New Linux Server Checklist (2014 Edition)

These are some of the basic things I do when I setup a new server

 

Setup DirectAdmin with an SSL certificate

source: http://help.directadmin.com/item.php?id=15

If you don't own a certificate, you can create your own:

/usr/bin/openssl req -x509 -newkey rsa:2048 -keyout /usr/local/directadmin/conf/cakey.pem -out /usr/local/directadmin/conf/cacert.pem -days 9000 -nodes
chown diradmin:diradmin /usr/local/directadmin/conf/cakey.pem
chmod 400 /usr/local/directadmin/conf/cakey.pem

Magento upgrade from 1.4, 1.5, 1.6, 1.7, or 1.8 to 1.9

NOTE: this upgrade process works the same way for Magento version 1.4, 1.5, 1.6, 1.7, 1.8, and 1.9

As many magento users will know, Magento is no fun to work with-- mainly due to poor community support (the developers help paying customers; i.e. Magento Enterprise ... Only payed support there... Great for business but bad for the average or beginning user...)

Anyhow...

So here's how we do it.

MAKE A BACKUP!

You can skip this step all together, however, please make a backup of everything prior to beginning the upgrade.

Create a test environment somewhere on your server (preferably away from your production installation)

XBMC Confluence Flat Skin (MOD) - Modern / Flat design

Alright... Kinda off topic.

XBMC is my favorite media center, and the default skin Confluence is pretty dated--i.e. the icons/interface haven't been updated in forever.

I did try other skins, but mouse support wasn't anywhere near as good as the default skin Confluence--I use a logitech touch mouse and no keyboard.

Anyhow...

Categories: 

Increase Limit of Drupal Views Exposed Group Filters sort order

My original post: Exposed filters group: increase weight sort count (#delta)

This still hasn't been fixed at the time of this writing. So here we go...

Sort breaks, and does unpredictable sorting, if you use more than 20 options. E.g. say you have have an exposed grouped filter with a price drop down of more than 20 options, sorting will not work after 20 items, it will always spit out a different order than what you specify.

The fix

Edit the following Views module file:

sites/all/modules/views/handlers/views_handler_filter.inc

Look for this:

Categories: 

Optimized Apache 2.4 httpd.conf

Here is my optimized Apache 2.4.x httpd.conf:

Credits: gregrickaby/The-Perfect-Apache-Configuration: https://github.com/gregrickaby/The-Perfect-Apache-Configuration

NOTICE: Adjusted the <ifmodule filter_module=""> portion, to be compatible with Apache 2.4.

Before:

FilterProvider  COMPRESS  DEFLATE resp=Content-Type $text/html

After:

Speed up and secure Apache SSL encryption.

By default apache loads a bunch of encryption protocols. Most of which either are insecure and/or slow.

The location of these settings are based on DirectAdmin's Apache 2.4.x, however, you should easily be able to locate them in your apache .conf files.

vi /etc/httpd/conf/extra/httpd-ssl.conf

Set Apache to only use the fastest and best encryption algorithms.

Now comment out the default SSL settings and add new ones as shown below:

DirectAdmin blacklisted and whitelisted IP

Recently my IP address was blacklisted by directadmin on my own server.  Here's a how-to that may save you time, in case you're unable to login to DirectAdmin.

Start DirectAdmin in debug mode

cd /usr/local/directadmin
killall -9 directadmin
./directadmin b2000

Now try to log into directadmin. You should see the reason why you are unable to. For me it was "Blocking blacklisted IP xxx.xx.xxx.xxx"

How to install Apache Solr 4.6 with Apache Tomcat 7, for use with Drupal

Here's the 2014 version on how-to install Apache Solr 4.6, alongside Apache Tomcat 7, to help out with things like Drupal faceted search.

Ok... let's do this.

Install Java 1.7

yum install java-1.7.0-openjdk
# or
aptitude install java7-jdk



Done--that was quick.

Install Tomcat 7

Get the latest version of Tomcat here:


http://tomcat.apache.org/download-70.cgi

How to install a new drive in Linux larger than 2TB with proper alignment

Let's assume that we already have a primary physical drive in our system (HDD or SDD), and have added a second drive to our box, which we need to partition and mount automatically on boot.

Here's how to that:

Let's see what physical drives we have installed in our server:

ls /dev/sd*

Since this is our 2nd drive, you should see /dev/sdb.

Example:

How to fix Linux error "read-only file system"

Recently our /etc/fstab got screwed up preventing us from SSH-ing into the server after a reboot. So we were given KVM access to our server.

Once seting up Java to allow unsigned certificates--hint: under the Java Control Panel click the "Security" tab, and slide the "security level" to the bottom "Medium" . We were then greated with a message:

'give root password for maintenance or press ctrl+d to continue"

Come to find out CTRL-C and CTRL-V doesn't work, you have to type the pass by hand--this was very tedious since my root pass is extremely complex.

So once in I soon realized that the system was mounted as "read-only"; meaning that you couldn't make any changes to it; or in other words, completely useless at this state.

How to install CSF (ConfigServer Security & Firewall) with DirectAdmin

cd /usr/local/src
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Now login as Admin into directadmin, and click the link at the bottom left ConfigServer Firewall&Security

You'll probably want to add your WAN IP here--you can find out what it is here: http://www.ip-secrets.com/

Then add your WAN IP into Quick Allow column.

DirectAdmin how to set an external email server for Domain Pointers

If you ever created domain pointers in DirectAdmin, you may have wondered how to set the domain pointer NOT to process email locally.

For instance say you have PRIMARYDOMAIN.com as the main domain under your DirectAdmin account--and it is set NOT to process emails locally, but rather have an external email server handle that; Under MX Records you un-checked "Use this server to handle my emails. If not, change the MX record and uncheck this option". So now you decided to create a "domain pointer" under that same account for another domain SECONDARYDOMAIN.com ... You set the proper MX records for this domain pointer under DNS settings, pointing to the external mail server, and think you're all good to go...

How to install an Apple Thunderbolt Display on a NON-Apple Thunderbolt PC with brightness control support

So... A couple of years ago I purchased a Thunderbolt capable motherboard  (Gigabyte GA-z77X-UP5), and an Apple's 27-in Thunderbolt Display--rather than it's (now-discontinued) Apple LED Cinema display--to go along with my Apple iMac 2010 (as a dual-display setup) which I was primarily using as an LED monitor for my Windows 7/8 PC.  Boy was that a mistake... LOL . Thunderbolt support on non-Apple computers was TERRIBLE back then. Maybe it still is terrible still, but I got some good news after all this time. More after the break.

How to specify where root email goes

Your server sends out a lot of email to user root. For example, CSF (ConfigServer Security & Firewall) sends out most security notifications to root.

So, this is how we specify what email address root emails go to:

vi /etc/aliases

Scroll to the bottom,  and add or replace  existing:

root: YOUR@EMAIL.COM

Save and exit, then reload the aliases:

newaliases

Another option is to create a ~/.forward file and put your email address in it.

How to prevent accidentally doing "rm -rf /" | How to Install safe-rm

As a server administrator, I rely mostly on root or sudo access--allowing me absolute control of the server. However, "with great power, comes great responsibility!"

You can easily accidentally do this devastatingly bad command of wiping your entire system clean.

rm -rf /
# or
rm -rf /*

Which looks almost identical to the popular command

How to fix iTunes not recognizing iPhone or iPad on Windows 8 or Windows 7

I recently ran into this problem of iTunes NOT seeing my iPhone or iPad, even though Windows 8 recognized it with no problem.

Well, come to find out, somehow the "Apple Mobile Device USB Driver" drivers got uninstalled and only Microsoft Windows 8 drivers "Portable Devices" MTP USB Device driver existed.

How to upgrade coreutils to latest version (from source)

Say you're on CentOS 5.x, and want to pimp out your bash prompt using the pretty awesome Solarized color scheme. Well, there's a nice .bashrc Solarized setup here: https://github.com/seebi/dircolors-solarized. To use all the features of dircolors.256dark version, you'll need GNU coreutils 8.5 or higher, otherwise you'll get errors like this:

Notepad++ : How to enable syntax highlighting for PHP, HTML, CSS, etc

I found an interesting discovery with Notepad++ where PHP, HTML, CSS, etc language syntax highlighting didn't appear in the language menu. Not sure if this is the result of the way an older version set the settings--whereas, even if you upgraded to latest version (without uninstalling first), the upgrades wouldn't overwrite the original settings file. I think this was disabled at the time of install when it asks if you want it to be your default for HTML files; where I normally UNselect this, since I use a PHP IDE to handle PHP, HTML, CSS, etc files.

Anyway... The fix:

How to create an additional domain and use it as a domain pointers in DirectAdmin

Domain Pointers are designed to be exact duplicates of the domain they're created under. As such, you cannot edit many aspects of them.

However, if you wish to have the website data remain the same as the main domain, but be able to control email accounts, you can do it by creating the pointer as another full domain name, and then use symbolic links to link the website data to that of the main domain.

1) If the Domain Pointer exists, delete it.

2) Create the Domain Pointer as a full domain:
- User Level -> Domain Setup -> Add Another Domain -> domain=domainpointer.com

3) Link the data directory that of the main domain, requires ssh:

Update CentOS / DirectAdmin Server with custombuild 2.0

Here is how to use latest version of custombuild 2.0 . The commands for custombuild 2.0 are basically identical to custombuild 1.1 and 1.2, so all this stuff should look familiar. Here are instructions to custombuild 1.x.

Update server via custombuild

Download latest version of custombuild 2.0

Enable Zend OPcache for PHP 5.5 or Install ZendOpcache for PHP 5.3 or PHP 5.4

Zend Opcache is part of PHP 5.5, however, it's not enabled by default. It's a successor to APC cache--meaning APC cache is never going to be compatible with PHP 5.5 or higher

Opcache is also around 10% faster than APC, and more stable.

However, if you're on PHP 5.3 or PHP 5.4, you can still use ZendOpCache, and it should still be a bit faster than APC

Enable OpCache (part of with PHP 5.5)

vi /usr/local/lib/php.ini

Paste this under your extension_dir

wget download all files from a directory with resume

Here is how you download all files from a directory using wget with automatic resume of partially downloaded files (in case your connection gets cut off)

wget -r -c --no-parent http://www.whateveraddress.com/downloads

Keep in mind this will only download files that it can read from that location.  If you need to wget a bunch of files from a directory you have SSH or FTP access to you first have to do the following inside that directory:

vi .htaccess

and paste in the following and save.

Categories: