auto renew letsencrypt ssl apache on linux

For auto renew SSL certificate I added following code in crontab.

0 0 */10 * * certbot renew >> /logs/certbot-cron.log 2>&1

Log of certbot renew command.

[root@vps147238 ep]# certbot renew

Saving debug log to /var/log/letsencrypt/letsencrypt.log Processing /etc/letsencrypt/renewal/purabtech.com.conf - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Cert not yet due for renewal - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The following certificates are not due for renewal yet: /etc/letsencrypt/live/purabtech.com/fullchain.pem expires on 2022-01-17 (skipped) (skipped) No renewals were attempted.

Open 443 and 80 port on linux VM

If your apache or Nginx or tomcat server is configured properly still your site is not opening then check firewall and port is opened on the internet.

Check the status of your firewall. use this command

firewall-cmd --state

running

Check which zones are active

[root@vps147238 purab]# firewall-cmd –get-active-zones
public
interfaces: eth0

Open port 80 and port 443 port.

firewall-cmd –zone=public --add-service=http

firewall-cmd --zone=public --add-service=https

firewall-cmd --zone=public --permanent --add-service=http

firewall-cmd --zone=public --permanent --add-service=https

firewall-cmd --reload

Now check port 80 and 443 opened

firewall-cmd --list-all

public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh https
ports: 80/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

Solved: letsencrypt certbot KeyError: ‘Directory field not found’

While running certbot command I got following error:

[root@vps147238 letsencrypt]# certbot --apache certonly --cert-name purabtech.com -d purabtech.in
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): purab@test.in
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
An unexpected error occurred:
KeyError: 'Directory field not found'
Please see the logfiles in /var/log/letsencrypt for more details.

I am using centos 7.

Solution for this is run following command:

yum install python-certbot-apache -t stretch-backports

It solved my issue.

[root@vps147238 letsencrypt]# certbot --apache certonly --cert-name purabtech.com -d purabtech.in
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Requesting a certificate for purabtech.in
Performing the following challenges:
http-01 challenge for purabtech.in
Waiting for verification…
Cleaning up challenges

create self signed certificate for website and use in linux

Within in 5 minutes you can can create self signed certificate on linux machine. First you need to open console and execute following command. Before executing following command first check openssl utility is installed on your linux machine.

# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mysitename.key -out mysitename.crt

Then open your apache configuration file and put following code in that file.

NameVirtualHost *:443

#purabtech.in

  ServerAdmin purabtech@gmail.com
  DocumentRoot /home/purab/public_html/purabtech.in/
  ServerName purabtech.in

  <Directory "/home/purab/public_html/purabtech.in/">
    Order Deny,Allow
    Allow from all
    AllowOverride All
  

  ErrorLog logs/purabtech.in-error_log
  CustomLog logs/purabtech.in-access_log combined
  RewriteLog logs/purabtech.in-rewrite_log

  SSLEngine on
  SSLCertificateFile /home/purab/projects/purabtech.in/self-sign/mysitename.crt
  SSLCertificateKeyFile /home/purab/projects/purabtech.in/self-sign/mysitename.key
  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
  CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

Additional:
For gettting pem certificate from ssl cert.
openssl x509 -in mysitename.crt -out mysitename.pem -outform PEM

delete some days old files and folder linux command

Linux systems are always used as server. Many times we need to cleanup the server. I found nice solution for deleting older files and folders from server without any issue.

For deleting files or folder you can use following command:

rm -rf `find /home/purab/* -type d -mtime +90`

Above command will find all files and folders which are created 90 days ago and delete those folders and files.

Before running above command be careful about directory path. please directory path. rm -rf command is always dangerous.

Above We used find command for searching all files in folder.

-mtime is used to calculate time.

If you want to keep only 5 latest folders on server than you can use following command.

ls -dt /home/purab/*/ | tail -n +6 | xargs rm -rf

Above command has three parts.

upgrade to mysql 5.7 in linux from old mysql version

In this tutorial we will show steps to upgrade to mysql 5.7 in linux. We have many server which are running on old mysql versions. What we want to do is, without loosing any data we want to upgrade mysql version.

We are using centos 6 as linux system for our servers. Following commands can be used for any linux os like fedora, debian, centos and redhat.

upgrade to mysql 5.7 in linux

First execute following command.
rpm -qa | grep mysql
Make a note of result. It will show you list of mysql programs which are installed on your system. In case of any issue this list will be with you.

Note: Before upgrading mysql version don’t forget to take mysql database backup of all databases.

Now download latest repository from mysql community server.
Go here and download repo https://dev.mysql.com/downloads/repo/yum/

Look for Red Hat Enterprise Linux 6 / Oracle Linux 6 (Architecture Independent), RPM Package
(mysql57-community-release-el6-7.noarch.rpm) You need to download this rpm.

Using following command you can install mysql 5.7 community repository.
rpm -Uvh mysql57-community-release-el6-7.noarch.rpm

After that stop mysql server using following command.
/etc/init.d/mysqld stop

After that update mysql community server on linux box. use following command.
yum update mysql-community-server

After that install or update following mysql 5.7 dependencies using following command
yum install gcc-c++ gperf uuid-devel libuuid libuuid-devel uuid boost-devel libevent libevent-devel

Install one another dependency of mysql server.
yum install mysql-community-libs-compat

Now your mysql server is updated to 5.7 version. First thing you need to do is check my.cnf file which is mysql configuration file. If my.cnf file is got replaced than put your old file and start mysql server using following command.
/etc/init.d/mysqld start

if mysql server is not starting than you need to start mysql server in safe mode using bellow command.

I faced many issues while mysql upgrade following is one of them. you can check mysql errrors in /var/log/mysqld.log file. I found following error.

InnoDB: pthread_create returned 11

I solved above issue by changing increase the stack size. I executed following command. which solved my issue.

ulimit -s 8192

mysqld_safe --skip-grant-tables &

Now it is time to upgrade your database to mysql 5.7 version. login to your mysql using root password.
mysql -u root -p

For upgrading your database use bellow command.
mysql_upgrade -u root -p --force

Congratulations! you successfully upgraded mysql version to 5.7 version.

Permission denied /home/.htaccess pcfg_openfile unable to check htaccess file

While migrating my server data to anther server, Permission denied /home/.htaccess pcfg_openfile unable, I got this error. while restarting apache server I got following error.

[Mon Apr 25 12:15:41 2016] [crit] [client 115.117.45.10] (13)Permission denied: /home/purab/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Background, I am using centos (Linux) for hosting my sites and I am using user defined directory and apache 2.4 version for server.

I was not using .htaccess file in that location, still I was getting this error. Easy solution will be disable .htaccess setting httpd.conf file If we are planning not to use the htaccess file in our project. I found many solutions but that didn’t solved my issue. above issue is specific to file permission.

Permission denied /home/.htaccess pcfg_openfile unable

If it isn’t obvious that .htaccess cannot be read by the server (either 0755 or .htacess and the rest of the tree is in www-data group), search for a higher directory root only onwer:group which does *not* have world execute access.
In order for apache to find a file, it has to search down the tree. It cannot do this if a directory which is root:root does not have global execute access.

I executed following command to change ownership of public_html folder.

chown apache -R /home/purab
usermod -a -G /home/purab apache

After this I restarted my apache server using following command.

/etc/init.d/httpd restart

Using above command, it solved my issue. But purab user cannot edit the files in purab folder. So I used setfacl command.

What is setfacl command?

This utility sets Access Control Lists (ACLs) of files and directories. On the command line, a sequence of commands is followed by a sequence of files (which in turn can be followed by another sequence of commands, …).

The options -m, and -x expect an ACL on the command line. Multiple ACL entries are separated by comma characters (‘,’). The options -M, and -X read an ACL from a file or from standard input. The ACL entry format is described in Section ACL ENTRIES.

Finally I executed following command which solved my issue.

chown purab: /home/purab -R
setfacl -R -m apache:rwx /home/purab

Using above command I kept purab directory permission to purab user again so purab user has all permission of directory. Using setfacl command I given permission to apache user for read, write and execute permission. It worked for me and solved my issue.

Install skpye 4.3 on Lunix

Skepe is Open source application for calling over internet. In this article we will guide you to Install skpye 4.3 on Lunix.

Skype calls & messages are completely FREE. Skype to Landlines and mobile phones low calling rate compare with mobile phones due to this skype is really popular among the internet user and corporate offices.

Skype announced new release of Skype 4.3 for Linux on June 18th 2014. It can be installed on any windows, linux, mac OS. Skype is acquired by Microsoft Corporation now and they are doing new development for skype application.

New 4.3 skype has following features:

  • An updated UI
  • Our new cloud-based Group Chat experience
  • More reliable file transfer support when using multiple devices at once
  • Greater accessibility by blind and visually impaired users
  • PulseAudio 3.0 and 4.0 support
  • Lot of bug fixes

Install skpye 4.3 on Lunix

Install Required Repositories

# For CentOS, RHEL, SL & Fedora 21 & other linux Systems #
# yum install qtwebkit

Following list of packages should be install on your OS.

# Install the necessary packages #
# yum install alsa-lib libXv libXScrnSaver gtk2-engines PackageKit-gtk-module libcanberra libcanberra-gtk2

# Install the necessary audio packages #
# yum install pulseaudio-libs alsa-plugins-pulseaudio<

# Install the necessary video package #
# yum install libv4l

Download skype ZIP file

Use the below command to download the skype 4.3 archive file.

# wget http://download.skype.com/linux/skype-4.3.0.37.tar.bz2
# tar -jxvf skype-4.3.0.37.tar.bz2

Create Launcher

For accessing the installed software on your system globally, you need to create the launcher file to /usr/bin/skyp and give executable permission then add the below script in that file. Save + Exit.

# touch /usr/bin/skype
# chmod 755 /usr/bin/skype

# Add Launcher script #
# nano /usr/bin/skype

#!/bin/sh
export SKYPE_HOME="/opt/skype-4.3.0.37"
$SKYPE_HOME/skype --resources=$SKYPE_HOME $*

We need to create below list of Symbolic Links.

# ln -s /opt/skype-4.3.0.37/icons/SkypeBlue_48x48.png /usr/share/icons/skype.png
# ln -s /opt/skype-4.3.0.37/icons/SkypeBlue_48x48.png /usr/share/pixmaps/skype.png
# ln -s /opt/skype-4.3.0.37/skype.desktop /usr/share/applications/skype.desktop
# ln -s /opt/skype-4.3.0.37/sounds/ /usr/share/sounds/
# ln -s /opt/skype-4.3.0.37/lang/ /usr/share/lang/

Use the below command to launch the skype from command line.

# skype

Congratulations, you installed skype 4.3 version to your linux OS. Now we can start using skype on our linux systems.

install apache 2.4, php 5.5 and mysql on centos 6/7

In the article we will tell you to install apache 2.4, php 5.5 and mysql on centos 6/7 with this we will guide you about installing phpmyadmin and related php and mysql modules.

LMAP is becoming more and more popular these days. People are using more vps and dedicated servers for their sites and applications. PHP backend is became more popular so here in this post we will tell you about installation on linux system’s.

Here I am using centos 6 for installation. From sept 2015 php 5.4 is no longer supported by PHP team so people are trying to install PHP 5.5+ version for good security and performance purpose on their linux servers.

install apache 2.4, php 5.5 and mysql on centos 6/7

Install Remi Repository

Remi is a repository where you can find the latest versions of the PHP  in this repository we can find latest programs and dependencies.

# yum update && yum install epel-release
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

Enable Remi Repository

Open following remi.repo file and change enabled=0 to 1 for php55 tag. Here we want to install PHP 5.5 version on centos machine.

# vim /etc/yum.repos.d/remi.repo

After opening this file just edit this file and change enabled flag to 1 for php55 section
[remi]
name=Remi's RPM repository for Enterprise Linux 6 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/6/remi/$basearch/
mirrorlist=http://rpms.remirepo.net/enterprise/6/remi/mirror
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi

[remi-php55]
name=Remi's PHP 5.5 RPM repository for Enterprise Linux 6 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/6/php55/$basearch/
mirrorlist=http://rpms.remirepo.net/enterprise/6/php55/mirror
# NOTICE: common dependencies are in "remi-safe"
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
 

Afer enabling remi repository. Now it is time to install PHP and apche and mysql

# yum --enablerepo=remi install httpd mysql mysql-server php php-common mod_php phpmyadmin

Step 4: Installing PHP Modules

Do not forget to accept installation and type Y when you asked while installation.     After installation run following command which will be useful while rebooting server(linux). After rebooting server following service will automatically started.   —— Enable Apache and MySQL on Boot ——

# chkconfig --levels 235 httpd on
# chkconfig --levels 235 mysqld on

—— Start Apache and MySQL ——

# /etc/init.d/httpd start
# /etc/init.d/mysqld start

Verify PHP 5.5

Go to /var/www/html directoy and create file called phpinfo.php using following command.

#vi phpinfo.php

put following code in that file.

<?php echo phpinfo(); ?>

Execute php.info file on your web browser

You can check your installation on command prompt also. For checking php modules use following command.

#Php -m

above command will list all php modules which are installed on your centos machine

Congratulations! Just now you completed your php 5.5, apache and mysql installation on your linux box.

 

Install drush on CentOS using command line with simple steps

Drush is great native application for development of drupal project. I really like to use this tool in every project. There are some good steps to install drush on Linux or windows environment. I recently installed drush on my centos machine. Here are those steps:

Commands has been highlighted in blue color.

[root@ap107 purab]# wget http://files.drush.org/drush.phar
–2016-04-21 11:50:43–  http://files.drush.org/drush.phar
Resolving files.drush.org… 54.231.81.40
Connecting to files.drush.org|54.231.81.40|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 5264426 (5.0M) [application/octet-stream]
Saving to: “drush.phar”

100%[===========================================================================================================================================================>] 5,264,426    221K/s   in 65s

2016-04-21 11:51:50 (78.5 KB/s) – “drush.phar” saved [5264426/5264426]

[root@ap107 purab]# php drush.phar core-status
PHP configuration      :  /etc/php.ini
PHP OS                 :  Linux
Drush script           :  /home/purab/drush.phar
Drush version          :  8.0.5
Drush temp directory   :  /tmp
Drush configuration    :
Drush alias files      :

[root@ap107 purab]# chmod +x drush.phar

[root@ap107 purab]# mv /usr/local/bin/drush /usr/bin/drush
[root@ap107 purab]# drush init
Copied example Drush configuration file to /root/.drush/drushrc.php                                                                                                                       [ok]
Copied example Drush bash configuration file to /root/.drush/drush.bashrc                                                                                                                 [ok]
Copied Drush completion file to /root/.drush/drush.complete.sh                                                                                                                            [ok]
Copied example Drush prompt file to /root/.drush/drush.prompt.sh                                                                                                                          [ok]
# Include Drush bash customizations.
if [ -f “/root/.drush/drush.bashrc” ] ; then
source /root/.drush/drush.bashrc
fi

# Include Drush completion.
if [ -f “/root/.drush/drush.complete.sh” ] ; then
source /root/.drush/drush.complete.sh
fi

# Include Drush prompt customizations.
if [ -f “/root/.drush/drush.prompt.sh” ] ; then
source /root/.drush/drush.prompt.sh
fi

Append the above code to /root/.bashrc? (y/n): y
Updated bash configuration file /root/.bashrc                                                                                                                                             [ok]
Start a new shell in order to experience the improvements (e.g. `bash`).                                                                                                                  [ok]
[root@ap107 purab]# drush