≡ Menu

nginx logoTutorial berikut ini adalah menjelaskan bagaimana cara membuat sebuah web server yang powerful pada Linux Debian 7 (Wheezy) dengan LEMP Stack. LEMP merupakan sebah singkatan dimana L adalah Linux, lalu E adalah Engine X atau biasa di sebut NginX dan M sendiri adalah MariaDB kadang M bisa juga sebagai Mysql dan P adalah PHP.

Berikut langkah-langkah untuk membuat LEMP (Linux + Nginx + MariaDB + PHP) pada Debian 7 (Wheezy)

Karena saya menggunakan VPS idROOT Hosting yang berlokasi di Indonesia, Maka repositori LEMP, saya menggunakan yang ada di indonesia seperti KAMBING (Kambing.UI.ac.id) dan Biznet Network (Biz.net.id) untuk repositori MariaBD

Langkah 1: Ubah repositori utama debian ke Kambing.UI.ac.id

Untuk mengubah repositori pada debian, silakan buka file /etc/apat/source.list

deb http://kambing.ui.ac.id/debian/ wheezy main
deb-src http://kambing.ui.ac.id/debian/ wheezy main
deb http://kambing.ui.ac.id/debian/ wheezy-updates main
deb-src http://kambing.ui.ac.id/debian/ wheezy-updates main
deb http://kambing.ui.ac.id/debian-security/ wheezy/updates main contrib non-free
deb-src http://kambing.ui.ac.id/debian-security/ wheezy/updates main contrib non-free

Langkah 2: Tambahkan repo DotDEB (Kambing.UI.ac.id)

# mirror DOTDEB Kambing UI for NGINX
deb http://kambing.ui.ac.id/dotdeb/ wheezy all
deb-src http://kambing.ui.ac.id/dotdeb/ wheezy all

# Hapus komentar dari link dibawah jika ingin menggunakan 
# mirror DOTDEB Kambing UI untuk PHP 5.4
#deb http://kambing.ui.ac.id/dotdeb/ wheezy-php54 all
#deb-src http://kambing.ui.ac.id/dotdeb/ wheezy-php54 all

# Hapus komentar dari link dibawah jika ingin menggunakan 
# mirror DOTDEB Kambing UI untuk PHP 5.5
#deb http://kambing.ui.ac.id/dotdeb/ wheezy-php55 all
#deb-src http://kambing.ui.ac.id/dotdeb/ wheezy-php55 all

# Hapus komentar dari link dibawah jika ingin menggunakan 
# mirror DOTDEB Kambing UI untuk PHP 5.6
deb http://kambing.ui.ac.id/dotdeb/ wheezy-php56 all
deb-src http://kambing.ui.ac.id/dotdeb/ wheezy-php56 all

Fetch dan install the GnuPG key

wget http://www.dotdeb.org/dotdeb.gpg
sudo apt-key add dotdeb.gpg

Langkah 3: Tambahkan repo MariaDB (Biznet Networks, Indonesia)

Jalankan perintah berikut untuk menambahkan MariaDB kedalam sistem

sudo apt-get install python-software-properties
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
sudo add-apt-repository 'deb http://mariadb.biz.net.id//repo/10.0/debian wheezy main'

Langkah 4: Update Apt-Get

sudo apt-get update
sudo apt-get upgrade

Langkah 5: Hapus Apache and Install Nginx Web server

Untuk menghapus Apache Web server sampai bersih, jalan perintah berikut

apt-get purge apache*
rm -rf /etc/apache2

Langkah 5: Instalasi NginX Web Server

apt-get install nginx

Langkah 6: Konfigurasi NginX

Untuk konfigurasi nginx, buka file /etc/nginx/sites-available/default dan sesuaikan isinya dengan yang berikut:

 [...]
server {
        listen   80;
     

        root /usr/share/nginx/www;
        index index.php index.html index.htm;

        server_name example.com;

        location / {
                try_files $uri $uri/ /index.html;
        }

        error_page 404 /404.html;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
              root /usr/share/nginx/www;
        }

        # pass the PHP scripts to FastCGI server listening on /var/run/php5-fpm.sock
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
                
        }

}
[...]

Langkah 7: Instalasi MariaDB

Untuk melakukan instalasi MariaDB jalankan perintah berikut:

apt-get install mariadb-server

Mengamankan instalasi MariaDB

[email protected]:~# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

You already have a root password set, so you can safely answer 'n'.

Change the root password? [Y/n] n
 ... skipping.

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
 - Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
 ... Failed!  Not critical, keep moving...
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

Langkah 8: Installasi dan Konfigurasi PHP

Untuk instalasi PHP, jalankan perinta berikut:

apt-get install php5-fpm php5-mysql

Untuk konfigurasi PHP, pertama buka file /etc/php5/fpm/php.ini lalu cari cgi.fix_pathinfo=1 dan ubah angka 1 menjadi 0, menjadi seperti berikut:

cgi.fix_pathinfo=0

setelah itu buka file /etc/php5/fpm/pool.d/www.conf lalu cari listen = 127.0.0.1:9000 dan ubah 127.0.0.1:9000 menjadi /var/run/php5-fpm.sock sehingga tampak seperti berikut ini

listen = /var/run/php5-fpm.sock

Lalu restart NginX dan php-fpm

service nginx restart
service php5-fpm restart


Langkah 9: Verifikasi

Untuk memastikan NginX, MariaDB dan PHP sudah terinstal dengan baik, silakan jalankan perintah berikut

[email protected]:~# php -v
PHP 5.6.4-1~dotdeb.1 (cli) (built: Dec 19 2014 20:14:24)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.6.0, Copyright (c) 1998-2014 Zend Technologies
    with Zend OPcache v7.0.4-dev, Copyright (c) 1999-2014, by Zend Technologies

[email protected]:~# mysql -V
mysql  Ver 15.1 Distrib 10.1.2-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

[email protected]:~# nginx -v
nginx version: nginx/1.2.1

Setelah itu buatkan sebuah file phpinfo untuk memastikan PHP sudah berjalan dengan baik

nano /usr/share/nginx/www/info.php

lalu isi dengan


dan buka file tersebut melaui web browser http://ip-anda/info.php

Apabila instalasi sudah berhasil maka akan muncul gambar berikut:

phpinfo

Demikianlah langkah-langkah untuk membuat sebuah web server pada sistem operasi Debian 7 (Wheezy) dengan LEMP (Linux + NginX + MariaDB 10 + PHP 5.6) Stack, semoga tutorial tersebut dapat bermamfaat.

{ 0 comments }

Default max file size limit that can be sent and received in cPanel (Exim Mail Server) is 50 MB, and How to Limit Maximum Email Size or Email Attachment ?

To Limit Maximum Email Size do the following,

  1. Login to cPanel/WHM as root
  2. Under Service Configuration, Click “exim Configuration Manager”
  3. Click “Advanced Editor”
  4. Scroll down and Click “Add additional Configuration Setting”
  5. Find “message_size_limit” in pull-down list and choose
  6. Enter limit that you want to change to
  7. Scroll to bottom and click “save”
{ 0 comments }

Varnish 4 Configuration to Optimize WordPress

varnish cache logoVarnish is a cache, which means its role is to store and remember what a web application serves to the user the first time the content is accessed. Then it can serve the same content again for subsequent requests without asking the web application again.

It can be used to serve static content, such as images, scripts, or stylesheets, because Varnish is blazingly fast and copes with traffic much better than Apache does. It can also be used to cache quasi-static content; that is, content that is generated dynamically by the application (using the database and taking a considerable amount of time to prepare), but that stays unchanged for a period of time, making the content suitable for caching.

Put the following code at default.vcl

#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.

# Update for work with Varnish 4


# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;

# Default backend definition. Set this to point to your content server.
backend default {
    .host = "127.0.0.1";
    .port = "8080";
    .connect_timeout = 600s;
    .first_byte_timeout = 600s;
    .between_bytes_timeout = 600s;
    .max_connections = 800;
}

# Only allow purging from specific IPs
acl purge {
    "localhost";
    "127.0.0.1";
}

# This function is used when a request is send by a HTTP client (Browser) 
sub vcl_recv {
	# Normalize the header, remove the port (in case you're testing this on various TCP ports)
	set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");

	# Allow purging from ACL
	if (req.method == "PURGE") {
		# If not allowed then a error 405 is returned
		if (!client.ip ~ purge) {
			return(synth(405, "This IP is not allowed to send PURGE requests."));
		}	
		# If allowed, do a cache_lookup -> vlc_hit() or vlc_miss()
		return (purge);
	}

	# Post requests will not be cached
	if (req.http.Authorization || req.method == "POST") {
		return (pass);
	}

	# --- WordPress specific configuration
	
	# Did not cache the RSS feed
	if (req.url ~ "/feed") {
		return (pass);
	}

	# Blitz hack
        if (req.url ~ "/mu-.*") {
                return (pass);
        }

	
	# Did not cache the admin and login pages
	if (req.url ~ "/wp-(login|admin)") {
		return (pass);
	}
	
	 # Do not cache the WooCommerce pages
	 ### REMOVE IT IF YOU DO NOT USE WOOCOMMERCE ###
	if (req.url ~ "/(cart|my-account|checkout|addons|/?add-to-cart=)") {
        	return (pass);
    	}

	# Remove the "has_js" cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "has_js=[^;]+(; )?", "");

	# Remove any Google Analytics based cookies
	set req.http.Cookie = regsuball(req.http.Cookie, "__utm.=[^;]+(; )?", "");

	# Remove the Quant Capital cookies (added by some plugin, all __qca)
	set req.http.Cookie = regsuball(req.http.Cookie, "__qc.=[^;]+(; )?", "");

	# Remove the wp-settings-1 cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-1=[^;]+(; )?", "");

	# Remove the wp-settings-time-1 cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "wp-settings-time-1=[^;]+(; )?", "");

	# Remove the wp test cookie
	set req.http.Cookie = regsuball(req.http.Cookie, "wordpress_test_cookie=[^;]+(; )?", "");

	# Are there cookies left with only spaces or that are empty?
	if (req.http.cookie ~ "^ *$") {
		    unset req.http.cookie;
	}
	
	# Cache the following files extensions 
	if (req.url ~ "\.(css|js|png|gif|jp(e)?g|swf|ico)") {
		unset req.http.cookie;
	}

	# Normalize Accept-Encoding header and compression
	# https://www.varnish-cache.org/docs/3.0/tutorial/vary.html
	if (req.http.Accept-Encoding) {
		# Do no compress compressed files...
		if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
			   	unset req.http.Accept-Encoding;
		} elsif (req.http.Accept-Encoding ~ "gzip") {
		    	set req.http.Accept-Encoding = "gzip";
		} elsif (req.http.Accept-Encoding ~ "deflate") {
		    	set req.http.Accept-Encoding = "deflate";
		} else {
			unset req.http.Accept-Encoding;
		}
	}

	# Check the cookies for wordpress-specific items
	if (req.http.Cookie ~ "wordpress_" || req.http.Cookie ~ "comment_") {
		return (pass);
	}
	if (!req.http.cookie) {
		unset req.http.cookie;
	}
	
	# --- End of WordPress specific configuration

	# Did not cache HTTP authentication and HTTP Cookie
	if (req.http.Authorization || req.http.Cookie) {
		# Not cacheable by default
		return (pass);
	}

	# Cache all others requests
	return (hash);
}
 
sub vcl_pipe {
	return (pipe);
}
 
sub vcl_pass {
	return (fetch);
}
 
# The data on which the hashing will take place
sub vcl_hash {
 	hash_data(req.url);
 	if (req.http.host) {
     	hash_data(req.http.host);
 	} else {
     	hash_data(server.ip);
 	}

	# If the client supports compression, keep that in a different cache
    	if (req.http.Accept-Encoding) {
        	hash_data(req.http.Accept-Encoding);
	}
     
	return (lookup);
}
 
# This function is used when a request is sent by our backend (Nginx server)
sub vcl_backend_response {
	# Remove some headers we never want to see
	unset beresp.http.Server;
	unset beresp.http.X-Powered-By;

	# For static content strip all backend cookies
	if (bereq.url ~ "\.(css|js|png|gif|jp(e?)g)|swf|ico") {
		unset beresp.http.cookie;
	}

	# Only allow cookies to be set if we're in admin area
	if (beresp.http.Set-Cookie && bereq.url !~ "^/wp-(login|admin)") {
        	unset beresp.http.Set-Cookie;
    	}

	# don't cache response to posted requests or those with basic auth
	if ( bereq.method == "POST" || bereq.http.Authorization ) {
        	set beresp.uncacheable = true;
		set beresp.ttl = 120s;
		return (deliver);
    	}
 
    	# don't cache search results
	if ( bereq.url ~ "\?s=" ){
		set beresp.uncacheable = true;
                set beresp.ttl = 120s;
                return (deliver);
	}
    
	# only cache status ok
	if ( beresp.status != 200 ) {
		set beresp.uncacheable = true;
                set beresp.ttl = 120s;
                return (deliver);
	}

	# A TTL of 24h
	set beresp.ttl = 24h;
	# Define the default grace period to serve cached content
	set beresp.grace = 30s;
	
	return (deliver);
}
 
# The routine when we deliver the HTTP request to the user
# Last chance to modify headers that are sent to the client
sub vcl_deliver {
	if (obj.hits > 0) { 
		set resp.http.X-Cache = "cached";
	} else {
		set resp.http.x-Cache = "uncached";
	}

	# Remove some headers: PHP version
	unset resp.http.X-Powered-By;

	# Remove some headers: Apache version & OS
	unset resp.http.Server;

	# Remove some heanders: Varnish
	unset resp.http.Via;
	unset resp.http.X-Varnish;

	return (deliver);
}
 
sub vcl_init {
 	return (ok);
}
 
sub vcl_fini {
 	return (ok);
}
{ 0 comments }

outlook logoMicrosoft will release a new feature in Outlook email service , where users will be able to save Outlook email files or email attachments directly to OneDrive cloud storage.

As reported IB Times , Monday ( 12/01/2015 ) , for now the feature is still in limited release . In the next few weeks , Microsoft will expand its availability to all users of Outlook on a global basis.

How does it work? Outlook users can check their e-mail functionality in by clicking any attachment . Without the need to select the option ‘ Save to OneDrive ‘ , attachments are automatically saved to OneDrive integrated with the user’s email account .

Attachment is then available to be viewed and edited at any time . The users in the business will be greatly assisted when the function is released in full later . No need to complain of hard disk capacity is insufficient and did not bother to transfer files manually or new attachment to OneDrive .

With the addition of this function is expected to add to the appeal of the Outlook users . Google competitors , already allows Gmail users to save files and attachments directly to Google Drive .

ref: inet.detik.com

{ 0 comments }

Kloxo: Error Ketika Membuat Sub Domain

kloxo logoKetika anda ingin membuat sebuah sub domain pada kloxo, kadang suka muncul sebagai berikut :

Alert: could_not_add_mail [Error – no authentication database connection. Initial open.]

Solusi untuk menghilangkan error tersebut:

1. Reset password MySql melalui Kloxo -> Mysql Password Reset
2. Setelah MySql password di reset, lalu jalankan command berikut melalui ssh

/script/upcp
/script/fixvpop
/script/fixmail

Semoga bisa membantu

{ 0 comments }

Remote Desktop pada Linux dengan FreeNX

freeNXBagi pengguna sistem operasi windows sudah tidak asing lagi dengan istilah Remote Desktop yang berfungsi untuk mengakses sebuah komputer baik itu desktop maupun server secara remote.

Sekarang bagaimana ketika kita mempunyai sebuah komputer yang berisikan sistem operasi linux dapat di akses secara remote, dimana lazimnya sebuah komputer dengan OS linux terbiasa diakses melalui konsol atau CLI melalui protokol ssh.

Sebetulnya ada beberapa alternatif untuk melakukan remote akses terhadap komputer dengan sistem operasi linux, salah satunya dengan menggunakan VNC, tetapi menurut pengalaman saya sebuah VNC server cukup berat untuk diakses melalui internet apabila diakses dengan menggunakan koneksi internet yang terbatas.

Di sini saya coba berikan alternatif selain VNC yaitu dengan FreeNX server, dimana memiliki beberapa kelebihan seperti akses yang relatif lebih stabil dan cepat serta yang paling saya suka adalah bisa restore beberapa session login ke server.

Berikut ini adalah langkah-langkah untuk instalasi FreeNX dimana saya menggunakan sistem operasi CentOS 6.5

Langkah 1: Instalasi gnome

Apabila ketika pertama kali anda melakukan instalasi centos dalam bentuk minimal, anda harus tambahkan desktop environment terlebih dahulu, dalam hal ini saya menggunakan gnome.

[[email protected] ~]# yum groupinstall -y 'Desktop' nano

Langkah 2 : Instalasi FreeNX server

[[email protected] ~]# yum install nx freenx

Langkah 3 : Konfigurasi FreeNX Server

ubah konfigurasi pada node.conf

[[email protected] ~]# nano /etc/nxserver/node.conf

cari baris tulisan ENABLE_PASSDB_AUTHENTICATION dan ubah menjadi

ENABLE_PASSDB_AUTHENTICATION="1"

lalu simpan dengan pencet ctrl+O dan keluar dengan ctrl+X

Tambahkan user pada centos

[[email protected] ~]# adduser asep

Tambahkan password pada asep

[[email protected] ~]# passwd asep

Tambahkan user pada database nxserver

[[email protected] ~]# nxserver --adduser asep

Tambahkan password untuk asep

[email protected] ~]# nxserver --passwd asep

Restart nxserver

[email protected] ~]# /etc/init.d/freenx-server restart

Saat ini komputer linux anda sudah siap untuk di-remote. pada distro linux (linux mint) saya biasa menggunakan remmina sebagai remote desktop client, untuk pengguna windows, anda bisa menggunakan NX Client dari Nomachine atau bisa juga menggunakan OpenNX

Janaan lupa untuk menambahkan key sebagai autentifikasi ke nxserver, key tersebut terdapat di /etc/nxserver/ dengan nama file client.id_dsa.key

asep-nx_001

{ 0 comments }

Android 4.3 Jelly BeanGoogle has finally released the latest version of the Android operating system 4.3 Jelly Bean. Version 4.3 is still in Jelly Bean family, but Google ensure that this update will bring several new features that make Android more secure and comfortable.

Good news for gamers. Android 4.3 has support OpenGL ES 3.0, which enables developers to make better games in terms of graphics in Android devices.

Android 4.3 also has a new keyboard with auto correction better. Also there is a little update on the side where the camera icon is changed.

New features are present in Android 4.3 is the multi-user with additional features Profiles Restricted. This feature allows users to create multiple accounts and customize any contents that can only be opened by a particular account. This feature is very useful for those of you who frequently lend your Android device on your baby or your friends.

Google also including DRM APIs that allows media companies to show its contents. For example, high definition streaming video is more easily done.

Android 4.3 Jelly Bean will be available first for the Nexus 4, Nexus 7, Nexus 10, and Samsung Galaxy S4 Google Edition.

ref: kaskus

{ 0 comments }

How To Fix Error FTP in Kloxo

If you get an error when using FTP (Pure-FTP) in kloxo, you can try the following solution:

step 1: Download And Install Pure-Ftp

yum downgrade pure-ftpd

step 2: Update Kloxo

/script/upcp

step 3: Clean Up Kloxo

/script/cleanup
{ 0 comments }

When you click on “Edit DNS Zone” and there are a lot of DNS zones that are missing from the listbox but the websites (and all the stuff such as email, databases, etc.) for these domains work perfectly.

To fix this problem, just running the following command in ssh terminal

# /scripts/rebuilddnsconfig
# /scripts/restartsrv_named
{ 0 comments }

The following is a table comparison between InnoDB with MyISAM

                                             My ISAM   InnoDB
Required full text Search                      Yes
Require Transactions                                    Yes
frequent select queries                        Yes
frequent insert,update,delete                           Yes
Row Locking (multi processing on single table)          Yes
Relational base design                                  Yes

There is minor problem that MyISAM did not support Transactions and innoDB are more relialbe on atomicity. But you can solve that problem by your own programmming design, you can achieve that by random no method, you can achieve parallelism also

Here is a simple shell script to automatically Convert MySql Database from InnoDB to MyISAM.

#!/bin/bash

MYSQLCMD=mysql

for db in 'echo show databases | $MYSQLCMD | grep -v Database'; do
        for table in 'echo show tables | $MYSQLCMD $db | grep -v Tables_in_'; do
                TABLE_TYPE='echo show create table $table | $MYSQLCMD $db | sed -e's/.*ENGINE=([[:alnum:]]+)[[:space:]].*/1/'|grep -v 'Create Table''
                if [ $TABLE_TYPE = "InnoDB" ] ; then
                        mysqldump $db $table > $db.$table.sql
                        echo "ALTER TABLE $table ENGINE = MyISAM" | $MYSQLCMD $db
                fi
        done
done
{ 0 comments }