Wednesday, July 14, 2021
Adminer is available for install from Ubuntu Repositories using “sudo apt-get install adminer” but to get the latest features we will install the latest version manually.
This Tutorial should work on Ubuntu 16.04 and 18.04
This tutorial is For Adminer and MYSQL but Adminer also works with the following databases:
MySQL
PostgreSQL
SQLite
MS SQL
Oracle
SimpleDB
Elasticsearch
MongoDB
Step 1
sudo mkdir /usr/share/adminer
Step 2
sudo wget "http://www.adminer.org/latest.php" -O /usr/share/adminer/latest.php
[Read more…]
Wednesday, February 17, 2021
Let’s start with the installation – it is a simple installation and will not take long.
Prerequisites
For the purposes of this tutorial, we will use an Ubuntu 20.04 VPS.
User with sudo privileges or full SSH root access is required. All of our VPSes come with root access.
A valid domain name pointed to your server’s IP address. In this tutorial, we will use domain.com as an example.
1. Install Certbot
As mentioned earlier, we will be using Certbot so that we can get a free SSL certificate from Let’s Encrypt. To install this useful tool, we need to enable the universe repository:
sudo apt install software-properties-common
sudo add-repository universe
sudo apt update
Run this command on the command line on the machine to install Certbot.
sudo apt install certbot python3-certbot-apache
2. Generate a Free Let’s Encrypt SSL Certificate
There are many ways to obtain an SSL certificate with Certbot. We will use the Apache plugin, which will take care of reconfiguring Apache’s Virtual Host and will reload the new configuration for us. You can run the following command to use the plugin:
sudo certbot --apache
Using this script, you need to answer a series of questions and provide an email address. In the first step, you need to type a valid email address. The email address is required for notifications and security notices regarding your website’s certificate:
Output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): [email protected]
[Read more…]
Friday, February 12, 2021
Step 1. First, make sure that all your system packages are up-to-date by running these following apt commands in the terminal.
sudo apt update
sudo apt upgrade
Step 2. Installing ModSecurity Apache on Ubuntu 20.04.
Now we install the mod security package on the Ubuntu system using the following command:
sudo apt install libapache2-mod-security2
Restart apache service to take mod-security module into account:
sudo systemctl restart apache2
Step 3. Configuration of ModSecurity.
We’ve to start the configure of mod security. you can find the location at /etc/modsecurity:
sudo mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
Next, download the OWASP ModSecurity CRS from Github:
cd ~
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
Then, move and rename crs-setup.conf.example to crs-setup.conf. Also, move rules/ directory as well:
cd ~/owasp-modsecurity-crs
sudo mv crs-setup.conf.example /etc/modsecurity/crs-setup.conf
sudo mv rules/ /etc/modsecurity/
To get these rules working on Apache, you should edit the /etc/apache2/mods-available/security2.conf file:
[Read more…]
Open a terminal application or login to your server over the ssh session using ssh command. Open php.ini file using a text editor such as vim command or nano command:
$ sudo nano /etc/php.ini
Find disable_functions and set new list as follows:
# list of function to disable globally #
disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
I also recommend to disable allow_url_include and allow_url_fopen for security reasons:
allow_url_fopen=Off
allow_url_include=Off
open_basedir = /var/www:/var/..
Save and close the file. Restart
# service apache2 restart
Login to server as root
$ letsencrypt renew
Change directory to Zimbra Letsecnrpyt SSL folder
# cd /opt/zimbra/ssl/letsencrypt/
Copy new SSL files to Zimbra Letsencrypt folder then change owner to Zimbra.
# cp /etc/letsencrypt/live/yourdomain.com/* .
# chown zimbra:zimbra /opt/zimbra/ssl/letsencrypt/*
[Read more…]
1. Install the Let’s Encrypt Certbot
# Install Certbot on the linux box
yum install -y certbot
# Generate our first SSL cert. Subsequent certificates will be renewed by our script below
certbot certonly --standalone -d mail.protectigate.com -m [email protected] --agree-tos -n
# Prepare the Zimbra directory for the new certificate
mkdir /opt/zimbra/ssl/letsencrypt
2. Install the Certificate and create the Script for auto-renewal
a. Create script as /root/ssl.sh
#Change work dir to /tmp
cd /tmp
#Renew cert if needed
certbot certonly --standalone -d mail.protectigate.com -m [email protected] --agree-tos -n
# Stop the nginx Zimbra service
sudo -u zimbra /opt/zimbra/bin/zmproxyctl stop
sudo -u zimbra /opt/zimbra/bin/zmmailboxdctl stop
#Rename existing Zimbra letsencrypt folder and create new
if [[ -e /opt/zimbra/ssl/letsencrypt ]]; then
mv /opt/zimbra/ssl/letsencrypt /opt/zimbra/ssl/letsencrypt$(date +'%Y%m%d')
mkdir /opt/zimbra/ssl/letsencrypt
chown -R zimbra:zimbra /opt/zimbra/ssl/letsencrypt
fi
# Copy Let's Encrypt SSL cert into Zimbra SSL dir
/bin/cp -rf /etc/letsencrypt/live/mail.protectigate.com/* /opt/zimbra/ssl/letsencrypt/
#Download the Let's Encrypt root cert
wget https://letsencrypt.org/certs/trustid-x3-root.pem.txt -O /opt/zimbra/ssl/letsencrypt/root.pem
#Merge the root cert into the chain file
cat /opt/zimbra/ssl/letsencrypt/root.pem >> /opt/zimbra/ssl/letsencrypt/chain.pem
[Read more...]
