Pages

Friday, December 23, 2016

Aws Volume tagging Script.

Following Script will give the aws cli command to tag the volumes with tags associated to its instance.

Prerequisite
1. All instance are tagged properly
2. Aws Cli is installed and Configured properly
3. Configure the Aws Cli output to Json
4. Create the File Full_Json_Instances.json with output of describe-instances

===================
#/bin/python
import json

def fun_Instance_Volume_Tagging(Instance_ID, Instance):
    for Volumes in Instance["Instances"][0]["BlockDeviceMappings"]:
        VOL_ID = Volumes["Ebs"]["VolumeId"]
        for Tags in Instance["Instances"][0]["Tags"]:
            TAG_KEY = Tags["Key"]
            TAG_VALUE = Tags["Value"]
            print "aws ec2 create-tags --resources " + VOL_ID + " --tags Key=" + TAG_KEY + ",Value=" + TAG_VALUE +""

with open("Full_Json_Instances.json") as json_file:
    json_data = json.load(json_file)
    for Instances in json_data["Reservations"]:
        Instance_ID = Instances["Instances"][0]["InstanceId"];
        fun_Instance_Volume_Tagging(Instance_ID, Instances)
====================

Wednesday, December 7, 2016

Enabling Password Protect for Wordpress Admin Page

For enabling the password for the wp-admin page of wordpress. In the htaccess page of the root page add the following content.

<Files wp-login.php>
   AuthName "xxxxxx Website  Access"
   AuthType Basic
   AuthUserFile /etc/xxxx/apacheuser
   Require valid-user
</Files>

Wednesday, November 30, 2016

Wordpress : All pages 404 except homepage after Migration

In the httpd Conf for the same website change

AllowOverride None

to

AllowOverride All

As per my understanding it will make the .htaccess take effect.

Saturday, November 12, 2016

Wordpress : Mixed Content Warnings with HTTPS

If want to make sure that your server/website is ready to handle HTTPS traffic. You can do this via your /wp-config.php file.

/* Handle HTTPS Protocol */
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
  $_SERVER['HTTPS']='on';

This will make it so that your website/server accepts all HTTPS requests, and also enables HTTPS

Monday, October 31, 2016

Appending Date in a PowerShell Script

The following example shows how we can append date on a file or object in a power shell. Following example uses a Aws Command for creating a Aws Image with Date Appended.

====
$CurrentDate = (Get-Date).tostring("dd-MM-yyyy-hh")
aws ec2 create-image --instance-id i-3442a --name ("test_" + $CurrentDate) --description ("test_" + $CurrentDate) --no-reboot
====

Monday, August 15, 2016

Aws Flowlogs for Traffic Monitoring

VPC Flow Logs is a feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC. Flow log data is stored using Amazon CloudWatch Logs. After you've created a flow log, you can view and retrieve its data in Amazon CloudWatch Logs.

Flow logs can help you with a number of tasks; for example, to troubleshoot why specific traffic is not reaching an instance, which in turn can help you diagnose overly restrictive security group rules. You can also use flow logs as a security tool to monitor the traffic that is reaching your instance.

To create Flow log for your subnet we followed these steps:
1. Creating Log group in your CloudWatch:
  - We created new log group in your CloudWatch to log your entries.
  - Please remember your can use same log group for multiple flow log you create.
  - To create log group: AWS Management console -> CloudWatch -> Logs --> Create new log group

2. Create Flow Log for VPC
  - Open the Amazon EC2 console -> Service VPC
  - In the navigation pane, choose VPC then select your VPC
  - From VPC Action select Create a Flow Log
Please refer this link to get more information on this: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#create-flow-log

Note that VPC Flow Log Records[1] is a space-separated string that has the format outline in our document, where 14 fields are available, and field #11 & #12 has recorded the time in Unix seconds)

According to the Filter & Pattern Syntax[2], we can filter the log events matching our conditions for space-delimited logs.

Example filter (as we dont care the 1st 10 fields in this case, so we use ... )

[..., start, end, action, status]

Say if we need to capture the vpc flow log between Sat, 06 Aug 2016 04:35:56 GMT and Sun, 07 Aug 2016 04:35:56 GMT

using epoch time converter(http://www.epochconverter.com/ for example), we get the Unix time in second being 1470458156 & 1470544556

so the filter we will be using become

[..., start>1470458156, end<1470544556, action, status]

So you can follow link[3], To search all log entries after a given start time using the Amazon CloudWatch console

Goto AWS CloudWatch Console-> Logs -> Select the vpc flowlog log group -> above "Log Streams List", click "Search Event"

and use the [..., start>1470458156, end<1470544556, action, status] in the filter field, then press Enter.

You can modify the filter accordingly for more conditions.


Resource Links: [1] AWS - VPC - VPC Flow Logs - Flow Log Records https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records [2] AWS - CloudWatch - Searching and Filtering Log Data - Filter and Pattern Syntax - Using Metric Filters to Extract Values from Space-Delimited Log Events https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/FilterAndPatternSyntax.html#d0e26783 [3] AWS - CloudWatch - To search all log entries after a given start time using the Amazon CloudWatch console https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/SearchDataFilterPattern.html

Wednesday, August 3, 2016

Extract public/private key from a PKCS#12

You can use following commands to extract public/private key from a PKCS#12 container:
  • Private key:
    openssl pkcs12 -in yourP12File.pfx -nocerts -out privateKey.pem
  • Certificates:
    openssl pkcs12 -in yourP12File.pfx -clcerts -nokeys -out publicCert.pem
    You can add -nocerts to only output the private key or add -nokeys to only output the certificates.
  •  openssl pkcs12 -in Sample.pfx -out Sample.pem -nodes