Jump to content

Search the Community

Showing results for tags 'TUTORIAL'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Support
    • Announcements and Updates
    • Frequently Asked Questions
    • Suggestions
    • Bugs
    • Forum rules!
    • Members groups privileges
  • General Discussion
    • Off-topic Lounge
    • BBF Forum Lounge
    • Thanks for Donations
  • BBF trusted
    • BBF trusted Forum Lounge
    • BackLinks
  • BBF Share exclusive
    • BBF exclusive share
  • BBF Share
    • BBF Buys
    • Software, Scripts, Tools and Bots
    • Design & Templates & Themes
    • Wowonder
    • Wordpress
    • Joomla
    • Drupal
    • Socialkit
    • PrestaSHOP
    • OpenCart
    • IPS Community Suite 4
    • Torrents
    • Android
    • Serials Cracks Keygens
  • Miners
    • Miners General Discussion
    • Bitcoin
  • BBF MarketPlace
    • Marketplace (Buy, Sell, Trade)
    • Affiliate forum
    • Coupons and Deals
  • BBF Polls
    • What is what?
    • UDEMY FREE Courses
  • BBF JOB Section
    • Programming jobs
    • Find a developer
    • Search Engine Optimization and Traffic Discussions
    • Social networks
    • SEO Tutorials Section
  • BBF Developers
    • Webmaster Lounge
    • Android Developers
    • IOS Developers
    • PHP Developers
    • Servers
  • BBF Hacking
    • Hacking softwares
    • Kali linux
    • Viruses
    • Exploit Pack
  • BBF GameZone
    • GameZone Lounge
    • CS-GO
    • Data2
    • Minecraft
  • BBF Graveyard
    • Archives
    • SPAM
  • Российский клуб (Russian club)'s ОБСУЖДЕНИЕ
  • Российский клуб (Russian club)'s помощь
  • Gamers Club's CS-GO Gamers Lounge
  • Gamers Club's Dota2 Gamers Lounge


  • BBF exclusive
  • Software
  • Scripts
  • IPS Community Suite 4
    • Applications
  • Wowonder
  • Wordpress
    • Wordpress templates
    • Wordpress plugins
  • Joomla
    • Joomla templates
    • Joomla plugins
  • Android source code
  • Android APk apps


  • Bugs
  • Suggestions


  • Community Calendar
  • Gamers Club's Events


  • Exploit Pack
  • Wordpress
  • Joomla
  • OpenCart
  • PrestaShop
  • Android
  • Linux
  • Kali Linux 2
  • Windows
  • Servers
  • Hacking
  • Other


  • Music videos
  • Video Turotials

Found 12 results

  1. As mobile apps connect more of the planet, and enable users around the globe to engage in more interesting and innovative ways than ever imagined, the job of the mobile app developer has become ever more enriching, fulfilling, and necessary to the modern global economy. The mobile apps we use every day have changed the way we conduct business, the way we communicate and consume entertainment, the way we learn things about the world. You wouldn’t be wrong if you thought mobile app development sounded like one of the coolest job industries of the moment. So how do you become a mobile developer? Here’s the bare bones version: you pick a platform—like Android, iOS, or Windows Mobile—learn the technical skills, bone up on your soft skills, and have at it. But let’s get into a little more detail. Here, we’re going to tackle the prospect of becoming an Android developer specifically. Why Android? Android is the indisputable leader of global smartphone market share. Thanks to growth in emerging markets like Mexico, Turkey, and Brazil, that dominance isn’t ebbing any time soon. That market leadership translates to serious job security for Android developers. Moreover, the Android platform is open source (the entire Android source code is browsable, albeit with some proprietary software such as Google Play), making the developer ecosystem dynamic and collectively enriching. Android developers share tips, tricks, and tutorials across the Android community, and since Google helps developers by building tools like Google Play Servicesfor common app tasks like sign-in, authentication, location, and storage, Android developers can focus on building their apps’ core functionality. Basically, it’s a particularly exciting time to launch a career in Android development. There’s a healthy supply of jobs, demand for Android apps promises to soar into the future, and the technology—including wearable apps and apps for TV—is intriguingly advancing. The Hard Skills: What to Learn First things first: the technical skills. Android development can be done on a Mac, Windows PC, or Linux computer. You’ll also need an Android device (you can use an emulator like Genymotion for development, but eventually you’ll want to test on a real device). Here’s the short list of the must-know tools to become an Android developer. Java The most basic building block of Android development is the programming language Java. To be a successful Android developer, you’ll need to be comfortable with Java concepts like loops, lists, variables, and control structures. Java is one of the most popular programming languages used by software developers today, so learning its ins and outs will stand you in good stead for work (back-end development anyone?) even beyond the Android platform. SQL You’ll also need to learn the basics of SQL in order to organize the databases within Android apps. SQL is a language for expressing queries to retrieve information from to databases. Once you can write it, there won’t be any questions you can’t ask of your data. Android Software Development Kit (SDK) and Android Studio One of the best parts about developing for Android is that the necessary tools are free and easy to obtain. The Android SDK is available via free-of-charge download, as is Android Studio, the official integrated development environment (IDE) for Android app development. Android Studio is the main program with which developers write code and assemble their apps from various packages and libraries. The Android SDK includes sample code, software libraries, handy coding tools, and much more to help you build, test, and debug Android applications. Another highlight of developing for Android is the ease of the process of submitting apps. Once you’re ready to submit your app to the Google Play store, register for a Google Play publisher account (which includes paying a $25 fee via Google Wallet), follow Android’s launch checklist, submit through the Google Play Developer Console, wait for Google to approve, and see it appear. Simple and satisfying. XML Programmers use XML to describe data. The basics of the XML syntax will be helpful in your journey to full-fledged Android developer in doing tasks like designing user interface (UI) layouts and parsing data feeds from the internet. Much of what you’ll need XML for can be done through Android Studio, but it’s constructive to be grounded in the basics of the markup language. The Hard Skills: How to Learn and Showcase Them Resources abound for Android developers to sharpen their skills and share tips and best practices. A few industry favorites include Stack Overflow, Android Weekly, the Android Dev subreddit, vogella tutorials, YouTube lessons, and Google’s official Android Developers site—especially the Building Your First App module. If you’re more of a print learner, popular Android books include Head First Java, Android Programming: Pushing the Limits, and Java: A Beginner’s Guide. As you start to think about attracting job opportunities, and selling yourself as a viable candidate, consider showcasing your Android work on LinkedIn, Xing, through an online personal portfolio, or on sites like Behance and GitHub. Rub elbows, in person and virtually, with other Android developers and hiring managers or recruiters through meetups, conferences such as droidcon, and digital networking hubs like LinkedIn groups, Twitter chats, and Quora feeds. You never know what you’ll learn, or who you’ll meet. The Soft Skills As with any job, it’s not enough to have the technical stuff down pat. You’ve got to sharpen your interpersonal skills as much as your coding chops. Perseverance Practice really does make perfect when it come to app development. Inevitably, you’re going to hit a roadblock in the development process, especially when you first start out. You’ll need a deep store of perseverance to power you through the frustrating times. Luckily, since Android is open-source, Android developers can take advantage of crowd-created libraries and frameworks posted on sites like GitHub. Collaborativeness Collaboration is of vital importance to most developer jobs. Even if you’re working by yourself on a project, you’ll inevitably have to put heads together with others—like designers, marketers, or upper management—in the company or organization. Start getting comfortable with accepting feedback on your work, compromising with coworkers, and teaming up with other players to create exceptional products. Thirst for Knowledge All good developers, mobile or otherwise, are committed to lifelong learning. Especially in the rapidly developing landscape of mobile apps: with the advent of wearables, TV apps, auto apps, and more, mobile developers must keep their eyes and ears open to new technology and changing best practices. No matter how advanced you get, don’t stop investigating, exploring, playing around, and asking questions. The Bottom Line Mobile apps are in higher demand than ever, which makes right now an incredible time to launch your career as an Android developer. As Android expands beyond the consumer space to workand education, and continues to push the bounds of rich cross-device user experiences with the new Material design language, it’s a particularly exciting time to dive into Android development. So go ahead, feet first. The water’s warm. Many thanks to Google Developer Experts Enrique López-Mañas (@eenriquelopez) and Etienne Caron, and Udacity developer Eric Gonzalez for their contributions and technical reviews of this article. I saw this is helpful I choose to share with you here.. It was written by Allison Stadd Thank you. From Abelas
  2. Android phones come with lots of great features and aside from the basic call and messaging functionality, you can do a lot more on your Android device. While there are several cool features built into most Android smartphones, you won’t find call recording preloaded on several Android devices. Most Android smartphones support call recording, however, this feature is hidden on some phones. In this post, I’ll show you how to enable call recording on Samsung Galaxy S5 without installing any third-party call recording apps. While installing apps from the Play Store might be easier than enabling the hidden call recording feature on the Galaxy S5, you might not be comfortable with third-party apps due to privacy issues and because some of them are not that easy to use. Benefits Of Call Recording Call recording might not be useful to some individuals, but this feature can be crucial for many Android users. Here are the reasons why you should enable call recording on your Galaxy S5. Listen to conversations with your family and loves ones to bring back old memories. Use recorded calls as evidence against people denying something that they said. It can be easy for people to deny things they said in an one on one conversation, but they can’t deny their own words captured in a recorded call. If you’re using your Galaxy S5 as a business phone, call recording can be extremely useful in customer services, specially when you want to ensure maximum customer satisfaction. Finally, recorded calls can work as great reminders and instead of writing things down from the phone call, you can directly refer to the recorded call when needed. Prerequisite All the methods mentioned below require root access on your Galaxy S5. Rooting is a risky process which is why you should only attempt it at your own responsibility. Rooting will also void your manufacturer’s warranty. If you’re not comfortable with rooting your phone, then you won’t be able to use any of the methods listed below. However, you can still record phone calls using third-party apps. Feel free to read our post on recording phone calls on Android. Method 1: Manually Editing The feature.xml File The first method uses a third-party root enabled file manager in order to manually edit the feature.xml file. You don’t need to flash anything through recovery and the entire process will only take a couple of minutes. Step 1 Download and install Root Browser on your Samsung Galaxy S5. You can download it using the Google Play Store button below. Step 2 Launch Root Browser and grant it root access if you get any popup asking for root access. Step 3 Go to the /system/csc directory and search for the feature.xml file. Press and hold on the feature.xml file and tap on Open with. If you can’t find the feature.xml file, then use the others.xml file. Step 4 Select RB Text Editor from the list of options in order to open up the text editor. Step 5 Insert the follow text anywhere in the text file, but between <FeatureSet> and </FeatureSet>. <CscFeature_VoiceCall_ConfigRecording>RecordingAllowed</CscFeature_VoiceCall_ConfigRecording> Step 6 Tap on the Save button once you have entered the text line. Step 7 Reboot your phone. That’s it! You have successfully enabled call recorder on your Samsung Galaxy S5. If the process was successful, you’ll see a Record button when on a call. To start recording, simply tap on the Record button. Step 8 In order to end recording, tap on the Stop button.
  3. Hi, I'm a beginner in the Android area. I came to share with you this ready file, just edit and place your website and your information. I AM NOT THE AUTHOR OF THE FILE Download - MEGA
  4. TUTORIAL Learning php

    Someone advice em the best online site to learn coding from scratch
  5. In this How-To we're going to walk you though changing the default SSH port on a Linux system. The Secure Shell (SSH) Protocol by default uses port 22. Accepting this value does not make your system insecure, nor will changing the port provide a significant variance in security. However, changing the default SSH port will stop many automated attacks and a bit harder to guess which port SSH is accessible from. In other words, a little security though obscurity. Steps to follow Step 1 As root, use your favorite text editor (vi) to edit the sshd configuration file. vi /etc/ssh/sshd_config Step 2 Edit the line which states 'Port 22'. But before doing so, you'll want to read the note below. Choose an appropriate port, also making sure it not currently used on the system. # What ports, IPs and protocols we listen for Port 50683 Note: The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources. It is good practice to follow their port assignment guidelines. Having said that, port numbers are divided into three ranges: Well Known Ports, Registered Ports, and Dynamic and/or Private Ports. The Well Known Ports are those from 0 through 1023 and SHOULD NOT be used. Registered Ports are those from 1024 through 49151 should also be avoided too. Dynamic and/or Private Ports are those from 49152 through 65535 and can be used. Though nothing is stopping you from using reserved port numbers, our suggestion may help avoid technical issues with port allocation in the future. Step 3 Switch over to the new port by restarting SSH. /etc/init.d/ssh restart Step 4 Verify SSH is listening on the new port by connecting to it. Note how the port number now needs to be declared. ssh username@hostname.com -p 50683 So get security now. thenkes, Andromeda Cloud, inc.
  6. Hi, May be many of you will be knowing this trick, but i am sharing this because i am able to save some money on longer terms and not only you can just save money but can also earn if you do proper advertisements . The trick is becoming a reseller, some companies like Godaddy Charge a yearly fee. But Reseller club does it better and cheaper. I recently purchased a 5 year long shared linux hosting from hostgator through my reseller account and was able to save $100 on it as the price of the same plan was different on hostgator official site and reseller site. You just have to create a reseller account with reseller club and you good to go. Going this way you can save on domain registerations too but on longer term plans. Reseller club provides you with a supersite (website, which is similar to many hosting providers) where you can sell domains, hosting plans etc . You display your pricing and make profit.
  7. Introduction The MySQL database has become the world’s most popular open source database because of its consistent level of fast performance, high reliability and ease of use. It is used everywhere and by everyone. Individuals, web developers, and many of the world’s largest and fastest-growing organizations such as industry leaders Yahoo, Alcatel-Lucent, Google, Nokia, YouTube and others use it for powering their high-volume websites, business-critical systems, and packaged software. As most products do, it comes out of the box. Usually, security is not a major consideration when installing this kind of product. Often, the most important issue is to get it up and running as quickly as possible so that the organization can benefit from it. This document is intended as a quick security manual to help you bring an installed MySQL database server into conformity with best security practices Syntax explanation for improved database security This paper contains code examples that can either be executed in the operation system console, sent to the database via the MySQL console or added to configuration files. Code snippets are denoted by a gray background. Please refer to the surrounding context for more precise instructions. 1. Secure your server Many known attacks are possible only once physical access to a machine has been acquired. For this reason, it is best to have the application server and the database server on different machines. If this is not possible, you must make sure to execute remote commands via an application server, otherwise, an attacker may be able to harm your database even without permissions. For this reason, any service running on the same machine as the database should be granted the lowest possible permission privileges that will still allow the service to operate smoothly. Do not forget to install the whole security package: Antivirus and Antispam, Firewall, and all of the security packages recommended by your operating system’s vendor. In addition, do not forget to spend 10 minutes thinking of your server’s physical location – in the wrong location, your server can be stolen, flooded, or harmed. Consider performing some operating system hardening procedures, such as the following: Install Antivirus and Antispam software Configure the operating system’s firewall Consider the safety of your server’s physical location Install the services you intend the machine to run Harden the production server and services Disable unnecessary services Follow services vendors’ recommendations regarding patches and updates needed for the safe and secure operation of their services 2. Disable or restrict remote access Consider whether MySQL will be accessed from the network or only from its own server. If remote access is used, ensure that only defined hosts can access the server. This is typically done through TCP wrappers, iptables, or any other firewall software or hardware available on the market. To restrict MySQL from opening a network socket, the following parameter should be added in the [mysqld] section of my.cnf or my.ini: skip-networking The file is located in the “C:\Program Files\MySQL\MySQL Server 5.1” directory on the Windows operating system or “/etc/my.cnf” or “/etc/mysql/my.cnf” on Linux. This line disables the initiation of networking during MySQL startup. Please note that a local connection can still be established to the server. Another possible solution is to force MySQL to listen only to the local host by adding the following line in the [mysqld] section of my.cnf bind-address= You may not be willing to disable network access to your database server if users in your organization connect to the server from their machines or the web server installed on a different machine. In that case, the following restrictive grant syntax should be considered: mysql> GRANT SELECT, INSERT ON mydb.* TO 'someuser'@'somehost'; 3. Disable the use of LOCAL INFILE The next change is to disable the use of the “LOAD DATA LOCAL INFILE” command, which will help to prevent unauthorized reading from local files. This is especially important when new SQL Injection vulnerabilities in PHP applications are found. In addition, in certain cases, the “LOCAL INFILE” command can be used to gain access to other files on the operating system, for instance “/etc/passwd”, using the following command: mysql> LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE table1 Or even simpler: mysql> SELECT load_file("/etc/passwd") To disable the usage of the “LOCAL INFILE” command, the following parameter should be added in the [mysqld] section of the MySQL configuration file. set-variable=local-infile=0 4. Change root username and password The default administrator username on the MySQL server is “root”. Hackers often attempt to gain access to its permissions. To make this task harder, rename “root” to something else and provide it with a long, complex alphanumeric password. To rename the administrator’s username, use the rename command in the MySQL console: mysql> RENAME USER root TO new_user; The MySQL “RENAME USER” command first appeared in MySQL version 5.0.2. If you use an older version of MySQL, you can use other commands to rename a user: mysql> use mysql; mysql> update user set user="new_user" where user="root"; mysql> flush privileges; To change a user’s password, use the following command-line command: mysql> SET PASSWORD FOR 'username'@'%hostname' = PASSWORD('newpass'); It is also possible to change the password using the “mysqladmin” utility: shell> mysqladmin -u username -p password newpass 5. Remove the “test” database MySQL comes with a “test” database intended as a test space. It can be accessed by the anonymous user, and is therefore used by numerous attacks. To remove this database, use the drop command as follows: mysql> drop database test; Or use the “mysqladmin” command: shell> mysqladmin -u username -p drop test 6. Remove Anonymous and obsolete accounts The MySQL database comes with some anonymous users with blank passwords. As a result, anyone can connect to the database To check whether this is the case, do the following: mysql> select * from mysql.user where user=""; In a secure system, no lines should be echoed back. Another way to do the same: mysql> SHOW GRANTS FOR ''@'localhost'; mysql> SHOW GRANTS FOR ''@'myhost'; If the grants exist, then anybody can access the database and at least use the default database“test”. Check this with: shell> mysql -u blablabla To remove the account, execute the following command: mysql> DROP USER ""; The MySQL “DROP USER” command is supported starting with MySQL version 5.0. If you use an older version of MySQL, you can remove the account as follows: mysql> use mysql; mysql> DELETE FROM user WHERE user=""; mysql> flush privileges; 7. Lower system privileges; increase database security with Role Based Access Control A very common database security recommendation is to lower the permissions given to various parties. MySQL is no different. Typically, when developers work, they use the system’s maximum permission and give less consideration to permission principles than we might expect. This practice can expose the database to significant risk. * Any new MySQL 5.x installation already installed using the correct security measures. To protect your database, make sure that the file directory in which the MySQL database is actually stored is owned by the user “mysql” and the group “mysql”. shell>ls -l /var/lib/mysql In addition, ensure that only the user “mysql” and “root” have access to the directory/var/lib/mysql. The mysql binaries, which reside under the /usr/bin/ directory, should be owned by “root” or the specific system “mysql” user. Other users should not have write access to these files. shell>ls -l /usr/bin/my* 8. Lower database privileges Operating system permissions were fixed in the preceding section. Now let’s talk about database permissions. In most cases, there is an administrator user (the renamed “root”) and one or more actual users who coexist in the database. Usually, the “root” has nothing to do with the data in the database; instead, it is used to maintain the server and its tables, to give and revoke permissions, etc. On the other hand, some user ids are used to access the data, such as the user id assigned to the web server to execute “select\update\insert\delete” queries and to execute stored procedures. In most cases, no other users are necessary; however, only you, as a system administrator can really know your application’s needs. Only administrator accounts need to be granted the SUPER / PROCESS /FILE privileges and access to the mysql database. Usually, it is a good idea to lower the administrator’s permissions for accessing the data. Review the privileges of the rest of the users and ensure that these are set appropriately. This can be done using the following steps. mysql> use mysql; [Identify users] mysql> select * from users; mysql> show grants for ‘root’@’localhost’; The above statement has to be executed for each user ! Note that only users who really need root privileges should be granted them. Another interesting privilege is “SHOW DATABASES”. By default, the command can be used by everyone having access to the MySQL prompt. They can use it to gather information (e.g., getting database names) before attacking the database by, for instance, stealing the data. To prevent this, it is recommended that you follow the procedures described below. Add ” –skip-show-database” to the startup script of MySQL or add it to the MySQL configuration file Grant the SHOW DATABASES privilege only to the users you want to use this command To disable the usage of the “SHOW DATABASES” command, the following parameter should be added in the [mysqld] section of the /etc/my.cnf: [mysqld] skip-show-database 9. Enable Logging If your database server does not execute many queries, it is recommended that you enable transaction logging, by adding the following line to [mysqld] section of the /etc/my.cnf file: [mysqld] log =/var/log/mylogfile This is not recommended for heavy production MySQL servers because it causes high overhead on the server. In addition, verify that only the “root” and “mysql” ids have access to these logfiles (at least write access). Error log Ensure only “root” and “mysql” have access to the logfile “hostname.err”. The file is stored in the mysql data directory. This file contains very sensitive information such as passwords, addresses, table names, stored procedure names and code parts. It can be used for information gathering, and in some cases, can provide the attacker with the information needed to exploit the database, the machine on which the database is installed, or the data inside it. MySQL log Ensure only “root” and “mysql” have access to the logfile “*logfileXY”. The file is stored in the mysql data directory. 10. Change the root directory A chroot on Unix operating systems is an operation that changes the apparent disk root directory for the current running process and its children. A program that is re-rooted to another directory cannot access or name files outside that directory, and the directory is called a “chroot jail” or (less commonly) a “chroot prison”. By using the chroot environment, the write access of the MYSQL processes (and child processes) can be limited, increasing the security of the server. Ensure that a dedicated directory exists for the chrooted environment. This should be something like:/chroot/mysqlIn addition, to make the use of the database administrative tools convenient, the following parameter should be changed in the [client] section of MySQL configuration file: [client] socket = /chroot/mysql/tmp/mysql.sock Thanks to that line of code, there will be no need to supply the mysql, mysqladmin, mysqldump etc. commands with the –socket=/chroot/mysql/tmp/mysql.sock parameter every time these tools are run. 11. Remove History During the installation procedures, there is a lot of sensitive information that can assist an intruder to assault a database. This information is stored in the server’s history and can be very helpful if something goes wrong during the installation. By analyzing the history files, administrators can figure out what has gone wrong and probably fix things up. However, these files are not needed after installation is complete. We should remove the content of the history file (~/.mysql_history), where all executed SQL commands are stored (especially passwords, which are stored as plain text): cat /dev/null > ~/.mysql_history 12. Patch your systems Consult you operation system’s vendor for security and performance updates: use windows update on windows, apt-get or yum on (Debian) systems, Red Hat update Agent on Red hat and so on. If you are using any kind of virtualization platform, consult your platform vendor for security issues, patches, and recommendations. This article was written by David Maman, HexaTier CTO.
  8. Anyone with tutorials on working with Modx? Really need help
  9. We recently spent a few hours trying to get a perfect score on Qualy's SSL Labs Tester. While we was not able to achieve a "100" in every category, I feel I got pretty close: This post will detail the steps for getting an A+ SSL rating using Nginx. Generate a Certificate The first step in securing your server with SSL is to generate an SSL certificate. At this time, the only way to get a verified certificate that will be trusted across most Internet browsers is to pay for a certificate. I chose RapidSSL, but you can choose any respectable provider. You do not need to purchase an extended validation (EV) certificate to achieve an A+ rating. For personal blogs or sites that are not processing secure information, a regular certificate is fine. There is no additional encryption added with an EV certificate - just a pretty green bar that makes users feel better. Depending on the provider you chose, you will need to generate a CSR and securely transmit the files onto your server. You may also need to install an intermediate certificate. Install the Packages In my case, I used Nginx and OpenSSL. The latest version of OpenSSL in Ubuntu's is good enough, but the latest Nginx does not support the SSL stapling we want to use later. $ sudo apt-get install openssl Because these instructions could easily become out of date, I recommend following the steps for compiling Nginx from source on the Nginx website. Choose Protocols This is arguably the hardest decision you will need to make. If you want to achieve an A+ rating, you will need to neglect a small percentage of your user base. ssl_protocols TLSv1 TLSv1.1 TLSv1.2; This tells Nginx to explicitly only allow TLS, which means older clients (namely IE 6 and Windows XP users) will get certificate errors when visiting your website. If any of these are your target audience, you must also add SSLv3 to the list, but you will be unable to get an A+ by doing so (you can still get an A). Choose Ciphers Below, we only permit 256-bit encryption schemes. The ECDHE suite gives us Forward Secrecy (although we will generate a new set of dhparams in a later step). It is important to note that these values are in order of specificity, so the ordering is from best to worst. ssl_prefer_server_ciphers on; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; Again, if you plan to support IE6 or older clients, you may need to add additional cipher suites. Doing so will reduce your rating. Generate new dhparams With Forward Secrecy, if an attacker gets a hold of the server's private key, it will not be able to decrypt past communications. The private key is only used to sign the DH handshake, which does not reveal the pre-master key. Diffie-Hellman ensures that the pre-master keys never leave the client and the server, and cannot be intercepted by a MITM. All versions of Nginx as of 1.4.4 rely on OpenSSL for input parameters to Diffie-Hellman (DH). Unfortunately, this means that Ephemeral Diffie-Hellman (DHE) will use OpenSSL's defaults, which include a 1024-bit key for the key-exchange. Since we're using a 2048-bit certificate, DHE clients will use a weaker key-exchange than non-ephemeral DH clients. We need generate a stronger DHE parameter: $ cd /etc/ssl/certs $ openssl dhparam -out dhparam.pem 4096 And then tell Nginx to use it for DHE key-exchange: ssl_dhparam /etc/ssl/certs/dhparam.pem; Please note: this section was adopted from Strong SSL Security on nginx at Raymii.org. Turn on SSL In your Nginx configuration, you will need to activate SSL. The code below is documented inline to describe each option. # Enable SSL on all domains - you may also want to enable this on a per-site # basis instead if you are supporting multiple virtual hosts. ssl on; # Cache SSL sessions for 10m (this is about 40,000 sessions), timing them out # after 24 hours. ssl_session_cache shared:SSL:10m; ssl_session_timeout 24h; # Set the buffer size to 1400 bytes (that way it fits into a single MTU). ssl_buffer_size 1400; OCSP Stapling When connecting to a server, clients should verify the validity of the server certificate using either a Certificate Revocation List (CRL), or an Online Certificate Status Protocol (OCSP) record. ssl_stapling on; ssl_stapling_verify on; resolver valid=300s; resolver_timeout 10s; HSTS HTTP Strict Transport Security (HSTS) instructs browsers to communicate with your website only over SSL. # Enable HSTS add_header Strict-Transport-Security max-age=63072000; # Do not allow this site to be displayed in iframes add_header X-Frame-Options DENY; # Do not permit Content-Type sniffing. add_header X-Content-Type-Options nosniff; Intermediate Certificates Depending on when you purchase your certificate, you may be issued a certificate that uses SHA1 encryption. Many browsers, such as Chrome and Safari will soon distrust these certificates and show a warning. In my case, with RapidSSL, I needed 256-bit GeoTrust and RapidSSL intermediate certificates. It took some searching, but I was able to find the SHA 256 intermediate certificates on each of the provider's websites. You may need to contact your SSL certificate provider to obtain the SHA 256 intermediate certificate. You must have a certificate using SHA 256 to obtain an A+ on the SSL labs tester. GeoTrust SHA256 Intermediate Certificate -----BEGIN CERTIFICATE----- MIIERDCCAyygAwIBAgIDAjp4MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwODI5MjIyNDU4WhcNMjIwNTIwMjIyNDU4WjBmMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZh bGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBDQSAtIEc0MIIB IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30GUetr35DFDtuoBG1zOY+r6 baPZau4tmnX51ZxbvTTf2BzJbdgEiNputbe18DCuQNZd+sRTwdQinQROEaaV1UV8 QQVY4Ezd+e5VvV9G3K0TCJ0s5PeC5gcrng6MNKHOxKHggXCGAAY/Lep8myiuGyiL OQnT5/BFpLG6EWeQVXuP3u04XKHh44PEw3KRT5juHMKAqmSlPoNiHMzgnvhawBMS faKni6PnnyrXm8rL7ZcBnCiEUQRQQby0/HjpG88U6h8P/C4BMo22NcsKGDvsWj48 G9OZQx4v973zWxK5B17tPtGph8x3cifU2XWiY0uTNr3lXNe/X3kNszKnC7JjIwID AQABo4IBHTCCARkwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYD VR0OBBYEFAtQ7HfvKpv/7AOhCv+txuQqGMc+MBIGA1UdEwEB/wQIMAYBAf8CAQAw DgYDVR0PAQH/BAQDAgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNi LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYw MzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz L2NwczANBgkqhkiG9w0BAQsFAAOCAQEAMyTVkKopDDW5L8PHQpPAxhBLAwh2hBCi 4OdTEifyCtp/Otz9XHlajxd0Q1Ox1dFdWbmmhGTK8ToKWZYQv6mBV4tch9x/4+S7 BXqgMgkTThCBKB+cA2K89AG1KYNGB7nnuF3I6dHdrTv4NNvB0ZWpkRjtPCw3EU3M /lM+UEP5w1ZBrFObbAWymuLgWVcwMrYmThMlzfpIcA91VWAR9TvVXlo8i1sPD2JC SGGFixD0wYi/f1+KwtfNK5RcHzRKCK/rromoSHVVlR27wJoBufQDIj7U5lIwDWe5 wJH9LUwwjr2MpQSRu6Srfw/Yb/BmAMmjXPWwj4PmnFrmtrnFvL7kAg== -----END CERTIFICATE----- RapidSSL SHA256 Intermediate Certificate -----BEGIN CERTIFICATE----- MIIEJTCCAw2gAwIBAgIDAjp3MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTQwODI5MjEzOTMyWhcNMjIwNTIwMjEzOTMyWjBHMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXUmFwaWRTU0wg U0hBMjU2IENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv VJvZWF0eLFbG1eh/9H0WA//Qi1rkjqfdVC7UBMBdmJyNkA+8EGVf2prWRHzAn7Xp SowLBkMEu/SW4ib2YQGRZjEiwzQ0Xz8/kS9EX9zHFLYDn4ZLDqP/oIACg8PTH2lS 1p1kD8mD5xvEcKyU58Okaiy9uJ5p2L4KjxZjWmhxgHsw3hUEv8zTvz5IBVV6s9cQ DAP8m/0Ip4yM26eO8R5j3LMBL3+vV8M8SKeDaCGnL+enP/C1DPz1hNFTvA5yT2AM QriYrRmIV9cE7Ie/fodOoyH5U/02mEiN1vi7SPIpyGTRzFRIU4uvt2UevykzKdkp YEj4/5G8V1jlNS67abZZAgMBAAGjggEdMIIBGTAfBgNVHSMEGDAWgBTAephojYn7 qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUw5zz/NNGCDS7zkZ/oHxb8+IIy1kwEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCig JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUF BwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMEwGA1UdIARF MEMwQQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3Ry dXN0LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQCjWB7GQzKs rC+TeLfqrlRARy1+eI1Q9vhmrNZPc9ZE768LzFvB9E+aj0l+YK/CJ8cW8fuTgZCp fO9vfm5FlBaEvexJ8cQO9K8EWYOHDyw7l8NaEpt7BDV7o5UzCHuTcSJCs6nZb0+B kvwHtnm8hEqddwnxxYny8LScVKoSew26T++TGezvfU5ho452nFnPjJSxhJf3GrkH uLLGTxN5279PURt/aQ1RKsHWFf83UTRlUfQevjhq7A6rvz17OQV79PP7GqHQyH5O ZI3NjGFVkP46yl0lD/gdo0p0Vk8aVUBwdSWmMy66S6VdU5oNMOGNX2Esr8zvsJmh gP8L8mJMcCaY -----END CERTIFICATE----- Final Configuration If you are just looking for a copy-paste solution to get an A+, you can copy and paste the Nginx configuration below. ssl on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 24h; ssl_buffer_size 1400; ssl_session_tickets off; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL; ssl_prefer_server_ciphers on; ssl_certificate /etc/ssl/website.com.crt; ssl_certificate_key /etc/ssl/website.com.key; ssl_dhparam /etc/ssl/dhparam.pem; ssl_stapling on; ssl_stapling_verify on; resolver valid=300s; resolver_timeout 10s; spdy_keepalive_timeout 300; spdy_headers_comp 9; add_header Strict-Transport-Security max-age=63072000; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; You will still need to generate and install the proper certificates. I hope this blog post helps you install and secure your website. Please feel free to leave a comment or suggestion!
  10. I find these guides really useful when setting up my raspberry pi to be a virtual host server no this guide includes protecting your websites with sercue https and protecting folders behind a firewall if the same is try's to get access on multiple failed attempts.. and also protects emails send and received, this is my my next project with my pi when I have spare time link below to the guide https://www.pestmeester.nl/
  11. Tutorial – Install PhpMyAdmin on your Raspberry Pi PhpMyAdmin is a handy web interface for managing local MySQL databases, and can make database queries, management and backups easy. In this tutorial, I’m going to talk you through installing PhpMyAdmin on your Raspberry Pi powered web server. I’m assuming you’ve got Raspbian installed, and you’ve followed my tutorial: install Apache, PHP and MySQL on Raspberry Pi. Step 1 – Begin the PhpMyAdmin installation From terminal, we begin by changing to the root user in terminal by entering: sudo bash Now we need to install the PhpMyAdmin package using: apt-get install phpmyadmin The package will begin installing. You will be asked which web server is installed, choose apache2. My screenshots show purple, but you’ll see blue. I’ve already got PhpMyAdmin installed on my Raspberry Pi so had to install it on a ubuntu VM for the purpose of this tutorial – apologies for the wrong colours, but I can assure you the procedure is the same for Debian/Raspbian and Ubuntu! Step 2 – configure for dbconfig-common Next we’ll need to configure PhpMyAdmin’s database. You’ll see the following prompt: When prompted, choose Yes. Next you’ll be asked for an administrative password, this is the root password that was set during the MySQL installation in the previous tutorial. You’ll be asked to set a password for PhpMySQL. I’ve used the same password as the MySQL root password, but its up to you what you set here. Make a note of it somewhere. That’s PhpMyAdmin installed. Next we need to change the apache configuration to allow us to use http://your.raspberrypi.domain/phpmyadmin to access it. Step 3 – Configure Apache to work with PhpMyAdmin We need to alter the Apache configuration in order to access PhpMyAdmin. To do this, enter the following command to alter the configuration: nano /etc/apache2/apache2.conf The configuration file will load in Nano. Navigate to the bottom of the file (keep pressing CTRL + V to jump page by page until you’re at the bottom of the file) and add the following new line to the file: Include /etc/phpmyadmin/apache.conf Save the file (CTRL + X and enter Y when prompted to save) and restart Apache2. To restart Apache, enter the following command: /etc/init.d/apache2 restart That’s it! You’re all installed and ready to go. Give accessing it a try by going to your Raspberry Pi’s IP address or domain name and add ‘/phpmyadmin’ to the end in your web browser, ie http://your.raspberrypi.domain/phpmyadmin.
  12. Tutorial – Install Apache, PHP and MySQL on a Raspberry Pi 2 I’ve been running LAMP setups on Raspberry Pi’s for years, so am excited to use the little pocket-sized powerhouse that is the Raspberry Pi 2 as a web server. Before we start There are some prerequisites; I assume you know your way around terminal, and know how to SSH onto your Raspberry Pi 2. These instructions will work directly on the Pi itself. I also assume you know the IP address of your Raspberry Pi. 1. Let’s start First, connect to your Raspberry Pi 2. Skip this step if you’re working directly on your Raspi: ssh pi@raspberrypi Replace ‘raspberrypi’ with the IP or hostname of your raspberry Pi. You should now be logged into your Raspberry Pi 2, and will see something like this: There’s likely to be updates to install, so we’ll go ahead and do these now before we start installing anything: sudo apt-get update && sudo apt-get upgrade This used to take a little time on the old ones, but the new quad-core makes light work of the updates. You’ll be prompted to choose ‘Y’ or ‘n’, so just keep hitting ‘y’ until the updates are installed. Providing the updates went in OK, you’re ready to install Apache 2.4 and PHP 5.4 2. Install Apache Next run the following command. This will install Apache 2.4, which is the web server that responds to http (and https if you like) requests: sudo apt-get install apache2 apache2-utils Technically, this is all we need to do to run a very basic web server from our Raspberry Pi. Give it a go, pop the IP address of your Raspberry Pi in your web browser. You should see something like this: This is all fine and dandy, but our aim is to install WordPress, so we’re going to need PHP. Follow the next steps to do this. 3. Install PHP This command will install the PHP 5 and the PHP libraries you’ll need for WordPress: sudo apt-get install libapache2-mod-php5 php5 php-pear php5-xcache php5-mysql php5-curl php5-gd That’s it, PHP 5 is now installed. We can test it to make sure it’s working by creating a index.php file and calling PHP Info. Change the directory to the default document root: cd /var/www/ The permissions aren’t set correctly just yet, so for the time being, we’ll create a index file as sudo: sudo echo "<?php phpinfo(); ?>" | sudo tee index.php Now visit index.php in your web browser, you will see PHP Info. You should see the following: 4. Install MySQL MySQL is the database server which will hold our data for our website installation. Installing MySQL is very straight forward. Run the following command: sudo apt-get install mysql-server Once the installation begins, you will be asked to provide a master password for your MySQL installation. Ensure you choose a good secure password, and it’s a good idea to give MySQL a different password to the one you use to access your Raspberry Pi. Finish off by installing MySQL client, which will allow us to create a user for our WordPress installation in the next tutorial: sudo apt-get install mysql-client

Important Information

By using this site, you agree to our Terms of Use and Guidelines.