I was working on a project to migrate WordPress site (https://mykbsite.com) from one server to another server. The purpose of the migration is to add more security to existing infrastructure by adding load balancer, proxy server & integrating Web Application Firewall (WAF). Migration process was performed by restoring the MySQL database, configuring httpd service and restoring WordPress site using duplicatePro tool. At this point site was functional on port 80 at http://mykbsite.com. Before introducing SSL, load balancer & WAF were added to the configuration. Load balancer was listening on port 80. WAF was only allowing site request coming from United
I was working on testing Database Password feature of OCI. It allows you to use IAM username and this new set credentials to log on to the oracle database (external authentication). While working on this, I tried to log on the Autonomous database using ADMIN user from SQL Developer and got IO Error: Mismatch with the server cert DN. I was using SQL Developer version 19.2.1. Here is the error. After researching around this error, the solution that resolved my issue was very simple. Upgrade SQL Developer!!! I downloaded the latest version 22.2.1 and tested the connection successfully.
Recently I had to set up POC for Web Application Firewall (WAF) services in OCI for a customer. So to create a demo to who WAF functionalities in detail, I had to set up wordpress site to use it as reference. I found Oracle offered Quickstarts application development stack for deploying WordPress site in OCI very useful. It is only 6 to 8 minutes process to build WordPress site. Let’s go over the process. Log on to a tenancy using https://cloud.oracle.com site. Click on Deploy a WordPress website as shown below. This will bring up a page showing all resources
Autonomous Database offers data guard feature. You can create 1 local & 1 cross region standby databases. One of the major differences between local and remote standby database is that Autonomous Data Guard will only convert local standby to primary database in case of primary database goes down. For remote standby database, you will have to perform manual failover. Standby database is not available for read only operations. It is very simple and straight forward process to create Autonomous Database in OCI. Oracle provides Always Free Autonomous Database (with some limitations), so you can try it out without spending any
You can create full clone, a metadata clone & a refreshable clone from Autonomous Database. Full clone allows you to create a full copy of the database. Metadata clone will only include database schema metadata without the data. Refreshable clone allows you to refresh the data from source database on timely manner (make sure refresh occurs at least once within the 7-day period). Autonomous Database (ADB) cloning is very useful feature and provides a cost-saving alternative to Autonomous Database Data Guard option. For low Recovery Time Objective (RTO) & Recovery Point Objective (RPO), you should choose Autonomous Data Guard. Following
File Access Control List (FACL) allows you to grant permissions for users on directories and files. Chmod allows to set permission for user, group and others, but it does not work when you need to add other users to have access to same file/directories. FACL is useful in these situations, for example allowing non-privileged user to view a single file. FACLs are set and retrieved using setfacl & getfacl commands respectively. Let’s go over some examples to understand this better. Most common use case would be granting access to log files. To retrieve existing FACLs set on a file, [root@ol7
I will go over how to patch Oracle Enterprise Manager (OEM) 13.5 OMS components in this post. You should also patch OEM repository database to latest released patches. Latest released patches are from July 2021 at the time of writing this blog. Please refer to Critical Patch Update (CPU) Program Jul 2021 Patch Availability Document (PAD) (Doc ID 2773670.1) on Oracle Support site to get more information. To apply all patches except Java one, opatch command line utility will be used. I will also go over how to patch this utility to latest available version. Here is the list of
Oracle Linux Automation Manager version 1.0, based on the open source projects Ansible and AWX, is a task engine and Web interface for scheduling and running Oracle Linux Automation Engine playbook tasks on the inventories the playbooks interact with. The Oracle Linux Automation Engine is an automation tool for deploying software, configuring systems, and orchestrating tasks such as upgrades and updates, in the form of playbooks. Oracle Linux Automation Manager version 1.0 is based on the AWX version 15.0.1 open-source software. The AWX development branch and documentation are maintained at https://github.com/ansible/awx/tree/15.0.1. Oracle Linux Automation Engine is included in Oracle Linux Automation
CentOS Linux will be replaced by CentOS Stream after end of December 2021. In another words CentOS will need to be migrated to CentOS Stream or other distro. CentOS Stream will not have tested/verified patches, updates etc. like current CentOS Linux. Please refer to https://www.redhat.com/en/blog/centos-stream-building-innovative-future-enterprise-linux for official announcement from Red Hat. In this article I will cover how to migrate CentOS to Oracle Linux. There is a script available which performs this migration. It is available at https://github.com/oracle/centos2ol. Refer to https://linux.oracle.com/switch/centos/ for some basic FAQ around this migration. For CentOS 8 to Oracle Linux 8 migration, also refer to Oracle
OpenSCAP is an open-source project. It is very useful tool for checking security compliance by running security standards against a system. It uses SCAP The Security Content Automation Protocol (SCAP) provides an automated, standardized methodology for managing system security, including measuring and managing system vulnerability, and evaluating policy compliance against security standards such as the Federal Information Security Management Act (FISMA). The U.S. government content repository for SCAP standards is the National Vulnerability Database (NVD), which is managed by the National Institute of Standards and Technology (NIST). I will go over how to install OpenSCAP on Oracle Linux 7