The department server at botany.natur.cuni.cz runs on a single-processor SuperMicro server with AMD EPYC 7232P 3.1 GHz (8 cores, 16 threads), disk arrays are mirrored on 2 x 4 TB HDD and 2 x 1920 GB SSD disks giving a total capacity of almost 6 TB. The operating system is openSUSE GNU/Linux (version Leap 15.1). The web server is Apache 2.4. Also available are PHP 7, MariaDB (binary compatibility with MySQL) and PostgreSQL. More information about databases. To access data it is possible to use SSH/SFTP/SCP, see connection instructions. To easily access databases, users can use phpMyAdmin and phpPgAdmin.
If you are interested in a user account, contact the administrator. The basic disk space capacity is 4 GB (notification threshold) and after exceeding 4.3 GB your access will be blocked. If you need more space, you can get more upon request. You can use standard SFTP for access (port 22, server botany.natur.cuni.cz, encoding UTF-8). Consult the connection instructions.
Linux treats files and directories beginning with a dot as system files, so they are hidden. If you are not using an SFTP client compatible with UNIX permissions, it may happen that you won’t see such files. In this case, in the client settings it is necessary to enable viewing of hidden files. Total Commander needs an additional module, Altap Salamander (the faculty has a license) and works well with this from the get go. For this specific purpose the best choice for Windows is probably WinSCP (but it’s a fully standard protocol, so the choice of programs is practically unlimited). Also be aware that Linux distinguishes character size. So if you have a link on the page to the file "page.html", but the file is really called "Page.HTML", it’s not going to work (error 404, not found). We also recommend naming files WITHOUT diacritics and WITHOUT spaces, because when moving through the network these characters get coded into standard ASCII, a process which often generates errors.
Every user generally has the following directories in his/her basic home directory:
- public_html, where you can place your website (whatever you place there will be accessible to anyone at the address https://botany.natur.cuni.cz/user/). If for any reason you want to prevent access, it is possible to explicitly disable the page in the server settings so that even if something is in the folder, outside visitors will not be able to see it.
Every day all data is backed up on the CESNET data storage. Backup is always synced with the current files.
Blocking after repeated failures to log in
To increase security, the server now uses the Fail2ban program, which tracks unsuccessful login attempts on SSH, SFTP and for web services, and if there are five unsuccessful attempts in one minute, the IP address of the given computer will be blocked. This means that if someone tries to get on FTP after it has been blocked by Fail2ban, then they will not be looking at the Department website (which is generally fine). The blocking period has been set for one entire month. Of course, it may happen that an authorized user just can’t remember their password. In such case, they might consider blocking to be just punishment for a bad memory, or they can contact the administrator and ask for their account to be unblocked. To unblock an account, it is absolutely necessary for the innocent victim to know the IP address that they want unblocked (cannot be done without this)! You can find out your IP address in Windows by entering ipconfig /all in the command line. For Linux (or another UNIX) you will enter the command ifconfig -a or ip a s. Be careful, because these commands (in laptops) display information about both the wired and wireless card – you must select the one you were using when the blocking occurred. You can also use services like What Is My IP, but sometimes the result is not exact.
More information about IT (on the Department of Botany)