Guides

Practical how-to guides for common tasks, configurations, and best practices.

By Onidel

• 7 articles

IPv6 Configuration On Linux

We offer free, fully routed /64 IPv6 per cloud server. We do not support automatic (SLAAC) or dynamic (DHCPv6) IPv6 assignment for the time being. If you use our pre-built images and enable IPv6 during the initial deployment of your cloud server, it will be automatically configured via cloud-init (Linux) or cloudbase-init (Windows). If you install your OS using a custom ISO or enable IPv6 after the server has been created, you will need to configure it manually. You can find necessary details to configure your IPv6 prefix in the Public IPv6 tab under the Network section. Ubuntu 18.04, 20.04 / Debian 10, 11 1. Create a new netplan file for the IPv6 config e.g. /etc/netplan/90-ipv6.yml. Replace 2401:a4a0:2:a3::/64 with your unique IPv6. network: ethernets: eth0: addresses: - 2401:a4a0:2:a3::/64 gateway6: fe80::1 version: 2 2. Enable the new config: sudo netplan apply 3. Confirm IPv6 is configured: ip -6 a Ubuntu 22.04+ / Debian 12+ 1. Create a new netplan file for the IPv6 config e.g. /etc/netplan/90-ipv6.yml. Replace 2401:a4a0:2:a3::/64 with your unique IPv6. network: ethernets: eth0: addresses: - 2401:a4a0:2:a3::/64 routes: - to: default via: fe80::1 version: 2 2. Enable the new config: sudo netplan apply 3. Confirm IPv6 is configured: ip -6 a RHEL (CentOS, AlmaLinux) 7-8 1. Append the IPv6 configuration to the existing configuration file in /etc/sysconfig/network-scripts/ifcfg-eth0 without removing the current settings, as shown below. Replace 2401:a4a0:2:a3::/64 with your assigned unique IPv6 block. IPV6ADDR=2401:a4a0:2:a3::/64 IPV6INIT=yes IPV6_DEFAULTGW=fe80::1%eth0 2. Restart the network service: sudo systemctl restart network 3. Confirm IPv6 is configured: ip -6 a RHEL (CentOS, AlmaLinux) 9 1. Run the following command to add the IPv6 configuration to the interface. Replace 2401:a4a0:2:a3::/64 with your assigned unique IPv6 block. nmcli connection modify eth0 \ ipv6.addresses 2401:a4a0:2:a3::/64 \ ipv6.gateway fe80::1 \ ipv6.method manual \ ipv6.may-fail yes 2. Enable the new configuration: nmcli connection up eth0 3. Confirm IPv6 is configured: ip -6 a

Last updated on Aug 24, 2025

How to Disable Secure Boot

If you need to disable Secure Boot, use the Console in the panel to access your server and initiate a reboot. When the boot screen appears as shown below, press the Esc key to enter the BIOS: The UEFI setting screen will be like this: Enter Device Manager, then enter Secure Boot Configuration: Use arrow keys to move to Attempt Secure Boot option and press Space key to deselect Secure Boot: Back to the main UEFI settings screen and choose Reset to reboot the VM.

Last updated on Aug 27, 2025

How to Configure Reverse DNS

Reverse DNS (rDNS), also known as a PTR record, links an IP address to a domain name, typically a subdomain. This process works in the opposite direction of regular (forward) DNS, where a domain name is connected to an IP address. For example, if you set the reverse DNS for IP 123.123.123.123 to mail.example.com: - When you query the IP address of mail.example.com using a command like DIG, you'll receive the IP 123.123.123.123. - Conversely, performing a reverse DNS lookup on 123.123.123.123 will return mail.example.com. Reverse DNS is often used to verify the source of an email, adding an extra layer of security. Many email servers are configured to reject or flag messages as spam if the sending IP does not have a valid reverse DNS record. How to Configure Reverse DNS To configure the reverse DNS, log in to the Onidel Cloud Control Panel, navigate to the service that has the IP you want to configure and click on Reverse DNS tab: You can view the list of IPs associated with the server that have PTR records configured in the Reverse DNS Records table. To add a new Reverse DNS record or update an existing one, input the IP address concerned and enter the domain and click Add/Update Reverse DNS. Adding a new record will also delete any invalid PTR record has the same domain. When you add or update a record, our system immediately checks if the A Record points to the specified IP address. If the A record is changed after reverse DNS has been set, our system may remove the reverse DNS for that address.

Last updated on Aug 27, 2025

Change Your Preferred Currency

Due to technical limitations, changing the currency after it has been selected is not supported. However, you can create a new team with your preferred currency and updated billing details. Create a new team with new currency Navigate to Team Management > New Team. Fill in team name and description, then untick Use default team's billing information In the Billing Information section, you can choose your desired currency. Click Create Team to finish creating a new team. Make the new team primary team On the Team Management page, find the team you want to set as your default. Click the three dots icon next to it, then select Make Primary Team. From now on, your new primary team will be selected by default when you log in. You can switch teams anytime using the dropdown menu in the top-left corner of the dashboard.

Last updated on Aug 27, 2025

Converting VM IPs to Reserved IPs

Reserved IPs allow you to retain specific IP addresses even after terminating a VM, so you can reassign them to other VMs later. Pricing - IPv4: $3/month (billed hourly) - IPv6: $1/month (billed hourly) How to Convert an Existing IP 1. Navigate to your VM's management page 2. Go to Network → Public Network 3. In the Public Network tab, locate your VM's primary IP 4. Click the conversion button to convert it to a Reserved IP Managing Reserved IPs After conversion, your IP appears in the Reserved IPs section where you can: - Assign it to any VM in your account - Retain it even after terminating the original VM - Reassign it to new or existing VMs as needed Reserved IPs remain in your account until you explicitly release them, ensuring you never lose important IP addresses when managing your infrastructure.

Last updated on Nov 01, 2025

Disable or Change Windows Server Account Lockout

When attempting to connect to your Windows Server via Remote Desktop, you may encounter this security error: "As a security precaution, the user account has been locked out because there were too many logon attempts or password change attempts. Wait a while before trying again, or contact your system administrator or technical support." This occurs when Windows Server's default security policy temporarily locks accounts after multiple failed login attempts, preventing unauthorised access attempts while potentially blocking legitimate users. Understanding Account Lockout Policies Windows Server implements account lockout policies as a security measure against brute-force attacks. The system tracks failed login attempts and temporarily disables accounts that exceed the configured threshold. These policies include: - Account lockout threshold: Number of failed attempts before lockout - Account lockout duration: How long the account remains locked - Reset account lockout counter after: Time before the failed attempt counter resets Solution: Modify Account Lockout Settings Access Local Security Policy 1. Use Onidel Console feature to access to the Windows. 2. Click the Start button or press the Windows key 3. Type secpol.msc or search for Local Security Policy 4. Run the application as Administrator Navigate to Account Lockout Settings 1. In the Local Security Policy window, expand Account Policies in the left panel 2. Select Account Lockout Policy 3. You'll see three configurable settings in the right panel Configure the Settings Option 1: Disable Account Lockout (Less Secure) - Double-click Account lockout threshold - Set the value to 0 (zero) - Click OK to apply - This completely disables account lockouts, allowing unlimited login attempts Option 2: Adjust Lockout Parameters (Recommended) - Account lockout threshold: Set to a reasonable number (e.g., 5-10 attempts) - Account lockout duration: Configure in minutes (e.g., 30 minutes) - Set to 0 for manual unlock only by administrator - Set to a specific value for automatic unlock after that duration - Reset account lockout counter after: Set the time window for counting attempts (e.g., 30 minutes) Apply Changes After modifying the settings: 1. Click OK to save each setting 2. Close the Local Security Policy window 3. Changes take effect immediately - no restart required Security Considerations While disabling or reducing account lockout restrictions improves accessibility, consider these security implications: - Disabling lockouts (threshold = 0) removes protection against brute-force attacks - Short lockout durations may not sufficiently deter automated attacks - High thresholds reduce security but minimise accidental lockouts For production servers, we recommend: - Maintain a threshold of 5-10 attempts - Set lockout duration to 15-30 minutes - Use complex passwords to reduce the likelihood of successful attacks - Consider implementing additional security layers like IP whitelisting or VPN access

Last updated on Nov 02, 2025

Using your own domain with Onidel Object Storage

This guide walks you through configuring a custom domain to serve content from Onidel Object Storage, enabling you to host static websites or serve files using your own domain name instead of the default Onidel storage URLs. Prerequisites Before starting, ensure you have: - An active Onidel Object Storage service. - A registered domain name that you control - Access to your domain's DNS management panel - A Cloudflare account (recommended for SSL and CDN capabilities) Overview Onidel Object Storage supports static website hosting with custom domains through a straightforward configuration process. By creating a specially-named bucket and configuring DNS records, you can serve your content directly from your own domain with full SSL support through Cloudflare's proxy service. Step 1: Create a Domain-Matched Bucket The first requirement is creating a bucket with a name that exactly matches your intended domain. Creating the Bucket Navigate to your Onidel Object Storage dashboard and create a new bucket. The bucket name must precisely match the domain or subdomain you plan to use. Examples: - For example.com, create a bucket named example.com - For cdn.example.com, create a bucket named cdn.example.com - For assets.mysite.io, create a bucket named assets.mysite.io The bucket name must match the full domain including any subdomains. This naming convention is essential for the routing system to correctly map requests to your bucket. Throughout this tutorial, we use a setup based on the domain mydomain.onidel.com.au. Step 2: Configure Bucket Visibility After creating your bucket, you need to modify its access permissions to allow public access for web hosting. Changing Visibility Settings 1. Access your bucket through the Onidel Object Storage dashboard 2. Navigate to the Settings tab for your bucket 3. Locate the Bucket Visibility in Access & Versioning section 4. Change the setting from Private to Public This modification allows anonymous users to read objects in your bucket, which is necessary for serving website content to visitors. Step 3: Enable Static Website Hosting With your bucket configured for public access, the next step is enabling static website hosting functionality. Activating Website Hosting 1. Navigate to the Website tab for you bucket. 2. Enable the static website hosting option 3. Configure the following settings as needed: a. Index Document: Specify your default page (typically index.html) b. Error Document: Define your custom error page (typically 404.html or error.html) 4. Save your configuration Understanding Your Website Endpoint Once static website hosting is enabled, Onidel Object Storage generates a unique website endpoint for your bucket. This endpoint follows a specific format based on your bucket's region: http://<your-domain>.s3-website.<region>.onidel.cloud Make note of this endpoint URL as you'll need it for DNS configuration in the next step. Step 4: Configure DNS Records The final step involves pointing your domain to the Onidel Object Storage endpoint through DNS configuration. Access your domain's DNS management panel (this might be through your domain registrar, Cloudflare, or another DNS provider) and create a CNAME record pointing to the endpoint from step 3. We recommend using Cloudflare to take advantages of automatic SSL/TLS encryption, CDN caching and DDoS protection: Verifying Your Configuration After completing the setup, verify your configuration: 1. DNS Propagation: Wait 5-15 minutes for DNS changes to propagate 2. Test Access: Navigate to your domain in a web browser 3. SSL Verification: If using Cloudflare proxy, verify HTTPS access works Your custom domain is now configured to serve content from Onidel Object Storage. Visitors accessing your domain will receive files directly from your bucket (with SSL encryption through Cloudflare's proxy if using Cloudflare). If you encounter any issues during setup, please open a support ticket through your dashboard and we'll be happy to assist.

Last updated on Dec 18, 2025