They made it difficult, but fortunately, someone else invented the wheel for us. Here’s how you do it:
Thanks, Pedro Santiago!!!
They made it difficult, but fortunately, someone else invented the wheel for us. Here’s how you do it:
Thanks, Pedro Santiago!!!
I found the following article and it helped me to clean up my CentOS webserves. The steps in this articles speak for itself. All credits to the author, Danila Vershinin.
Just a quick reminder to self, since simply updating mod_pagespeed doesn’t seem to be able by just running yum update. If you have installed mod_pagespeed building from the source, like I have, you will probably run into the following issue:
"httpd >= 2.2 is needed by mod-pagespeed"
Here is a quick and dirty solution that has worked for me.
1) Remove the old version with this command:
yum remove mod-pagespeed-stable.x86_64
2) Follow these steps to update mod_pagespeed to the latest version:
cd ~ yum install at wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm rpm -i --nodeps mod-pagespeed-stable_current_x86_64.rpm
Today I tried updating my Volkswagen navigation to the latest available version, which can be downloaded from the Volkswagen site (in Dutch) for free, or at least for a specified amount of time after it was manufactured. Originally it used to be three years, but a blog post mentioned the updates will be available up to five years after the navigation will be taken out of production.
So I took out the current SD card from my car and made a back-up of it. Then I downloaded the correct update, unzipped it with Keka, which I downloaded just to be sure that the 7-zipped files from Volkswagen would unzip without corrupting any files.
After I copied all of the files to the newly formatted SD card, I used Disk Utility to format it with the MS-Dos (FAT) format, I inserted it in my car and found out that the street names and road names were not showing up, but the maps were working fine.
So I did some research on Google to figure out what the hell was going on and I found out that other people using a Mac where facing the same problem. Someone mentioned an application named HiM, which can be downloaded from Macupdate, and can be used to delete hidden files from volumes created on a Mac. In my case, I simply dragged and dropped the SD card containing the navigation update into the HiM window, to delete folders like .Trashes and .Spotlight.
That did it, because after I inserted the SD card into my car, the streets were showing up as expected.
Good luck with updating your car navigation. By the way, this also applies to Discover car navigations for Audi, Seat and Skoda cars.
Here’s another short post about protecting wp-login.php files on your server from Brute Force Attacks, which can drastically increase your server load. Mine was constantly up to 90% making my server completely inaccessible.
Adding the following code to your .htaccess files is a solution, but if you have tons of sites like me, you don’t want to manually have to upload .htaccess and .htpasswd files. Instead, you want to handle this at once, globally and server-wide. Here’s how I did it:
First of all, you need to find out if your httpd.conf file is an autogenerated file, or if you can manually edit it (without it being regenerated after an update.)
Usually, modifications go into the pre_main_global.conf include file. If this is also the case for you, make sure this is included in your active httpd.conf file.
Edit pre_main_global.conf and add the following code:
<Files ~ "^\.ht"> Require all denied </Files> <Files wp-login.php> AuthUserFile /var/htpass/.htpasswd AuthName "Private access" AuthType Basic require user yourloginname </Files>
Rename “yourloginname” to whatever login name you like.
Create the directory to store your .htpasswd file as follows:
You can generate a .htpasswd file here: http://www.htaccesstools.com/htpasswd-generator/, make sure to use the same login name as chosen before. Any password you want will do, also an empty password if that’s what you want.
Finally, save your .htpasswd file in the previously created directory, in this example we suggested /var/htpass/.
Assuming the pre_main_global.conf gets included as it should, the only thing left is to restart Apache. Use the following command to do so:
service httpd restart
Alternatively, you can restart Apache from DirectAdmin or WHM.Voila, you are now asked for a User Name and Password each time you access your wp-login.php file to login into WordPress.
Voila, you are now asked for a User Name and Password each time you access your wp-login.php file to login into WordPress.
It’s been an ordeal last night, working until 4:30 pm, but after two hours of sleep, I am now on my way back re-installing my VPS from scratch.
When I started experimenting with Google Pagespeed (mod_pagespeed) I just took it a bit too far and wanted too much at the same time. Besides installing and tweaking the speed module, I also tried to update my server to HTTP/2 and wanted to update PHP to it’s latest version 7.1.3.
Mod_pagespeed never was the problem. I actually got it working, and set-up as follows. If you care about speed, this is just the configuration you’ll need. Before you start, make sure to benchmark your server using a tool such as https://tools.pingdom.com/ or PageSpeed Insights. Open you pagespeed.conf file with the following command:
If you are running WordPress just like I am, and also make use of PHPMyAdmin, then add the following two location dependencies to the beginning of the pagespeed.conf file:
<Location /wp-admin/> ModPagespeed Off </Location> <Location /phpmyadmin/> ModPagespeed Off </Location>
You’ll also want to have access to the Pagespeed Admin, the Pagespeed Statistics and the Pagefeed Messages. You can do so by adding the following code to your pagespeed.conf file:
ModPagespeedStatistics on ModPagespeedStatisticsLogging on ModPagespeedLogDir /usr/local/apache/logs ModPagespeedMessageBufferSize 100000 <Location /mod_pagespeed_statistics> <IfModule mod_rewrite.c> RewriteEngine Off </IfModule> Order deny,allow Allow from localhost Allow from <OFFICE IP> SetHandler mod_pagespeed_statistics </Location> <Location /mod_pagespeed_message> <IfModule mod_rewrite.c> RewriteEngine Off </IfModule> Order deny,allow Allow from localhost Allow from <OFFICE IP> SetHandler mod_pagespeed_message </Location> <Location /pagespeed_admin> <IfModule mod_rewrite.c> RewriteEngine Off </IfModule> Order deny,allow Allow from localhost Allow from <OFFICE IP> SetHandler pagespeed_admin </Location>
Finally, tell mod_pagespeed which Pagespeed Filters you want enabled, as follows:
Please have a look here how each of these filters will help to make your server faster.
After reading this article on Yoast, I became interested in the HTTP/2 Protocol, mod_http2, which can be used for performance optimization. Upgrading to HTTP/2 should speed up your web server significantly, and so I found this step by step tutorial on how to set-up HTTP/2 on your server or VPS. Have a look for yourself, but sure to know what you do as this has caused major problems for at my first attempt to get HTTP/w working. By all means, I have spent hours getting everything to work, so be really careful!
Once you have everything running smoothly, have a look here for a list of HTTP/2 test sites and other methods to see if it works as it should.
I am just posting this here for future reference:
If you have updated Apache to work with HTTP/2, make sure to configure the correct web root path in the httpd.conf file.
Don’t forget to enable SNI, which is an extension to the TSL Protocol, in DirectAdmin, this will allow you to use multiple certificates for one IP address. You can do so as follows:
grep -q 'enable_ssl_sni=1' /usr/local/directadmin/conf/directadmin.conf || echo 'enable_ssl_sni=1' >> /usr/local/directadmin/conf/directadmin.conf
Credits: https://www.transip.nl/forum/post/prm/4543 (This is a Dutch written article.)
Here’s a short tutorial for those of you looking to install Fail2ban on an existing CentOS server or VPS.
First of all, you will have to determine which CentOS version you have, with the following command after starting a SSH session using a terminal window:
The response will probably be something like this:
CentOS release 6.8 (Final)
Now that we know the CentOS version is 6, we will have to get the latest EPEL yum repository, using the following command:
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-6.noarch.rpm
Next step is to install Fail2ban with the following command:
yum install fail2ban
Is this ok [y/N]: please type
y and then hit enter.
This may take a few minutes, so sit back and relax waiting for the installation to finish.
The reasons you might want to protect your server or VPS using Fail2ban is because you are experiencing too many false logins attempts for WordPress, Proftpd, Exim2 or sshd4/sshd5 for example. To do so you will have to create the following local configuration file, using an editor such as nano:
(Don’t have Nano? You can install Nano with the following command:
yum install nano.)
Here is how to set-up a sshd jail to catch failed login attempts to SSH:
enabled = true
port = ssh
filter = sshd
logpath = /var/log/secure
maxretry = 3
findtime = 3600
bantime = 86400
Here is how to set-up an exim jail to catch failed login attempts to Exim:
enabled = true
port = smtp,465,submission
filter = exim
logpath = /var/log/exim/mainlog
maxretry = 3
findtime = 86400
bantime = 31536000
Now that we have created these jails, and saved our configuration file (ctrl+x) we have to restart our server or VPS with the following command:
service fail2ban start
If everything went as expected you should get the following response:
Starting fail2ban: [ OK ]
If additionally you also would like to protect your server or VPS from failed login attempts to WordPress, you should first create a filter.
Your filters are located here:
Create a new filter named wordpress.conf using Nano as follows:
Copy and paste the following code into the newly created wordpress.conf filter file:
# Fail2Ban filter for wordpress # [INCLUDES] before = common.conf [Definition] _daemon = wordpress failregex = ^%(__prefix_line)sAuthentication failure for .* from <HOST>$ ^%(__prefix_line)sPingback error .* generated from <HOST>$ ignoreregex = # Author: John Doe
Now that you have created the wordpress.conf filter, you will need to add a new rule to your jail.local file which you have previously created:
enabled = true
filter = wordpress
logpath = /var/log/secure
maxretry = 3
findtime = 86400
bantime = 31536000
action = iptables-multiport[name=wordpress,port="80,443"]
Finally, you will have to restart Fail2ban using the following command:
service fail2ban restart
If everything went well, this is what the response should look like:
Stopping fail2ban: [ OK ]
Starting fail2ban: [ OK ]
Congratulations, your server of VPS is now protected against scum trying to make your life misserable!
OK, since I kind of promised, when I wrote my last post nearly a year ago, to write a new one a little bit sooner – which I didn’t, I am going to start by saying that I’m not going to make any other promises again. The affiliate life is like a roller coaster ride, even worse, a roller coaster ride but in the dark, as you’ll never know which turn will be coming up next.
One month you’re celebrating and thinking of buying that new Audi, the next one you’ll be set back to where you were before. And usually this goes along with the amount of time and money you are willing to invest into your sites. Don’t get me wrong though, I’m still far better off being on this crazy ride than working as a corporate slave from nine to five – besides making better money, I can honestly say that freedom is what makes being an affiliate so great.
Another factor that always comes around to mess things up when things seem to go well is good old G. Most of you know that I have been hit pretty hard by the Google Panda update last year, and that I am still struggling and stuck with lower rankings for my main site www.pokerforfree.org today. I hate to say it, but Google is doing a lousy job! The SERPs are filled with thin affiliate sites, where mine has grown to a very decent resource with great content, including:
For anyone who doesn’t understand the impact of the Panda update, the following graph reveils everything.
This actually means that it takes much more, to recover from the Panda update, than just locating and rewriting a bunch of bad pages. The examples I outlined above are just a small portion from what has been ‘fixed’. I literary spent thousands of dollars to improve the quality of my site, with the result I am aiming for still lacking. One thing I have to admit though, frankly most of the content on my site sucked, so it should have been penalized in the first place. But it’s time to reward good sites, with great content, not just sites with a shit load of links!
To continue on the subject, other things I did in my best effort trying to recover from the Panda update, was moving the Italian version of Poker For Free to it’s own domain www.giochipokergratis.co, and as well the German version to www.kostenlospokeronline.de. The reason to move these sections was that I suspected them to have a negative impact of the total quality of my site. Unfortunately it didn’t make a difference, or not yet at least.
Furthermore I also bought myself a licence for a free poker game, which I am hosting on one of my own servers. It’s pretty cool actually, since I was able to create custom tables and card decks, and it would be even cooler if there were any active players, but with a limited amount of traffic the only thing I can do is keep dreaming.
Of course, all the trouble came during the aftermath of dealing with the douche bags from Stickyeyes, but that chapter is closed and I’m not going to touch it again. (Alright, for the sake of it, one more time: Stay away from dealing with Stickyeyes. They do more harm than good, or if your budget is sky-high, they will certainly abuse it by taking much more than needed! In fact, I’ll do the same for half the price if you want me to!)
Finally I have been examining my site inside out, and tried to fix any flaws that could possibly have a negative impact on SEO. For example, I fixed a bug that redirected non existing pages to my File Not Found page, without generating a proper 404 header. Instead, I am no longer redirecting pages, but parsing the content and a 404 header right on the spot. So no more Soft 404’s in Google’s Webmaster Tools soon!
Hereby I am concluding this post with a short message for anyone who would like to add a free poker game to their site. I’ve developed an API for my free poker game, to use it throughout my own network, and could offer this to the public. If you’re seriously interested and think you have the audience for it, please get in touch with me. I can definitely use some players!
Thanks for reading, and ’till the next, when I’ve finally recovered from Google Panda. (I know… just wishful thinking.)
WOW, has it really been that long since I wrote my last post on Pursuing Success? Almost six friggin’ months! And I was so determined to post more frequently….. oh well… guess that’s what my life looks like, like a roller coaster.
At least this gives me something to write about, since so many things have happened since my last post. I remember being all excited moving pokerforfree.org to Rackspace – it’s still there, but I recently got a Virtual Private Server, or VPS, at myhosting.com. All together it comes down to Rackspace being more expensive, and dirt slow. I still have to move everything over, but didn’t find a spare moment yet.
Let’s see what (the fuck) happened after moving my site. It didn’t rank any better, I can tell you that, in fact I lost about 60% of my traffic, but I will get to that later in this post.
Most who know me have heard I terminated my contract with Stickyeyes.com, the self proclaimed SEOs from Leeds, United Kingdom, which have a booth at most iGaming Shows to lure unexpecting affiliates into their scam with nasty contracts.
Yeah you got that right, Stickyeyes.com are scammers. I have paid them a total sum way over $30,000 over the course of a year, and all I got was a bunch of excuses why my site would not rank any higher. First time I got suspicious was when my friend Alon told me about my link on some site that was offered to him from some Indian guy for $5 a year, a link which was a premium link according to Stickyeyes.com. Of course they had an excuse for this specific link, but the fact of the matter is that over time more links like these would show up.
I also talked to more of their customers, and everybody I spoke to had the same story: Stickyeyes.com are worthless. Someone else I know told me he heard my budget was too low, so I guess their bigger clients pay lots more, and get stolen from lots more too, without them knowing of course as they retain their top rankings anyway.
Past January, at the London Affiliate Conference, I stepped up to Paul Hill, the one actually responsible for making me sign the contract after we met for the first time at the Budapest Affiliate Conference in September of 2009. I asked him man to man about my site failing to rank better after spending that crazy amount of cash, and his answer was that it was something technical on my site, but he wasn’t completely sure. He told me he was going to find out and get back to me personally – obviously I am still waiting. But wait a minute… if it really was a technical issue on my side, WHY THE FUCK DIDN’T THEY TELL ME SO?!?
Ok, enough ranting about Stickyeyes.com, I guess I needed this. I can go on and on about my negative experience with them, but let me end with giving you some free advice. Have you ever considered, or are considering doing business with them, take this for granted: Don’t do it, or you’ll be sorry.
So what happened after the Stickyeyes.com debacle? First of all, I ended up paying a some more months, as they keep you to your end of the contract, which means a three months termination period. Of course, they only did the bare minimum of work, if at all. After these three months went by, they took down most of the links they created, and you know what that means, right? Yes, you are abso-fucking-lutely right: My site dropped from rank #7 to rank #12, for “free poker” that is.
So the drop in rankings meant the loss of some like 4,000 unique monthly visitors, but if that wasn’t worse enough, Google came with the Panda algorithm update, also known as the Farmer update, that basically ruined my good mood, and positive look at the future. Pokerforfree.org dropped from 20,000 unique visitors to less than 10,000, and that means I lost half the revenue my baby was generating. Ending this part of the post, the Panda/Farmer update bounced my site from rank #12 to rank #26, for “free poker” in Google.com.
Everybody who knows me well also knows I am a fighter, not a quitter. I have never learned the meaning of giving up, hence I decided to pump all my funds into Poker For Free to enhance the quality of the site’s content. If Google’s really became this smart as they try to make us think, it should also be capable of figuring out that I am now only doing things that are valuable to my visitors.
First of all, I decided to make Poker For Free a real free poker site, not just a site where visitors can find a free poker bankroll. I acquired the pro license for a poker platform, which is fully hosted and controlled by nobody else but myself. I completely integrated it into Poker Club – pokerforfree.org’s members zone. Unfortunately my free poker game doesn’t have much traffic yet, as Aweber.com, which by the way are great for newsletters, didn’t allow me to import my existing member base of more than 8,000. In the mean time, a couple of hundred new members have signed up for the free poker game already, but I still have to find a way around to let my former members know about it, whitout the risk of beeing seen as a e-mail spammer.
Furthermore, I improved the site’s structure, and all of the sudden it came to my attention why Google has been so harsh on me. I had many pages in the first layer of the menu that didn’t make any sense – they were indeed of very low quality, and not valuable for my visitors at all. So I told my writing team to take care of this. Elizabeth – she’s one of the best writers you can think of – has taken care of the European Poker Tour pages, and Ken has written a comprehensive Guide to Winning Poker, as well as written an in depth World Series of Poker section. I estimate the site now has 50-some newly created, or rewritten pages of 1,000 words on average, and the end is not in sight yet. Take that Google!
My current rankings are a tad better, but still nothing to brag about. The Panda hunt, however, will go on, as I believe I still have some trump cards in my pocket!
Fortunately, my business doesn’t solely relay on Poker For Free anymore. I can still support my entrepreneurship. Remember some posts ago that I was going to move into my new office? Well I have in September of 2010, and frankly I am enjoying and loving every single moment of it. Working from home, or going to work makes such a difference. Efficiency and productiveness must have doubled to say the least – or at least as long as my brother in law Theo doesn’t pay me visit for an espresso out of my full automatic Saeco espresso machine.
Even I need a break away from everything every now and then, and to be honest, everything could use a break away from me too. So, I agreed some time off with my girlfriend on Wednesday, booked my flight on Thursday, and left for the States on Saturday.
I booked business-class seats using up 50,000 air miles to spent a week with my best friend Terry, his wife Ada and their newborn daughter Maya, in DC, my second hometown. Boy, I friggin’ love that place, though I hated the day after we went to Ozio on M street drinking with the fellas. We had a great night, on which I met my Scottish friend Paul who’s now an assistant coach next to Joe Wootten – yes Morgan’s son – at Bishop O’Connell High in Virginia, one of the nations top basketball programs. My man Greg-a-lirous also came over to meet me, and so did Kenny and Ron – which I already met earlier in the week when we went to the driving range for some swings. That’s actually as early as they told me about Crown Black, that it was going to be really nasty, but I never thought it was going to be this bad. Boy, did I suffer the day(s) after. Oh and Ron, if you happen to read this at some point, please don’t ever participate in American Idol – but please do keep singing for us, as that was fucking hilarious!
On my way back the Dutch customs made me open my case, after I told them I had nothing to declare. Fortunately they guy bought my story and I was free to walk with about 21 Kilos (like 45 Lbs.) of new goods worth almost as much as $2 grand!
Even though I am not telling half of what I did during my stay in DC, it was just long enough to get the much needed rest, but I have to admit that I was dying to see the loved ones who came to pick me up at Schiphol. ‘Till the next time!
My latest project is quite amazing. I joined ventures with Andrew, someone I have been working closely together with lately. I believe he has all the skills that I have lack off. I think that this project could turn out to become my/our biggest ever, not only because it covers all gambling niches, i.e. casino, poker, bingo and sports betting, but mainly because our joint partnership.
Can’t wait to launch this sucker with a big bang, probably somewhere next week, as the domain is already getting some traffic. I don’t like to post the URL on this site, as you never know if there’s anyone willing to sabotage it after this post, but please feel free to poke me privately and I’ll tell you all about it.
After spending nearly two hours on something that doesn’t generate any revenue, I am going to keep the conclusion pretty short. The Donar semi-quarter series against Eiffeltowers Den Bosch are tied 1-1, but we have home court advantage. My guts tell me that Donar will come to their senses and advance to the finals, not losing another game.
Today I picked up going to the gym, after a two weeks period of rest. I was surprised to see that I was still bench-pressing the same amounts of weights as before, although I am pretty sure I will suffer from severe muscle pain either tomorrow or the day thereafter.
Finally, I can’t tell if I will post again any time soon. I might, or not, but if you like to read my blog, just make sure to subscribe and you don’t have to miss out when I do. However, I do believe my blog could use a new look and feel, so I might at least update the theme sometime soon.
Oh crap, before I forget. Play Poker Online <- There you go, some link-love to my friend Akhilesh, the goat herder from India.
So, my current host, where I have a reseller account for ages, are acting link a bunch of bitches, after I’ve e-mailed them about a serious issue I encounter while loading my sites. It looks like something’s messed-up with the server, as I frequently get prompted a message if I want to download a PHP file. Now, as I am not accessing any PHP files directly – I’m talking about random files which just make up the site, or even files that make up WordPress for that matter, and since PHP are not meant to be downloaded at all, I asked them how this could be, and if there was any chance that this would happen to others (my sites’ visitors) as well. Well, well, these ignorant scumbags told me that it ain’t their problem but mine, as no other clients noticed them about this. IMO, what seems to be the case is that their PHP set-up is hesitating, and that it randomly treats PHP files as plain text files, but only every now and then. The PHP file, by the way, is completely blank if I confirm to download it.
Enough ranting… it’s really not important anymore! In fact, I am so happy to stand where I am standing momentarily.
Long story short, they keep ignoring there is a problem, and I ended being fed-up with them. So I am in the process of changing hosts, hence I contacted my best buddy (<- notice your first link love) for advice. He pointed me to Rackspace, whom have several kinds of hosting products, for very reasonable prices. After some investigation, I ended up with a Rackspace Cloud Server account, which I will describe in-depth as this blog continues.
What I am going to do from here, is describing how I am going to move PokerForFree.org to the new Cloud Server. This means that I will go through each step of process and write about everything that comes along, until the site has been moved and runs smoothly. I’ll be straight, it’s will be a true challenge, as most of the work is done in a Terminal (Unix Shell), and I really have no experience at this moment. Hopefully, at the end of this blog post, I will 🙂
So yesterday night after we came back from a Donar, who got upset by Galataseray (Istanbul, Turkey) in the final seconds of the game, I went to the Rackspace Cloud website and created an account. As this was post research, I knew exactly what I was looking for: a Linux Cloud Server, Fedora 14 to be precisely. I chose the cheapest, starting at $11 a month, but as it is completely scalable, and paid by the hour, you can upgrade at any time you want. (Any time? Yes, any time…)
So what I got is 256 MB of RAM, and 10 GB space – that’s a plenty for just one site I guess. This goes together with a private IP address, and all the freedom I need.
After a few minutes I received the verification e-mail containing my root user name and password, and I was set to go. As at this point I really didn’t have a clue, I contacted support – which are around 24/7 through live chat and phone. Curtis, the Rackspace representative, helped me getting started by pointing out some Linux set-up guides, and telling me the basics of working with the Terminal on my Mac. Before you knew it I was logged in at my own instance – it felt like victory!
All of this together brings me to this very moment. I am about to continue setting up my Cloud Server. I am going to take you live through the next steps, bear with me…
Step 1 – First you will have to log-in, hence you’ll have to use the following command in my Mac Terminal:
Obviously, I rather keep my IP address to myself. When you log-in from a certain location for the first time, you will get a warning, which you can simply ignore by typing ‘yes’. An RSA Key Fingerprint will be added to your local computer, so that your computer becomes authenticated.
Step 2 – The first thing you want to do when you’re logged-in is changing your default root password.
passwd root (You will then be promoted for your password of your choice.)
Before we start with the hardcore work that is needed to set-up the Cloud Server as a host, we will have to customize it a little but.
Step 3 – With the following command we will be able to set-up a package of tools called development tools which come together with Fedora release 14.
sudo yum groupinstall 'Development Tools' (Answer ‘y’ when prompted in Terminal.)
sudo yum install links (Answer ‘y’ when prompted in Terminal.)
Are you still following me, you ol’ nerd? Well then, there’s only one more step to take before we get to the most important part of this Cloud Server Set-up Guide.
Step 4 – The following command will install the Screen application. Honestly, I have no idea what I am talking about, except that it’s used to allow virtual terminals to be opened in one console. If you follow the link you will find an in-depth Screen Tutorial.
sudo yum install screen
After actually playing around with the
screen command, I found out that it lets you switch between instances of Terminal, but using one single console.
Now, after reading some more I found out that we needed to update the software between Step 2 and 3. As it doesn’t seem to hurt, we will be doing it now by using the following command.
sudo yum update (Answer ‘y’ when prompted in Terminal.)
To keep douche bags, a.k.a. hackers, outside we want to secure our server as much as possible. Fortunately there’s a build-in Firewal for Linux called iptables, which is pretty straight forward setting up.
If you are setting up a new Cloud Server at Rackspace, it is wise to have a look at the current firewall rules. What we want to accomplish is opening ports 80 (regular) and 443 (secure), which are closed by default. You can use the following command to have a look at the current iptables settings.
sudo /sbin/iptables -L
Let’s assume that you are setting-up up a Cloud server from scratch, just like me. That means that we want to get rid of the default settings. Use the following command to flush/delete them.
sudo /sbin/iptables -F
Here’s a default set of commands to install the proper iptables settings to open up the ports I just mentioned. Copy them as a whole and paste them into your Terminal.
sudo /sbin/iptables -A INPUT -i lo -j ACCEPT
sudo /sbin/iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT
sudo /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo /sbin/iptables -A OUTPUT -j ACCEPT
sudo /sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo /sbin/iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo /sbin/iptables -A INPUT -p tcp -m state --state NEW --dport 30000 -j ACCEPT
sudo /sbin/iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
sudo /sbin/iptables -A INPUT -j REJECT
sudo /sbin/iptables -A FORWARD -j REJECT
At this moment I decided not to discuss the meanings of each of the commands, but I might get to it in an upcoming post. If you really need more information as we speak, I suggest you visit this page.
There’s actually one more line that should be added. As we need to be able to access the server over SSL, we need to keep port 22 open. You can use the following command. The ‘-I’ makes sure that it will be added to the top.
sudo /sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT
Finally you will need to save them, so they also remain intact when you’ll reboot your Cloud Server. Use the following command to do so.
service iptables save
In this part I will try to explain how to set-up Apache on Fedora. Installing a basic set-up of Apache is really nothing to worry about. Please use the following command to install Apache together with the most common options (httpd and SSL).
sudo yum install httpd mod_ssl (Answer ‘y’ when prompted in Terminal.)
With the following commands we will customize our web server.
sudo mkdir /etc/httpd/conf/custom (The ‘mkdir’ command creates the directory – in this case ‘config’.)
sudo nano /etc/httpd/conf/custom/servername.conf (The ‘nano’ command creates a file – in this case ‘servername.conf’.)
We will now have to give our web server a name, which will be stored in the config file we have just created.
ServerName 123abc (It goes without saying, but ‘123abc’ shall be replaced with whatever the choice of your server’s name is going to be. Hit CTRL-O to write the file, and CTRL-X to return to the command-line.)
The final step in this setting-up Apache on Fedora guide is editing the main Apache configuration file. Execute the following command to open the file that you’ll need to edit.
sudo nano /etc/httpd/conf/httpd.conf
Scroll down to the far bottom, or hit CTRL-W to search for ‘*.conf’, and find the line where
Include conf.d/*.conf is written. Replace this line with the following, correct path, to the custom config file created above.
Include /etc/httpd/conf/custom/servername.conf (Save and exit the file.)
Congratulations! You have set-up a basic instance of Apache on Fedora. The only thing left is checking if the httpd service starts up automatically by using the following command.
sudo /sbin/chkconfig --list httpd
Your desired result is:
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
After each and every change, it is wise to test if our config file is free from errors. Use the following command to do so.
sudo /usr/sbin/apachectl configtest
If everything is alright, we can now restart the web server with the following command, which will gracefully restart Apache on Fedora for us.
sudo /usr/sbin/apachectl graceful
If everything went well, at least it did for me, you will now be able to access the server in a browser. Open a browser of choice (as long as it isn’t Internet Explorer – avoid at all costs) and enter your Cloud Server’s IP address. You will see now see an empty index page, since we didn’t upload any files yet. I guess I can say I now understand some more about working in a Unix Shell, and setting up Apache, as well as making it accessible, but secure. I will definitely review this Cloud Server Guide during the following days, and probably end up extending it some more, or adding a few images. The next step, however, is setting up the individual modules for Apache, as there are many of them that I’ll need before I will be able to physically move Poker For Free.
If you appreciate this guide, and have become interested in Rackspace’s Cloud Servers, please use my affiliate link: http://www.rackspacecloud.com/1724.html.