Category: Debian

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

Mariadb Disable Auto Start on Desktop

How to prevent MariaDB from automatically starting up on a desktop is not the same as prior Mysql versions. Instead of using the remove from rc method, you use systemd (systemctl). But there is nothing in the documentation about that. sudo systemctl disable mysqld Found here: For some reason the MariaDB documentation thinks its a good idea to have...

Fail2ban ERROR /bin/sh iptables No such file or directory

In Fail2ban version 0.9 running on Debian 9 server fail2ban.action [17325]: ERROR -n -L INPUT | grep -q ‘f2b- [ \t]’ — stderr: b’/bin/sh: iptables: No such file or directory\n’ [edit] /etc/fail2ban/action.d/iptables-common.conf [change] iptables = iptables [to] /sbin/iptables = iptables

Debian 9 Stretch Apache 2.4 MariaDB 10.1.26 PHP 7.0

Installation notes for Debian 9 Apache 2.4 MariaDB 10.1.26 PHP 7.0 differ somewhat from prior LAMP installations. Also included here are notes on PSAD and Fail2ban. PSAD requires netstat which is no longer included in Debian 9 apt-get install net-tools apt-get install apache2 apt-get install software-properties-common apt-get install mariadb-server sudo /usr/bin/mysql_secure_installation sudo mysql -v

SSH Reverse Tunnel Not Working Mystery

When using autossh to create a reverse tunnel, sometimes, mysteriously (for the moment), on the remote server, the connect is refused, returning this message in syslog/messages autossh[7451]:{port}: Connection refused The problem is autossh process is running (pid 7451) but frozen ( thats the mystery ) The solution: sudo kill $(ps aux | grep ‘autossh’ | awk ‘{print $2}’)

How To Set Up Password Authentication in Apache2

sudo apt-get install apache2-utils ( FIRST USER only ( -c ) option to create file, or you will wipe all your existing logins !!! ) sudo htpasswd -c /etc/apache2/.htpasswd username1only sudo htpasswd /etc/apache2/.htpasswd username2etc Conventional setup sudo vi /etc/apache2/sites-enabled/000-default.conf ( In which case you must specify the Directory to be protected ) <Directory “/var/www/”> AuthType Basic AuthName “Restricted Content” AuthUserFile...

LAMP upgrade to mysql 5.6 PHP installation appears to be missing the MySQL extension which is required by WordPress

WordPress Running on Debian 7 LAMP After upgrading to MYSQL 5.6 from 5.5 I encountered several problems, first of which was a completely broken MySQL then Apache2.3 and PHP complained. This ultimately cleaned up the mess: sudo dpkg –purge mysql-client-core-5.6 sudo dpkg –purge mysql-client sudo dpkg –purge mysql-server-core-5.6 sudo dpkg –purge mysql-common sudo dpkg –purge mysql sudo apt-get –purge remove...

Disable IPV6 Debian

sudo vi /etc/sysctl.conf # to disable IPv6 on all interfaces system wide net.ipv6.conf.all.disable_ipv6 = 1 # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks net.ipv4.conf.default.rp_filter=1 net.ipv4.conf.all.rp_filter=1 # Do not accept ICMP redirects (prevent MITM attacks) net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 #...

Stop the Kernel Logging ipv6

To disable IPv6 on all interfaces system wide sudo vi /etc/sysctl.conf add this line net.ipv6.conf.all.disable_ipv6 = 1 Or To disable IPv6 on an interface only net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv6.conf.eth0.disable_ipv6 = 1 sudo sysctl -p /etc/sysctl.conf or reboot

DD Used Space Only Image File Using Gzip Solved

The problem is how to create an img of a disk (or storage of any kind) while not saving the entire unused space – shrink empty disk space with dd. Like many similar problems, I found many posts about how to save the img of a disk and remove empty partitions. Most are obsolete or did not work as specified, which...

Disable RC4 and SSL3

sudo vi /etc/apache2/mods-available/ssl.conf SSLHonorCipherOrder on SSLCipherSuite “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS” SSLProtocol All -SSLv2 -SSLv3 SSLCompression Off

How To Configure exim4 on Debian

sudo vi hosts localhost {server ip address} www sudo vi hostname hostname -f sudo vi /etc/mailname apt-get install exim4 dpkg-reconfigure exim4-config (the following setup for Google mail server) Hide local mail name in outgoing mail? No Split configuration into small files? Yes sudo vi /etc/exim4/update-exim4.conf.conf dc_eximconfig_configtype=’smarthost’ dc_other_hostnames=’localhost;’ dc_local_interfaces=’′ dc_readhost=” dc_relay_domains=” dc_minimaldns=’false’ dc_relay_nets=” dc_smarthost=’′ CFILEMODE=’644′ dc_use_split_config=’true’ dc_hide_mailname=’false’...

Privacy Preference Center