Dec 022013
 

 

PhoneBuff made a great video demonstrating 50 Google Now voice command examples, going far beyond just asking for weather, directions, and stock prices.

He sends texts, emails, posts to twitter, does advanced searches (how many calories in a banana? what is 18 percent tip on 37 dollars?) and chains related queries together, all with beautiful results or exactly the functionality needed.

Great stuff!

 Posted by at 9:35 pm
Jul 062013
 

These steps were documented when doing the basic initial setup on my new (mt) Media Temple DV Developer Server after provisioning it with Ubuntu 12.04 LTS. These steps probably also work fine for 12.10, 13.04, etc.   Comments, corrections, additions are welcome below.

Add new user account & disable root ssh access

The (mt) Ubuntu install by default enables SSH access for root, which requires you to create a new user account with ssh and sudo privileges before disabling root ssh access. If you are using a non-(mt) Ubuntu image, you might already have a user account created and can skip this section.

1. Connect as root via SSH to your server. More details here

2. Run command: sudo adduser new-user-name

For example: sudo adduser tony will create a user and group named tony. Make sure to enter a secure password when prompted.

3. Run command: sudo adduser new-user-name sudo

This adds your new account to the sudo group, whose members can execute commands as root via sudo.

4. Logout of your root session and ssh back into your server with your new account information.

5. Test running a command or two as root such as: cat /etc/sudoers (should be permission denied) vs sudo cat /etc/sudoers (should display after re-entering your password.)

6. Run the command: sudo nano /etc/ssh/sshd_config

Change the line #PermitRootLogin yes  to instead say PermitRootLogin no   (note remove leading hashtag along with changing yes to no.)  Control-O, Control-X to save and exit. This disables root ssh access.

Additional reference:
Media Temple’s KB article
Ubuntu’s article

 

Install Apache, PHP and MySQL

These three packages provide the basic services needed to host almost any website software: WordPress, Joomla, Mediawiki, phpBB, Magenta, etc.

Begin by installing Tasksel, which will allow you to install the rest of the packages in one easy step:

sudo apt-get update

sudo apt-get install tasksel

Next run the tasksel script that will download, install, and configure the rest of your LAMP software:

sudo tasksel install lamp-server

- Enter a password for the MySQL administrator / root account

After the packages are downloaded and installed, test each package.

Test Apache2: Browse to your domain name/IP address. If you see an “It works!” page, then Apache2 is installed correctly.

Test PHP: Create a file with sudo nano /var/www/test.php with the single line: <?php phpinfo(); ?> and then browse to http://yourdomain.com/test.php to verify PHP5 operation.

Test MySQL: If all steps have completed flawlessly to this point, let’s save time and test MySQL by installing phpmyadmin. Suggestions welcome in the comments for a quick and easy test for MySQL setup.

Additional reference:
Ubuntu community article on installing LAMP
Ubuntu community article on Taskel
Ubuntu server guide on setting up Apache2

 

Install phpmyadmin

1. Enter sudo apt-get install phpmyadmin to begin installation.

2. Leave apache2 selected as default, press <ENTER> to continue.

3. Select <Yes> to create a database for phpmyadmin with dbconfig-common.

4. Provide the administrative / root account password chosen in the last section to create the new database and user.

5. Provide a new password for the phpmyadmin mysql account.

Installation of phpmyadmin will complete, but some additional configuration is required.

6. Configure phpmyadmin to use a unique URL: sudo nano /etc/phpmyadmin/apache.conf

- Change Alias /phpmyadmin /usr/share/phpmyadmin to Alias /your-unique-URL /usr/share/phpmyadmin

7. Add phpmyadmin to your apache2 configuration: sudo nano /etc/apache2/apache2.conf

- At the bottom of the file, append   Include /etc/phpmyadmin/apache.conf

8. Load new Apache2 configuration by restarting the service: sudo service apache2 restart

9. Browse to phpyadmin at http://yourdomain.com/your-unique-URL

You should be able to login as “root” with the mysql root / administrator password selected when installing LAMP.

Additional reference:
Excellent article on DigitalOcean.com – includes recommended added security of password protecting with .htpasswd
Stackoverflow comment on securing phpmyadmin

 

Install webmin

Webmin is an easy to use, web-based GUI for most basic system administration tools.

1. Add the webmin apt sources by editing: sudo nano /etc/apt/sources.list

- Append the lines:

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

2. Install the author’s GPG key:

wget http://www.webmin.com/jcameron-key.asc
sudo mv jcameron-key.asc /root
sudo apt-key add jcameron-key.asc

3. Install webmin:

sudo apt-get update
sudo apt-get install webmin

4. Browse to your webmin at https://yourdomain.com:10000 to ensure operation. It will default to https, so OK accept your ‘unsigned’ certificate.

- Login with your sudo-enabled account

5. Change the default webmin port by browsing to Webmin -> Webmin Configuration -> Ports and Addresses

- Select a new port from 1024 to 65535

- Upon saving, you will be redirected to the new port number and will have to re-accept the security certificate.

Additional reference:
Great article on installing Webmin on Ubuntu 12.04 Nick Yeoman
Webmin Official Installation Instructions

Recommend adding additional .htpassword protection and .htaccess rule ot allow only specific IPs.

 

May 232013
 

Android Airplane modePutting your phone into Airplane Mode may clear your stuck emails from the Outbox of the stock Android email client.

Hold down the power button and select Airplane mode, then recheck your Outbox to see if the emails have cleared.

Hold down the power button again to disable Airplane mode.

 

 Posted by at 11:50 pm
May 182013
 

This is a simple email alert for when your server process load reaches a defined threshold.

I wish I had retained the (StackExchange?) link I had found to give me the code below. Thank you to the original author. If you have a link to the source post for this code, please give credit in the comments below.

Save the code below as cpucheck.sh and execute via crontab every 15 minutes. It will email you at [email protected] a list of the top 10 cpu consuming running processes when the load average reaches 6.0 or higher.

#!/bin/bash
SUBJECT="`hostname` server load is high"
TO=[email protected]
uptime > /tmp/load
if [ `uptime | awk '{ print$10 }' | cut -d. -f1` -gt 6 ];
then
echo "============================================" >> /tmp/load
`ps -eo pcpu,pid,user,args | sort -k 1 -r | head -10 >> /tmp/load `
mail -s "$SUBJECT" $TO < /tmp/load
exit
fi

Adjust -gt 6 to be any minimum load number you prefer to receive the alert.

Remove “| head -10″ if you would prefer to see the entire list of running processes.

Helpful resources:

Apr 032012
 

Passive mode ftp requires some or all “unprivileged” (1024-65534) ports to be open on the webserver. The default Plesk firewall configuration blocks all ports except for those single ports required for system services (HTTP, POP, etc.)

To enable passive mode ftp on a Plesk server:

SSH into your server and as root, edit /etc/proftpd.conf.

Add the line in the <global> section:

PassivePorts 60000 65534

* I prefer to limit the number of available ports for greater security.

 

Enable passive FTP in Plesk with this firewall rule

Enable passive FTP in Plesk with this firewall rule

Login to your Plesk Panel.

Go to Modules -> Firewall to access your firewall configuration.
Select Edit Firewall Configuration.

Add a new Rule:

 Name of the rule: FTPD Passive Ports
 Match direction: Incoming (only)
 Action: Allow
 Ports:
 Add port or port range: 60000-65534
 Select TCP
 Click Add

Click OK and then click Activate (twice)

More information about Passive vs. Active FTP