Pages

Thursday, 15 November 2012

How To Enable Remote Access To MySQL Database Server

If you want to remotely access to the database server from the web server or home, follow this quick tutorial.By default remote access to the MySQL database server is disabled for security reasons.

Step # 1: Login Using SSH (if server is outside your data center)

First, login over ssh to remote MySQL database server:
ssh user@server.nitingoura.com

Step # 2: Edit my.cnf File

Once connected you need to edit the MySQL server configuration file my.cnf using a text editor such as vi.
  • If you are using Debian Linux file is located at /etc/mysql/my.cnf location
  • If you are using Red Hat Linux/Fedora/Centos Linux file is located at /etc/my.cnf location
  • If you are using FreeBSD you need to create a file /var/db/mysql/my.cnf
Edit /etc/my.cnf, run:
# vi /etc/my.cnf

Step # 3: Once file opened, locate line that read as follows

For example, if your MySQL server IP is 192.168.2.25 then entire block should be look like as follows:
bind-address    = 127.0.0.1 192.168.2.25
# skip-networking
  • bind-address: IP address to bind to.
  • skip-networking: This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.

Step# 4 Save and Close the file

If you are using Debian / Ubuntu Linux, type the following command to restart the mysql server:
# /etc/init.d/mysql restart
If you are using RHEL / CentOS / Fedora / Scientific Linux, type the following command to restart the mysql server:
# /etc/init.d/mysqld restart
If you are using FreeBSD, type the following command to restart the mysql server:
# /usr/local/etc/rc.d/mysql-server stop
# /usr/local/etc/rc.d/mysql-server start

OR
# /usr/local/etc/rc.d/mysql-server restart

Step # 5 Grant access to remote IP address

Connect to mysql server:
$ mysql -u root -p

Grant access to a new database

If you want to add a new database called nitin for user goura and remote IP 10.0.0.2. then type following commands
mysql> CREATE DATABASE nitin;
mysql> GRANT ALL ON nitin.* TO goura@'10.0.0.2' IDENTIFIED BY 'PASSWORD';

Step # 7: Open port 3306

You need to open TCP port 3306 using iptables or BSD pf firewall.

A sample iptables rule to open Linux iptables firewall

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
OR only allow remote connection from your web server located at 10.0.0.5:
/sbin/iptables -A INPUT -i eth0 -s 10.0.0.5 -p tcp --destination-port 3306 -j ACCEPT
OR only allow remote connection from your lan subnet 192.168.1.0/24:
/sbin/iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --destination-port 3306 -j ACCEPT
Finally save all rules (RHEL / CentOS specific command):
# service iptables save

A sample FreeBSD / OpenBSD pf rule ( /etc/pf.conf)

pass in on $ext_if proto tcp from any to any port 3306
OR allow only access from your web server located at 10.0.0.5:
pass in on $ext_if proto tcp from 10.0.0.5 to any port 3306  flags S/SA synproxy state

Step # 8: Test it

From your remote system or your desktop type the following command:
$ mysql -u goura –h 192.168.2.25 –p
Where,
  • -u goura: goura is MySQL username
  • -h IP or hostname: 192.168.2.25 is MySQL server IP address
  • -p : for password
You can also use the telnet or nc command to connect to port 3306 for testing purpose:
$ echo X | telnet -e X 192.168.2.25 3306



Tuesday, 6 November 2012

OpenSSL on Ubuntu

First, log on to your server and install Apache:
# sudo apt-get install apache2
Now, install and enable SSL module:
# sudo a2enmod ssl
# sudo /etc/init.d/apache2 reload
Creation a directory on this location
# mkdir /etc/apache2/ssl
# cd /etc/apache2/ssl
Run these following commands
# openssl genrsa -des3 -out server.key 1024
# openssl req -new -key server.key -out server.csr
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
# chmod 0400 /etc/apache2/ssl/server.key
# chmod 0400 /etc/apache2/ssl/server.crt
# cp /etc/apache2/ssl/server.key server.key.orig
# openssl rsa -in server.key.orig -out server.key
# chmod 400 /etc/apache2/ssl/*


Find and edit the RED TEXT.
# vi /etc/apache2/sites-available/default-ssl
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key

Restart WebServer
/etc/init.d/apache2 restart

Thursday, 25 October 2012

How to configure Symfony 2.0 on Ubuntu Server 12.04

Download the framework from the Symfony website. Here's a link.
Either download the package directly to your /var/www directory or move it there yourself.
# cd /var/www
# wget -O symfony.tgz http://symfony.com/download?v=Symfony_Standard_Vendors_2.0.0BETA1.tgz
# tar xfz symfony.tgz
You'll now have a directory labelled Symfony in your /var/www directory.
Now navigate to http://localhost/Symfony/web/config.php.
Some comman requirements and warnings :
1. Install and enable the SQLite or PDO_SQLite extension. Just run these two commands. It doesn't matter what directory you're in.
#apt-get install php5-sqlite
#sudo apache2ctl restart
2. Change the permissions of the app/cache/ directory so that the web server can write into it.
#sudo chmod -R 777 /var/www/Symfony/app/cache
3. Change the permissions of the app/logs/ directory so that the web server can write into it.
#sudo chmod -R 777 /var/www/Symfony/app/logs
4. Set the date.timezone setting in php.ini. (like Europe/Paris).
#sudo vim /etc/php5/apache2/php.ini
Find the line with ;date.timezone = under the [Date] section, and set it to your timezone based on PHP's list of timezones. I chose America/New_York because sometimes I wish I lived there. Also, make sure to remove the semicolon at the beginning of the line!
#sudo service apache2 restart
5. Install and enable a PHP accelerator like APC (highly recommended).
#sudo apt-get install php-apc
#sudo apache2ctl restart
6. Install and enable the intl extension.
#sudo apt-get install php5-intl
#sudo apache2ctl restart
7. Set short_open_tag to off in php.ini.
#sudo vim /etc/php5/apache2/php.ini
Find the line with short_open_tag = On and change it to short_open_tag = Off

Configure

  1. At the end of the configuration script, it will try to write to /var/www/Symfony/app/config/parameters.ini, so we have to make sure it's writable.
    #Sudo chmod 777 /var/www/Symfony/app/config/parameters.ini

Wednesday, 24 October 2012

script to take a photo of my screen every five minute



sudo apt-get install scrot
#!/bin/bash
# ^This first line just tells linux which script language to use.
# We're using bash
# Because this script runs as a Cron-job, it runs as root and doesn't
# necessarily know which user you're logged in as.  For me, this says "use
# the default display, ie the first person logged in on the computer"
DISPLAY=:0
HOME=/home/vose
export DISPLAY
export HOME
# Create the screenshots directory in case it doesn't exist yet
mkdir -p /home/vose/Pictures/Screenshots/
# Delete any screenshots more than 7 days old.
find /home/vose/Pictures/Screenshots/ -type f -mtime +7 -delete
# Launch the browser (I use firefox for normal, so I'll use chrome for this)
# The "sudo -u vose ..." means "run the command as user `vose`". You'll
# You'll need to put your username in there...
# The "&" at the end means 'launch in the background', so the script
# can keep going.
echo "Opening the browser"
sudo -u vose chromium-browser http://google.com &
# This records the ProcessID (pid) of the last opened program
# (chromium) so we can kill it later
pid=$!
# Wait 10 seconds for the browser to open and page to load
# On a slow computer/connection/webpage you may need to wait longer
sleep 10
# Take the screenshot using scrot.  Save it to this file
scrot /home/vose/Pictures/Screenshots/screenshot_`date +%F-%H-%M-%S`.jpg
echo "Created screenshot_`date +%F-%H-%M-%S`.jpg"
# Kill the browser
kill $pid
Before you try go too far, stop and see if this works.
First, save the script above as takeScreenshot.sh.
Then from a terminal, type chmod +x takeScreenshot.sh (Chmod changes the permissions on a file, and '+x' means we're giving it permission to "execute" the script.)
Run ./takeScreenshot.sh from a command line - this will run the script manually. See if the file shows up in your pictures folder after doing this.
If that worked, we need to now add it to Cron.
At a command line, type sudo crontab -e. (If it asks you which editor, choose Nano. If you haven't used it before, ask around for some help).
In the file, you want to add a line at the bottom, like this:
# m h dom mon dow command
*/5 * * * * /home/vose/Scripts/takeScreenshot.sh
What this says:
Every 5 minutes
Every hour, every day-of-month, every month, every day-of-week
Run "/home/vose/Scripts/takeScreenshot.sh"