Create a New User and Grant Permissions in MySQL

How To Create a New User and Grant Permissions in MySQL

================================

Before we create and grant the permissions to the new user, we need to open the ( MySql port 3306 from firewall ).
To check firewall is active or inactive at unbuntu by the following command

ufw status

if reply ufw inactive, we need to open the ufw (firewall) by the following command

ufw enable

And then you can check which port are allow in our web server by the following command

ufw status
and it will reply all status.
If mysql is not allow, we need to allow it by the following command

ufw allow 3306/tcp

if port 3306 is not okay to access from the remote / other local pc, we need to change the mysql default por to ‘3360’ or as you wish.

to change the MySql port to ‘3360’,
go to the /etc/mysql
and edit the my.cnf

go to ‘[mysqld]’ part
chnage the default “bind_address” to “server_ip_address
change the default “port” to “3360

And then, restart the mysql service by the follwoing command
sudo service mysql restart

After it all, we need to check one thing
which ports are opening at our Web Server by the following

nmap localhost/ipaddress

========================================

login to mysql with root password
mysql -uroot -p
and then,

1) Let’s start by making a new user within the MySQL shell:

CREATE USER ‘newuser’@’localhost’ IDENTIFIED BY ‘password’;

2) provide the user with access to the information they will need

GRANT ALL PRIVILEGES ON * . * TO ‘newuser’@’localhost’;

3) Let’s start by making a new user within the MySQL shell:

CREATE USER ‘newuser’@’ip_address’ IDENTIFIED BY ‘password’;

4) provide the user with access to the information they will need

GRANT ALL PRIVILEGES ON * . * TO ‘newuser’@’ip_address’;

5) Reload all privileges

FLUSH PRIVILEGES;

====================================

Cheers

Advertisements

Example syntax for Secure Copy (scp)

What is Secure Copy?

scp allows files to be copied to, from, or between different hosts. It uses ssh for data transfer and provides the same authentication and same level of security as ssh.

Examples

Copy the file “foobar.txt” from a remote host to the local host

$ scp your_username@remotehost.edu:foobar.txt /some/local/directory

Copy the file “foobar.txt” from the local host to a remote host

$ scp foobar.txt your_username@remotehost.edu:/some/remote/directory

Copy the directory “foo” from the local host to a remote host’s directory “bar”

$ scp -r foo your_username@remotehost.edu:/some/remote/directory/bar

Copy the file “foobar.txt” from remote host “rh1.edu” to remote host “rh2.edu”

$ scp your_username@rh1.edu:/some/remote/directory/foobar.txt \
your_username@rh2.edu:/some/remote/directory/

Copying the files “foo.txt” and “bar.txt” from the local host to your home directory on the remote host

$ scp foo.txt bar.txt your_username@remotehost.edu:~

Copy the file “foobar.txt” from the local host to a remote host using port 2264

$ scp -P 2264 foobar.txt your_username@remotehost.edu:/some/remote/directory

Copy multiple files from the remote host to your current directory on the local host

$ scp your_username@remotehost.edu:/some/remote/directory/\{a,b,c\} .
$ scp your_username@remotehost.edu:~/\{foo.txt,bar.txt\} .

scp Performance

By default scp uses the Triple-DES cipher to encrypt the data being sent. Using the Blowfish cipher has been shown to increase speed. This can be done by using option -c blowfish in the command line.

$ scp -c blowfish some_file your_username@remotehost.edu:~

It is often suggested that the -C option for compression should also be used to increase speed. The effect of compression, however, will only significantly increase speed if your connection is very slow. Otherwise it may just be adding extra burden to the CPU. An example of using blowfish and compression:

$ scp -c blowfish -C local_file your_username@remotehost.edu:~

Contributions

Thanks Stewart Macleod for port example.

Ref : http://www.hypexr.org/linux_scp_help.php

How to Use SSL Certificate in LEMP Digital Droplet

(1) We need to create two Certificate to give to SSL Certificate Vendor ( Z.com / GMO-ACE )
———————————-
examplesite.csr
examplesite.key
———————————-

=================================
How do I generate a CSR Code
=================================

———————————————————

OS – Ubuntu 14.04
Digital Ocean Droplet with LEMP
———————————————————

cd /etc/ssl
mkdir /etc/ssl/websitessl
openssl req -new -newkey rsa:2048 -nodes -keyout domainname.key -out domainname.csr

rsa:2048
“`means you create a 2048bits csr. I recommend for more security to use “`rsa:4069“`
You also need to change “`domainname.key“`and “`domainname.csr“` into your own domain name
so you can verify the CSR file. After you filled in all the legit information ,
you can open the new file using a client for example WinSCP, copy it, and use it for your SSL.


 

(2) And then, we have to buy/generate our SSL certificate at SSL Vendor Site and we will get / SSL vendor will generate the certificate files .
———————————–
samplesite.PEM
samplesite.ICA
samplesite.PKCS7
———————————–

We have to copy generated .PEM files from SSL Certifiate Provider to our host ( Digital Ocean LEMP )
http://www.examplesite.com.PEM.
And then, we have to edit the virtual host setting file at
/etc/nginx/site-available/samplesite

===================================================
Using SSL Certificate at Nginx Virtual Host Setting
===================================================
you have to create tow server blocks for both HTTP and HTTPS request.
And then, redirect to every request to HTTPS.

server {
listen 80;
server_name example.com.mm http://www.example.com.mm;
return 301 https://www.example.com.mm$request_uri;
}

server {
listen 443 ssl;
ssl on;

root /var/www/registrations/public;
index index.php index.html index.htm;

# Make site accessible from http://localhost/
server_name example.com.mm http://www.example.com.mm;
# server_name localhost;

access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;

ssl_certificate /etc/ssl/websitessl/www.example.com.mm.PEM;
ssl_certificate_key /etc/ssl/websitessl/examplesite.key;
ssl_trusted_certificate /etc/ssl/websitessl/www.example.com.mm.ICA;

ssl_ciphers “HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:3DES”;
ssl_prefer_server_ciphers on;

# to disable SSL3 service – to prevent the POODLE Vulnerablitiy attack
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?$query_string;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}

# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have “cgi.fix_pathinfo = 0;” in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}

# deny access to .htaccess files, if Apache’s document root
# concurs with nginx’s one
#
location ~ /\.ht {
deny all;
}

client_max_body_size 10M;
}

—————————————————————————————

Increase the Max Upload File Size at Nginx in Ubuntu 14.04

================================
Adding client_max_body_size” at Virtual Host of Nginx
================================
under /etc/nginx/site-available/sample_site_setting
———————————————————————-
server {
listen 8082;
listen [::]:8082;

root /var/www/registrations/public;
index index.php index.html index.htm;

server_name 128.199.226.122;

location / {
try_files $uri $uri/ /index.php?$query_string;
}

location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}

client_max_body_size 10M;
}

================================
Increase the Max Upload File Size at PHP configuration
================================
/etc/php5/cli/php.ini
———————————————————————
from
post_max_size = 8M
upload_max_filesize = 2M
to
post_max_size = 10M
upload_max_filesize = 10M
———————————————————————–