Introducing Asia Hosting - 50% OFF for limited time!

Lampard

Limitless Hosting sells affordable, and quality shared hosting. It was started in 2015 by providing different kind of digital services, but now from 2016, it expanded and has started to sell Web Hosting.
Website: https://limitlesshost.net

Web Hosting price starts from $0.50/month!
Web Hosting located in:

USA
Europe
Asia

Limitless Hosting introduces new location in Asia, providing 50% OFF on all the Web Hosting Services.

Here are our Web Hosting packages:

Very Small Package

1 GB SSD
50 GB Bandwidth
1 Addon Domain
5 MySQL Databases

Price: $3/year
Order USA Hosting: https://my.limitlesshost.net/order/...ng-da/?group_id=39&pricing_id=303&coupon=XS50
Order EU Hosting: https://my.limitlesshost.net/order/...sting/?group_id=33&pricing_id=246&coupon=XS50
Order Asia Hosting: https://my.limitlesshost.net/order/...sting/?group_id=53&pricing_id=447&coupon=XS50

If coupon does not apply automatically, please use the following coupon code: XS50

Medium Package

10 GB SSD
150 GB Bandwidth
4 Addon Domains
8 MySQL Databases

Price: $15/year
Order USA Hosting: https://my.limitlesshost.net/order/...a/?group_id=39&pricing_id=309&coupon=MEDIUM50
Order EU Hosting: https://my.limitlesshost.net/order/...g/?group_id=33&pricing_id=252&coupon=MEDIUM50
Order Asia Hosting: https://my.limitlesshost.net/order/...g/?group_id=53&pricing_id=453&coupon=MEDIUM50

If coupon does not apply automatically, please use the following coupon code: MEDIUM50

Limitless Package

20 GB SSD
500 GB Bandwidth
Limitless Addon Domains
Limitless MySQL Databases

Price: $30/year
Order USA Hosting: https://my.limitlesshost.net/order/...ng-da/?group_id=39&pricing_id=315&LIMITLESS50
Order EU Hosting: https://my.limitlesshost.net/order/...group_id=33&pricing_id=258&coupon=LIMITLESS50
Order Asia Hosting: https://my.limitlesshost.net/order/...group_id=53&pricing_id=459&coupon=LIMITLESS50

If coupon does not apply automatically, please use the following coupon code: LIMITLESS50

Here are our Reseller Hosting packages:

Small Package

20 GB SSD
200 GB Bandwidth
30 DirectAdmin Accounts
DirectAdmin Control Panel

Price: $24/year
Order Now [EU]: https://my.limitlesshost.net/order/...oup_id=38&pricing_id=291&coupon=RESELLERSMALL
Order Now [USA]: https://my.limitlesshost.net/order/...oup_id=41&pricing_id=333&coupon=RESELLERSMALL
Order Now [Asia]: https://my.limitlesshost.net/order/...oup_id=54&pricing_id=462&coupon=RESELLERSMALL

If coupon does not apply automatically, please use the following coupon code: RESELLERSMALL

Large Package

60 GB SSD
1 TB Bandwidth
100 DirectAdmin Accounts
DirectAdmin Control Panel

Price: $48/year
Order Now [EU]: https://my.limitlesshost.net/order/...oup_id=38&pricing_id=297&coupon=RESELLERLARGE
Order Now [USA]: https://my.limitlesshost.net/order/...oup_id=41&pricing_id=339&coupon=RESELLERLARGE
Order Now [USA]: https://my.limitlesshost.net/order/...oup_id=54&pricing_id=468&coupon=RESELLERLARGE
If coupon does not apply automatically, please use the following coupon code: RESELLERLARGE

More information about reseller hosting: https://limitlesshost.net/reseller-hosting/

Features:

DirectAdmin Control Panel
One-Click Web Installer (Softaculous)
Live Support
CloudLinux
Location: USA, Europe, Asia
Unlimited Email Accounts
Free SSL Certificates
Unlimited CronJobs
Weekly Backups
Mod Security
Virus Scanner
Spam Assassin
Unlimited CronJobs

For more information about Shared Hosting, check this: https://limitlesshost.net/da-shared-hosting/

Payment Method:

PayPal
Credit/Debit Card
Skrill
Perfect Money

Contact us
-
Email: [email protected]
Facebook: https://www.facebook.com/limitlesshosting/
Twitter: https://twitter.com/LimitlessHosts

sagher · Posted by: sagher - 05-25-2021, 07:02 AM - Forum: VPS Support - No Replies

Hello everyone.

I like to learn about generating a Hardware Pairing key and Checksum key.
Any simple introduction of these two keys in Hex format and way to generate it ?
Here is the simple example of these keys which demanding for a program i like to be install into my VPS.

HWPAIRING KEY: 4A7478ECC5AE04B6D413795A7789DDC6DC857039FED5925119FF3A0364F961F4A7DC8398FCBF8B157D4DDAEB4F0245F7A54959AD6CE12A3F2A86B98D7708B058

CHECKSUM: A06D39534FDCE7D561CB3B29108B4E56

These dummy keys is just for a format and i like to know about purpose of these keys because during installation i got a error message at the end that these keys are not matching with existing hardware.

Help me if anyone know about it. how to generate a valid HW keys for my VPS. or hardware machine.

Thankyou.

sAmI

Hello there,
I have some questions for you today regarding Changes in your lifestyle due to COVID-19!
The thread is basically is for some research and some general information since there are different people here from different countries!

I have some question for you:

Q1 : What Measures do you take to fight against COVID-19 to keep yourself or your family safe?
Q2: Do you regularly follow SOPS(standard operating procedure)

So, Basically i have observed many changes in my habits due to COVID-19

I automatically now avoid Physical Contact (Hugging, Handshakes) even though sometimes people make fun of it that im scared of COVID (ofc i am).
Washing hands like 25-40 times depending on how many times i open the door or touch any appliances or anything has become my habit for many months due to COVID
Using n-95 masks or good surgical masks all the time while going outside for grocery and all.

I would like to know your changes in Habits or anything
Feel free to share!

Thanks!

Decent12

Hello guys,
I am really wondering about Realme and Xiaomi and about their mobiles quality since i never bought a phone from these companies due to my doubts but i had a phone from huawei and it was awesome but Realme and Xiaomi prices are really cheap compared to huawei and Samsung and thats what making me doubtfull about them after looking their specifications and raises some questions in my mind.

1) Xiaomi and Realme phones lifetime is much lesser than samsung phones and starts hanging after a year or so?
2)Xiaomi and Realme phones are more prone to security threats compared to samsung and huawei?

LightDestory · Posted by: LightDestory - 05-23-2021, 11:58 AM - Forum: Tutorials - Replies (11)

I didn't plan to post this guide because it wasn't intend to. But since @deanhills splitted the post... here we go

So, on @Mashiro topic about setting up a WP from scratch I wrote a simple command-list to create a container... Why? I think that nowadays it is important to isolate any application because there could be any CVE that can hurt our precious VPS!

BEWARE: CONTAINERS ARE NOT A SECURITY TOOLS. YOU MUST SECURE YOURSELF CONFIGURING A STRONG PROTECTION AGAIN ATTACKS

So, why create a container?
Let's imagine that we were running a Laravel WebApplication and someone used the latest known CVE to inject on our machine a cryptominer know as kdevtmpfsi . The cryptominer is a cron-job script that check if the miner process is running, if not it will download the binaries and run it. If you kill it... it will just respawn.

To get rid of the cryptominer you must FIND the faulty cronjob and delete it. Then you can hope that by deleting the binaries it will not respawn. I got a personal experience with such miner and it was a pain. My friend application was running on barehardware and the miner got injected into the main system...

If the application were running inside a container the solution could be very fast: just destroy and recreate the container! I mean, we were still vulnerable but the recovery process was much faster, as I have already said: containers aren't security tools!

Now, for example we want to run WP from scratch but inside a container? How can do such a complex thinh? Don't worry... using a container is easy as using a normal terminal connection

A basic way to create a basic container ready for any usage is:

Quote:docker run -it -d --name debian -p 9090:80 debian:latest

"docker run": creates a new container;
"-it": tags the container as a interactive one, you can access its shell;
"-d": tags the container as detachable, it will not block your terminal once started;
"--name debian": names the container for easy handling;
"-p 9090:80": it binds your host port to the port of the container, very useful if we want to host services that requires port... such as Web services!;
"debian:latest": points to the latest stable, Buster.

Once the containers is up you can access it in 2 ways:

Attach using
docker attach debian
Deattach using the combination: CTRL+P + CTRL+ Q

Or

Attach using
docker exec -it debian /usr/bin/bash
Deattach using the combination CTRL+C or the command exit

Now, inside the container shell you can just follow @Mashiro tutorial 1:1 with commands, there is no differences!

After everything is setup, you must create a reverse proxy that points to the container...
Because @Mashiro used NGINX I will provide below a simple reverse-proxy configuration for our example case:

Code:
server {

listen      80;

server_name your_prefered_domain

location /{

proxy_pass 0.0.0.0:9090

proxy_set_header Host              $host;

proxy_set_header X-Real-IP         $remote_addr;

proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Forwarded-Host  $host;

proxy_set_header X-Forwarded-Port  $server_port;

}

This reverse proxy is very basic, for example it lack of HTTPS redirect... but that is not the goal of this tutorial

I know that this container is not optimal, there is no persistent but it gives you a bit a "security" and doesn't require much of docker knowledge.

Dynamo · Posted by: Dynamo - 05-22-2021, 08:13 AM - Forum: Announcements - No Replies

Hello,
It is expected to have a Forum downtime today since Hyper Expert will be performing a series of network maintenance.

More details are given below:

Quote:Maintenance Start Time: 05/22/2021 08:00 AM PST
Maintenance End Time: 05/22/2021 8:00 PM PST
Maintenance Window Length: 12 hours
Maintenance Expected Severity: High
Maintenance Impact: High impact - Systems offline and/or increased latency and packet loss due to traffic shifting

Regards,

Pacific Spirit

All web hosting services are provided by Host Leasing Company (HostLease Media Group NL). Our company focuses on providing a wide range of professional services in the following areas: web hosting, reseller hosting, master reseller hosting and alpha reseller hosting. VPS hosting and Dedicated Servers and high-quality customer support.

Main Features

•Pure SSD (Solid State) Drives RAID10
•99.9% SLA Uptime Guarantee
•14 Day Money Back Guarantee
•DDoS Protected WebServer
•ClaimAV Virus Scanner
[font=Verdana, Arial, Tahoma, Calibri, Geneva, sans-serif]•Full Offshore Hosting[/font]
•Daily Malware Scanning & Removal
•MariaDB for optimized database performance
•Multiple PHP Versions including 8.0.5
•Free Unlimited Auto SSL Certificates
•Instant Setup
•Fantastic service & support
•Hundreds of one-click installers using
•Nightly Backups
•CellNexx, Lelystad NL Data Center

SPRING IS IN THE AIR. TIME TO GET SOME AMAZING DISCOUNT TO GO! YOU WONT WILL MISSING THIS.

Web Hosting Spring Exclusive Coupon Lifetime 99% Off (Recurring).

★★★★
3G
★★★★
Hosting For 1 Website
20GB SSD Raid 10 Storage
2TB Premium Bandwidth
Unlimited Features
★★★★
*As low as €0.17/Month*
ORDER NOW!

★★★★
3G+
★★★★
Hosting For 5 Websites
50GB SSD Raid 10 Storage
5TB Premium Bandwidth
Unlimited Features
★★★★
*As low as €0.42/Month*
ORDER NOW!

★★★★
3G+ Pro
★★★★
Hosting For Unlimited Websites
200GB SSD Raid10 Storage
25TB Premium Bandwidth
Unlimited Features
★★★★
*As low as €0.67/Month*
ORDER NOW!

*Please note: Discount pricing is only for a limited time! GRAB BEFORE IT GOES OUT OF STOCK.

PAYMENT METHODS
We accept PayPal, Credit and Debit Card.

Take advantage of our 14-day money back guarantee and 99.9% Uptime Guarantee. Chat with us for a custom quote.

Main Site
Client Area
Special Deal Orders

CONTACT US:
Email: [email protected]
Phone/Whatsapp: +31 6 14355166
Ticket: https://clienthl.eu/submitticket.php

Mashiro · Posted by: Mashiro - 05-19-2021, 06:54 PM - Forum: Tutorials - Replies (14)

Host Your Own WordPress Blog
Using Debian 10, Nginx, PHP 8 & MariaDB

Hello Post4VPS Community & Staff

Welcome to my tutorial to teach you how to set up your own WordPress blog on a Debian 10 based server using only the command-line and its toolset. You will not need or use a hosting or VPS control panel. The command-line is your friend and key to your own success with Linux. So it is very important to collect command-line experience by doing projects such as those introduced to you in this tutorial. Another personal goal is to get you a bit away from using control panels to manage your server to reduce overhead and remove a big layer of possible security risks and other kinds of issues.

We will cover all necessary steps of the setup, starting with the installation of the Nginx web server, setting up the firewall rules, necessary directory permissions, everything in between, and finally performing the WordPress installation. What we will not cover are the following subjects: DNS and mail server setups. I recommend using a 3rd party DNS infrastructure provider such as Cloudflare or similar providers. For mail servicing, I would also recommend using a free 3rd party service with SMTP options to send emails from within your WordPress blog (e.g. Sendinblue or similar services). Additionally this guide will not contain the setup process of a HTTPS vHost with TLS certificates. Later on a tutorial may follow as an addon for this guide that will cover this topic in combination with Let's Encrypt TLS certificates.

For this tutorial, I'm using a small server with the following specifications:

Intel Pentium N4200 4x 2.4 GHz
4 GB DDR4 2400 MHz RAM
64 GB eMMC Flash Storage
Debian "Buster" 10 64 Bit

In short: I will be using a home server that is actually an old repurposed Acer Swift One Ultrabook. I will be hosting the setup locally however with a proper domain name. Regardless of this fact, everything shown in this guide will still work on dedicated servers and VPSs with public IP addresses. You can look at my setup for this guide as a computer & server testing laboratory. Made to produce educational content such as this tutorial.

Let's get started!

Before we really begin I'd like to mention some prerequisites and provide some information about upcoming procedures.

Clean OS
- It is highly recommended to use a clean OS installation for this project. A already in use OS installation where you might have certain software installed that might be similar to what we want to set up or something else is running on can produce conflicts and thus cause negative side effects. So it's best to reinstall your OS to a fresh installation of Debian 10 before starting with this tutorial.

Up to date OS
- Please make sure your OS installation is not only fresh but also up to date. This is also a highly recommended step that needs to be performed before going forward with the installation steps in this guide. Out-of-date software combined with what we want to do can cause unwanted and unnecessary issues.

Root access
- It is highly recommended to be logged in as root on your server to perform all upcoming installation setups and commands. You will save yourself a lot of time this way. Alternatively, you can use a user with sudo access but remember to apply the sudo keyword before all commands.

3rd party repos
- For the best experience we want to use the latest available version of the software that we need to achieve our goal. Sadly, the default software repositories of Linux distributions like CentOS, Debian, or Ubuntu don't provide the latest version of the software we need in their default repositories. To get past this problem we will be adding 3rd party software repositories that will allow us to get the latest version of the software we need.

Going a nit off road
- We're not going to stick with all software defaults of software packages. We will change configurations of the software we install and we will write our own configurations from scratch where and when necessary.

Make sure you have all of that ready and are properly prepared.

First, we will be adding 3rd party repositories for the latest Nginx Stable, PHP 8, and MariaDB versions.

Run the commands below to create new source lists for the three application sets.

Nginx Stable (directly from nginx.org)

Code:
apt-get update

apt-get install curl gnupg2 ca-certificates lsb-release -y

echo "deb http://nginx.org/packages/debian `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list

echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx

curl -o /etc/apt/trusted.gpg.d/nginx_signing.asc https://nginx.org/keys/nginx_signing.key

apt-get update

PHP 8 (from deb.sury.org)

Code:
apt-get install wget apt-transport-https software-properties-common dirmngr -y

echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/sury-php.list

wget -qO - https://packages.sury.org/php/apt.gpg | apt-key add -

apt-get update

MariaDB 10.5 (directly from MariaDB Foundation)

Code:
apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'

add-apt-repository 'deb [arch=amd64] http://mirror.23media.de/mariadb/repo/10.5/debian buster main'

apt-get update

(In my case I'm using a German mirror. You can generate a source list for MariaDB 10.5 with a different mirror here.)

Finally, there are a few packages that can be updated and others that can be deleted (as they're no longer required). Run the command below to make sure everything is up to date:

Code:
apt-get upgrade -y

apt-get dist-upgrade -y

apt-get --purge autoremove -y

After adding these 3rd party repositories we can continue with the installation of all software packages that we need.

Nginx Stable

Let's start by installing, enabling, and starting the Nginx web server. Run the commands below:

Code:
apt-get install nginx -y

systemctl enable nginx

systemctl start nginx

PHP 8.0 + Extensions

Now it's time to install PHP 8.0 and the necessary extensions. One important being the PHP FPM extension. Which we will enable as a service and start after the installation. Execute the commands below on your server:

Code:
apt-get install php8.0 php8.0-bcmath php8.0-mysql php8.0-tidy php8.0-dba php8.0-readline php8.0-bz2 php8.0-xdebug php8.0-xml php8.0-enchant php8.0-opcache php8.0-intl php8.0-soap php8.0-xsl php8.0-cli php8.0-fpm php8.0-zip php8.0-sqlite3 php8.0-common php8.0-gd php8.0-phpdbg php8.0-mbstring php8.0-sybase php8.0-curl php8.0-gmp php8.0-pspell -y 

systemctl enable php8.0-fpm

systemctl start php8.0-fpm

MariaDB 10.5

After PHP 8.0 has been installed we can install the MariaDB 10.5 MySQL database server. After that, we will enable and start it. Run the commands below in your terminal:

Code:
apt-get install mariadb-server -y

systemctl enable mariadb

systemctl start mariadb

Now we have everything necessary installed and can continue with the configuration of the applications, set up things like firewall rules and directory permissions.

Firewall rules for the web server

By default Debian 10 comes neither with firewalld nor with any other easier-to-use firewall or iptables frontend. Only the raw iptables firewall is available. However, to makes things much easier for the future we will install the iptables frontend ufw (uncomplicated firewall).

To install ufw run the commands below:

Code:
apt-get install ufw -y

If you have IPv6 addresses available you may want to enable IPv6 support.

Code:
nano /etc/default/ufw

Make sure you have the entry "IPV6=yes" inside the file and it is not commented.

Now we have to configure the default policies. The best security practice is to block everything that we didn't explicitly allow. So our default policy for incoming connections will be set to "deny". However, we will allow all outgoing connections as it can be very hard and painful to filter outgoing connections properly. Outgoing connections can happen basically any port to any port (1 to 65535). It depends a lot on what kind of server or service the outgoing connection is connecting to. So for the outgoing connections, we will set the default policy to "allow".

Run the commands below to set default policies:

Code:
ufw default deny incoming

ufw default allow outgoing

Don't worry. You will not be disconnected! After running the commands above ufw is actually still inactive.

Next, it is time to open the incoming ports that we need. We'll be simply starting with the SSH port (I use port 22 still as SSH is only accessible over LAN - remember to adjust your SSH port in the command below), port 80 for HTTP, and port 443 for HTTPS. Run the commands below:

Code:
ufw allow 22

ufw allow 80

ufw allow 443

Now we will enable ufw and from here on the rules will be active. If you set up the wrong port for SSH you will be locked out after running the command below! For this kind of case make sure you have some kind of emergency access. I highly recommend being careful when configuring the allowed incoming connections to avoid locking yourself out.

Enable ufw:

Code:
ufw enable

If asked whether you wish to continue press the Y button and the ENTER button. Ufw is now enabled.

Please read https://www.digitalocean.com/community/t...d-commands for more information about ufw and the most necessary basics and commands.

What you can do now to confirm that the firewall is working properly is to access the IP or domain of your server. You should see an Nginx page showing up like in the screenshot below. And obviously, if your SSH connection is still working the firewall rules for it are correct

.

By the way: during the whole tutorial I will be using hiddenrefuge.eu.org as my domain in all configurations, etc. Keep in mind to replace this domain with your own domain where you see it. This means especially the part where we will configure our Nginx vHost, the WordPress blog, etc.

Nginx default vHost configuration

We will not touch the default nginx.conf file in /etc/nginx/ as it is fine as it is by default. The way the file is configured by default in the Nginx.org packages is enough to run pretty much any website for the beginning.

What we will modify is the default vHost "default.conf" to disconnect all connections that attempt to connect to the IP address or domain name that has no vHost on the server.

Rename the original default.conf file to a backup:

Code:
mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak

Open a new and empty default.conf:

Code:
nano /etc/nginx/conf.d/default.conf

Paste the following into the file:

Code:
server {

        listen 80 default_server;

        return 444;

}

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

Restart Nginx to apply the changes:

Code:
systemctl restart nginx

If you now access the IP address or domain of your server you will see a browser error message like this one:
[Image: 2015-02-09-12-13-38-59e3c7.png]

(In the case of Firefox, as it is the web browser I currently use.)

If you see such a page or a similar in another browser you now know that the default.conf vHost is working as intended. All connections to the IP address directly or a domain that has no vHost on the webserver are canceled by the webserver to prevent host spoofing.

Nginx vHost configuration for your own domain

Now that we have configured the default vHost we can continue with setting up the real vHost for our own domain of the WordPress blog we want to host.

Create an empty vHost file for your site:

Code:
nano /etc/nginx/conf.d/hiddenrefuge.eu.org.conf

(Remember to adjust the domain in the vHost file name.)

Paste the following code into the file:

Code:
server {

        listen 80;

        server_name hiddenrefuge.eu.org www.hiddenrefuge.eu.org;

        root /var/www/hiddenrefuge.eu.org;

        index index.html index.htm index.php home.html home.htm home.php;

        location / {

                try_files $uri $uri/ /index.php?$args;

        }

        location ~ \.php$ {

        fastcgi_pass unix:/run/php/php8.0-fpm.sock;

        include         fastcgi_params;

        fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;

        fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;

  }

}

(Again remember to adjust the domain name to the one you use where needed.)

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

In this guide, I will use /var/www/hiddenrefuge.eu.org as the directory for my WordPress blog. So now it is necessary to create that folder and give it the correct permissions.

Create the folder tree:

Code:
mkdir -p /var/www/hiddenrefuge.eu.org

(Adjust your domain!)

Set the correct ownership of the folder:

Code:
chown -R nginx:nginx /var/www

(The Nginx web server is running as the user and group "nginx".)

Restart Nginx to apply the new vHost configuration:

Code:
systemctl restart nginx

Now you have a vHost for your domain that is pointed to the IP address of your server. If you now open the domain you pointed to your server you should see a 403 Forbidden error. Why 403? Because we don't have an index file, yet. By default, Nginx disables the listing directories and so it returns a 403 Forbidden error. However, this means that the vHost is working. If it wouldn't be working you still would get the error from the default vHost configuration or another error/issue.

[Image: O6G3R7V.png]

Fixing PHP to prevent malicious requests to PHP via PHP-FPM

Quote:When pairing NGINX with PHP-FPM, it’s possible to return to NGINX a .php URI that does not actually exist within the site’s directory structure. The PHP processor will process the URI, and execute the .php file because its job is to process anything handed to it by NGINX. This presents a security problem.

It’s important to limit what NGINX passes to PHP-FPM so malicious scripts can’t be injected into return streams to the server. Instead, the request is stopped, possibly then resulting in a 404.

Run the following command:

Code:
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/8.0/fpm/php.ini

Restart PHP-FPM:

Code:
systemctl restart php8.0-fpm

That security risk should be fixed now.

Fix PHP-FPM pool listen user and group

The Nginx web server is running as the user Nginx and the group Nginx. Meanwhile, the default PHP-FPM pool www is using the user and group www-data. This is a conflict that will prevent from PHP 8.0 working with Nginx. This needs to be fixed.

Open the default PHP-FPM pool www config file to edit it:

Code:
nano /etc/php/8.0/fpm/pool.d/www.conf

Find the following lines:

Code:
user = www-data

group = www-data

Code:
listen.owner = www-data

listen.group = www-data

Replace them with:

Code:
user = nginx

group = nginx

Code:
listen.owner = nginx

listen.group = nginx

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

Restart PHP-FPM to apply the changes:

Code:
systemctl restart php8.0-fpm

Now the PHP-FPM process will be running under the same user as Nginx and Nginx can properly access the listen socket of PHP-FPM to process PHP files from the webserver to PHP and vice-versa.

Verification of PHP 8.0 working with Nginx

The next step before going forward with MariaDB is to confirm that PHP 8.0 is actually working properly with Nginx.

Create an empty info.php file in the directory of your website:

Code:
nano /var/www/hiddenrefuge.eu.org/info.php

Paste the following PHP code into the file:

Code:
<?php

phpinfo();

?>

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

Open the file in your browser and you should see the PHP 8.0 info page like in the screenshot below.

[Image: 8r7nINK.png]

If you see this page and not an error page you now know that PHP 8.0 is working properly together with the Nginx webserver.

You can remove the info.php file as it is no longer needed.

Setting up MariaDB

How far are we? Great news! We have so far installed and configured the Nginx web server successfully. We've fixed up PHP 8.0 and made it work together with Nginx (with a small and easy verification).

Next goal: MariaDB 10.5 MySQL database server.

The first step is to perform a secure configuration of the MariaDB MySQL database server by setting a root password, etc.

Run the command below to start the secure configuration:

Code:
mysql_secure_installation

By default, there is no root password set. So simply press the ENTER key to continue.

Next, you will be asked if you want to switch to unix_socket authentication. Press the N key and the ENTER key. While this might be more secure not every application you might want to host will support Unix socket authentication.

Now you will be asked to change the root password. Press the Y key and the ENTER key. Type in the new password twice.

After that, press the Y key and the ENTER key when asked to disable anonymous user access.

Next, you will be asked to disable root login. Press the Y key and the ENTER key. This will allow root login only via localhost in the CLI.

After that, you will be asked if you wish to remove the test database. Press the Y key and the ENTER key.

Finally, when asked to reload the privileges tables press the Y key and the ENTER key.

The secure setup of MariaDB is finished after this set of steps.

Here is how the whole output of the configuration screen should look like:

Quote:root@hiddenrefuge:~# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

To log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorization.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] n
... skipping.

You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Creating a MySQL user and database for the WordPress blog

Time to create a new MySQL user and database for the WordPress blog that we will host. We will not use the MySQL root account and we cannot. It is bad security practice to use the MySQL root account for web applications or other database use cases. In the new MySQL / MariaDB version it is impossible to use root any other way than via the localhost CLI MySQL tool.

Start the CLI MySQL tool:

Code:
mysql -u root -p

Type in the password you have set before during the MariaDB secure setup.

You will be in the MariaDB CLI interace that looks like this:
[Image: Vo3S9Oc.png]

Create a new database for the Wordpress blog:

Code:
CREATE DATABASE hiddenblog;

(I will be using the database name hiddenblog. Remember to adjust yours!)

Now, create a new user:

Code:
CREATE USER 'hiddenuser'@'localhost' IDENTIFIED BY 'mypassword123';

(I will be using the username hiddenuser. Remember to adjust yours! Also don't forget to set the password.)

After that, it is time to give the user full permission for the database:

Code:
GRANT ALL ON hiddenblog.* TO 'hiddenuser'@'localhost';

Finally, reload the privileges:

Code:
FLUSH PRIVILEGES;

Exit the MySQL CLI tool.

Code:
exit

So now we have an empty database and a user assigned to it that we can use in the WordPress installation.

WordPress blog installation

Finally! We can start with the installation of the WordPress blog

.

Change into the directory of your site:

Code:
cd /var/www/hiddenrefuge.eu.org/

Download the latest WordPress version:

Code:
wget https://wordpress.org/latest.tar.gz

Extract the downloaded archive:

Code:
tar -xvf latest.tar.gz

Move the WordPress files into your main directory:

Code:
mv /var/www/hiddenrefuge.eu.org/wordpress/* /var/www/hiddenrefuge.eu.org

Remove the downloaded archive and the empty wordpress folder:

Code:
rm -rf /var/www/hiddenrefuge.eu.org/wordpress

rm -rf /var/www/hiddenrefuge.eu.org/latest.tar.gz

Set ownership for the files and folders correctly:

Code:
chown -R nginx:nginx /var/www/

Now, open your domain in the web browser and you should see the WordPress installer.

At the first screen select the language you want to use. In my case English. After that press on the blue "Continue" button.

After that, you will see a info screen showing what is coming up next in terms of configuration. Here you will need the database name, username and password that we created before. First click on the "Let's go!" button.

On the next screen type in the database name, username and password. You can keep the database host and table prefix as is. After you have filled out the necessary fields click on the "Submit" button.

Now, you will see a screen saying that everything looks sparky (good) and you can click on the "Run the installation" button to perform the installation.

Shortly after, you will be at the first configuration screen where you can set the title of your blog, a username and password for the main account and e-mail. Fill in everything as you wish. At the end press the "Install Wordpress" button.

A few seconds later you will be the last screen of the installation. It should say Success!. From here on your blog is installed. You can log into he Admin CP and continue the configuration and add content.

[Image: 5126of4.png]

FYI: WordPress permalinks are already working as the vHost that we created for our site contains the necessary pieces of code to make them work.

That's it. You now have a Nginx web server running with PHP 8.0 and the MariaDB MySQL database server. All of that is hosting your very own WordPress blog. You've not used a single control panel during the whole process.

This might seem like a lot of work? 75% of the content from this thread can be compiled into a single bash shell script that will perform a lot of the steps automatically without any user input. After that you would only have to setup your own vHost, create a database with a user and install your WordPress blog. Again using no control panel.

Revision: 2021-05-19

Rehan

Hey there,
I hope everything is fine here. I am here to find out if is it possible to read multiple text document at once. Actually i am doing modification of some game files. I have extracted a game archive and it gave me a 15k of total .dat files. These files are text encrypted files. Most of these are readable text files. I want to search some setting in these files. These are 15k files almost. It's really very hard to find out which of these file contain the required settings. So i was wondering if is it possible to open all files at once and search the required code. Any idea? is it possible ?

deanhills · Posted by: deanhills - 05-16-2021, 06:36 PM - Forum: VPS Support - Replies (6)

I'm trying to find a really quality tutorial providing all of the steps that will finally lead to installing a WordPress site without a panel. The OS has to be Debian 10 with Nginx. I've worked my way through loads of tutorials from Google but haven't had success yet. They must be missing steps that are taken as "given" and "for granted" by those creating WP in a non-panel environment.

My issue is not with installing WP from the command line. My issue is with setting permissions. It may also have to do with my VPS security settings with SELinux and requirement for having the correct side script language in an .htaccess page. And also having more than one .htaccess in more than one location. Preferably I don't want to use .htaccess at all, as like the SELinux cop out for disabling it, I think .htaccess is also an overrider of security.

I've done basically everything with the permissions. Like I always disable SELinux as standard. I've learned how to open all of the ports. How to check how to listen to them. How to set up users and CHOWN them. How to set up the right permissions for the folders and files. Yet I've been unsuccesful with setting up WP. I must be doing something wrong.

I'm comfortable with how VestaCP set up its filing system. I have success with WP every time with VestaCP. I can do it with eyes closed. I install WP with VestaCP from the command line and basically only use the database and file setup and server of VestaCP. I only need to add the command below at the end of the installation so I can install plugins and themes in WP directly from the WP Dashboard.

chown admin -R *

However when I install WP from the command line in a non-panel environment in Apache and use the above chown command for admin, it says no such user. When I try to create a user admin in a non-panel environment I can't do so. I can create non-admin name users, but not admin. I get it that the file path to the domain in apache and nginx is /var/www/html and the virtual host .conf files in etc/conf. I've worked through tons of step to set up permissions for those folders. I get how they are set up but am obviously missing something as in most cases I can't get WP admin set up right. Even when I nano the content of index.html, it fetches the generic Apache index.html from somewhere else. When I delete index.html from the root of the domain apache still gets another index.html that is the generic Apache page. I know about cache and deleting it everywhere including in your OS. Whatever I do the index.html stays with the default original Apache index file, and if I fiddle too much everything breaks and it goes to 404 or cannot find.

I need a really good tutorial for getting the folder and file structure, and permissions as well as users right. There has to be something that one does to for example create one's own folder structure like VestaCP does under home/admin/web/domain.com/public_html/ and then get it pointed to the var/www/html direction (where in VestaCP there are no sub-folders and files) but where Apache wants it to be, and ditto with the dot.conf virtual host files, of getting the permissions and users right. A step by step tutorial with no steps missed. I get it how to create .htaccess. But the standard wording provided does not make any difference. Looks like .htaccess has to be copied to other Web folders and not only the root folder of the domain.

Installation of php is also an issue. There are millions of ways of doing it. But I think that may be an issue too. I know how to do the initial installation to set it up for a specific version of php before one installs php. But I'd like to get a simpler way of doing it. I don't feel as in control with php as i do with MariaDB.

Until I get the above right, I'm sticking with the Debian Fork by dpeca of myVestaCP as it works OK for me. But I'd be really happy with myself if I could find a simple minimalist way of getting to use WordPress with no panel at all from the command line. I know how to use MariaDB, I can create a database and user from the command line. I can give the database a user and permissions. I know my way into phpmyadmin. I can do some edits in phpmyadmin, import databases, create new one. I can create WP from the command line. I can create a static Website from the command line. But the permissions of the Administrator of WP as well as where Apache fetches everything has me at a loss. I don't get it when I delete index.html why and where Apache fetches its default page. Even when cache and everything associated with cache has been removed.

Login

Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting