Adding trusted root certificates to the server

Linux (Ubuntu, Debian) Function Method Add Copy your CA to dir /usr/local/share/ca-certificates/ Use command: sudo cp foo.crt /usr/local/share/ca-certificates/foo.crt Update the CA store: sudo update-ca-certificates Remove Remove your CA. Update the CA store: sudo update-ca-certificates –fresh   Linux (CentOs 6) Function Method Add Install the ca-certificates package: yum install ca-certificates Enable the dynamic CA configuration feature: update-ca-trust force-enable Add it as a new file to /etc/pki/ca-trust/source/anchors/: cp foo.crt /etc/pki/ca-trust/source/anchors/ Use command: update-ca-trust extract   Linux (Centos 5) Add Append your trusted certificate to file /etc/pki/tls/certs/ca-bundle.crt cat foo.crt...
read more

change root password for mysql 5.7 fresh installed

In order to find out actual password you need to grep log file grep password /var/log/mysqld.log This will provide you with root password . After login on your mysql server with mysql -u root -p Then you must change root password with ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘newpassword’;  
read more

apache 2.2 run php as username with fcgid

One of my problem is to secure a little websites at least to run as their user and not as apache . In this way if one wordpress is hacked not all website to be modify by that script . On internet you will find something like this <IfModule mod_fcgid.c> MaxRequestLen 15728640 FcgidConnectTimeout 20 SuexecUserGroup username groupname <Directory /var/www/vhosts/site.com> Options +ExecCGI AllowOverride All AddHandler fcgid-script .php FCGIWrapper /var/www/wraper/site.com/php-fcgi-starter .php Order allow,deny Allow from all </Directory> </IfModule> All is fine in some situation works . However I notice that if you have the php 5.6 installed this won’t work . I try all loglevel debug and other stuff but it simply didn’t start that wraper with that user in process list. After some more dig I found out that /etc/httpd/conf.d/php.conf is different then on other php version and in this 5.6 that file have a SetHandler . So the solution is to overwrite again that SetHandler So in your vhost before add this IfModule you need to add also <FilesMatch \.php$> SetHandler None </FilesMatch>...
read more

How to fix upstream timed out (110: Connection timed out) error in Nginx

In order to fix that you need to add proxy_read_timeout 300;  
read more

How to install git composer globally

Hello The easy way to install composer globally is to run bellow commands curl -sS https://getcomposer.org/installer | php sudo mv composer.phar /usr/local/bin/composer
read more

« Previous Entries Next Entries »