Category Archives: Application
Build WAF with Reverse Proxy Load Balancer using Nginx
Getting Started
First, it is recommended to update and upgrade all your software packages to the latest version. You can update all of them by running the following command:
apt update -y apt upgrade -y
Once all the packages are updated, install other required packages with the following command:
apt install g++ flex bison curl apache2-dev doxygen libyajl-dev ssdeep liblua5.2-dev libgeoip-dev libtool dh-autoreconf libcurl4-gnutls-dev libxml2 libpcre++-dev libxml2-dev git liblmdb-dev libpkgconf3 lmdb-doc pkgconf zlib1g-dev libssl-dev -y
Once you are done, you can proceed to the next step.
Install ModSecurity on Ubuntu 22.04
By default, the ModSecurity package is not included in the Ubuntu default repository. So you will need to compile it from the source.
First, download the latest version of ModSecurity with the following command:
wget https://github.com/SpiderLabs/ModSecurity/releases/download/v3.0.8/modsecurity-v3.0.8.tar.gz
Once the download is completed, extract the downloaded file with the following command:
tar -xvzf modsecurity-v3.0.8.tar.gz
Next, navigate to the extracted directory and configure it with the following command: Continue reading “Build WAF with Reverse Proxy Load Balancer using Nginx” »
M3U Restream
There’s a wonderful piece of microservice node.js based restream utility, that let you re-stream from a source and also do the ffmped transcoding if you’d like. I just liked the piece!
My installed OS was Ubuntu 18.x and I used node version 12.x.
The problem
You have an IPTV provider that provides an (extended) M3U playlist file. You want to:
- Add HTTPS encryption to the streams (and probably move the unencrypted reception offsite).
- Transcode the streams to a lower bitrate, or convert to a uniform video or audio format.
The solution
Run this software, preferably on an offsite host. It only requires a Node installation (No NPM modules are required!). To add HTTPS support, front it with nginx (or similar). Continue reading “M3U Restream” »
Upgrading WordPress Core Manually
- First create a full backup of your website. This is very important in case you make a mistake.
- Download the newest WordPress ZIP file from wordpress.org.
- Unzip the file into a directory on your local machine or in a separate directory on your website.
- Deactivate all of the plugins on your WordPress site.
- Go to your website root directory and delete your ‘wp-includes’ and ‘wp-admin’ directories. You can do this via sFTP or via SSH.
- Upload (or copy over) the new wp-includes and wp-admin directories from the new version of WordPress you unzipped to your website root directory to replace the directories you just deleted.
- Don’t delete your wp-content directory or any of the files in that directory. Copy over the files from the wp-content directory in the new version of WordPress to your existing wp-content directory. You will overwrite any existing files with the same name. All of your other files in wp-content will remain in place.
- Copy all files from the root (‘/’) directory of the new version of WordPress that you unzipped into your website root directory (or the root directory of your WordPress installation). You will overwrite any existing files and new files will also be copied across. Your wp-config.php file will not be affected because WordPress is never distributed with a wp-config.php file.
- Examine the wp-config-sample.php which is distributed with WordPress to see if any new settings have been added that you may want to use or modify.
- If you are upgrading manually after a failed auto-update, remove the .maintenance file from your WordPress root directory. This will remove the ‘failed update’ message from your site.
- Visit your main WordPress admin page at /wp-admin/ where you may be asked to sign-in again. You may also have to upgrade your database and will be prompted if this is needed. If you can’t sign-in, try clearing your cookies.
- Re-enable your plugins which you disabled earlier.
- Clear your browser cache to ensure you can see all changes. If you are using a front-end cache like ‘varnish’ you should also clear that to ensure that your customers can see the newest changes on your site.
Your upgrade is now complete and you should be running the newest version of WordPress.
Ref: https://www.wordfence.com/learn/how-to-manually-upgrade-wordpress-themes-and-plugins/
Install Netxtcloud on Debian 10
Install Apache, MariaDB and PHP
NextCloud runs on the webserver, written in PHP and uses MariaDB to store their data. So you will need to install Apache, MariaDB, PHP and other required packages on your system. You can install all of them by running the following command:
apt-get install apache2 libapache2-mod-php mariadb-server php-xml php-cli php-cgi php-mysql php-mbstring php-gd php-curl php-zip wget unzip -y
Once all the packages are installed, open the php.ini file and tweak some recommended settings:
nano /etc/php/7.3/apache2/php.ini
Change the following settings:
memory_limit = 512M upload_max_filesize = 1024M post_max_size = 1024M max_execution_time = 300 date.timezone = Asia/Dhaka
Save and close the file when you are finished. Then, start the Apache and MariaDB service and enable them to start after system reboot with the following command: Continue reading “Install Netxtcloud on Debian 10” »
Install a Sectigo Domain Validation SSL certificate in Zimbra
We usually get the below four files from Sectigo in the certificate bundle. The file name may vary depending on the certificate type
- yourdomain.com.crt – main certificate
- AAACertificateServices.crt – Root Certificate
- USERTrustRSAAAACA.crt – Intermediate Certificate – 1
- SectigoRSADomainValidationSecureServerCA.crt – Intermediate Certificate – 2
Step 1: We shall create two files as below.
commercial_ca.crt (includes root certificate and two intermediate certificates) commercial.crt (includes main certificate, root certificate and two intermediate certificates)
Step 2: Login to Zimbra server, move to directory /opt/zimbra/ssl/zimbra/commercial and create two files as below.
root@mail:~# cd /opt/zimbra/ssl/zimbra/commercial/ root@mail:/opt/zimbra/ssl/zimbra/commercial# touch commercial_ca.crt root@mail:/opt/zimbra/ssl/zimbra/commercial# touch commercial.crt
Continue reading “Install a Sectigo Domain Validation SSL certificate in Zimbra” »
Make shinobi start up after reboot
Configuring SMTPS in Virtualmin
Under System Settings > Server Templates (and under the dropdown menu “Edit template section”) > Mail client auto-configuration. In the section Thunderbird auto-configuration XML, under the heading outgoingServer, I changed the port from $SMTP_PORT to $SMTPS_Port and selected XMLtemplate below as opposed to Automatically generated. My XML template is therefore as follows:
<?xml version="1.0" encoding="UTF-8"?> <clientConfig version="1.1"> <emailProvider id="$SMTP_DOMAIN"> <domain>$SMTP_DOMAIN</domain> <displayName>$OWNER Email</displayName> <displayShortName>$OWNER</displayShortName> <incomingServer type="imap"> <hostname>$IMAP_HOST</hostname> <port>$IMAP_PORT</port> <socketType>$IMAP_TYPE</socketType> <authentication>$IMAP_ENC</authentication> <username>$SMTP_LOGIN</username> </incomingServer> <outgoingServer type="smtp"> <hostname>$SMTP_HOST</hostname> <port>$SMTPS_PORT</port> <socketType>$SMTP_TYPE</socketType> <authentication>$SMTP_ENC</authentication> <username>$SMTP_LOGIN</username> </outgoingServer> </emailProvider> </clientConfig>
If the variable $SMTPS_Port doesn’t work for you, you can try manually entering port 465.
Src: https://serverfault.com/questions/605090/configuring-smtps-in-virtualmin
Mapping drives with Windows Explorer in Nextcloud
To map a drive using the Microsoft Windows Explorer:
- Open Windows Explorer on your MS Windows computer.
- Right-click on Computer entry and select Map network drive… from the drop-down menu.
- Choose a local network drive to which you want to map Nextcloud.
- Specify the address to your Nextcloud instance, followed by /remote.php/dav/files/USERNAME/.
or example:
https://example.com/nextcloud/remote.php/dav/files/USERNAME/
Src: https://docs.nextcloud.com/server/latest/user_manual/en/files/access_webdav.html
Install LookingGlass on Linux
Requirements
- PHP >= 5.3
- PHP PDO with SQLite driver (required for rate-limit)
- SSH/Terminal access (able to install commands/functions if non-existent)
Installations: Continue reading “Install LookingGlass on Linux” »