Sohaib's Tech Blog

Something for every one

Nginx Pagespeed Modsecurity Pre-compile — 2015

Nginx Pagespeed Modsecurity Pre-compile

I’ve pre-compile nginx 1.6.2, with the following modules.

You will get Google Pagespeed, Mod_Security and all your Gzip compression modules, I’ve compile this for the Ubuntu 12.04 x64 & Ubuntu 14.04 x64.

Let’s get started.

Download precompile Nginx 1.6.2 from here

I am assuming you’ve already installed your Ubuntu OS, once that’s installed simply run the following command

apt-get update

apt-get install libaprutil1

Finally , its time to install nginx deb package.

Once you unzip the file you will see two folders one is for Ubuntu 12.04 and another one is for 14.04 both are for x64 bit system.

Now install the the package, based on your Ubuntu Os version, Please pay proper attention below in order have a perfect

nginx server.

dpkg – i filename.deb

“” That’s all folks “”

You are all set & done, verify nginx by typing

nginx -V

nginx version: nginx/1.6.2 built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1) TLS SNI support enabled configure arguments: –prefix=/etc/nginx –sbin-path=/usr/sbin/nginx –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx.pid –lock-path=/var/run/nginx.lock –http-client-body-temp-path=/var/cache/nginx/client_temp –http-proxy-temp-path=/var/cache/nginx/proxy_temp –http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp –http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp –http-scgi-temp-path=/var/cache/nginx/scgi_temp –user=root –group=root –with-http_ssl_module –with-http_realip_module –with-http_addition_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_mp4_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_random_index_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_secure_link_module –with-http_stub_status_module –with-http_secure_link_module –with-http_stub_status_module –with-http_auth_request_module –with-mail –with-mail_ssl_module –with-file-aio –with-http_spdy_module –with-cc-opt=’-g -O2 -fstack-protector –param=ssp-buffer-size=4 -Wformat -Wformat-security’ –with-ld-opt=’-Wl,-Bsymbolic-functions -Wl,-z,relro’ –add-module=/work/nginx/nginx-1.6.2/src/modules/ngx_pagespeed-release-1.9.32.1-beta –add-module=/work/nginx/nginx-1.6.2/src/modules/ModSecurity-2.8.0/nginx/modsecurity –with-ipv6

 

Advertisements
Block Country using Iptables — 2015

Block Country using Iptables

Block Country using Iptables

#!/bin/bash
# Purpose: Block all traffic from AFGHANISTAN (af) and CHINA (CN). Use ISO code. #
# See url for more info - http://www.cyberciti.biz/faq/?p=3402
# Author: nixCraft <www.cyberciti.biz> under GPL v.2.0+
# -------------------------------------------------------------------------------
ISO="af cn"
 
### Set PATH ###
IPT=/sbin/iptables
WGET=/usr/bin/wget
EGREP=/bin/egrep
 
### No editing below ###
SPAMLIST="countrydrop"
ZONEROOT="/root/iptables"
DLROOT="http://www.ipdeny.com/ipblocks/data/countries"
 
cleanOldRules(){
$IPT -F
$IPT -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -t mangle -F
$IPT -t mangle -X
$IPT -P INPUT ACCEPT
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD ACCEPT
}
 
# create a dir
[ ! -d $ZONEROOT ] && /bin/mkdir -p $ZONEROOT
 
# clean old rules
cleanOldRules
 
# create a new iptables list
$IPT -N $SPAMLIST
 
for c  in $ISO
do
	# local zone file
	tDB=$ZONEROOT/$c.zone
 
	# get fresh zone file
	$WGET -O $tDB $DLROOT/$c.zone
 
	# country specific log message
	SPAMDROPMSG="$c Country Drop"
 
	# get 
	BADIPS=$(egrep -v "^#|^$" $tDB)
	for ipblock in $BADIPS
	do
	   $IPT -A $SPAMLIST -s $ipblock -j LOG --log-prefix "$SPAMDROPMSG"
	   $IPT -A $SPAMLIST -s $ipblock -j DROP
	done
done
 
# Drop everything 
$IPT -I INPUT -j $SPAMLIST
$IPT -I OUTPUT -j $SPAMLIST
$IPT -I FORWARD -j $SPAMLIST
 
# call your other iptable script
# /path/to/other/iptables.sh
 
exit



Setup Crontab to run weekly I've setup to run every sat.
* * * * 6 /root/block.sh


To make sure your settings are saved on every reboot, install iptables-persistent by using

sudo apt-get install iptables-persistent

During the installation, you will be asked if you want to save the iptable rules to both the IPv4 rules and the IPv6 rules. Say yes to both.

Your rules will then be saved in /etc/iptables/rules.v4 and /etc/iptables/rules.v6.

Once the installation is complete, start iptables-persistent running:

sudo service iptables-persistent start
How to setup a Webserver *Nginx w/Percona — 2015

How to setup a Webserver *Nginx w/Percona

Today, I will share how to setup a Nginx Webserver allowing you to create dynamic web applications with Nginx, PHP5 and MySQL, Please make sure that you’ve a fresh Ubuntu Server with just OpenSSH Server installed.

This tutorial will work on any Ubuntu Flavor.

Step 1

apt-get update -y

Step 2

apt-get install memcached php5-cli php5-fpm php5-mysql php5-curl php5-gd php5-imagick php5-mcrypt php5-memcached php5-imap python-software-properties software-properties-common -y

That’s it – now you have to install Nginx with Google Page speed by following this tutorial, You can install Percona DB using this tutorial

 

How I got my Gtmetrix.com Score to 1.98s — 2015

How I got my Gtmetrix.com Score to 1.98s

My last project was very challenging where I was told to optimize Magento Site, Customer was using a dedicated server where I’ve to optimize not only Magento but also Optimize & Speed up the server, Took me some real time and hard work. I am happy Yayyyyy.

I don’t want to get in details as far as server configuration but I achieve 1.98s load time

Magento which was loading in 22s to 15s , I got it down to 1.98s

I’ve setup the following

APC
Memcached
Nginx with Pagespeed

If you need any assistance from me speeding up your Magento, Drop me a line, I charge flat $1,000 and trust me it takes a lot of time and effort, Oh yea client was using Amazon Cloudfront CDN but then he switch to Akamai CDN which is the TOP Dawg in CDN world I am here to assist.

So do you want to speed up your magento store ?

Optimize Mysql Percona Database for 12GB Ram Server — 2015

Optimize Mysql Percona Database for 12GB Ram Server

Step 1) Switch from MyISAM to InnoDB (e.g. XtraDB)
Step 2) /etc/mysql/my.cnf

default_storage_engine    = InnoDB
innodb_log_file_size = 128M
innodb_buffer_pool_size = 8G
innodb_file_per_table    = 1
innodb_open_files    = 400
innodb_io_capacity    = 400
innodb_flush_method    = O_DIRECT
innodb_flush_log_at_trx_commit    = 2
innodb_thread_concurrency = 8

 

These settings are optimized for 12GB RAM

Enjoy the speed of your Mysql **PERCONA

Magento Defer JavaScript — 2015

Magento Defer JavaScript

How I achieve 2.8s Load time in Magento as compare to 10s using the following

In order to have Defer Javascript, Please change the following files page.xml, my page.xml is stored at

/home/domain/public_html/app/design/frontend/base/default/layout/page.xml
<block type="page/html_head" name="head" as="head">
<action method="addJs">prototype/prototype.js<params>async</params></action>
<action method="addJs">lib/ccard.js<params>async</params></action>
<action method="addJs">prototype/validation.js<params>async</params></action>
<action method="addJs">scriptaculous/builder.js<params>async</params></action>
<action method="addJs">scriptaculous/effects.js<params>async</params></action>
<action method="addJs">scriptaculous/dragdrop.js<params>async</params></action>
<action method="addJs">scriptaculous/controls.js<params>async</params></action>
<action method="addJs">scriptaculous/slider.js<params>async</params></action>
<action method="addJs">varien/js.js<params>async</params></action>
<action method="addJs">varien/form.js<params>async</params></action>
<action method="addJs">varien/menu.js<params>async</params></action>
<action method="addJs">mage/translate.js<params>async</params></action>
<action method="addJs">mage/cookies.js<params>async</params></action>
GTmetrix
GTmetrix
WebServer with Percona Google Pagespeed — 2014

WebServer with Percona Google Pagespeed

Today : I would like to share how you setup a fast Webs Server with MYSQL .

In this tutorial you don’t really need any control panel and waste your money, like Cpanel or this and that, I am not discouraging any one but I cant stand them.

We are setting up the following
NGINX
Google Page Speed
Percona *MYSQL Database
Memcahed
PHPmyadmin

No Apache so NO MORE .htaccess file…

In my environment, I have a 15GB Server with 200GB SSD RAID 10

Oh yea, before I forget I have a Ubuntu 12.04 Precise.

Assuming you are a ROOT user.

apt-get update
apt-get install memcached php5-cli php5-fpm php5-mysql php5-curl php5-gd php5-imagick php5-mcrypt php5-memcached php5-imap

Simply and easy and you are done.

Now let’s create a user and public_html

adduser sohaib

Go to

cd /home/sohaib/

Create public_html or whatever you wanted to call your HOME directory, regarding setting up nginx configuration How to Nginx Google Pagespeed

How to Install & Setup your NGINX Webserver —
How To Install Zabbix on Ubuntu 12.04 Precise & Configure — 2014

How To Install Zabbix on Ubuntu 12.04 Precise & Configure

Hello –

Today, I am going to show how you can install zabbix monitoring tool on Ubuntu 12.04 Precise.

Edit apt source list to add the PPA:

sudo nano /etc/apt/sources.list

Add the following items at the end of the file:

# Zabbix Application PPA

deb http://ppa.launchpad.net/tbfr/zabbix/ubuntu precise main
deb-src http://ppa.launchpad.net/tbfr/zabbix/ubuntu precise main

Save and close the file.

Next, we need to add the PPA’s key so that apt-get trusts the source:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C407E17D5F76A32B

We can now install Zabbix. It will pull in the necessary LAMP dependencies as well:

sudo apt-get update
sudo apt-get install zabbix-server-mysql apache2 mysql-server php5 php5-cli php5-common php5-mysql zabbix-frontend-php

During the installation, you will be asked to choose a password for the MySQL root account. Make a selection and confirm your choice.

Configuring the Zabbix Server
Next, we will need to configure the packages we just installed.

First, we will edit the main Zabbix server configuration file. Open the file with root privileges:

sudo nano /etc/zabbix/zabbix_server.conf

Search for the following properties and set them accordingly. Some may already be set correctly, and some you may have to add. Choose a password as well:

DBName=zabbix
DBUser=zabbix
DBPassword=Your.Password.Here
Save and close the file.

MySQL Configuration
Next, we will go into the package directory and unzip the SQL files that will define our database environment:

cd /usr/share/zabbix-server-mysql/
sudo gunzip *.gz

We will import the SQL files into our database. However, we first must create the database and do some initial configuration.

Log into MySQL as the root user using the password that you set up during installation:

mysql -u root -p
First, create a user for Zabbix that matches the information we entered in the “/etc/zabbix/zabbix_server.conf” file. Make sure to use the same information:

create user ‘zabbix’@’localhost’ identified by ‘Your.Password.Here’;
Next, we will create the Zabbix database:

create database zabbix;
Give control over the new database to the new user we created:

grant all privileges on zabbix.* to ‘zabbix’@’localhost’;
The following line will implement our new permissions:

flush privileges;
We are now done with the initial MySQL configuration. Exit back to the shell:

exit;
Now that we have our database set up, we can import the files that Zabbix needs to function. Enter the password for the user “zabbix” that you configured when prompted:

mysql -u zabbix -p zabbix < schema.sql
Do the same with the images file:

mysql -u zabbix -p zabbix < images.sql
And finally, import the data file:

mysql -u zabbix -p zabbix < data.sql

PHP Configuration
We need to adjust some values for the php processing of our monitoring data. Open the php configuration file:

sudo nano /etc/php5/apache2/php.ini
Search for and adjust the following entries. If they do not exist, add them:

post_max_size = 16M
max_execution_time = 300
max_input_time = 300
date.timezone = UTC
Save and close the file.

Next, we will copy the Zabbix-specific php file into the configuration directory:

sudo cp /usr/share/doc/zabbix-frontend-php/examples/zabbix.conf.php.example /etc/zabbix/zabbix.conf.php
Open the file:

sudo nano /etc/zabbix/zabbix.conf.php
Edit the following values. Use the same info as when you set up the database earlier:

$DB['DATABASE'] = 'zabbix';
$DB['USER'] = 'zabbix';
$DB['PASSWORD'] = 'Your.Password.Here'

Save and close the file.

Configuring Additional Files
There are a few more files that we need to configure.

First, we’ll move the Zabbix apache file from the package directory:

sudo cp /usr/share/doc/zabbix-frontend-php/examples/apache.conf /etc/apache2/conf.d/zabbix.conf
Ensure that the “alias” mod is enabled within Apache:

sudo a2enmod alias
Restart Apache to use the copied configuration file:

sudo service apache2 restart
Edit the Zabbix init file to ensure that it performs the correct action:

sudo nano /etc/default/zabbix-server
Go to the bottom and adjust the “START” property to read “yes”:

START=yes
Save and close the file. We can now start Zabbix:

sudo service zabbix-server start
Installing and Configuring Zabbix Agent
Next, we need to configure the agent software that reports to the Zabbix server. We will install the agent software on our server machine and an additional client machine.

Follow these steps on both machines. Adjust the commands to reflect the correct information.

First, install the agent software:

sudo apt-get update
sudo apt-get install zabbix-agent
Next, we need to update the configuration files:

sudo nano /etc/zabbix/zabbix_agentd.conf
Edit the “Server” property to reflect the IP Address of the Zabbix server. For the agent configuration on the Zabbix server, you can use “127.0.0.1”:

Server=Zabbix.Server.IP.Address
Adjust the “Hostname” property to reflect the hostname of the machine being monitored.

Hostname=Hostname_Of_Current_Machine
Save and close the file.

Restart the agent software:

sudo service zabbix-agent restart
Logging In for the First Time
In your web browser, navigate to your Zabbix server’s IP address followed by “/zabbix”:

Your.Zabbix.IP.Address/zabbix
You will be presented with a login screen. The default credentials are as follows:

Username = admin
Password = zabbix

How to Install Nginx with Google Page Speed — 2014

How to Install Nginx with Google Page Speed

Hello

Its been a long time since I last updated my blog as I was busy with so many other projects, Today I am going to show an easy way to install Nginx with Google Page speed.

I have only tested this with Ubuntu 12.04 Precise, So here it is

apt-get install python-software-properties
apt-get install software-properties-common
**OUTDATED** apt-add-repository ppa:sandyd/nginx-current-pagespeed
apt-add-repository ppa:adegtyarev/nginx-pagespeed
apt-get update
apt-get install nginx

You now have Nginx with Google Page Speed.

Test page speed by simply adding the following line

pagespeed on;
pagespeed FileCachePath /var/ngx_pagespeed_cache;

Below is my Nginx configuration


server {
#port to listen on
listen 80;

# server name
server_name http://www.sohaib.com;

# root location
root /var/www/sohaib/public_html;

# access log
access_log /var/log/nginx/sohaib.com.access.log main;

# PageSpeed
pagespeed on;

# let’s speed up PageSpeed by storing it in the super duper fast memcached
pagespeed MemcachedThreads 1;
pagespeed MemcachedServers “localhost:11211”;

# show half the users an optimized site, half the regular site
pagespeed RunExperiment on;
pagespeed AnalyticsID UA-XXXXXXXXXX-1;
pagespeed ExperimentVariable 1;
pagespeed ExperimentSpec “id=1;percent=50;level=CoreFilters;enabled=collapse_whitespace,remove_comments;”;
pagespeed ExperimentSpec “id=2;percent=50”;

# Filter settings
pagespeed RewriteLevel CoreFilters;
pagespeed EnableFilters collapse_whitespace,remove_comments;

# needs to exist and be writable by nginx
pagespeed FileCachePath /var/ngx_pagespeed_cache;

# This is a temporary workaround that ensures requests for pagespeed
# optimized resources go to the pagespeed handler.
location ~ “.pagespeed.([a-z].)?[a-z]{2}.[^.]{10}.[^.]+” { }
location ~ “^/ngx_pagespeed_static/” { }
location ~ “^/ngx_pagespeed_beacon$” { }

}

Few More Tips for Page Speed which might help optimize your site

# disable CoreFilters
pagespeed RewriteLevel PassThrough;

# enable collapse whitespace filter
pagespeed EnableFilters collapse_whitespace;

# enable JavaScript library offload
pagespeed EnableFilters canonicalize_javascript_libraries;

# combine multiple CSS files into one
pagespeed EnableFilters combine_css;

# combine multiple JavaScript files into one
pagespeed EnableFilters combine_javascript;

# remove tags with default attributes
pagespeed EnableFilters elide_attributes;

# improve resource cacheability
pagespeed EnableFilters extend_cache;

# flatten CSS files by replacing @import with the imported file
pagespeed EnableFilters flatten_css_imports;
pagespeed CssFlattenMaxBytes 5120;

# defer the loading of images which are not visible to the client
pagespeed EnableFilters lazyload_images;

# enable JavaScript minification
pagespeed EnableFilters rewrite_javascript;

# enable image optimization
pagespeed EnableFilters rewrite_images;

# pre-solve DNS lookup
pagespeed EnableFilters insert_dns_prefetch;

# rewrite CSS to load page-rendering CSS rules first.
pagespeed EnableFilters prioritize_critical_css;
}

# enable CoreFilters
pagespeed RewriteLevel CoreFilters;

# disable particular filter(s) in CoreFilters
pagespeed DisableFilters rewrite_images;

# enable additional filter(s) selectively
pagespeed EnableFilters collapse_whitespace;
pagespeed EnableFilters lazyload_images;
pagespeed EnableFilters insert_dns_prefetch;
}