CoffeeBreak first beta version
[Linux] Install WordPress on Ubuntu Server with add-on features as HTTPS support, SSL certificate and HTTP2 supports
1 2 3 4 5 6 7 | sudo apt-get install apache2 apache2-utils sudo systemctl enable apache2 sudo systemctl start apache2 sudo apt-get install mysql-client mysql-server sudo mysql_secure_installation sudo apt-get install php7.2 php7.2-mysql libapache2-mod-php7.2 php7.2-cli php7.2-cgi php7.2-gd sudo nano /var/www/html/info.php |
1 2 3 | <?php phpinfo(); ?> |
1 2 3 4 5 6 7 8 | sudo a2enmod rewrite sudo apache2ctl configtest wget -c http://wordpress.org/latest.tar.gz tar -xzvf latest.tar.gz sudo rsync -av wordpress/* /var/www/html sudo chown -R www-data:www-data /var/www/html sudo chmod -R 755 /var/www/html |
1 | mysql -u root -p |
1 2 3 4 | CREATE DATABASE wp; GRANT ALL PRIVILEGES ON wp.* TO 'dbuser'@'localhost' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; EXIT; |
1 2 3 4 5 | sudo mv wp-config-sample.php wp-config.php sudo nano wp-config.php sudo systemctl restart apache2.service sudo systemctl restart mysql.service |
Create a ssl-params.conf file and add the following definition below to it, then save it.
1 | $ sudo nvim /etc/apache2/conf-available/ssl-params.conf |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | # Cipherli.st Strong Ciphers for Apache url: https://cipherli.st/ # Addong some Strong SSL Security on Apache2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 SSLHonorCipherOrder On Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" Header always set X-Frame-Options DENY Header always set X-Content-Type-Options nosniff # Requires Apache >= 2.4 SSLCompression off SSLUseStapling on SSLStaplingCache "shmcb:logs/stapling-cache(150000)" # Requires Apache >= 2.4.11 SSLSessionTickets Off |
Next thing to do is create a backup of the original default-ssl.conf file.
1 | $ sudo cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.conf.bak |
Then modify it accordingly, we are deploying a wordpress site in this particular example we use the following adjustments.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | ServerName lnrsoft.ddns.net ServerAlias lnrsoft.ddns.net Redirect permanent / https://lnrsoft.ddns.net/ DocumentRoot /var/www/html Protocols h2 http:/1.1 <If "%{HTTP_HOST} == 'lnrsoft.ddns.net'"> Redirect permanent / https://lnrsoft.ddns.net/ SSLEngine on Options FollowSymLinks AllowOverride All Require all granted SSLProtocol +TLSv1.2 |
Enable HTTP2 supports:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | <VirtualHost *:443> ServerName lnrsoft.ddns.net ServerAlias lnrsoft.ddns.net Protocols h2 http:/1.1 <If "%{HTTP_HOST} == 'lnrsoft.ddns.net'"> Redirect permanent / https://lnrsoft.ddns.net/ </If> DirectoryIndex index.html index.php DocumentRoot /var/www ErrorLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net.log CustomLog ${APACHE_LOG_DIR}/lnrsoft.ddns.net-access.log combined SSLEngine On SSLCertificateFile /etc/letsencrypt/live/lnrsoft.ddns.net/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/lnrsoft.ddns.net/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/lnrsoft.ddns.net/chain.pem <Directory /var/www> Options FollowSymLinks AllowOverride All Require all granted </Directory> </VirtualHost> |
It is also recommended adding strong ciphers for Apache to increase SSL Security on the server.
Part of my Best Practices to deploy a secure webserver, virtual personal server or database serve is to add the recommended ciphers from Cipherli.st.
Install Oracle Java 12 on Ubuntu
You need to add the PPA. (Surce: “Linux Uprising” team)
Install:
1 2 3 4 | sudo add-apt-repository ppa:linuxuprising/java sudo apt-get update sudo apt-get install oracle-java12-installer sudo apt-get install oracle-java12-set-default |
Verify:
1 2 3 4 | post@lnrsoft:$ java --version java 12.0.1 2019-04-16 Java(TM) SE Runtime Environment (build 12.0.1+12) Java HotSpot(TM) 64-Bit Server VM (build 12.0.1+12, mixed mode, sharing) |
1 | sudo apt-get remove oracle-java12-installer |
Sourcetrail a cross-platform source explorer for C/C++ and Java*
Sourcetrail a cross-platform source explorer, great and powerful tool to have it.
I personally recommend it for any junior or senior developers. A cross-platform source explorer for C/C++ and Java* deserves a blog post to reach more developers as well as serious commercial customers.
* Free for non-commercial use
How to Install Google Authenticator on Ubuntu Server
Install Google Authenticator:
1 2 3 4 5 6 7 8 | sudo apt-get install libpam0g-dev make gcc wget autoconf libtool libpng-dev automake autotools-dev pkg-config libltdl-dev m4 cd ~ git clone https://github.com/google/google-authenticator-libpam.git cd google-authenticator-libpam ./bootstrap.sh ./configure make sudo make install |
1 2 3 4 5 6 7 8 | cd ~ wget https://fukuchi.org/works/qrencode/qrencode-4.0.2.tar.gz tar -xf qrencode-4.0.2.tar.gz cd qrencode-4.0.2/ ./configure make sudo make install sudo ldconfig |
youtube-dl arguments
Best Audio Quality for mp3 (with –ffmpeg-location):
1 | youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=mp3]/bestvideo+bestaudio' --extract-audio --audio-format 'mp3' --audio-quality '8' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx |
1 | youtube-dl -f 'bestvideo[ext=mp4]+bestaudio[ext=m4a]/bestvideo+bestaudio' --ffmpeg-location '/addyourcustompath/ffmpeg' https://youtube.com/xxxxxxxxxx |
Login to WordPress or other accounts using python selenium package
The best way to install the selenium package is using the following command:
$ pip install seleniumor on macOS with Homebrew
$ brew install geckodriverIf you are using Anaconda just simply activate your virtual environment and then install geckodriver using the following command:
$ conda install -c conda-forge geckodriverThen you’ll need a driver to interface with the browser you choose. I used Firefox in this example, therefore I downloaded the required geckodriver driver.
Drivers for other browser: selenium-python.readthedocs.io
You might need to set the PATH of your geckodriver.
This python source code will pull up a Firefox window and open the url that you need set https://yourwpdomain.com/wp-login.php, then find user_login and user_pass elements on the page (by the id) and finally send a click() function to the submitButton.
If everything goes well the next thing you should see is your WordPress dashboard page in the browser.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | from selenium import webdriver browser = webdriver.Firefox() #browser = webdriver.Firefox(executable_path=r'your\path\geckodriver.exe') url = "https://yourwpdomain.com/wp-login.php" # set your WordPress domain browser.get(url) username = browser.find_element_by_id("user_login") password = browser.find_element_by_id("user_pass") username.send_keys("yourUserName") # add your WordPress UserName password.send_keys("yourPassword") # add your WordPress Password submitButton = browser.find_element_by_id("wp-submit") submitButton.click() |
1 | browser = webdriver.Firefox(executable_path=r'your\path\geckodriver.exe') |
How to use wget without adding –no-check-certificate
You need to add a check_certificate = off line into your .wgetrc file in your Home directory.
Or simply run this command on your terminal.
1 | echo "check_certificate = off" >> ~/.wgetrc |
After this wget will add this –no-check-certificate automatically from your .wgetrc file.
BTCPayServer the self-hosted payment processor for Bitcoin and other cryptocurrencies.
How does it works?
BTCPay Server is a self-hosted and automated invoicing system. When checking out, the customer is presented with an invoice. Each time, a different address is tied to a particular invoice, so there is no address re-use. BTCPay follows the status of the invoice through the blockchain and informs a merchant when he can fulfil the order safely.
BTCPay is a code, not a company. There is no third-party between a merchant and a customer. Merchant is always in full control of the funds. There are no processing or subscription fees. BTCPay Server is free to use and completely open-source, so developers or security auditors can always inspect the quality of the code.
Source code: https://github.com/btcpayserver/btcpayserver
A fast and clever open source hex editor for OSX
I am using this clever, powerful and really fast hex editor over 6 months now. I would really recommend this great open source tool called Hex Fiend whenever you need a hex editor for OSX.
Source code: https://github.com/lnrsoft/HexFiend
Website: http://ridiculousfish.com/hexfiend/