LnRSoft

The best command line download utility [ aria2 ]

June 10, 2022 June 10, 2022 / By Roland Ihasz / Software Development / aria2, command line, download utility

Yes, this is a good idea to drop a post about. What is my personally favourite told to download files on any terminal/command line.
There is no doubt about it always go with aria2, ok there are very rare cases I need to use wget.

aria2 is the best too you can have, it can download everything, you name it (even magnet links faster than any client).
Anyway, we are not here about to talk about downloading any illegal copyrighted torrent files, I’m just saying it can, and does it fast.
I strongly recommend you reading its documentation before you say it’s useless.

Just an example let’s say you want to download a t0rr3nt file. Probably 99% you will end up with an error message, it’s all because you don’t know the command.
Ok here is the right one [the magnet link goes between those “”]:
aria2c –enable-dht=true “magnet:?xt=urn:btih:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”
This will work, but if you ever attempt such things, do not forget about encryption! Encrypt the whole payload using ARC4.

OK, I already crossed the line with the stuff above there are actually totally other reason why I am using it. Just few really common once:

HTTP/FTP/SFTP Options

HTTP Specific Options

FTP/SFTP Specific Options

Metalink Specific Options

RPC Options

URI, MAGNET, TORRENT_FILE, METALINK_FILE

Resuming Download

Event Hook

aria2 is the download utility I am using on command line.
aria2 On Black Duck Open Hub

for example, on my mac I have created aria2.conf file under /Users/yourusername/.aria2/aria2.conf and added the following line.
file-allocation=trunc instead of file-allocation=none.

You can add many useful things. Soon, I will add a list in my next post.

Using trunc seemingly allocates disk space very quickly, but what it actually does is that it sets file length metadata in file system, and does not allocate disk space at all. This means that it does not help avoiding fragmentation.

How to Enable and Disable Root Login in Ubuntu [for those 32 individuals asked this in the last 12 months]

June 3, 2022 June 3, 2022 / By Roland Ihasz / Software Development

OK, well, this is not one of those post I’d like to publish, but just counted how many time people asked this question in the last 12 months. I found 32 emails.
I’ll give you the simplest, permanent UNSAFE solution. Use this if you need after finishing you server installation.DO NOT LEAVE ENABLED ON A LIVE RUNNING SERVER.
There are options to enable it temporarily, or set and expire time.
Be safe!

lnrsoft@server:~$ sudo su
[sudo] password for lnrsoft: 
root@server:/home/lnrsoft# sudo passwd root
New password: 
Retype new password: 
passwd: password updated successfully
root@server:/home/lnrsoft# whoami
root
root@server:/home/lnrsoft#

lnrsoft@server:~$ sudo su

[sudo] password for lnrsoft:

root@server:/home/lnrsoft# sudo passwd root

New password:

Retype new password:

passwd: password updated successfully

root@server:/home/lnrsoft# whoami

root

root@server:/home/lnrsoft#

How to login and connect to NordVPN on Ubuntu Server

April 7, 2022 June 6, 2022 / By Roland Ihasz / Linux, Software Development, Ubuntu / NordVPN, Ubuntu Server

Installing the latest NordVPN by opening the terminal, writing the command below, and following any on-screen instructions:

sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)

Note: If you do not have a curl package, evidenced by the fact that the above does not work, you can alternatively use this command:

sh <(wget -qO - https://downloads.nordcdn.com/apps/linux/install.sh)

Additionally, if you receive the following issue:
Whoops! Permission denied accessing /run/nordvpn/nordvpnd.sock, all you need to do is write the following command:

sudo usermod -aG nordvpn $USER # and then reboot your device.

After installing NordVPN Linux Client you might get the following message when you try to login “nordvpn login”:
Continue in the browser

server@server:~$ nordvpn login
Continue in the browser: https://zwyr157wwiu6eior.com/v1/users……

There is a simple solution:
nordvpn login –legacy

server@server:~$ nordvpn login –legacy
Please enter your login details.
Email:

or even:
nordvpn login –username username –password password

How to disable the automatic ZFS snapshots on Ubuntu 20.04 with ZFS

February 26, 2022 February 26, 2022 / By Roland Ihasz / Linux, Ubuntu

Disable user snapshots

systemctl --user stop zsys-user-savestate.timer
systemctl --user disable zsys-user-savestate.timer

1 2	systemctl --user stop zsys-user-savestate.timer systemctl --user disable zsys-user-savestate.timer

Disable system snapshots

sudo mv /etc/apt/apt.conf.d/90_zsys_system_autosnapshot /etc/apt/apt.conf.d/90_zsys_system_autosnapshot.disabled

1	sudo mv /etc/apt/apt.conf.d/90_zsys_system_autosnapshot /etc/apt/apt.conf.d/90_zsys_system_autosnapshot.disabled

Re-enable user snapshots

systemctl --user start zsys-user-savestate.timer
systemctl --user enable zsys-user-savestate.timer

1 2	systemctl --user start zsys-user-savestate.timer systemctl --user enable zsys-user-savestate.timer

Re-enable system snapshots

sudo mv /etc/apt/apt.conf.d/90_zsys_system_autosnapshot.disabled /etc/apt/apt.conf.d/90_zsys_system_autosnapshot

1	sudo mv /etc/apt/apt.conf.d/90_zsys_system_autosnapshot.disabled /etc/apt/apt.conf.d/90_zsys_system_autosnapshot

2021 Updated! Install WordPress on Ubuntu Server with add-on features as HTTPS support, SSL certificate and HTTP2 supports

June 8, 2021 June 6, 2022 / By Roland Ihasz / Linux, Software Development, WordPress / apache, blog php, LAMP, server, Wordpress

sudo apt-get install apache2 apache2-utils 
sudo systemctl enable apache2
sudo systemctl start apache2
sudo apt-get install mysql-client mysql-server
sudo apt-get install php7.4 php7.4-mysql libapache2-mod-php7.4 php7.4-cli php7.4-cgi php7.4-gd  
sudo nano  /var/www/html/info.php

sudo apt-get install apache2 apache2-utils

sudo systemctl enable apache2

sudo systemctl start apache2

sudo apt-get install mysql-client mysql-server

sudo apt-get install php7.4 php7.4-mysql libapache2-mod-php7.4 php7.4-cli php7.4-cgi php7.4-gd

sudo nano /var/www/html/info.php

<?php 
phpinfo();
?>

<?php

phpinfo();

This is only for info about the server configuration and settings etc, very highly recommended to remove it after the initial test.
Simply:
sudo rm -rf /var/www/html/info.php
sudo a2enmod rewrite

sudo apache2ctl configtest
(You might get a "AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message")
There is an easy fix: 
sudo nano /etc/apache2/apache2.conf
Then Just add a line like this: 
ServerName 127.0.0.1
This should solve the issue.


It's time to download and deploy the latest wordpress version.
wget -c http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz
sudo rsync -av wordpress/* /var/www/html
sudo chown -R www-data:www-data /var/www/html
sudo chmod -R 755 /var/www/html
cd /var/www/html

This is only for info about the server configuration and settings etc, very highly recommended to remove it after the initial test.

Simply:

sudo rm -rf /var/www/html/info.php

sudo a2enmod rewrite

sudo apache2ctl configtest

(You might get a "AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message")

There is an easy fix:

sudo nano /etc/apache2/apache2.conf

Then Just add a line like this:

ServerName 127.0.0.1

This should solve the issue.

It's time to download and deploy the latest wordpress version.

wget -c http://wordpress.org/latest.tar.gz

tar -xzvf latest.tar.gz

sudo rsync -av wordpress/* /var/www/html

sudo chown -R www-data:www-data /var/www/html

sudo chmod -R 755 /var/www/html

cd /var/www/html

mysql -u root -p

1	mysql -u root -p

CREATE DATABASE dbuser;
CREATE USER 'dbuser'@'localhost' IDENTIFIED BY 'YourPassword';
GRANT ALL PRIVILEGES ON dbuser.* TO 'dbuser'@'localhost';
FLUSH PRIVILEGES;

There are several methods to determine what is our current password strength, and we can make it stronger if required.
I usually use these methods:

SHOW VARIABLES LIKE 'validate_password%';
SHOW VARIABLES LIKE 'default_authentication_plugin';

then if I need to modify something here are some useful variable settings:

SET GLOBAL validate_password.LENGTH = 8;
SET GLOBAL validate_password.policy=2;
SET GLOBAL validate_password.policy=MEDIUM;
SET GLOBAL validate_password.mixed_case_count = 1;
SET GLOBAL validate_password.number_count = 1;
SET GLOBAL validate_password.special_char_count = 1;
SET GLOBAL validate_password.check_user_name = 0;

CREATE DATABASE dbuser;

CREATE USER 'dbuser'@'localhost' IDENTIFIED BY 'YourPassword';

GRANT ALL PRIVILEGES ON dbuser.* TO 'dbuser'@'localhost';

FLUSH PRIVILEGES;

There are several methods to determine what is our current password strength, and we can make it stronger if required.

I usually use these methods:

SHOW VARIABLES LIKE 'validate_password%';

SHOW VARIABLES LIKE 'default_authentication_plugin';

then if I need to modify something here are some useful variable settings:

SET GLOBAL validate_password.LENGTH = 8;

SET GLOBAL validate_password.policy=2;

SET GLOBAL validate_password.policy=MEDIUM;

SET GLOBAL validate_password.mixed_case_count = 1;

SET GLOBAL validate_password.number_count = 1;

SET GLOBAL validate_password.special_char_count = 1;

SET GLOBAL validate_password.check_user_name = 0;

cd /var/www/html
sudo mv wp-config-sample.php wp-config.php

In the wp-config.php we will set our own database name , username password ,and host name/address.

sudo nano wp-config.php 

sudo systemctl restart apache2.service 
sudo systemctl restart mysql.service

cd /var/www/html

sudo mv wp-config-sample.php wp-config.php

In the wp-config.php we will set our own database name , username password ,and host name/address.

sudo nano wp-config.php

sudo systemctl restart apache2.service

sudo systemctl restart mysql.service

If we carefully followed all my steps above , you should have a running wordpress page by now.
You might need to run as the wordpress uses php file extensions.
sudo rm -rf /var/www/html/index.html

Enable HTTPS supports:

Create a ssl-params.conf file and add the following definition below to it, then save it.

$ sudo nvim /etc/apache2/conf-available/ssl-params.conf

1	$ sudo nvim /etc/apache2/conf-available/ssl-params.conf

# Cipherli.st Strong Ciphers for Apache url: https://cipherli.st/
# Addong some Strong SSL Security on Apache2
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off
SSLUseStapling on
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
# Requires Apache >= 2.4.11
SSLSessionTickets Off

# Cipherli.st Strong Ciphers for Apache url: https://cipherli.st/

# Addong some Strong SSL Security on Apache2

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH

SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

SSLHonorCipherOrder On

Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"

Header always set X-Frame-Options DENY

Header always set X-Content-Type-Options nosniff

# Requires Apache >= 2.4

SSLCompression off

SSLUseStapling on

SSLStaplingCache "shmcb:logs/stapling-cache(150000)"

# Requires Apache >= 2.4.11

SSLSessionTickets Off

Next thing to do is create a backup of the original default-ssl.conf file.

$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak

1	$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak

Then modify it accordingly, we are deploying a wordpress site in this particular example we use the following adjustments.

ServerName lnrsoft.ddns.net
ServerAlias lnrsoft.ddns.net

Redirect permanent / https://lnrsoft.ddns.net/
DocumentRoot /var/www/html

Protocols h2 http:/1.1

<If "%{HTTP_HOST} == 'lnrsoft.ddns.net'">
    Redirect permanent / https://lnrsoft.ddns.net/

SSLEngine on
  
Options FollowSymLinks
AllowOverride All
Require all granted
  
SSLProtocol +TLSv1.2

ServerName lnrsoft.ddns.net

ServerAlias lnrsoft.ddns.net

Redirect permanent / https://lnrsoft.ddns.net/

DocumentRoot /var/www/html

Protocols h2 http:/1.1

Redirect permanent / https://lnrsoft.ddns.net/

SSLEngine on

Options FollowSymLinks

AllowOverride All

Require all granted

SSLProtocol +TLSv1.2

Enable HTTP2 supports:

<VirtualHost *:443>
  ServerName lnrsoft.ddns.net
  ServerAlias lnrsoft.ddns.net

  Protocols h2 http:/1.1

  <If "%{HTTP_HOST} == 'lnrsoft.ddns.net'">
    Redirect permanent / https://lnrsoft.ddns.net/
  </If>

  DirectoryIndex index.html index.php
  DocumentRoot /var/www            

  ErrorLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net.log
  CustomLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net-access.log combined

  SSLEngine On
  SSLCertificateFile /etc/letsencrypt/live/lnrsoft.ddns.net/cert.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/lnrsoft.ddns.net/privkey.pem
  SSLCertificateChainFile /etc/letsencrypt/live/lnrsoft.ddns.net/chain.pem

  <Directory /var/www>
      Options FollowSymLinks
      AllowOverride All
      Require all granted
  </Directory>

</VirtualHost>

ServerName lnrsoft.ddns.net

ServerAlias lnrsoft.ddns.net

Protocols h2 http:/1.1

Redirect permanent / https://lnrsoft.ddns.net/

</If>

DirectoryIndex index.html index.php

DocumentRoot /var/www

ErrorLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net.log

CustomLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net-access.log combined

SSLEngine On

SSLCertificateFile /etc/letsencrypt/live/lnrsoft.ddns.net/cert.pem

SSLCertificateKeyFile /etc/letsencrypt/live/lnrsoft.ddns.net/privkey.pem

SSLCertificateChainFile /etc/letsencrypt/live/lnrsoft.ddns.net/chain.pem

Options FollowSymLinks

AllowOverride All

Require all granted

</Directory>

</VirtualHost>

It is also recommended adding strong ciphers for Apache to increase SSL Security on the server.
Part of my Best Practices to deploy a secure webserver, virtual personal server or database serve is to add the recommended ciphers from SSL Server Test.

How to Enable HTTP2 in Apache 2.4 on Ubuntu

### Step 1: Upgrade Apache from PPA

sudo add-apt-repository ppa:ondrej/apache2
sudo apt update
sudo apt upgrade

### Step 2: Install the PHP FastCGI module for PHP 7.4

sudo apt install php7.4-fpm 
sudo a2enmod proxy_fcgi setenvif
sudo a2enconf php7.4-fpm 
sudo a2dismod php7.4 
sudo service apache2 restart

### Step 3: Change MPM from "prefork" to "event"

sudo a2dismod mpm_prefork 
sudo a2enmod mpm_event 
sudo service apache2 restart 
sudo service php7.4-fpm restart

### Step 4: Add a line to your Virtual Host file

Protocols h2 h2c http/1.1

### Step 5: Enable the mod_http2 Apache module

sudo a2enmod http2
sudo service apache2 restart

### Step 6: Test your Apache server for HTTP/2

https://http2.pro/

### Step 1: Upgrade Apache from PPA

sudo add-apt-repository ppa:ondrej/apache2

sudo apt update

sudo apt upgrade

### Step 2: Install the PHP FastCGI module for PHP 7.4

sudo apt install php7.4-fpm

sudo a2enmod proxy_fcgi setenvif

sudo a2enconf php7.4-fpm

sudo a2dismod php7.4

sudo service apache2 restart

### Step 3: Change MPM from "prefork" to "event"

sudo a2dismod mpm_prefork

sudo a2enmod mpm_event

sudo service apache2 restart

sudo service php7.4-fpm restart

### Step 4: Add a line to your Virtual Host file

Protocols h2 h2c http/1.1

### Step 5: Enable the mod_http2 Apache module

sudo a2enmod http2

sudo service apache2 restart

### Step 6: Test your Apache server for HTTP/2

https://http2.pro/