How to Install NodeJS on Linux Server

In this article, I will cover how to very easily install Node.js on just about any Debian, Ubuntu or other Linux web server. I created this article to fill a great need for accurate information on this subject because I spent the better part of a full day getting Node.JS to work on the first server I had to install it on. Now that I’ve installed it on 3 or 4 different servers, I finally found a quick and easy way to make it work. I also had to make it so node could be called from PHP using the exec command, so it goes one step beyond just installing Node.js.

Here are the Four Quick and Easy Steps for Installing Node.JS on Linux Servers:

(use sudo in front of the command line commands if you are  not root user)

  1. Confirm that Curl is installed using “which curl” from command line and if it doesn’t return the curl location, then install curl before continuing.
  2. Confirm that Node isn’t already installed with the command line command “node –version”. if it doesn’t print a version no. then it needs installed.
  3. Using instructions from https://github.com/nodesource/distributions/blob/master/README.md#debinstall and If on a Debian server, go to command line and run(use sudo if not root user):
    curl -sL https://deb.nodesource.com/setup_8.x | bash –
    …and hit enter….then go to step 4.
    NOTE: if you’re not on a Debian server, follow the relative instructions for your particular server by scrolling to it in the above github URL instead of steps 3 and 4 here.
  4. then run this command from the command prompt(use sudo if not root user):
    apt-get install -y nodejs

Then you can verify that NodeJS works from the command line with:

node –version

and it shold return something like:

8.4.0

 

WordPress Editor is Missing Tabs

I found my site was missing the “Visual” and “Text” tabs along with several other options including the “Kitchen Sink” option that adds the entire second row of menu options to the WYSIWYG editor! So, I was lost without these options and the fix was very difficult to figure out, so I’m going to share it in case someone else has this happen to them.

First off, let me just say that this may not be the solution for you. While searching for the solution, I saw there were several other issues that can cause this, so I’ll go over some of the easy and more common fixes first for you just in case. If the first two solutions don’t work, scroll down to my “The Tricky Fix” section below and give that one a try because that’s the one that got it working for me.

The Easy Fix:

The easy fix is to simply navigate to wp-admin and go to “Users”/”Your Profile” and at the top of your profile admin page you’ll see the “Visual Editor” option with a checkbox that reads: “Disable the visual editor when writing”. All you have to do is make sure this box is NOT CHECKED and then scroll to the bottom of the page and click on the update button to save your settings. Even if it was not checked to begin with, try checking, saving and then uncheck it and save it again and test the post/page editor again and sometimes this alone will make it work, but if it didn’t, keep reading!

The Difficult Fix:

The more difficult but probably second most common fix involves reinstalling or updating WordPress. If that doesn’t work, try disabling plugins one at a time to see which one may be causing the issue. Hopefully one of these first two fixes worked for you because those are the most common ones, however keep reading if you have yet to find a solution that enables your visual editor and missing editor tabs in WordPress. There’s one much trickier solution that is very hard to fine, but rather easy to implement….

The Tricky Fix:

Now for the tricky fix. This fix saved my day! If I hadn’t found it I would have spent all day trying different tricks to fix my Visual Editor and missing buttons issue for my WordPress blog, Jafty.com/blog. It has to do with missing headers and is related to a server issue that I admittedly do not fully understand. All I know is that this fix works if your server has this particular issue as mine did. All you have to do is add a few lines of PHP code to any active plugin or to your theme’s functions.php file. If you are not a plugin developer who happens to be making a plugin at this time, I would add it to my functions.php file. Here is the code:

function richedit_wp_cloudfront () {
add_filter(‘user_can_richedit’,’__return_true’);
}

add_action( ‘init’, ‘richedit_wp_cloudfront’, 9 );

Simply add that to the top of your functions.php file, save it and upload it to your server and refresh the page with the editor on it and it should now work. Mine did. If this doesn’t work, then unfortunately you must have a different sort of issue than I did. I have read online that Amazon servers can have this problem, although it happened to me on a Linode server. Good Luck!

How to Clone a MYSQLI Table From Command Line

Here are the two commands you can run from the Mysqli Command Prompt to successfully clone a database table. In the example we will name our tables new_table_name and old_table_name where old_table_name is the table we wish to clone. This is the best way I have found to-date to create a backup of a mysqli table from the command line:

CREATE TABLE new_table_name LIKE old_table_name;
INSERT new_table_name SELECT * FROM old_table_name;

Be sure to enter line one above and press enter, then do the same with the second line.

Find a file using Linux find Command

If you need to find a file anywhere on a server, what directory it is in or not, the Linux Find command is your go to command! Here are some basic usage cases:

Find a file in the current directory:

find . -name “this-file.php”

Find a file anywhere on the server above the root directory:

find / -name “filename.php”

Notice in the first example we used a period and in the second we used a forward slash. The period means to search the current directory and the forward slash means to search from the root directory and will basically find a file anywhere on the file in the root directory or any of its sub-directories.

Perform a case-insensitive search:

The above commands all use the -name parameter which performs a case-sensitive search. To perform a case-insensitive search, replace -name with -iname in the above examples, like so:

find / -iname “filename.php”

Perform a wildcard search:

The wildcard character is *. If you want to find all .php files, for example, use the following command:

find / -iname “*.php”

 

 

How to change DNS settings on your local PC

Have you ever been working on a website, changed your DNS settings over to a different server and later needed to access that server again from the old domain name for some reason? Well if you are an active developer, this situation is somewhat common. I’ll explain or you can skip the rest of this paragraph to quickly learn now to do it. Let’s say you own the domain name example.com and a web server with an IP address of 111.111.111.111. Now assume you have a WordPress blog on that server that you had to move to another server with IP 222.222.222.222. Let’s say you already changed the DNS settings for domain.com to point to the new server with IP 222.222.222.222 but you need to go back to the original WordPress site on the other server with an IP of 111.111.111.111. What do you do? We all know a WordPress site won’t function properly with just the IP address, so that is out. What you need to do is repoint example.com to 111.111.111.111 in order to access that WordPress site again. What a PITA, right? Well read on and I’ll show you a fast and easy way to make the site on the original server work with example.com even after you’ve pointed it to another IP address or web server! It’s as simply as controlling a local host file on your local PC to make example.com route to 111.111.111.111 even though the internet routes it to 222.222.222.222! Here’s how:

Using hosts file to override DNS settings for your PC

A lot of people don’t realize that when you make a request to the Internet using your local computer it first checks a local copy of the hosts file for an entry and only if one isn’t present it goes out to the Internet DNS servers. Therefore there’s an opportunity present for you to redirect example.com only for your own PC if you wanted to! Because there are also Affordable Mac Repairs in ipswich stores where you can get cheap laptops to try out these steps. Here are the easy steps:

  1. Open file explorer and navigate to C:\Windows\System32\drivers\etc.
  2. Open the file named “hosts” in notepad or another text editor that could be used as a code editor such as Notepad++, which is what I use.
  3. Now simply add a line to the end of the hosts file that contains the IP address of the server you want to route the domain name too followed by a space and then the domain name you want to reroute. So in our example scenario above, you would enter a new line that reads simply: 111.111.111.111 example.com
  4. Save the hosts file and open your browser and navigate to the domain which in our example was example.com. Note that there is a difference between example.com and www.example.com, so if you want it to work with www, you have to add another entry for www.example.com.

If you’re using Notepad++ or similar as I was, you’ll need to open it in administrator mode in order to be able to save the hosts file. Good luck! That’s all there is to it. IN case you failed, a mobile computer repair specialist operating near Boynton Beach is always ready to help.

How to change local DNS settings on a Mac

If you’re on a Mac, the instructions are basically the same but do this instead:

From the terminal, type:

nano /private/etc/hosts
and then add the IP and domain name as described above, so the only real difference between Mac and a PC when it comes to changing DNS settings is that you will use a different editor and the hosts file is located in different places.

 

 

How to Use IPTables

What is iptables?

iptables is a fairly flexible firewall system developed for Linux/Unix operating systems and used commonly for web server administrators to block access to servers by IP address or groups of IP addresses. It can also be used to white-list IP addresses as well. It is a command line tool that allows server administrators to enter simply one line commands to add, edit or delete rules for accessing the web server from the outside world.

Understanding iptables Infrastructure

Understanding the infrastructure of iptables in an important component to learning how to use iptables. Basically there are tables, chains and rules. Tables contain chains and chains contain rules. Here is a simple graphic to illustrate my point:

iptables

There are four default tables in iptables and you can add others if you want to get deep into config options. However, I recommend using the default tables to keep things simple. In fact, the filter table is the only one we will be messing with for now. The four default tables are filter, nat, mangle and raw.

  • Filter Table – default table for iptables. If you do not define a table, you’ll be using the filter table. The filter table has the following built-in chains:
    1. Input Chain – handles incoming connections.
    2. Output Chain – handles outgoing connections.
    3. Forward Chain – handles routing of connections like a router.
  • Nat Table – Consists of prerouting, postrouting and output chains. The prerouting chain helps translate destination ip address of the packets to match the routing on the local server. The postrouting chain translates packets as they leave the system and alters packets after routing. The output chain is NAT(Network Address Translation) for locally generated packets on the firewall.
  • Mangle Table – for specialized packet alteration. We will leave this table alone for now as it it outside the scope of this tutorial, but just know it is there.
  • Raw Table – for configuration exemptions. Raw table has a prerouting chain and an output chain.

Chain? WTF does my server need Chains for? Is it winter already?

When using iptables, there are basically three types of chains that we are mainly interested in. They are input chains, output chains and forward chains, the three chains from the filter table described above.

  • Input Chain – used to control the behavior of incoming connections. For example, if a user attempts to SSH into your server, iptables will attempt to match the IP address and port to a rule in the input chain.
  • Output Chain – used with outgoing connections. For example, if you try to ping jafty.com, iptables will check its output chain to see what the rules are regarding ping and jafty.com before making a decision to allow or deny the attempt to connect.
  • Forward Chain – used for incoming connections that aren’t delivered locally. It is something like a router where data is always being sent to it but is not destined for the actual router. Data is forwarded to its target. Unless you’re doing some type of routing or NATing  that requires forwarding, you probably won’t use a forward chain much if at all.

Understanding iptables Commands

In order to use iptables in Linux, you need to know the basic commands, so I’ll go over some of the more common iptables commands here for your learning pleasure!

Note that after you make any change, it is important to save iptables with the following command on Debian/Ubuntu servers:

iptables-save

or in some cases

/sbin/iptables-save

The save command is a little different for other servers, so take note of the one that applies to your server as noted below:

  • Centos / Redhat: service iptables save or sudo service iptables save if you are not root user.
  • If that didn’t work, try:  /etc/init.d/iptables save with and without sudo first.

If you don’t save after a change by typing the above at your command prompt and hitting enter, you will most likely lose your changes and/or they will never take effect.

iptables Command to Block a Single Simple IP address

If you wish to simply block an IP such as 206.190.152.176 from accessing your server in any way and from any port, type this at your command prompt and press enter, then save:

iptables -A INPUT -s 206.190.152.176 -j DROP

Whenever possible, always test to be sure your iptables rules work after adding then to be safe. Be sure to save using the appropriate iptables save command as mentioned above after you successfully enter your new rule.

Blocking all IP addresses but your own with iptables

If your server is getting throttled and you want to lock it down immediately or you are simply under construction and don’t want anyone but you to be able to access your server, here is how you can block all IP addresses from accessing your server and white-list just one or more IP addresses that will be able to access your server:

iptables -A INPUT -s 0.0.0.0 -j ACCEPT
iptables -A OUTPUT -d 0.0.0.0 -j ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT DROP

First, you should flush your current rules(see below). Then simply replace 0.0.0.0 with your own IP address in the commands above and enter each of the four commands one at a time from the command line, pressing enter after each, then save iptables.

Flushing iptables rules

To get rid of all active rules in iptables, enter the following command at the Linux command prompt:

iptables -F

Deleting Single iptables Rules

If you entered one or more iptables rules you want to delete without deleting the entire configuration, here is how to do it:

  1. List numbered rules using this command: sudo iptables -L INPUT -n --line-numbers
  2. To delete the first rule enter: sudo iptables -D INPUT 1(where 1 is the line number you want to delete)
  3. Confirm deletion took place by running the first command again and verify the rule is no longer present: sudo iptables -L INPUT -n --line-numbers
  4. Save iptables to be safe: sudo iptables-save

 

Restrict Number of Connections Per IP

Use connlimit to place restrictions on the number of connections allowed per IP address. To allow 4 ssh connections per client host, enter:
# iptables -A INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 4 -j REJECT

Set HTTP requests to 20:
# iptables -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 24 -j DROP
Where,

  1. –connlimit-above 3 : Match if the number of existing connections is above 3.
  2. –connlimit-mask 24 : Group hosts using the prefix length. For IPv4, this must be a number between (including) 0 and 32.

 

What is this nonsense after the slash in iptables ip addresses?

This is what I need to touch on before we go much further because you’ve no doubt seen existing rules in your iptables with IP addresses listed similar to:

188.0.0.0/8
or:
192.12.0.0/16

…and have surely wondered why there is a slash followed by a number after the ip addresses listed in your iptables rules. Well I’ll explain as best as I can in the next section as it is a little complicated to explain…

Knowing how to read and write more complex iptables rules with CIDR notation.

Learning to write iptables rules can get very frustrating if you don’t understand how the notation works. CIDR, Classless Inter Domain Routing notation, is often confused with network masks which are similar but not the same. I will offer my best explanation of CIDR notation here which I’ve gathered from several different sources to put together an explanation I feel comfortable with:

Imagine an IP address something like xxx.yyy.zzz.www/N, where N is the number of bits from 0 to 32. Each of the other numbers represents one byte out of the 4 bytes that make up an IP address. N says how many BITS of those 4 bytes matter. So any address that looks like 10.X.Y.Z/8 refers to ANY IP starting with “10.”: 8 bits = 1 byte, meaning everything after the first byte is ignored. The convention is to use zeroes in the ignored positions, so the canonical name for that subnet is 10.0.0.0/8. Most of the time, N is a multiple of 8, so it says to ignore a certain number of bytes.

Once in a while, you’ll see something other than that, like a /29. This means that PART of one of the bytes is ignored. For simplicity’s sake however, we will stick to multiples of 8 in this guide.

It’s also important to note that if the N is omitted, then it’s usually assumed to be 32, i.e. a single IP address specification.

So, taking what I’ve just explained above regarding CIDR notation, Here are some general examples of how netmasks work in conjunction with iptables rules:

10.0.0.0/8  – A CIDR of 8 bits means that only 1 of 4 possible bytes of the IP address is noted as represented by the “10” here. so this would cover the IP range from 10.0.0.0 to 10.255.255.255. In other words any IP address starting with “10.”.

100.50.0.0/16 – A CIDR of 16 means that 2 of 4 possible bytes of the IP address are noted as represented here by “100.50.”. In this case, a range from 100.50.0.0 to 100.50.255.255 is covered.

92.50.8.0/24 – A CIDR of 24 means that 3 of the 4 IP address bytes are noted as seen here with “92.50.8.” This time a range from 92.50.8.0 to 92.50.8.255 is represented.

Those should be the three most common types of CIDR notations. Following the above pattern of incrementing the number of bits by 8, the next logical example would be something like 92.50.8.210/32. While that is a perfectly good notation and will work, it is also moot because 32 bits would represent the entire IP address, so you might as well enter it without the CIDR notation(with no slash and number after the IP).  In iptables rules, 92.50.8.210/32 means the exact same thing as simply putting 92.50.8.210.

What do Bytes and Bits have to do with IP Addresses?

Good question, glad I asked myself! To properly understand how CIDR notation works you have to understand the math behind it. A Byte is made up of 8 bits(that’s why we increment by 8 in our previous examples). An IP address is made up of 4 Bytes or 32 Bits(4×8=32).

As you probably know, an IP address is made of of four numbers separated by dots or periods(.) like this: N.N.N.N where N can be any number from 0 to 255. This raised a question in my mind: In an IP address byte, how does a range from 0 to 255 have 8 bits? Well my question just goes to show I don’t fully understand how Bytes and Bits correspond with numbers because I googled around and discovered that indeed Eight binary bits can represent any whole number from zero to 255, so the segments of a dotted decimal address are decimal numbers with a range from 0 to 255.  I think it’s enough for now to understand that it is correct without getting into exactly how Bytes and Bits work with IP addresses because I don’t want this tutorial to confuse you even more. Let’s just know for now that 1 Byte = 8 Bits and that a Byte can be any number from 0 to 255 in an IP address which is made up of 4 Bytes and/or 32 Bits. If anyone would like to explain how this works in more detail, feel free to make a comment on this post and I’ll make sure it gets published.

How to Restart a Web Server with PHP

Today, I had the task of having to write a PHP script that restarts a web server. This is not allowed by default. It should be noted before I continue, that it is not allowed because it opens a security hole. It makes possible a server attack that would lock up your server by constantly restarting it from PHP. However, now that you’re aware of the risk, if you still wish to continue. Here is how it is done:

PHP Code:

    if(exec(“sudo service nginx restart”)) {
            echo “server restarted!<br />”;
        }else{
            echo “ERROR! Server failed to restart!<br />”;
        }

Test the above code. NOTE: it is likely not to work because normally you will have to edit the sudoers file on the server.

Edit the Sudoers File to Allow PHP to Use the Restart Command

On the Linode/Nginx server I am working on currently the sudoers file can be found at /etc/sudoers. It can be found in a similar location on most Linux servers. In order to edit the sudoers file on a Linux NGINX server, simply open the file and add the following to the end of the file and save it before restarting the web server:

www-data ALL=(ALL) NOPASSWD: /usr/sbin/service nginx start,/usr/sbin/service nginx stop,/usr/sbin/service nginx restart

Note that your server may require you to edit the sudoers file with visudo. If you have root access with Filezilla, you can go to /etc/ folder and download the sudoers file then edit it with notepad or notepad++ as I do.

For reference only, here are all the commands I added to sudoers file to get it to work with the site creation app that used the server restart function above:

#Ian added to allow www-data user to run nginx restart command:
www-data ALL=(ALL) NOPASSWD: /usr/sbin/service nginx start,/usr/sbin/service nginx stop,/usr/sbin/service nginx restart

#Ian added following line to allow the site maker app to change permissions of sites to 777 before deleting them:
www-data ALL=(root) NOPASSWD: /bin/chmod -R [0-7][0-7][0-7] /var/www/*, /usr/bin/chmod -R [0-7][0-7][0-7] /var/www/*
www-data ALL=(root) NOPASSWD: /bin/chmod [0-7][0-7][0-7] /var/www/*, /usr/bin/chmod [0-7][0-7][0-7] /var/www/*
www-data ALL=(root) NOPASSWD: /bin/chown www-data\:www-data /var/www/*, /usr/bin/chown www-data\:www-data /var/www/*

Summary

So there you have it, you can now restart your NGINX server from a PHP script. I put the command in an iframe so it wouldn’t mess with the page I was on because when the restart command works, you’ll get a connection reset notice or something similar from your browser…

 

 

Troubleshoot Email Issues

I generally dread working with email no matter what system it is on! Here I am going to discuss some useful tips for debugging an email system on a Linux server. I am using an Amazon Linux AMI with Centos, but the process is similar for any Linux server you might have. Below I will discuss how to check error files and how to avoid sending email to spam or junk folders.

Having Trouble Sending Email?

If you’re emails are not getting through and you don’t know why, check your server’s log files. Below I’ll show you how to find mist email related error logs. They can normally be found in /var/spool/mail/username which on an Amazon Linux distro would be either:

/var/spool/mail/root

or:

/var/spool/mail/ec2-user

It is important to know that in the above context, username, root and ec2-user are files, NOT directories. To open one of those files, navigate to /var/spool/mail like:

cd /var/spool/mail

To open root file with your Linux command line text editor, type:

sudo vi root

…and check the last errors to see the most recent.

TIP: use [shift]+g to skip to the last line of the file using VI editor.

How to Avoid Sending eMail to Spam or Junk Mail folders

I ran several tests to find the best way to send emails from the command line without ending up in the recipient’s spam or junk mail folder. Since I was using an Amazon EC2 instance with SES, I will explain the server setup used and then show the results of the tests. Some went to spam immediately and others went straight to the recipient’s In Box as it should.

Amazon EC2, SES and sendmail environment

Here are the circumstances that my test cases were executed under:

The following command line commands sent emails to my In Box:

  • /usr/sbin/sendmail linian11@yahoo.com
  • sudo mail linian11@yahoo.com
  • mail linian11@yahoo.com

The following command line commands sent emails to my Spam:

  • /usr/sbin/sendmail -f SESverified@email.com linian11@yahoo.com
  • sudo /usr/sbin/sendmail -f SESverified@email.com linisn11@yahoo.com
  • sudo /usr/sbin/sendmail linian11@yahoo.com

In the above examples, I didn’t use parameters for subject, CC or BCC because they don’t seem to make any difference. Only  using sendmail, sudo and the -f parameter made a difference to determine if the emails were delivered to my in box or spam folder.

As you can see from the above spam tests, the best way to avoid spam is to:

  • Avoid using the -f parameter even with an SES verified email address.
  • While /usr/sbin/sendmail method did work when avoiding both the -f param and the sudo command, the mail method worked with or without sudo.
  • Either use /usr/sbin/sendmail without -f parameter and without using sudo, or use mail for the best chances of your email getting through to your recipients in boxes.

 

Install Command Line Whois on Linux Server

If the Whois command, as demonstrated  below, doesn’t work from the command line, then you likely have to install the Whois library.

Install Whois from Command Line

  1. Open a command prompt and log in to your Linux server. I use Putty to do this.
  2. change to the super user. I used sudo su or su sudo but some servers may have slightly different commands for this. Google it if you are not sure and those commands don’t do the trick, or you could simply proceed all future commands with sudo if all else fails.
  3. From the command Prompt, type: yum install whois

Possible issues installing Linux Command Line Whois

WHen I installed I got an error message that said that the following:

Existing lock /var/run/yum.pid: another copy is running as pid 27256.
Another app is currently holding the yum lock; waiting for it to exit…
  The other application is: yum-updatesd-he
    Memory :  29 M RSS (328 MB VSZ)
    Started: Mon May 19 19:18:12 2014 – 13:54 ago
    State  : Running, pid: 27256

So I had to learn how to kill that process and try again. Simply type:

kill ####

where #### is replaced by the pid number noted in the error. In my case it was 2756 as you can see in the red error text above.

You may have to also try these commands from command prompt if it’s not working yet:

1) service yum-updatesd stop
2) chkconfig yum-updatesd off

Using Linux Command Line Whois

Once installed, Linux Whois commands are fairly easy to use. For example, if you wanted the whois data for the Jafty.com domain from the whois server, whois.serverplan.com, then use the following commands:

 whois -h whois.serverplan.com jafty.com
or

whois  jafty.com

Note the -h parameter in the first example above. Only use that if you have a specific need to specify the host of the whois server you want to query, otherwise, use the simpler second example of “whois domain.com” and you’ll be good.

Here are options you can use with the Whois command as well:

Options

-h HOST Connect to WHOIS database host HOST.
-H Suppress the display of legal disclaimers.
-p PORT When connecting, connect to network port PORT.
–verbose Operate verbosely.
–help Display a help message, and exit.

 

Whois Alternative, jWhois

You can also use the very similar jWhois library if whois doesn’t do the trick for you. Simply use the following command to install it instead and use it similarly:

yum -y install jwhois

This worked for me(jwhois) wen the above whois instructions Did Not.

Coding a PHP Whois App that uses the Whois Command

The following PHP code will work with either whois or jWhois out of the box:

<?php
//whois servers that got what we need:
//whois2.softlayer.com
//whois.webnames.ca
//whois.tppinternet.com
//whois.totalregistrations.com
//whois.softlayer.com
//whois.serverplan.com
//trying:
//whois.godaddy.com have a try with below email!!! use with current whis first then this
function whoEmail($curdomn){
$whoserver = ‘whois.softlayer.com’;//’whois.serverplan.com’;//’whois.webnames.ca’;
$comand = “whois -h $whoserver $curdomn”;
$output = shell_exec($comand);
echo “Output: $output<hr>”;
$outarra = explode(‘Registrant Email:’,$output);//key 1 is email plus xtra
$output2 = $outarra[1];
$outarra2 = explode(‘Registry’,$output2);//key 0 is email so trim it
$emailout = trim($outarra2[0]);
//echo “Email: $emailout<hr>”;
//echo “$curdomn produced:<pre>$output</pre><hr>”;
return $emailout;
}//end whoEmail function.

//test function:
$e = whoEmail(‘dirm.com’);
echo “Email: $e<br>”;

?>

Notice at the top of my PHP script there are commented out whois server URLs. Feel free to experiment because I found that all of the ones listed there work with different domains. You can add more as well and increase the apps functionality by adding more code of course.

Summary

While I did find information online regarding the whois library and how to installl and use it, I found that it did not work and had to use the second option on this page, the jWhois library, which worked fine. I also went on to show you how you can write a nifty PHP script to work with the whois command, whether you used whois or jwhois, it will work the same.

 

How to Make a Custom 404 Error File

I guess different servers do 404 error files different ways. I am working on an Apache server, so that is what we will be covering here.

Create a custom HTML error File

This part is simple, use regular old HTML along with some CSS style to create a normal web page with whatever content you’d like users to see when encountering a 404, file not found error on your web site. For the purpose of this tutorial, you could simply copy and paste the following line into a file and name it custom404.html:

ERROR: No file found! Please try again.

Of course, feel free to use all HTML markup and CSS you like, but for demonstration purposes, the above line of text will work just fine as well.

Edit the .htaccess File

You can find a file named .htaccess in your root directory and if not, just create a new file and name it .htaccess. Note that .htaccess is a file extension and should have a dot in front of it. It’s like a file without a name basically using the .htaccess extension. Weird, I know, but that’s how it’s done. Also be careful if you use notepad because it will try to append .txt to the file name and it won’t work like that, so if you have that issue, try entering “.htaccess” with the quotes when saving the file and it should understand. So whether you found the .htaccess file or had to create a fresh one, simply append this to the end of your file and save as I just described:

ErrorDocument 404 /custom404.html

Then upload your custom404.html file to the servers web root directory and you are done! If it doesn’t work, try restarting the server before moving on to the next method.

 

Installing PEAR on Amazon EC2 or Ubuntu Linux Server

I will show you a fast way to check if Pear exists on your Linux server and if not, we will install it.

Does PEAR Exist?

Open a command prompt to see if PEAR exists. You can do so by simply typing:
which pear
at the command prompt. If you get a response that looks similar to:
/usr/bin/pear
then you have PEAR installed, but if you get something similar to:
/usr/bin/which: no pear in….
then you do not have PEAR installed so read on!

Installing PEAR

On Ubuntu, you can use the following command from the command line:

apt-get install php-pear

If u don’t have Ubuntu and are on a Linux server, use these two commands instead:

wget http://pear.php.net/go-pear.phar
php go-pear.phar

Enable Browsing Files from a Browser for a Directory

This is all you have to do in order to be able to view files in a directory from any browser. If you try to go to a folder on your server with a browser and get a Forbidden, 404 or 403 error then this is the solution you need. If you go to the folder in a browser and see a webpage instead of files, then you just need to rename the index.html or index.php file to some other name besides “index” because most servers are set up to show index.php or index.html by default if no page is named in the address bar. However if you have already made sure there is no index file in your folder and you still can’t view files because it says Forbidden or some similar error, then do this:

Make sure there is no .htaccess file in the folder to start with. If there is, add the line below to that file instead of uploading a new file.

Otherwise, open up your favorite notebook app that you would use for coding and start a new file. Copy and Paste the following into an empty file:

Options +Indexes

Save the file as .htaccess being sure that it saved with the period before the name. Then upload the new .htaccess file to the directory

Buy Scripts, Applications and Web Tools at Jafty.com/products

Yes, I finally am starting to sell some of my products that I have been developing for over 12 years now. I am only putting together the best tools I have made and remaking certain ones I find the most useful for sale on my website, Jafty.com/products

Types of Products for sale on Jafty.com/products

  • Email Marketing tools
  • Domain name tools
  • DNS tools
  • Server administration tools
  • webmaster tools
  • PHP tools
  • Customized tools for business
  • Have me build one custom for you if you don’t see what you need

CLICK HERE TO VISIT Jafty.com/products/ and see what’s listed for sale now. However, I do not have them all listed yet, so drop me an email or give me a phone call at 330-903-6074 or 330-417-3617 to find out how I can help you.

jafty0

Want to learn more about SEO? Check out these relative books from Amazon:

Install WordPress from the Command Prompt

Today I was thinking to myself, “Why do I have to upload all these files via FTP each time I install WordPress?”. I think this because I install WordPress probably close to a hundred times a year being a web developer who specializes in WordPress. Therefore, I decided to provide this tutorial on how to install WordPress from the Linux command line for those of you with Linux servers. Windows servers will have a very similar method, so this mostly applies there as well. I did this on an Amazon Linux AMI in an EC2 instance, but the instructions are almost the same for any Linux web server. Let’s get started!

Installing WordPress from the command line is a lot faster than downloading it, unzipping it and then uploading it using an FTP client such as FileZilla. Here is how to install WordPress on an Amazon Linux web server using an EC2 instance as I am in this example. You can make minor adjustments to the process for other servers. Here are the steps:

  1. Open up a command prompt – I use Putty for this. In putty, you enter the IP address or domain name of the server first. If you are using Amazon EC2, you will also have to point it to the public key file by clicking on SSH/Auth/browse and then selecting the location of your .ppk key file. After entering the IP or domain and providing a key file location if needed, click on “open” to open a command prompt and enter a username and password if required to get to a command prompt.
  2. Once you have your command prompt,  go to your web root directory which should be something like var/www/html and you can then type:    wget http://wordpress.org/latest.tar.gz from the command prompt to download WordPress from thier main repository.
  3. To untar, type:   tar xvzf latest.tar.gz -C /var/www/html   where /var/www/html should be replaced with your web root or where you want WordPress to reside in your file system. Or if you are in the correct directory where you want it you can simply use: tar xfz latest.tar.gz 
  4. WordPress will now be in /var/www/html/wordpress. If you don’t want to access http://yourdomain.com/wordpress and want WordPress at http://yourdomain.com instead, move it there by typing the following at the command line:
    mv /var/www/html/wordpress/* /var/www/html

Now you will have WordPress where you want it. You may have to play with permissions on some servers to get it to work right but this tutorial should have gotten you far enough to finish the job now. Good luck.

Installing Godaddy SSL Certificate on Amazon EC2

I have installed Godaddy SSL HTTPS certificates on many Amazon EC2 instances and I always end up having to look stuff up every time I do it, so I am creating this tutorial for future reference and to help others who have issues installing SSL certificates. The definitely are not the easiest things to install in the world by far! Godaddy certificates are a lot easier to install than Semantic or VeriSign certificates however. They are a lot cheaper too, but do not have the good reputation for security that VeriSign/Semantic has.

First Steps for Installing SSL Certificates:

  1. Log in to your Godaddy.com account and click in the drop down under your name in the top left green nav bar, click on “My Account”.
  2. Then click on the plus sign next to  “SSL Certificates” and select the certificate you most recently purchased and click on the orange “Set Up” button on the right. Then select your service in the drop-down that appears and click on the green “Set Up” button.
  3. Next, Click on the “Launch” Button to open your certificate control panel. Since you are installing the certificate on a third party server, Amazon, select the third party server option in the “Hosting Options” dialog and enter your CSR by following the instructions for CSR in the next section.

 

Generating a Certificate Signing Request (CSR) – Apache 2.x

  1. Log in to a secure shell. I uses Putty for this.
  2. Enter the following at the command prompt:openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr                                  Replace yourdomain with the domain name you’re securing. For example, if your domain name is coolexample.com, you would type coolexample.key and coolexample.csr.
  3. Provide the information asked for when doing the above command. You do not have to enter a password if you want to make the process simple and you don’t have to enter any of the data that is specified as optional.
  4. After answering the questions, type “ls” at the command prompt to list the content of your directory and you should see the two files you just generated with the CSR signing request. Open the .csr file by typing “sudo vi yourdomain.csr” and highlight the entire file and copy it to your clipboard with cntrl+c.
  5. Paste the text into your Godaddy account  below where it says “Enter your Certificate Signing Request (CSR) below:“.
  6. Check the box to agree to terms of service and click the continue button leaving the other options set to default. Your certificate should be emailed to you.
  7. Next login back into your Godaddy account and click on “request certificat” next to the certificate you just did the CSR for.
  8. You do not have to wait for the email though, to get your certificate, go back to your account main page by clicking on “My Account” from the main nav on Godaddy.com. Scroll down to “SSL Certificates” again and click “Launch by your new certificate. If it is not ready yet, wait for your email and try again.
  9. wait on email….

Server  Configuration for SSL Certificates

The next thing you will have to do, after you have received your certificate files from Godaddy, is to configure your web server to deal with SSL and HTTPS. To do so, first check that you have open ssl and mod_ssl installed by creating an info.php file with the following contents:

<?php

phpinfo();

?>

Upload info.php to your server’s web root directory which will be /var/www/html on an Amazon Linux AMI. Then go to your info.php file in a web browser by navigating to yourDomain.com/info.php. You can verify that you have Open SSL by using the find feature of your browser and searching for “openssl” and check to make sure that it says enabled after the second instance of openssl you find on that page.

You can verify the existence of mod_ssl by searching info.php for “mod_ssl” if it is there, it is activated most likely. Just make certain it is listed under the loaded modules in your php info file.

Installing mod_ssl

If in the previous step, you could not find mod_ssl, it probably isn’t installed. To install mod_ssl, open up a shell command prompt and type the following command at the command prompt:

sudo yum install mod_ssl

Type “y” for yes to give permission to install the module.

Now you can see mod_ssl in loaded by confirming it’s presence in your info.php file from before.

Configure httpd.conf and ssl.conf

Before you start the following steps, go to your command prompt for your web server and make backup copies of your httpd.conf and ssl.conf files using the following commands:

cd /etc/httpd/conf

sudo cp httpd.conf httpd.conf.bkup

cd /etc/httpd/conf.d

sudo cp ssl.conf ssl.conf.bkup

  1. Next, download your files from Godaddy as described above. Unzip them onto your desktop and upload them to your ec2-user folder on the web server. Your key files should already be there from when you generated a CSR earlier
  2. If you’re using an amazon Linux basic AMI, you will have a separate ssl.conf file at etc/httpd/conf.d/ssl.conf and your httpd.con file will be in the etc/httpd/conf/ folder. Open up /etc/httpd/conf.d/ssl.conf in vi using the command: sudo vi /etc/httpd/conf.d/ssl.conf
  3. Find the following lines and edit them according to the file names you just uploaded and your key file name:     SSLCertificateFile /home/ec2-user/site.com.crt
    SSLCertificateKeyFile /home/ec2-user/site.key SSLCACertificateFile /home/ec2-user/gd_bundle.crt
  4. Replace “site” with the actual file name above, then save the ssl.conf file in vi editor by typing :wq and if you didn’t know how to edit in vi editor, u have to type “i” to insert or delete text then hit the esc key to get out of insert mode.
  5. Restart Apache by typing “sudo service httpd restart” at the command prompt and pressing return. If no errors occurred, you did everything correctly and your ssl certificate will work now. If Apache didn’t restart, you have a problem in your config file most likely so check your error logs or read the output error and fix the problem and restart until it works. If all fails revert back to the original backed up config files and restart the process until it works.

Updates when I did this again in December of 2016

When I installed an SSL certifiate in December of 2016, the process was close to the one described above, so I’ll leave it there for reference and note any differences here. One obvious difference is that the Godaddy site has changed, but not so much as to make the above instructions not work. You will just have to be aware that some of the buttons and links are a little different than I have described above. Also, I noticed that almost none of the Godaddy links to support and information worked, so it was difficult and nearly impossible to find any help from Godaddy’s website. That is why I decided to update my guide here.

Info Needed for a CSR

Here is a list of the basic information you will be asked for when doing a Certificate Signing Request or CSR:

1- Country Name(2 letter code):
2- State or Province Name(full name):
3- Locality Name(eg, city):
4- Organization Name(eg, company):
5- Organiztion Unit Name(eg, section):
6- Common Name(eg, your name or your server’s hostname):
7- Email Address:
8- Company name:

In December, 2016, I was able to use the command described above to get the CSR files from the Amazon server. So I got the CSR and received the email from Godaddy several minutes later. Here is the relavent portion of the email they sent me after I filled out the Godaddy CSR form on their site:

—————————-Begin email from Godaddy:————————–

Dear Secure Certificate Customer,

Congratulations on becoming an SSL certificate owner for the domain: MySite.com! We’re delighted to have you on board.

What’s Next?

Step 1

  • Download your certificate, by logging in to your account at https://certs.godaddy.com/home.pki?AccountUid=REMOVED FOR SECURITY REASONS.

Step 2

  • Click here to follow our easy instructions to install your certificate.

Step 3

  • We’ve partnered with McAfee SECURE to deliver more value with your SSL Certificate. By installing the McAfee SECURE trustmark on your website, your site will be monitored by McAfee 24/7. McAfee SECURE trustmark will display on every page of your site and right in the search results of Google, Yahoo!, Bing and Ask.To add the seal to your site, log in to your SSL account at (Link Removed), select your certificate, then choose your seal from the “Seal” options.

 

If you have any trouble or questions, contact us and let us know. We are available to help around-the-clock, seven days a week.

Customer Support:
E-Mail: ra@godaddy.com
Phone: 480.463.8887
Fax: 480.393.5009

For further information, log in to your account at https://certs.godaddy.com.

—————————-End email from Godaddy————————–

Naturally, I attempted to follow the instructions emailed me in the above email message. I completed step one by clicking on the link they provided(or you can navigate to the SSL cert yourself from your Godaddy account). You simply click the link in step one from the email, click on the domain name that represents the current SSL certificate you wish to install, and click on the “Download” icon in the resulting web page.  That will open a page that asks you the server type you wish to install the SSL certificate on. The options are:

  • Apache
  • Echange
  • IIS
  • Mac OSX
  • Tomcat
  • Other

How to Find Your Server Type

In order to to figure out what type of web server you’re running, from Linux you can issue the following command from a shell prompt(command prompt):

curl -I www.jafty.com

Type the curl command replacing jafty.com with a domain name that points to your server and press enter. When entering the above command you should see results similar to this:

servertype

Notice the text that I circled in red. It says I’m on a cloudflare-nginx server. So for server type, I would choose “other”. Then I clicked the download button.

So far, so good, but when I went on to step two after successfully downloading the SSL certificate files, the link that Godaddy provided in step two for instructions fails to open a web page, so you are on your own for instructions. Again, that is why I have provided the information here. I hope it helps people.

Installing SSL Certificate on Bitnami ec2 with WordPress

If your webroot directory is /opt/bitnami/apps/wordpress/htdocs then you are surely usig a Bitnami ec2 with WordPress stack. In that case, here are the modified instructions for installing your SSL certificate:

Open your bitnami.conf file at /opt/bitnami/apache2/conf/bitnami/bitnami.conf by navigating to the directory and executing this command:

sudo vi bitnami.conf

scroll down to the virtual host settings for port 80 and port 443 and change this: DocumentRoot /opt/bitnami/apache2/htdocs

to this:

DocumentRoot /opt/bitnami/apps/wordpress/htdocs

in each virtual host(ports 80 and 443).

Find the lines in the virtual host declaration for port 443 that look similar to:

SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/uniquecertname.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/uniquegenerated.key"

Delete the above lines and replace them with the following lines:

SSLEngine on
SSLCertificateFile “/opt/bitnami/apache2/conf/YourOWN.crt”
SSLCertificateKeyFile “/opt/bitnami/apache2/conf/YourOWN.key”
SSLCertificateChainFile “/opt/bitnami/apache2/conf/gd_bundle-g2-g1.crt”

Make sure you change the above files names with your own however and make sure you’ve placed the files named in the proper locations. THe first one, YourOwn.crt, will be replaced with the file you downloaded from Godaddy when you purchased your SSL certificate. The second file will have  been created when you created your certificate signing request from the command line before you obtained your files from Godaddy and can normally be found in /home/bitnami. The last line is for your bundle certificate which should also have been in the files you downloaded from Godaddy. Place all three files in the /opt/bitnami/apache2/conf/ directory by opening each(before they exist) in vi editor then copy and pasting their content and saving them. I use that method because filezilla FTP clients will not allow you to modify files in this directory.

 

Summary

That’s all there is to it. It’s difficult if you don’t have precise instructions to follow for your particular web server, so if you have an Apache server on an amazon ec2 instance, following these instructions in this tutorial should have you up and running with HTTPS in no time at all. If you are using a different type of server or hosting provider, the instructions will be similar but will differ in some spots, so be careful as this tutorial was written for Amazon, Linux users in mind.

 

 

 

 

 

How to Remove an Entire Directory in Linux

To remove a directory in Linux, you use the rm command line command from a shell prompt with the -r argument to let Linux know to do a recursive delete where it delete all files including sub-directories and files in sub folders. Here is what you would enter into the command prompt to delete a directory named MyDirectory:

rm -r MyDirectory

You can also use the -f argument with the -r argument if Linux bothers you with a bunch of queries as to whether you want to delete certain files, but I found that it was not always necessary. When you find yourself having to type “yes” a thousand times however, use this command instead to stop it from asking you to confirm deletion:

rm -rf mydirectory

 Don’t Delete via FTP!

I found that when you need to clean up a server or delete hundreds, thousands or more files, using an FTP program like Filezilla becomes very inefficient. I found that logging into shell with Putty and using the above command, rm -rf mydirctory, works much faster and has way less problems. Definitely worth the extra time to log into a shell account!

Connecting to Amazon Cloud Server using Filezilla

Go to Filezilla and click edit/settings and select “sftp” in the left column of the pop up window. Then in the right side of the window, click on the “Add key file…” button to add your new key file to Filezille so you can connect to your Amazon EC2 web server. Click “Ok” to close the Filezilla settings popup.

Now go to the Filezilla Site Manager by clicking on the icon under “File” in the top tool bar. enter the IP address of your server where it asks for a host. Select SFTP for protocol. Select Normal as the logon type. Enter ec2-user as the user name and leave the password blank. Finally click connect to open your server and place a check beside the box to always trust…. so you don’t have to do it each time.

Convert .pem to .ppk File

If you have an Amazon EC2 server like me, you have probably had to convert a .pem file to a .ppk. No matter why you might need to convert a .pem to a .ppk, here is how it’s done.

  1. Start PuTTYgen
  2. Click “Load” and select the .pem file then click “Ok” when it says it generate the key.
  3. Click “Save private key” then click “yes” to allow it to download without a pass-phrase as you don’t need one with Amazon.
  4. That’s it! Pretty easy huh! now X out the window and go get your key file from where you downloaded it to. You are done. Follow the link at the bottom of this tutorial for a new tutorial on how to connect to your EC2 web server using the FileZilla FTP client.

 

Low level steps:

  1. If you don’t have PuTTYgen, download Putty and start the Start PuTTYgen app that comes with it. Google “download putty” to get the latest release.
  2. Just click Load and upload your .pem file.
  3. Do not mess with any of the defaults on the next screen unless you know what you are doing. Simply click “Download Private Key…”
  4. Save it to a safe place then follow the link below to learn how to use your new .ppk file with Filezilla to connect to your instance.

Connect to Amazon EC2 Server with FileZilla:

http://jafty.com/blog/?p=444