Installing Apache Module mod_maxminddb

On several of my sites, I target visitors based on their GEO location. To be able to do this I have installed an Apache module called mod_maxminddb which is the former mod_geoip2.

Installation is fairly easy. Download and extract the latest tarball file from Github:

For instance, get release 1.1.0 as follows:

wget https://github.com/maxmind/mod_maxminddb/releases/download/1.1.0/mod_maxminddb-1.1.0.tar.gz

Then extract the file to a temporary folder as follows:

tar xvzf mod_maxminddb-1.1.0.tar.gz

The next step is to install the module, so first ‘CD’ into the extracted directory, then follow these steps:

./configure
make install

The next step is to download the database and place it on your server. Again use wget and tar to do so, but first ‘CD’ to the proper directory where you want to store the mod_maxminddb database file:

wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz
tar xvzf GeoLite2-City.tar.gz

Finally, you have to enable it.

You can enable mod_maxminddb in your httpd.conf (/etc/httpd/conf/httpd.conf), in an include file such as httpd-phpmodules.conf (/etc/httpd/conf/extra/httpd-phpmodules.conf), or in an .htaccess file.

I personally prefer to put it in the include file. Here’s an example:

<IfModule mod_maxminddb.c>
    MaxMindDBEnable On
    MaxMindDBFile CITY_DB /usr/local/share/GeoIP/GeoLite2-City.mmdb

    MaxMindDBEnv MM_COUNTRY_CODE CITY_DB/country/iso_code
    MaxMindDBEnv MM_COUNTRY_NAME CITY_DB/country/names/en
</IfModule>

And now that we got it all working, here’s a real-life example of a site using the mod_maxminddb module:

You can see the flags on several locations determining if a visitor can use a certain betting site or not, and displaying the right content in the right order to visitors.

Create a Local Development Environment on a Mac

Open Terminal

I usually do this by open the search option and search for Terminal.

Install Homebrew aka Brew

The first thing we do is install Homebrew. With Homebrew you can really turn your Mac into the development machine of your dreams.

Here’s how you do it:

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Install Wget and Unzip

The next step is to install everything the other packages depend on. I am not getting into too much detail here. Here’s the list, just copy the command into Terminal and hit enter

Brew install wget
Brew install unzip
Brew install re2c

Install Apache

Brew install httpd

Add the Apache server to your start-up list so that it automatically starts when you reboot your Mac. Do this as follows:

brew services start httpd

Install and config PHP

Brew install php

Add PHP to your start-up list so that it automatically starts when you reboot your Mac. Do this as follows:

brew services start php

Edit php.ini. Mine is located in /usr/local/etc/php/7.3/.

Get SSH2 working on a Mac

Brew install openssl
Brew install libssh2

Download and install the PHP 7 module for SSH2. I personally like to keep my Mac as clean as possible, and if you also wish to do that I suggest you create a ‘src’ dir in your root, the CD into that dir and download and extract the zip file as stated below:

wget https://github.com/Sean-Der/pecl-networking-ssh2/archive/php7.zip
unzip php7.zip
cd pecl-networking-ssh2-php7
phpize
./configure
make
sudo make install

Now here comes the most tricky part of all.

If you are as unlucky as me you get a bunch of errors and warnings after running the make command. It took me half a day to figure out how to work around it, so here’s my solution:

The errors occur because they forgot to typecast variables in C, so we need to do this ourselves to get to the next step in this installation guide.

Edit ssh2_fopen_wrappers.c, I personally prefer doing this in an IDE like Visual Studio Code.

We only need to solve the errors, in my case three, since these are the reason the installation of the PHP module for SHH2 failed. I have bolded the invalid operants and will show you the fix below.

/src/pecl-networking-ssh2-php7/ssh2_fopen_wrappers.c:1248:42: error: invalid operands to binary expression (‘zend_string’ (aka ‘struct _zend_string’) and ‘int’)
if (resource->path && resource->path[0] == ‘/’) {

/src/pecl-networking-ssh2-php7/ssh2_fopen_wrappers.c:314:24: error: invalid operands to binary expression (‘zend_string’ (aka ‘struct _zend_string’) and ‘int’)
if (resource->host[0] == 0 && context &&

/src/pecl-networking-ssh2-php7/ssh2_fopen_wrappers.c:300:24: error: invalid operands to binary expression (‘zend_string’ (aka ‘struct _zend_string’) and ‘int’)
if (resource->host[0] == 0 && context && psftp &&

Looking at the details of the error message we can see that we need to typecast integers into strings, and therefore we wrap the (bolded) variables with typecast functions itoa().

  • itoa(resource->path[0]) == ‘/’
  • itoa(resource->host[0]) == 0
  • itoa(resource->host[0]) == 0

That’s it, we can now move on, run make once more, and finish this part of the installation by running sudo make install. But remember where the files are installed, you well need to use this location later. Mine are placed in /usr/local/Cellar/libssh2/1.8.0.

Edit php.ini again and add extension=ssh2.so.

Brew install autoconf

Install MySQL server

Brew install mysql

Again, if you want to have MySQL in your start-up list, you can do so with the following command:

brew services start mysql

The first time you will have to log in as the root user, and you don’t need a password.

mysql -u root

Once logged in we will have to create a new user, grant him the required privileges and the alter him so the user can also log into phpMyAdmin. Here’s how you do it:

CREATE USER 'giorgio'@'localhost' IDENTIFIED BY 'PASSWORD';

GRANT ALL PRIVILEGES ON *.* TO 'giorgio'@'localhost'
WITH GRANT OPTION;

ALTER USER 'giorgio'@'localhost' IDENTIFIED WITH mysql_native_password BY 'PASSWORD';

You can, of course, use any username, and don’t forget to change the default password ‘PASSWORD’ into something slightly more secured…

Since this is my development machine, I prefer to keep user root without a password. It might save me a lot of frustration at some point.

To exit MySQL you can type \q and hit enter.

Install PHPMyAdmin

To install PHPMyAdmin and make it work, you will also have to edit the httpd.conf file. Here are the steps to take:

Brew install phpmyadmin

To enable phpMyAdmin you will have to add the following code to httpd.conf:

Alias /phpmyadmin /usr/local/share/phpmyadmin
<Directory /usr/local/share/phpmyadmin/>
   Options Indexes FollowSymLinks MultiViews
   AllowOverride All
   <IfModule mod_authz_core.c>
      Require all granted
   </IfModule>
   <IfModule !mod_authz_core.c>
      Order allow,deny
      Allow from all
   </IfModule>
</Directory>

Finally, restart Apache and browse to http://localhost/phpmyadmin, and voilà!

Here’s a really good guide about SASS, I suggest you scan it to understand what SASS is all about.

Install SASS

If you are a web developer like me, you might find it cool to install SASS as well. Here’s how you do it with Homebrew:

brew install sass/sass/sass

(Note to self) Here’s how you compile and compress (minify) your sass files:

sass style.scss:../stylesheets/style.css --style compressed

Install Pure-FTPD

Brew install pure-ftpd

I will add some more details about creating a Pure-FTPD user and everything related. But first, here’s a bonus:

Add a domain to your host file for local development

sudo nano /etc/hosts

And add your domain as follows, pointing to 127.0.0.1 which is your localhost:

127.0.0.1    domain.com    www.domain.com

And don’t forget, you must also flush your Mac’s DNS cache with the following command:

sudo killall -HUP mDNSResponder

Install Laravel and Homestead

Step by step guide to install Laravel including Homestead:

  1. Download Composer
  2. Download (the installer) and install Laravel using the following command in Terminal:
    composer global require "laravel/installer"
  3. Download VirtualBox, then double-click the package to install it
  4. Download Vagrant, then double-click the package to install it
  5. Add the Vagrant box to Laravel using the following command in Terminal:
    vagrant box add laravel/homestead
  6. Make sure to pick choice 3 (which stands for the VirtualBox provider) when asked
  7. Clone the Homestead GIT repository using the following command in Terminal:
    git clone https://github.com/laravel/homestead.git ~/Homestead
  8. Change to the Homestead directory using the following command in Terminal:
    cd ~/Homestead
  9. Check out the latest Homestead GIT repository using the following command in Terminal:
    git checkout v7.17.0

    Note: Make sure to pick the latest stable Homestead GIT repository version here

  10. Terminal:
    bash init.sh

    Note: This will generate the initial Homestead.yaml file in the Homestead install directory, which I’ll explain in more details below

Homestead.yaml

The Homestead.yaml comes with default settings. The most important changes I make are folders, sites, and databases.

Folders

folders:
- map: path/to/your/host-os/directory
  to:  path/to/your/guest-os/directory

The host-os directory is where your project’s files will be stored. Here’s a real-life example:

folders:
- map: /Applications/MAMP/htdocs/vagrant/code/project1
  to:  /home/vagrant/code/project1

Sites

sites:
- map: project1.dev
  to:  /home/vagrant/code/project1/public

You must also edit your local host file, using the following Terminal command:

sudo nano /etc/hosts

For example:

192.168.10.10 project1.dev # The IP should be the same as set in the Homestead.yaml configuration file.

When ready use the following Terminal command:

vagrant up

Or in case of an edit use the following Terminal command:

vagrant reload --provision

Troubleshooting Homestead

If you have a headache to get Homestead running as it should, perhaps because of the “No input file specified.” message like I have experienced, here comes the solution:

  • folders: map is the actual location of your files, locally
  • folders: to is the location on your virtual machine
  • sites: map is the name of your project (this is a dummy domain, don’t forget to edit your hosts file)
  • sites: to is the location where your files are hosted on your virtual machine (comparable to the location on a remote server)

How to recover a deleted folder on a Mac

I accidentally deleted MAMP, including the htdocs folder containing most of my projects past my latest back-up dating from February 2018. This happened yesterday when I was making a back-up from my MacBook Pro which I wanted to reinstall from scratch after being sick of its slow performance.

I uninstalled MAMP actually, however, this should be kind of the same as deleting it. Now I want my files back! But how?

I am trying various kind of recovery programs and had some success before using Prosoft’s Data Rescue and TestDisk. So I am running these again.

For Data Rescue, I had to buy a new external hard drive (which I needed anyway) to create a so-called Data Recovery Drive. I first tried to install this on an SD card, but this seemed to take forever, so I canceled it. But also on the external HD, it is really bothering slow!

TestDisk, on the other hand, is a small app that runs in Terminal. It’s a little bit more complicated without a GUI, but the documentation is pretty clear. Best of all this one is free! The forum is also quite helpful, you can find it here. At the time being I have posted a question, and by the looks of it they even get answered, so let’s see how long it takes.

To be continued…

Updating mod_pagespeed can be a pain in the @ss

Just a quick reminder to self, since simply updating mod_pagespeed doesn’t seem to be able by just running yum update. If you have installed mod_pagespeed building from the source, as I have, you will probably run into the following issue:

"httpd >= 2.2 is needed by mod-pagespeed"

Here is a quick and dirty solution that has worked for me.

1) Remove the old version with this command:

yum remove mod-pagespeed-stable.x86_64

2) Follow these steps to update mod_pagespeed to the latest version:

cd ~
yum install at
wget https://dl-ssl.google.com/dl/linux/direct/mod-pagespeed-stable_current_x86_64.rpm
rpm -i --nodeps mod-pagespeed-stable_current_x86_64.rpm

Updating Discover Car Navigation on Mac

Today I tried updating my Volkswagen navigation to the latest available version, which can be downloaded from the Volkswagen site (in Dutch) for free, or at least for a specified amount of time after it was manufactured. Originally it used to be three years, but a blog post mentioned the updates will be available up to five years after the navigation will be taken out of production.

So I took out the current SD card from my car and made a back-up of it. Then I downloaded the correct update, unzipped it with Keka, which I downloaded just to be sure that the 7-zipped files from Volkswagen would unzip without corrupting any files.

Street names went missing after updating of Discover navigation

After I copied all of the files to the newly formatted SD card, I used Disk Utility to format it with the MS-Dos (FAT) format, I inserted it in my car and found out that the street names and road names were not showing up, but the maps were working fine.

So I did some research on Google to figure out what the hell was going on and I found out that other people using a Mac where facing the same problem. Someone mentioned an application named HiM, which can be downloaded from Macupdate, and can be used to delete hidden files from volumes created on a Mac. In my case, I simply dragged and dropped the SD card containing the navigation update into the HiM window, to delete folders like .Trashes and .Spotlight.

That did it, because after I inserted the SD card into my car, the streets were showing up as expected.

Good luck with updating your car navigation. By the way, this also applies to Discover car navigations for Audi, Seat and Skoda cars.

Global protection of all wp-login.php files

Here’s another short post about protecting wp-login.php files on your server from Brute Force Attacks, which can drastically increase your server load. Mine was constantly up to 90% making my server completely inaccessible.

.htaccess or not .htaccess

Adding the following code to your .htaccess files is a solution, but if you have tons of sites like me, you don’t want to manually have to upload .htaccess and .htpasswd files. Instead, you want to handle this at once, globally and server-wide. Here’s how I did it:

First of all, you need to find out if your httpd.conf file is an autogenerated file, or if you can manually edit it (without it being regenerated after an update.)

Usually, modifications go into the pre_main_global.conf include file. If this is also the case for you, make sure this is included in your active httpd.conf file.

Edit pre_main_global.conf and add the following code:

<Files ~ "^\.ht">
Require all denied
</Files>

<Files wp-login.php>
AuthUserFile /var/htpass/.htpasswd
AuthName "Private access"
AuthType Basic
require user yourloginname
</Files>

Rename “yourloginname” to whatever login name you like.

Create the directory to store your .htpasswd file as follows:

mkdir /var/htpass/

You can generate a .htpasswd file here: http://www.htaccesstools.com/htpasswd-generator/, make sure to use the same login name as chosen before. Any password you want will do, also an empty password if that’s what you want.

Finally, save your .htpasswd file in the previously created directory, in this example we suggested /var/htpass/.

Assuming the pre_main_global.conf gets included as it should, the only thing left is to restart Apache. Use the following command to do so:

service httpd restart

Alternatively, you can restart Apache from DirectAdmin or WHM. Voila, you are now asked for a User Name and Password each time you access your wp-login.php file to login into WordPress.

Voila, you are now asked for a User Name and Password each time you access your wp-login.php file to login into WordPress.

What an Ordeal – I have Crashed and Reinstalled my CentOS VPS

It’s been an ordeal last night, working until 4:30 pm, but after two hours of sleep, I am now on my way back re-installing my VPS from scratch.

When I started experimenting with Google Pagespeed (mod_pagespeed) I just took it a bit too far and wanted too much at the same time. Besides installing and tweaking the speed module, I also tried to update my server to HTTP/2 and wanted to update PHP to it’s latest version 7.1.3.

Mod_pagespeed never was the problem. I actually got it working, and set-up as follows. If you care about speed, this is just the configuration you’ll need. Before you start, make sure to benchmark your server using a tool such as https://tools.pingdom.com/ or PageSpeed Insights. Open you pagespeed.conf file with the following command:

nano /etc/httpd/conf.d/pagespeed.conf

If you are running WordPress just like I am, and also make use of PHPMyAdmin, then add the following two location dependencies to the beginning of the pagespeed.conf file:

<Location /wp-admin/>
ModPagespeed Off
</Location>

<Location /phpmyadmin/>
ModPagespeed Off
</Location>

You’ll also want to have access to the Pagespeed Admin, the Pagespeed Statistics and the Pagefeed Messages. You can do so by adding the following code to your pagespeed.conf file:

ModPagespeedStatistics on
ModPagespeedStatisticsLogging on
ModPagespeedLogDir /usr/local/apache/logs
ModPagespeedMessageBufferSize 100000
<Location /mod_pagespeed_statistics>
<IfModule mod_rewrite.c>
RewriteEngine Off
</IfModule>
Order deny,allow
Allow from localhost
Allow from <OFFICE IP>
SetHandler mod_pagespeed_statistics
</Location>
<Location /mod_pagespeed_message>
<IfModule mod_rewrite.c>
RewriteEngine Off
</IfModule>
Order deny,allow
Allow from localhost
Allow from <OFFICE IP>
SetHandler mod_pagespeed_message
</Location>
<Location /pagespeed_admin>
<IfModule mod_rewrite.c>
RewriteEngine Off
</IfModule>
Order deny,allow
Allow from localhost
Allow from <OFFICE IP>
SetHandler pagespeed_admin
</Location>

Finally, tell mod_pagespeed which Pagespeed Filters you want enabled, as follows:

ModPagespeedEnableFilters inline_import_to_link
ModPagespeedEnableFilters flatten_css_imports
ModPagespeedEnableFilters combine_css
ModPagespeedEnableFilters rewrite_css
ModPagespeedEnableFilters prioritize_critical_css
ModPagespeedEnableFilters move_css_to_head
ModPagespeedEnableFilters move_css_above_scripts
ModPagespeedEnableFilters combine_javascript
ModPagespeedEnableFilters rewrite_javascript
ModPagespeedEnableFilters defer_javascript
ModPagespeedEnableFilters remove_comments
ModPagespeedEnableFilters collapse_whitespace
ModPagespeedEnableFilters sprite_images
ModPagespeedEnableFilters lazyload_images
ModPagespeedEnableFilters recompress_png
ModPagespeedEnableFilters convert_png_to_jpeg
ModPagespeedEnableFilters convert_jpeg_to_webp
ModPagespeedEnableFilters rewrite_images

Please have a look here how each of these filters will help to make your server faster.

HTTP/2 Protocol

After reading this article on Yoast, I became interested in the HTTP/2 Protocol, mod_http2, which can be used for performance optimization. Upgrading to HTTP/2 should speed up your web server significantly, and so I found this step by step tutorial on how to set-up HTTP/2 on your server or VPS. Have a look for yourself, but sure to know what you do as this has caused major problems for at my first attempt to get HTTP/w working. By all means, I have spent hours getting everything to work, so be really careful!

Once you have everything running smoothly, have a look here for a list of HTTP/2 test sites and other methods to see if it works as it should.

LetsEncrypt

I am just posting this here for future reference:

  1. https://help.directadmin.com/item.php?id=641&in1=letsencrypt&in2=1 (This one makes DirectAdmin secure.)
  2. https://help.directadmin.com/item.php?id=648
  3. https://help.directadmin.com/item.php?id=15

If you have updated Apache to work with HTTP/2, make sure to configure the correct web root path in the httpd.conf file.

Don’t forget to enable SNI, which is an extension to the TSL Protocol, in DirectAdmin, this will allow you to use multiple certificates for one IP address. You can do so as follows:

grep -q 'enable_ssl_sni=1' /usr/local/directadmin/conf/directadmin.conf || echo 'enable_ssl_sni=1' >> /usr/local/directadmin/conf/directadmin.conf

Credits: https://www.transip.nl/forum/post/prm/4543 (This is a Dutch written article.)