Create a New User and Grant Permissions in MySQL

How To Create a New User and Grant Permissions in MySQL

================================

Before we create and grant the permissions to the new user, we need to open the ( MySql port 3306 from firewall ).
To check firewall is active or inactive at unbuntu by the following command

ufw status

if reply ufw inactive, we need to open the ufw (firewall) by the following command

ufw enable

And then you can check which port are allow in our web server by the following command

ufw status
and it will reply all status.
If mysql is not allow, we need to allow it by the following command

ufw allow 3306/tcp

if port 3306 is not okay to access from the remote / other local pc, we need to change the mysql default por to ‘3360’ or as you wish.

to change the MySql port to ‘3360’,
go to the /etc/mysql
and edit the my.cnf

go to ‘[mysqld]’ part
chnage the default “bind_address” to “server_ip_address
change the default “port” to “3360

And then, restart the mysql service by the follwoing command
sudo service mysql restart

After it all, we need to check one thing
which ports are opening at our Web Server by the following

nmap localhost/ipaddress

========================================

login to mysql with root password
mysql -uroot -p
and then,

1) Let’s start by making a new user within the MySQL shell:

CREATE USER ‘newuser’@’localhost’ IDENTIFIED BY ‘password’;

2) provide the user with access to the information they will need

GRANT ALL PRIVILEGES ON * . * TO ‘newuser’@’localhost’;

3) Let’s start by making a new user within the MySQL shell:

CREATE USER ‘newuser’@’ip_address’ IDENTIFIED BY ‘password’;

4) provide the user with access to the information they will need

GRANT ALL PRIVILEGES ON * . * TO ‘newuser’@’ip_address’;

5) Reload all privileges

FLUSH PRIVILEGES;

====================================

Cheers

Advertisements

How to Use SSL Certificate in LEMP Digital Droplet

(1) We need to create two Certificate to give to SSL Certificate Vendor ( Z.com / GMO-ACE )
———————————-
examplesite.csr
examplesite.key
———————————-

=================================
How do I generate a CSR Code
=================================

———————————————————

OS – Ubuntu 14.04
Digital Ocean Droplet with LEMP
———————————————————

cd /etc/ssl
mkdir /etc/ssl/websitessl
openssl req -new -newkey rsa:2048 -nodes -keyout domainname.key -out domainname.csr

rsa:2048
“`means you create a 2048bits csr. I recommend for more security to use “`rsa:4069“`
You also need to change “`domainname.key“`and “`domainname.csr“` into your own domain name
so you can verify the CSR file. After you filled in all the legit information ,
you can open the new file using a client for example WinSCP, copy it, and use it for your SSL.


 

(2) And then, we have to buy/generate our SSL certificate at SSL Vendor Site and we will get / SSL vendor will generate the certificate files .
———————————–
samplesite.PEM
samplesite.ICA
samplesite.PKCS7
———————————–

We have to copy generated .PEM files from SSL Certifiate Provider to our host ( Digital Ocean LEMP )
http://www.examplesite.com.PEM.
And then, we have to edit the virtual host setting file at
/etc/nginx/site-available/samplesite

===================================================
Using SSL Certificate at Nginx Virtual Host Setting
===================================================
you have to create tow server blocks for both HTTP and HTTPS request.
And then, redirect to every request to HTTPS.

server {
listen 80;
server_name example.com.mm http://www.example.com.mm;
return 301 https://www.example.com.mm$request_uri;
}

server {
listen 443 ssl;
ssl on;

root /var/www/registrations/public;
index index.php index.html index.htm;

# Make site accessible from http://localhost/
server_name example.com.mm http://www.example.com.mm;
# server_name localhost;

access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;

ssl_certificate /etc/ssl/websitessl/www.example.com.mm.PEM;
ssl_certificate_key /etc/ssl/websitessl/examplesite.key;
ssl_trusted_certificate /etc/ssl/websitessl/www.example.com.mm.ICA;

ssl_ciphers “HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:3DES”;
ssl_prefer_server_ciphers on;

# to disable SSL3 service – to prevent the POODLE Vulnerablitiy attack
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?$query_string;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}

# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have “cgi.fix_pathinfo = 0;” in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}

# deny access to .htaccess files, if Apache’s document root
# concurs with nginx’s one
#
location ~ /\.ht {
deny all;
}

client_max_body_size 10M;
}

—————————————————————————————

Increase the Max Upload File Size at Nginx in Ubuntu 14.04

================================
Adding client_max_body_size” at Virtual Host of Nginx
================================
under /etc/nginx/site-available/sample_site_setting
———————————————————————-
server {
listen 8082;
listen [::]:8082;

root /var/www/registrations/public;
index index.php index.html index.htm;

server_name 128.199.226.122;

location / {
try_files $uri $uri/ /index.php?$query_string;
}

location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}

client_max_body_size 10M;
}

================================
Increase the Max Upload File Size at PHP configuration
================================
/etc/php5/cli/php.ini
———————————————————————
from
post_max_size = 8M
upload_max_filesize = 2M
to
post_max_size = 10M
upload_max_filesize = 10M
———————————————————————–

How to Install Laravel with an Nginx Web Server on Ubuntu 14.04

How to Install Laravel with an Nginx Web Server on Ubuntu 14.04

1) Install the Backend Components
1.1) sudo apt-get update
1.2) sudo apt-get upgrade
1.3) sudo apt-get install nginx php5-fpm php5-cli php5-mcrypt git
--------------------------------------------------------------------------------------------------------------------------
2) Modify the PHP Configuration
2.1) sudo nano /etc/php5/fpm/php.ini
2.2) cgi.fix_pathinfo=0 
2.3) sudo php5enmod mcrypt
2.4) sudo service php5-fpm restart
--------------------------------------------------------------------------------------------------------------------------
3) Configure Nginx and the Web Root
3.1) sudo mkdir -p /var/www/laravel
3.2) sudo nano /etc/nginx/sites-available/default
=======================================================
server {
    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    root /var/www/laravel/public;
    index index.php index.html index.htm;

    server_name server_domain_or_IP;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}
=======================================================
3.3) sudo service nginx restart
3.4) if you want to setup 2 virtual block
3.4.1) sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com
3.4.2) sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
2.4.3) sudo nano /etc/nginx/nginx.conf
2.4.4) server_names_hash_bucket_size 64;
2.4.5) sudo service nginx restart
--------------------------------------------------------------------------------------------------------------------------
4) Create Swap File (Optional)
4.1) sudo fallocate -l 1G /swapfile
2) sudo mkswap /swapfile
3) sudo swapon /swapfile
--------------------------------------------------------------------------------------------------------------------------
5) Install Composer and Laravel
5.1) cd ~
5.2) curl -sS https://getcomposer.org/installer | php
5.3) sudo mv composer.phar /usr/local/bin/composer
5.4) sudo composer create-project laravel/laravel /var/www/laravel
5.5) sudo composer create-project laravel/laravel /var/www/laravel 4.2
5.6) sudo chown -R :www-data /var/www/laravel
5.7) sudo chmod -R 775 /var/www/laravel/app/storage
5.8) http://server_domain_or_IP
-------------------------------------------------------------------------------------------------------------------------- 

6 )  After installed the nginx server at linux server, tried to send / testing email can send or not ?
Open terminal and type the following command to check it.

echo “HelloWorld” | mail -s “HelloWorld” test@gmail.com
test@gmail.com is “to” email address

 

------------------------------------------------------------------------------------------------------------------------------
Conclusion
------------------------------------------------------------------------------------------------------------------------------






















How To Set Up Nginx Server Blocks (Virtual Hosts) on Ubuntu 16.04

Reference : https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-16-04

Introduction

When using the Nginx web server, server blocks (similar to the virtual hosts in Apache) can be used to encapsulate configuration details and host more than one domain off of a single server.

In this guide, we’ll discuss how to configure server blocks in Nginx on an Ubuntu 16.04 server.

Prerequisites

We’re going to be using a non-root user with sudo privileges throughout this tutorial. If you do not have a user like this configured, you can create one by following our Ubuntu 16.04 initial server setup guide.

You will also need to have Nginx installed on your server. The following guides cover this procedure:

When you have fulfilled these requirements, you can continue on with this guide.

Example Configuration

For demonstration purposes, we’re going to set up two domains with our Nginx server. The domain names we’ll use in this guide are example.com and test.com.

You can find a guide on how to set up domain names with DigitalOcean here. If you do not have two spare domain names to play with, use dummy names for now and we’ll show you later how to configure your local computer to test your configuration.

Step One: Set Up New Document Root Directories

By default, Nginx on Ubuntu 16.04 has one server block enabled by default. It is configured to serve documents out of a directory at /var/www/html.

While this works well for a single site, we need additional directories if we’re going to serve multiple sites. We can consider the /var/www/html directory the default directory that will be served if the client request doesn’t match any of our other sites.

We will create a directory structure within /var/www for each of our sites. The actual web content will be placed in an html directory within these site-specific directories. This gives us some additional flexibility to create other directories associated with our sites as siblings to the html directory if necessary.

We need to create these directories for each of our sites. The -p flag tells mkdir to create any necessary parent directories along the way:

  • sudo mkdir -p /var/www/example.com/html
  • sudo mkdir -p /var/www/test.com/html

Now that we have our directories, we will reassign ownership of the web directories to our normal user account. This will let us write to them without sudo.

Note

Depending on your needs, you might need to adjust the permissions or ownership of the folders again to allow certain access to the www-data user. For instance, dynamic sites will often need this. The specific permissions and ownership requirements entirely depend on what your configuration. Follow the recommendations for the specific technology you’re using.

We can use the $USER environmental variable to assign ownership to the account that we are currently signed in on (make sure you’re not logged in as root). This will allow us to easily create or edit the content in this directory:

  • sudo chown -R $USER:$USER /var/www/example.com/html
  • sudo chown -R $USER:$USER /var/www/test.com/html

The permissions of our web roots should be correct already if you have not modified your umask value, but we can make sure by typing:

  • sudo chmod -R 755 /var/www

Our directory structure is now configured and we can move on.

Step Two: Create Sample Pages for Each Site

Now that we have our directory structure set up, let’s create a default page for each of our sites so that we will have something to display.

Create an index.html file in your first domain:

  • nano /var/www/example.com/html/index.html

Inside the file, we’ll create a really basic file that indicates what site we are currently accessing. It will look like this:

/var/www/example.com/html/index.html
<html>
    <head>
        <title>Welcome to Example.com!</title>
    </head>
    <body>
        <h1>Success!  The example.com server block is working!</h1>
    </body>
</html>

Save and close the file when you are finished.

Since the file for our second site is basically going to be the same, we can copy it over to our second document root like this:

  • cp /var/www/example.com/html/index.html /var/www/test.com/html/

Now, we can open the new file in our editor:

  • nano /var/www/test.com/html/index.html

Modify it so that it refers to our second domain:

/var/www/test.com/html/index.html
<html>
    <head>
        <title>Welcome to Test.com!</title>
    </head>
    <body>
        <h1>Success!  The test.com server block is working!</h1>
    </body>
</html>

Save and close this file when you are finished. We now have some pages to display to visitors of our two domains.

Step Three: Create Server Block Files for Each Domain

Now that we have the content we wish to serve, we need to actually create the server blocks that will tell Nginx how to do this.

By default, Nginx contains one server block called default which we can use as a template for our own configurations. We will begin by designing our first domain’s server block, which we will then copy over for our second domain and make the necessary modifications.

Create the First Server Block File

As mentioned above, we will create our first server block config file by copying over the default file:

  • sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com

Now, open the new file you created in your text editor with sudo privileges:

  • sudo nano /etc/nginx/sites-available/example.com

Ignoring the commented lines, the file will look similar to this:

/etc/nginx/sites-available/example.com
server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/html;
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                try_files $uri $uri/ =404;
        }
}

First, we need to look at the listen directives. Only one of our server blocks on the server can have the default_server option enabled. This specifies which block should serve a request if the server_namerequested does not match any of the available server blocks. This shouldn’t happen very frequently in real world scenarios since visitors will be accessing your site through your domain name.

You can choose to designate one of your sites as the “default” by including the default_server option in the listen directive, or you can leave the default server block enabled, which will serve the content of the /var/www/html directory if the requested host cannot be found.

In this guide, we’ll leave the default server block in place to server non-matching requests, so we’ll remove the default_server from this and the next server block. You can choose to add the option to whichever of your server blocks makes sense to you.

/etc/nginx/sites-available/example.com
server {
        listen 80;
        listen [::]:80;

        . . .
}
Note

You can check that the default_server option is only enabled in a single active file by typing:

  • grep -R default_server /etc/nginx/sites-enabled/

If matches are found uncommented in more than on file (shown in the leftmost column), Nginx will complain about an invalid configuration.

The next thing we’re going to have to adjust is the document root, specified by the root directive. Point it to the site’s document root that you created:

/etc/nginx/sites-available/example.com
server {
        listen 80;
        listen [::]:80;

        root /var/www/example.com/html;

}

Next, we need to modify the server_name to match requests for our first domain. We can additionally add any aliases that we want to match. We will add a http://www.example.com alias to demonstrate.

When you are finished, your file will look something like this:

/etc/nginx/sites-available/example.com
server {
        listen 80;
        listen [::]:80;

        root /var/www/example.com/html;
        index index.html index.htm index.nginx-debian.html;

        server_name example.com www.example.com;

        location / {
                try_files $uri $uri/ =404;
        }
}

That is all we need for a basic configuration. Save and close the file to exit.

Create the Second Server Block File

Now that we have our initial server block configuration, we can use that as a basis for our second file. Copy it over to create a new file:

  • sudo cp /etc/nginx/sites-available/example.com /etc/nginx/sites-available/test.com

Open the new file with sudo privileges in your editor:

  • sudo nano /etc/nginx/sites-available/test.com

Again, make sure that you do not use the default_server option for the listen directive in this file if you’ve already used it elsewhere. Adjust the root directive to point to your second domain’s document root and adjust the server_name to match your second site’s domain name (make sure to include any aliases).

When you are finished, your file will likely look something like this:

/etc/nginx/sites-available/test.com
server {
        listen 80;
        listen [::]:80;

        root /var/www/test.com/html;
        index index.html index.htm index.nginx-debian.html;

        server_name test.com www.test.com;

        location / {
                try_files $uri $uri/ =404;
        }
}

When you are finished, save and close the file.

Step Four: Enable your Server Blocks and Restart Nginx

Now that we have our server block files, we need to enable them. We can do this by creating symbolic links from these files to the sites-enabled directory, which Nginx reads from during startup.

We can create these links by typing:

  • sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
  • sudo ln -s /etc/nginx/sites-available/test.com /etc/nginx/sites-enabled/

These files are now in the enabled directory. We now have three server blocks enabled, which are configured to respond based on their listen directive and the server_name (you can read more about how Nginx processes these directives here):

  • example.com: Will respond to requests for example.com and http://www.example.com
  • test.com: Will respond to requests for test.com and http://www.test.com
  • default: Will respond to any requests on port 80 that do not match the other two blocks.

In order to avoid a possible hash bucket memory problem that can arise from adding additional server names, we will go ahead and adjust a single value within our /etc/nginx/nginx.conf file. Open the file now:

  • sudo nano /etc/nginx/nginx.conf

Within the file, find the server_names_hash_bucket_size directive. Remove the # symbol to uncomment the line:

/etc/nginx/nginx.conf
http {
    . . .

    server_names_hash_bucket_size 64;

    . . .
}

Save and close the file when you are finished.

Next, test to make sure that there are no syntax errors in any of your Nginx files:

  • sudo nginx -t

If no problems were found, restart Nginx to enable your changes:

  • sudo systemctl restart nginx

Nginx should now be serving both of your domain names.

Step Five: Modify Your Local Hosts File for Testing(Optional)

If you have not been using domain names that you own and instead have been using dummy values, you can modify your local computer’s configuration to let you to temporarily test your Nginx server block configuration.

This will not allow other visitors to view your site correctly, but it will give you the ability to reach each site independently and test your configuration. This basically works by intercepting requests that would usually go to DNS to resolve domain names. Instead, we can set the IP addresses we want our local computer to go to when we request the domain names.

Note

Make sure you are operating on your local computer during these steps and not your VPS server. You will need to have root access, be a member of the administrative group, or otherwise be able to edit system files to do this.

If you are on a Mac or Linux computer at home, you can edit the file needed by typing:

  • sudo nano /etc/hosts

If you are on Windows, you can find instructions for altering your hosts file here.

You need to know your server’s public IP address and the domains you want to route to the server. Assuming that my server’s public IP address is 203.0.113.5, the lines I would add to my file would look something like this:

/etc/hosts
127.0.0.1   localhost
. . .

203.0.113.5 example.com www.example.com
203.0.113.5 test.com www.test.com

This will intercept any requests for example.com and test.com and send them to your server, which is what we want if we don’t actually own the domains that we are using.

Save and close the file when you are finished.

Step Six: Test your Results

Now that you are all set up, you should test that your server blocks are functioning correctly. You can do that by visiting the domains in your web browser:

http://example.com

You should see a page that looks like this:

Nginx first server block

If you visit your second domain name, you should see a slightly different site:

http://test.com

Nginx second server block

If both of these sites work, you have successfully configured two independent server blocks with Nginx.

At this point, if you adjusted your hosts file on your local computer in order to test, you’ll probably want to remove the lines you added.

If you need domain name access to your server for a public-facing site, you will probably want to purchase a domain name for each of your sites. You can learn how to set them up to point to your server here.

Conclusion

You should now have the ability to create server blocks for each domain you wish to host from the same server. There aren’t any real limits on the number of server blocks you can create, so long as your hardware can handle the traffic.