Linux Server Data Backup: Simple and Practical Strategies
The core of Linux server backup is to create data copies to mitigate risks such as accidental deletion and system failures. Backups are categorized by content into three types: full (copies all data), incremental (only new/modified data), and differential (data added/modified since the last full backup). Efficient data replication is key. For beginners, recommended tools include `tar` for archiving and compression (e.g., `tar -czvf backup.tar.gz /data`), and `rsync` for incremental synchronization (local or cross-server, e.g., `rsync -av /data/ /backup/`). Strategies should be selected based on needs: individuals/small servers can use weekly full backups + daily incremental backups; enterprises require daily full backups + offsite storage (e.g., cloud storage) with encryption for sensitive data. Automation is achieved via `crontab` to execute scripts regularly. Post-backup verification is essential (e.g., restore testing or `rsync --dry-run`). Key considerations include encryption, offsite storage, regular recovery testing, and permission control (e.g., directory permissions set to 700). Core principle: Prioritize simplicity and practicality, selecting a solution that matches your data volume and specific use case.
Read MoreLearn Linux Disk Partitioning and Mounting in 5 Minutes
Partitioning and mounting disks in Linux are fundamental operations for managing storage, analogous to closet organization and entry points. The steps are as follows: 1. **Check Disks**: Use `lsblk` or `sudo fdisk -l` to identify hard drives/partitions, and `df -h` to view currently mounted partitions. 2. **Create Partition**: Enter the tool with `sudo fdisk /dev/sdb`, input `n` to create a new primary partition, specify the size (e.g., `+20G`), and save with `w`. 3. **Format**: Format with `sudo mkfs.ext4 /dev/sdb1` (e.g., using the ext4 filesystem). **Always back up data before formatting**. 4. **Temporary Mount**: Create a mount point with `sudo mkdir /mnt/mynewdisk`, then mount with `sudo mount /dev/sdb1 /mnt/mynewdisk`. 5. **Permanent Mount**: Use `sudo blkid` to get the UUID, edit `/etc/fstab` to add an entry (format: `UUID=... 挂载点 ext4 defaults 0 0`), and verify with `sudo mount -a`. Key points: Partition → Format → Mount → Persistence. Back up data before operations, and use `umount` for unmounting.
Read MoreEssential for Beginners: Methods to Open Ports in Linux Firewall
This article introduces the necessity and common methods for opening ports on Linux servers, helping beginners get started quickly. Opening ports is fundamental for services to communicate externally (e.g., Web on port 80, SSH on port 22); otherwise, connection refusals will occur. Common tools are categorized into three types: UFW is suitable for Ubuntu/Debian with minimal operations, following steps: installation, allowing ports (e.g., `allow 22/tcp`), enabling, and verification; firewalld applies to CentOS/RHEL with zone management, steps: checking status, adding port rules (specify a zone like `public`), reloading, and verification; iptables is a universal underlying tool with powerful functions but complex syntax, requiring adding rules, saving (to avoid loss after restart), and verification. Port openness can be verified using telnet, nc (netcat), or curl. Beginners should note: prefer UFW/firewalld, avoid opening high-risk ports, ensure rules take permanent effect, and confirm the service is running.
Read MoreNTP Time Synchronization: Linux Server Clock Configuration
Linux server time synchronization is a fundamental and critical task. The Network Time Protocol (NTP) is the core tool that addresses issues such as log chaos, service authentication failures, and data conflicts. NTP achieves time synchronization through a hierarchical structure (Stratum 1-16, where lower strata are more authoritative). Common tools include NTPD (classic but resource-intensive) and Chrony (lightweight, fast to start, suitable for servers with limited memory). Taking NTPD as an example for installation: For CentOS/RHEL (below 7.9), use `yum install ntp -y`. For Ubuntu/Debian, use `apt install ntp -y` (Note: CentOS 7+ requires uninstalling Chrony first). Configure `/etc/ntp.conf` by adding authoritative servers (e.g., `ntp.aliyun.com`), and open the UDP 123 port in the firewall. Start the service with `systemctl start ntpd && enable`. Verify synchronization status using `ntpq -p`, and perform manual synchronization with `ntpdate -u`. Chrony follows a similar basic configuration and startup process; verification is done via `chronyc sources`. Common issues like service startup failures or slow synchronization can be resolved by checking ports, network connectivity, or replacing servers. Time synchronization is essential for server
Read MoreDetailed Explanation of Linux System User and User Group Management
This article introduces the core knowledge of Linux user and user group management, aiming to achieve permission control and resource isolation. Users are categorized into root (UID 0, highest privilege), system users (UID 1-999, for running services), and ordinary users (UID ≥ 1000, for daily operations). Groups include primary groups (default ownership) and supplementary groups (additional memberships). Key configuration files: `/etc/passwd` stores user information (UID, GID, home directory, etc.), `/etc/group` stores group information (GID, members), and `/etc/shadow` stores encrypted passwords. Common commands: User management commands include `useradd` (-m to create home directory), `usermod` (-g to change primary group, -aG to add supplementary group), `userdel` (-r to delete home directory), and `passwd` (to set password); group management commands include `groupadd` and `groupdel`. Practical operation examples: Creating an ordinary user and adding them to a group, setting up a shared directory with the group ownership and assigning group read/write permissions. Note that for multi-user sharing, users should be in the same group, and when deleting a user while preserving files, manually clean the home directory after removing the user.
Read MoreHow to Configure SSH Key-based Login (Passwordless Login) on Linux
SSH key-based login (passwordless login) ensures security through asymmetric encryption and eliminates the need to enter passwords, making it suitable for Linux server management. Traditional password login is vulnerable to brute-force attacks, while key-based login is more reliable and convenient. Prerequisites: The client must have an SSH tool installed (Linux/macOS have it pre-installed; Windows needs Git Bash/PuTTY). The server must have the SSH service installed (check with `ssh -V`). Steps: 1. Generate a key pair on the client: Run `ssh-keygen -t rsa -b 4096` to create `id_rsa` (private key, keep it secret with permissions set to 600) and `id_rsa.pub` (public key, can be shared). 2. Copy the public key to the server: For Linux/macOS, use `ssh-copy-id -i ~/.ssh/id_rsa.pub username@server-IP`; for Windows, manually paste the public key content into the server's `~/.ssh/authorized_keys` and set permissions `chmod 600 authorized_keys`. 3. Configure the server: Edit `sshd_config` to ensure `PubkeyAuthentication yes`, then restart `sshd`. 4. Test the connection: Directly execute `ssh username@
Read MoreIntroduction to Linux Log Analysis: Tools for System Fault Diagnosis
Linux logs are the "system diaries" that record system operation events and anomalies, serving as the core clue for fault diagnosis (e.g., web service failures can be located via logs for 404 errors or connection failures). Core log files include: /var/log/messages (system routine events and errors), /var/log/auth.log (authentication, login, and permission changes), /var/log/dmesg (kernel hardware initialization and driver errors), and application-specific service logs. Commonly used viewing commands are: tail -f for real-time tracking, grep for filtering keywords (e.g., "error"), and cat/less for file processing. Fault diagnosis follows the process: "phenomenon → locate logs → keyword analysis": for user login failure, check auth.log (keyword "Failed password"); for web service startup failure, check service error logs (keyword "port occupied"); for system lag, check messages/dmesg (keywords "out of memory" or "IO error"). Key points to master: selecting the right log, filtering keywords, and paying attention to timestamps. Advanced tools include journalctl and the ELK Stack.
Read MoreMust-Know: Quick Reference for Linux Process Management Commands
This article introduces the core process management commands in the Linux system, helping beginners quickly solve daily problems. **Viewing Processes**: The `ps` command lists process statuses. A common usage is `ps -aux`, with key columns including PID (Process ID), USER (user), %CPU/%MEM (resource usage), STAT (status, e.g., R for running, S for sleeping), and COMMAND (start command). **Real-time Monitoring**: `top` dynamically updates process information. Press `P`/`M` to sort by CPU/memory usage, `k` to terminate a process, and `q` to exit. **Terminating Processes**: `kill` terminates processes by PID (e.g., `kill 1234`, use `-9` for forceful termination), and `killall` terminates by process name (e.g., `killall -9 firefox`). **Other Tools**: `pstree` displays process relationships in a tree structure. `jobs`/`bg`/`fg` manage background jobs (e.g., after pausing with `Ctrl+Z`, `bg %1` resumes background execution, and `fg %1` brings it back to the foreground). **Note for Beginners**: Avoid terminating
Read MoreYum/Apt Package Managers: Powerful Tools for Linux Software Installation
To install software on Linux, Yum or Apt package managers are required, which automatically handle downloading, dependencies, and updates. Yum is used for RHEL/CentOS/Fedora, managing .rpm packages. Its core commands include: `sudo yum install/search/remove/clean all`. Software sources are located in `/etc/yum.repos.d/`, and additional sources can be added via `epel-release`. Apt is for Debian/Ubuntu, managing .deb packages. Its commands are: `sudo apt install/search/remove/clean`. Before using `upgrade`, the sources must be updated with `update` first. Software sources are in `/etc/apt/sources.list` and `/etc/apt/sources.list.d/`, and Ubuntu users can switch to domestic mirror sources. Both managers rely on correct software sources. Beginners should first run `cat /etc/os-release` to confirm the distribution. If dependency issues occur, update the sources first; if software sources are incorrect, back them up and test. In summary: Use Yum for RHEL/CentOS/Fedora and Apt for Debian/Ubuntu. Familiarity is achieved through practice.
Read MoreIntroduction to Shell Scripting: Automating Tasks on Linux Servers
Shell scripts are automated execution tools in Linux that write commands into a text file in sequence to replace repetitive manual operations and improve efficiency. They are essential skills for server management. Their basic syntax includes variable assignment (no spaces around the equals sign), conditional judgment (if-else), and loops (for/while). The first "Hello World" script requires defining variables, adding execution permissions (chmod +x), and running the script. Practical scripts, such as disk monitoring, extract the root partition usage rate using commands like `df -h` and trigger an alert when it exceeds 80%. Precautions: Execute permission must be granted before running, no spaces in variable assignment, and use `./` to specify the current directory when executing. Learning can start with basic exercises, and after mastering variables, conditions, and loops, one can advance to learning `crontab` for scheduled tasks to achieve automated operations and maintenance.
Read MoreFTP Service Setup: A Guide to File Transfer on Linux Servers
This article introduces the method of setting up an vsftpd FTP server on Linux systems. FTP is a standard protocol for network file transfer, and vsftpd has become a popular choice for Linux due to its security and stability. The steps include: 1. Preparation: A Linux server (e.g., CentOS/Ubuntu), administrator privileges, and network configuration are required. 2. Installation: For CentOS, use `sudo yum install vsftpd -y`, and for Ubuntu, use `sudo apt install vsftpd -y`. 3. Start the service and set it to start on boot: `systemctl start/ enable vsftpd`. 4. Firewall configuration: Open port 21 (control connection) and passive ports 50000-60000 (data transfer). 5. Create FTP users: Root login is prohibited. Use `useradd` to set the home directory, and `chown`/`chmod` to modify permissions. 6. Configure vsftpd.conf: Enable local user login and write permissions, restrict users to their own home directories, and specify the passive port range. 7. Testing: Connect locally using `ftp localhost`, or remotely with tools like FileZilla. Common issues such as connection timeouts and permission errors require checking the firewall, service status, and directory permissions. The above steps can complete the basic setup.
Read MoreDNS Resolution Principle and Linux Server Configuration Practice
This article introduces the principles, Linux configuration, and setup methods of DNS (Domain Name System). DNS, often referred to as the "phone book" of the Internet, translates domain names (e.g., baidu.com) into IP addresses, enabling domain-name-to-IP mapping. Its resolution process consists of six steps: local cache query (checking the hosts file), local DNS server query, root domain server query, top-level domain server query, authoritative domain server query, and finally returning the IP address to the operating system. In Linux, local DNS configuration is implemented through two key files: `/etc/hosts`, acting as a local "mini-address book" with the highest priority; and `/etc/resolv.conf`, which specifies DNS servers (e.g., 114.114.114.114), though it may be dynamically overwritten. Taking BIND as an example for DNS server setup, the steps include installing the software, configuring the main file `/etc/named.conf`, creating forward and reverse zone data files, starting the service, and testing. Common issues include configuration syntax errors, firewall blocking the 53 port (DNS default port), and inability for other devices to resolve names. Troubleshooting involves checking configurations, logs, and permissions. DNS is fundamental to network communication. Mastering its principles and configuration allows efficient management of domain name resolution services.
Read MoreSetting IP Addresses on Linux Servers: A Beginner's Guide
The IP address of a Linux server is the foundation for device communication (like a "house number"). IPv4 consists of 4 groups of numbers ranging from 0 to 255 (e.g., 192.168.1.100) and is used to locate devices. IP configuration supports two methods: dynamic (via DHCP, automatic acquisition for temporary testing) and static (manual specification for production environments). To view the IP address: Use `ip addr` (recommended) or `ifconfig` (requires installation on some systems). Identify the network interface name (e.g., eth0/ens33) and the assigned IP address. For static configuration (CentOS example): Confirm the network interface name, modify `/etc/sysconfig/network-scripts/ifcfg-ens33`, set `BOOTPROTO=static`, specify `IPADDR`, `NETMASK`, `GATEWAY`, and `DNS`, then restart the network service with `systemctl restart network` and verify the IP. For dynamic configuration: Change the configuration file's `BOOTPROTO=dhcp`, restart the network, and verify. For Ubuntu, use Netplan; configuration files are located in `/etc/netplan/`, apply changes with `netplan apply`. Common issues: IP conflicts, incorrect gateway/DNS settings. Troubleshoot using tools like `ping`.
Read MoreA Step-by-Step Guide to Configuring Linux Firewall (iptables)
This article introduces the configuration of Linux firewall (iptables) with the core objective of protecting server security. iptables is a packet filtering tool that manages traffic through tables (primarily filter), chains (INPUT/OUTPUT/FORWARD), and rules (match conditions + actions). Before configuration, existing rules should be checked (`iptables -L -n`) and cleared (`-F`/`-X`). Key steps include: allowing traffic on the local loopback interface (lo), setting default policies (DROP for inbound, ACCEPT for outbound), opening necessary ports (e.g., SSH, 80/443 for web services), and finally saving the rules (using `service iptables save` for CentOS and installing `iptables-persistent` for Ubuntu). Security considerations: prioritize rule order, apply the principle of least privilege, avoid directly exposing port 22 to the public internet, and regularly audit rules. Common operations include viewing, deleting, and clearing rules. By following these steps, a basic firewall can be quickly configured to meet the security needs of most servers.
Read MoreEssential for Beginners: A Detailed Explanation of Linux User Permission Management
Linux permission management is the core of security and collaboration in multi-user systems, aiming to protect system security (preventing misoperations and malicious behaviors) and enable division of labor and collaboration (different users obtaining permissions as needed). Core concepts include three types of users (ordinary users, system users, root), user groups (for unified permission management), and file/directory permissions divided into three categories: owner, group, and others. Each category corresponds to three operations: read (r), write (w), and execute (x) (e.g., a directory requires x permission to be entered). To view permissions, use `ls -l`. To modify permissions, use `chmod` (numerical method: r=4, w=2, x=1; e.g., 754 represents rwxr-xr--; symbolic method: `+/-/=` to add/remove/set permissions, e.g., `u+x` adds execute permission to the owner). Ownership or group can be changed via `chown`/`chgrp`. Common issues to note: Files cannot be modified mostly due to permission or ownership problems; directories cannot be accessed without x permission; ordinary users use `sudo` to escalate privileges. Security recommendations: Minimize root usage, do not grant write permissions to others, and regularly check permissions. Master `ls -l`, `chmod`, and `chown`.
Read MoreBeginner's Guide to Nginx: From Installation to Reverse Proxy Configuration
Nginx is a high-performance HTTP and reverse proxy server, lightweight and stable, suitable for scenarios such as website building and load balancing. Installation is divided into Ubuntu/Debian (`sudo apt install nginx`) and CentOS/RHEL (`sudo yum install nginx`). Verification is done with `nginx -v`. Start the service (`sudo systemctl start nginx`) and set it to start automatically (`sudo systemctl enable nginx`). Management commands include start/stop, restart, and reload configuration (`reload`). For core reverse proxy configuration: Create a site configuration file (e.g., `myapp.conf`) in `/etc/nginx/conf.d/`. Example configuration: The `server` listens on port 80, `server_name` is set to the domain name/IP, `location /` forwards to the backend port (e.g., `127.0.0.1:3000`) via `proxy_pass`, and passes Host and real IP through `proxy_set_header`. After configuration, check syntax with `nginx -t`, and `reload` to apply changes, then test access to the backend content. Notes: Open ports 80/443 in the firewall, ensure the backend service is running, and `proxy_pass` must start with `http://`/`https://`.
Read MoreSetting up Apache on Linux Servers: Quick Deployment of Websites
### Apache Web Server Setup Guide Apache is an open-source, free, and mainstream web server suitable for Linux, Windows, and other systems, making it the first choice for beginners in website building. The setup process is as follows: **Prerequisites**: A Linux server (e.g., Alibaba Cloud CentOS/Ubuntu), basic command-line operation skills, and root/sudo privileges. **Installation**: For CentOS, use `sudo yum install httpd -y`; for Ubuntu, use `sudo apt install apache2 -y`. **Start and Enable Auto-Start**: On CentOS, run `sudo systemctl start httpd` and `enable` it for boot auto-start; Ubuntu uses `apache2` instead. Check the running status with `systemctl status` (success if it shows `active (running)`). **Firewall Configuration**: Open port 80 (default for HTTP). For CentOS: `firewall-cmd --add-port=80/tcp --permanent` and reload. For Ubuntu: `ufw allow 80/tcp`. **Website Deployment**: The website root directory is `/var/www/html`. Create `index.html` (e.g., with content "Hello, Linux Server!"). After restarting Apache, access the server IP via a browser. **Advanced**: Virtual hosts enable multi-site hosting, requiring configuration of `/etc
Read MoreUnderstanding Linux SSH Service: A Complete Guide to Configuration and Usage
SSH is a secure remote management protocol for Linux servers, replacing insecure services like Telnet by ensuring data security through encrypted transmission. Its advantages include high security (default AES/RSA encryption), cross-platform compatibility, and rich features such as file transfer. It consists of the server-side `sshd` (listening on port 22) and the client-side `ssh`. Installation varies: for Ubuntu/Debian, install and start `sshd` via `apt`; for CentOS/RHEL, use `yum`. Verification involves checking service status and port availability. Basic client login is done with `ssh username@IP`. Passwordless login requires generating a key pair and copying the public key to the server. Server configuration is managed via `sshd_config`, allowing modifications such as changing the port, disabling direct root login, or password-based authentication. After configuration changes, restart the service. Common issues require checking service operation, port accessibility, and firewall settings. SSH is a must-have skill for system administrators, requiring mastery of installation, configuration, and basic usage.
Read MoreZero to Hero: A Guide to Installing Linux on a Server
This article introduces a Linux server installation guide suitable for beginners. Linux servers are secure, efficient, and ideal for high-concurrency tasks, making them fundamental for operations and maintenance. Before installation, the appropriate scenario should be chosen: either a local virtual machine (requiring software like VirtualBox and an Ubuntu Server ISO) or a cloud server (e.g., Alibaba Cloud ECS). Ubuntu Server 22.04 LTS is recommended. For local virtual machine installation: Create a virtual machine (with at least 2GB RAM and a 20GB dynamically allocated hard disk), mount the ISO for booting, select English for installation, use automatic partitioning, set a username and password, check the OpenSSH server option, and verify login after reboot. For cloud server installation: Create an instance on Alibaba Cloud (1 core, 2GB RAM, Ubuntu image) and connect via SSH (using keys for enhanced security). Post-installation verification includes executing `lsb_release -a` to check the version, using `ping` to test network connectivity, and running `sudo apt update` to verify permissions. Beginners should note password security, bridged networking for virtual machines, and installing tools like `vim`. Mastering minimal installation, remote connection, and permission management will enable smooth entry-level operations following the step-by-step instructions.
Read MoreEssential for Beginners: 5 Basic Linux Server Commands
This article introduces 5 basic core commands for Linux servers to help beginners quickly get started. The `ls` command is used to view directory files, displaying the current directory by default. Common parameters include `ls -l` (detailed information), `ls -a` (including hidden files), and `ls [path]` (specifying a directory). The `cd` command switches directories: `cd [directory name]` enters a subdirectory, `cd ..` returns to the parent directory, `cd ~` goes to the home directory, and `cd /` navigates to the root directory. The `pwd` command directly displays the current path, preventing operational errors. `mkdir` creates directories: `mkdir [directory name]` creates a single-level directory, while `mkdir -p [multi-level]` builds nested directories. `df -h` checks disk space, with `-h` converting to human-readable units to view partition sizes and usage rates. These 5 "foundation" commands are fundamental for server management. Practicing parameters (e.g., `ls -l/a`, `mkdir -p`) and familiarizing with the "parameter + target" mode will help beginners gradually advance their skills.
Read MoreDeleting All Lines in Vim
There are two common methods to delete all lines in Vim. First, in command mode, press `gg` to jump to the beginning of the file, then enter `dG`. Here, `gg` positions the cursor at the first line, and `dG` deletes from the current line to the end of the file. Second, directly enter `:%d` in command mode and press Enter. The `%` denotes the entire file range, and `d` is the delete command. After execution, the file content is cleared. If there are unsaved changes, Vim will prompt whether to save when exiting.
Read MoreCommand to Output Current Time in Ubuntu Terminal
In the Ubuntu system, the `date` command can output the current time. The basic `date` command displays the complete date and time, including the weekday, month, day, specific time, and time zone. To display only the time part, formatting parameters can be used, such as `date +"%H:%M:%S"` to output the 24-hour format time; `date +"%I:%M:%S %p"` to output the 12-hour format with AM/PM indicator.
Read MoreThe Use and Trade-offs of Foreign Keys in Databases
There is debate over whether foreign keys should be used in database design. While foreign keys ensure data integrity, they introduce issues such as reduced write performance, increased system coupling, high operational risks, poor flexibility, uncontrollable cascading operations, failure in distributed scenarios, and redundant validation with the application layer. The alternative is to ensure data integrity at the application layer. Foreign keys may be considered for small systems, but modern high-concurrency systems often avoid them. The essence lies in balancing the database's strong constraints with system performance and flexibility.
Read MoreChanging the Owner and Group of Folders and Files in Ubuntu
In the Ubuntu system, the `chown` command is used to modify the owner user and group of a file or folder. The basic syntax is `chown [options] username:group filename/foldername`. Common operation examples include: using `sudo chown username filename.txt` to change the file owner;
Read MoreChecking for Malicious Logins on Ubuntu System
In Ubuntu system, there are multiple ways to check for malicious login situations. To view login history, commands like `last`, `lastb`, and `last -i` can be used. For system log inspection, commands such as `sudo grep "Failed password" /var/log/auth.log` are applicable; in newer Ubuntu versions, `journalctl -u ssh -g "Failed password"` can be used instead. To check recently logged-in users, commands like `who`, `w`, and `lastlog` are useful. For SSH login records, `sudo grep sshd /var/log/auth.log` combined with relevant keywords can be employed.
Read More