How to fix Amazon EC2 instance when you accidentally block port 22

Scenario: You enable UFW on your Amazon EC2 instance then you log off the system. When you try to connect to that EC2 instance, it doesn’t work because you forget to add SSL (port 22) in the UFW rules.

Solution:

  1. We need another running EC2 instance to fix the broken EC2 instance. Please create a new EC2 instance if you don’t have an extra one handy
  2. Stop the broken EC2 instance and detach the volume
  3. Attach the volume from the broken EC2 to the other EC2 instance or the one you just created in step #1. For device name, you can use /dev/sdf (you can choose from sdf through sdp)
  4. Now connect to the new EC2 instance
  5. Create a folder named fixme (it can be any name you prefer) in your home directory
  6. Mount the volume to the fixme folder using the following command:
    sudo mount /dev/xvdf ~/fixme
    Note: newer linux kernels may rename your device to /dev/xvdf (which it did so in my case)
  7. After successful mount, go to ~/fixme/etc/ufw and edit ufw.conf
  8. Set enabled=no and save the change
  9. Unmount the volume using the following command:
    sudo umount /dev/xvdf
  10. Return to AWS console, detach the volume and reattach it to the broken EC2 instance
  11. Start that broken EC2 instance, it is now no longer broken and you will be able to SSH into that instance like before.

 

Associate NameCheap domain to Amazon EC2 instance

Scenario: You have registered a domain name through NameCheap and you have a running instance of Amazon EC2. Now you want to point the domain to the that EC2 instance.

Solution:

  1. Log into NameCheap.com and Amazon Web Services (AWS).
  2. In your NameCheap.com dashboard, go to “Domain List” and locate the domain name you want to point to AWS. Click the “manage” button.
  3. On the next page, click “Advanced DNS” tab. Under host records section, you should see 2 entries with “@” and “www”.
  4. Switch to AWS management console and go to your EC2 instance.
  5. On the left menu, click “Elastic IPs”
  6. Click “Allocate new address”.
  7. Select the new address you just created and click “Associate address”.
  8. Select your network interface from the drop-down.
  9. Select the private address from the drop-down and click “Associate”
  10. The changes in “Elastic IPs” will reflect on public IP address of the EC2 instance.
  11. Copy the public IP address and public DNS
  12. Switch back to NameCheap.com, locate entry with “@” symbol, set type to “A Record” and set value to public IP address
  13. Locate entry with “www”, set type to “CNAME Record” and set value to public DNS
  14. Apply your changes and you’re done!

You may have to wait a little before the association takes place. I’d say about 5 minutes. Now open your browse and type your domain name, it should now point to your EC2 instance.

How to install ClamAV on Ubuntu 14.04 LTS

  1. Install clamav and clamav-daemon. Clamav daemon is for automated use.

    ubuntu14:~$ sudo apt-get install clamav clamav-daemon -y

  2. Update the clamav pattern file:

    ubuntu14:~$ sudo freshclam

  3. Start clamav-daemon (clamd):

    ubuntu14:~$ sudo /etc/init.d/clamav-daemon start
    * Starting ClamAV daemon clamd [ OK ]

  4. Check clamd status:

    ubuntu14:~$ sudo /etc/init.d/clamav-daemon status
    * clamd is running

  5. Start and check the status of clamav-freshclam:

    ubuntu14:~$ sudo /etc/init.d/clamav-freshclam start
    * Starting ClamAV virus database updater freshclam [ OK ]

    ubuntu14:~$ sudo /etc/init.d/clamav-freshclam status
    * freshclam is running

  6. Verify ClamAV version number:

    ubuntu14:~$ sudo clamdscan -VClamAV 0.98.7/20523/Fri May 29 12:36:20 2015