Atlantic.Net Blog

How to Install phpMyAdmin on a CentOS 7 Cloud Server

Brendan Bonner July 2, 2015 by under Cloud Hosting 0 Comments
phpMyAdmin Ship Illustration by Walker Cahall

phpMyAdmin Ship Illustration by Walker Cahall

Verified and Tested 07/2/15

Introduction

This how-to will walk you through the installation process of phpMyAdmin. phpMyAdmin is a tool to directly manage your databases by allowing you to visually add, delete, or modify databases and tables, among other things. phpMyAdmin is written in PHP and is free and open source.

Prerequisites

A CentOS 7 LAMP server is required. If you do not have LAMP installed, you can follow our guide here.

You will need valid MariaDB credentials to log into your database once phpMyAdmin is installed.

This how-to assumes you are using a user with root privileges. You do not have to append sudo to the commands below if you are logged in as the root user.

Install phpMyAdmin on CentOS 7

To install phpMyAdmin quickly on CentOS 7, we are going to install the Extra Packages for Enterprise Linux (EPEL) repo first by running the following command:

sudo yum install epel-release

During the install, it will prompt “Is this ok?”. Hit “Y” and then Enter.

Now we can install phpMyAdmin.

sudo yum install phpmyadmin

During the phpMyAdmin install, it will prompt “Is this ok?” for the install and then the EPEL key. Hit “Y” and then Enter for each question.

The phpMyAdmin installation process will make a configuration file in /etc/httpd/conf.d/ called phpMyAdmin.conf. By default, phpMyAdmin is configured only to accept connections from the server it is installed on. If you want to allow other IPs, you’ll need to open the phpMyAdmin.conf file with your preferred text editor.

sudo nano /etc/httpd/conf.d/phpMyAdmin.conf

In this example, we are using Apache 2.4, so we only need to change the configurations for 2.4. There will be two places that say “Require ip 127.0.0.1”. Below each one we are going to put “Require ip {your-public-IP}” For the purpose of this example, we’ll say we want to grant phpMyAdmin access to a workstation with an IP of 192.168.0.2. In this case, we would put “Require ip 192.168.0.2” below “Require ip 127.0.0.1” If you do not know your public IP, you can use this tool.

The configuration file should like the one below when completed.

   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
        Require ip 127.0.0.1
        Require ip 192.168.0.2
        Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

<Directory /usr/share/phpMyAdmin/setup/>
   <IfModule mod_authz_core.c>
     # Apache 2.4
     <RequireAny>
        Require ip 127.0.0.1
        Require ip 192.168.0.2
        Require ip ::1
     </RequireAny>
   </IfModule>
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     Order Deny,Allow
     Deny from All
     Allow from 127.0.0.1
     Allow from ::1
   </IfModule>
</Directory>

In Nano to save a close, hit Ctrl+X and then Y and then Enter.

Note: When adding allowed IPs to this file, be sure you only add the IPs for users who require access. The more access you allow, you more you may also increase your server’s exposure to exploit.

Now, we can restart Apache so that the changes take place:

sudo systemctl restart httpd.service

To get to the login page, you need open your browser and go to http://{your-server's-address}/phpMyAdmin/. You should get a page that looks like the image below.

An example of the phpMyAdmin login page

An example of the phpMyAdmin login page

Note: If you do not know your IP address, run the following command:

ip addr show eth0
An example of running the command: ip addr show eth0 and getting 192.168.100.10 for the IP address.

An example of running the command: ip addr show eth0 and getting 192.168.100.10 for the IP address.

In our example we would put http://192.168.100.10/phpMyAdmin/ into our browser’s address bar.

You can sign in with the root MariaDB credentials that you set-up when installing LAMP. Once logged in, you should get a page similar to the one below.

An example of the phpMyAdmin default page.

An example of the phpMyAdmin default page.

Using this interface, you can now easily manage your databases on your CentOS 7 LAMP server.

Congratulations! You have just installed phpMyAdmin on your CentOS 7 Cloud Server. Thank you for following along in this How-To! Check back with us for any new updates, and try our line of cloud hosting solutions.


How to Generate a Certificate Signing Request (CSR) for an SSL

Verified and Tested 03/26/17

Introduction

This article will explain how to generate a Certificate Signing Request (CSR). You will be required to submit a CSR when obtaining an SSL/TLS certificate from a certificate authority (CA).

Prerequisites

Any Linux distribution with OpenSSL installed. If you do not have a server, why not consider a Linux Cloud Server from Atlantic.Net and be up and running in under 30 seconds.

Generate a Certificate Signing Request (CSR)

Both the CSR and the private key for your server can be generated in one easy step. Be sure to keep access to your private key as restricted as possible, as this unique identifier is used to verify the authenticity of your server.

Note: If you are having trouble running the command successfully, you may need to log in as sudo or root.

openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

You will then be asked for the following information:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
State or Province Name (full name) []:
Locality Name (eg, city) [Default City]:
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

Note: The challenge password is not related to the private key password. Leave it blank unless required by your certificate authority. You may also leave the “optional company name” question blank.


You now have the “.csr” (Certificate Signing Request) file that will need to be submitted to a certificate authority (CA). Once the CA has signed the certificate, it will return a certificate file. The format of the issued certificate will vary depending on the certificate authority.  The most common type will be PEM format which utilize extensions such as .crt.key.csr.cer, and .pem.


Depending on the needs of your application or web server, you may need to convert one of these formats to other formats such as PKCS#7, PKCS#12, or DER. Here are a some useful file conversion commands:

PEM → PKCS#7 (P7B)

openssl crl2pkcs7 -nocrl -certfile yourdomain.cer -out yourdomain.p7b -certfile CACert.cer

The -nocrl option indicates that you will not be including a certificate revocation list (CRL) in the PKCS#7 structure. Most new deployments will use this option, since there will be no older certificates to revoke.
Each -certfile option indicates a certificate file that will be included in the output file, which is useful in creating a certificate chain including the server certificate and the certificate authority’s intermediate certificate (“yourdomain.cer” and “CACert.cer”, respectively, in the example above).
The -out option indicates the file name to write the PKCS#7 output to.

PEM → PKCS#12 (PFX)

openssl pkcs12 -export -out yourdomain.pfx -inkey yourdomain.key -in yourdomain.crt -certfile CACert.crt

The -export option indicates that this command will create a PKCS#12 file. The default behavior without the -export option is to parse the input.
The -in option indicates the PEM-formatted file to be read from. If this file doesn’t also include the private key, you will need the -inkey option to indicate the private key file, as well.
The -certfile option indicates additional certificates to include in the PKCS#12 file, such as intermediate certificates.
The -out option indicates the file to write the output to, usually a “.pfx” file.

PEM → DER

openssl x509 -outform der -in yourdomain.pem -out yourdomain.der

The -in option indicates the input certificate file to be converted.
The -out option indicates the output file name.
The -outform option indicates the file format for the output (in this example, the input file is in the PEM format, and this command would take that file and create a DER-formatted file).


How to do a Tomcat to Tomcat SSL Transfer on CentOS

Jason Mazzota June 30, 2015 by under Cloud Hosting 0 Comments
Verified and Tested 03/24/2015

Introduction

In this tutorial, we will be going over a basic way on how to transfer your SSL from one CentOS 6 x86_64 server running Tomcat to another CentOS 6 x86_64 server running Tomcat. This has been tested on Java 6 and Tomcat 6 as well as Java 8 and Tomcat 8. For the ease of this tutorial, the original server with the SSL will be Server A. The new server that we are transferring to will be Server B.

Prerequisites

You will need two servers with CentOS 6 x86_64 installed and both servers need to have Java and Tomcat installed. One of the servers has to have an SSL already installed onto it. If you do not have a new CentOS server, you can get a Cloud Server from Atlantic.Net.

Tomcat to Tomcat SSL Transfer on CentOS

The easiest way to transfer your certificate between servers is going to be to create a pkcs12 file out of it. Assuming you have the .pem of your certificate, this can be quite easy. If you do not have the .pem, you will need to create one. You can see the Creating a pem for your SSL page for this.

You can copy your key file that you generated for the SSL originally into a separate key.pem if it is not a .pem already. In our example, we have done this and have also stripped out the password for the key. To do this, you may view the How to Remove the Password From Your SSL Key page.

We are now ready to export the SSL to a .pkcs12 file. To do this, on Server A you just run:

openssl pkcs12 –export –name NAME –in certificate.pem –inkey key.pem –out keystore.p12

The keystore.p12 will ask you for a password, please use a secure password you will remember. For NAME, you will want to use a name you will not forget. It would be best practice to simply use your domain name without the .tld (so no .com, .org, etc.) The certificate.pem would be the SSL .pem file you have or just created. The key.pem would be your SSL key in .pem format and they keystore.p12 is what we will be transferring to the new server. You can name all these files as you please, just make sure you are keeping track of them.

Now you may transfer the keystore.p12 to Server B using whatever method you would like. In our example, we use rsync.

rsync keystore.p12 [email protected]_of_Server_B:/directory/to/copy/to

Once copied, you can move the keystore.p12 to your SSL directory of Server B if you did not copy it there to begin with. We will now want to load the keystore.p12 with java’s keytool on Server B.

/path/to/java/keytool –importkeystore –destkeystore /path/to/ssl/directory/keystore.jks –srckeystore /path/to/ssl/directory/keystore.p12 –srcstoretype pkcs12 –alias NAME

It should prompt for a new password for the keystore (you may use the same password or create a new one) and the password you created for keystore.p12. NAME should be the same NAME you utilized in the keystore.p12 generation.

Once this keystore is created, the hard work is done. To finish this off you just need to edit the Tomcat server.xml on Server B to use this keystore.jks and the passphrase and you will be good to go.

Inside the Tomcat server.xml you will want to find the section with: “<Connector port=”8443“.” This is where we would uncomment (remove the “<!–“ and “–>” that section is surrounded in) and add in at the end (before “/>”):

keystoreFile=”/path/to/keystore.jks” keystorePass="PASSWORD"

Where keystore.jks is the keystore.jks we made and the PASSWORD is the password you created for the keystore. After this is added, you can restart Tomcat, and your SSL will be in use for Tomcat.

anet-tomcat_to_tomcat_ssl-00

An example of a tomcat config with the new SSL

You will need further configuration for 8443 to be in use but the SSL will be transferred and if you log into your manager for Tomcat and check the SSL configuration, you should see that SSLs for 8443 are enabled.


How to: Basic Bash Administration Tools On Linux (df, fdisk, top, free, iostat, ifconfig, sensors, stat, nmap, and netstat)

Andrew Mora June 29, 2015 by under Cloud Hosting 0 Comments
Verified and Tested 02/26/15

Introduction

This tutorial is a brief rundown of the BASH shell commands and tools that come in handy for the Linux administrator. Focus more on tools for administration, as opposed to the basic usage of Linux based Operating Systems. While this article is being written in the context of distros based on RHEL 4+ and Debian 6+, many of these commands may also be found on BSD, FreeBSD, any other Unix systems. Depending on your Operating system, each command’s flags may differ, or may no exist for the respective Operating System.

Prerequisites

RHEL 4+ and Debian 6+ based Operating Systems, including CentOS and Ubuntu. If you do not have a server, you can start up a reliable Linux server from Atlantic.Net in under 30 seconds.

Basic Bash Administration Tools

I will be providing a Need, coupled with the BASH command that can satisfy this need. Keep in mind that each command may have several many more functions and command line options available than the examples I’ll be showing below. I’ll be sticking to the basic commands that attain the bare minimum output you desire. I encourage all of you read the Manual page for each command.

I need to:

Find out how much hard drive space I have left| Command: df

# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1        79G  2.2G   73G   3% /
tmpfs           939M     0  939M   0% /dev/shm

List my available hard drives| Command: fdisk

# fdisk -l

Disk /dev/sda: 85.9 GB, 85899345920 bytes
255 heads, 63 sectors/track, 10443 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00015f65

   Device Boot      Start         End      Blocks   Id  System
/dev/sda1               1       10444    83884032+  83  Linux

View my systems resources(running tasks, CPU utilization)| Command: top

# top
top - 10:44:56 up 101 days, 25 min,  1 user,  load average: 0.00, 0.01, 0.00
Tasks:  99 total,   1 running,  98 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.1%us,  0.0%sy,  0.0%ni, 99.8%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   1922380k total,  1627448k used,   294932k free,   164252k buffers
Swap:        0k total,        0k used,        0k free,  1267812k cached

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
 8655 root      20   0 15032 1068  808 R  2.0  0.1   0:00.01 top
    1 root      20   0 19232 1420 1140 S  0.0  0.1   0:35.85 init
    2 root      20   0     0    0    0 S  0.0  0.0   0:00.00 kthreadd
    3 root      RT   0     0    0    0 S  0.0  0.0   0:02.20 migration/0
    4 root      20   0     0    0    0 S  0.0  0.0   0:02.05 ksoftirqd/0
    5 root      RT   0     0    0    0 S  0.0  0.0   0:00.00 migration/0
    6 root      RT   0     0    0    0 S  0.0  0.0   0:20.04 watchdog/0

View my systems memory utilization| Command: free

# free -m
             total       used       free     shared    buffers     cached
Mem:          1877       1589        288          0        160       1238
-/+ buffers/cache:        190       1686
Swap:            0          0          0

View my systems disk activity| Command: iostat

# iostat 2
Linux 2.6.32-431.el6.x86_64 (nginxs)    05/11/2015      _x86_64_        (2 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           0.11    0.00    0.05    0.02    0.00   99.83

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda               0.54         0.10        35.16     863199  306833368

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
           1.00    0.00    0.25    0.25    0.00   98.50

Device:            tps   Blk_read/s   Blk_wrtn/s   Blk_read   Blk_wrtn
sda               5.00         0.00        88.00          0        176

View my network interfaces and IP’s| Command: ifconfig

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:00:D1:D0:61:AF
          inet addr:209.208.xx.xxx  Bcast:209.208.xx.xxx  Mask:255.255.255.0        
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6414823 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6864133 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1325544537 (1.2 GiB)  TX bytes:1155254908 (1.0 GiB)

eth1      Link encap:Ethernet  HWaddr 00:00:0A:D0:61:AF
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:296071 errors:0 dropped:0 overruns:0 frame:0
          TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:13464542 (12.8 MiB)  TX bytes:398 (398.0 b)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:9813 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9813 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:775658 (757.4 KiB)  TX bytes:775658 (757.4 KiB)

View my hardware’s temperature readings| Command: sensors

# sensors
coretemp-isa-0000
Adapter: ISA adapter
Core 0:      +39.0°C  (high = +76.0°C, crit = +100.0°C)

coretemp-isa-0001
Adapter: ISA adapter
Core 1:      +39.0°C  (high = +76.0°C, crit = +100.0°C)

it8718-isa-0290
Adapter: ISA adapter
in0:         +1.07 V  (min =  +0.00 V, max =  +4.08 V)
in1:         +1.92 V  (min =  +0.00 V, max =  +4.08 V)
in2:         +3.31 V  (min =  +0.00 V, max =  +4.08 V)
in3:         +2.91 V  (min =  +0.00 V, max =  +4.08 V)
in4:         +0.34 V  (min =  +0.00 V, max =  +2.10 V)
in5:         +4.08 V  (min =  +0.00 V, max =  +4.08 V)   ALARM
in6:         +4.08 V  (min =  +0.00 V, max =  +4.08 V)   ALARM
in7:         +3.15 V  (min =  +0.00 V, max =  +4.08 V)
Vbat:        +3.25 V
fan1:       1231 RPM  (min =    0 RPM)
fan2:       1268 RPM  (min =    0 RPM)
temp1:       -55.0°C  (low  = +127.0°C, high = +127.0°C)  sensor = thermistor
temp2:        -2.0°C  (low  = +127.0°C, high = +127.0°C)  sensor = thermistor
temp3:       +20.0°C  (low  = +127.0°C, high = +127.0°C)  sensor = thermal diode

Get permission level of a file/directory| Command: stat

# stat -c '%a' /home/testfile.txt
644

Find what ports are open on a remote/local host| Command: nmap

NOTE: You’ll likely have to install the nmap package from your YUM/APT package manager.

# nmap -p- localhost

Starting Nmap 5.51 ( http://nmap.org ) at 2015-05-11 11:07 EDT
Failed to find device eth1 which was referenced in /proc/net/route
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000011s latency).
Other addresses for localhost (not scanned): 127.0.0.1
Not shown: 65528 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
80/tcp   open  http
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
9000/tcp open  cslistener

Nmap done: 1 IP address (1 host up) scanned in 1.52 seconds

Find out what ports my server is listening on| Command: netstat

# netstat -tulnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 0.0.0.0:139                 0.0.0.0:*                   LISTEN      5573/smbd
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      29209/nginx
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      3557/vsftpd
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      18608/sshd
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      9400/master
tcp        0      0 0.0.0.0:445                 0.0.0.0:*                   LISTEN      5573/smbd
tcp        0      0 127.0.0.1:9000              0.0.0.0:*                   LISTEN      28996/php-fpm
tcp        0      0 :::139                      :::*                        LISTEN      5573/smbd
tcp        0      0 :::22                       :::*                        LISTEN      18608/sshd
tcp        0      0 ::1:25                      :::*                        LISTEN      9400/master
tcp        0      0 :::445                      :::*                        LISTEN      5573/smbd
udp        0      0 209.208.x.x:137          0.0.0.0:*                               5592/nmbd
udp        0      0 209.208.x.x:137          0.0.0.0:*                               5592/nmbd
udp        0      0 0.0.0.0:137                 0.0.0.0:*                               5592/nmbd
udp        0      0 209.208.x.x:138          0.0.0.0:*                               5592/nmbd
udp        0      0 209.208.x.x:138          0.0.0.0:*                               5592/nmbd
udp        0      0 0.0.0.0:138                 0.0.0.0:*                               5592/nmbd
udp        0      0 0.0.0.0:1194                0.0.0.0:*                               12988/openvpn

Thank you for following along this guide on Basic Bash Administration Tools, I hope that you enjoyed this guide, please check back for more updates.


How to Configure Apache and Create a Website Configuration on CentOS 6.7

Verified and Tested 08/11/2015

Introduction

This tutorial will show you how to configure a basic configuration (conf) file for Apache on CentOS 6.7 and create a website. For example, this will show where you can change the web path of your websites, how to assign a public IP to a website, how to enable extensions, and how to allow your site to pick up pages like .php for an index.

Prerequisites

A server running CentOS 6.7 and has either Apache 2.2 or LAMP already installed. For information on Apache or LAMP installation, please see this walk-through here.

Read More


How to Install WordPress using Atlantic.Net’s One-Click Install

Verified and Tested 06/15/15

Introduction

This how-to will show you how to install WordPress using Atlantic.Net’s One-click install. Currently, our WordPress application is installed on a LAMP stack using Ubuntu 14.04 LTS.

Prerequisites

You need a valid Atlantic.Net cloud account.

Install WordPress using Atlantic.Net’s One-Click Install

First, we need to log into https://cloud.atlantic.net and select Add Server.

Click Add Server

Click Add Server

 

On the add a server page, the first step is to name your cloud server.

 

Type the name of what you want your server to be called.

Type the name of what you want your server to be called.

 

We now need to select the location for which you want your server housed at. All applications are available at every location.

 

Select the location you want your server to be at.

Select the location you want your server to be located.

 

Next select Applications to see all the one-click applications that are available.

 

Select Applications.

Select Applications.

 

Select the WordPress application.

 

Select WordPress.

Select WordPress.

 

Select the size of the server you would like.

 

Select your server size.

Select your server size.

 

Optionally you can add your SSH key and/or add backups.

 

Select your SSH key and add backups if you would like.

Select your SSH key and add backups if you would like.

 

Click Create Server, and you should see that your server is building.

 

An example of what you server looks like when building.

An example of what you server looks like when building.

 

Once it is built, you should get a screen similar to the one below. It has relevant information like the IP address of your server and login credentials. You will also get an email with the same information.

 

An example of what you server looks like after it is built.

An example of what you server looks like after it is built.

 

To get to the WordPress web installation, you need the verification link. The verification link is in the email sent to you, or on the Message of the Day screen when you first SSH into your server. The message of the Day also has your database passwords. Below is what the message of the day looks like when you login.

 

Note: The reason we use verification links rather than just going to the IP address, is the potential that someone could hijack your WordPress installation.

 

 

An example of what it looks like when you SSH into the server.

An example of what it looks like when you SSH into the server.

 

Copy the verification link and put it into your browser. You should get a screen similar to the one below where you can select your language of choice.

 

Select the language for your WordPress installation.

Select the language for your WordPress installation.

 

Now you can continue with the WordPress web installation to which will ask for your site title, username, password, and email, which is all customizable for what you would like.

 

An example of the WordPress web installation.

An example of the WordPress web installation.

Congratulations! You have just installed WordPress using Atlantic.Net’s one-click WordPress install, check back for more updates. For more information, you may want to check out the WordPress Codex. Learn more about setting up HIPAA-compliant WordPress with Atlantic.Net.


How to Install FAMP (FreeBSD 10, Apache, MySQL, PHP) on a Cloud or VPS Server

Jose Velazquez June 25, 2015 by under VMware Hosting 0 Comments
Verified and Tested 06/15/15

Introduction

This how-to will help you with your FAMP installation in FreeBSD 10 so that you can successfully run a high available stable platform for your web environment. FAMP is simply a software bundle that consists of 4 components that work together to form a powerful web server.  However, in this setup the acronym’s are as follows: FreeBSD (F) is the core of the platform which will sustain the other components. Apache (A) is used for the web service. MySQL (M) is used for database management,  and PHP (P) is used as the programming language.

Prerequisites

You need a FreeBSD server that is configured with a static IP address. If you do not have a server already, you can visit our cloud hosting options page  and spin a new server up in under 30 seconds.

Install FAMP on FreeBSD 10

To get started, login to your FreeBSD server via SSH or through the VNC Console here. Atlantic.Net Cloud servers are setup as minimal installations to avoid having unnecessary packages from being installed and never used. If some software packages that you’re used to using aren’t installed by default, feel free to install them as needed. Let us download nano so we can simplify this tutorial.

pkg install nano

Let’s make sure that your server is fully up-to-date so we can complete the preparation.

freebsd-update fetch
freebsd-update install

 

With the server up-to-date, we can continue the process and install FAMP on your server.

Install Apache on FreeBSD 10

Begin by installing Apache with the following command:

pkg install apache24

Enable and start the Apache service with the following commands:

sysrc apache24_enable=yes
service apache24 start

To edit the main Apache configuration file for one or many websites according to your preference, they are configured in the following directory:

nano /usr/local/etc/apache24/httpd.conf

To verify and test the installation, create/edit the test HTML file in the following directory with the command below:

nano /usr/local/www/apache24/data/index.html

Insert/replace the following code in the HTML file then save and exit:

<html>
<title>CONGRATULATIONS</title>
<body>
<h2>You have just installed Apache on your FreeBSD Server</h2>
</body>
</html>

You can now verify that Apache is installed correctly by typing http:// and your IP address on your browser(http://YOUR.IP.ADD.RESS ) To get your servers IP Address enter the following command:

ifconfig vtnet0 | grep "inet " | awk '{ print $2 }'
This is the test page created to verify Apache was installed correctly in FreeBSD

This is the test page created to verify Apache was installed correctly in FreeBSD

Restart the Apache service so the changes can take effect on your system.

service apache24 restart

Install MySQL on FreeBSD 10

We then would like to continue by installing MySQL. After running the following MySQL, command hit enter to select y confirm your installation by tapping Enter.

pkg install mysql55-server

Enable and start the MySQL service with the following commands:

sysrc mysql_enable=yes
service mysql-server start

To ensure the security of the default settings of MySQL, continue with the command below:

mysql_secure_installation

Note: When prompt with “Enter current password for root” hit enter for none then Y(Yes) to set MYSQL password. You will then be prompted with a series of questions. Just type Y for yes on all of them, see the screen shot below:

This is the secure installation of screen when installing MySql on a FreeBSD FAMP Stack server

This is the secure installation of screen when installing MySql on a FreeBSD FAMP Stack server

Install PHP on FreeBSD 10

Finally, we will conclude with the FAMP Stack by installing PHP and configuring it to work with Apache.

pkg install mod_php56 php56-mysql php56-mysqli

With PHP installed, we can go ahead a begin the preparation to configure it with Apache. Copy the sample PHP configuration file to the correct location.

cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini

Then run the following command to refresh the new changes to the system.

rehash

Update the Apache Configuration file with the following command:

nano /usr/local/etc/apache24/httpd.conf

Locate the DirectoryIndex line and add index.php in front of the existing index.html, so Apache reads the PHP files. The line should look like the following:

This is how the Apache file output after adding index.php to the configuration

This is how the Apache output should look after adding index.php to the DirectoryIndex line

(note: use the Ctrl+w in nano to search DirectoryIndex)

Add the following lines at the bottom of the configuration file so Apache can function PHP information accordingly.

<FilesMatch "\.php$">
    SetHandler application/x-httpd-php
</FilesMatch>
<FilesMatch "\.phps$">
    SetHandler application/x-httpd-php-source
</FilesMatch>

Fantastic! You can now save the file and restart Apache, so all your configuration take effect.

service apache24 restart

To verify and test the installation, create a test PHP file in the following directory with the command below:

nano /usr/local/www/apache24/data/info.php

Insert the following PHP code in the empty file then save and exit:

<?php phpinfo(); ?>

Restart the Apache HTTP service one last time so all the changes take effect.

service apache24 restart

You can now verify that PHP is installed correctly by typing the following on your browser.
http://YOUR.IP.ADD.RESS/info.php

This is the default page after installing PHP on an FAMP Stack FreeBSD server

This is the default page after installing PHP on an FAMP Stack FreeBSD server

What Next?

Congratulations! You now have a server with an FAMP Stack platform for your web environment. Thank you for following along and feel free to check back with us for further updates or to learn more about services from Atlantic.Net, like VMware hosting.


How to: Joining A Windows Server 2012 To A Domain

Ariel Beltre June 24, 2015 by under Cloud Hosting 0 Comments
Verified and Tested 03/24/2015

Introduction

In this article, we will be going over the process of joining a Windows Server 2012 to an Active Directory Domain. Before you can complete, this process keep in mind that the server must first be able to communicate with the domain. This means that the server’s IP address configuration must reference the domains DNS server. Here we will demonstrate how to complete this process.

Prerequisites

– A Server with Windows Server 2012. If you do not have a server already, you can visit our Windows Cloud Hosting page and spin up a server in under 30 seconds.

Joining A Windows Server 2012 To A Domain

To join the server to a domain, move your mouse to the lower left corner of the screen and then right-click on the Start tile. Select the System Command from the Start tile’s menu. When the System dialog box appears, click the Change Settings link, shown below.

Screenshot of the "System" dialog box in Windows Server 2012

Screenshot of the “System” dialogue box in Windows Server 2012

The server should now display the System Properties sheet. Make sure that the Computer Name tab is selected, and then click the Change button. When Windows displays the Computer Name/Domain Changes dialog box shown below, enter your domain name and click OK. Windows will locate the domain and then prompt you for a set of administrative credentials. When the domain join completes, you will then be prompted to restart the server.

Screenshot of the "Computer name/Domain changes" window in Windows Server 2012

Screenshot of the “Computer name/Domain changes” window in Windows Server 2012

Conclusion

The process of joining a domain to a Windows Server 2012 is relatively straightforward. With just a few clicks, you can assign an active domain to your Windows server without issue.


How to Install and Use fail2ban in Ubuntu and Debian

Jason Mazzota June 23, 2015 by under Cloud Hosting 0 Comments
Verified and Tested 02/17/2015

Introduction

Fail2ban is a great, wonderful service that is primarily used to stop brute-forcers from accessing your system. Fail2ban works great at deterring your basic attackers away by blocking them when it determines an attack may be happening. We will be performing steps below as the root user. You will need to sudo if you are using another user. For all editing of configuration files, we will be using vi; however, you can use any editor of your choice. This installation is performed on an Ubuntu 14.04 64bit Cloud server with IPTables installed per our IPTables guide. This guide is also applicable to our Ubuntu 12.04 OS and Debian.

Prerequisites

An Ubuntu 14.04 64bit server. If you do not have a server and would like one, consider SSD Cloud Hosting from Alantic.Net

Install and Use fail2ban in Ubuntu and Debian

Fail2ban is included in the default Ubuntu and Debian repository. All you need to do to install it is run:

apt-get install fail2ban

Once you have installed it, there are only a few changes we need to do to the configuration. The best practice when modifying configuration files like this, is always to copy out the original to a backup. In this case, you can leave the original alone as fail2ban does work with a duplicate .local file also named jail. To do this, simply run:

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Once you’ve made that .local file, it’s time to edit it with your editor.

vi /etc/fail2ban/jail.local

Now as you’ll see when editing the file, there are A LOT of sections for you to “play” with and adjust. The main ones we’ll focus on are the ignoreip, bantime, findtime, maxretry, and specifically [ssh] sections.

anet-fail2ban-01

An example of what the /etc/fail2ban/jail.local file looks like

Note: In Ubuntu 12.04 and Debian, the configuration file looks a bit different from the above. You will only see ignoreip, bantime, and maxretry. The rest of the configuration as far as we are concerned here is the same.

In the picture above, at the green indicator at the top, you will find the ignoreip. The ignoreip is important as you can tell fail2ban to IGNORE your IP address. Setting ignoreip to the correct IP will prevent you from ever locking yourself out of your server by fail2ban. We highly recommend you add your IP address to this field. To add it, all you need to do is add a space after the 127.0.0.1/8 and put your IP.

Below the green indicator, you will find the bantime. As it states, this is how long a host is banned when triggered for banning. The bantime is the number of seconds that you want that IP address blocked from your system. We recommend that if you are gunning for someone to be blocked, you set this to a high number. The default is 10 minutes. Adding a 0 will make it 6000 seconds or 100 minutes (just over an hour and a half.) That’s a good start.

In Ubuntu 14.04, the next section is the findtime. As it states, this is the span of time fail2ban will look at for failed attempts. The default setting here of 10 minutes (600) is acceptable.

Under the findtime (or bantime in Ubuntu 12.04) you will find the maxretry. As it sounds, this is how many times you’ll be allowed to fail the log in within the findtime before the origin IP gets added to the ban for what you have set the bantime to be. 3 is a great number here to catch someone attempting to get in.

The last section we’ll look at is for [ssh]. You can see the section in the picture below. The biggest thing here to edit is the maxretry (each section can re-write your default maxretry to its own value) and the “port =” section. Maxretry in this means how many times a person can fail attempting SSH to your server before they are blocked. The lower this number, the better, but you also want to be safe to allow some retries, just in case.

In the “port =” section you’ll see the port is set to “ssh”. If you have not changed your SSH port, this is fine. If you have configured a custom SSH port like described in Changing your SSH Port In Ubuntu, you will want to change the port= section. For example, using our custom SSH port:

port = 922
anet-fail2ban-02

The location on where you can set the ssh port

Now once you have changed this configuration to your liking, all you need to do is save the changes you did and exit the file. Once out, just restart the fail2ban service to activate it.

service fail2ban restart

If you have installed IPTables like in our guide referenced at the beginning, then there is one more step you will need to take. You need to write your IPTables out to the IPTables rules.v4 file to save the changes that fail2ban has implemented. To do this you simply run a:

iptables-save > /etc/iptables/rules.v4

If you check your rules.v4 file, you will see that there is now a rule for fail2ban in place.  This is the rule fail2ban put in place when it was installed and is needed to stop anyone who is blocked by fail2ban.

In the future, when adding new services on the server (like FTP, email, etc) make sure you check your fail2ban configuration!


How to Install Nginx on a Arch Linux Cloud Server

Jose Velazquez June 22, 2015 by under Cloud Hosting 0 Comments
Verified and Tested 06/22/15

Introduction

This tutorial shows you how to install Nginx on an Arch Linux Cloud Server. Nginx is known for its high performance and low memory usage which allow fewer resources to be used while getting the job done efficiently.

Prerequisites

You need an Arch Linux server that is configured with a static IP address. If you do not have a server already, why not consider one of our SSD Cloud Hosting solutions.

Server Preparation

To get started, let’s make sure that your server is fully up-to-date.

sudo pacman -Syu

With the server up-to-date, we can continue the process and install nginx on your server.

Install Nginx on Arch Linux

We begin by installing nginx with the following command:

sudo pacman -S nginx

Start the nginx service with the following command:

sudo systemctl start nginx.service

To edit the main Nginx configuration file for your website(s), open the nginx.conf file with your preferred text editor. This file is located in the following directory:

sudo nano /etc/nginx/nginx.conf

You can now verify that nginx is installed correctly by typing http:// and your IP address in your browser.

http://YOUR.IP.ADD.RESS

To get your servers IP Address type the following command:

curl -s icanhazip.com
This is the default page after Nginx has been installed in an Arch Linux server

This is the default page after Nginx has been installed in an Arch Linux server

What Next?

Congratulations! You have now installed and configured nginx. Thank you for following along, and feel free to check back with us for further updates.


New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Dallas, TX

2323 Bryan Street,

Dallas, Texas 75201

United States

Ashburn, VA

1807 Michael Faraday Ct,

Reston, VA 20190

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4

Canada

London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom

Resources

We use cookies for advertising, social media and analytics purposes. Read about how we use cookies in our updated Privacy Policy. If you continue to use this site, you consent to our use of cookies and our Privacy Policy.