Archiwum kategorii: Debian

Know how for Debian Wheezy.

PHPMYADMIN install

Download phpmyadmin from this download page.

wget https://files.phpmyadmin.net/phpMyAdmin/${ver_number}/phpMyAdmin-${ver_number}-all-languages.tar.gz

Extract filers form archive:

tar xvf phpMyAdmin-${VERSION}-all-languages.tar.gz

Move extracted folder to /usr/share/phpmyadmin folder.

sudo mv phpMyAdmin-*/ /usr/share/phpmyadmin

Create directory for phpMyAdmin temp files.

sudo mkdir -p /var/lib/phpmyadmin/tmp
sudo chown -R www-data:www-data /var/lib/phpmyadmin

Create directory for phpMyAdmin configuration files such as htpass file.

sudo mkdir /etc/phpmyadmin/

Create phpMyAdmin configuration file.

sudo cp /usr/share/phpmyadmin/config.sample.inc.php  /usr/share/phpmyadmin/config.inc.php

Edit the file /usr/share/phpmyadmin/config.inc.php and set secret passphrase:

$cfg['blowfish_secret'] = 'T0FZTxt,g1wIhAQAzKWFUbVD0g6GL6AB'; 

You can generate secret passphrase using this webiste

Configure Temp directory:

$cfg['TempDir'] = '/var/lib/phpmyadmin/tmp';

Create phpMyAdmin Apache configuration file:

sudo vim /etc/apache2/conf-enabled/phpmyadmin.conf

And paste below contents to the file:

# phpMyAdmin default Apache configuration

Alias /phpmyadmin /usr/share/phpmyadmin

<Directory /usr/share/phpmyadmin>
    Options SymLinksIfOwnerMatch
    DirectoryIndex index.php

#<IfModule mod_authz_core.c>
#     <RequireAny>
#        #allows access from localhost
#        Require ip 127.0.0.1

        #allows access from particular ip address
        #Require ip 192.168.1.10
 
        #allows access from local network
#        Require ip 192.168.1.0/255.255.255.0

#	Require ip
#     </RequireAny>
#</IfModule>

 <IfModule !mod_authz_core.c>
    #rules order 
    Order Deny,Allow
 
    #block access from anywhere
   # Deny from All

    #allows access from localhost
    Allow from 192.168.1.80 
    #Allow from All
 
    #allows access from particular ip address
    #Allow from 192.168.1.2

    #below line allow access from network
    Allow from 192.168.1.0/255.255.255.0
</IfModule>


    <IfModule mod_php5.c>
        <IfModule mod_mime.c>
            AddType application/x-httpd-php .php
        </IfModule>
        <FilesMatch ".+\.php$">
            SetHandler application/x-httpd-php
        </FilesMatch>

        php_value include_path .
        php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
        php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
        php_admin_value mbstring.func_overload 0
    </IfModule>
    <IfModule mod_php.c>
        <IfModule mod_mime.c>
            AddType application/x-httpd-php .php
        </IfModule>
        <FilesMatch ".+\.php$">
            SetHandler application/x-httpd-php
        </FilesMatch>

        php_value include_path .
        php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
        php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
        php_admin_value mbstring.func_overload 0
    </IfModule>

</Directory>

# Authorize for setup
<Directory /usr/share/phpmyadmin/setup>
    <IfModule mod_authz_core.c>
        <IfModule mod_authn_file.c>
            AuthType Basic
            AuthName "phpMyAdmin Setup"
            AuthUserFile /etc/phpmyadmin/htpasswd.setup
        </IfModule>
        Require valid-user
    </IfModule>
</Directory>

# Disallow web access to directories that don't need it
<Directory /usr/share/phpmyadmin/templates>
    Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/libraries>
    Require all denied
</Directory>
<Directory /usr/share/phpmyadmin/setup/lib>
    Require all denied
</Directory>

wymuszenie HTTPS

Po skonfigurowaniu certyfikatu SSL, aby wymusić stronę do otwierania przez połączenie szyfrowane należy:

W sekcji VirtualHost w konfiguracji strony w apachu dodać:

<Directory /var/www/html/example.com/public_html>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

w katalogu strony dodać plik .htaccess a w nim:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]

Enable or Disable Service on startup in Linux

This is about: Enable or Disable service on startup in Linux

systemctl start SERVICE – starts a service, but doesn’t remain after reboot

systemctl stop SERVICE – stops a service, but doesn’t remain after reboot

systemctl restart SERVICE – restarts a service, but doesn’t remain after reboot

systemctl reload SERVICE – is supported by service, will reload configuration of the service without interfering with services depending on it.

systemctl status SERVICE – shows actual status of a service -is it currently running or not

systemctl enable SERVICE – changing service status to enabled. Service will be turned on at nest reboot.

systemctl disable SERVICE – turns off the service – it will not load at next reboot.

systemctl is-enabled SERVICE – checks if the service is enabled to load at startup

systemctl is-active SERVICE – checks if the service is running at the very moment

systemctl show SERVICE – information about the service.

systemctl mask SERVICE – (as root) the service is being disabled completely (service directed to/dev/null). Service wont be able to turned on by any command.

sudo systemctl unmask SERVICE – Reverts above action .

service –status-all – List running services using service command

To print the status of apache (httpd) service:
service httpd status

chkconfig --list – lists all known services

netstat -tulpn – lists services and their open ports

Maria DB / MYSQL

https://www.cyberciti.biz/faq/how-to-show-list-users-in-a-mysql-mariadb-database/

Login to mysqlas root using your root pass:
# mysql -u root -p

To list all the users:
mysql> SELECT User FROM mysql.user;

Show host permissions - where the users are allowed to logon from:
mysql> SELECT host, user FROM mysql.user;

Show users permissions:
mysql> SELECT User, Db, Host from mysql.db;

Show permissions of specific user:
mysql> show grants for 'root'@'%';
mysql> show grants for 'root'@'192.168.1.80';
mysql> show grants for 'root'@'localhost';

Change user host permissions:
UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='username';
FLUSH PRIVILEGES;

Change user password:
UPDATE mysql.user SET Password=PASSWORD('newpass') WHERE User='root';


To create new user:
CREATE USER 'superuser'@'localhost' IDENTIFIED BY 'new_pass';

And give access to do everything
GRANT ALL PRIVILEGES ON *.* TO 'superuser'@'localhost' WITH GRANT OPTION;

vsftp

VSFTPD

apt-get install vsftpd

 /etc/vsftpd.conf – configuration file -> always copy the file before editing:

cp /etc/vsftpd.conf /etc/vsftpd.conf.old

If SSH is configured, enabled and you are able to connect , you can use cert file as way of authorization. To do so, need to change form NO to YES in line:

ssl_enable = YES

Kompresja katalogu – zIP

Aby skompresować cały katalog:

tar -zcvf archive-name.tar.gz directory-name

-z : Compress archive using gzip program in Linux or Unix

-c : Create archive on Linux

-v : Verbose i.e display progress while creating archive

-f : Archive File name

Aby rozpakować:

tar -zxvf prog-1-jan-2005.tar.gz

-x: Extract files from given archive

OpenCart URL to short SEO friendly

enable rewrite engine in Debian:

# a2enmod rewrite

make sure the htaccess is readable – change ‚AllowOverride None’ to ‚AllowOverride All’ in configuration file of the shop website, in this case opencart shop is in dir: /var/www/shop


Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all

TO:


Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all

then change filename .htaccess.txt to .htaccess in the dir of the shop: /var/www/shop

restart apache:
#service apache2 restart

Instalacja Ioncube Loader Debian

64Bit x86_64 Linux:

wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.tar.gz
tar xfz ioncube_loaders_lin_x86-64.tar.gz

32Bit i386 Linux:

wget http://downloads3.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.tar.gz
tar xfz ioncube_loaders_lin_x86.tar.gz

cp ioncube /usr/local/

ls /usr/local/ioncube

root@wheezy:/usr/local# ls /usr/local/ioncube
ioncube_loader_lin_4.1.so ioncube_loader_lin_5.4_ts.so
ioncube_loader_lin_4.2.so ioncube_loader_lin_5.5.so
ioncube_loader_lin_4.3.so ioncube_loader_lin_5.5_ts.so
ioncube_loader_lin_4.3_ts.so ioncube_loader_lin_5.6.so
ioncube_loader_lin_4.4.so ioncube_loader_lin_5.6_ts.so
ioncube_loader_lin_4.4_ts.so ioncube_loader_lin_7.0.so
ioncube_loader_lin_5.0.so ioncube_loader_lin_7.0_ts.so
ioncube_loader_lin_5.0_ts.so ioncube_loader_lin_7.1.so
ioncube_loader_lin_5.1.so ioncube_loader_lin_7.1_ts.so
ioncube_loader_lin_5.1_ts.so LICENSE.txt
ioncube_loader_lin_5.2.so loader-wizard.php
ioncube_loader_lin_5.2_ts.so README.txt
ioncube_loader_lin_5.3.so USER-GUIDE.pdf
ioncube_loader_lin_5.3_ts.so USER-GUIDE.txt
ioncube_loader_lin_5.4.so

php -v

PHP 5.6.31-1~dotdeb+7.1 (cli) (built: Jul 11 2017 06:53:16)
Copyright (c) 1997-2016 The PHP Group

wersja php to 5.6 ioncube powinien byc 5.6 => ioncube_loader_lin_5.6.so

vim /etc/php5/apache2/php.ini

vim /etc/php5/cli/php.ini

na początku pliku dodać:

zend_extension = /usr/local/php5/ioncube/ioncube_loader_lin_5.6.so

Upgrade PHP 5.4 to 5.6 Debian 7 -> Wheezy

vim /etc/apt/sources.list

=>
deb http://packages.dotdeb.org wheezy-php56 all
deb-src http://packages.dotdeb.org wheezy-php56 all

apt-get update

ERROR:
W: GPG error: http://packages.dotdeb.org wheezy-php55 Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY E9C74FEEA2098A6E

wget http://www.dotdeb.org/dotdeb.gpg

apt-key add dotdeb.gpg

apt-get update

apt-get install php5

service apache2 restart