requests for PHP files should be forwarded automatically. Apache will be told who requested the file in the 'X-Forwarded-For' header.

The final section tells NGinx not to check requests for .htaccess files as no one want anyone to see the contents of these.


Configuring Apache

We want users to hit our NGinx installation (otherwise this effort is wasted) but Apache is currently sat on port 80. So we're going to move it to 8080 (given that's the port we specified in the NGinx configuration we created).

nano /etc/httpd/conf/httpd.conf
# Find the following
Listen (someIP) 80
# Change the port to
Listen 127.0.0.1 8080

# Now at the bottom of the file, you'll find your virtualhost directives,
# Change all port definitions of 80 to 8080
# Don't forget the Default virtualhost definition
# <virtualhost *:80> becomes <virtualhost *:8080>

We change the Listen address as we don't want external hosts to access Apache directly, everything should go through NGinx. Ideally, we also want to forbid outside access to port 8080 at the firewall to ensure that the point of entry to our system is restricted to the authorised route - through NGinx.

Start the Services
We've now configured Apache to listen on a different port, so all we need to do know is restart Apache (so that it moves to port 8080) and start NGinx so that it can start handling requests.

• service httpd restart
• service nginx start

Now if you browse to your site, nothing should have changed visibly. However, if you check the HTTP headers you should see NGinx instead of Apache, checking a phpinfo file should still show Apache as having called the PHP parser though.

 

Installation FFmpeg on Linux RHEL/CentOS 6.X

FFmpeg :

FFmpeg is simply a tool that implements a decoder and then an encoder. It is a complete, cross-platform solution to record, convert, and stream audio and video. This allows users to convert files from one format to another.

Features :

• FFmpeg is free software licensed under the LGPL or GPL depending on your choice of configuration options.


• FFmpeg Hosting can convert any video format to the web-optimized .flv format so that they can get streamed on the website.


• FFmpeg provide command line tool to convert multimedia files between formats.

Steps to Installation FFmpeg on Linux RHEL/CentOS 6.X

  

Step 1 : Create FFmpeg Repository

Open repository Directory

[root@bsrtech ~]# cd /etc/yum.repos.d/

Create name with ffmpeg(any name) repositorty& open with vi command

[root@bsrtech yum.repos.d]# vim ffmpeg.repo

Step 2 : Write the following data on that file

     [ffmpeg]
name=FFmpeg RPM Repository for Red Hat Enterprise Linux
baseurl=http://apt.sw.be/redhat/el6/en/x86_64/dag/  (64 Bit OS)
#baseurl=http://apt.sw.be/redhat/el6/en/i386/dag/   (32 Bit OS)
gpgcheck=1
enabled=1

Save&Quit the file(:wq)

Stewp 3 : Copy the conf file in lib directory

 Copy /etc/ld.so.conf file in /usr/local/lib/ directory

[root@bsrtech ~]# cp -r /etc/ld.so.conf  /usr/local/lib/

Then After Run This Command

[root@bsrtech ~]# ldconfig -v  (Enter)

Step 4 : Install rpmforge Repository

For 32 Bit OS

[root@bsrtech ~]#rmp -Uvh http://apt.sw.be/redhat/el6/en/i386/rpmforge/RPMS/rpmforge-release-0.5.3-1.el6.rf.i686.rpm

For 64 Bit OS

[root@bsrtech ~]# rpm -Uvh http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

Once Update installed Packages using yum update command

[root@bsrtech ~]# yum update

Step 5 : Now Install ffmpeg & ffmpeg-devel

   [root@bsrtech ~]# yum -y install ffmpeg ffmpeg-devel
( or )
   [root@bsrtech ~]# yum -y install ffmpeg*

After Completion use ffmpeg command to see the Full Details of FFmpeg.

[root@bsrtech ~]# ffmpeg

Simplest rules to Redirect using .htaccess

Simplest rules to Redirect using .htaccess

How to write rewrite rule (URL rewriting, mod_rewrite)
(1) Redirect site from http to https :
Add the below in .htaccess file in public_html
===================================================
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
===================================================

(2) Redirecting a domain to another domain via .htaccess
Example :- redirect shaz.com to google.com
===================================================
RewriteEngine on
RewriteCond %{HTTP_HOST} ^shaz\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.shaz\.com$
RewriteRule ^/?$ “http\:\/\/www\.google\.com\/” [R=301,L]
===================================================
(3) Redirect users to access the site with WWW
example :- redirect shaz.com to www.shaz.com
Add the below in .htaccess file
===================================================
RewriteEngine on
RewriteCond %{HTTP_HOST} ^shaz\.com$ [NC]
RewriteRule ^(.*)$ http://www.shaz.com/$1 [L,R=301]
===================================================

(4) Redirect page to another page within public_html
example :- to redirect home.html to index.php
===================================================
RewriteEngine on
RewriteRule ^home.html$ index.php
===================================================

example2 :- rewrite site shaz.com/kb/index.php to shaz.com/blog/index.html
go to kb directory and create a .htaccess file
+++++++++++++++++++++++++++++++++++++++++++++++++++
#cd public_html/kb
#touch .htaccess
#vi .htaccess
+++++++++++++++++++++++++++++++++++++++++++++++++++
===================================================
RewriteEngine on
RewriteRule ^index.php$ /blog/index.html
===================================================

How to Block Emails Containing Specific Words Using Exim System Filter

Spam and unwanted commercial messages are a major headache. While many server-level spam filters exist, sometimes you need a quick, custom way to block messages based on specific keywords in the email body. This is especially useful for filtering out recurring spam topics.

This guide explains how to use the built-in Exim System Filter in cPanel/WHM to immediately reject emails (both inbound and outbound) that contain a word you specify, like "Viagra."

---

STEP 1: ENABLE THE SYSTEM FILTER

The first step is to tell your server's mail transfer agent (Exim) to check a special system-wide filter file before processing any email.

1. Log in to WHM (WebHost Manager).

2. Navigate to the Exim Configuration Manager. (Usually found under "Service Configuration" or by searching for "Exim" in the search bar.)

3. Find the System Filter setting. (It may be in the "Advanced Editor" or a specific tab.)

4. Enable /etc/cpanel_exim_system_filter. You must select the option that tells Exim to use this specific file path for its system-wide filtering rules.

5. Save your changes and allow Exim to restart.

---

STEP 2: EDIT THE SYSTEM FILTER FILE

Next, you need to add the actual rule to the filter file. This rule checks the email body for your chosen keyword and stops processing the message if a match is found.

1. Access your server's command line via SSH as the root user.

2. Open the filter file for editing: nano /etc/cpanel_exim_system_filter (or use your preferred text editor like vi/vim).

3. Add the following code block to the file:

if $message_body: contains "TEXT" and not error_message
then
  seen finish
endif

4. REPLACE "TEXT" with the word you want to block. This is case-sensitive, so blocking "Viagra" will not block "viagra." For example, to block the word "Viagra":

if $message_body: contains "Viagra" and not error_message
then
  seen finish
endif

---

HOW THE CODE WORKS

This small snippet performs a powerful action:

• if $message_body: contains "Viagra": This is the condition. It checks if the entire body of the email contains the exact text "Viagra."

• and not error_message: This is a safety measure. It ensures the rule doesn't accidentally block automated delivery failure notifications (bounce messages).

• then seen finish: If the condition is met (the word is found), this action tells Exim to immediately stop processing the message. For incoming email, it will be rejected; for outgoing email, it will be discarded before sending.

---

CONCLUSION

By completing these two steps—enabling the filter and adding the rule—you have successfully implemented a server-level block. Your server will now automatically reject or discard any email that contains your specified keyword in the body, providing a simple yet highly effective defense against targeted spam.

Linux tune the VM subsystem.

Tuning the memory subsystem in Linux is a powerful but delicate task. The right settings can boost your system’s performance, but incorrect changes may cause instability or slowdowns. Always adjust one parameter at a time and monitor your system before making further changes.

Exploring /proc/sys/vm

The /proc/sys/vm directory contains files that represent kernel parameters for the virtual memory subsystem. You can read and write to these files to tune system behavior.

To view the files, use:
cd /proc/sys/vm
ls -l

Sample output:
-rw-r--r-- 1 root root 0 Oct 16 04:21 block_dump
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_background_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_expire_centisecs
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_ratio
-rw-r--r-- 1 root root 0 Oct 16 04:21 dirty_writeback_centisecs
-rw-r--r-- 1 root root 0 Oct 16 04:21 drop_caches
-rw-r--r-- 1 root root 0 Oct 16 04:21 swappiness
-rw-r--r-- 1 root root 0 Oct 16 04:21 vfs_cache_pressure
...

Key Parameters and Their Effects

1. dirty_background_ratio
   Purpose: Sets the percentage of system memory filled with “dirty” pages (pages to be written to disk) before the background writeback daemon (pdflush) starts writing them out.

Check current value:
sysctl vm.dirty_background_ratio

Default example:
vm.dirty_background_ratio = 10

Tuning:
Increasing this value (for example, to 20) means less frequent flushes, which may benefit systems with fast disks but can cause larger flushes at once.
sysctl -w vm.dirty_background_ratio=20

2. swappiness
   Purpose: Controls how aggressively the kernel swaps memory pages to disk.

Check current value:
sysctl vm.swappiness

Default example:
vm.swappiness = 60

Tuning:
Lower values reduce swapping (good for desktops), higher values increase swapping (can benefit workloads with long-sleeping processes).
sysctl -w vm.swappiness=100

3. dirty_ratio
   Purpose: Sets the percentage of system memory that can be filled with dirty pages before processes generating writes must themselves start writing data to disk.

Check current value:
sysctl vm.dirty_ratio

Default example:
vm.dirty_ratio = 40

Tuning:
Lowering this value (for example, to 25) causes data to be written to disk more frequently, reducing the risk of large data loss but possibly impacting performance.
sysctl -w vm.dirty_ratio=25

Best Practices for VM Tuning

• Change one setting at a time.

• Monitor system performance after each change using tools like vmstat, top, or free.

• If performance improves, keep the new setting. If not, revert to the previous value.

• Document your changes for future reference and troubleshooting.

Install GeoIP in cPanel serve

To install GeoIP in cPanel server, run the following command as root,

root@server1 [~]# cd /var/cpanel/easy/apache/custom_opt_mods/

root@server1 [~]# wget http://docs.cpanel.net/twiki/pub/EasyApache3/CustomMods/custom_opt_mod-mod_geoip.tar.gz

root@server1 [~]# tar -zxf custom_opt_mod-mod_geoip.tar.gz

root@server1 [~]# /scripts/easyapache

Next compile it with easyapache,

root@server1 [~]# /scripts/easyapache

Then select the Mod_GeoIP in the Short Options List.

To block a certain country IP range, you do not need to know which IP range it is and what you need is to use the GeoIP feature.

Next, you will need to insert the following command to the .htaccess file,

Example

=========================================

RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} ^CN$
RewriteRule ^(.*)$ http://www.google.com [L]

========================================

The command use to redirect China IP to google.com.

Ref: http://docs.cpanel.net/twiki/bin/view/EasyApache3/CustomMods

http://dev.maxmind.com/geoip/mod_geoip2

cPanel’s Built-in php.ini File

WHERE IS THE CPanel PHP.INI?

If you're using cPanel and need to tweak your PHP settings, you might be looking for the php.ini file. This file controls how PHP behaves on your server. For cPanel's default PHP installation, you can find the main php.ini file at this location:

/usr/local/cpanel/3rdparty/etc/php.ini

Understanding this location is key for anyone needing to make direct changes to global PHP configurations within a cPanel environment.

---

REBUILDING CPANEL'S INTERNAL PHP

Sometimes, you might need to rebuild or refresh cPanel's internal PHP installation. This can be useful for troubleshooting or applying certain updates. You can do this using a specific script provided by cPanel:

/scripts/makecppphp

Running this script will recompile or reconfigure the PHP environment that cPanel itself uses, which can resolve various issues related to its internal functions.

Shell In A Box – A Web-Based SSH Terminal to Access Remote Linux Servers

Shell In A Box (pronounced as shellinabox) is a web based terminal emulator . It has built-in web server that runs as a web-based SSH client on a specified port and prompt you a web terminal emulator to access and control your Linux Server SSH Shell remotely using any AJAX/JavaScript and CSS enabled browsers without the need of any additional browser 

RHEL/CentOS 6 32-64 Bit

## RHEL/CentOS 6 32-Bit ##
# wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm

## RHEL/CentOS 6 64-Bit ##
# wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm

# vi /etc/sysconfig/shellinaboxd

# TCP port that shellinboxd's webserver listens on- Which ever you need , here I am choosing port 80
PORT=80

# specify the IP address of a destination SSH server
OPTS="-s /:SSH:172.16.25.125"

# if you want to restrict access to shellinaboxd from localhost only
OPTS="-s /:SSH:172.16.25.125 --localhost-only"

Exim cheat sheet

Exim is a powerful mail transfer agent (MTA) used on many Linux servers. When emails can't be delivered immediately, they get put into a "queue." Managing this queue is crucial for server health and ensuring mail delivery. This guide provides quick commands for common Exim queue tasks.

---

CLEARING THE EXIM MAIL QUEUE

Sometimes, you need to clear out stuck or unwanted emails from the queue.

• Remove All Mails: This command directly deletes all files from the input directory of the Exim spool, effectively clearing the entire queue. rm -rf /var/spool/exim/input/*

• Delete All Frozen Mails: Frozen emails are those that Exim has temporarily stopped trying to deliver due to issues. exim -bpr | grep frozen | awk {'print $3'} | xargs exim -Mrm Alternatively, a more concise command: exiqgrep -z -i | xargs exim -Mrm

• Delete Frozen Mails Older Than a Day: This is useful for clearing old, stalled messages without affecting newer ones. The 86400 represents seconds (1 day). exiqgrep -zi -o 86400 | xargs exim -Mrm You can change 86400 to any number of seconds for a different time frame.

• Clear Spam Mails: If your logs indicate messages are marked as [SPAM]. grep -R -l [SPAM] /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

• Clear Frozen Mails (Based on Log Entry): grep -R -l '*** Frozen' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

• Clear Mails for Unverified Recipients: grep -R -l 'The recipient cannot be verified' /var/spool/exim/msglog/*|cut -b26-|xargs exim -Mrm

• Remove Mails from a Specific Sender (e.g., 'root'): Replace "" with the sender's email address or username, for example, root@yourhostname. exim -bp |grep ""|awk '{print $3}'|xargs exim -Mrm

• Remove 'nobody' Mails: These often come from scripts. Replace HOSTNAME with your server's hostname.

  • From a specific sender (nobody@HOSTNAME): exiqgrep -i -f nobody@HOSTNAME | xargs exim -Mrm

  • For a specific recipient/domain (nobody@HOSTNAME): exiqgrep -i -r nobody@HOSTNAME | xargs exim -Mrm

• Delete Mails for a Specific Domain: Replace yourdomain.com with the actual domain. exim -bp | grep "yourdomain.com" | awk {'print $3'} | xargs exim -Mrm

---

DELIVERING MAILS FROM THE QUEUE

If emails are stuck but should be delivered, you can force a delivery attempt.

• Force Deliver All Mails: This command attempts to deliver all messages in the queue. The -P 40 option attempts 40 deliveries in parallel. exim -bpru |awk '{print $3}' | xargs -n 1 -P 40 exim -v -M

• Flush the Mail Queue (Force Another Run): This tells Exim to process the queue again. exim -qff Alternatively: /usr/sbin/exim -qff exim -qf

• Force Deliver Mails of a Particular Domain: Replace domain.com with the target domain. exim -v -Rff domain.com

• Force Deliver a Specific Message: Replace MSGID with the message's unique ID. exim -M MSGID To view the transaction during delivery: exim -v -M MSGID

---

CHECKING THE EXIM MAIL QUEUE STATUS

These commands help you monitor the queue and inspect individual messages.

• Exim Queue Summary: Provides details like count, volume, oldest, newest message, and domain breakdown. exim -bp | exiqsumm

• Number of Frozen Mails: exim -bpr | grep frozen | wc -l

• Total Number of Mails in Queue: exim -bpr | grep "<" | wc -l A simpler alternative: exim -bpc

• View Mail in Queue for a User/Sender: Replace $name with the username or email address. exim -bp|grep $name

• Check All Mails in the Queue: This lists all messages and their IDs. exim -bp

• View Log for a Message: Replace message ID with the actual ID. exim -Mvl message ID

• View Message Header: Replace $MSGID with the message ID. exim -Mvh $MSGID

• View Message Body: Replace $MSGID with the message ID. exim -Mvb $MSGID

---

ADVANCED EXIM TOOLS

• Simulate SMTP Transaction: This command helps debug Exim's checks, ACLs (Access Control Lists), and filters without actually sending a mail. Replace 127.0.0.1 with the IP you want to simulate from. exim -bh 127.0.0.1

• Most Used Mailing Script Locations: This can help identify scripts sending a lot of mail. grep cwd /var/log/exim_mainlog | grep -v /var/spool | awk -F"cwd=" '{print $2}' | awk '{print $1}' | sort | uniq -c | sort -n

• Check Syntactic Errors in Configuration: Use this when modifying Exim's configuration file. exim -C /config/file.new -bV

Understanding Mod_Security Database Connection Issues

You've encountered an error stating that the Mod_Security plugin can't connect to its database. Specifically, it's an "Access denied" error for the user 'modsec'@'localhost', even though a password was provided. This usually means the password Mod_Security is using to connect to the database is incorrect or the database user doesn't have the right permissions.

---

WHY THIS MATTERS

Mod_Security is a web application firewall that helps protect your website from various attacks. If it can't connect to its database, it might not be able to log security events or function correctly, leaving your website vulnerable.

---

HOW TO FIX IT

There are two main steps to resolve this, focusing on ensuring the 'modsec' user can properly access the 'modsec' database.

1. Find the Correct Password Mod_Security is Using:

   The error indicates Mod_Security is trying to connect with a specific password. You need to find out what password it's actually configured to use.

   • Action: Run the following command in your server's terminal:

     grep dbpassword /etc/cron.hourly/modsecparse.pl
     

   • Explanation: This command searches a common Mod_Security configuration file (modsecparse.pl) for the line containing dbpassword. This line will reveal the password that Mod_Security is currently trying to use for its database connection. Let's say the output of this command shows the password is 'odu6lGYKAIyP'.

2. Grant the Correct Permissions to the Database User:

   Once you know the password Mod_Security is configured with, you need to ensure the 'modsec' database user has the correct password and permissions in MySQL.

   • Action: Log into your MySQL server (as a root user or a user with sufficient privileges) and execute the following command. Replace 'odu6lGYKAIyP' with the actual password you found in the previous step.

     SQL

     GRANT ALL ON modsec.* TO 'modsec'@localhost IDENTIFIED BY 'odu6lGYKAIyP';
     FLUSH PRIVILEGES;
     

   • Explanation:

     • GRANT ALL ON modsec.*: This gives the 'modsec' user all permissions on all tables within the modsec database.

     • TO 'modsec'@localhost: Specifies that these permissions apply to the user 'modsec' when connecting from the 'localhost' (meaning from the same server).

     • IDENTIFIED BY 'odu6lGYKAIyP': Sets or updates the password for the 'modsec' user to 'odu6lGYKAIyP'. It's crucial that this password matches what Mod_Security is configured to use.

     • FLUSH PRIVILEGES;: This command reloads the grant tables in MySQL, applying the new permissions immediately.