LnRSoft | "Promoting passion for software development"

vnStat – a brilliant open source console-based network traffic monitor for Linux

15th September 2019 15th September 2019 / By Roland Ihasz

vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s).
Features:
Quick and simple to install and get running.
Gathered statistics persists through system reboots.
Can monitor multiple interfaces at the same time.
Several output options.
Summary, 5 minute, hourly, daily, monthly, weekly, yearly, top days.
Optional png image output (using libgd).
Data retention duration is fully user configurable on the fly.
Months can be configured to follow billing period.
Light, minimal resource usage.
Same low cpu usage regardless of traffic.
Can be used without root permissions.
Online color configuration editor.
humdi.net/vnstat/

Hardware Probe Tool for Linux

15th September 2019 15th September 2019 / By Roland Ihasz

This project really deserves a post, just came across with it and will definitively use it. The HW PROBE project aim to collect hardware details of Linux-powered computers over the world and help Linux users and developers to collaboratively debug hardware related issues.
github.com/linuxhw/hw-probe

There are other very useful tools on their main git repository, if you need to collect more specific hardware details, these tools will come very useful.
github.com/linuxhw

How to clear your DNS cache on OSX 10.10.4 or above

31st July 2019 31st July 2019 / By Roland Ihasz

MacOS® 10.10.4 and above
To clear your DNS cache if you use MacOS X version 10.10.4 or above, perform the following steps:

Click Applications.
Click Utilities.
Click Terminal.
Run the following command:

sudo killall -HUP mDNSResponder

1	sudo killall -HUP mDNSResponder

Or on Microsoft Windows version 7, 8, 10 type the following command to the command prompt:

ipconfig /flushdns

1	ipconfig /flushdns

[OSX] How to install ssh-askpass for OS X/macOS

27th May 2019 26th June 2019 / By Roland Ihasz

You can install ssh-askpass using Homebrew, this method also works on the latest Mojave 10.14.5 version.

$ brew tap theseal/ssh-askpass
$ brew install ssh-askpass

1 2	$ brew tap theseal/ssh-askpass $ brew install ssh-askpass

[PHP] How to return IP address of a host / domain

26th May 2019 26th May 2019 / By Roland Ihasz

Here is a quick solution written in php that you can use to determine the current IP address of a given webhost/domain.

<?php
echo GetClientIP(true);

function GetClientIP($validate = False)
{
    $ipkeys = array(
        'REMOTE_ADDR',
        'HTTP_CLIENT_IP',
        'HTTP_X_FORWARDED_FOR',
        'HTTP_X_FORWARDED',
        'HTTP_FORWARDED_FOR',
        'HTTP_FORWARDED',
        'HTTP_X_CLUSTER_CLIENT_IP'
    );
    
    $ip = array();
    foreach ($ipkeys as $keyword)
    {
        if (isset($_SERVER[$keyword]))
        {
            if ($validate)
            {
                if (ValidatePublicIP($_SERVER[$keyword]))
                {
                    $ip[] = $_SERVER[$keyword];
                }
            }
            else
            {
                $ip[] = $_SERVER[$keyword];
            }
        }
    }
    
    $ip = (empty($ip) ? 'Unknown' : implode(", ", $ip));
    return $ip;
}

function ValidatePublicIP($ip)
{
    if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE))
    {
        return true;
    }
    else
    {
        return false;
    }
}

<?php

echo GetClientIP(true);

function GetClientIP($validate = False)

{

$ipkeys = array(

'REMOTE_ADDR',

'HTTP_CLIENT_IP',

'HTTP_X_FORWARDED_FOR',

'HTTP_X_FORWARDED',

'HTTP_FORWARDED_FOR',

'HTTP_FORWARDED',

'HTTP_X_CLUSTER_CLIENT_IP'

);

$ip = array();

foreach ($ipkeys as $keyword)

{

if (isset($_SERVER[$keyword]))

{

if ($validate)

{

if (ValidatePublicIP($_SERVER[$keyword]))

{

$ip[] = $_SERVER[$keyword];

}

else

{

$ip[] = $_SERVER[$keyword];

}

$ip = (empty($ip) ? 'Unknown' : implode(", ", $ip));

return $ip;

}

function ValidatePublicIP($ip)

{

if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE))

{

return true;

}

else

{

return false;

}

[Linux] Install WordPress on Ubuntu Server with add-on features as HTTPS support, SSL certificate and HTTP2 supports

14th May 2019 14th May 2019 / By Roland Ihasz

sudo apt-get install apache2 apache2-utils 
sudo systemctl enable apache2
sudo systemctl start apache2
sudo apt-get install mysql-client mysql-server
sudo mysql_secure_installation 
sudo apt-get install php7.2 php7.2-mysql libapache2-mod-php7.2 php7.2-cli php7.2-cgi php7.2-gd  
sudo nano  /var/www/html/info.php

sudo apt-get install apache2 apache2-utils

sudo systemctl enable apache2

sudo systemctl start apache2

sudo apt-get install mysql-client mysql-server

sudo mysql_secure_installation

sudo apt-get install php7.2 php7.2-mysql libapache2-mod-php7.2 php7.2-cli php7.2-cgi php7.2-gd

sudo nano /var/www/html/info.php

<?php 
phpinfo();
?>

<?php

phpinfo();

sudo a2enmod rewrite
sudo apache2ctl configtest

wget -c http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz
sudo rsync -av wordpress/* /var/www/html
sudo chown -R www-data:www-data /var/www/html
sudo chmod -R 755 /var/www/html

sudo a2enmod rewrite

sudo apache2ctl configtest

wget -c http://wordpress.org/latest.tar.gz

tar -xzvf latest.tar.gz

sudo rsync -av wordpress/* /var/www/html

sudo chown -R www-data:www-data /var/www/html

sudo chmod -R 755 /var/www/html

mysql -u root -p

1	mysql -u root -p

CREATE DATABASE wp;
GRANT ALL PRIVILEGES ON wp.* TO 'dbuser'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
EXIT;

CREATE DATABASE wp;

GRANT ALL PRIVILEGES ON wp.* TO 'dbuser'@'localhost' IDENTIFIED BY 'password';

FLUSH PRIVILEGES;

EXIT;

sudo mv wp-config-sample.php wp-config.php
sudo nano wp-config.php

sudo systemctl restart apache2.service 
sudo systemctl restart mysql.service

sudo mv wp-config-sample.php wp-config.php

sudo nano wp-config.php

sudo systemctl restart apache2.service

sudo systemctl restart mysql.service

Enable HTTPS supports:

Create a ssl-params.conf file and add the following definition below to it, then save it.

$ sudo nvim /etc/apache2/conf-available/ssl-params.conf

1	$ sudo nvim /etc/apache2/conf-available/ssl-params.conf

# Cipherli.st Strong Ciphers for Apache url: https://cipherli.st/
# Addong some Strong SSL Security on Apache2
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off

# Cipherli.st Strong Ciphers for Apache url: https://cipherli.st/

# Addong some Strong SSL Security on Apache2

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH

SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

SSLHonorCipherOrder On

Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"

Header always set X-Frame-Options DENY

Header always set X-Content-Type-Options nosniff

# Requires Apache >= 2.4

SSLCompression off

SSLUseStapling on

SSLStaplingCache "shmcb:logs/stapling-cache(150000)"

# Requires Apache >= 2.4.11

SSLSessionTickets Off

Next thing to do is create a backup of the original default-ssl.conf file.

$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak

1	$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak

Then modify it accordingly, we are deploying a wordpress site in this particular example we use the following adjustments.

ServerName lnrsoft.ddns.net
ServerAlias lnrsoft.ddns.net

Redirect permanent / https://lnrsoft.ddns.net/
DocumentRoot /var/www/html

Protocols h2 http:/1.1

<If "%{HTTP_HOST} == 'lnrsoft.ddns.net'">
    Redirect permanent / https://lnrsoft.ddns.net/

SSLEngine on
  
Options FollowSymLinks
AllowOverride All
Require all granted
  
SSLProtocol +TLSv1.2

ServerName lnrsoft.ddns.net

ServerAlias lnrsoft.ddns.net

Redirect permanent / https://lnrsoft.ddns.net/

DocumentRoot /var/www/html

Protocols h2 http:/1.1

Redirect permanent / https://lnrsoft.ddns.net/

SSLEngine on

Options FollowSymLinks

AllowOverride All

Require all granted

SSLProtocol +TLSv1.2

Enable HTTP2 supports:

<VirtualHost *:443>
  ServerName lnrsoft.ddns.net
  ServerAlias lnrsoft.ddns.net

  Protocols h2 http:/1.1

  <If "%{HTTP_HOST} == 'lnrsoft.ddns.net'">
    Redirect permanent / https://lnrsoft.ddns.net/
  </If>

  DirectoryIndex index.html index.php
  DocumentRoot /var/www            

  ErrorLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net.log
  CustomLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net-access.log combined

  SSLEngine On
  SSLCertificateFile /etc/letsencrypt/live/lnrsoft.ddns.net/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/lnrsoft.ddns.net/privkey.pem
  SSLCertificateChainFile /etc/letsencrypt/live/lnrsoft.ddns.net/chain.pem

  <Directory /var/www>
      Options FollowSymLinks
      AllowOverride All
      Require all granted
  </Directory>

</VirtualHost>

ServerName lnrsoft.ddns.net

ServerAlias lnrsoft.ddns.net

Protocols h2 http:/1.1

Redirect permanent / https://lnrsoft.ddns.net/

</If>

DirectoryIndex index.html index.php

DocumentRoot /var/www

ErrorLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net.log

CustomLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net-access.log combined

SSLEngine On

SSLCertificateFile /etc/letsencrypt/live/lnrsoft.ddns.net/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/lnrsoft.ddns.net/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/lnrsoft.ddns.net/chain.pem

Options FollowSymLinks

AllowOverride All

Require all granted

</Directory>

</VirtualHost>

It is also recommended adding strong ciphers for Apache to increase SSL Security on the server.
Part of my Best Practices to deploy a secure webserver, virtual personal server or database serve is to add the recommended ciphers from Cipherli.st.

Install Oracle Java 12 on Ubuntu

4th May 2019 5th May 2019 / By Roland Ihasz

You need to add the PPA. (Surce: “Linux Uprising” team)
Install:

sudo add-apt-repository ppa:linuxuprising/java
sudo apt-get update
sudo apt-get install oracle-java12-installer
sudo apt-get install oracle-java12-set-default

sudo add-apt-repository ppa:linuxuprising/java

sudo apt-get update

sudo apt-get install oracle-java12-installer

sudo apt-get install oracle-java12-set-default

For multiple java versions, install [or uninstall] oracle-java12-set-default package to set [or not] Java 12 as default.
Verify:

post@lnrsoft:$ java --version
java 12.0.1 2019-04-16
Java(TM) SE Runtime Environment (build 12.0.1+12)
Java HotSpot(TM) 64-Bit Server VM (build 12.0.1+12, mixed mode, sharing)

post@lnrsoft:$ java --version

java 12.0.1 2019-04-16

Java(TM) SE Runtime Environment (build 12.0.1+12)

Java HotSpot(TM) 64-Bit Server VM (build 12.0.1+12, mixed mode, sharing)

Remove it: … use the following command if you need to uninstall it:

sudo apt-get remove oracle-java12-installer

1	sudo apt-get remove oracle-java12-installer

Sourcetrail a cross-platform source explorer for C/C++ and Java*

11th April 2019 12th April 2019 / By Roland Ihasz

Sourcetrail a cross-platform source explorer, great and powerful tool to have it.
I personally recommend it for any junior or senior developers. A cross-platform source explorer for C/C++ and Java* deserves a blog post to reach more developers as well as serious commercial customers.

Watch Sourcetrail on Youtube

* Free for non-commercial use

How to Install Google Authenticator on Ubuntu Server

15th March 2019 27th March 2019 / By Roland Ihasz

Install Google Authenticator:

sudo apt-get install libpam0g-dev make gcc wget autoconf libtool libpng-dev automake autotools-dev pkg-config libltdl-dev m4
cd ~
git clone https://github.com/google/google-authenticator-libpam.git
cd google-authenticator-libpam
./bootstrap.sh
./configure
make
sudo make install

sudo apt-get install libpam0g-dev make gcc wget autoconf libtool libpng-dev automake autotools-dev pkg-config libltdl-dev m4

cd ~

git clone https://github.com/google/google-authenticator-libpam.git

cd google-authenticator-libpam

./bootstrap.sh

./configure

make

sudo make install

Install qrencode:

cd ~
wget https://fukuchi.org/works/qrencode/qrencode-4.0.2.tar.gz
tar -xf qrencode-4.0.2.tar.gz
cd qrencode-4.0.2/
./configure
make
sudo make install
sudo ldconfig

cd ~

wget https://fukuchi.org/works/qrencode/qrencode-4.0.2.tar.gz

tar -xf qrencode-4.0.2.tar.gz

cd qrencode-4.0.2/

./configure

make

sudo make install

sudo ldconfig

youtube-dl arguments

14th February 2019 11th May 2019 / By Roland Ihasz

Best Audio Quality for mp3 (with –ffmpeg-location):

youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=mp3]/bestvideo+bestaudio' --extract-audio --audio-format 'mp3' --audio-quality '8' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx

1	youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=mp3]/bestvideo+bestaudio' --extract-audio --audio-format 'mp3' --audio-quality '8' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx

Best Audio/Video Quality for mp4 (with –ffmpeg-location):

youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=m4a]/bestvideo+bestaudio' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx

1	youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=m4a]/bestvideo+bestaudio' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx

Login to WordPress or other accounts using python selenium package

20th January 2019 21st January 2019 / By Roland Ihasz

The best way to install the selenium package is using the following command:

$ pip install selenium

or on macOS with Homebrew

$ brew install geckodriver

If you are using Anaconda just simply activate your virtual environment and then install geckodriver using the following command:

$ conda install -c conda-forge geckodriver

Then you’ll need a driver to interface with the browser you choose. I used Firefox in this example, therefore I downloaded the required geckodriver driver.
Drivers for other browser: selenium-python.readthedocs.io
You might need to set the PATH of your geckodriver.

This python source code will pull up a Firefox window and open the url that you need set https://yourwpdomain.com/wp-login.php, then find user_login and user_pass elements on the page (by the id) and finally send a click() function to the submitButton.
If everything goes well the next thing you should see is your WordPress dashboard page in the browser.

from selenium import webdriver

browser = webdriver.Firefox()
#browser = webdriver.Firefox(executable_path=r'your\path\geckodriver.exe')  
url = "https://yourwpdomain.com/wp-login.php" # set your WordPress domain
browser.get(url)  

username = browser.find_element_by_id("user_login") 
password = browser.find_element_by_id("user_pass") 

username.send_keys("yourUserName") # add your WordPress UserName
password.send_keys("yourPassword") # add your WordPress Password

submitButton = browser.find_element_by_id("wp-submit") 
submitButton.click()

from selenium import webdriver

browser = webdriver.Firefox()

#browser = webdriver.Firefox(executable_path=r'your\path\geckodriver.exe')

url = "https://yourwpdomain.com/wp-login.php" # set your WordPress domain

browser.get(url)

username = browser.find_element_by_id("user_login")

password = browser.find_element_by_id("user_pass")

username.send_keys("yourUserName") # add your WordPress UserName

password.send_keys("yourPassword") # add your WordPress Password

submitButton = browser.find_element_by_id("wp-submit")

submitButton.click()

If you are using Windows you might need to set the geckodriver PATH with FirefoxDriver.

browser = webdriver.Firefox(executable_path=r'your\path\geckodriver.exe')

1	browser = webdriver.Firefox(executable_path=r'your\path\geckodriver.exe')

How to use wget without adding –no-check-certificate

20th January 2019 20th January 2019 / By Roland Ihasz

You need to add a check_certificate = off line into your .wgetrc file in your Home directory.
Or simply run this command on your terminal.

echo "check_certificate = off" >> ~/.wgetrc

1	echo "check_certificate = off" >> ~/.wgetrc

After this wget will add this –no-check-certificate automatically from your .wgetrc file.