Sohaib's Tech Blog

Something for every one

Magento2 Authorize.NET CIM Opensource — 2017

Magento2 Authorize.NET CIM Opensource

After spending some time I found free Opensource Authorize.NET CIM why pay $200 when you can get opensource.

https://github.com/pmclain/module-authorizenetcim

Advertisements
Set up Magento 2 with Redis, Varnish and Nginx as SSL termination —

Set up Magento 2 with Redis, Varnish and Nginx as SSL termination

In this article, we will show you how to install Magento 2 on an Ubuntu 16.04 VPS with MariaDB, PHP-FPM 7.0, Varnish as a full page cache, Nginx as SSL termination and Redis for session storage and page caching.  This guide should work on other Linux VPS systems as well but was tested and written for an Ubuntu 16.04 VPS.

Login to your VPS via SSH

ssh my_sudo_user@my_server

Update the system and install necessary packages

sudo apt-get update && sudo apt-get -y upgrade
sudo apt-get -y install curl nano git

Install MariaDB 10.0

Install the latest MariaDB 10.0 server from the official Ubuntu repositories:

sudo apt-get install -y mariadb-server

When the installation is complete, run the following command to secure your installation:

mysql_secure_installation

Next, we need to create a database for our Magento installation.

mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE magento;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON magento.* TO 'magento'@'localhost' IDENTIFIED BY 'my_strong_password';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> \q

Install PHP 7.0, composer and all required PHP modules

To install the latest stable version of PHP 7.0 and all necessary modules, run:

sudo apt-get -y install php-fpm php-cli php-gd php-imagick php-mysql php-mcrypt php-pear php-curl php-intl php-xsl php-zip php-mbstring

Change few default PHP settings:

sudo sed -i "s/memory_limit = .*/memory_limit = 256M/" /etc/php/7.0/fpm/php.ini
sudo sed -i "s/upload_max_filesize = .*/upload_max_filesize = 128M/" /etc/php/7.0/fpm/php.ini
sudo sed -i "s/zlib.output_compression = .*/zlib.output_compression = on/" /etc/php/7.0/fpm/php.ini
sudo sed -i "s/max_execution_time = .*/max_execution_time = 18000/" /etc/php/7.0/fpm/php.ini

Composer is a dependency manager for PHP with which you can install packages. Composer will pull in all the required libraries and dependencies you need for your project.

curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer

Install Magento 2 from Github

Clone the Magento repository to the ~/myMagentoSite.com directory using the following command:

sudo git clone https://github.com/magento/magento2.git /var/www/myMagentoSite.com

Get the latest stable release, at the time of the writing it’s Magento 2.1.2:

cd /var/www/myMagentoSite.com
sudo git checkout $(git describe --tags $(git rev-list --tags --max-count=1))

Run composer to install all Magento dependencies:

sudo composer install

To continue with the installation you can either use the installation wizard or the command line, in this guide we will use the latter.

sudo bin/magento setup:install \
--base-url=http://myMagentoSite.com/ \
--db-host=localhost \
--db-name=magento \
--db-user=magento \
--db-password=my_strong_password \
--admin-firstname=First  \
--admin-lastname=Last \
--admin-email=user@myMagentoSite.com \
--admin-user=admin \
--admin-password=my_strong_password123 \
--language=en_US \
--currency=USD \
--timezone=America/Chicago \
--use-rewrites=1

If the installation is successful you will see something like below:

[SUCCESS]: Magento installation complete.
[SUCCESS]: Magento Admin URI: /admin_mejj1n

Run the crontab command to create a cronjob

crontab -u www-data -e

and add the following line:

* * * * * /usr/bin/php /var/www/myMagentoSite.com/bin/magento cron:run | grep -v "Ran jobs by schedule" >> /var/www/myMagentoSite.com/var/log/magento.cron.log

Finally, set the correct permissions:

sudo chown -R www-data: /var/www/myMagentoSite.com

Install and configure Nginx

Install Nginx from the official Ubuntu repositories::

sudo apt-get -y install nginx

Create a new Nginx server block with the following content:

sudo nano /etc/nginx/sites-available/myMagentoSite.com
upstream fastcgi_backend {
  server   unix:/run/php/php7.0-fpm.sock;
}

server {
    server_name myMagentoSite.com www.myMagentoSite.com;
    listen 80;
    set $MAGE_ROOT /var/www/myMagentoSite.com;
    set $MAGE_MODE developer; # or production

    access_log /var/log/nginx/myMagentoSite.com-access.log;
    error_log /var/log/nginx/myMagentoSite.com-error.log;

    include /var/www/myMagentoSite.com/nginx.conf.sample;        
}

Activate the server block by creating a symbolic link :

sudo ln -s /etc/nginx/sites-available/myMagentoSite.com /etc/nginx/sites-enabled/myMagentoSite.com

Delete the default configuration:

sudo rm -f /etc/nginx/sites-enabled/default

Test the Nginx configuration and restart nginx:

sudo nginx -t
sudo service nginx restart

You should be now able to login to your Magento back-end by going to http://myMagentoSite.com/admin_mejj1n using the information you set when running the bin/magento setup:install .

Install and configure Varnish

Installing Varnish is as simple as running the following command:

sudo apt-get install varnish

From you Magento Admin dashboard click on the STORES link (left sidebar) -> Configuration -> ADVANCED -> System -> Full Page Cache
Unselected Use system value and from the Caching Application list, select Varnish Cache (Recommended), save the configuration, click on the Varnish Configuration link and click on the Export VCL for Varnish 4 button. The varnish.vcl file which we will use will be exported in the /var/www/myMagentoSite.com/var/ directory.

Flush the Magento cache with:

sudo php bin/magento cache:flush

Delete the /etc/varnish/default.vcl and symlink it to the exported varnish configuration.

sudo rm -f /etc/varnish/default.vcl
sudo ln -sf /var/www/myMagentoSite.com/var/varnish.vcl /etc/varnish/default.vcl

To change varnish port from 6081 to 80, we need to edit the systemd service configuration.

Create a new customexec.conf file

sudo mkdir -p /etc/systemd/system/varnish.service.d
sudo nano /etc/systemd/system/varnish.service.d/customexec.conf

paste the following:

[Service]
ExecStart=
ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m

and reload systemd units

sudo systemctl daemon-reload

Now we need to change Nginx listening port from 80 to 8080 and enable Nginx SSL termination with HTTP2, to do that open the Nginx configuration file and change it as follows:

sudo nano /etc/nginx/sites-available/myMagentoSite.com
upstream fastcgi_backend {
  server   unix:/run/php/php7.0-fpm.sock;
}

server {
    server_name myMagentoSite.com www.myMagentoSite.com;
    listen 8080;
    set $MAGE_ROOT /var/www/myMagentoSite.com;
    set $MAGE_MODE production; # or developer

    access_log /var/log/nginx/myMagentoSite.com-access.log;
    error_log /var/log/nginx/myMagentoSite.com-error.log;

    include /var/www/myMagentoSite.com/nginx.conf.sample;        
}

server {

    listen 443 ssl http2;
    server_name myMagentoSite.com www.myMagentoSite.com;

    ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; # change with your SSL cert
    ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; # change with your SSL key
    ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout 24h;
    keepalive_timeout 300s;

    location / {
        proxy_pass http://127.0.0.1;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Ssl-Offloaded "1";
        proxy_set_header      X-Forwarded-Proto https;
        proxy_set_header      X-Forwarded-Port 443;
        #proxy_hide_header X-Varnish;
        #proxy_hide_header Via;
        proxy_set_header X-Forwarded-Proto $scheme;

    }

}

If you don’t already have an SSL certificate, you can purchase a trusted SSL certificate here.

Restart Varnish and Nginx:

sudo systemctl restart nginx
sudo systemctl restart varnish

Change the base url to https and flush the cache

sudo bin/magento setup:store-config:set --base-url="https://myMagentoSite.com"
sudo php bin/magento cache:flush

If everything is setup correctly now you should be able to login to your Magento back-end by going to https://myMagentoSite.com/admin_mejj1n.

Stuck somewhere? Get a VPS from us and we’ll do all of this for you, free of charge!

Install and configure Redis caching

Redis is a key-value in memory data store and we will use it to replace the default Magento 2 Zend_Cache_Backend_File backend cache.  Install Redis by running the following command:

apt-get install php-redis redis-server

To configure your Magento installation to use Redis for session storage open the app/etc/env.php file and change/add the following:

sudo nano /var/www/myMagentoSite.com/app/etc/env.php

change:

  'session' =>
  array (
    'save' => 'files',
  ),

with:

'session' => 
   array (
   'save' => 'redis',
   'redis' => 
      array (
	'host' => '127.0.0.1',
	'port' => '6379',
	'password' => '',
	'timeout' => '2.5',
	'persistent_identifier' => '',
	'database' => '0',
	'compression_threshold' => '2048',
	'compression_library' => 'gzip',
	'log_level' => '1',
	'max_concurrency' => '6',
	'break_after_frontend' => '5',
	'break_after_adminhtml' => '30',
	'first_lifetime' => '600',
	'bot_first_lifetime' => '60',
	'bot_lifetime' => '7200',
	'disable_locking' => '0',
	'min_lifetime' => '60',
	'max_lifetime' => '2592000'
    )
),

and to use Redis for page caching add:

'cache' =>
array(
   'frontend' =>
   array(
      'default' =>
      array(
         'backend' => 'Cm_Cache_Backend_Redis',
         'backend_options' =>
         array(
            'server' => '127.0.0.1',
            'port' => '6379'
            ),
    ),
    'page_cache' =>
    array(
      'backend' => 'Cm_Cache_Backend_Redis',
      'backend_options' =>
       array(
         'server' => '127.0.0.1',
         'port' => '6379',
         'database' => '1',
         'compress_data' => '0'
       )
    )
  )
),

Finally flush the cache again:

sudo php bin/magento cache:flush

Further Optimizations

To further optimize your Magento installation from you Magento admin dashboard:

1. Go to STORES -> Configuration -> CATALOG -> Catalog -> Use Flat Catalog Category, select Yes and click Save Config.
2. Go to STORES -> Configuration -> ADVANCED -> Developer -> JavaScript Settings and set both Merge JavaScript Files and Minify JavaScript Files to Yes and click Save Config..
3. Go to STORES -> Configuration -> ADVANCED -> Developer -> CSS Settings and set both Merge CSS Files and Minify CSS Files to Yes and click Save Config.
4. Consider using a CDN – Content Delivery Network

Do not forget to flush the cache:

sudo php bin/magento cache:flush

All Credit for this HOW TO GOTO www.rosehosting.com Excellent Article

Installing Magento 2.x and PHP 7.0 on Debian Jessie x64 — 2016

Installing Magento 2.x and PHP 7.0 on Debian Jessie x64

Step by Step

gpg --keyserver keys.gnupg.net --recv-key 89DF5277 && gpg -a --export 89DF5277 | apt-key add

Add sources

nano /etc/apt/sources.list

deb http://packages.dotdeb.org jessie all
deb-src http://packages.dotdeb.org jessie all
apt-get update
apt-get install php7.0-cli php7.0-fpm php7.0-mysql php7.0-curl php7.0-gd php7.0-imagick php7.0-mcrypt php7.0-memcached php7.0-imap python-software-properties software-properties-common php7.0 php7.0 php7.0-common php7.0-gd php7.0-mysql php7.0-mcrypt php7.0-curl php7.0-intl php7.0-xsl php7.0-mbstring php7.0-zip php7.0-bcmath php7.0-iconv -y

Install Percona Database Server

wget https://repo.percona.com/apt/percona-release_0.1-4.$(lsb_release -sc)_all.deb
dpkg -i percona-release_0.1-4.$(lsb_release -sc)_all.deb

Update the repo

apt-get update
apt-get install percona-server-server-5.7 percona-server-client-5.7 -y

Once above is installed simply download Nginx for Jessie – which is already compiled with all the modules and Pagespeed

wget https://s3.amazonaws.com/ns1-serverbackups/Nginx/nginx_1.10.2-1-jessie_amd64.deb

 

How to Enable Verbose in Ubuntu — 2016
Mod_pagespeed with Apache on Ubuntu — 2016

Mod_pagespeed with Apache on Ubuntu

Speed Up the Web with Google Page Speed = Apache2

If you’re on a 64-bit version (likely)…

 

wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_amd64.deb

If you’re on a 32-bit version (less likely)…

wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_i386.deb
sudo dpkg -i mod-pagespeed-*.deb apt-get -f install

Remove the downloaded package

rm mod-pagespeed-*.deb
service apache2 restart

Setup

The installation package handles a lot of configuration out-of-the-box. In fact, there are conservative defaults that are automatically enabled on Apache. Depending on the Apache version you’re running, you’ll get a different version of the module installed and enabled. If you’re running Apache 2.2,mod_pagespeed.so will be installed; Apache 2.4 users will use mod_pagespeed_ap24.so.

Note: mod_pagespeed only works with Apache 2.2 and greater. There is also a bug with Apache 2.4.1 that prevents it from working with that version. Apache 2.4.2 or greater should be used.

Additionally, configuration files have been added to your Apache installation. The primary configuration file is pagespeed.conf. This file is located at:

/etc/apache2/mods-available/

Configuration

nano /etc/apache2/mods-available/pagespeed.conf

Turn mod_pagespeed On/Off

First off, you can turn the module on or off with the ModPagespeed setting.

ModPagespeed on

or

ModPagespeed off

Rewrite Levels

You can specify different “levels” of settings to simplify any configuration. The default is“CoreFilters.” It contains a set of filters the Google team believes is safe for use. The filters are the individual actions that are applied to a file. In general, you won’t need to change this value. It’s easier to use this default and then enable or disable filters using the ModPagespeedEnableFilters andModPagespeedDisableFilters directives.

The default setting:

ModPagespeedRewriteLevel CoreFilters

To disable CoreFilters use this setting:

ModPagespeedRewriteLevel PassThrough

Note: You’ll have to explicitly enable any filters you want to turn on using the “PassThrough” setting.

Using the default “CoreFilters” rewrite level includes a number of filters by default. As of the time of this writing, it includes:?

add_head
combine_css
convert_jpeg_to_progressive
convert_meta_tags
extend_cache
flatten_css_imports
inline_css
inline_import_to_link
inline_javascript
rewrite_css
rewrite_images
rewrite_javascript
rewrite_style_attributes_with_url

New filters will be added in the future. By using CoreFilters, you’ll automatically have these filters enabled if they become part of the default set whenever you update mod_pagespeed. Using PassThrough will require you to explicitly enable the new filters.

Enable Filters

If you’d like to enable additional filters, you can pass them as a comma-separated list toModPagespeedEnableFilters. You can have multiple ModPagespeedEnableFilters directives throughout your configuration files. So, if you want to enable a filter per site, you could enable it in the virtual host configuration file or in the .htaccess file instead of in the main pagespeed.conf file.

Here’s an example that enables the Pedantic filter (which adds the type attribute to script and style tags) and the Remove Comment filter (which removes all HTML comments):

ModPagespeedEnableFilters pedantic,remove_comments

Disable Filters

You can also disable filters on a per-case basis if you’d like. Specify a list of filters you’d like to disable similar to

ModPagespeedEnableFilters

The following example disables the “Convert JPEG to Progressive” filter even though it’s part of the CoreFilters set:

ModPagespeedDisableFilters convert_jpeg_to_progressive

Specify Which URLs are Rewritten

By default, mod_pagespeed rewrites everything it can. You can disable certain files (for example Javascript libraries) from being rewritten with the following directive:

ModPagespeedDisallow "*/jquery-ui-*.min.js"

This would disable rewriting of any files that match the wildcard pattern specified (jquery UI in this case).

You can also turn off the rewriting of all files by default and only enable files you want to rewrite manually. You can do this with the following settings:

ModPagespeedDisallow "*" 
ModPagespeedAllow "http://*digitalocean.com/*/styles/*.css" 
ModPagespeedAllow "http://*digitalocean.com/*.html" 
ModPagespeedDisallow "*/notrewritten.html"

The order of execution means that all files at digitalocean.com ending in .html would be rewritten. That last Disallow directive means any URLs matching that pattern would not be rewritten because it overrides the previous setting.

Restart Apache

Don’t forget if you’re using the pagespeed.conf or VirtualHost files to alter the settings, you’ll have to restart Apache for the settings to take effect. You can do this with the following commands:

 

service apache2 restart or /etc/init.d/apache2 restart

Thank you to https://www.digitalocean.com/community/tutorials/how-to-get-started-with-mod_pagespeed-with-apache-on-an-ubuntu-and-debian-cloud-server

Magento Apc and Memcached Speed up Magento — 2015

Magento Apc and Memcached Speed up Magento

I hear a lot of time that people complaints about “Magento is very slow”. In my opinion Magento is not a good solution if you are hosting it in a Shared environment, If you’ve a dedicated server then YES, use it otherwise just use baby e-commerce software available online.

This article will focus on configuring and using APC and/or Memcached.

I am sharing my local.xml file.

Look for <cache>, But before you even do any of that, you need to make sure you’ve Memcached & Apc installed and configure.

Revision Feb-15-2016

The (last) version 5.1.2 of APCu don’t support PHP5 (only PHP7) so you need to set a specific version instead of beta tag :

sudo apt-get install php-pear php5-dev make libpcre3-dev php5 memcache memcached php-pear

pecl install apcu-4.0.10 
&& echo extension=apcu.so > /usr/local/etc/php/conf.d/apcu.ini
<?xml version="1.0"?> <!-- /** * Magento * * NOTICE OF LICENSE * * This source file is subject to the Academic Free License (AFL 3.0) * that is bundled with this package in the file LICENSE_AFL.txt. * It is also available through the world-wide-web at this URL: * http://opensource.org/licenses/afl-3.0.php * If you did not receive a copy of the license and are unable to * obtain it through the world-wide-web, please send an email * to license@magento.com so we can send you a copy immediately. * * DISCLAIMER * * Do not edit or add to this file if you wish to upgrade Magento to newer * versions in the future. If you wish to customize Magento for your * needs please refer to http://www.magento.com for more information. * * @category Mage * @package Mage_Core * @copyright Copyright (c) 2006-2015 X.commerce, Inc. (http://www.magento.com) * @license http://opensource.org/licenses/afl-3.0.php Academic Free License (AFL 3.0) */ --> <config> <global> <install> <date><![CDATA[Fri, 10 Jul 2015 02:58:56 +0000]]></date> </install> <crypt> <key><![CDATA[321654]]></key> </crypt> <disable_local_modules>false</disable_local_modules> <resources> <db> <table_prefix><![CDATA[]]></table_prefix> </db> <span style="color: #ff0000;"><cache> <backend>memcached</backend> <memcached> <servers> <server> <host><![CDATA[127.0.0.1]]></host> <port><![CDATA[11211]]></port> <persistent><![CDATA[1]]></persistent> </server> </servers> <compression><![CDATA[0]]></compression> <cache_dir><![CDATA[]]></cache_dir> <hashed_directory_level><![CDATA[]]></hashed_directory_level> <hashed_directory_umask><![CDATA[]]></hashed_directory_umask> <file_name_prefix><![CDATA[]]></file_name_prefix> </memcached> </cache></span> <default_setup> <connection> <host><![CDATA[localhost]]></host> <username><![CDATA[root]]></username> <password><![CDATA[LLKDIWWW221#]]></password> <dbname><![CDATA[store]]></dbname> <initStatements><![CDATA[SET NAMES utf8]]></initStatements> <model><![CDATA[mysql4]]></model> <type><![CDATA[pdo_mysql]]></type> <pdoType><![CDATA[]]></pdoType> <active>1</active> </connection> </default_setup> </resources> <session_save><![CDATA[db]]></session_save> <span style="color: #ff0000;"><cache> <backend>memcached</backend><!-- apc / memcached / empty=file --> <memcached><!-- memcached cache backend related config --> <servers><!-- any number of server nodes can be included --> <server> <host><![CDATA[127.0.0.1]]></host> <port><![CDATA[11211]]></port> <persistent><![CDATA[1]]></persistent> </server> </servers> <compression><![CDATA[0]]></compression> <cache_dir><![CDATA[]]></cache_dir> <hashed_directory_level><![CDATA[]]></hashed_directory_level> <hashed_directory_umask><![CDATA[]]></hashed_directory_umask> <file_name_prefix><![CDATA[]]></file_name_prefix> </memcached> </cache> <cache> <backend>apc</backend> <slow_backend>database</slow_backend> <slow_backend_store_data>0</slow_backend_store_data> <auto_refresh_fast_cache>0</auto_refresh_fast_cache> <prefix>TTDINC_</prefix> </cache></span> </global> <admin> <routers> <adminhtml> <args> <frontName><![CDATA[admin]]></frontName> </args> </adminhtml> </routers> </admin> </config>

In my ubuntu environment my apcu.ini is located at

/etc/php5/mods-available/apcu.ini

xtension=apc.so
extension=apcu.so
apc.enabled=1
apc.shm_size=512M
apc.num_files_hint=10000
apc.user_entries_hint=10000
apc.max_file_size=5M
apc.stat=0
apc.optimization=0
apc.shm_segments=1
apc.enable_cli=1
apc.cache_by_default=1
Nginx Ubuntu Server 15.04 Precompile Pagespeed Module — 2015

Nginx Ubuntu Server 15.04 Precompile Pagespeed Module

Great news, I was able to compile Nginx with the following modules for all Ubuntu flavors listed below

nginx version: nginx/1.6.2
built by gcc 4.9.2 (Ubuntu 4.9.2-10ubuntu13)
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=root --group=root --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_secure_link_module --with-http_stub_status_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-http_spdy_module --with-cc-opt='-g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro' --add-module=/work/nginx-1.6.2/src/modules/ngx_pagespeed-release-1.9.32.1-beta --add-module=/work/nginx-1.6.2/src/modules/ModSecurity-2.8.0/nginx/modsecurity --with-ipv6

12.04
14.04 & 15.04 all flavors x64bit

Before you install run

apt-get update
apt-get install libaprutil1

Then download the following and install unzip the package.

Look for your flavor Ubuntu version and go inside the directory to install using

dpkg -i filename.deb

Click here to download Nginx

Nginx Pagespeed Modsecurity Pre-compile — 2015

Nginx Pagespeed Modsecurity Pre-compile

I’ve pre-compile nginx 1.6.2, with the following modules.

You will get Google Pagespeed, Mod_Security and all your Gzip compression modules, I’ve compile this for the Ubuntu 12.04 x64 & Ubuntu 14.04 x64.

Let’s get started.

Download precompile Nginx 1.6.2 from here

I am assuming you’ve already installed your Ubuntu OS, once that’s installed simply run the following command

apt-get update

apt-get install libaprutil1

Finally , its time to install nginx deb package.

Once you unzip the file you will see two folders one is for Ubuntu 12.04 and another one is for 14.04 both are for x64 bit system.

Now install the the package, based on your Ubuntu Os version, Please pay proper attention below in order have a perfect

nginx server.

dpkg – i filename.deb

“” That’s all folks “”

You are all set & done, verify nginx by typing

nginx -V

nginx version: nginx/1.6.2 built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1) TLS SNI support enabled configure arguments: –prefix=/etc/nginx –sbin-path=/usr/sbin/nginx –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx.pid –lock-path=/var/run/nginx.lock –http-client-body-temp-path=/var/cache/nginx/client_temp –http-proxy-temp-path=/var/cache/nginx/proxy_temp –http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp –http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp –http-scgi-temp-path=/var/cache/nginx/scgi_temp –user=root –group=root –with-http_ssl_module –with-http_realip_module –with-http_addition_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_mp4_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_random_index_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_secure_link_module –with-http_stub_status_module –with-http_secure_link_module –with-http_stub_status_module –with-http_auth_request_module –with-mail –with-mail_ssl_module –with-file-aio –with-http_spdy_module –with-cc-opt=’-g -O2 -fstack-protector –param=ssp-buffer-size=4 -Wformat -Wformat-security’ –with-ld-opt=’-Wl,-Bsymbolic-functions -Wl,-z,relro’ –add-module=/work/nginx/nginx-1.6.2/src/modules/ngx_pagespeed-release-1.9.32.1-beta –add-module=/work/nginx/nginx-1.6.2/src/modules/ModSecurity-2.8.0/nginx/modsecurity –with-ipv6

 

Block Country using Iptables — 2015

Block Country using Iptables

Block Country using Iptables

#!/bin/bash
# Purpose: Block all traffic from AFGHANISTAN (af) and CHINA (CN). Use ISO code. #
# See url for more info - http://www.cyberciti.biz/faq/?p=3402
# Author: nixCraft <www.cyberciti.biz> under GPL v.2.0+
# -------------------------------------------------------------------------------
ISO="af cn"
 
### Set PATH ###
IPT=/sbin/iptables
WGET=/usr/bin/wget
EGREP=/bin/egrep
 
### No editing below ###
SPAMLIST="countrydrop"
ZONEROOT="/root/iptables"
DLROOT="http://www.ipdeny.com/ipblocks/data/countries"
 
cleanOldRules(){
$IPT -F
$IPT -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -t mangle -F
$IPT -t mangle -X
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
}
 
# create a dir
[ ! -d $ZONEROOT ] && /bin/mkdir -p $ZONEROOT
 
# clean old rules
cleanOldRules
 
# create a new iptables list
$IPT -N $SPAMLIST
 
for c  in $ISO
do
	# local zone file
	tDB=$ZONEROOT/$c.zone
 
	# get fresh zone file
	$WGET -O $tDB $DLROOT/$c.zone
 
	# country specific log message
	SPAMDROPMSG="$c Country Drop"
 
	# get 
	BADIPS=$(egrep -v "^#|^$" $tDB)
	for ipblock in $BADIPS
	do
	   $IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG"
	   $IPT -A $SPAMLIST -s $ipblock -j DROP
	done
done
 
# Drop everything 
$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST
 
# call your other iptable script
# /path/to/other/iptables.sh
 
exit



Setup Crontab to run weekly I've setup to run every sat.
* * * * 6 /root/block.sh


To make sure your settings are saved on every reboot, install iptables-persistent by using

sudo apt-get install iptables-persistent

During the installation, you will be asked if you want to save the iptable rules to both the IPv4 rules and the IPv6 rules. Say yes to both.

Your rules will then be saved in /etc/iptables/rules.v4 and /etc/iptables/rules.v6.

Once the installation is complete, start iptables-persistent running:

sudo service iptables-persistent start
How to setup a Webserver *Nginx w/Percona — 2015

How to setup a Webserver *Nginx w/Percona

Today, I will share how to setup a Nginx Webserver allowing you to create dynamic web applications with Nginx, PHP5 and MySQL, Please make sure that you’ve a fresh Ubuntu Server with just OpenSSH Server installed.

This tutorial will work on any Ubuntu Flavor.

Step 1

apt-get update -y

Step 2

apt-get install memcached php5-cli php5-fpm php5-mysql php5-curl php5-gd php5-imagick php5-mcrypt php5-memcached php5-imap python-software-properties software-properties-common -y

That’s it – now you have to install Nginx with Google Page speed by following this tutorial, You can install Percona DB using this tutorial