Wednesday, December 24, 2014

How to Install Phpmyadmin in Ubuntu 14.04

How to Install Phpmyadmin in ubuntu 14.04

Phpmyadmin is a free tool used to administrative MySQL database in a GUI mode (Using web browser). You can perform almost all the major tasks like creating , deleting  and modifying databases, tables, rows etc. you can also optimize and repair tables just with a single click .

Note : Before you get started with this, you need to install LAMP or MySql-Server on this server.

Step 1 - Update Ubuntu repositories and install phpmyadmin
     root@digidom:~# apt-get update
     root@digidom:~# apt-get install phpmyadmin

Step 2 - During installation you will be asked to select a Web server to run the phpmyadmin interface. Hit "SPACE", "TAB", and then "ENTER" to select Apache.

Step 3 - You will be asked to configure a database for phpMyAdmin.  Select Yes and press Enter.


Note : If you already configured mysql-server manually, just choose “No” and hit enter to complete the installation.


Step 4 - Provide a password for the Database Administrative user.


Step 5 - Provide a MySQL application password for phpmyadmin.


Success, phpMyAdmin installation has been completed now.

Step 6 - The installation process actually adds the phpMyAdmin Apache configuration file into the "/etc/apache2/conf-enabled/ "Directory, where it is automatically read.

Step 7 - Restart apache service.
     root@digidom:~# service apache2 restart

Step 8 - Launch a Web browser and login to phpMyAdmin with the username and password created during installation "http://Your-Server-IP-Address/phpmyadmin/".
You will be redirected to PhpMyAdmin main web interface.

Now, you can manage your MySQL databases from phpMyAdmin web interface.

Additional Note : phpMyAdmin should work well. In case phpMyAdmin is not working "page not found", please do the following steps and add to end of line.

     root@digidom:~# vi /etc/apache2/apache2.conf
     Include /etc/phpmyadmin/apache.conf
     root@digidom:~# service apache2 restart

That’s it......

Tuesday, December 23, 2014

How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 14.04


About LAMP
LAMP stack is a group of open source software used to get web servers up and running. The acronym stands for Linux, Apache, MySQL, and PHP. The user to have root privileges on your VPS.

Step 1 - Install Apache :
Apache is an open-source multi-platform web server. It provides a full range of web server features including CGI, SSL and Virtual domains.

     root@digidom:~# sudo apt-get update
     root@digidom:~# sudo apt-get install apache2

How to Find your Server’s IP address :

     root@digidom:~# ifconfig eth0 | grep inet | awk '{ print $2 }'

That’s it. To check if Apache is installed, go to your browser and enter your server’s IP address (Eg. http://Your-Server-IP Address).



Step 2 - Install MySQL :

MySQL is a powerful database management system used for organizing and retrieving data. MySQL is a relational database management system (RDBMS) that runs as a server providing multi-user access to a number of databases, though SQLite probably has more total embedded deployments.

    root@digidom:~# sudo apt-get install mysql-server libapache2-mod-auth-mysql php5-mysql

During the installation, MySQL will ask you to set a root password. If you miss this step while the program is installing, it is very easy to set the password later from within the MySQL shell.

Re-enter the password.


To check the mysql  Directory locations :

     root@digidom:~# whereis mysql 
          mysql:/usr/bin/mysql  /etc/mysql  /usr/lib/mysql  /usr/share/mysql     /usr/share/man/man1/mysql.1.gz


To create Database directory structure :

Once you have installed MySQL, we should activate it with this command "mysql_install_db"




To run security script that will remove default setting :

Afterwards, we want to run a simple security script that will remove some dangerous defaults and lock down access to our database system a little bit. Start the interactive script by running  "mysql_secure_installation".

 


Restart mysql service and Check the mysql status :
      



Step 3 - Install PHP :

PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely used open-source general purpose scripting language that is especially suited for web development and can be embedded into HTML.

     root@digidom:~# apt-get install php5 libapache2-mod-php5 php5-mcrypt

     root@digidom:~# php -v
     PHP 5.5.9-1ubuntu4.5 (cli) (built: Oct 29 2014 11:59:10)
     Copyright (c) 1997-2014 The PHP Group
     Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies with Zend      OPcache v7.0.3,       Copyright (c) 1999-2014, by Zend Technologies


Modify apache server file and Add index.php to begin :

If a user requests a directory from the server, Apache will first look for a file called index.html. We want to tell our web server to prefer PHP files, so we'll make Apache look for an index.php file first.

     root@digidom:~# vi /etc/apache2/mods-enabled/dir.conf
          <IfModule mod_dir.c>
                 DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
          </IfModule>

Check the PHP Modules :

PHP also has a variety of useful libraries and modules that you can add onto your virtual server. You can see the libraries that are available.

root@digidom:~# apt-cache search php5-
php5-cgi - server-side, HTML-embedded scripting language (CGI binary)
php5-cli - command-line interpreter for the php5 scripting language
php5-common - Common files for packages built from the php5 source
php5-curl - CURL module for php5
php5-dbg - Debug symbols for PHP5
php5-dev - Files for PHP5 module development
php5-gd - GD module for php5
php5-gmp - GMP module for php5
php5-json - JSON module for php5
php5-ldap - LDAP module for php5
php5-mysql - MySQL module for php5
php5-odbc - ODBC module for php5
php5-pgsql - PostgreSQL module for php5
php5-pspell - pspell module for php5
php5-readline - Readline module for php5
php5-recode - recode module for php5
php5-snmp - SNMP module for php5
php5-sqlite - SQLite module for php5
php5-tidy - tidy module for php5
php5-xmlrpc - XML-RPC module for php5
php5-xsl - XSL module for php5
ibphp5-embed - HTML-embedded scripting language (Embedded SAPI library)
php5-adodb - Extension optimising the ADOdb database abstraction library
php5-apcu - APC User Cache for PHP 5
php5-enchant - Enchant module for php5
php5-exactimage - fast image manipulation library (PHP bindings)
php5-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
php5-gdcm - Grassroots DICOM PHP5 bindings
php5-gearman - PHP wrapper to libgearman
php5-geoip - GeoIP module for php5
php5-gnupg - wrapper around the gpgme library
php5-imagick - ImageMagick module for php5
php5-imap - IMAP module for php5
php5-interbase - interbase/firebird module for php5
php5-intl - internationalisation module for php5
php5-lasso - Library for Liberty Alliance and SAML protocols - PHP 5 bindings
php5-librdf - PHP5 language bindings for the Redland RDF library
php5-mapscript - php5-cgi module for MapServer
php5-mcrypt - MCrypt module for php5
php5-memcache - memcache extension module for PHP5
php5-memcached - memcached extension module for PHP5, uses libmemcached
php5-midgard2 - midgard2 Content Repository - PHP5 language bindings and module
php5-ming - Ming module for php5
php5-mongo - MongoDB database driver
php5-msgpack - PHP extension for interfacing with MessagePack
php5-mysqlnd - MySQL module for php5 (Native Driver)
php5-mysqlnd-ms - MySQL replication and load balancing module for PHP
php5-oauth - OAuth 1.0 consumer and provider extension
php5-pinba - Pinba module for PHP 5
php5-ps - ps module for PHP 5
php5-radius - PECL radius module for PHP 5
php5-redis - PHP extension for interfacing with Redis
php5-remctl - PECL module for Kerberos-authenticated command execution
php5-rrd - PHP bindings to rrd tool system
php5-sasl - Cyrus SASL Extension
php5-stomp - Streaming Text Oriented Messaging Protocol (STOMP)client module for PHP 
php5-svn - PHP Bindings for the Subversion Revision control system
php5-sybase - Sybase / MS SQL Server module for php5
php5-tokyo-tyrant - PHP interface to Tokyo Cabinet's network interface, Tokyo Tyrant
php5-vtkgdcm - Grassroots DICOM VTK PHP bindings
php5-xcache - Fast, stable PHP opcode cacher
php5-xdebug - Xdebug Module for PHP 5
php5-xhprof - Hierarchical Profiler for PHP5


Once you decide to install the module, type :

     root@digidom:~#  sudo apt-get install "name of the module"



Step 4 - Check LAMP Server :

Although LAMP is installed, we can still take a look and see the components online by creating a quick php info page.

To test PHP, create a sample “phpinfo.php” file in Apache Document Root folder.


Then Save and Exit. 

Restart apache and mysql :

      root@digidom:/var/www/html# /etc/init.d/apache2 restart
      * Restarting web server apache2                         [ OK ]

      root@digidom:/var/lib/mysql# /etc/init.d/mysql  restart
      * Stopping MySQL database server mysqld           [ OK ]
      * Starting MySQL database server mysqld            [ OK ]
      * Checking for tables which need an upgrade, are corrupt or were not closed cleanly.

Navigate to http://server-ip-address/phpinfo.php. It will display all the details about apache, mysql and php such as version, build date and commands etc.







You can check php and mysql connectivity by using this script :


Testing MySQL connection with PHP script.Create the file /var/www/html/phpmysql.php then add the following line on below. Replace the password with your mysql root password.


To see script running successfully.



That's it............

Thursday, December 18, 2014

How to Install and Configure (SFTP) vsftpd to Use SSL/TLS on an Ubuntu 14.04 VPS


FTP or file transfer protocol, was a popular way to transfer files between local and remote computers in the past. SFTP is called as “Secure FTP”, which generally use SSH File Transfer Protocol. FTP instead of a more secure alternative like SFTP, which uses the SSH protocol to implement file transfers, you can secure it somewhat by configuring FTP to use SSL.


You must login "Root" privilege or use "Sudo" before typing the command.

Setup VsFTP Server 

Step 1 » Update ubuntu repositories.

     root@digidom:~# apt-get update

Step 2 » Install VsFTPD package. The vsftpd server is available in Ubuntu's default repositories.

     root@digidom:~# apt-get install vsftpd

Step 3 » After installation, check the location where vsftpd files are listed.

     root@digidom:~# whereis vsftpd

Step 4 » Backup the Original vsftpd.conf to vsftpd.con.back

     root@digidom:~# cp /etc/vsftpd.conf /etc/vsftpd.conf.back

Step 5 » Configure Basic vsftpd Functionality. The default configuration file is at etc/vsftpd.conf.

     root@digidom:~# vi /etc/vsftpd.conf

Disable the users to log in anonymously by finding the anonymous_enable parameter and changing it to read "NO":

     anonymous_enable=NO

Next, we need to enable user logins that use the local authentication files, since we disabled anonymous access.

     local_enable=YES

To enable users to make modifications to the filesystem, we will uncomment the write_enable parameter as well:

     write_enable=YES

Additionally, uncomment the chroot_local_user option to restrict users to their own home directories:

     chroot_local_user=YES

Save and close the file.

Step 6 » To see the enabled options in vsftpd.conf file, use this command

     root@digidom:~# egrep -v '^#|^$' /etc/vsftpd.conf
          listen=YES
          anonymous_enable=NO
          local_enable=YES
          write_enable=YES
          local_umask=022
          dirmessage_enable=YES
          use_localtime=YES
          xferlog_enable=YES
          connect_from_port_20=YES
          chroot_local_user=YES
          secure_chroot_dir=/var/run/vsftpd/empty
          pam_service_name=vsftpd
          rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
          rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key

Step 7 » Restart vsftpd service using the below command.

     root@digidom:~# service vsftpd restart


Create an FTP User

Because of the way vsftpd secures its chroot jails, the chroot must not be owned by the user and must not be writeable. Because of this, it is best to implement a user specifically for use with FTP. 

Note : SFTP doesn't support /usr/sbin/nologin shells.

Step 8 » Create a User account and specify Home Directory location, I point to "/var/www/html/" and set the password.

     root@digidom:~# useradd -m -d /var/www/html/ -s /bin/bash mailftp
     root@digidom:~# passwd mailftp

Note : Do not delete this account using "userdel -rf mailftp". It will remove html directory, because this user (mailftp) home directory is /var/www/html/.

Step 9 » Now give root ownership of the "mailftp" home directory (/var/www/html/):

     root@digidom:~# chown root:root /var/www/html/
     root@digidom:~# ll -d /var/www/html/
          drwxr-xr-x  5 root root 4096 Dec 16 22:55 html/

Step 10 » We need to create a separate directory within this home directory, where files can be uploaded. Then, we need to give this directory over to our FTP user:

     root@digidom:~# mkdir /var/www/html/mailbox
     root@digidom:~# chown mailftp:mailftp /var/www/html/mailbox

     root@digidom:~# ll -d /var/www/html/mailbox
          drwxr-xr-x 2 mailftp mailftp 4096 Dec 17 00:46 /var/www/html/mailbox/

Step 11 » Now, we should be able to log in (insecurely) as the "mailftp" and upload files to the file directory using Terminal or FTP Client (Filezilla). Here I Used Terminal.

     root@digidom:~# ftp localhost
          Connected to localhost.
          220 (vsFTPd 3.0.2)
          Name (localhost:root): mailftp
          331 Please specify the password.
          Password: "Enter The Password Here"
          230 Login successful.
          Remote system type is UNIX.
          Using binary mode to transfer files.
          ftp> ls
          200 PORT command successful. Consider using PASV.
          150 Here comes the directory listing.
          drwxr-xr-x    2 1001     1001         4096 Dec 17 00:46 mailbox
          226 Directory send OK.
          ftp> mkdir test  => Here You have No Permission. Bcoz /html/ is Root owner.
          550 Create directory operation failed.
          ftp> cd mailbox
          250 Directory successfully changed.
          ftp> mkdir test  
          257 "/mailbox/test" created
          ftp>
          ftp> bye
          221 Goodbye.

Configure SSL with vsftpd (SFTP).

Step 12 » We need to create some SSL certificates to use with vsftpd. Check whether openssl is installed or not.

     root@digidom:~# openssl version
          OpenSSL 1.0.1f 6 Jan 2014


     root@digidom:~# openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout     /etc/ssl/private/vsftpd.pem -out /etc/ssl/private/vsftpd.pem



Step 13 » See the vsftpd.pem certificate in the openssl directory.

     root@digidom:~# cd /etc/ssl/
     root@digidom:/etc/ssl# ll
          drwxr-xr-x  2 root root       20480 Dec 12 10:28 certs/
          -rw-r--r--  1 root root        10835 Apr  7  2014   openssl.cnf
          drwx--x--- 2 root ssl-cert   4096   Dec 17 01:12 private/

     root@digidom:/etc/ssl# ll private/
          -rw-r----- 1 root ssl-cert 1704 Dec 12 10:28 ssl-cert-snakeoil.key
          -rw-r--r-- 1 root root      2019 Dec 17 02:21 vsftpd.pem


Step 14 » Add the SSL Details to the vsftpd Configuration with root privilege.

     root@digidom:~# vi /etc/vsftpd.conf

Note : When we created the certificate, we included both the key file and the certificate in one file, so we can also point our private key line to that.

    rsa_cert_file=/etc/ssl/private/vsftpd.pem
    rsa_private_key_file=/etc/ssl/private/vsftpd.pem

We need to add the following lines to force SSL. This will restrict clients that can't deal with TLS, but that is what we want.

     ssl_enable=YES
     allow_anon_ssl=NO
     force_local_data_ssl=YES
     force_local_logins_ssl=YES

After this we configure the server to use TLS, which is actually a successor to SSL, and preferred:

     ssl_tlsv1=YES
     ssl_sslv2=NO
     ssl_sslv3=NO

Finally, we will require add some additional options to flesh out our configuration file:

     require_ssl_reuse=NO
     ssl_ciphers=HIGH

Save and close the file.

Step 14 » Now, we need to restart our server for our changes to take effect:

     root@digidom:/var/www/html# service vsftpd restart




How To Connect to the Server with FileZilla

Most modern FTP clients can be configured to use SSL and TLS encryption. Here I  used Filezilla.


Step 15 » Open the Filezilla ftp client and Go to File => Site Manager.


Step 16 » After that New window will be open Go to 
(1) NewSite => (2) Specify the Name => (3) Go to General Tab => (4,5,6,7,8) Add the following FTP details  => (9) OK => It will created in left panel.


Step 17 » After that you can open File => Site Manager => Select the New My Sites => Connect


Step 18 » When you connect first time, you will be asked to accept the TLS certificate: 

Just select "Always trust this host..."  =>  OK


Step 19 » By accepting the certificate, it will get connected and we can see the Document Root in the Right side panel. We can Upload and Download the Files.

I have uploaded index.php file for testing purpose.


Step 21 » Now check the uploaded file using web browser, to find out whether there is any permission issue.


Step 21 » You can also access through Terminal using SFTP command.

1st => Check the SSH connection is working fine, then you can access SFTP Using "ssh root@Server-IP-Address"


2nd => After successful ssh connection, you can use SFTP using this command 
 "SFTP mailftp@Server-IP-Address". After that it will ask for mailftp password.



You should now be connected with your server with TLS/SSL encryption.