Force User to Change Password at First Login

Create user “user”:
# useradd user

Create password for the user
# passwd user
Set the password to expiry:
#chage -d 0 user

Setting it default for all new Users:
#vi /etc/default/useradd
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=0 #(need to add zero “0”)
SHELL=/bin/bash
SKEL=/etc/skel
GROUPS=video
CREATE_MAIL_SPOOL=no
UMASK=022
This file contains the details, what all settings will be applied to the new users created into the system with useradd command.
Just set the value of EXPIRE=0 in this file, and every time when a new user will be created, will be forced to change the password at first login.

password duration:
for new accounts default settings are in /etc/login.defs
settings for current accounts are in /etc/shadow but we edit by command chage
chage -l [user] #check settings for user
chage -E “YYYY-MM-DD” [user] #set date when account expire, -1 means never
chage -M [nr] [user] #set maximum number of days between password change from last password change, -1 means never expire
chage -d “YYYY-MM-DD” [user] #set last password change
chage -W [nr] [user] #number of days of warning before password expires
chage -i [nr] [user] #set password inactive, when account is blocked after password expire

Thanks to:
http://studyhat.blogspot.be/2011/12/force-user-to-change-password-at-first.html

another way:
# yum install chage
List the password and its related details for an user
# chage –-list username
(or)
# chage -l username
!!!Is not working for same user.

Set Password Expiry Date for an user using chage option -M
# chage -M number-of-days userName
# chage –list userName
Set the Account Expiry Date for an User:
# chage -E “2015-11-29” userName
# chage -l userName

Force the user account to be locked after X number of inactivity days:
# chage -I 10 userName
# chage -l userName

Disable password aging for an user account:
# chage -m 0 -M 99999 -I -1 -E -1 userName
# chage –list userName

Thanks to:
http://www.thegeekstuff.com/2009/04/chage-linux-password-expiration-and-aging/
http://www.cyberciti.biz/faq/rhel-debian-force-users-to-change-passwords/

Deny hosts

Simply removing th IP from /etc/hosts.deny does not work since DenyHosts keeps track of the attempts in the /usr/share/denyhosts/data directory.
Procedure:
Stop DenyHosts
# /etc/init.d/denyhosts stop
Remove Your IP From /etc/hosts.deny
# vi /etc/hosts.deny
Delete IP address. Save and close the file.
Remove the IP from /usr/share/denyhosts/data Directory
# cd /usr/share/denyhosts/data
You need to edit the following files using vi and remove the lines containing the IP address. Save the file.

hosts hosts-restricted hosts-root hosts-valid users-hosts
If the IP is static, add it to allowed-hosts file.
Any IP address that appears in this file will not be blocked by default (consider this as a whilelist):
# echo ‘x.x.x.x’ >> allowed-hosts
or put the IP directly here: ./var/lib/denyhosts/allowed-hosts
Start DenyHosts
# /etc/init.d/denyhosts start

httpd access control

Insert into section of an Apache configuration file or into .htaccess file or in a virtual host configuration section:

# AuthType Basic
# AuthUserFile /srv/auth/.htpasswd
# AuthName “Sign In Here To Gain Access To the Site”
# Require valid-user

Generating HTTP AUTH Passwords:
# yum install apache2-utils
# htpasswd -mcb /srv/auth/.htpasswd username password
c – create file, m – crypt with md5, b – insert the password in same line, -n – add new user

Access Control Lists with Groups
Insert into section of an Apache configuration file or into .htaccess file or in a virtual host configuration section:
# AuthType Basic
# AuthUserFile /srv/auth/.htpasswd
# AuthGroupFile /srv/auth/.htpgroup
# Require group Authorized

https://www.linode.com/docs/websites/authbased-access-control-with-apache

Install and Configure phpMyAdmin

yum -y install phpmyadmin
Install MySQL server on a CentOS/RHEL
You need download and install MySQL server on CentOS/RHEL using the following yum command:
# yum install mysql-server mysql

Turn on and start the mysql service, type:
# chkconfig mysqld on
# service mysqld start

Set root password and secure mysql installation by running the following command:
# mysql_secure_installation
Step #3: Configure phpMyAdmin

You need to edit /etc/httpd/conf.d/phpMyAdmin.conf file, enter:
# vi /etc/httpd/conf.d/phpMyAdmin.conf

It allows only localhost by default.
For HTTPD SSL enable (mod_ssl) and allow LAN / WAN users or DBA user to manage the database over www.

Require ip 127.0.0.1
Replace with your workstation IP address:
Require ip x.x.x.x
Again find the following line:
Allow from 127.0.0.1
Replace as follows:
Allow from x.x.x.x
Save and close the file. Restart Apache / httpd server:
# service httpd restart

type the following url in browser:
https://your-server-ip/phpMyAdmin/
OR
http://your-server-ip/phpMyAdmin/
# vi /etc/phpMyAdmin/config.inc.php

………

http://www.cyberciti.biz/faq/centos-fedora-redhat-linux-installing-phpmyadmin-webtool/

HTTPD SSL as described here (mod_ssl):
http://www.cyberciti.biz/faq/rhel-apache-httpd-mod-ssl-tutorial/

setup ftp server on linux

yum -y install vsftpd
vi /etc/vsftpd/vsftpd.conf

Disallow anonymous:
anonymous_enable=NO
Allow local uses to login by changing the local_enable setting to YES:
local_enable=YES
If you want local user to be able to write to a directory, then change the write_enable setting to YES:
write_enable=YES
Local users will be ‘chroot jailed’ and they will be denied access to any other part of the server; change the chroot_local_user setting to YES:
chroot_local_user=YES

Restart the vsftpd service:
systemctl restart vsftpd
systemctl enable vsftpd
setup firewall in order to allow traffic on port 21:
vi /etc/shorewall/rules
or
vi /etc/sysconfig/iptables
and restart them

https://www.digitalocean.com/community/tutorials/how-to-set-up-vsftpd-on-centos-6–2
http://www.rackspace.com/knowledge_center/article/rackspace-cloud-essentials-centos-installing-vsftpd
http://www.liquidweb.com/kb/how-to-install-and-configure-vsftpd-on-centos-7/

Drush commands

To install a chosen plugin you should download and enable it. Check the example listed below:
# drush dl addtoany
Project addtoany (7.x-4.0) downloaded to sites/all/modules/addtoany. [success]
# drush en addtoany

# drush cache-clear all
# drush help archive-backup

https://www.drupal.org/node/1096994
http://orga.cat/posts/most-useful-drush-commands
https://www.siteground.com/tutorials/drupal/drush.htm