#Apache VirtualHost configuration error | Explore Tumblr posts and blogs

klvst3r · 7 years ago

Text

Instalar Laravel en Ubuntu 16.04

Laravel es un framework de aplicaciones web PHP diseñado para el desarrollo de aplicaciones web siguiendo el patrón arquitectónico model-view-controller (MVC). Tiene una sintaxis expresiva y elegante y proporciona herramientas necesarias para aplicaciones grandes y robustas.

Una magnífica inversión de contenedores de control, un sistema de migración expresivo y un soporte de prueba de unidades estrechamente integrado le brindan las herramientas que necesita para construir cualquier aplicación que se le haya encomendado.

Mostraremos cómo instalar Laravel en un Ubuntu 16.04 en un alojamiento de VPS de SSD 1 Linux para este tutorial aunque podemos hacerlo localmente sin ninguna complicación.

1. Inicando la sesión en el servidor via SSH

Si hacemos la conexión remota

# ssh root@server_ip

Si lo hacemos local, simplemente ejecutamos los comandos en nuestra terminal.

Se puede verificar la versión de Ubuntu instalada en su servidor con el siguiente comando:

# lsb_release -a

Deberíamos obtener una salida como la que sigue:

# lsb_release -a

Distributor ID: Ubuntu Description: Ubuntu 16.04.4 LTS Release: 16.04 Codename: xenial

2. Actualizar el sistema

Debemos Asegúrar que su servidor esté completamente actualizado usando:

# sudo apt update && apt upgrade

Luego instale algunas dependencias necesarias:

# sudo apt install php-mcrypt php-gd php-mbstring hhvm phpunit

3. Instalar Composer

Instale Composer, que es una herramienta para la administración de dependencias en PHP.

# curl -sS https://getcomposer.org/installer | php

Una vez Composer está instalado, debemos de mover el ejecutable de Composer dentro de la ruta de nuestra máquina:

# sudo mv composer.phar /usr/local/bin/composer

Le añadimos los permisos de ejecución:

# sudo chmod +x /usr/local/bin/composer

Ahora crea un directorio donde se descargará Laravel.

# mkdir /var/www/html/dev/laravel

Por supuesto, reemplace su sitio web con su nombre de dominio real o cualquier nombre para ese asunto.

4. Descargue la ultima versión de Laravel

Ahora ingrese el directorio recién creado y descargue la última versión de Laravel.

# cd /var/www/html/dev/laravel

Clonamos el GIT de Laravel

# git clone https://github.com/laravel/laravel.git

Movemos los archivos y directorios del clon de Github Laravel a su directorio de trabajo actual (/var/www/html/dev/laravel/)

# mv laravel/* . # mv laravel/.* .

Ahora borre el directorio laravel innecesario:

# rmdir laravel/

# mv laravel/* . && mv laravel/.* . 2> /dev/null && rmdir laravel

5. Iniciando LARAVEL

Comience la instalación de Laravel usando Composer:

# composer install

Una vez que la instalación haya finalizado, asigne la propiedad apropiada sobre los archivos y directorios de Laravel:

# chown www-data: -R /var/www/html/dev/laravel/

Podemos hacer tambien

# chown www-data: -R * && chown www-data: -R .*

Ahora creamos nuestra llave cifrada para nuestra aplicación de Laravel:

# php artisan key:generate

Notará el siguiente error al ejecutar el comando.

[ErrorException] file_get_contents(/var/www/html/dev/laravel/.env): failed to open stream: No such file or directory

Para resolver esto, debe cambiar el nombre del archivo .env.example en .env:

# mv .env.example .env

Genere la clave de encriptación de nuevo:

# php artisan key:generate

Debería obtener un resultado parecido al siguiente:

Application key [base64:+LQsledeS17HxCANysA/06qN+aQGbXBPPpXVeZvdRWE=] set successfully.

Por supuesto, la clave será diferente en su caso. Ahora edite el archivo app.php y configure la clave de cifrado. Abra el archivo con su editor de texto favorito. Estamos usando sublime text.

# subl config/app.php

o bien con nano

# nano config/app.php

Ubique la línea ‘clave’ => env (‘APP_KEY’ y agregue la clave al lado. Una vez que haya terminado, la directiva debería verse así:

'key' => env('APP_KEY', 'base64:+LQsledeS17HxCANysA/06qN+aQGbXBPPpXVeZvdRWE='), 'cipher' => 'AES-256-CBC',

Guarde y cierre el archivo.

6. Configure APACHE con Host Virtual

Cree un archivo de host virtual Apache para que su dominio pueda servir a Laravel. Abra un archivo, por ejemplo klvst3r.conf:

# nano /etc/apache2/sites-available/klvst3r.conf

Pase lo siguiente:

<VirtualHost *:80> ServerAdmin [email protected] DocumentRoot /var/www/html/klvst3r/public/ ServerName klvst3r.com ServerAlias www.klvst3r.com <Directory /var/www/html/klvst3r/> Options FollowSymLinks AllowOverride All Order allow,deny allow from all </Directory> ErrorLog /var/log/apache2/klvst3r.com-error_log CustomLog /var/log/apache2/klvst3r.com-access_log common </VirtualHost>

Considere cambiar “klvst3r” por el nombre de su dominio.

Habilite el sitio:

# sudo a2ensite klvst3r.conf

Reinicie Apache para que los camnios aplicados tomen efecto:

# service apache2 reload

Ahora abra su navegador web favorito y vaya a http://klvst3r.com, donde será recibido por una página como se muestra en la imagen a continuación:

En mi caso especifico al no tener un servidor virtual configurado, me voy a raiz de mi instancia de Laravel de la siguiente manera:

Felicidades, ha instalado exitosamente Laravel en tu Ubuntu 16.04 VPS o local. Para obtener más información sobre Laravel, debe consultar su documentación oficial.

Por supuesto, no tiene que instalar Laravel en su servidor Ubuntu 16.04, si utiliza servicios de alojamiento Laravel VPS, en cuyo caso puede pedirle a expertos administradores de Linux que instalen Laravel para instalar Laravel para usted con disponibilidad24*7 y que se vera reflejado inmediatamente.

Referencias:

Installation - Laravel - The PHP Framework For Web Artisans Laravel - The PHP framework for web artisans.laravel.com

Instalación de Composer y Laravel en Ubuntu 16.04 En el siguiente tutorial veremos como instalar Composer y Laravel en Ubuntu 16.04 para realizar nuestros proyectos con…clouding.io

Instalar composer ubuntu 16.04 Composer es una herramienta que se utiliza para la gestión de dependencias de las aplicaciones escritas con PHP…victorojedaok.blogspot.mx

How to install Laravel 5.4 on Ubuntu 16.04 from scratch quickly The Laravel framework has a few system requirements for installation.medium.com

Install Laravel on Ubuntu 16.04 Installing Laravel on Ubuntu 16.04 is an easy task, just follow the steps bellow and you should have your Laravel…www.rosehosting.com

Laravel 5.4 From Scratch Each year, the Laracasts "Laravel From Scratch" series is refreshed to reflect the latest iteration of the framework…laracasts.com

#Laravel PHP Linux Ubuntu

1 note · View note

sololinuxes · 6 years ago

Text

Instalar LAMP en Arch Linux y derivados

Instalar LAMP en Arch Linux y derivados. El paquete LAMP (Linux, Apache, MySQL/MariaDB, PHP) es el más común a la hora de montar un servidor web. En este articulo veremos cómo instalar LAMP en un servidor Arch Linux. No debes preocuparte por las versiones que se instalaran, como Arch es una distribución Linux de lanzamiento constante, siempre instalara las ultimas versiones de PHP, Apache, y MariaDB. Comenzamos...

Instalar LAMP en Arch Linux y derivados

Lo primero que debemos hacer es actualizar Arch Linux. sudo pacman -Syu Instalar Apache Una vez tengamos nuestro servidor actualizado, instalamos Apache. sudo pacman -Syu apache Ahora editamos los recursos en el archivo de configuración de Apache, "httpd-default.conf". Te recomiendo que primero hagas una copia de seguridad con el siguiente comando. cp /etc/httpd/conf/extra/httpd-mpm.conf ~/httpd-mpm.conf.backup Abrimos el archivo con nuestro editor preferido, en nuestro caso utilizamos nano. nano /etc/httpd/conf/extra/httpd-mpm.conf Modifica los valores según tus necesidades. Si tienes un VPS, un buen ejemplo es... StartServers 4 MinSpareServers 20 MaxSpareServers 40 MaxRequestWorkers 200 MaxConnectionsPerChild 4500 Guarda el archivo, y cierra el editor. Te recomiendo que des-habilites KeepAlive, pero es tu decisión. nano /etc/httpd/conf/extra/httpd-default.conf ejemplo... KeepAlive Off Solo nos falta habilitar el inicio automático de Apache con el sistema. sudo systemctl enable httpd.service Configurar el Virtual Host Abrimos el archivo de configuración. nano /etc/httpd/conf/httpd.conf Debemos definir la raíz predeterminada. Busca la linea... DocumentRoot "/srv/http" y la editas como... DocumentRoot "/srv/http/default" En el mismo archivo buscamos otra linea más. #Include conf/extra/httpd-vhosts.conf la descomentas. Include conf/extra/httpd-vhosts.conf Guarda el archivo y cierra el editor. Configuramos un host virtual (con tus datos reales). nano /etc/httpd/conf/extra/httpd-vhosts.conf ejemplo de configuración... ServerAdmin [email protected] ServerName ejemplo.com ServerAlias www.ejemplo.com DocumentRoot /srv/http/ejemplo.com/public_html/ ErrorLog /srv/http/ejemplo.com/logs/error.log CustomLog /srv/http/ejemplo.com/logs/access.log combined Order deny,allow Allow from all Guarda el archivo y cierra el editor. Creamos los directorios (carpetas) a los que hace referencia el Virtualhost (no te olvides de insertar tu dominio real). sudo mkdir -p /srv/http/default sudo mkdir -p /srv/http/ejemplo.com/public_html sudo mkdir -p /srv/http/ejemplo.com/logs Iniciamos el servicio Apache. sudo systemctl start httpd.service Instalar MariaDB en Arch Linux Por defecto, Arch Linux instala el motor de base de datos MariaDB. sudo pacman -Syu mariadb mariadb-clients libmariadbclient sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql Arrancamos MariaDB, y habilitamos su inicio con el sistema. sudo systemctl start mysqld.service sudo systemctl enable mysqld.service No te olvides de asegurar la instalación de MariaDB. mysql_secure_installation Enter current password for root (enter for none): Pulsa enter Set root password? : Y New password: Enter password Re-enter new password: Repeat password Remove anonymous users? : Y Disallow root login remotely? : Y Remove test database and access to it? : Y Reload privilege tables now? : Y La instalación de MariaDB a concluido, ya podemos crear nuestra primera base de datos. Accedemos a la consola MySQL. La password es la del usuario root. mysql -u root -p Creamos la base de datos "MiWeb". CREATE DATABASE MiWeb; El usuario y la password. GRANT ALL ON webdata.* TO 'tu-usuario' IDENTIFIED BY 'tu-password'; Para salir de la consola escribe lo siguiente. quit Instalar PHP en Arch Linux Para finalizar la instalación de LAMP en Arch, nos falta instalar PHP. sudo pacman -Syu php php-apache Una vez concluya la instalación de PHP, editamos el archivo php.ini. nano /etc/php/php.ini El php.ini debe ser personalizado, pues depende de tu sitio web. Un buen comienzo es configurar el archivo para que obtenga los mensajes de error y registros, ademas de mejorar el rendimiento del servidor. nano /etc/php/php.ini Vemos un ejemplo de lineas a modificar en un VPS. -error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR -log_errors = On -error_log = /var/log/php/error.log -max_input_time = 30 -extension=mysql.so Creamos la carpeta donde se guardaran los registros, y concedemos permisos al usuario de Apache. sudo mkdir /var/log/php sudo chown http /var/log/php Habilitamos el modulo PHP en Apache, insertando las siguientes lineas en su sección correspondiente. nano /etc/httpd/conf/httpd.conf # Dynamic Shared Object (DSO) Support LoadModule php7_module modules/libphp7.so AddHandler php7-script php # Supplemental configuration # PHP 7 Include conf/extra/php7_module.conf # Located in the AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps Sin salir del archivo, busca la linea que te indico a continuación y la comentas. LoadModule mpm_event_module modules/mod_mpm_event.so Justo después de la anterior, copia y pega la que te indico a continuación. LoadModule mpm_prefork_module modules/mod_mpm_prefork.so ejemplo... #LoadModule mpm_event_module modules/mod_mpm_event.so LoadModule mpm_prefork_module modules/mod_mpm_prefork.so Guarda el archivo y cierra el editor. Para finalizar reiniciamos Apache y el sistema. sudo systemctl restart httpd.service sudo systemctl reboot Espero que este articulo te sea de utilidad, puedes ayudarnos a mantener el servidor con una donación (paypal), o también colaborar con el simple gesto de compartir nuestros artículos en tu sitio web, blog, foro o redes sociales. Read the full article

#actualizarArch #Apache #arch #ArchLinux #httpd-default.conf #instalarapache #InstalarLAMP #instalarmariadb #InstalarPHPenArch #KeepAlive #LAMPenArch #mariadb #nano #php #php.ini #VirtualHost

0 notes

webdesignersolutions · 6 years ago

Link

I am wanting to use apache2 and murmur to host my own tiny website and voice chat for a small group of friends I stream with. I am doing this because I havea disdain for discord (even though I use it for now). I value free and open source software. I want to support it and recommend it to others. This is very difficult to do because not everyone can just set up their own mumble server like you can “just use” discord.

I’m really new to networking and server admin. I’m barely starting my studies on CompTIA A+ and Linux+. I am currently testing out everything on my workstation but I will move it all to my RaspberryPi when I figure it all out. I am struggling really bad with this. I cant seem to understand it and it’s very frustrating. My domain only points to my index.html within my LAN after I configured all the apache.conf files.

I’m putting together this little example of what I did and hopefully someone will be able to understand and explain what I’m doing wrong. I’d be so grateful if you could help me out. I know it’s pathetic because this is grade school stuff to most admins. But my upbringing was traumatic and violent. I am barely learning a lot of positive and productive things I should have already done as a kid, and became proficient in as a young adult.

First off, I’m running Ubuntu MATE 18.04.3 (static IP) with apache2.4.29-1.

This is an example of how I configured port forwarding in my router: Its leased by AT&T (Arris BGW210)

https://imgur.com/a/rxtEwQS

Second, Im using a free domain name from Freenom. I’m not sure if I set ‘A record’ correctly or if I need to set GlueRecords with Freenom. I also changed Freenom DNS to match DNS of my router and localhost. These are attDNS and google public DNS.

Here is how I configured Freenom Domain: https://imgur.com/a/HsLFg0n

I have the following set up in Linux:

/etc/hosts : 127.0.0.1 localhost 127.0.1.1 mycomputername 0.0.0.0 mysite.tk 0.0.0.0 www.mysite.tk # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters

I made a .conf file here: /etc/apache2/sites-available

$ ls /etc/apache2/sites-available/

000-default.conf default-ssl.conf mysite.tk.conf

<VirtualHost mysite.tk:80> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. ServerName mysite.tk ServerName www.mysite.tk ServerAdmin [email protected] DocumentRoot /var/www/lexrex/public_html  ** # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf </VirtualHost> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

I know the directory is right. here is output of ls on that dir:

me@sys:/var/www/lexrex$ cd /var/www/lexrex/public_html && ls fox.jpg hummer.png index.html lexrex.png space.jpg starseed.png

Then I ran these commands:

sudo a2ensite mysite.tk.conf && sudo service apache2 restart

Showing ports open in terminal: but they are using IPv6? Do I need to make them IPv4?

systemd-r 881 systemd-resolve 13u IPv4 22644 0t0 TCP 127.0.0.53:53 (LISTEN) cupsd 983 root 6u IPv6 25781 0t0 TCP [::1]:631 (LISTEN) cupsd 983 root 7u IPv4 25782 0t0 TCP 127.0.0.1:631 (LISTEN) apache2 1239 root 4u IPv6 24518 0t0 TCP *:80 (LISTEN) apache2 1240 www-data 4u IPv6 24518 0t0 TCP *:80 (LISTEN) apache2 1242 www-data 4u IPv6 24518 0t0 TCP *:80 (LISTEN) smbd 1514 root 33u IPv6 29822 0t0 TCP *:445 (LISTEN) smbd 1514 root 34u IPv6 29823 0t0 TCP *:139 (LISTEN) smbd 1514 root 35u IPv4 29824 0t0 TCP *:445 (LISTEN) smbd 1514 root 36u IPv4 29825 0t0 TCP *:139 (LISTEN) murmurd 1558 mumble-server 15u IPv6 28195 0t0 TCP *:64738 (LISTEN)

Neither the mumble server or the webserver can be reached outside of my local network. I’m only able to access them through LAN. I followed this example on youtube to get all this done:

https://www.youtube.com/watch?v=aPqDQX5naHA

Thank you so much if you read through all this. I’m probably making things really complicated like always, but I’m really lost. I cant afford to get webhosting services or buy a domain because I lost my job early this year and I’m trying to learn some skills to get into the IT industry. Plus the whole point here is kind of a learn to DIY instead of pay for others to do the work. It’s all really difficult because I have a lot of mental problems and issues like PTSD, depression and anxiety. I’ve had a very rough life and have finally began to accept myself and not let fear control me. I’m trying to really learn this kind of stuff instead of just ignore life or give up.

I dont know anyone who even understands this kind of stuff. I have no one to talk to about it. Anyone who would ends up wanting to charge $100/hour and not teach me anything to help myself later.

I hope you have a great day, thank you and Take Care.

Submitted November 08, 2019 at 02:05PM by Lexi5Rex https://www.reddit.com/r/webhosting/comments/dtltn1/can_someone_help_a_complete_newbie_host_own/?utm_source=ifttt

from Blogger http://webdesignersolutions1.blogspot.com/2019/11/can-someone-help-complete-newbie-host.html via IFTTT

#IFTTT #WordPress

0 notes

seanduguid79 · 6 years ago

Text

I believe every blogger fights with the best way to test and upgrade their blogs, at one point or another. So I'm putting up a series of articles on the best practices for managing blogs that i discovered in my career with a leading web design company in Aberdeen.

The first article in this series is to Setup a Testbed on your local computer, for safely testing changes to your Wordpress Blog. Once you are done testing, you may update your blog with relatively lower stress levels.

These are the steps that we’ll go through to achieve a local version of your blog.

1. Installing WAMPserver on your System

WAMP in Wampserver stands for Windows-Apache-MySQL-PHP, and it provides an easy way to install the whole server environment on your local system. It includes Apache and MySQL servers with PHP support.

You may download Wampserver from here, the site provides easy documentation to download and install it. After installation and running, wampserver will appear as a Speedometer icon in the system tray.

If you can see this icon, you can open your browser and type http://localhost/, it should open the welcome page for your WAMP Installation. If you want to test more, create a simple webpage say hello.html in “c:\wamp\www” directory (if you chose default installation), and then test it using http://localhost/hello.html.

If this works fine, we are through with the first step.

Wampserver Configuration Panel

2. Modifying window’s HOSTs file

Running an application through “localhost” (your system’s default name) is fine, but it doesn’t give you the real feeling. If you are not completely copying the real server your blog is hosted on, you may miss something in testing – and it may come up as an annoying error while updating your actual blog online.

To call your system anything other than “localhost” you need to update the HOSTs file, located in your windows system folder – specifically “C:\windows\System32\drivers\etc“, depending on where your windows is installed. This is a text file, legacy of unix based systems, you may edit it in any text editor of your choice. Lets say your blog’s domain name is “myblog.com” – so you will add a line at the end of this file – given below.

127.0.0.1 localhost 127.0.0.1 www.myblog.com

Once you save it, your system will also be known as “www.myblog.com”. If you try opening it in your browser, your browser should show the Apache’s Welcome page.

3. Creating a Virtual Host in Apache

A Virtual Host is Apache’s term refering to the ability to run multiple domains from a single system – for example you can run – www.myblog.com and www.myblog1.com – both from the same system, with different files. For advanced understanding you may google more on this subject.

But in simple terms you need it, if you are managing multiple blogs. If you skip this step, your wordpress’ installation directory will be “c:/wamp/www”

To create a virtual host you will need to modify your Apache’s configuration files – “C:\wamp\bin\apache\apache2.2.8\conf\httpd.conf” – depending on where you installed your Apache. You can also open this file by left-clicking on the speedometer icon, and selecting “Apache > httpd.conf” option.

And add the following lines:

NameVirtualHost *:80 <VirtualHost *:80> ServerAdmin [email protected] DocumentRoot "c:/projects/www.myblog.com" ServerName www.myblog.com ServerAlias myblog </VirtualHost> <Directory "c:/projects/www.myblog.com/"> Options Indexes FollowSymLinks AllowOverride all Order Allow,Deny Allow from all </Directory>

Make sure that you have the mentioned directory available and accessible. Restarting Apache will make your domain run from the mentioned directory.

The result of this step will be that any html or php files in the “c:/projects/www.myblog.com/”, will be accessible from “http://www.myblog.com/”. This is going to be your wordpress’ installation directory.

You can put more <VirtualHost> and <Directory> entries for more domains you want to manage.

4. Installing Wordpress, themes and plugins

After step 2 or optionally step 3, you need to download and install wordpress from your Installation Directory – Unzip and Copy the wordpress files in this folder.

Before installing Wordpress, you need to create an empty MySQL Database, and probably create a user also. It helps to name the Database as close to what will appear on your actual host. Otherwise while updating on the real server you may need to change the wordpress’ config file.

You can access MySQL through phpMyAdmin – normally this will be available through http://localhost/phpmyadmin, you may again left click on the speedometer icon of Apache and access it directly. Once you have created the Database and respective MySQL user, you can now continue with the wordpress installation through your own domain – http://www.myblog.com. Accessing this url should start wordpress installation, if everything is set alright.

The wordpress’ famous 5-minute install, and updating themes and plug-ins should be familiar to you – for more information you can browse through http://codex.wordpress.org.

5. Testing and Updating your Blog

You may need to perform minor tweaks to match the apache configuration of your server. Most of these are simple like enabling Apache mods, and changing PHP.ini settings. After changing anything in Apache’s configuration, you may need to restart server again. Both of these can be easily done through options in the wampserver.exe.

Updating your blog generally means updating themes and plugins. Editing PHP is easy in any good text editor like editplus or textpad. As soon you save a change you can just refresh the browser to see the change in real-time.

With ease and peace of mind.

0 notes

zz04-com · 7 years ago

Text

Acelle v3.0.15 – PHP邮件营销应用破解版

这是一款自托管邮件营销应用，自托管可以省去昂贵的费用，也可以与其他商业应用服务整合，例如Mailgun, Google Mail 或 Amazon SES，还是先看看官方的介绍吧！

Install Acelle on your own web server and you can use marketing/transaction emails without any limitation. You can get rid of expensive email services like Mailchimp, ActiveCampaign? as now you can have full control over the entire system of your own.

Acelle can be configured to send email through your own SMTP servers like Postfix, Exim, Sendmail or Qmail. It can also integrate with other email service provider like Mailgun, Google Mail or Amazon SES

系统需求：

Operating System: Linux (RedHat, Fedora, CentOS, Debian, Ubuntu, etc.). Unfortunately we have yet to support Windows or Mac OS.

PHP Version: 5.6, 7.0, 7.1 or higher

MySQL Version: >= 5.x

Application server: Apache, Nginx

Below are the PHP extensions that are required for installing Acelle Mail:

Mbstring

OpenSSL

Socket

PDO Driver

Tokenizer

PHP Zip Archive

IMAP Extension

更新日志：

版本有跳跃，特将3个版本的更新日志都发上来了

3.0.15 / 2018-05-02

==================

* Fixed: everifier.org compatibility issue

* Fixed: AWS SNS rate limit issue

* Fixed: import issue with uppercase email address

* Fixed: automation issue with unsubscribed contacts

* Fixed: feedback log not showing up correctly

* Fixed: Reply-To header is now required for SendGrid

* Fixed: moving subscribers issue

* Fixed: subscribers filtering issue

* Fixed: Return-Path header not set correctly

* Changed: remove plain text online viewer

3.0.14 / 2018-01-09

==================

* Fixed: PHP CLI checker does not work correctly

* Fixed: verification result is not correct

* Fixed: blacklisting may not work correctly

* Fixed: "flat array" issue

* Fixed: SendGrid feedback handling issue

* Added: support cloning plan

* Added: support file attachment for campaign email

* Added: export segment

* Added: integated with Proofy.io verification service

* Added: support everifier.org verification service

* Added: support changing font-size for email editor

3.0.13 / 2017-10-15

==================

* Fixed: JS issue with embedded form

* Fixed: subscriber listing API does not work correctly

* Fixed: SSL verification issue for system email

* Fixed: double subscription

* Fixed: quota tracker issue resulting in invalid credit deduction

* Fixed: do not send automation emails to unsubscribers

* Fixed: permission error while importing subscribers

* Added: support for PayUMoney

* Added: support uploading subscriber image

* Added: auto convert ISO-8859-1 to UTF-8 while importing subscribers

破解说明：

本次发布的是3.0.15破解版，源码由reishi进行破解，零售版由国外论坛的会员提供，亲测可用，转载请著名转自顶点网 www.topide.com

安装说明：

程序基于laravel框架开发，虚拟主机安装需要注意一点

Apache安装方法：

建立虚拟主机，修改主机配置：

ServerName topide.com

DocumentRoot "/home/user/topide/public"

Options Indexes FollowSymLinks

AllowOverride All

Require all granted

</Directory>

</VirtualHost>

将解压缩后的文件和文件夹除了“public”文件夹之外都上传到服务器“/home/user/topide/”目录；

然后将解压缩后得到的“public“目录下的内容上传到服务器“/home/user/topide/public”目录。

简单点说就是将网站运行目录设置为public文件夹即可。

然后运行http://topide.com/install 根据页面提示进行安装。

授权码处填写nulled-by-reishi即可。

安装方法：

1、打开网址进行环境检测，按照提示输入网站信息，授权码，管理员信息，下一步安装。

2、输入数据库信息，确认数据库，进行导入，导入成功，点击OK进行计划任务设置。

3、设置PHP运行目录，设置成功，点击OK，点击next完成安装。

4、完成安装的页面，点击链接进行登录或打开网站首页。

来自顶点网分享。

from 站长源码 https://zz04.net/2789.html

#站长源码

0 notes

whatsamknows · 7 years ago

Text

Free SSL on CentOS with Cloudflare

Cloudflare can be configured to offer free SSL to your website. No need to pay for a certificate. This post assumes you have already routed your domain through Cloudflare and use CentOS + Apache. A more detailed guide from Cloudflare is available here.

1. First generate a certificate by navigating to the Crypto section of your Cloudflare dashboard. From there, click the Create Certificate button in the Origin Certificates section. Then just use the defaults to generate the certificate and key.

2. Copy these down to two seperate files located on your web server e.g.

/var/www/html/ssl/example.com.crt /var/www/html/ssl/example.com.key

3. Configure your virtual host block as below, taking note of the parts in bold. You can just copy your existing block configured for post :80 and leave the existing one intact.

<VirtualHost 192.168.0.1:443> DocumentRoot /var/www/html2 ServerName www.yourdomain.com SSLEngine on SSLCertificateFile /var/www/html/ssl/example.com.crt SSLCertificateKeyFile /var/www/html/ssl/example.com.key </VirtualHost>

4. Test your configuration.

apachectl configtest

5. Next set permissions for your certificate and key files.

chmod 600 /var/www/html/ssl/example.com.crt chmod 600 /var/www/html/ssl/example.com.key

The enclosing folder can also be protected:

chmod 700 /var/www/html/ssl/

The owner of the directory and files should be root.

6. Make sure your server is open to traffic on port :443

Add port 443 to the firewall rule and reload the firewall service firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --reload

Check whether or not the port has been added to the iptables and check whether or not port 443 is listening iptables-save | grep 443 netstat -plnt | grep ':443'

7. You should now be able to load your website via https://

In Cloudflare, enable Automatic HTTPS Rewrites, and Always use HTTPS. Change your SSL mode to Full (strict).

If you get a bad gateway error 502 or 523 when trying to load your site, make sure your firewall is open on port 443.

0 notes

kitwallace · 8 years ago

Text

Implementing SSL at last

One objective for the bristoltrees.space site is to support a ‘virtual arboretum’ for Bristol. A visitor with a GPS-enabled smartphone and mobile broadband can use this location-aware web page (now with https enabled) to identify the nearest trees to the phone.

This page uses the JavaScript geolocation api to access the phone’s GPS and to follow that position as it changes. Until recently this API worked on all browsers used on smartphones but Chrome recently changed to require SSL, and others will I guess follow. I had lazily ignored SSL until now, and in a way I’m glad I did because now LetsEncrypt has changed the game.

Pretty URLs

My installation of exist-db sits behind Apache which is configured to server multiple domains via a virtual host configuration file for each one. A number of my web sites implement REST-style pretty URLS . In my rather traditional setup, the configuration file contains Apache rewrite rules which enable the path and any query parameters to be passed to an XQuery script which analyses the path and dispatches calls to appropriate functions to generate the response. eg.

<VirtualHost *:80> ServerAdmin [email protected] ProxyRequests off ServerName explorersolutions.co.uk ServerAlias www.explorersolutions.co.uk <Proxy *> Allow from all </Proxy> ProxyPass / http://localhost:8080/exist/rest/db/apps/ ProxyPassReverse / http://localhost:8080/exist/rest/db/apps/ ProxyPassReverseCookieDomain localhost explorersolutions.co.uk ProxyPassReverseCookiePath / / RewriteEngine on RewriteMap escape int:escape RewriteRule ^/$ /Artworks/ [R] RewriteRule ^/Artworks$ /Artworks/ [R] RewriteRule ^/Artfind$ /Artfind/ [R] RewriteRule ^/Artfind/(.*)$ /artworks/locate.xq?_path=${escape:$1} [P,QSA] RewriteRule ^/Artworks/(.*)$ /artworks/home.xq?_path=${escape:$1} [P,QSA] </VirtualHost>

This enables URLs like

http://explorersolutions.co.uk/Artworks/art/CDF-202

to be rewitten as

http://explorersolutions.co.uk/artworks/home.xq?_path=art/CDF-202

to generate the page for this Artwork (in Cardiff)

eXist-db itself supports REST via URL rewriting guided by configuration files. eXist-db also supports RESTXQ, an initiative to provide declarative URL rewriting to XQuery. Adam’s 2012 paper is an excellent survey of approaches to declarative URL rewriting in XQuery platforms generally.

I know I should look at these approaches seriously but for the moment I have to stick with the legacy Apache rewriting approach.

LetsEncrypt

I initially looked at implementing SSL in the Jetty server which sits in front of eXist but this looked fiddly and not sustainable. Discovering the letsEncrypt initiative to spread the use of security certificates and the Certbot software showed the way to go. In preparation I had updated my VPS to Debian Jessie which is well supported by Certbot.

Emboldened by an offer of support from a fellow hackspace member, the other day I finally gritted my teeth and got down to it.

Implementation

I started at https://letsencrypt.org/getting-started/ - since I have shell access to the VPS, I can use certbot. https://certbot.eff.org/ Selecting Apache and Debian Jessie gets me the installation details which I followed and certbot now runs.

To set up a domain like explorersolutions.co.uk, I used the command

certbot --apache -d explorersolutions.co.uk

I chose the default of supporting both http and https and lo and behold! certificates are made, domain validated and a new Apache configuration module added to sites-available and linked from sites-enabled. This is a copy of the original conf file with SSL stuff added at the end

The Apache service has also been restarted so

https://explorersolutions.co.uk/artworks/home.xq?_path=art/CDF-202

worked immediately but the pretty URL

http://explorersolutions.co.uk/Artworks/art/CDF-202

threw a 500 error. Messages in the Apache error log implied that SSLProxyEngine was needed so I added this to the config file and all was fine.

(Actually that explanation skims over a lot of pain where I first Googled the error, came across some suggested fix to what I though was the problem, implemented it, restarted Apache which crashed (why does an error in one config file stop the whole service? Finally I looked in the log!. Its a tricky judgement to know when to try to figure out the problem yourself and when to reach for Google - I’m getting too dependant on the later)

Locating Trees

The aim was to get the locate service working on Chome and after running certbot to enable https on bristoltrees too (not forgetting the conf fix), the locate script https://bristoltrees.space/Locate/ is now working (provided of course that security settings allow the phone’s location to be shared).

Nice.

PS - I never actually heard back from my hackspace friend but in a way it didn’t matter - it was enough to write the emails as a kind of confessional to get me through - perhaps it was intentional, I’ll have to ask him!.

#XQuery #trees

0 notes

techdirectarchive · 8 months ago

Text

Apache errors associated with WAMP installation for TeamPass

In this article, we shall discuss how to resolve Apache errors associated with WAMP installation for TeamPass. Apache WAMP (Windows, Apache, MySQL, PHP) is a software stack that allows users to create a local development environment for building and testing web applications on Windows. Please see how to Setup VirtualHost with SSL on WAMP Server, how to Configure SQL Server Instance to listen on a…

#Apache #wamp #WAMP Server #WAMP Server Errors #WAMPserver #Windows #Windows Server #Windows Server 2019

0 notes

webdesignersolutions · 6 years ago

Text

Can someone help a complete newbie host own webserver?

I'm really new to networking and server admin. I'm barely starting my studies on CompTIA A+ and Linux+. I am currently testing out everything on my workstation but I will move it all to my RaspberryPi when I figure it all out. I am struggling really bad with this. I cant seem to understand it and it's very frustrating. My domain only points to my index.html within my LAN after I configured all the apache.conf files.

I'm putting together this little example of what I did and hopefully someone will be able to understand and explain what I'm doing wrong. I'd be so grateful if you could help me out. I know it's pathetic because this is grade school stuff to most admins. But my upbringing was traumatic and violent. I am barely learning a lot of positive and productive things I should have already done as a kid, and became proficient in as a young adult.

First off, I'm running Ubuntu MATE 18.04.3 (static IP) with apache2.4.29-1.

This is an example of how I configured port forwarding in my router: Its leased by AT&T (Arris BGW210)

https://imgur.com/a/rxtEwQS

Second, Im using a free domain name from Freenom. I'm not sure if I set 'A record' correctly or if I need to set GlueRecords with Freenom. I also changed Freenom DNS to match DNS of my router and localhost. These are attDNS and google public DNS.

Here is how I configured Freenom Domain: https://imgur.com/a/HsLFg0n

I have the following set up in Linux:

I made a .conf file here: /etc/apache2/sites-available

$ ls /etc/apache2/sites-available/

000-default.conf default-ssl.conf mysite.tk.conf

I know the directory is right. here is output of ls on that dir:

me@sys:/var/www/lexrex$ cd /var/www/lexrex/public_html && ls fox.jpg hummer.png index.html lexrex.png space.jpg starseed.png

Then I ran these commands:

sudo a2ensite mysite.tk.conf && sudo service apache2 restart

Showing ports open in terminal: but they are using IPv6? Do I need to make them IPv4?

Neither the mumble server or the webserver can be reached outside of my local network. I'm only able to access them through LAN. I followed this example on youtube to get all this done:

https://www.youtube.com/watch?v=aPqDQX5naHA

Thank you so much if you read through all this. I'm probably making things really complicated like always, but I'm really lost. I cant afford to get webhosting services or buy a domain because I lost my job early this year and I'm trying to learn some skills to get into the IT industry. Plus the whole point here is kind of a learn to DIY instead of pay for others to do the work. It's all really difficult because I have a lot of mental problems and issues like PTSD, depression and anxiety. I've had a very rough life and have finally began to accept myself and not let fear control me. I'm trying to really learn this kind of stuff instead of just ignore life or give up.

I dont know anyone who even understands this kind of stuff. I have no one to talk to about it. Anyone who would ends up wanting to charge $100/hour and not teach me anything to help myself later.

I hope you have a great day, thank you and Take Care.

Submitted November 08, 2019 at 02:05PM by Lexi5Rex https://www.reddit.com/r/webhosting/comments/dtltn1/can_someone_help_a_complete_newbie_host_own/?utm_source=ifttt from Blogger http://webdesignersolutions1.blogspot.com/2019/11/can-someone-help-complete-newbie-host.html via IFTTT

#IFTTT #Blogger

0 notes

webdesignersolutions · 6 years ago

Text

Can someone help a complete newbie host own webserver? via /r/webhosting

Can someone help a complete newbie host own webserver?

First off, I'm running Ubuntu MATE 18.04.3 (static IP) with apache2.4.29-1.

This is an example of how I configured port forwarding in my router: Its leased by AT&T (Arris BGW210)

https://imgur.com/a/rxtEwQS

Here is how I configured Freenom Domain: https://imgur.com/a/HsLFg0n

I have the following set up in Linux:

I made a .conf file here: /etc/apache2/sites-available

$ ls /etc/apache2/sites-available/

000-default.conf default-ssl.conf mysite.tk.conf

I know the directory is right. here is output of ls on that dir:

me@sys:/var/www/lexrex$ cd /var/www/lexrex/public_html && ls fox.jpg hummer.png index.html lexrex.png space.jpg starseed.png

Then I ran these commands:

sudo a2ensite mysite.tk.conf && sudo service apache2 restart

Showing ports open in terminal: but they are using IPv6? Do I need to make them IPv4?

Neither the mumble server or the webserver can be reached outside of my local network. I'm only able to access them through LAN. I followed this example on youtube to get all this done:

https://www.youtube.com/watch?v=aPqDQX5naHA

I dont know anyone who even understands this kind of stuff. I have no one to talk to about it. Anyone who would ends up wanting to charge $100/hour and not teach me anything to help myself later.

I hope you have a great day, thank you and Take Care.

Submitted November 08, 2019 at 02:05PM by Lexi5Rex via reddit https://www.reddit.com/r/webhosting/comments/dtltn1/can_someone_help_a_complete_newbie_host_own/?utm_source=ifttt

#IFTTT #reddit

0 notes

webdesignersolutions · 6 years ago

Link

I am using a namecheap domain with my nameservers from a digitalocean droplet where my website lives.

On digitalocean, I set up my DNS records and they are all working except I cannot get www.mydomain.com to work, only mydomain.com

I created the CNAME record for www.mydomain.com @ and checked that it is working. When I access www.mydomain.com, I get an error “ERR_CONNECTION_REFUSED”.

Do I need to configure apache for this? Perhaps mess around with virtualHost settings?

I am using a LAMP installation on ubuntu 18.04.

Edit: Here are the contents of my /etc/apache2/sites-available/000-default.conf:

<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www/html <Directory /var/www/html/> Options Indexes FollowSymLinks AllowOverride All Require all granted </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <IfModule mod_dir.c> DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm </IfModule> </VirtualHost>

Submitted January 10, 2019 at 11:07AM by pineappleinferno https://www.reddit.com/r/webhosting/comments/aeln59/cannot_get_www_to_work_on_my_domain_name/?utm_source=ifttt

from Blogger http://webdesignersolutions1.blogspot.com/2019/01/cannot-get-www-to-work-on-my-domain-name.html via IFTTT

#IFTTT #WordPress

0 notes

webdesignersolutions · 6 years ago

Text

cannot get www to work on my domain name

I am using a namecheap domain with my nameservers from a digitalocean droplet where my website lives.

On digitalocean, I set up my DNS records and they are all working except I cannot get www.mydomain.com to work, only mydomain.com

I created the CNAME record for www.mydomain.com @ and checked that it is working. When I access www.mydomain.com, I get an error "ERR_CONNECTION_REFUSED".

Do I need to configure apache for this? Perhaps mess around with virtualHost settings?

I am using a LAMP installation on ubuntu 18.04.

Edit: Here are the contents of my /etc/apache2/sites-available/000-default.conf:

Submitted January 10, 2019 at 11:07AM by pineappleinferno https://www.reddit.com/r/webhosting/comments/aeln59/cannot_get_www_to_work_on_my_domain_name/?utm_source=ifttt from Blogger http://webdesignersolutions1.blogspot.com/2019/01/cannot-get-www-to-work-on-my-domain-name.html via IFTTT

#IFTTT #Blogger

0 notes

webdesignersolutions · 6 years ago

Text

cannot get www to work on my domain name via /r/webhosting

cannot get www to work on my domain name

I am using a namecheap domain with my nameservers from a digitalocean droplet where my website lives.

On digitalocean, I set up my DNS records and they are all working except I cannot get www.mydomain.com to work, only mydomain.com

I created the CNAME record for www.mydomain.com @ and checked that it is working. When I access www.mydomain.com, I get an error "ERR_CONNECTION_REFUSED".

Do I need to configure apache for this? Perhaps mess around with virtualHost settings?

I am using a LAMP installation on ubuntu 18.04.

Edit: Here are the contents of my /etc/apache2/sites-available/000-default.conf:

Submitted January 10, 2019 at 11:07AM by pineappleinferno via reddit https://www.reddit.com/r/webhosting/comments/aeln59/cannot_get_www_to_work_on_my_domain_name/?utm_source=ifttt

#IFTTT #reddit

0 notes

webdesignersolutions · 8 years ago

Link

I run a hosting company which host mostly WordPress sites. As you know brute force attacks on WordPress has been a big issue for the past few years. About six months ago after I was able to block most attacks they got even stronger and harder to stop. I figured out how to block them 99% of the time which keeps my server resources down and keeps my clients sites from wasting resources.

If you run your own servers you can use the guide below to protect your clients sites.

This guide is for someone running cPanel 64 or greater with EasyApache 4. Parts of this guide will work for cPanel 58-64 and EasyApache 3 however some features may be missing.

Writing this current guide base on my current server setup. These methods may work with other platforms such as Plesk but I don’t have the environment to test.

Step One – Apache Config

The first thing I did was block ALL xmlrpc.php traffic from anyone but WordPress IPs. These IPs may changes but the list I’m currently using has been working fine for over a year.

You need to add the code below in your apache config. If you’re running cPanel you can login to WHM and search for Apache Configuration. Once you’re on that menu select Include Editor and select the All Versions drop down under Pre VirtualHost Include.

Screenshot

Add your IP address so you can access everything after you block it

This code will redirect all xmlrpc.php and wp-trackback.php to localhost aka 127.0.0.1. You may have clients that use both so make sure they’re not using the WordPress app or using Trackbacks. We decided as a company to block them because they were used for attacks more than anything and not one of our clients reported issues either. If they need xmlrpc.php or wp-trackback.php you can put them on their own server. No need to compromise your security for one client.

<FilesMatch “^(xmlrpc\.php|wp-trackback\.php)”> Order Deny,Allow Deny from all Allow from *.wordpress.com Allow from 192.0.64.0/18 Allow from 185.64.140.0/22 Allow from 2a04:fa80::/29 Allow from 76.74.255.84 Allow from 76.74.255.85 Allow from 192.0.65.204 Allow from 192.0.65.205 Allow from 192.0.80.244 Allow from 192.0.80.246 Allow from 192.0.96.247 Allow from 192.0.96.248 Allow from 192.0.123.250 Allow from xxx.xxx.xxx.xxx <—————- **ADD YOUR IP ADDRESS OR REMOVE THIS LINE** (If you don’t the config will error) Satisfy All ErrorDocument 403 http://127.0.0.1/ </FilesMatch> Step Two – Mod Security

The next step requires Mod Security to be installed. This is a free option within cPanel. Hopefully you’re running the latest cPanel 62+ which has a nice interface for Mod Security.

You can install Mod Security via EasyApache 4. Once you’re login to WHM search for EasyApache 4. Since you most likely already have a running config you can click the blue button to customize your current config. Once everything loads click Apache Modules and search for mod_security. You want to have mod_security2 and mod_security2-mlogc. (You may already have mod_security2 installed but mod_security2-mlogc is a new feature since cPanel 62+.

Screenshot

If yours shows blue and unaffected you already have both installed. If not hit next until you get to the review screen and hit provision

(If you’re running cPanel 62 it’s called modsec-sdbm-util. If you’r’re not running 62+ you can install the plugin from Kenneth Power github https://github.com/escherlat/modsec-sdbm-util)

What mod_security2-mlogc does is clean up your ModSec logs so they don’t get really large in size. I had an issue where the log file /var/cpanel/secdatadir/ip.pag would get 25GB in size and cause the server to overload.

Once you have ModSec installed you can install click the WHM icon at the top left to refresh the page. Then search for ModSecurity in the WHM search panel. Select ModSecurity™ Vendors and add / install the OWASP ModSecurity Core Rule Set V3.0 rules. (You may already have the 2.0 rules installed) Personally I’ve found the 3.0 rules to be better than the 2.0 rules. I have disabled the 2.0 rules all together.

Search for ModSecurity™ Configuration within WHM and make sure everything is turned on. I have Audit Log Level set to Only log noteworthy transactions, Connections Engine set to Process the rules, Rules Engine set to Process the rules. You can setup the other stuff as well such as Geolocation Database and Project Honey Pot if you want but I’m not going to talk about those within this guide.

Step Three – CMC

You don’t need to install this if you want to modify the files via command line or ftp but I found it’s easier using this plugin. The install instructions are pretty easy.

https://www.configserver.com/cp/cmc.html

Install instructions: https://download.configserver.com/cmc/INSTALL.txt

Once you have CMC installed you can click the WHM icon at the top left to refresh the page. Search for ConfigServer ModSec in the WHM search and select it. Scroll down to the bottom and select modsec/modsec2.user.conf under ConfigServer ModSecurity Tools and select edit.

This is the rule that will block 99% of the attacks. In the last 7 days it’s blocked over 42,5000+ attacks!

Add the following entry: (More about the other rules below – Do not add them until you read the rest of this post)

<Locationmatch “/wp-login.php”> SecRule REQUEST_METHOD “POST” “deny,status:401,id:972687,chain,msg:’wp-login request blocked, no referrer'” SecRule &HTTP_REFERER “@eq 0” </Locationmatch>

Screenshot

What this does is block any connection that doesn’t have a referrer (https://en.wikipedia.org/wiki/HTTP_referer)

Step Four- CSF

Hopefully by now you already have a firewall installed however if you don’t you need to install ConfigServer Security & Firewall.

https://configserver.com/cp/csf.html

This is another easy install.

https://download.configserver.com/csf/install.txt

Once you have CSF installed you can click the WHM icon at the top left to refresh the page. Search for firewall in the WHM search and select it. If you don’t already have it setup click Firewall Profiles under csf – ConfigServer Firewall and select one to fit your environment. I always start with protection_high and adjust some settings so if you don’t know how CSF works pick medium and apply profile. It will ask you to restart csf & lfd.

Once the page refresh select Firewall Configuration. Search for LF_MODSEC. The default should be set to 3 or 5 depending on the profile you have. You can start with 3 as you monitor the blocks however I have mine set to 1 because I don’t get anymore false positive on ModSec so if someone hits a ModSec rule once they are automatically added to the firewall block. I also have DENY_IP_LIMIT set to 5000 and DENY_TEMP_IP_LIMIT set to 1000. The limit you set depends on your servers. I could have a lot higher but feel 5000 is a good limit.

Screenshot

One last step is setting up ldf blocklist. You can find this on the main firewall screen (very bottom) after clicking it from the WHM search. You will find a few entries already in there by default but I added two to my list. Below is my current config for blocklist.

The two other list I added were myip.ms Latest blacklist and myip.ms user submitted blacklist. You may also not have GreenSnow Hack List depending on your CSF install.

PLEASE NOTE: You may not be able to use all of these depending on your server size. I suggest adding one or two at a time and slowly add the others over the next few days. Watch your server load and loading time of your clients sites to make sure the firewall is not slowing down your server.

Screenshot

# Spamhaus Don’t Route Or Peer List (DROP) # Details: http://www.spamhaus.org/drop/ SPAMDROP|86400|0|http://www.spamhaus.org/drop/drop.lasso # Spamhaus Extended DROP List (EDROP) # Details: http://www.spamhaus.org/drop/ SPAMEDROP|86400|0|http://www.spamhaus.org/drop/edrop.lasso # DShield.org Recommended Block List # Details: http://dshield.org DSHIELD|86400|0|http://www.dshield.org/block.txt # TOR Exit Nodes List # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList TOR|86400|0|https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.2.3.4 # Alternative TOR Exit Nodes List # Details: http://torstatus.blutmagie.de/ ALTTOR|86400|0|http://torstatus.blutmagie.de/ip_list_exit.php/Tor_ip_list_EXIT.csv # BOGON list # Details: http://www.team-cymru.org/Services/Bogons/ BOGON|86400|0|http://www.cymru.com/Documents/bogon-bn-agg.txt # Project Honey Pot Directory of Dictionary Attacker IPs # Details: http://www.projecthoneypot.org HONEYPOT|86400|0|http://www.projecthoneypot.org/list_of_ips.php?t=d&rss=1 # C.I. Army Malicious IP List # Details: http://www.ciarmy.com CIARMY|86400|0|http://www.ciarmy.com/list/ci-badguys.txt # BruteForceBlocker IP List # Details: http://danger.rulez.sk/index.php/bruteforceblocker/ BFB|86400|0|http://danger.rulez.sk/projects/bruteforceblocker/blist.php # OpenBL.org 30 day List # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://www.openbl.org OPENBL|86400|0|https://www.openbl.org/lists/base_30days.txt # MaxMind GeoIP Anonymous Proxies # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://www.maxmind.com/en/anonymous_proxies MAXMIND|86400|0|https://www.maxmind.com/en/anonymous_proxies # Blocklist.de # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://www.blocklist.de # This first list only retrieves the IP addresses added in the last hour BDE|3600|0|https://api.blocklist.de/getlast.php?time=3600 # This second list retrieves all the IP addresses added in the last 48 hours # and is usually a very large list (over 10000 entries), so be sure that you # have the resources available to use it #BDEALL|86400|0|http://lists.blocklist.de/lists/all.txt # Stop Forum Spam # Details: http://www.stopforumspam.com/downloads/ # Many of the lists available contain a vast number of IP addresses so special # care needs to be made when selecting from their lists #STOPFORUMSPAM|86400|0|http://www.stopforumspam.com/downloads/listed_ip_1.zip # GreenSnow Hack List # Details: https://greensnow.co GREENSNOW|3600|0|http://blocklist.greensnow.co/greensnow.txt # myip.ms Latest blacklist # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_Real-time MYIPMSBLACKLIST|86400|0|https://myip.ms/files/blacklist/csf/latest_blacklist.txt # myip.ms user submitted blacklist # Set URLGET in csf.conf to use LWP as this list uses an SSL connection # Details: https://myip.ms/browse/blacklist/1/usrs/0/Yes_Blacklist_IP_Addresses_Live.html MYIPMSUSERS|86400|0|https://myip.ms/files/blacklist/csf/latest_blacklist_users_submitted.txt

After you have made the changes above hit change and restart csf & lfd.

Bonus – modsec2.user.conf Bad Bots

We had a lot of issues with Baidu and Yandex using a lot of resources on clients sites so we decided to block them all together. We also have a bad bot list we put together from resources online which you can block via ModSec.

First thing you want to do is create a file badbotlist.txt under /etc/apache2/conf.d/modsec/ or on your computer and upload to /etc/apache2/conf.d/modsec/.

Add the text from this document into your file.

ModSec Bad Bots List: https://docs.google.com/document/d/1SjtAywpkLR6dX0Va_tKgpdMxAIOsHTf_xcMaQ5XK6no/edit?usp=sharing

Once you have the file add this to your modsec/modsec2.user.conf (You can do this via ConfigServer ModSecurity Control)

SecRule REQUEST_HEADERS:User-Agent “@pmFromFile badbotlist.txt” “id:350001,rev:1,severity:2,log,msg:’BAD BOT – Detected and Blocked. ‘”

Hit change / restart CSF & LFD

Bonus – modsec2.user.conf xmlrpc.php

While xmlrpc.php is getting blocked via Apache Config I noticed some slipping though if the attacker is trying to break into /blog/xmlrpc.php

Adding this code below will stop those attacks.

<Locationmatch “/xmlrpc.php”> SecRule REQUEST_METHOD “POST” “deny,status:401,id:48658231,chain,msg:’xmlrpc request blocked, no referrer'” SecRule &HTTP_REFERER “@eq 0” </Locationmatch> Bonus – Extra Modsec Rules

I also noticed some attackers trying to exploit by doing // in front to get by the main block those.

SecRule QUERY_STRING “//” “redirect:http://127.0.0.1,id:2894326” Bonus – Comodo ModSec

Comodo has a nice set of ModSec rules that you can add via ModSecurity™ Vendors inside WHM.

Here is a guide on install those rules.

https://help.comodo.com/topic-212-1-670-8350-.html

Bonus – Cloudflare Page Rules

Cloudflare allows you to use three page rules for free. If you have a client that is still getting a lot of attacks I highly suggest putting them on Cloudflare. Here is a guide how to setup the page rules.

After you have the site added to cloudflare and the name servers changed / verified. Go to Page Rules.

Cloudflare allows you to have three page rules for free. If you need more it’s only 5 dollars for 5 more.

These are the three that i’m using to block most attacks via cloudflare.

Create a rule with the following matches.

First rule

(This rule is only for a bot or someone visiting wp-login.php and not the rest of your site)

URL Matches: yourclientsdomain.com/wp-login.php

First setting: Browser Integrity Check – On (Documentation)

Second setting: Security level – I’m under attack. (Documentation)

Screenshot

Second rule

(This rule is only for a bot or someone visiting /wp-admin and not the rest of your site – Kind of redundant since wp-admin redirects to wp-login.php but saves a php process redirecting)

URL Matches: yourclientsdomain.com/wp-admin

First setting: Browser Integrity Check – On (Documentation)

Second setting: Security level – I’m under attack. (Documentation)

Screenshot

Third rule

(This rule is only for a bot or someone visiting xmlrpc.php and not the rest of your site)

URL Matches: yourclientsdomain.com/xmlrpc.php

First setting: Browser Integrity Check – On (Documentation)

Second setting: Security level – I’m under attack. (Documentation)

Screenshot

If this client has their own server because they use xmlrpc.php change security level to high. This will still block most bots and allow WordPress Android, iPhone, and Windows app to work. If not, you can just keep it as I’m under attack.

Screenshot

Final Steps

Monitor your ModSec Hit List by searching for ModSecurity™ Tools under WHM. Search and monitor the IPs getting blocked in the firewall to make sure legit traffic isn’t getting blocked.

You can view the original post with images at the following sites.

https://troyglancy.com/stopped-wordpress-brute-force-attacks-server

https://medium.com/@troyglancy/how-i-stopped-wordpress-brute-force-attacks-b8ad8bbd2081

Submitted August 03, 2017 at 07:44PM by messyentrepreneur https://www.reddit.com/r/webhosting/comments/6rhmvy/how_i_stopped_wordpress_brute_force_attacks/?utm_source=ifttt

from Blogger http://webdesignersolutions1.blogspot.com/2017/08/how-i-stopped-wordpress-brute-force.html via IFTTT

#IFTTT #WordPress

0 notes