Category: How to

Posted on

How To Install and Configure Squid 3 on Ubuntu

Install and Configure Squid 3 on Ubuntu

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Squid proxy is used by various organisation and internet providers to reduce bandwidth and to increase response time. In this tutorial we will show you how to install and configuration of Squid on your Ubuntu server.

This article assumes you have at least basic knowledge of linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple. I will show you through the step by step installation Squid on Ubuntu server.

Install and Configure Squid 3 on Ubuntu

Step 1. To install, first you must update yum repository and packages by typing the below command:

 apt-get -y update

Step 2. Installing Squid proxy server.

Install squid package and dependencies using the below command:

 apt-get -y install squid3

Step 3. Edit squid configuration file ‘/etc/squid/squid.conf’

 nano /etc/squid3/squid.conf
# Recommended minimum configuration:
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid3/squid_passwd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl Safe_ports port 80            # http
acl Safe_ports port 21            # ftp
acl Safe_ports port 443           # https
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280           # http-mgmt
acl Safe_ports port 488           # gss-http
acl Safe_ports port 591           # filemaker
acl Safe_ports port 777           # multiling http
acl SSL_ports port 9001           # webmin
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_port 3128

#Setting up multiple outgoing IP addresses
#acl godet myip 192.168.1.100
#tcp_outgoing_address 192.168.1.100 godet
#acl jaran myip 192.168.1.101
#tcp_outgoing_address 192.168.1.101 jaran

hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid3
cache deny all

refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern .        0    20%    4320

icp_port 3130

forwarded_for off

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
visible_hostname wpcademy.com

Step 4. Create our authentication file which Squid can use to verify for user authentications:

 #htpasswd -b /etc/squid3/squid_passwd username password

Example:

 htpasswd -b -c /etc/squid3/squid_passwd ranty ratna

Step 5. After making changes to the config file, save the file and restart the squid server service to effect the changes using the following command entered at a terminal prompt:

 service squid3 restart

If you experience any problems, you can check the access.log for more information:

 sudo tail -f /var/log/squid3/access.log

So you have successfully installed Squid . Thanks for using this tutorial for installing Squid caching proxy in Ubuntu system. For additional help or useful information, we recommend you to check the official Squid web site.

Posted on

How To Install FFmpeg and FFmpeg-PHP Extension on CentOS

Install FFmpeg and FFmpeg-PHP Extension on CentOS

FFmpeg is a cross-platform solution for streaming audio and video as well as recording and conversion. There’s also a great PHP package called ffmpeg-php that allows for easy use of FFmpeg from inside PHP scripts. In this tutorial we will learn Install FFmpeg and FFmpeg-PHP Extension on CentOS server.

Install FFmpeg on CentOS

Step 1. To install, first you must add the DAG yum repository information corresponding to your CentOS/RHEL version to yum:

 #nano /etc/yum.repos.d/dag.repo

Add the following text to the file and save:

[dag]
name=DAG RPM Repository
baseurl=http://apt.sw.be/redhat/el$releasever/en/$basearch/dag
gpgcheck=1
enabled=1

Step 2. After add Dag repository, Use yum to install ffmpeg using following command.

#<code>rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
#yum install ffmpeg ffmpeg-devel ffmpeg-libpostproc

 

FFmpeg Basic Commands

#ffmpeg -version:            show version
#ffmpeg -formats:            show available formats
#ffmpeg -codecs:             show available codecs
#ffmpeg -decoders:           show available decoders
#ffmpeg -encoders:           show available encoders
#ffmpeg -bsfs:               show available bit stream filters
#ffmpeg -protocols:          show available protocols
#ffmpeg -pix_fmts:           show available pixel formats
#ffmpeg -layouts:            show standard channel layouts
#ffmpeg -sample_fmts:        show available audio sample formats
#ffmpeg -filters:            show available filters

 Install FFmpeg-PHP Extension on CentOS

Step 1.

 #yum install php-gd php-devel

Step 2.Download the latest ffmpeg-php release

#wget http://nchc.dl.sourceforge.net/project/ffmpeg-php/ffmpeg-php/0.6.0/ffmpeg-php-0.6.0.tbz2
#tar -xjf ffmpeg-php-0.6.0.tbz2
#cd ffmpeg-php-0.6.0
#phpize
#./configure
#make
#make install

If you get  [ffmpeg_movie.lo] Error 1 when compiling ffmpeg-php, then you will need to do:

#nano ffmpeg_movie.c
Changes in ffmpeg_movie.c:
#row 311: list_entry *le; to zend_rsrc_list_entry *le;
#row 346: list_entry new_le; to zend_rsrc_list_entry new_le;
#row 360: hashkey_length+1, (void *)&new_le, sizeof(list_entry), to hashkey_length+1, (void *)&new_le,sizeof(zend_rsrc_list_entry),

 

Step 3. Copy the ffmpeg.so module in php default module location. Now you have to edit php.ini file to enable ffmpeg-php support in it by using ffmpeg.so module.

 #nano /etc/php.ini

Put the below two lines at the end of the php.ini file

[ffmpeg]
extension=ffmpeg.so

FFmpeg-PHP extension should now be installed. You can check by creating a file called info.php in /var/www/html/ with the following content:

<?php phpinfo(); ?>
Posted on

How To Backup and Restore MySQL Database Using Command Line

Backup and Restore MySQL Database Using Command Line

This tutorial guide will show you two easy ways to Backup and Restore MySQL Database Using Command Line – mysqldump. You can also use this process to move your data to a new web server. We assume that you already have MySQL installed on Linux system with administrative privileges and we assume that you already have a small amount of knowledge on MySQL.

The parameters of the said command as follows.

  • [uname] Your database username.
  • [passwd] The password for your database (note there is no space between -p and the password).
  • [dbname] The name of your database.
  • [backupdb.sql] The filename for your database backup.

Backup and Restore MySQL Database Using Command Line

Backup MySQL database

First, you can check MySQL databases from your server:

#mysql -h localhost -u root -p
#mysql> show databases;

The following command will dump all databases to an sql file. Replace pass with your root database password and filename with the name of the file you wish to create such as backupdb.sql

Back up multiple databases in MySQL

 #mysqldump –u[uname] –p[passwd] [database name 1] [database name 2] > backup.sql

Example:

 #mysqldump –u root –pidroidus chedelics radiks > backup.sql

Backup all databases in MySQL

 #mysqldump –u [uname] –p[passwd] –all-databases > backup.sql

Example:

 #mysqldump –u root –pidroidus –all-databases > backup.sql

Back up your MySQL Database with Compress

 #mysqldump -u root -p[passwd] --databases [dbname] | gzip > backup.sql.gz

Example:

 #mysqldump -u root -pidroidus --databases  | gzip > backup.sql.gz

Restore MySQL database from a backup file

Above we backup the Tutorials database into backupdb.sql file. To re-create the Tutorials database you should follow two steps:

  • Create an appropriately named database on the target machine
  • Load the file using the mysql command:
 #mysqladmin -u root -p create [dbname]
 #gzip -d backupdb.sql.gz #mysql -uroot -p[passwd] [dbname] < backupdb.sql

Example:

#mysqladmin -u root -p create chedelics
#gzip -d backupdb.sql.gz
#backupdb.sql
#mysql -uroot -pidroidus chedelics < backupdb.sql
Posted on

How To Configure Nginx With SSL

Configure Nginx With SSL

Transport Layer Security (TLS) and Secure Socket Layer (SSL) provide an easy method to encrypt connections between end-users and web servers. SSL uses a certificate authority system to provide identity verification in order to prevent websites from falsely claiming to be another organization or website. This tutorial shows you how to set up strong SSL security on the nginx webserver. In this tutorial we will learn how to install and configuration of Nginx with SSL on your Linux server.

Configure Nginx With SSL

Required:

  • Assuming you’ve installed webserver nginx.
  • I use Namecheap as a registrar, and they resale SSL Certs from a number of other companies, including Comodo.

Step 1. Create a directory

 mkdir -p /etc/nginx/ssl/wpcademy.com

Step 2. Generating Your SSL Key and CSR

Prior to purchasing a cert, you need to generate a private key, and a CSR file (Certificate Signing Request). You’ll be asked for the content of the CSR file when ordering the certificate. For Common Name enter your intended domain name without ‘www’ i.e. wpcademy.com. If it’s a Wildcard SSL, use *.wpcademy.net.

 openssl req -nodes -newkey rsa:2048 -keyout wpcademy.net.key -out wpcademy.com.csr

Step 3. Create a certificate bundle

After purchase the certificate, You’ll eventually get an email with your SSL Certificate. It contains a zip file with the following:

  • AddTrustExternalCARoot.crt
  • COMODORSAAddTrustCA.crt
  • COMODORSADomainValidationSecureServerCA.crt
  • wpcademy.com.crt
 cat wpcademy_net.crt AddTrustExternalCARoot.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt >> ssl-bundle.crt

Once create a certificate bundle you can move it to your Nginx SSL directory.

 mv ssl-bundle.crt /etc/nginx/ssl/wpcademy.com/

Step 4. Configure the Certificate for nginx

Go to nginx virtual host configuration, using SSL with nginx requires a modification to the listen directive and three ssl-related directives as shown in the following examples:

 nano /etc/nginx/conf.d/ssl.conf
server {
   listen 443 ssl spdy;
   server_name www.wpcademy.com wpcademy.com;
   root /var/www/wpcademy.com/public_html;
   index index.php index.html index.htm;
   server_tokens off;

   #SSL CONF
   ssl on;
   ssl_certificate /etc/nginx/ssl/wpcademy.com/ssl-bundle.crt;
   ssl_certificate_key /etc/nginx/ssl/wpcademy.com/wpcademy.us.key;


   #SSL
   ssl_session_cache shared:SSL:20m;
   ssl_session_timeout 10m;

   ssl_prefer_server_ciphers On;
   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

   ssl_stapling on;
   ssl_stapling_verify on;
   resolver 8.8.8.8 8.8.4.4 valid=300s;
   resolver_timeout 10s;

   # permalink
   location / {
      try_files $uri $uri/ /index.php?$args;
   }

   # php-script handler
   location ~ \.php$ {
      fastcgi_index index.php;
      fastcgi_pass 127.0.0.1:9000;
      root    /var/www/wpcademy.com/public_html;
      fastcgi_param SCRIPT_FILENAME /var/www/wpcademy.com/public_html$fastcgi_script_name;
      include /etc/nginx/fastcgi_params;
   }

location  ~ /\.ht {
               deny  all;
           }
    }

Step 5. Redirect HTTP Virtual Hosts to HTTPS

 return 301  https://wpcademy.com$request_uri;

Step 6. Restart/reload nginx

 /etc/init.d/nginx restart

Congratulation’s! You have successfully installed Nginx with SSL. Thanks for using this tutorial for installing and configuration Nginx with SSL on Linux system. For additional help or useful information, we recommend you to check the official Nginx web site

Posted on

How To Install Orangescrum on Ubuntu 18.04 LTS

Install Orangescrum on Ubuntu 18

Orangescrum is a free, open source, flexible project management web application written using CakePHP. It helps you to manage projects, teams, documents, and tasks, all in one place. Orangescrum provides various features like agile project management, collaboration, issue tracking, notifications, reporting, task management, and traditional project management functionality for small/medium businesses. Continue reading “How To Install Orangescrum on Ubuntu 18.04 LTS”

Posted on

How To Install Graylog on Ubuntu 18.04 LTS

Install Graylog on Ubuntu 18

Graylog is a free and open source powerful centralized log management tool based on Elasticsearch and MongoDB. Graylog helps you to collect, index and analyze any machine logs centrally.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Graylog on an Ubuntu 18.04 (Bionic Beaver) server.

Install Graylog on Ubuntu 18.04 LTS Bionic Beaver

Step 1. First, make sure that all your system packages are up-to-date by running these following apt-get commands in the terminal.

sudo apt update
sudo apt upgrade

Step 2. Installing Java.

Graylog is built using java, so it can technically run anywhere, however this may require you to install the Java Development Kit which contains the Runtime Environment too:

sudo apt install apt-transport-https uuid-runtime pwgen openjdk-8-jre-headless

Now check the java version:

java -version

Step 3. Installing MongoDB.

A stable version of MongoDB packages are already in the default Ubuntu repository. However, the version in Ubuntu’s repository isn’t the latest. If you want to install the latest version you must add a third-party repository to your system and install it from there:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6

After adding the repository key to Ubuntu, run the commands below to add MongoDB repository to your system:

echo "deb http://repo.mongodb.org/apt/ubuntu trusty/mongodb-org/3.4 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.4.list

After that, update your system and refresh existing repositories by running the commands below:

apt update

And now install the latest stable version of MongoDB:

apt install -y mongodb-org

Step 4. Installing Elasticsearch.

First, install Elasticsearch using the apt package manager from the official Elastic repository:

wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb http://packages.elastic.co/elasticsearch/2.x/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-2.x.list
apt-get update

Then, install Elasticsearch with apt using the following command:

apt-get -y install elasticsearch

Start the Elasticsearch service and set it to automatically start on boot:

systemctl restart elasticsearch
systemctl enable elasticsearch

Once Elasticsearch is installed, you will need to modify the Elasticsearch main configuration file:

nano /etc/elasticsearch/elasticsearch.yml

Make the following changes:

cluster.name: graylog
network.host: 127.0.0.1
discovery.zen.ping.timeout: 10s
discovery.zen.ping.multicast.enabled: false
discovery.zen.ping.unicast.hosts: ["127.0.0.1:9300"]
script.inline: false
script.indexed: false
script.file: false

After a few seconds, run the following to test that Elasticsearch is running properly:

curl -X GET http://localhost:9200

Step 5. Installing Graylog.

Graylog is not available in the Ubuntu 18.04 default repository, you need to download and install the Graylog repository to your system:

wget https://packages.graylog2.org/repo/packages/graylog-2.4-repository_latest.deb
dpkg -i graylog-2.4-repository_latest.deb

Update the package lists and install Graylog:

apt-get update -y
apt-get install graylog-server -y

After you have installed the Graylog Server, you have to generate secret key for Graylog using the following command:

### pwgen -N 1 -s 96 
MTtPFSMZxAvoLsUiXXauggyJ761hwkGn1ZTN2ovb8wN2tO1LzyeNbaatOrpLukp96p0MxwHQosmMGPbmw46ojnnSORVvr2

Now create a hash password for the root user that can be used to log in to the Graylog web server using the following command:

### echo -n Password | sha256sum
e7cf3ef4f17c3999a94f2c6f612e8bmwe46b1026878e4e19398b23cehedelicsec221a

Edit the server.conf file:

nano /etc/graylog/server/server.conf

Make changes to the file as shown below:

password_secret= MTtPFSMZxAvoLsUiXXauggyJ761hwkGn1ZTN2ovb8wN2tO1LzyeNbaatOrpLukp96p0MxwHQosmMGPborm1YRojnnSORVvr2
root_password_sha2= e7cf3ef4f17c3999a94f2c6f612e8bmwe46b1026878e4e19398b23cehedelicsec221a
[email protected]
root_timezone=UTC
elasticsearch_discovery_zen_ping_unicast_hosts = ipaddress:9300
elasticsearch_shards=1
script.inline: false
script.indexed: false
script.file: false

To enable the Graylog web interface, make changes to the file as shown below:

rest_listen_uri = http://your-server-ip:12900/
web_listen_uri = http://your-server-ip:9000/

After you have modified the configuration file, you can start Graylog Service using the following commands:

systemctl enable graylog-server
systemctl restart graylog-server

Step 6. Accessing Graylog.

Graylog will be available on HTTP port 8080 by default. Open your favorite browser and navigate to http://yourdomain.com:9000 or http://server-ip:9000 and complete the required the steps to finish the installation.
Installing-Graylog-LoginScreen
Congratulation’s! You have successfully installed Graylog. Thanks for using this tutorial for installing Graylog on Ubuntu 18.04 LTS system. For additional help or useful information, we recommend you to check the official Graylog web site.

Posted on

How to Install Squid Proxy Server on Ubuntu 18.04 LTS

Install Squid Proxy Server on Ubuntu 18

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Squid proxy is used by various organisation and internet providers to reduce bandwidth and to increase response time.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Squid Proxy Server on an Ubuntu 18.04 (Bionic Beaver) server.

Install Squid Proxy Server on Ubuntu 18.04 LTS Bionic Beaver

Step 1. First make sure that all your system packages are up-to-date by running these following apt-get commands in the terminal.


sudo apt-get update
sudo apt-get upgrade

Step 2. Installing Squid Proxy on Ubuntu 18.04 LTS.

Squid proxy package is available from the Ubuntu repositories. It can be installed by running the command:

sudo apt install squid

Step 3. Configure Squid Proxy.

First, you’ll need to do a basic configuration before you can use the Squid Proxy server:

nano /etc/squid/squid.conf

# Recommended minimum configuration:

auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl Safe_ports port 80            # http
acl Safe_ports port 21            # ftp
acl Safe_ports port 443           # https
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280           # http-mgmt
acl Safe_ports port 488           # gss-http
acl Safe_ports port 591           # filemaker
acl Safe_ports port 777           # multiling http
acl SSL_ports port 9001           # webmin
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_port 3128

forwarded_for off

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
visible_hostname wpcademy.com

Step 4. Create our authentication file which Squid can use to verify for user authentications:

#htpasswd -b /etc/squid/squid_passwd username password

Example:

htpasswd -b -c /etc/squid/squid_passwd intan ramona

After making changes to the config file, save the file and restart the squid server service to effect the changes using the following command entered at a terminal prompt:

sudo systemctl restart squid

Congratulation’s! You have successfully installed Squid. Thanks for using this tutorial for installing Squid Proxy Server on your Ubuntu 18.04 LTS Bionic Beaver. For additional help or useful information, we recommend you to check the official Squid website.