If you choose to protect yourself against tracking, surveillance, and censorship our onion mirror is live
Dear visitor, you can also find our blog on the Tor network at http://goyyh6reeibixtlo.onion/. A free software Tor Browser will be required to access onion sites. Some people asked me about why I don’t have an onion mirror of my blog. I did not feel the need of it, but as it sounded like a request here it is, from now you can protect yourself against tracking, surveillance, and censorship.
Thanks for visiting my site.
vnStat – a brilliant open source console-based network traffic monitor for Linux
vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s).
Features:
Quick and simple to install and get running.
Gathered statistics persists through system reboots.
Can monitor multiple interfaces at the same time.
Several output options.
Summary, 5 minute, hourly, daily, monthly, weekly, yearly, top days.
Optional png image output (using libgd).
Data retention duration is fully user configurable on the fly.
Months can be configured to follow billing period.
Light, minimal resource usage.
Same low cpu usage regardless of traffic.
Can be used without root permissions.
Online color configuration editor.
humdi.net/vnstat/
Hardware Probe Tool for Linux
This project really deserves a post, just came across with it and will definitively use it. The HW PROBE project aim to collect hardware details of Linux-powered computers over the world and help Linux users and developers to collaboratively debug hardware related issues.
github.com/linuxhw/hw-probe
There are other very useful tools on their main git repository, if you need to collect more specific hardware details, these tools will come very useful.
github.com/linuxhw
How to clear your DNS cache on OSX 10.10.4 or above
MacOS® 10.10.4 and above
To clear your DNS cache if you use MacOS X version 10.10.4 or above, perform the following steps:
Click Applications.
Click Utilities.
Click Terminal.
Run the following command:
|
1 |
sudo killall -HUP mDNSResponder |
Or on Microsoft Windows version 7, 8, 10 type the following command to the command prompt:
|
1 |
ipconfig /flushdns |
[OSX] How to install ssh-askpass for OS X/macOS
You can install ssh-askpass using Homebrew, this method also works on the latest Mojave 10.14.5 version.
|
1 2 |
$ brew tap theseal/ssh-askpass $ brew install ssh-askpass |
[PHP] How to return IP address of a host / domain
Here is a quick solution written in php that you can use to determine the current IP address of a given webhost/domain.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 |
<?php echo GetClientIP(true); function GetClientIP($validate = False) { $ipkeys = array( 'REMOTE_ADDR', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP' ); $ip = array(); foreach ($ipkeys as $keyword) { if (isset($_SERVER[$keyword])) { if ($validate) { if (ValidatePublicIP($_SERVER[$keyword])) { $ip[] = $_SERVER[$keyword]; } } else { $ip[] = $_SERVER[$keyword]; } } } $ip = (empty($ip) ? 'Unknown' : implode(", ", $ip)); return $ip; } function ValidatePublicIP($ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { return true; } else { return false; } } |
[Linux] Install WordPress on Ubuntu Server with add-on features as HTTPS support, SSL certificate and HTTP2 supports
|
1 2 3 4 5 6 7 |
sudo apt-get install apache2 apache2-utils sudo systemctl enable apache2 sudo systemctl start apache2 sudo apt-get install mysql-client mysql-server sudo mysql_secure_installation sudo apt-get install php7.2 php7.2-mysql libapache2-mod-php7.2 php7.2-cli php7.2-cgi php7.2-gd sudo nano /var/www/html/info.php |
|
1 2 3 |
<?php phpinfo(); ?> |
|
1 2 3 4 5 6 7 8 |
sudo a2enmod rewrite sudo apache2ctl configtest wget -c http://wordpress.org/latest.tar.gz tar -xzvf latest.tar.gz sudo rsync -av wordpress/* /var/www/html sudo chown -R www-data:www-data /var/www/html sudo chmod -R 755 /var/www/html |
|
1 |
mysql -u root -p |
|
1 2 3 4 |
CREATE DATABASE wp; GRANT ALL PRIVILEGES ON wp.* TO 'dbuser'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; EXIT; |
|
1 2 3 4 5 |
sudo mv wp-config-sample.php wp-config.php sudo nano wp-config.php sudo systemctl restart apache2.service sudo systemctl restart mysql.service |
Enable HTTPS supports:
Create a ssl-params.conf file and add the following definition below to it, then save it.
|
1 |
$ sudo nvim /etc/apache2/conf-available/ssl-params.conf |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
# Cipherli.st Strong Ciphers for Apache url: https://cipherli.st/ # Addong some Strong SSL Security on Apache2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off SSLUseStapling on SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off |
Next thing to do is create a backup of the original default-ssl.conf file.
|
1 |
$ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak |
Then modify it accordingly, we are deploying a wordpress site in this particular example we use the following adjustments.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
ServerName lnrsoft.ddns.net ServerAlias lnrsoft.ddns.net Redirect permanent / https://lnrsoft.ddns.net/ DocumentRoot /var/www/html Protocols h2 http:/1.1 <If "%{HTTP_HOST} == 'lnrsoft.ddns.net'"> Redirect permanent / https://lnrsoft.ddns.net/ SSLEngine on Options FollowSymLinks AllowOverride All Require all granted SSLProtocol +TLSv1.2 |
Enable HTTP2 supports:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
<VirtualHost *:443> ServerName lnrsoft.ddns.net ServerAlias lnrsoft.ddns.net Protocols h2 http:/1.1 <If "%{HTTP_HOST} == 'lnrsoft.ddns.net'"> Redirect permanent / https://lnrsoft.ddns.net/ </If> DirectoryIndex index.html index.php DocumentRoot /var/www ErrorLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net.log CustomLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net-access.log combined SSLEngine On SSLCertificateFile /etc/letsencrypt/live/lnrsoft.ddns.net/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/lnrsoft.ddns.net/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/lnrsoft.ddns.net/chain.pem <Directory /var/www> Options FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> |
It is also recommended adding strong ciphers for Apache to increase SSL Security on the server.
Part of my Best Practices to deploy a secure webserver, virtual personal server or database serve is to add the recommended ciphers from Cipherli.st.
Install Oracle Java 12 on Ubuntu
You need to add the PPA. (Surce: “Linux Uprising” team)
Install:
|
1 2 3 4 |
sudo add-apt-repository ppa:linuxuprising/java sudo apt-get update sudo apt-get install oracle-java12-installer sudo apt-get install oracle-java12-set-default |
For multiple java versions, install [or uninstall] oracle-java12-set-default package to set [or not] Java 12 as default.
Verify:
|
1 2 3 4 |
post@lnrsoft:$ java --version java 12.0.1 2019-04-16 Java(TM) SE Runtime Environment (build 12.0.1+12) Java HotSpot(TM) 64-Bit Server VM (build 12.0.1+12, mixed mode, sharing) |
Remove it: … use the following command if you need to uninstall it:
|
1 |
sudo apt-get remove oracle-java12-installer |
Sourcetrail a cross-platform source explorer for C/C++ and Java*
Sourcetrail a cross-platform source explorer, great and powerful tool to have it.
I personally recommend it for any junior or senior developers. A cross-platform source explorer for C/C++ and Java* deserves a blog post to reach more developers as well as serious commercial customers.
* Free for non-commercial use
How to Install Google Authenticator on Ubuntu Server
Install Google Authenticator:
|
1 2 3 4 5 6 7 8 |
sudo apt-get install libpam0g-dev make gcc wget autoconf libtool libpng-dev automake autotools-dev pkg-config libltdl-dev m4 cd ~ git clone https://github.com/google/google-authenticator-libpam.git cd google-authenticator-libpam ./bootstrap.sh ./configure make sudo make install |
Install qrencode:
|
1 2 3 4 5 6 7 8 |
cd ~ wget https://fukuchi.org/works/qrencode/qrencode-4.0.2.tar.gz tar -xf qrencode-4.0.2.tar.gz cd qrencode-4.0.2/ ./configure make sudo make install sudo ldconfig |
youtube-dl arguments
Best Audio Quality for mp3 (with –ffmpeg-location):
|
1 |
youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=mp3]/bestvideo+bestaudio' --extract-audio --audio-format 'mp3' --audio-quality '8' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx |
Best Audio/Video Quality for mp4 (with –ffmpeg-location):
|
1 |
youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=m4a]/bestvideo+bestaudio' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx |