- Harden apache on debian and wordpress
I checked out
# set security headers in apache
# test with https://www.keycdn.com/blog/http-security-headers
and added in cat /etc/apache2/conf-enabled/security.confHeader set X-XSS-Protection “1; mode=block”
Header set X-Frame-Options “SAMEORIGIN”
Header set X-Content-Type-Options “nosniff”
Header set Feature-Policy “autoplay ‘none’; camera ‘none'”
Header always set Referrer-Policy “same-origin”
Header set Strict-Transport-Security “max-age=31536000; includeSubDomains; preload”
Header always set Permissions-Policy “geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()”
Then I went to the the WordPress installed directory
See: https://blog.sucuri.net/2012/07/wordpress-and-server-hardening-taking-security-to-another-level.html# adduser wordpressuser
# cd /var/www/pathtoyoursite
# chown -R wordpressuser:apache .
# chmod -R 750 .
# find . -type f -exec chmod 440 {} \;
#find . -name “*.php” -exec chmod 440 {} \;
#find . -type d -exec chmod 750 {} \;update WordPress I do with the wp.cli commands:
since I use root I run it with –allow-root:#wp plugin install wordfence –activate –allow-root
#wp plugin install cookie-law-info –activate –allow-root
#wp core update –skip-plugins –skip-themes –allow-root
#wp theme update –all –allow-root
#wp plugin update –all –allow-root - what’s next
You’ve probably heard that Pokemon Go players are going out and “catching ’em all”. Well, in honor of them (and you caught my drift), let’s talk about how to reach heaven. I’m not talking about Heaven itself here. I’m talking about how to get there from here.
We all want to live forever. And we all want free Wi-Fi everywhere and a smart blender. But the 5 steps you need to take to get there are different.
The afterlife is a mysterious place, and it can be hard to predict what’s waiting for us when we die. However, that hasn’t stopped people from trying to describe it. Below are 5 descriptions of the afterlife from famous scientists\’ statements on religion. Hearing more after my logic thought “5 steps? What can that really be?”. Did I have an idea of what this could be? Of course. Could I have guessed it in advance? Not even in the farthest corner of my mind could I have considered this possibility.
The afterlife is a big unknown. It’s hard to imagine what it will be like, but many of us want to know what happens when we die.
There are many theories about what happens after we die, but there is no scientific evidence that any of them are true. However, there are some things we do know about death and the afterlife:
We don’t need food or water after we die. Our bodies stop working and start to decay.
Our brains stop working very soon after our hearts stop beating. This means that if you’re not brain dead, your mind will still be active until you’re dead.
When your brain stops working, other organs in your body stop working as well — especially those organs that control breathing and heartbeat. This means that once your brain stops working, it won’t ever work again, even if someone brings you back from the brink of death with CPR or defibrillation (both forms of life support). The exception is if someone keeps you alive using artificial life support machines for years after your heart stops beating and your brain stops functioning normally — in which case you might eventually regain consciousness again if doctors can keep machines like ventilators going long enough for you to recover from being
In this article, I am going to introduce you to the five most common ways of getting into the afterlife.
1: The soul is recycled and reborn into another body. This is done by your soul being sent back to earth in a new body with a different genetic makeup. The idea is that every time we die, our soul goes through a rebirth cycle where it takes on new experiences, encounters and interactions with the world at large. This process continues until you have learned all that you need to learn from life on Earth and can then move on to higher levels of existence.
2: The soul lives in heaven for eternity. This one is pretty straightforward; after death, your soul goes straight up to heaven where it lives out an eternal life of happiness and joy with no other worries or cares in the world. Heaven is usually depicted as being somewhere above us (and possibly outside our solar system), but some people believe that there are multiple heavens (or multiple levels) within this one universe and that they may even exist within other universes as well! Many religions teach that God Himself will welcome us into His wonderful kingdom when we die, but others say that only those who have earned their way
The afterlife is a location that is either in another dimension or plane of existence, or an imagined realm that transcends physical reality. The concept of an afterlife is found in many religious and philosophical systems, as well as in fiction.
The Abrahamic religions believe that a human soul can survive death and reach an afterlife, where it will be judged by God. According to these religions, the dead will then be consigned to heaven (the Garden of Eden) or hell (the Netherworld).
There are different traditions regarding the timing of a person’s death and the transition to the afterlife. In some cultures, such as those of Ancient Egypt and ancient Greece, funerary rituals included provisions for a safe passage to the afterlife; this was accomplished through magic spells and offerings made to gods, who were thought to intervene in human affairs.[11] Other cultures like the Vikings and Japanese left their dead on board ship for transportation to Valhalla.[12] In most pre-modern pagan traditions, such as those of northern Europe and modern-day Scandinavia, a person’s fate after death was often tied directly to the circumstances surrounding their birth; for example if they were born under poor astrological conditions,
There are five methods to get there alive:
- You can become immortal through the use of science and technology (becoming a cyborg or an AI).
- You can become immortal by making yourself immortal by having an heir or heirship that will carry on after you die (i.e., having children).
- You can become immortal through faith in God or a higher power, either by being saved after death (by going to Heaven) or being resurrected from death (by returning as a zombie).
- You can become immortal by using science and technology but not getting caught (i.e., not dying at all, or at least not until you want to).
- You can become immortal by using faith in God or a higher power but not getting caught (i.e., not dying at all, or at least not until you want to).
- HTTP 2.2
Where is the gold
https://cheapsslsecurity.com/p/the-advantages-of-http2/
https://www.howtoforge.com/how-to-enable-http-2-in-apache/
https://http2.pro/doc/Apache
https://www.collectiveray.com/what-is-http2
https://www.tecmint.com/enable-http2-in-apache-on-ubuntu/Debian 10
apt-get install php7.4-fpm
a2dismod php7.4
a2enconf php7.4-fpm
a2enmod proxy_fcgia2dismod mpm_prefork
a2enmod mpm_event
a2enmod ssl
a2enmod http2
systemctl restart apache2
Protocols h2 http/1.1
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/public_html/example.com
SSLEngine on
SSLCertificateKeyFile /path/to/private.pem
SSLCertificateFile /path/to/cert.pem
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
Protocols h2 http/1.1 - remote desktopwhat a farce
XRDP installation
https://linuxize.com/post/how-to-install-xrdp-on-debian-10/ - How to handle VOIP
install software on laptop / mobile
https://www.64characters.com/telephone/
for installation see LINKcheck out this one link voyced.eu
- Reset wordpress password for user from mysql
mysql -u USER -p
use database;
select id, user_login, user_pass FROM wp-users;update wp-users set user_pass = MD5(MYNEWPASSWORD);
select id, user_login, user_pass FROM wp-users; - Adding old files to awstats
/usr/lib/cgi-bin/awstats.pl -update -config="example.com" -LogFile="/usr/share/awstats/tools/logresolvemerge.pl /var/log/apache2/access.log* |"
- debian lamp with php 7.3.
apt-get -y update
apt-get -y upgrade
# install apache software-prop
apt-get -y install tasksel apache2 software-properties-common mariadb-client mariadb-server python-certbot-apache lsb-release apt-transport-https ca-certificates
# install php 7.3
apt -y install lsb-release apt-transport-https ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” | tee /etc/apt/sources.list.d/php7.3.list
apt-get -y updateapt-get -y upgradeapt-get -y install libapache2-mod-php7.3 php7.3-gd php7.3-mysql php7.3-curl php7.3-intl php7.3-xsl php7.3-mbstring php7.3-zip php7.3-bcmath php7.3-soap php7.3-imagick
- making a lamp with P H P
apt-get -y update
apt-get -y upgrade# install apache software-prop
apt-get -y install tasksel apache2 software-properties-common mariadb-client mariadb-server python-certbot-apache lsb-release apt-transport-https ca-certificates
# install php 7.3
apt -y install lsb-release apt-transport-https ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” | tee /etc/apt/sources.list.d/php7.3.listapt-get -y updateapt-get -y upgrade
apt-get -y install libapache2-mod-php7.3 php7.3-gd php7.3-mysql php7.3-curl php7.3-intl php7.3-xsl php7.3-mbstring php7.3-zip php7.3-bcmath php7.3-soap php7.3-imagick
### install lets encrypt#
apt-get -y install python-certbot-apache
# set cert
certbot –apache## harden mysql
mysql_secure_installation
- Letsencrypt on haproxy
I created a couple of scripts
1/ the script to create the certs
root@groupmgt:~# cat createCert.sh
#######################################
### create cert with letsencrypt ###
#######################################
#!/bin/ksh
file=”${1:-/dev/null}”
while read domain
do
echo “==================================”
echo “$domain”
#ping -c 1 $domain
#
# run command letsencrupt
letsencrypt certonly –text –webroot –webroot-path /tmp -d $domain –renew-by-default –agree-tos –email rcveen@gmail.com
echo “==================================”
done <"$file"
the second script will create the pem files for haproxy
root@groupmgt:~# cat createCert.sh
#######################################
### create cert with letsencrypt ###
#######################################
#!/bin/ksh
file=”${1:-/dev/null}”
while read domain
do
echo “==================================”
echo “$domain”
#ping -c 1 $domain
#
# run command letsencrupt
letsencrypt certonly –text –webroot –webroot-path /tmp -d $domain –renew-by-default –agree-tos –email rcveen@gmail.com
echo “==================================”
done <"$file"
root@groupmgt:~# cat createAll_PEM.sh
echo “================================”
echo “=== CREATE INPUT FILES ===”
echo “================================”
cd /etc/letsencrypt/live
ls -1 > /root/Alldirs.txt
while read dir
do
echo “dir:$dir”
cd $dir
ls -l
cat privkey.pem fullchain.pem | tee haproxy.pem
cat privkey.pem fullchain.pem | tee $dir.pem
cp $dir.pem ../../all/.
echo “created: $dir/haproxy.pem”
cd /etc/letsencrypt/live
done <"/root/Alldirs.txt"
echo “================================”
echo “=== DONE : all haproxy.pem created ===”
And the third script will update the cerst and update the haproxy part
root@groupmgt:~# cat refreshCert.sh
/usr/bin/letsencrypt renew >> /var/log/certRenewal.log
/root/createAll_PEM.sh >> /var/log/cert_createPEM.log
The haproxy part like installation and restartting after the update of the created pem’s that’s something which will not be written out in this section 🙂
- Add script to start at boot
cp script.sh /etc/init.d/.
chmod 755 /etc/init.d/script.sh
vi /etc/rc.local
# add in file
/etc/init.d/script.sh - Debian Update Magento 2.2.7 to 2.3.0
First, do the Debian updates/upgrades:
su –
apt-get update
apt-get upgrade
apt-get dist-upgrade
rebootLogin again:
cat /etc/os-release
update phpapt-get remove php7.0
apt install apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
sh -c ‘echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” > /etc/apt/sources.list.d/php.list’
apt update
apt-get install php7.1 php7.1-commonapt-get install php7.1-curl php7.1-xml php7.1-zip php7.1-gd php7.1-mysql php7.1-mbstring php7.1-mcrypt php7.1-intl php7.1-xsl php7.1-bcmath php7.1-iconv php7.1-fpm php7.1-soap
a2enmod proxy_fcgi setenvif
a2enconf php7.1-fpm
systemctl restart apache2NOTICE: You are seeing this
update Magento:
cd
composer require magento/product-community-edition 2.3.0 –no-updateSpecify additional packages for composer Run this
composer require --dev phpunit/phpunit:~6.2.0 friendsofphp/php-cs-fixer:~2.10.1 lusitanian/oauth:~0.8.10 pdepend/pdepend:2.5.2 sebastian/phpcpd:~3.0.0 squizlabs/php_codesniffer:3.2.2 --no-update
composer require –dev phpunit/phpunit:~6.2.0 friendsofphp/php-cs-fixer:~2.10.1 lusitanian/oauth:~0.8.10 pdepend/pdepend:2.5.2 sebastian/phpcpd:~3.0.0 squizlabs/php_codesniffer:3.2.2 –no-update
Remove unused packages
composer remove --dev sjparkinson/static-review fabpot/php-cs-fixer --no-update
Update autoload
Open
composer.json
and edit the"autoload": "psr-4"
section to include"Zend\\Mvc\\Controller\\": "setup/src/Zend/Mvc/Controller/"
:"Magento\\Framework\\": "lib/internal/Magento/Framework/", "Magento\\Setup\\": "setup/src/Magento/Setup/", "Magento\\": "app/code/Magento/", "Zend\\Mvc\\Controller\\": "setup/src/Zend/Mvc/Controller/"
composer update
composer require magento/product-community-edition 2.3.0 –no-update
composer updateerror with symfony:
composer require –dev phpunit/phpunit:~6.2.0 friendsofphp/php-cs-fixer:~2.10.1 lusitanian/oauth:~0.8.10 pdepend/pdepend:2.5.2 sebastian/phpcpd:~3.0.0 squizlabs/php_codesniffer:3.2.2 –no-updateError with sampledata:
./bin/magento sampledata:resetError with sampledata:
edit composer.json and remove the sampledata
see: magentosite
try again:
composer update
./bin/magento sampledata:deploy
chown -R www-data .
find . -type f -exec chmod 400 {} \;
find . -type d -exec chmod 500 {} \;
find var/ -type f -exec chmod 600 {} \;
find media/ -type f -exec chmod 600 {} \;
find var/ -type d -exec chmod 700 {} \;
find media/ -type d -exec chmod 700 {} \;
chmod 775 /bin/magento - Updating Magento with CLIUpdating magento with cli can be handled as following:# set the correct packagecomposer require magento/product-community-edition 2.2.3 –no-updatecomposer update# Manually clear var subdirectories:rm -rf var/cache/*rm -rf var/page_cache/*rm -rf var/generation/*#correct rights magentochmod 770 bin/magento# Update the database schema and data:./bin/magento setup:upgrade# Put your storefront online./bin/magento maintenance:disable# Set rightschown -R www-data:www-data .chown -R www-data:www-data *.*chown -R www-data:www-data .*find . -type d -exec chmod 775 {} \;find . -type f -exec chmod 664 {} \;Problem after updating is that the products won’t show. This is caused by the template.. so just check if the correct version of the template is there …