Post4VPS Forum | Free VPS Provider - Tutorials

Container-based Virtualization: The Big Picture

Thu, 08 Jul 2021 14:34:31 +0000

To answer the question asked in this post of mine, ie the 'where Docker containers fit in the big Container-based Virtualization picture, an overview of the whole field is warranted and -as usual with me- this is done in its historical context. So, this thread is about setting the broad historical context of Containers technologies, highlighting the milestones events occurring in the path towards the kick-starting of the LXC project in 2008, which led to the Docker project, open-sourced in 2013, which was foundational in setting the industry standard for 'containerized application' and all the tooling that goes with it.
-------------------------------------

Container-based virtualization (ie OS virtualization), as contrasted to the hypervisor-based or VM-based virtualization (ie machine/hardware virtualization), has been a hot subject in the IT world for more than a decade now.

The following table (*) gives a direct comparison between VMs and containers:

Code:
Virtual Machines (VMs)                   | Containers

--------------------------------------------------------------------------------------

Represents hardware-level virtualization     Represents OS-level virtualization

Heavyweight                                  Lightweight

Slow provisioning                            Real-time provisioning and scalability

Limited performance                          Native performance

Fully isolated thus more secure              Process-level isolation thus less secure

(*)- The code tag is used here to maintain the table formatting.

1- Containerization technologies
Containers are an old concept. Below is a summary list for the milestones and evolution of the concept which culminated in the split between system containers and the more popular application containers championed by Docker Inc. since 2013 and their standardization in the OCI specification in 2015:

For decades, UNIX systems have had the chroot command that provides a simple form of filesystem isolation.
The FreeBSD jail: since 1998, FreeBSD has had the jail utility, which extended chroot sandboxing to processes.
Solaris Zones offered a complete containerization technology around 2001 but was limited to the Solaris OS for the x86 and SPARC systems.
In 2001, Parrallels Inc released the commercial Virtuozzo container technology for Linux and later open sourced the core technology as OpenVZ in 2005.
In 2006, Google Inc. started the development of CGroups for the Linux kernel and began switching its infrastructure to containers.
In 2007, Linux kernel 2.6.24 released with support for cgroups v1 (Control groups.)
In 2008, The Linux Containers (LXC) project started and brought together CGroups, kernel namespaces, and chroot technology (among others) to provide a complete containerization solution in Linux systems.
> LXC is a project centered around a C-based library, liblxc which allows for the creation of containers of any type from userspace. It also provides a set of tools (lxc-*) that allows interacting with that C library and offers a raw low level user interface. This is why it it remained only useful for system engineers with the required know-how.
In late 2014, Canonical launched L project which is a REST API written in Go around LXC and creates a system daemon that apps can access locally using a Unix socket, or over the network via HTTPS. The goal being the democratization of system containers by lowering the entry-level for non-specialists.
In 2016, Canonical released L, which is its own container manager that focuses on system containers and which uses liblxc through go-lxc.

Among the Containerization technologies listed above, LXC (for LinuX Containers) is the one that interests us in this thread as it's the original implementation from which all kinds of other Linux containers implementations derive, including Docker containers. It indeed represents an operating-system-level virtualization environment (VE) for running multiple isolated Linux systems (containers) on a single Linux machine. These Linux containers are basically made of three Linux kernel primitives:

Linux namespaces which defines what a process can see
CGroups which set the resources a process can use
A rootfs

More on this later when we'll be discussing the role of the so-called 'low-level container runtimes', like lxc, runc, crun etc..

Another interesting observation that can be made from the Containerization technologies listed above (ie Solaris Zones, Virtuozzo’s OpenVZ, FreeBSD jails and L/LXC containers) is that they are all designed primarily as a way to containerize a complete OS rather than just a single app, which means that they are all system containers.

Next post will be about the transition to the 'application containers' with the release of Docker as an open-source project in 2013.

2- From System Containers to Application Containers

Easy phpMyAdmin Installation On Linux

Wed, 26 May 2021 16:45:16 +0000

Easy phpMyAdmin Installation On Linux

Howdy Post4VPS!

Welcome to another Post4VPS user request based tutorial for the command-line installation of software and applications on Linux servers. In this guide I will teach you how to easily install the phpMyAdmin web application on your Linux based server with a web server, PHP and a MySQL based database server. If you want to know how to install a web server with PHP and MariaDB you can take a look at the following instructions: Host Your Own WP Blog Using Debian 10, Nginx, PHP 8 & MariaDB. A small additional information: phpMyAdmin is a web application that is meant to be downloaded, unzipped and used after a bit of configuration. Therefore I highly recommend to install it from the official source and always use the latest available version. Don't rely on the phpMyAdmin software packages that you can install via package managers in Linux distributions! This way wou will have the latest phpMyAdmin and thus will lower the risk of opening security holes in your web hosting stack. Also keep in mind to always update to the latest phpMyAdmin version afterwards!

This tutorial will NOT cover the following points: a) how to install and configure a web server like Apache or Nginx, b) how to install and configure PHP (e.g. PHP 8) and c) how to install and configure a MySQL database server like MariaDB. You can use the previously linked guide to learn how to do that based on Nginx, PHP 8 and MariaDB. Other kind of setups using different web servers and / or database servers can be found in this forum or all around the web. Additionally this tutorial will not include steps that may help you to secure your phpMyAdmin installation. This is due to different web servers offering different ways to secure it. This subject alone would be worth a dedicated standalone tutorial (in my opinion at least).

Below is the setup I'm going to use during this tutorial:

Intel Pentium N4200 4x 2.4 GHz
4 GB DDR4 2400 MHz RAM
64 GB eMMC Flash Storage
Debian "Buster" 10 64 Bit
Nginx Stable 1.20
PHP 8.0
MariaDB 10.5

This is the very same server that I used when I created the previous guide that I linked above. It serves well as an example system to perform a phpMyAdmin installation to make the management of databases easier. Although you may know that I'm not a big of of any kind of control panels, I admin that I'm happily using phpMyAdmin when necessary to quickly create users, databases or perform other operations like database optimization or backups. However, I strongly recommend to secure any phpMyAdmin installation by mainly limiting access to it to a certain set of IP addresses (and as mentioned before: always keep it up-to-date!).

Before we start with the main parts of the guide I have some additional information for you.

Easy is not very easy
- In the past the installation of phpMyAdmin basically used to be very easy. It was mainly: a) download the latest version, unzip the latest version and c) adjust a little part of the configuration file. After this three main steps it was basically ready to go. New security measures introduced by MySQL and thus MySQL based database servers require some more work now. The main necessity is the creation of a dedicated database user with full administration rights that can be used in phpMyAdmin for any administrative operations. Earlier it was possible to simply use the root user but this has been disabled to increase security.

Different web hosting stacks require different phpMyAdmin versions
- Certain parts of web hosting stacks such as the PHP version and MySQL server version dictate which phpMyAdmin version you can use or rather said need to use to have a working instance of phpMyAdmin running. So be careful here and watch out what kind of software versions you are using and which phpMyAdmin version you need. I will only mention it this time and no other time during the whole tutorial. Example if you have PHP 8.0 and MySQL 5.5 or MariaDB you need to get the latest stable version 5.1.0 of phpMyAdmin. The older but still supported version (security fixes only) 4.9.7 will not work with PHP 8.0.
- PHP 7.1 and newer and MySQL/MariaDB 5.5 and newer -> phpMyAdmin 5.1.0.
- PHP 5.5 to 7.4 and MySQL/MariaDB 5.5 and newer -> phpMyAdmin 4.9.7.

No phpMyAdmin software packages from Linux distribution package managers
- As mentioned before we will not be using phpMyAdmin software packages that can be installed by package managers coming with Linux distributions like apt, yum or similar. Most are out of date and are only tailored to web hosting stack software version that are also available by default through the package managers on the Linux distributions. As easy as that would make it to install phpMyAdmin it's simply not the right way where you will learn how to install it yourself and it most likely will not compatible with different web hosting stacks (e.g. might only work with Apache installed by the package manager but will not work with Nginx).

Prerequisites

First we will install a few necessary tools via apt. To do that first connect to your server and login (best would be to login as root or a user with sudo access as you will need administrative permissions to run some of the commands).

Run the following command in your terminal as root or a user with sudo access (remember to add sudo before the command) to install the necessary tools:

Code:
apt-get install wget nano ca-certificates tar gzip -y

The command will install the CLI downloader "wget", the CLI text editor "nano", the TLS CA certificate base (to download from HTTPS links without certificate errors) and the archive management tool tar + gzip for tar and gunzip archives.

phpMyAdmin MySQL Administration User

Next step before the phpMyAdmin installation is the creation of the necessary MySQL administration user that you can use in phpMyAdmin instead of the MySQL root user.

Start the MySQL CLI management console as the MySQL root user:

Code:
mysql -u root -p

(Enter your MySQL root password when prompted.)

Create a new user that will become the administrator:

Code:
CREATE USER 'pmaadmin'@'localhost' IDENTIFIED BY 'mypassword123';

(I'll use pmaadmin as the username. Remember to adjust it to your liking and also set your own password instead of mypassword123.)

Grant all permissions to all databases and also special permission to the new user:

Code:
GRANT ALL PRIVILEGES ON *.* TO 'pmaadmin'@'localhost' WITH GRANT OPTION;

Reload all user privileges:

Code:
FLUSH PRIVILEGES;

Exit the MySQL CLI tool:

Code:
exit

(Remember to adjust the username to yours!)

You now have a MySQL user that basically has a lot of power over the database server. It is like the MySQL root user. You will use this use to login in phpMyAdmin when you need to create a new user/database or do other administrative tasks.

phpMyAdmin Installation

Now we can finally perform the phpMyAdmin installation.

Change your directory to the folder containing your website (where you want to install phpMyAdmin):

Code:
cd /var/www/hiddenrefuge.eu.org

(Adjust the path to your own website on your own web hosting stack.)

Download the latest version that is compatible with your web hosting stack. You can get the download links on this page. Take the download link for the archive file ending with tar.gz.

Code:
wget https://files.phpmyadmin.net/phpMyAdmin/5.1.0/phpMyAdmin-5.1.0-all-languages.tar.gz

(Here you would use the link for the correct and latest version.)

Extract the downloaded phpMyAdmin archive:

Code:
tar -zxvf phpMyAdmin-5.1.0-all-languages.tar.gz

(Here you should use the file name of the version you downloaded.)

You will now have a folder called like the archive name (without .tar.gz). Rename this folder to a easier to remember name:

Code:
mv phpMyAdmin-5.1.0-all-languages sqlmgmt

(Here you should use the folder name of your version and your new wish name for the folder. Make it something not so obvious to prevent bots trying to look for phpMyAdmin - so AVOID calling the folder pma or phpmyadmin/phpMyAdmin!)

You can now remove the downloaded tar.gz archive:

Code:
rm -rf phpMyAdmin-5.1.0-all-languages.tar.gz

(Here you should use the file name of the version you downloaded.)

Set correct ownership/permissions for the phpMyAdmin folder:

Code:
chown -R nginx:nginx /var/www/hiddenrefuge.eu.org/sqlmgmt

(Here you should adjust the user and group to the one you use for the web server and PHP processes. Additionally remember to adjust the path to your phpMyAdmin folder.)

To verify that you can access phpMyAdmin and it works (not displaying any kind of errors or something) should open the phpMyAdmin instance on your website in a web browser.

You should see this page:

phpMyAdmin Configuration

After the phpMyAdmin installation it is necessary to configure a few things or else you will not be able to use phpMyAdmin properly.

Change directory in to your phpMyAdmin folder:

Code:
cd /var/www/hiddenrefuge.eu.org/sqlmgmt

(Adjust the path to your phpMyAdmin installation.)

Rename the sample configuration file to the main configuration file name:

Code:
mv config.sample.inc.php config.inc.php

Open the configuration file with nano:

Code:
nano /var/www/hiddenrefuge.eu.org/sqlmgmt/config.inc.php

(Adjust the path to your phpMyAdmin installation.)

Go to this page and generate yourself a new blowfish secret.

Inside your configuration file replace

Quote:$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */

With the new configuration line with your blowfish secret from the page, e.g.:

Quote:$cfg['blowfish_secret'] = 'MN66UsUnxf,uVql{Dt1uzCE[cnE5M6Rb';

(Don't use the blowfish secret from the example above! Get your own from the page that I linked to above.)

Save the file with CTRL + O and ENTER. Exit the nano text editor with CTRL + X.

This is about it in terms of the configuration of phpMyAdmin.

Getting started with phpMyAdmin

Now navigate to your phpMyAdmin installation on your website via web browser and try to login with the user that you created during the phpMyAdmin MySQL Administration User setup step.

If everything went well you should be in and it should look like this:

Do you see the warning message at the bottom of the screenshot? You need to do a little something to fix this issue.

Go to http://hiddenrefuge.eu.org/sqlmgmt/index...-relations in your web browser. Remember to adjust the part before "index.php?route=/check-relations" to the web address of your phpMyAdmin installation.

You will see the error below:

To fix this click on the blue "Create" link. This will generate a databse called phpmyadmin where phpMyAdmin will store its own configuration changes and settings.

After that you can go back to the main page of phpMyAdmin and the warning message should be gone.

That's all folks! You now have installed phpMyAdmin. To update it you would simply download the latest version and overwrite all files. The configuration files config.inc.php will remain unchanged. After overwritting the files you also have to set the ownership/permission again. You would basically simply repeat the phpMyAdmin Installation part with a newer version.

How to create Docker's container and enter its shell [Basic container for any-usage]

Sun, 23 May 2021 11:58:56 +0000

I didn't plan to post this guide because it wasn't intend to. But since splitted the post... here we go

So, on topic about setting up a WP from scratch I wrote a simple command-list to create a container... Why? I think that nowadays it is important to isolate any application because there could be any CVE that can hurt our precious VPS!

BEWARE: CONTAINERS ARE NOT A SECURITY TOOLS. YOU MUST SECURE YOURSELF CONFIGURING A STRONG PROTECTION AGAIN ATTACKS

So, why create a container?
Let's imagine that we were running a Laravel WebApplication and someone used the latest known CVE to inject on our machine a cryptominer know as kdevtmpfsi . The cryptominer is a cron-job script that check if the miner process is running, if not it will download the binaries and run it. If you kill it... it will just respawn.

To get rid of the cryptominer you must FIND the faulty cronjob and delete it. Then you can hope that by deleting the binaries it will not respawn. I got a personal experience with such miner and it was a pain. My friend application was running on barehardware and the miner got injected into the main system...

If the application were running inside a container the solution could be very fast: just destroy and recreate the container! I mean, we were still vulnerable but the recovery process was much faster, as I have already said: containers aren't security tools!

Now, for example we want to run WP from scratch but inside a container? How can do such a complex thinh? Don't worry... using a container is easy as using a normal terminal connection

A basic way to create a basic container ready for any usage is:

Quote:docker run -it -d --name debian -p 9090:80 debian:latest

"docker run": creates a new container;
"-it": tags the container as a interactive one, you can access its shell;
"-d": tags the container as detachable, it will not block your terminal once started;
"--name debian": names the container for easy handling;
"-p 9090:80": it binds your host port to the port of the container, very useful if we want to host services that requires port... such as Web services!;
"debian:latest": points to the latest stable, Buster.

Once the containers is up you can access it in 2 ways:

Attach using
docker attach debian
Deattach using the combination: CTRL+P + CTRL+ Q

Attach using
docker exec -it debian /usr/bin/bash
Deattach using the combination CTRL+C or the command exit

Now, inside the container shell you can just follow tutorial 1:1 with commands, there is no differences!

After everything is setup, you must create a reverse proxy that points to the container...
Because used NGINX I will provide below a simple reverse-proxy configuration for our example case:

Code:
server {

listen      80;

server_name your_prefered_domain

location /{

proxy_pass 0.0.0.0:9090

proxy_set_header Host              $host;

proxy_set_header X-Real-IP         $remote_addr;

proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

proxy_set_header X-Forwarded-Host  $host;

proxy_set_header X-Forwarded-Port  $server_port;

}

This reverse proxy is very basic, for example it lack of HTTPS redirect... but that is not the goal of this tutorial

I know that this container is not optimal, there is no persistent but it gives you a bit a "security" and doesn't require much of docker knowledge.

Host Your Own WP Blog (Debian 10, Nginx, PHP 8 & MariaDB)

Wed, 19 May 2021 18:54:01 +0000

Host Your Own WordPress Blog
Using Debian 10, Nginx, PHP 8 & MariaDB

Hello Post4VPS Community & Staff

Welcome to my tutorial to teach you how to set up your own WordPress blog on a Debian 10 based server using only the command-line and its toolset. You will not need or use a hosting or VPS control panel. The command-line is your friend and key to your own success with Linux. So it is very important to collect command-line experience by doing projects such as those introduced to you in this tutorial. Another personal goal is to get you a bit away from using control panels to manage your server to reduce overhead and remove a big layer of possible security risks and other kinds of issues.

We will cover all necessary steps of the setup, starting with the installation of the Nginx web server, setting up the firewall rules, necessary directory permissions, everything in between, and finally performing the WordPress installation. What we will not cover are the following subjects: DNS and mail server setups. I recommend using a 3rd party DNS infrastructure provider such as Cloudflare or similar providers. For mail servicing, I would also recommend using a free 3rd party service with SMTP options to send emails from within your WordPress blog (e.g. Sendinblue or similar services). Additionally this guide will not contain the setup process of a HTTPS vHost with TLS certificates. Later on a tutorial may follow as an addon for this guide that will cover this topic in combination with Let's Encrypt TLS certificates.

For this tutorial, I'm using a small server with the following specifications:

Intel Pentium N4200 4x 2.4 GHz
4 GB DDR4 2400 MHz RAM
64 GB eMMC Flash Storage
Debian "Buster" 10 64 Bit

In short: I will be using a home server that is actually an old repurposed Acer Swift One Ultrabook. I will be hosting the setup locally however with a proper domain name. Regardless of this fact, everything shown in this guide will still work on dedicated servers and VPSs with public IP addresses. You can look at my setup for this guide as a computer & server testing laboratory. Made to produce educational content such as this tutorial.

Let's get started!

Before we really begin I'd like to mention some prerequisites and provide some information about upcoming procedures.

Clean OS
- It is highly recommended to use a clean OS installation for this project. A already in use OS installation where you might have certain software installed that might be similar to what we want to set up or something else is running on can produce conflicts and thus cause negative side effects. So it's best to reinstall your OS to a fresh installation of Debian 10 before starting with this tutorial.

Up to date OS
- Please make sure your OS installation is not only fresh but also up to date. This is also a highly recommended step that needs to be performed before going forward with the installation steps in this guide. Out-of-date software combined with what we want to do can cause unwanted and unnecessary issues.

Root access
- It is highly recommended to be logged in as root on your server to perform all upcoming installation setups and commands. You will save yourself a lot of time this way. Alternatively, you can use a user with sudo access but remember to apply the sudo keyword before all commands.

3rd party repos
- For the best experience we want to use the latest available version of the software that we need to achieve our goal. Sadly, the default software repositories of Linux distributions like CentOS, Debian, or Ubuntu don't provide the latest version of the software we need in their default repositories. To get past this problem we will be adding 3rd party software repositories that will allow us to get the latest version of the software we need.

Going a nit off road
- We're not going to stick with all software defaults of software packages. We will change configurations of the software we install and we will write our own configurations from scratch where and when necessary.

Make sure you have all of that ready and are properly prepared.

First, we will be adding 3rd party repositories for the latest Nginx Stable, PHP 8, and MariaDB versions.

Run the commands below to create new source lists for the three application sets.

Nginx Stable (directly from nginx.org)

Code:
apt-get update

apt-get install curl gnupg2 ca-certificates lsb-release -y

echo "deb http://nginx.org/packages/debian `lsb_release -cs` nginx" | tee /etc/apt/sources.list.d/nginx.list

echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | tee /etc/apt/preferences.d/99nginx

curl -o /etc/apt/trusted.gpg.d/nginx_signing.asc https://nginx.org/keys/nginx_signing.key

apt-get update

PHP 8 (from deb.sury.org)

Code:
apt-get install wget apt-transport-https software-properties-common dirmngr -y

echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/sury-php.list

wget -qO - https://packages.sury.org/php/apt.gpg | apt-key add -

apt-get update

MariaDB 10.5 (directly from MariaDB Foundation)

Code:
apt-key adv --fetch-keys 'https://mariadb.org/mariadb_release_signing_key.asc'

add-apt-repository 'deb [arch=amd64] http://mirror.23media.de/mariadb/repo/10.5/debian buster main'

apt-get update

(In my case I'm using a German mirror. You can generate a source list for MariaDB 10.5 with a different mirror here.)

Finally, there are a few packages that can be updated and others that can be deleted (as they're no longer required). Run the command below to make sure everything is up to date:

Code:
apt-get upgrade -y

apt-get dist-upgrade -y

apt-get --purge autoremove -y

After adding these 3rd party repositories we can continue with the installation of all software packages that we need.

Nginx Stable

Let's start by installing, enabling, and starting the Nginx web server. Run the commands below:

Code:
apt-get install nginx -y

systemctl enable nginx

systemctl start nginx

PHP 8.0 + Extensions

Now it's time to install PHP 8.0 and the necessary extensions. One important being the PHP FPM extension. Which we will enable as a service and start after the installation. Execute the commands below on your server:

Code:
apt-get install php8.0 php8.0-bcmath php8.0-mysql php8.0-tidy php8.0-dba php8.0-readline php8.0-bz2 php8.0-xdebug php8.0-xml php8.0-enchant php8.0-opcache php8.0-intl php8.0-soap php8.0-xsl php8.0-cli php8.0-fpm php8.0-zip php8.0-sqlite3 php8.0-common php8.0-gd php8.0-phpdbg php8.0-mbstring php8.0-sybase php8.0-curl php8.0-gmp php8.0-pspell -y 

systemctl enable php8.0-fpm

systemctl start php8.0-fpm

MariaDB 10.5

After PHP 8.0 has been installed we can install the MariaDB 10.5 MySQL database server. After that, we will enable and start it. Run the commands below in your terminal:

Code:
apt-get install mariadb-server -y

systemctl enable mariadb

systemctl start mariadb

Now we have everything necessary installed and can continue with the configuration of the applications, set up things like firewall rules and directory permissions.

Firewall rules for the web server

By default Debian 10 comes neither with firewalld nor with any other easier-to-use firewall or iptables frontend. Only the raw iptables firewall is available. However, to makes things much easier for the future we will install the iptables frontend ufw (uncomplicated firewall).

To install ufw run the commands below:

Code:
apt-get install ufw -y

If you have IPv6 addresses available you may want to enable IPv6 support.

Code:
nano /etc/default/ufw

Make sure you have the entry "IPV6=yes" inside the file and it is not commented.

Now we have to configure the default policies. The best security practice is to block everything that we didn't explicitly allow. So our default policy for incoming connections will be set to "deny". However, we will allow all outgoing connections as it can be very hard and painful to filter outgoing connections properly. Outgoing connections can happen basically any port to any port (1 to 65535). It depends a lot on what kind of server or service the outgoing connection is connecting to. So for the outgoing connections, we will set the default policy to "allow".

Run the commands below to set default policies:

Code:
ufw default deny incoming

ufw default allow outgoing

Don't worry. You will not be disconnected! After running the commands above ufw is actually still inactive.

Next, it is time to open the incoming ports that we need. We'll be simply starting with the SSH port (I use port 22 still as SSH is only accessible over LAN - remember to adjust your SSH port in the command below), port 80 for HTTP, and port 443 for HTTPS. Run the commands below:

Code:
ufw allow 22

ufw allow 80

ufw allow 443

Now we will enable ufw and from here on the rules will be active. If you set up the wrong port for SSH you will be locked out after running the command below! For this kind of case make sure you have some kind of emergency access. I highly recommend being careful when configuring the allowed incoming connections to avoid locking yourself out.

Enable ufw:

Code:
ufw enable

If asked whether you wish to continue press the Y button and the ENTER button. Ufw is now enabled.

Please read https://www.digitalocean.com/community/t...d-commands for more information about ufw and the most necessary basics and commands.

What you can do now to confirm that the firewall is working properly is to access the IP or domain of your server. You should see an Nginx page showing up like in the screenshot below. And obviously, if your SSH connection is still working the firewall rules for it are correct .

By the way: during the whole tutorial I will be using hiddenrefuge.eu.org as my domain in all configurations, etc. Keep in mind to replace this domain with your own domain where you see it. This means especially the part where we will configure our Nginx vHost, the WordPress blog, etc.

Nginx default vHost configuration

We will not touch the default nginx.conf file in /etc/nginx/ as it is fine as it is by default. The way the file is configured by default in the Nginx.org packages is enough to run pretty much any website for the beginning.

What we will modify is the default vHost "default.conf" to disconnect all connections that attempt to connect to the IP address or domain name that has no vHost on the server.

Rename the original default.conf file to a backup:

Code:
mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.bak

Open a new and empty default.conf:

Code:
nano /etc/nginx/conf.d/default.conf

Paste the following into the file:

Code:
server {

        listen 80 default_server;

        return 444;

}

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

Restart Nginx to apply the changes:

Code:
systemctl restart nginx

If you now access the IP address or domain of your server you will see a browser error message like this one:

(In the case of Firefox, as it is the web browser I currently use.)

If you see such a page or a similar in another browser you now know that the default.conf vHost is working as intended. All connections to the IP address directly or a domain that has no vHost on the webserver are canceled by the webserver to prevent host spoofing.

Nginx vHost configuration for your own domain

Now that we have configured the default vHost we can continue with setting up the real vHost for our own domain of the WordPress blog we want to host.

Create an empty vHost file for your site:

Code:
nano /etc/nginx/conf.d/hiddenrefuge.eu.org.conf

(Remember to adjust the domain in the vHost file name.)

Paste the following code into the file:

Code:
server {

        listen 80;

        server_name hiddenrefuge.eu.org www.hiddenrefuge.eu.org;

        root /var/www/hiddenrefuge.eu.org;

        index index.html index.htm index.php home.html home.htm home.php;

        location / {

                try_files $uri $uri/ /index.php?$args;

        }

        location ~ \.php$ {

        fastcgi_pass unix:/run/php/php8.0-fpm.sock;

        include         fastcgi_params;

        fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;

        fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;

  }

}

(Again remember to adjust the domain name to the one you use where needed.)

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

In this guide, I will use /var/www/hiddenrefuge.eu.org as the directory for my WordPress blog. So now it is necessary to create that folder and give it the correct permissions.

Create the folder tree:

Code:
mkdir -p /var/www/hiddenrefuge.eu.org

(Adjust your domain!)

Set the correct ownership of the folder:

Code:
chown -R nginx:nginx /var/www

(The Nginx web server is running as the user and group "nginx".)

Restart Nginx to apply the new vHost configuration:

Code:
systemctl restart nginx

Now you have a vHost for your domain that is pointed to the IP address of your server. If you now open the domain you pointed to your server you should see a 403 Forbidden error. Why 403? Because we don't have an index file, yet. By default, Nginx disables the listing directories and so it returns a 403 Forbidden error. However, this means that the vHost is working. If it wouldn't be working you still would get the error from the default vHost configuration or another error/issue.

Fixing PHP to prevent malicious requests to PHP via PHP-FPM

Quote:When pairing NGINX with PHP-FPM, it’s possible to return to NGINX a .php URI that does not actually exist within the site’s directory structure. The PHP processor will process the URI, and execute the .php file because its job is to process anything handed to it by NGINX. This presents a security problem.

It’s important to limit what NGINX passes to PHP-FPM so malicious scripts can’t be injected into return streams to the server. Instead, the request is stopped, possibly then resulting in a 404.

Run the following command:

Code:
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /etc/php/8.0/fpm/php.ini

Restart PHP-FPM:

Code:
systemctl restart php8.0-fpm

That security risk should be fixed now.

Fix PHP-FPM pool listen user and group

The Nginx web server is running as the user Nginx and the group Nginx. Meanwhile, the default PHP-FPM pool www is using the user and group www-data. This is a conflict that will prevent from PHP 8.0 working with Nginx. This needs to be fixed.

Open the default PHP-FPM pool www config file to edit it:

Code:
nano /etc/php/8.0/fpm/pool.d/www.conf

Find the following lines:

Code:
user = www-data

group = www-data

Code:
listen.owner = www-data

listen.group = www-data

Replace them with:

Code:
user = nginx

group = nginx

Code:
listen.owner = nginx

listen.group = nginx

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

Restart PHP-FPM to apply the changes:

Code:
systemctl restart php8.0-fpm

Now the PHP-FPM process will be running under the same user as Nginx and Nginx can properly access the listen socket of PHP-FPM to process PHP files from the webserver to PHP and vice-versa.

Verification of PHP 8.0 working with Nginx

The next step before going forward with MariaDB is to confirm that PHP 8.0 is actually working properly with Nginx.

Create an empty info.php file in the directory of your website:

Code:
nano /var/www/hiddenrefuge.eu.org/info.php

Paste the following PHP code into the file:

Code:

phpinfo();

?>

Use the CTRL + O button to save the changes and after that use CTRL + X to exit nano.

Open the file in your browser and you should see the PHP 8.0 info page like in the screenshot below.

If you see this page and not an error page you now know that PHP 8.0 is working properly together with the Nginx webserver.

You can remove the info.php file as it is no longer needed.

Setting up MariaDB

How far are we? Great news! We have so far installed and configured the Nginx web server successfully. We've fixed up PHP 8.0 and made it work together with Nginx (with a small and easy verification).

Next goal: MariaDB 10.5 MySQL database server.

The first step is to perform a secure configuration of the MariaDB MySQL database server by setting a root password, etc.

Run the command below to start the secure configuration:

Code:
mysql_secure_installation

By default, there is no root password set. So simply press the ENTER key to continue.

Next, you will be asked if you want to switch to unix_socket authentication. Press the N key and the ENTER key. While this might be more secure not every application you might want to host will support Unix socket authentication.

Now you will be asked to change the root password. Press the Y key and the ENTER key. Type in the new password twice.

After that, press the Y key and the ENTER key when asked to disable anonymous user access.

Next, you will be asked to disable root login. Press the Y key and the ENTER key. This will allow root login only via localhost in the CLI.

After that, you will be asked if you wish to remove the test database. Press the Y key and the ENTER key.

Finally, when asked to reload the privileges tables press the Y key and the ENTER key.

The secure setup of MariaDB is finished after this set of steps.

Here is how the whole output of the configuration screen should look like:

Quote:root@hiddenrefuge:~# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

To log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorization.

You already have your root account protected, so you can safely answer 'n'.

Switch to unix_socket authentication [Y/n] n
... skipping.

You already have your root account protected, so you can safely answer 'n'.

Change the root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Creating a MySQL user and database for the WordPress blog

Time to create a new MySQL user and database for the WordPress blog that we will host. We will not use the MySQL root account and we cannot. It is bad security practice to use the MySQL root account for web applications or other database use cases. In the new MySQL / MariaDB version it is impossible to use root any other way than via the localhost CLI MySQL tool.

Start the CLI MySQL tool:

Code:
mysql -u root -p

Type in the password you have set before during the MariaDB secure setup.

You will be in the MariaDB CLI interace that looks like this:

Create a new database for the Wordpress blog:

Code:
CREATE DATABASE hiddenblog;

(I will be using the database name hiddenblog. Remember to adjust yours!)

Now, create a new user:

Code:
CREATE USER 'hiddenuser'@'localhost' IDENTIFIED BY 'mypassword123';

(I will be using the username hiddenuser. Remember to adjust yours! Also don't forget to set the password.)

After that, it is time to give the user full permission for the database:

Code:
GRANT ALL ON hiddenblog.* TO 'hiddenuser'@'localhost';

Finally, reload the privileges:

Code:
FLUSH PRIVILEGES;

Exit the MySQL CLI tool.

Code:
exit

So now we have an empty database and a user assigned to it that we can use in the WordPress installation.

WordPress blog installation

Finally! We can start with the installation of the WordPress blog .

Change into the directory of your site:

Code:
cd /var/www/hiddenrefuge.eu.org/

Download the latest WordPress version:

Code:
wget https://wordpress.org/latest.tar.gz

Extract the downloaded archive:

Code:
tar -xvf latest.tar.gz

Move the WordPress files into your main directory:

Code:
mv /var/www/hiddenrefuge.eu.org/wordpress/* /var/www/hiddenrefuge.eu.org

Remove the downloaded archive and the empty wordpress folder:

Code:
rm -rf /var/www/hiddenrefuge.eu.org/wordpress

rm -rf /var/www/hiddenrefuge.eu.org/latest.tar.gz

Set ownership for the files and folders correctly:

Code:
chown -R nginx:nginx /var/www/

Now, open your domain in the web browser and you should see the WordPress installer.

At the first screen select the language you want to use. In my case English. After that press on the blue "Continue" button.

After that, you will see a info screen showing what is coming up next in terms of configuration. Here you will need the database name, username and password that we created before. First click on the "Let's go!" button.

On the next screen type in the database name, username and password. You can keep the database host and table prefix as is. After you have filled out the necessary fields click on the "Submit" button.

Now, you will see a screen saying that everything looks sparky (good) and you can click on the "Run the installation" button to perform the installation.

Shortly after, you will be at the first configuration screen where you can set the title of your blog, a username and password for the main account and e-mail. Fill in everything as you wish. At the end press the "Install Wordpress" button.

A few seconds later you will be the last screen of the installation. It should say Success!. From here on your blog is installed. You can log into he Admin CP and continue the configuration and add content.

FYI: WordPress permalinks are already working as the vHost that we created for our site contains the necessary pieces of code to make them work.

That's it. You now have a Nginx web server running with PHP 8.0 and the MariaDB MySQL database server. All of that is hosting your very own WordPress blog. You've not used a single control panel during the whole process.

This might seem like a lot of work? 75% of the content from this thread can be compiled into a single bash shell script that will perform a lot of the steps automatically without any user input. After that you would only have to setup your own vHost, create a database with a user and install your WordPress blog. Again using no control panel.

Revision: 2021-05-19

How to install CyberPanel

Sun, 09 May 2021 16:39:53 +0000

I have just successfully installed CyberPanel in my quest to find a good alternative to VestaCP. The verdict is still out there as I get to know it better, but I thought I would share the requirements and steps for those who are also interested to install CyberPanel. The steps are for use with CentOS.

Requirements
You can work through the requirements on the CyberPanel Installation Website:
https://cyberpanel.net/docs/installing-cyberpanel/

According to the Website the OS requirements are: Centos 7.x, Centos 8.x, Ubuntu 18.04, Ubuntu 20.04

However I found that Centos 7.x is probably not ideal. Reason being that CyberPanel works with high-end Python, so Centos 8.x is better. Probably the same would apply for Ubuntu. CyberPanel seems to be a very up to date script that works on the high-end side of requirements.

CyberPanel also has the following requirements:

Python 3.x
1024MB or above Ram.
10GB Disk Space.

Please note that the above specs are checked during the installation process. So don't try to install CyberPanel without having the above specs on your VPS.

Free vs Premium version of CyberPanel
Initially I thought there would be two different scripts for the free and paid version of CyberPanel. But there is only one script. During installation you will be asked whether you want the one or the other. For a comparison of the two you can check the above cyberpanel.net Website. The free one is referred to as CyberPanel with OpenLiteSpeed. And the paid one as LiteSpeed Enterprise. I'm not sure what the difference is between free and paid as the free version is excellent. Possibly it could be that the LiteSpeed Enterprise version is much better supported.

Installation Steps
1. As previously mentioned. CyberPanel works on the high-end of Linux available technology, so best is to start with a clean install of CentOS or Ubuntu and the most up to date version you can find. In my experience it is better to use a Minimal version of the OS as the Panel Script will be loading all the software you need. So the only software you should make sure to load is Python. To install it on CentOS 8 you need the following command:

Code:
yum install python38

2. Disable SElinux
Next step needed is to disable SElinux as per the commands below:

Code:
yum install nano

Code:
nano /etc/selinux/config

Set SELINUX=disabled

It should look like this:

Ctrl X - Y for Yes - and then Enter key

For SELINUX=disabled to take effect the VPS has to be rebooted. Note that when OS is reinstalled in future, SElinux will remain disabled on the VPS.

3. Install CyberPanel
Use the following commands to start the installation script:

Code:
yum install wget

Code:
wget https://cyberpanel.net/install.sh

Code:
bash install.sh

4. During the installation process first question asked is to choose one of the following:

Quote:1. Install CyberPanel with OpenLiteSpeed.

2. Install Cyberpanel with LiteSpeed Enterprise.

3. Exit.

If you want the free version, select Option 1.

Next you will be asked whether you want FULL or CUSTOM install. FULL is probably ideal to get the full benefits of cyberpanel, also of course full benefits of headaches. I prefer minimal and chose Custom which helped me to opt out of FTP, DNS and e-mails.

It took quite a while for the script to load after that. Compared with VestaCP VestaCP loads in a fraction of the time, and never fails. My first attempt at installation of CyberPanel with CentOS 7 failed due to Python issues. But with CentOS 8 I had no issues at all. I also had a Website up and running within minutes after the installation of CyberPanel was completed. Note that you don't need to add on any domains. Don't look for that tool once you're in the Panel. Go straight to "Create Website". And CyberPanel will take care of the rest. If you want to create a WordPress site after that, after you have created the Website, scroll downwards and you'll see the WordPress Icon. Takes about one minute (no kidding) to have the WordPress site up and running.

Assistance
You can check this post4vps discussion about CyberPanel, particularly if you have issues with installation of e-mails. Here is a link to 's post in the discussion about how he was able to have success with e-mails with CyberPanel:
https://post4vps.com/Thread-CyberPanel?p...4#pid39214

You can also check CyberPanel sources below:

Website : https://www.cyberpanel.net
Forums : https://forums.cyberpanel.net
Wikipage: https://docs.cyberpanel.net
Docs : https://cyberpanel.net/docs/

Cyberpanel with Remote Database

Sun, 13 Dec 2020 21:13:55 +0000

This tutorial is aimed at Cyberpanel users who may wish to offload database functions on a separate machine for a gain in performance. Remote database is a newer feature of cyberpanel introduced in version 2.0.2 If p4v admin to decide to create a system for users to get a second vps, it could be very useful

I wrote this tutorial, however I didn't do it without some good sources:
#TLDR Check these pages and it'll give you all the information in this tutorial and then some.

https://cyberpanel.net/docs/installing-cyberpanel/
https://cyberpanel.net/docs/remote-sql-for-cyberpanel/
https://www.virtualmin.com/documentation...ase/remote
https://www.webmin.com/deb.html
https://www.digitalocean.com/community/t...d-commands

The closer the physical proximity and lower the latency between the two servers, the better the opportunity for performance gain. For those curious, the specifications of the servers used in writing this tutorial can be found here post #3

It is written using 2 servers using ubuntu 18. It assumes you have basic knowledge of logging into your server via ssh and familiarity with the command line/terminal.

1. As always it's recommend to update the installation by running the following command from terminal on both servers:

Code:
$ apt-get update && apt-get upgrade

When your servers finish the upgrade, you'll need to set up the database server first. It will be required for cyberpanel to complete its installation. While any sql server should work, I chose to use webmin: a sturdy, lightweight open source web panel to facilitate installation and configuration of the sql server.

2. First I download the webmin installation:

Code:
$ wget http://www.webmin.com/download/deb/webmin-current.deb

3. Then use dpkg to start the installation.

Code:
$ dpkg -i webmin-current.deb

Oh no! The installer isn't going. We're missing dependencies!

Before I could get the webmin installation to start, here's what I had to install:

Code:
$ apt-get install perl libnet-ssleay-perl libauthen-pam-perl libpam-runtime libio-pty-perl unzip

Try running dpkg again webmin-current.deb, if it still complains about missing dependencies you might want to check here
In a few moments, if everything worked, you will be informed you can log into your webmin server at localhost:10000

4. For security reasons, I recommend creating a sudo user to login to webmin rather than using root.

Code:
$ adduser your_name

You will be asked to enter a password twice. The more complex the better. Then add this user to the list of sudoers so you can log in and work inside webmin panel.

Code:
$ usermod -aG sudo your_name

5. I recommend running webmin from a non-standard port. Webmin has been around for years and black-hats often port scan the webmin default ports. You can edit the webmin port in the webmin conf file. look for the line that reads "port=10000" and change the number to something different.
You can edit the webmin conf file with the editor of your choice or by running:

Code:
nano /etc/webmin/miniserv.conf

For the purposes of this tutorial I'll assume you changed port=10000 to port=12345. ctrl+x will save your changes to miniserv.conf
Now restart webmin so the port change takes effect.

Code:
$ /etc/init.d/webmin restart

6. you should now be able to log into your server via webmin in the browser. Note that your browser will throw an error from self-signed ssl. This is normal. In your browser navigate to

Code:
https://123.456.789:12345

where 123.456.789 is your database server ip and 12345 is the port you used in webmin.conf

Enter in the credentials of the sudo user you created. After this you should be logged into webmin. If you've never used webmin before, you'll see lots of links on the left sidebar. Don't panic!

here's a screenshot to show you where to look and help you feel a little more comfortable:

Screenshot from 2020-12-13 15-08-44.png (Size: 88.99 KB / Downloads: 33)
7. Click on "Servers" on the left. If you see MySQL Database Server, skip this step. It wasn't installed for me, so I had to click on "Unused Modules". Scroll down until you see MySQL Database Server. The SQL installer will take a few moments. After it completes, you may need to click "Refresh Modules" to bring it up in the "Servers" sub menu.

Now you've gotten SQL installed, but it needs to be configured.

8. From the "Server" sub menu click on "MySQL Database Server"

9. First click on "Set admin password" - I recommend you use a password generator and use a very strong password here.

10. Next click on "User permissions" then "Create a New User"

*Make sure you give the user the name root. a user named root is required by cyberpanel.
*Make sure to use a strong password
*Make sure you set "Hosts" to the IP of the server you'll use for cyberpanel installation
*Highlight all the permissions so cyberpanel can do what it needs to in the database.
Once you've got everything filled out, create your user

11. After your remote user is created, click on Database permissions.
For Databases, select "Any"
For Username, input "root"
Hosts: The IP of your cyberpanel installation
Permissions: highlight all

12. Next, go to "Mysql Server Configuration"
For Host, use the IP of your cyberpanel installation
You may wish to change the default port: be forewarned that while this is recommended for security, it can cause complications with some web apps depending on how they're configured.
Scroll down and click "Save and Restart MySQL"

At this point your Remote database should be ready.

13. It is strongly recommended to use a firewall for increased security. I used ufw to close off all ports except those needed for sql, ssh, and webmin, and restrict access to sql to only the Cyberpanel IP.

Code:
$ apt-get install ufw

$ ufw deny all

$ ufw allow 123 //whatever port you use for ssh

$ ufw allow 12345 //webmin port

$ ufw allow from 987.654.321 to any port 54321 //cyberpanel's VPS IP, sql port

14. Now we're ready to begin the cyberpanel installation on our other server.
The only dependency I needed was curl.

Code:
$ apt-get install curl

$ sh <(curl https://cyberpanel.net/install.sh || wget -O - https://cyberpanel.net/install.sh)

This covers the installation of Cyberpanel with OpenLightSpeed WebServer. It doesn't cover the installation of Cyberpanel ENT, although they should be similar.

15. The installer will ask you if you want a full install or a custom install. I chose a custom install, because I don't want to deal with the hassle of setting up services I would prefer to offload for increased performance.

The installer will ask you if you want to install DNS, Postfix, or FTP. This tutorial does not cover the configuration of the full cyberpanel stack, only the minimum required for serving web pages. I chose no for all of these options.

16. The installer will ask you if you want to install Cyberpanel with Remote Database. Choose Yes.
The installer will ask you for the hostname of the remote database server. You can use the IP of your database server here.
The installer will ask you for a mysql port. Use 3306 if you didn't change the port in step 12. If you did, enter that port here.
The installer will ask you for a mysql user. Enter the credentials from the user created in step 10.
The installer will ask you which database has the default mysql schema: 'mysql' worked for me.

17. The installer will ask about a few more additional softwares: Redis, MemCache, Watchdog. This tutorial does not cover the configuration of these programs. I entered no for all options.

Cross your fingers and hope for the best. If everything worked properly in a few minutes the terminal will tell you how to log into your new cyberpanel installation

Use RDP Wrapper Library with latest Windows 10 / Server OS Versions

Sat, 31 Oct 2020 20:28:31 +0000

Use RDP Wrapper Library with latest Windows 10 / Server OS Versions

Howdy Post4VPS Staff & Community

Before I start writing about the main subject of today's guide I will start off with explaining what the "RDP Wrapper" library actually is:

Quote:Imagine you are a normal Windows user and your computer came with Windows 10 Home preinstalled. Now you might know that the Windows 10 Home edition is very limited in many aspects such as a lot less control over the system settings (e.g. updates are forced and cannot be turned off). Another locked down feature is the absolute lack of the remote desktop feature / the remote desktop server. That means you cannot connect to your computer remotely in your network from e.g. a tablet or something similar.

Such a feature, while not many normal users may use it, is actually a very useful feature. So for those who are very interested in this feature... what should these people do? The next higher up version that comes with the remote desktop feature / server is Windows 10 Pro. Would you be willing to go out and buy a Windows 10 Pro license? Of course you could get a cheap license from some random or weird site. You don't have to do this! It could especially be a dangerous scam / rip off.

Here is where the "RDP Wrapper" library comes into play. It is a RDP library with a lot of modifications and tweaks. You can install RDP Wrapper on your Windows 10 Home computer to get back the Windows remote desktop feature / server for free. Not only that - it also supports concurrent RDP sessions which is usually only a premium Windows Server feature (2 sessions by default and many more with the expensive RDS-CAL licenses). RDP Wrapper library can also be used on Windows Server products to unlock more than 2 concurrent RDP sessions for free (grey area subject). It is compatible from Windows Vista to Windows 10.

Above was a little explanation about the RDP Wrapper library. Now let's talk about the subject of this guide. The RDP Wrapper is no longer in development and has no support since the end of 2018. That means that newer Windows 10 Version that came out after 2018 aren't really supported or rather said the RDP Wrapper library doesn't properly work on newer / latest Windows 10 builds. This guide will show you how to fix this issue and be able to use the RDP Wrapper library on the latest Windows 10 / Server builds (e.g. Windows 10 2009 Home or Windows Server 2019).

The actual constellation / my setup: Windows 10 Home Build 20H2 (2009) with a license inside a Hyper-V VM with 2 CPU Cores, 4 GB RAM and a 64 GB vSSD. It doesn't matter whether your computer is physical or virtual. I'm just using a virtual system because I don't have a device with Windows 10 Home in physical form. Due to the limited feature set of Windows 10 Home RDP is not available. I however want to use RDP to access the VM remotely from my tablet to do some stuff without always being at my computer. I'm going to install RDP Wrapper and fix it up to work on my setup.

Disclaimer: You are performing all actions at your own risks. You cannot make me responsible for anything that happens. I hold no responsibility for the actions performed by you with this guide. This is solely for educational and non commerical use only! The legality of the subject of this guide is not clearly defined. See here for more information.

Let's get started. Make sure you have administrative rights / access on your machine as this level of access is required to perform actions in this guide.

Step #1

Open your web browser, go to https://github.com/stascorp/rdpwrap/releases and download the latest version of RDP Wrapper (currently and as of 2018 it is version 1.6.2). Choose the .zip file version of the release as the .MSI installer will not work at all on latest Windows 10 / Server builds.

Or click this link to download the .zip file directly from the release page.

Also download this file.

Step #2

Press the Windows key and the R key at the same time. In the small "Run" window type in the following text and hit the ENTER key:

Code:
%ProgramFiles%

The Windows explorer will open up. Inside the directory that opened up create a folder called "RDP Wrapper". Do not use another path than %ProgramFiles%\RDP Wrapper!

Full path should normally be "C:\Program Files\RDP Wrapper".

Step #3

Extract the content of the RDP Wrapper .zip file into the RDP Wrapper folder you have created.

Additionally extract the content of the autoupdate.zip file that you have downloaded into the RDP Wrapper folder.

The RDP Wrapper folder should look like below:

Step #4

Open the "Helper" folder in the RDP Wrapper folder and run "autoupdate__enable_autorun_on_startup.bat" as an administrator (right click the .bat file and click on "Run as Administrator").

If a small and blue Windows protection window opens click on "More info" and then on the "Run anyway" button to run the .bat file. Alternatively you can disable Windows smart screen to get rid of this blue Windows protection windows.

A CMD window will open up. Once its done you will see a message saying to press any key to close the window. Just press any key to close that windows.

Set in your Antivirus an exclusion for the folder "%ProgramFiles%\RDP Wrapper" to prevent the deletion of RDP Wrapper files.

Step #5

After the step above run "autoupdate.bat" inside the RDP Wrapper folder as an administrator (right click the bat file and click on "Run as Administrator").

If a small and blue Windows protection window opens click on "More info" and then on the "Run anyway" button to run the .bat file. Alternatively you can disable Windows smart screen to get rid of this blue Windows protection windows.

A CMD window will open up. It will perform a lot of tasks and install fixes for the RDP Wrapper library 1.6.2 that we downloaded. Once everything is finished the CMD window will close.

After that you can run the "RDPConf.exe" file in the RDP Wrapper folder to see whether the RDP Wrapper library was installed and is working properly. Below an example of a working RDP Wrapper:

Now you can verify that RDP is working on your Windows 10 Home computer by using a different device with a RDP client and typing in the IP address of your Windows 10 Home computer. If everything works you will be connect to your computer via RDP and you can login with your user.

As you can see I'm connected to my Windows 10 Home VM. Windows still says that RDP is not available because of Windows 10 Home but we're connected via RDP. We have successfully enable RDP on our Windows 10 Home computer.

That's it! Couldn't be easier, right? You can configure RDP Wrapper further by editing the rdpwrapper.ini file inside the RDP Wrapper folder. WARNING: You shouldn't touch the file if you don't know what you are doing. Some options can be guessed easily by the names but others aren't that easy to understand and can break RDP on your system.

Installing Wordpress Mulitsite

Sun, 11 Oct 2020 23:55:55 +0000

Hello All,

So I have been working through all of the bugs of this install to get thing exactly correct, so fellow designers and developers can follow along and setup a Wordpress Multisite Network to easily create and manage sites for clients along with theme and plugin development. Before we begin, we will need some things in place before we can get to the meat and potatoes of the tutorial.

Prerequisites:
- Ubuntu Server 18.04
- Apache2 (Your LAMP stack including Apache and SQL)
- PHP 7.4.11

Setting up Ubuntu Server:

If you are installing a fresh install of Ubuntu proceed through the setup and when prompted to select an install package, you can choose the Apache2 (LAMP Stack), make sure to hit the spacebar to select the install package prior to hitting the enter button.

1. Check to see if UFW has the Apache application profile:

Code:
sudo ufw app list

You should see the available options include: Apache, Apache Full, Apache Secure
2. Allow incoming HTTP/HTTPS traffic to your server:

Code:
sudo ufw allow in "Apache Full"

Using your public IP address you can check to see if Apache was correctly configured, you can visit http://PUBLIC.IP.ADDRESS and you should see the default Apache2 Ubuntu Default Page. If you are unable to see this page make sure to start the server if it has not been started already sudo systemctl start apache2

3. Install MySQL Server
You will now need to install the MySQL server so you can being creating databases. This setup will install the initial server with a root user and you will be able to set the password for the root user along with securing the server with the secure installation. First run:

Code:
sudo apt install mysql-server

You will see a list of packages that will need to be installed, type Y to confirm and then the installation will continue. After the installation has completed, you will now need to run this built in script to remove any harmful defaults and lock down your SQL Server.

Code:
sudo mysql_secure_installation

The secure installer will then ask you a list of questions, all of which you can answer Y too. The next step will ask you to select a password validation policy level, where 0 is none at all and 3 is maximum security, you will need a super strong password. With my installation, I set the level to 1, that way you need a secure password, but it does not have to be wickedly strong. You will then setup and confirm the password for root@localhost.

4. Installing PHP
Using the following command you can install PHP and it's components for displaying dynamic content and connecting to the MySQL server.

Code:
sudo apt install php libapache2-mod-php php-mysql

Once the scripts install, restart the apache server: sudo systemctl restart apache2

Now that the server is restarted, you can upgrade from the stock PHP version in Ubuntu (PHP 7.0) to the most recent version, 7.4.11. Run the following scripts to add the PPA repository for PHP 7.4.

Code:
sudo apt install software-properties-common

sudo add-apt-repository ppa:ondrej/php

sudo apt update

sudo apt install php7.4

With PHP 7.4 installed, you will now need to run these commands to install the needed PHP modules followed by deactivating PHP 7.0 and activating PHP 7.4 then restarting Apache.

Code:
sudo apt install php7.4-{mysql,common,xml,xmlrcp,curl,gd,imagick,cli,dev,mbstring,opcache,soap,zip,intl}

sudo a2dismod php7.0

sudo a2enmod php7.4

sudo systemctl restart apache2

5. Upgrading phpMyAdmin & Adding a Symbolic Link
Now we have PHP updated, we need to update phpMyAdmin, the stock version included in the LAMP stack is out of date and some of the functions are depreciated. This will give you the most up to date version of phpMyAdmin which is compatible with PHP 7.0+ and MySQL 5.0+.

Code:
Navigate back to your system root and change to the directory /usr/share and remove the current phpmyadmin folder

sudo rm -rf ./phpmyadmin/

Followed by downloading phpMyAdmin, unpacking it and renaming the directory

sudo wget https://files.phpmyadmin.net/phpMyAdmin/5.0.3/phpMyAdmin-5.0.3-english.tar.gz

sudo tar -xvf phpMyAdmin-5.0.3-english.tar.gz

sudo mv ./phpMyAdmin-5.0.3-english/ ./phpmyadmin/

sudo rm -rf phpMyAdmin-5.0.3-english.tar.gz

Now that we have the update downloaded, you will need to change the config.sample.inc.php into config.inc.php and then add a blowfish secret key that will enable cookies for phpMyAdmin.

Code:
cd phpmyadmin

cp ./config.sample.inc.php ./config.inc.php

sudo nano config.inc.php

Key down to the line asking for the blowfish key and then generate it and insert from this site: https://phpsolved.com/phpmyadmin-blowfis...generator/

Once you have it entered press ctrl+X and save the changes.

6. Setting up Virtual Hosts
Now that your Apache server is mostly set up, you can now begin to create the public_html folder which will host the Wordpress install. This is where you would connect up your domain by modifying the DNS settings with your cPanel or Domain Registrar. You can set up and give the proper permissions to the public_html folder by running the commands below.

Code:
cd ../../../

sudo mkdir /var/www/public_html

sudo chown -R $USER:$USER /var/www/public_html

sudo chmod -R 755 /var/www/public_html

Now that the public_html directory is made, you will need to create a virtual host file that will allow Apache to serve the content when you and others access your site. Run these commands to create a new configuration file. Make sure to change YOURDOMAIN to your domain name. Ie. tbelldesign.conf

Code:
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/YOURDOMAIN.conf

sudo nano /etc/apache2/sites-available/YOURDOMAIN.conf

Change the following details to match your domain:

ServerName YOURDOMAIN

ServerAlias www.YOURDOMAIN

DocumentRoot /var/www/public_html

Now exit and write the changes then run the following commands to enable your new conf and disable the default conf.

sudo a2ensite YOURDOMAIN.conf

sudo a2dissite 000-default.conf

sudo systemctl restart apache2

Now that you have your new virtual host setup, you will need to create a symbolic link to your public_html so that when you visit http://YOURDOMAIN/phpmyadmin/ you can login to phpMyAdmin and have all of the great features this visual database manager has to offer.

Code:
sudo ln -ls /etc/phpmyadmin/ /var/www/phpmyadmin/

Now visit http://YOURDOMAIN/phpmyadmin/ to make sure that you can see the login page and log in with your root@localhost username (root) and the password you setup during the MySQL secure install. If you are unable to access phpmyadmin, make sure to chown and chmod the directory.

7. Install Wordpress
Now that you have Apache, PHP, MySQL and phpMyAdmin installed and configured you can now download Wordpress to your public_html folder and begin the installation process.

Code:
cd /var/www/public_html

sudo wget https://wordpress.org/latest.tar.gz

sudo tar -xvf latest.tar.gz

cd ./wordpress

sudo mv -R ./* ../

cd ../

rm -rf wordpress/

Then make sure to chmod everything so it is writable by the installer

sudo chmod -R 755 ./

Now the Wordpress is moved to public_html you can begin the installation by visiting http://YOURDOMAIN and following the directions.

Once you have successfully installed Wordpress, you can edit your wp-config.php to then begin the installation of Multisite Network.

Code:
sudo nano wp-config.php

Add the following code right above /*Finish adding code, happy editing*/

define('WP_ALLOW_MULTISITE' , true);

Close and write the changes

Next login to WP-Admin using the credentials you have set up, and begin to remove the stock plugins and the default themes, minus Twenty Twenty. Then head on over to Settings>Permalink and change the option to Post Name. Once those are removed, you can then go to Settings> Create a Wordpress Network of Site. Follow the recommendations of the the installation of the network. I recommend using the subdirectory method and disabling the subdomain method of adding sites. With it installed, you will now be able to create development sites, add network themes and plugins along with more network admin users.

Edit: Subdomain Setup
To have a subdomain set up where your wordpress network would look like site1.YOURDOMAIN and site2.YOURDOMAIN you will need to set up a wildcard subdomain either in cPanel or with your domain registrar. In cPanel you would go to Domains>Sub Domains and create a subdomain with the following information.

Code:
* .YOURDOMAIN

/var/www/YOURDOMAIN/public_html/wildcard

Then in your DNS settings you will need to have the wildcard domain (*.YOURDOMAIN) point towards your server.

If you're not using cPanel, you can login to your domain registrar and edit your DNS settings and set up the same configuration but it will look something like this:

Code:
Name               TTL          Class          Type          Record

*.YOURDOMAIN       14400         IN             A            YOURSERVERIP

www.*.YOURDOMAIN   14400         IN             A            YOURSERVERIP

Thank you to for this recommendation.

I would like to thanks Post4VPS and for the amazing server, allowing me to get Tyler Bell Design Co. Development up and running. You can see the results of the Multisite Network by visiting http://dev.tbelldesign.co and http://dev.tbelldesign.co/eventpros/ to see how one network can host a plethora of sub sites. Good luck and happy development! If you have any questions feel free to ask them below!

How to Host(/mirror) your Own online KVM VPS Locally

Sat, 03 Oct 2020 06:20:55 +0000

There are times when we want to replicate our own online VPS locally whatever the reason behind that decision; this HowTo tutorial is just about this process done for a QEMU/KVM guest system.

Some Context:
During last June I decided to terminate my VPS-9 hosting of a GIS project that I've deployed there over a period of 2 months. The general experience was fair but I've never let it run on autopilot mainly because of CPU issues (stealness issues and CPU spikes (under certain circumstances) with time spans edging the sponsor's AUP.

Because everything was already perfectly setup and working just fine, I decided to replicate my VPS-9 locally, on my Fedora Server 32, which is running KVM.

The replication process consists in two steps:

The first thing we have to do is to clone VPS-9 virtual disk (ie /dev/vda) over the network using dd.
Once we get our block device then we can setup our KVM VPS by mimicking the same configuration used by VirMach.

In this post, I'll only touch on the how to clone a block device over the network. The VPS creation will be addressed in the next post.

Cloning your VPS storage device over the network
As with pretty much anything in Linux, there are many ways to clone a block device over the network. But the most simple and straightforward way is to use the old and time-tested DD tool over SSH.

Before showing the command I've used, I must first stress on the fact that while you have to keep your VPS online, it must be kept in a quasi idle state. That means all its services must be turned off, everything!.. Of course you'll still have some residual activity, but what we aim for is that the filesystem should not be altered too much while we're copying the entire block device. You must remember that transferring 100 GiB (the size of VirMach VPS-9) over the network will take hours!

Now for the command:

Code:
ssh -i ~/.ssh/phoenix-ecdsa-key xxx.xxx.xxx.xxx -p SSH-PORT "sudo dd if=/dev/vda bs=16M conv=sparse,notrunc,noerror status=progress | gzip -1 -" | dd bs=16M of=phoenix.img.gz

What this command does is first initiate the SSH login via our public key authentication then, when done, run the dd command as a sudoer. But for this to work you'll have to let your sudoer run commands without entering the password everytime [1].

Now let's see what the bellow subcommand does:

Code:
sudo dd if=/dev/vda bs=16M conv=sparse,notrunc,noerror status=progress | gzip -1 -

This command, if successful, will end up generating a gzipped stream of our block device that will feed the next portion of the code highlighted in the code bellow.

Code:
<....> | dd bs=16M of=phoenix.img.gz

This portion of the code will simply get the streamed feed and store it locally as the 'phoenix.img.gz' image file.

Back to the dd command. it was set to copy our block device, which was /dev/vda, in 16 MB block size while ignoring all read errors and constantly updating us on its progress.

That's a hell of a command!.. Isn't it?

Here is the whole output in my case, from start to finish, some 30 hours latter:

Code:
[me@local media]$ ssh -i ~/.ssh/phoenix-ecdsa-key xxx.xxx.xxx.xxx -p SSH-PORT "sudo dd if=/dev/vda bs=16M conv=sparse,notrunc,noerror status=progress | gzip -1 -" | dd bs=16M of=phoenix.img.gz

107374182400 bytes (107 GB, 100 GiB) copied, 118118 s, 909 kB/s

6400+0 records in

6400+0 records out

107374182400 bytes (107 GB, 100 GiB) copied, 118118 s, 909 kB/s

0+2428890 records in

0+2428890 records out

47201888523 bytes (47 GB, 44 GiB) copied, 118125 s, 400 kB/s

Once I have my block device on my PC, I can now start setting up my VPS-9 locally; but that for the next post.

Stay tuned!...

------------------------
[1]-Generally, it's just a matter of appending this line at the end of the '/etc/sudoers' file:

Code:
sudoerUserName ALL=(ALL) NOPASSWD: ALL

Edited!..

How to install OpenGamePanel on Debian/Ubuntu

Mon, 28 Sep 2020 11:16:48 +0000

This is an updated tutorial! The previous tutorials of OpenGamePanel posted on Post4VPS can be found here Thread 1 & Thread 2.

Hello there!
OpenGamePanel is a free and really easy to use game management panel which consist of many features and it is better than some paid game management panels. OpenGamePanel have two parts which i will show you how to install
1. Panel/Website : Which will be used to manage your server and agents and install game servers etc.
2. Agent : Which will control all your servers and it can be remotely managed by the Web Interface!

Step 1 : [b]Updating your VPS:[/b]

Code:
apt-get -y update && apt-get -y upgrade 

Step 2 : Preparing and Installing Required Packages for Web Panel

Code:
apt-get install apache2 curl subversion php7.0 php7.0-gd php7.0-zip libapache2-mod-php7.0 php7.0-curl php7.0-mysql php7.0-xmlrpc php-pear phpmyadmin mysql-server php7.0-mbstring php-gettext git php-bcmath  - UBUNTU 16.04 & DEBIAN 9!

Code:
apt-get install apache2 curl subversion php7.2 php7.2-gd php7.2-zip libapache2-mod-php7.2 php7.2-curl php7.2-mysql php7.2-xmlrpc php-pear mysql-server php7.2-mbstring php-gettext git php-bcmath - UBUNTU 18.0

Code:
apt-get install apache2 curl subversion php7.3 php7.3-gd php7.3-zip libapache2-mod-php7.3 php7.3-curl php7.3-mysql php7.3-xmlrpc php-pear mariadb-server php7.3-mbstring php-gettext git php-bcmath - DEBIAN 10

Step 3 : Installing OpenGamePanel

Code:
wget "https://github.com/OpenGamePanel/Easy-Installers/raw/master/Linux/Debian-Ubuntu/ogp-panel-latest.deb"

sudo dpkg -i "ogp-panel-latest.deb"

After doing the second step you will be prompt to enter your root SQL Password so it can create a database for the Panel. The details will be shown for your OpenGamePanel Database Like this:

Code:
MySQL Host: localhost

MySQL User: ogpuser

MySQL User Password: lbRufrXCdd3e

MySQL Database Name: ogp_panel

After entering your root password you can now open http://2.2.2.2/ (Change it with your server ip) you will be redirected to the install page!
If you just in case did not save the password before you can use the following command to retrieve your database password

Code:
cat ogp_panel_mysql_info

Step 4 : Installing a theme (because the default theme looks really old duh) and this obsidian theme is created by HMR!

Code:
cd /var/www/html/themes/

git clone https://github.com/hmrserver/Obsidian.git

mv Obsidian/themes/Obsidian/* Obsidian/

Step 5 : Installing Required Packages for OpenGamePanel Agenta

Code:
sudo apt-get install libxml-parser-perl libpath-class-perl perl-modules screen rsync sudo e2fsprogs unzip subversion libarchive-extract-perl pure-ftpd libarchive-zip-perl libc6 libgcc1 git curl

sudo apt-get install libc6-i386 

sudo apt-get install libgcc1:i386

sudo apt-get install libhttp-daemon-perl

sudo apt-get install lib32gcc1

Step 6 : Installing the OpenGamePanel Agent

Code:
wget "https://github.com/OpenGamePanel/OGP-Agent-Linux/archive/master.zip"

unzip master.zip

cd OGP-Agent-Linux-master/

# Create a USER for

sudo adduser ogpbot

sudo usermod -a -G sudo ogpbot

sudo bash ./install.sh

Now you have successfully installed OpenGamePanel AGENT and WEB Panel you can easily now add your server to the web panel
Click on Administration>Servers
Where you have to put your Server IP and your encryption key which you set when you were installing the OpenGamePanel Agent!
Links to some other themes

I hope you find this tutorial useful! as there are few old threads Thread 1 and Thread 2, Which were a little bit outdated and a little bit difficult to install. I have tested this on a VPS with Ubuntu 16.04 and Debian 9. Soon will update it for CENTOS 6 and 7 too!
I did not use the easy installer for installing agent it somewhere breaks and causes issues, I used a manual installer which is more easy and shows you many option to setup for the agent!

Regards,
sAmI

How to Post Longer Status Messages With Color Background On Facebook

Mon, 07 Sep 2020 04:12:07 +0000

First, you post an status with any background and set the view only for me

Then, you need to access facebook under the link https://m.facebook.com

Then you edit the status and enter as many characters as you want, and edit your views with friends or public .. Good luck

How to Install TeamSpeak3 on Debian/Ubuntu

Sat, 08 Aug 2020 22:48:53 +0000

Hello there, I'm going to show you the easiest way to install SinusBot and TeamSpeak3 on VPS both for Debian and Ubuntu! TeamSpeak3 is a Voice Server which is mostly used by the eSport teams for communication and it is also used by some students and other individuals too, On the other hand Sinusbot is a MusicBot in which you could listen music or setup amazing scripts provided over their forum!

So, Lets get started by updating and installing some tools for running TeamSpeak3

Code:
For Debian/Ubuntu Users

apt-get update && apt-get upgrade

apt-get install nano wget perl tar bzip2

Now, Add a non-root user for TeamSpeak3 as it is not recommended to run TeamSpeak3 on root user!

PHP Code:
adduser --disabled-login username
*Now you can switch to the username*
su username 

Setting up the files for TeamSpeak3 Server and starting the server :

PHP Code:
http://dl.4players.de/ts/releases/3.12.1/teamspeak3-server_linux_amd64-3.12.1.tar.bz2    - FOR 64BIT*
http://dl.4players.de/ts/releases/3.12.1/teamspeak3-server_linux_x86-3.12.1.tar.bz2      - FOR 32BIT*
tar xvf teamspeak3-server_linux_amd64-3.12.1.tar.bz2 
cd teamspeak3-server_linux_amd64

touch .ts3server_license_accepted   
(TeamSpeak3 requirest you to accept a licence before starting it for the first time)
(You can read the terms by typing nano LICENSE)
*Now start the server by typing* 

./ts3server_startscript.sh start 

Your TeamSpeak3 will generate a ServerAdmin Password, APKIKEY and one time user Server Admin Token which should be used open joining the server first time

Code:
Example of the generated stuff

------------------------------------------------------------------

                      I M P O R T A N T                           

------------------------------------------------------------------

               Server Query Admin Account created                 

         loginname= "serveradmin", password= "f5SfK3"

------------------------------------------------------------------

------------------------------------------------------------------

                      I M P O R T A N T                           

------------------------------------------------------------------

      ServerAdmin privilege key created, please use it to gain 

      serveradmin rights for your virtualserver. please

      also check the doc/privilegekey_guide.txt for details.

       token=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

------------------------------------------------------------------

You have successfully installed TeamSpeak3 Server on your VPS! TeamSpeak3 is a voice server.
Pros :
TeamSpeak3 is simple and have a decent interface
It uses much less ram as compared to others Voice Servers.
You can also use multiple scripts to modify the server according to your needs (Example, Admin Bots which manage users and other actions)
Cons:
TeamSpeak3 Free Licence allows only 32 slots and the gamer licence starts from 55$! They do not accept sponsorship offer real easily.

CyberPanel on NanoKVM's VPS - 2 Methods

Mon, 27 Jul 2020 04:26:17 +0000

Hello, P4V community!
You maybe thinking about the topic name that it's insane as only 20 ipv4 ports are open and cyberpanel's port is out of that range as well as it's port cannot be changed. We are going to figure this out below.
BTW you may also be thinking about this that from nowhere this thread came out in light. I am making this thread as yesterday I tackled this problem. I wanted to install cyberpanel on nanokvm's vps. I contacted their support but they said port cannot be changed as its integrated and thus if we forcefully change the port then its going to break.

Solution (Of which I thinked of yesterday and discussed with cyberpanel admins): As we know NanoKVM doesn't allows port out of 7801-7820 to be accessible out of the local vps network. Now you may have got the idea that what I am going to do. I am going to run cyberpanel locally on the VPS.
I am going to install a GUI environment (if it's not installed) on the supported OS and then going to install cyberpanel which can be accessible on the local network with its port. [Method -1]
OR
Why not make the network of VPS and your PC same! [Method - 2] {VPN server}
And yes when I tried this out it worked out well.

**Warning**: As says so I am going to say that too here that this thread is not spoon feeding! Also, the commands given below were used on CentOS, so change them according to your server OS

Prerequisites:

You should be aware and should be used to CyberPanel
Used to VNC and GUI Installation
Used to Linux Commands
etc

Moving Forward:

Method - 1
First: Installation of a GUI. (We don't need to install any VNC server as we already have a VNC server on NanoKVM)

Install epel-release first,

Code:
sudo yum install epel-release

Code:
dnf --enablerepo=epel group -y install "Xfce" "base-x"

Code:
echo "exec /usr/bin/xfce4-session" >> ~/.xinitrc

Now, Take care that you don't restart the VPS as after you restart you will stop the GUI session and again fallback to Command Line. (So, enter the below command when you are ready for it). And yes the below command should be run through VNC as then you will directly fall from Command to the GUI session.

Code:
startx

Now exit the VNC session.

Second: Installation of CyberPanel.
Fire up your ssh and then follow the procedures which is stated on the official site.
After installation, Note all the details of the users, passwords, ports in a txt file.

Third: Accessing the Panel.
Open the VNC session again. Now we have to open firefox. (Its not already installed. To install it simply type sudo apt install firefox or sudo yum install firefox for the respective OS systems)

After opening Firefox, enter this

Code:
https://localhost:8090

And your panel will load up!

Note: This pic was taken yesterday when I was experimenting all this! (OS: CentOS 8)

Now, add a site, etc! All thing will work flawlessly!

Method - 2{RECOMMENDED}
Note: said that VPN for fair use is allowed.
So, you can use that until you make your server open to the world. Which will cause deletion of your server
So, If you have any doubt still then ask through mail support!
Credits to !
I tried openvpn earlier but it didn't worked as I was messing with NAT IP and Public ipv4 address.

Step-1: Installing OpenVPN server link to repository: https://github.com/Nyr/openvpn-install

Code:
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

Step-2: When Installing choose the listening port between 7801 to 7820 and then you will get a .ovpn configuration file. Now you need that file on your local desktop. First, go the file and type

Code:
cat .ovpn

This will show you the text. Just copy and paste it on your local desktop with .ovpn extension!

Step-3: Install OpenVPN Connect from OpenVPN site and open openvpn connection with that .ovpn file

Step-4: Now comes the step to access cyberpanel. You just have to go to nanokvm dashboard. At starting you will see a IP 10.0.x.x or something like this. This is your local NAT IP which is used to communicate locally. So, just copy that IP and paste it in your local browser with 8090 port at the end
And
Voila! Cyberpanel will load up!

I tried SSH tunneling and then I tried to access the cyberpanel with NAT IP but still It didn't worked. I tried this with mozilla firefox browser. I forgot the error which was displayed.

Found any error? reply below! We all will help you out

Password Recovery Ubuntu Server 18.04 LTS

Fri, 24 Jul 2020 09:06:54 +0000

Password Recovery Ubuntu Server 18.04 LTS

Hello Post4VPS Community

In this brief guide I will provide instructions to perform a password recovery on a server or computer with Ubuntu 18.04 LTS or Ubuntu Server 18.04 LTS (it might as well work on older or newer versions). This information can be useful if you have forgot your root password. To perform the necessary steps you need to have VNC access or physical access to your server or computer.

Let's get started.

Step #1

Reboot your server or computer. When it is booting up hit the SHIFT key until you get into the GRUB boo tmenu. You migh need several tries depending on the hardware setup and how the OS was installed (Legacy vs UEFI and etc. can effect how the OS boots). It's a bit tricky especially if you're on modern and very fast hardware the OS boots really quick.

Once you are in GRUB it should look a bit like in the screenshot below (Ubuntu Server 18.04 LTS):

Step #2

In the GRUB boot menu select the Ubuntu entry and hit the E key to enable edit mode for the boot entry.

You will see the following screen:

Navigate to the bottom of the file with the arrow keys until you see the following line:

Code:
linux /boot/vmlinuz-4.15.0-112-generic root=[...] ro maybe-ubiquity

^ This is an example from a Ubuntu Server 18.04 LTS VPS (might look different on a different machine).

Screenshot:

Change "ro maybe-ubiquity" to "rw init=/bin/bash".

Screenshot:

After that press F10 to boot into single user mode with the new parameters that you've set above.

Step #3

You are now in single user mode and have a direct bash shell session open as the user "root" without the need to enter a password or something else.

Screenshot:

Now simply run the password utility to change the password of the root user:

Code:
passwd

Enter a new password and confirm it.

Screenshot:

Step #4

Reboot the server or computer to boot into the normal Ubuntu environment using the command below:

Code:
exec /sbin/init

Login with your new root password.

That's it! You have recovered or reset your lost root password. The same method can be used to reset other user passwords, too.

How to install new OS on NanoKVM VPS

Wed, 22 Jul 2020 10:47:34 +0000

Before beginning I want to elaborate why I started this thread....
I installed ajenti and changed the port in-between 7801-7820 to access it but later on I wanted to uninstall it and install cyberpanel.
But as soon as I tried sudo apt-get remove ajenti it gave me a error that no package ajenti found.
I asked as he also owns one nanokvm vps on how to change os.
He stated me some steps which I tried and it worked out well after I tried it twice.....
So, the whole credits to for this
I am just going to elaborate it more
And yes thnx to for giving us such a nice NanoKVM VPS

Okay, So let's get started!

Step 1: As Usual first login to the NanoKVM panel

Step 2: Select the ISO which you want from the ISO Option on the panel

Step 3: Then restart the vps by clicking that Restart button

Step 4: Now click on the VNC button to open the VNC details.
It get changed in few seconds so as soon as the VNC details page opens then connect to it by using your preferred VNC client.
Here, I am gonna use RealVNC VNC Viewer.
Now as soon as you get connected you will get a screen like this(If you haven't tried installing any iso then you will get something like this):

Step 5: Restarting the machine to select the BOOT from option. For this click on the ctrl + alt + del button

Step 6: As soon as you click that button the system will start restarting. Once you see this page immediately click Esc button.

Step 7: Now you will reach the Boot Menu if you performed all the above steps clearly!

Now select the 3rd option which contains the installation ISO file.

And Voila! The new OS Installation page will open up!

FEEL FREE TO ASK Me(), , and Staff if you have any doubt
Contributions to threads are always welcomed!