Monday, January 21, 2019
Friday, January 18, 2019
Host a addon domain in Crazydomain.com
Main domain under hosting: fresh.com.au
Host Server
Information:
Server's shared IP Address: 103.68.166.65
Default:
Name Server: NS2.CRAZYDOMAINS.COM
Name Server: NS1.CRAZYDOMAINS.COM
DNS Settings:
A Record freshexport.com.au 203.170.80.250
A Record sophrecruit.com 103.67.235.120
www.sophrecruit.com 103.67.235.120
sophrecruit.com 203.170.80.250
www.sophrecruit.com 203.170.80.250
Modification setting:
Name Server: ns1.syrahost.com
Name Server: ns2.syrahost.com
For Email Hosting, WordPress Hosting, Web Hosting (Linux),
Sitebeat (Website/eShop Builder)
And, for Hosting Manager - cPanel
DNS settings:
A Record example.com 103.68.166.65(Shared IP Address)
Tuesday, January 15, 2019
Docker essential commands
View running instances:
$ docker ps
View all instances including stopped one:
$ docker ps -a
View all downloaded images in the system:
$ docker images
Instantiate and run an image:
$ docker run -it --name x1 ubuntu bash
Here, i = interactive
t = terminal
$ docker run -d -p x1
(location to docker file)
$ docker build -t x1
Remove an instance:
$ docker rm
$ docker rmi
Start / Stop instance:
$ docker stop x1
$ docker start x1
Map a local drive to a docker instance:
$ docker rm -d -p -v /home/kd/myCode:/var/www/html
$ docker ps
View all instances including stopped one:
$ docker ps -a
View all downloaded images in the system:
$ docker images
Instantiate and run an image:
$ docker run -it --name x1 ubuntu bash
Here, i = interactive
t = terminal
$ docker run -d -p x1
(location to docker file)
$ docker build -t x1
Remove an instance:
$ docker rm
$ docker rmi
Start / Stop instance:
$ docker stop x1
$ docker start x1
$ docker rm -d -p -v /home/kd/myCode:/var/www/html
Set Up IP and Port-Based Virtual Hosting (Vhosts) With Apache Web Server on FreeBSD
I am going to create two virtual hosts, namely microtechna_com and nextcloud15.
Create the Directory Structure:
# mkdir /usr/local/www/apache24/microtechna_com
# mkdir /usr/local/www/apache24/nextcloud15
Ownership to webserver user(www user in www group in freebsd):
# chown -R www:www /usr/local/www/apache24/nextcloud15
# chown -R www:www /usr/local/www/apache24/microtechna_com/
Grant write permissions for group/other:
# chmod -R go+w /usr/local/www/apache24/nextcloud15/
# chmod -R go+w /usr/local/www/apache24/microtechna_com/
See the Permissions:
# ls -la /usr/local/www/apache24/nextcloud15/
# ls -la /usr/local/www/apache24/microtechna_com/
Create Demo Pages for Each Virtual Host:
# ee /usr/local/www/apache24/microtechna_com/info.php
# ee /usr/local/www/apache24/nextcloud15/info.php
<?php infophp(); ?>
Backup httpd.conf:
# cp /usr/local/etc/apache24/httpd.conf /usr/local/etc/apache24/httpd.conf.orginal
Backup httpd-vhosts.conf
# cp /usr/local/etc/apache24/extra/httpd-vhosts.conf /usr/local/etc/apache24/extra/httpd-vhosts.conf.orginal
# cp /usr/local/etc/apache24/extra/httpd-vhosts.conf.orginal /usr/local/etc/apache24/extra/httpd-vhosts.conf
To set up multiple ports, you need to edit the httpd.conf file:
# ee usr/local/etc/apache24/httpd.conf
Add/edit the following lines:
Listen 192.168.1.42:80
Listen 192.168.1.43:8080
Understanding the directive:
ServerRoot "/usr/local"
Specifies the default directory hierarchy for the Apache installation. Binaries are stored in the bin and sbin subdirectories of the server root and configuration files are stored in the etc/apache2x subdirectory.
ServerAdmin you@example.com
Change this to the email address to receive problems with the server. This address also appears on some server-generated pages, such as error documents.
ServerName www.example.com:80
Allows an administrator to set a hostname which is sent back to clients for the server. For example, www can be used instead of the actual hostname. If the system does not have a registered DNS name, enter its IP address instead. If the server will listen on an alternate report, change 80 to the alternate port number.
DocumentRoot "/usr/local/www/apache2x/data"
Create the First Virtual Host:
# vi /usr/local/etc/apache24/extra/httpd-vhosts.conf
Running # apachectl configtest; should return Syntax OK.
or, # service apache24 configtest
This command will dump out a description of how Apache parsed the configuration file.
# apachectl -S
Restart Apache:
# service apache24 restart
Check VirtualHost Configuration Syntax
# /usr/local/apache2/bin/httpd -S
FreeBSD firewall IPFW port check:
Create the Directory Structure:
# mkdir /usr/local/www/apache24/microtechna_com
# mkdir /usr/local/www/apache24/nextcloud15
Ownership to webserver user(www user in www group in freebsd):
# chown -R www:www /usr/local/www/apache24/nextcloud15
# chown -R www:www /usr/local/www/apache24/microtechna_com/
Grant write permissions for group/other:
# chmod -R go+w /usr/local/www/apache24/nextcloud15/
# chmod -R go+w /usr/local/www/apache24/microtechna_com/
See the Permissions:
# ls -la /usr/local/www/apache24/nextcloud15/
# ls -la /usr/local/www/apache24/microtechna_com/
Create Demo Pages for Each Virtual Host:
# ee /usr/local/www/apache24/microtechna_com/info.php
# ee /usr/local/www/apache24/nextcloud15/info.php
<?php infophp(); ?>
Backup httpd.conf:
# cp /usr/local/etc/apache24/httpd.conf /usr/local/etc/apache24/httpd.conf.orginal
Backup httpd-vhosts.conf
# cp /usr/local/etc/apache24/extra/httpd-vhosts.conf /usr/local/etc/apache24/extra/httpd-vhosts.conf.orginal
# cp /usr/local/etc/apache24/extra/httpd-vhosts.conf.orginal /usr/local/etc/apache24/extra/httpd-vhosts.conf
To set up multiple ports, you need to edit the httpd.conf file:
# ee usr/local/etc/apache24/httpd.conf
Add/edit the following lines:
Listen 192.168.1.42:80
Listen 192.168.1.43:8080
Understanding the directive:
ServerRoot "/usr/local"
Specifies the default directory hierarchy for the Apache installation. Binaries are stored in the bin and sbin subdirectories of the server root and configuration files are stored in the etc/apache2x subdirectory.
ServerAdmin you@example.com
Change this to the email address to receive problems with the server. This address also appears on some server-generated pages, such as error documents.
ServerName www.example.com:80
Allows an administrator to set a hostname which is sent back to clients for the server. For example, www can be used instead of the actual hostname. If the system does not have a registered DNS name, enter its IP address instead. If the server will listen on an alternate report, change 80 to the alternate port number.
DocumentRoot "/usr/local/www/apache2x/data"
Create the First Virtual Host:
# vi /usr/local/etc/apache24/extra/httpd-vhosts.conf
or, # service apache24 configtest
This command will dump out a description of how Apache parsed the configuration file.
# apachectl -S
Restart Apache:
# service apache24 restart
FreeBSD firewall IPFW port check:
IPFW stateful firewall written for FreeBSD
Essential Directory list:
# ls /usr/local/etc/apache24/httpd.conf
# ls /usr/local/www/apache24/microtechna_com/ index.html
# vi /usr/local/etc/apache24/extra/httpd-vhosts.conf
Ref links:
Apache HTTP Server
Apache Virtual Host documentation
httpd - Apache Hypertext Transfer Protocol Server
IPFW stateful firewall written for FreeBSD
<VirtualHost *:80>
ServerName 192.168.10.114:8080
ServerAlias example
DocumentRoot "/usr/local/www/apache24/nextcloud15"
DirectoryIndex index.php index.html
<Directory /usr/local/www/apache24/nextcloud15>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php5-fpm.sock|fcgi://localhost/"
</FilesMatch>
ErrorLog /var/log/nextcloud15-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/nextcloud15-access.log combined
</VirtualHost>
# ee /etc/rc.conf
Essential Directory list:
# ls /usr/local/etc/apache24/httpd.conf
# ls /usr/local/www/apache24/microtechna_com/ index.html
# vi /usr/local/etc/apache24/extra/httpd-vhosts.conf
Ref links:
Apache HTTP Server
Apache Virtual Host documentation
httpd - Apache Hypertext Transfer Protocol Server
IPFW stateful firewall written for FreeBSD
<VirtualHost *:80>
ServerName 192.168.10.114:8080
ServerAlias example
DocumentRoot "/usr/local/www/apache24/nextcloud15"
DirectoryIndex index.php index.html
<Directory /usr/local/www/apache24/nextcloud15>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</Directory>
<FilesMatch \.php$>
SetHandler "proxy:unix:/var/run/php5-fpm.sock|fcgi://localhost/"
</FilesMatch>
ErrorLog /var/log/nextcloud15-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/nextcloud15-access.log combined
</VirtualHost>
Monday, January 14, 2019
Mikrotik essential commands:
Reset from the GUI:
reset is better, check the 3 boxes.
/ system reset-configuration
/ system reset-configuration keep-users=yes no-defaults=yes run-after-reset=flash/nhan02.rsc
Reboot:/ system reboot
Script export without
the line wrap:
/ export terse file=dump
Securing Mikrotik: checklist
9 Tips to Secure your router: https://www.phallaccmt.com/2018/03/143-mikrotik-how-to-secure-your-router.html
1. Not using default username/password = ok
2. Using complex password = ok
3. Allow only specific user to access your router: /User (allow-address) = ok
4. Allow only used /ip service and change default port = ok
5. Disable Mac-telnet, Mac-Ping and Mac-Winbox: /tool mac-server = ok
6. Disable neighbor discovery protocol = ok
7. Disable BTest Server: /tool BTest-server = ok
8. Disable Allow Remote Requests: /ip dns = ok
9. Disable unuse interface/service = ok
Ref: https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router
Port forward in Mikrotik router
Server local ip is: 192.168.1.200:3999
Command line:
/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-port=3999 in-interface=ether1-gateway protocol=tcp to-addresses=192.168.1.200 to-ports=3999
GUI:
Command line:
/ip firewall nat
add action=dst-nat chain=dstnat disabled=no dst-port=3999 in-interface=ether1-gateway protocol=tcp to-addresses=192.168.1.200 to-ports=3999
GUI:
Sunday, January 13, 2019
Disableing Windows 10 update
1. Open the Run command (Win + R), in its type: services.msc and press enter.
2. From the Services list which appears to find the Windows Update service and open it.
2. From the Services list which appears to find the Windows Update service and open it.
Monday, January 7, 2019
User & groups: freeBSD
Table 3.2. UNIX® Permissions
Symbolic permission
Users and groups stored in /etc/group and /etc/passwd. To print:
# awk -F":" '{print $1}' /etc/passwd
# awk -F":" '{print $1}' /etc/group
Assigning ownership to a particular user of a group:
# chown -R www:www /usr/local/www/apache24/life110volts.com
Give file access permission:
# chmod -R /usr/local/www/apache24/life110volts.com
To see the file list with the permission:
root@freebsd:/ # ls -la /usr/local/www/apache24/life110volts.com
drwxr-xr-x 7 root wheel 512 Dec 30 10:45 ..
Meaning:
-d:file/directory, First:owner, second: group, third:world
Users and Basic Account Management
chown - Unix, Linux Command
# awk -F":" '{print $1}' /etc/passwd
# awk -F":" '{print $1}' /etc/group
Assigning ownership to a particular user of a group:
# chown -R www:www /usr/local/www/apache24/life110volts.com
Give file access permission:
# chmod -R /usr/local/www/apache24/life110volts.com
To see the file list with the permission:
root@freebsd:/ # ls -la /usr/local/www/apache24/life110volts.com
drwxr-xr-x 7 root wheel 512 Dec 30 10:45 ..
Meaning:
-d:file/directory, First:owner, second: group, third:world
Users and Basic Account Management
Links: 1, Permissions freeBSD,
FreeBSD: Dependencies not found - PHP modules installation
Error: "Dependencies not found. The following PHP modules are required to use Nextcloud"
To install PHP extentions/dependencies/modules simply run it:
# cd /usr/ports/lang/php73-extensions && make install clean
To find available modules run:
# find /usr/ports -type d -iname "php73-*"
/usr/ports/archivers/php73-bz2
/usr/ports/archivers/php73-phar
/usr/ports/archivers/php73-zip
/usr/ports/archivers/php73-zlib
/usr/ports/converters/php73-iconv
/usr/ports/converters/php73-mbstring
/usr/ports/converters/php73-recode
/usr/ports/databases/php73-dba
/usr/ports/databases/php73-interbase
/usr/ports/databases/php73-mysqli
/usr/ports/databases/php73-odbc
/usr/ports/databases/php73-pdo
/usr/ports/databases/php73-pdo_dblib
/usr/ports/databases/php73-pdo_firebird
/usr/ports/databases/php73-pdo_mysql
/usr/ports/databases/php73-pdo_odbc
/usr/ports/databases/php73-pdo_pgsql
/usr/ports/databases/php73-pdo_sqlite
/usr/ports/databases/php73-pgsql
/usr/ports/databases/php73-sqlite3
/usr/ports/devel/php73-gettext
/usr/ports/devel/php73-intl
/usr/ports/devel/php73-json
/usr/ports/devel/php73-pcntl
/usr/ports/devel/php73-readline
/usr/ports/devel/php73-shmop
/usr/ports/devel/php73-sysvmsg
/usr/ports/devel/php73-sysvsem
/usr/ports/devel/php73-sysvshm
/usr/ports/devel/php73-tokenizer
/usr/ports/ftp/php73-curl
/usr/ports/ftp/php73-ftp
/usr/ports/graphics/php73-exif
/usr/ports/graphics/php73-gd
/usr/ports/lang/php73-extensions
/usr/ports/mail/php73-imap
/usr/ports/math/php73-bcmath
/usr/ports/math/php73-gmp
/usr/ports/misc/php73-calendar
/usr/ports/net-mgmt/php73-snmp
/usr/ports/net/php73-ldap
/usr/ports/net/php73-soap
/usr/ports/net/php73-sockets
/usr/ports/net/php73-xmlrpc
/usr/ports/security/php73-filter
/usr/ports/security/php73-hash
/usr/ports/security/php73-openssl
/usr/ports/security/php73-sodium
/usr/ports/sysutils/php73-fileinfo
/usr/ports/sysutils/php73-posix
/usr/ports/textproc/php73-ctype
/usr/ports/textproc/php73-dom
/usr/ports/textproc/php73-enchant
/usr/ports/textproc/php73-pspell
/usr/ports/textproc/php73-simplexml
/usr/ports/textproc/php73-wddx
/usr/ports/textproc/php73-xml
/usr/ports/textproc/php73-xmlreader
/usr/ports/textproc/php73-xmlwriter
/usr/ports/textproc/php73-xsl
/usr/ports/www/php73-opcache
/usr/ports/www/php73-session
/usr/ports/www/php73-tidy
To install PHP extentions/dependencies/modules simply run it:
# cd /usr/ports/lang/php73-extensions && make install clean
To find available modules run:
# find /usr/ports -type d -iname "php73-*"
/usr/ports/archivers/php73-bz2
/usr/ports/archivers/php73-phar
/usr/ports/archivers/php73-zip
/usr/ports/archivers/php73-zlib
/usr/ports/converters/php73-iconv
/usr/ports/converters/php73-mbstring
/usr/ports/converters/php73-recode
/usr/ports/databases/php73-dba
/usr/ports/databases/php73-interbase
/usr/ports/databases/php73-mysqli
/usr/ports/databases/php73-odbc
/usr/ports/databases/php73-pdo
/usr/ports/databases/php73-pdo_dblib
/usr/ports/databases/php73-pdo_firebird
/usr/ports/databases/php73-pdo_mysql
/usr/ports/databases/php73-pdo_odbc
/usr/ports/databases/php73-pdo_pgsql
/usr/ports/databases/php73-pdo_sqlite
/usr/ports/databases/php73-pgsql
/usr/ports/databases/php73-sqlite3
/usr/ports/devel/php73-gettext
/usr/ports/devel/php73-intl
/usr/ports/devel/php73-json
/usr/ports/devel/php73-pcntl
/usr/ports/devel/php73-readline
/usr/ports/devel/php73-shmop
/usr/ports/devel/php73-sysvmsg
/usr/ports/devel/php73-sysvsem
/usr/ports/devel/php73-sysvshm
/usr/ports/devel/php73-tokenizer
/usr/ports/ftp/php73-curl
/usr/ports/ftp/php73-ftp
/usr/ports/graphics/php73-exif
/usr/ports/graphics/php73-gd
/usr/ports/lang/php73-extensions
/usr/ports/mail/php73-imap
/usr/ports/math/php73-bcmath
/usr/ports/math/php73-gmp
/usr/ports/misc/php73-calendar
/usr/ports/net-mgmt/php73-snmp
/usr/ports/net/php73-ldap
/usr/ports/net/php73-soap
/usr/ports/net/php73-sockets
/usr/ports/net/php73-xmlrpc
/usr/ports/security/php73-filter
/usr/ports/security/php73-hash
/usr/ports/security/php73-openssl
/usr/ports/security/php73-sodium
/usr/ports/sysutils/php73-fileinfo
/usr/ports/sysutils/php73-posix
/usr/ports/textproc/php73-ctype
/usr/ports/textproc/php73-dom
/usr/ports/textproc/php73-enchant
/usr/ports/textproc/php73-pspell
/usr/ports/textproc/php73-simplexml
/usr/ports/textproc/php73-wddx
/usr/ports/textproc/php73-xml
/usr/ports/textproc/php73-xmlreader
/usr/ports/textproc/php73-xmlwriter
/usr/ports/textproc/php73-xsl
/usr/ports/www/php73-opcache
/usr/ports/www/php73-session
/usr/ports/www/php73-tidy
To install any needed dependency you need to cd to the port directory and install it, for example;
# cd /usr/ports/devel/php73-json && make install clean
# cd /usr/ports/archivers/php73-zip && make install clean
# cd /usr/ports/archivers/php73-zlib && make install clean
# cd /usr/ports/ftp/php73-curl && make install clean
# cd /usr/ports/graphics/php73-gd && make install clean
Enable /Disable PHP modules:
Enable /Disable PHP modules: freeBSD
Checking for installed php modules and packages# php -m
Search extension# ee /usr/local/etc/php.ini
To search extension,
# ee /usr/local/etc/php.ini
;extension=mbstring
Remove the semicolon to enable this extention
mbstring configuration starts with:
[mbstring]
In php.ini find this line
;When the extension library to load is not located in the default extension
; directory, You may specify an absolute path to the library file:
; extension=/path/to/extension/mysqli.so
Search extension# ee /usr/local/etc/php.ini
1.
To enable /disable PHP modules# cd /usr/ports/converters/php73-mbstring && make install clean
# cd /usr/ports/converters/php73-mbstring && make deinstall
To enable /disable PHP modules# cd /usr/ports/converters/php73-mbstring && make install clean
# cd /usr/ports/converters/php73-mbstring && make deinstall
To search extension,
# ee /usr/local/etc/php.ini
;extension=mbstring
Remove the semicolon to enable this extention
mbstring configuration starts with:
[mbstring]
2.
To find the default extension directory:The extention directory location dependes on the OS thus you need to find it manually.
# cat /usr/local/bin/php-config
Find this line.
extension_dir='/usr/local/lib/php/20180731'
Find this line.
extension_dir='/usr/local/lib/php/20180731'
In php.ini find this line
;extension_dir = "./"
Changed it to
Changed it to
extension_dir = "/usr/local/lib/php/20180731/"
;When the extension library to load is not located in the default extension
; directory, You may specify an absolute path to the library file:
; extension=/path/to/extension/mysqli.so
Simple call to the apachectl command for a graceful restart is needed to load the PHP module:
# apachectl graceful
# apachectl graceful
Or to hard restart,
# service apache24 restart
Saturday, January 5, 2019
Securing your SSH Server
First, check if you can manage to log in with the private key. If you can then it is time to secure your SSH server.
# ee /etc/ssh/sshd_config
To disable the Password authentication.
#ChallengeResponseAuthentication yes
#PasswordAuthentication no
#UsePAM no
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
Restart the SSH daemon and fingers crossed.
# service sshd restart
Check again, if you can manage to log in with the private key.
However, if you don’t plan to use SFTP/SCP to transfer files you should disable it. Do this by commenting out the line that starts with # Subsystem sftp.
Don't forget: Setting up your router port forwarding to 22
Funny mistake: You need to log in from outside network to log in with the public IP!
Link: How to secure your (SSH) server
(Login command)
# scp ~/.ssh/id_rsa.pub user@yourserver.com# ee /etc/ssh/sshd_config
To disable the Password authentication.
#ChallengeResponseAuthentication yes
#PasswordAuthentication no
#UsePAM no
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
Restart the SSH daemon and fingers crossed.
# service sshd restart
Check again, if you can manage to log in with the private key.
However, if you don’t plan to use SFTP/SCP to transfer files you should disable it. Do this by commenting out the line that starts with # Subsystem sftp.
Don't forget: Setting up your router port forwarding to 22
Funny mistake: You need to log in from outside network to log in with the public IP!
Link: How to secure your (SSH) server
Tuesday, January 1, 2019
Apache 2.4 /PHP7.3 /PHP-FPM /freeBSD 12 (part 2): Mysql Server57/PHP Extensions
Install Mysql server 57:
MySQL server 5.7 installations of FreeBSD 12
Install PHP Extensions:
When you install any DB support PHP extension it will automatically install this particular DB client libraries. Chances are that these client libs will be of an old version. To avoid version mismatch simply install the database server of version you want before installing the PHP extension.
# cd /usr/ports/lang/php73-extensions && make install clean
This is a meta-port listing main PHP extension. You check the option and it will install the port of this extension. But the list is not complete, for example, pecl-* extensions you will have to install by hand:
# cd /usr/ports/devel/pecl-intl
# make install clean
Complete!
MySQL server 5.7 installations of FreeBSD 12
Install PHP Extensions:
When you install any DB support PHP extension it will automatically install this particular DB client libraries. Chances are that these client libs will be of an old version. To avoid version mismatch simply install the database server of version you want before installing the PHP extension.
# cd /usr/ports/lang/php73-extensions && make install clean
This is a meta-port listing main PHP extension. You check the option and it will install the port of this extension. But the list is not complete, for example, pecl-* extensions you will have to install by hand:
# cd /usr/ports/devel/pecl-intl
# make install clean
Complete!
Block website with mikrotik
First, create a rule in IP>Firewall.Layer7
Add this Regix expression:
^.+(freelancer.com|upwork.com).*$
Secondly, create a firewal rule
In. interface: Lan
Action: Drop
rule: Forward
Layer 7: point the the layer 7 records,
Add this Regix expression:
^.+(freelancer.com|upwork.com).*$
Secondly, create a firewal rule
In. interface: Lan
Action: Drop
rule: Forward
Layer 7: point the the layer 7 records,
Subscribe to:
Posts (Atom)