How to Setup Let’s Encrypt FREE SSL Certificate on Centos 6 Apache using Certbot?

Having SSL on your website these days is important especially if you want your website to rank better on Google search, and that’s when Let’s Encrypt come into the picture.

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG).

Without further ado, let’s begin with the tutorial.

Step 1: Install Certbot

Installing Certbot via certbot-auto script.

Step 2: Get Certificate & Edit Apache Config

It should bring you through a series of steps to have your SSL certificate setup.

Select the site you want to have SSL certificate installed on.

Step 3: Configure CRON Job for Cert Renewal

The following are commands to renewal your SSL certificate.

Dry Run

Actual Command

Add actual command to crontab.

Enter :i and paste the following in the file following by ctrl+c and :wq to quit and save editor.

 

That’s it all is done.

8 Simple Steps to Setup a Web Server with Apache Virtual Hosts & MySQL in Centos

This tutorial will be guiding you in setting up a web server with pre-installed Centos. In summary, you will be installing Apache and MySQL, and learning how to configure virtual hosts in Apache.

Note: before proceeding with this tutorial. Make sure you figure out how to SSH into your server first.

Step 1: Update Centos

Step 2: Install development tools on Centos

Step 3: Install some useful tools

mlocate – This is used to assist you in looking for files in Centos. You will see it in action later.

nano – This a text editor in Centos that is much easier to use than vi or vim.

Step 4: Install Apache

Step 4.1: Install Apache

Step 4.2: Start Apache service

Step 4.3: Set Apache to run on server boot/restart

Step 5: Install MySQL

We are going to install MySQL 5.5 here.

Step 5.1: Add repos and install MySQL 5.5

Step 5.2: Start MySQL service

Step 5.3: Configure MySQL

After running the above command, you will get a bunch of prompts.

  1. Simply hit enter on initial root password prompt as we don’t have any yet from a fresh installation.
  2. Enter your new password for root user.
  3. Simply enter “y” = yes for the remaining options.

Step 6: Set Timezone for server

In the above command, I have set the timezone to Singapore, simply because I’m from Singapore. Feel free to change it to your own timezone.

Step 7: Install SSL support

This will enable SSL support on your web server if you wish to add your own SSL certificate here in future.

Step 8: Setup Virtual Host on Apache

Before proceeding, now we can use mlocate which we have installed previously.

Running the above command sort of index the files in your server for mlocate to work.

Use mlocate to look for Apache’s configuration file.

You should be getting something like this, “/etc/httpd/conf/httpd.conf”.

So now we can make use of nano that we have installed previously.

The above will allow start editing of Apache configuration file.

Step 8.1: Editing Apache Configuration

  1. Hit ctrl+w and type “/var/www” and enter
  2. Change DocumentRoot “/var/www/html” to DocumentRoot “/var/www”
  3. Hit ctrl+w again
  4. Change <Directory “/var/www/html”> to <Directory “/var/www”>
  5. Hit ctrl+w again and type “AllowOverride None” and enter
  6. Change AllowOverride None to AllowOverride All
  7. Hit ctrl+w again and type “NameVirtualHost *:80” and enter
  8. Change #NameVirtualHost *:80 to NameVirtualHost *:80
  9. Add one more line below it, NameVirtualHost *:443
  10. Then hit ctrl+v multiple times till you reach the end of the document

Do not close the file yet.

So what you have done above is doing some basic configuration to Apache for virtual host to work.

Now we need to setup virtual host in Apache configuration.

Below is a sample virtual host configuration.

Notice that “tutorial.mervintan.com” is the subdomain/domain you are trying to configure. So simple just change all occurrence of that to your own subdomain/domain.

To proceed, paste that at the end of Apache configuration file.

To finish editing Apache configuration file.

Hit ctrl+x and enter.

Last step, restart Apache.

Step 8.2: Setup directories and files for a Virtual Host

Remember that we set our Apache document root to “/var/www” above.

Navigate to that directory now.

Create virtual host directory for your subdomain/domain.

Get into the folder.

Create error and requests log files.

Create folder to host files for this virtual host.

Inside public_html folder, this is where you should place all your .html, .js and .css files for hosting.

Step 8.3: Setting permission for hosting directory

This will set Apache to be owner of those folders you have just created.

Step 8.4: Flush iptables

Flushing iptables will remove all firewall records on your server. Then you will be able to access your site.

Finishing Up

If you remember we setup the virtual host for “tutorial.mervintan.com”. Do remember to setup your DNS record that points “tutorial.mervintan.com” to your server ip address.

That’s it you are done!

Upgrade PHP 5 to PHP 7 on CentOS/RHEL 6/7

As we all know, PHP 7 brings 2x the increase in performance to PHP powered systems. The main purpose of this guide will be focusing on the steps to upgrade your web server from PHP 5 to PHP 7 on CentOS.

Pre-requisite

If you are upgrading an existing system to PHP 7, it is advised to test your current system with this upgrade on a separate web server.

Check that your current PHP source codes is compatible with PHP 7 at the following link.

https://secure.php.net/manual/en/migration70.php

1. Install YUM Repository

CentOS/RHEL 7.x

CentOS/RHEL 6.x

1. Upgrade PHP

2. Install PHP 7

[Optional] APC

If you have existing APC (Alternative PHP Cache) installed in your web server, you will have to remove it as APC does not support PHP 7.

After uninstalling APC, modify the following file.

Comment the following line of code by adding a semicolon ‘;’ in front of it.

Check PHP Version

Run the following command to check your current version of PHP.

You should see the following.

 

That’s it! You are done upgrading from PHP 5 to PHP 7.

How to Change Time Zone on CentOS 6?

Always having difficulty on how to change time zone on CentOS 6? Just bookmark this page and everything will be solved.

Identify your current time zone

There are two ways to identify your current time zone.

or

Change time zone

Change “Amercia/Chicago” to the respective time zone that you want.

 

[Additional] Change PHP time zone

Search for this line

Change it to

Of course change it the time zone you want it to be

 

After running the commands above, remember to run the first step again to check that your time zone has been updated successfully.

That’s it. Changing CentOS 6 time zone is as simple as this.

Install Varnish Cache on CentOS 6/7

Varnish Cache is a tool that helps to cache web pages for quicker loading of web pages.

Here we will cover how to install Varnish Cache on CentOS 6/7.

Step 1: Add EPEL

CentOS 6

CentOS 7

Step 2: Download Varnish Cache

CentOS 6

CentOS 7

Step 3: Install Varnish Cache

CentOS 6/7

Step 4: Start Varnish Cache

CentOS 6

CentOS 7

Step 5: Set Varnish Cache to run on boot

CentOS 6

CentOS 7

 

That’s it! It’s that simple to setup Varnish Cache.

Feel free to contact me at [email protected] if you have any questions.

Permissions for WordPress on CentOS 6

Often when we install WordPress on CentOS 6 web server, we will encounter permissions issue when we try to do anything.

The following commands will help you set the correct permissions required in order for WordPress to function properly.

After setting the correct permissions for WordPress, remember to restart your web server by running the following command.

 

Setup NGINX Load Balancer with SSL on CentOS 6

Load balancing is a very common mechanism used to distribute traffic for systems. This tutorial goes through step by step from installation of NGINX on your CentOS web server and configuring your NGINX load balancer after it is installed successfully.

1. Add NGINX Repository

2. Install NGINX

3. Start NGINX

4. Configure NGINX config files

Locate NGINX configuration files at /etc/nginx/conf.d/ directory.

Ensure that you have SSL configured for your web server, if not you can follow the tutorial on Setting Up an SSL Secured Webserver with CentOS.

After you are done with the above steps, proceed to edit the following NGINX configuration file for SSL.

Editing NGINX config file

Add the following above your server {} module

Note that the servers will be served in round robin order. You can refer to NGINX documentation for more configurations.

The next few changes is to be done within the server {} module

Enable server to listen to port 443

Add server name

If you have followed my tutorial on Setting Up an SSL Secured Webserver with CentOS, then you can configure your SSL certificate and key as follows.

Next under location / {} module, add the following lines.

After which, save your NGINX configuration file.

Then restart NGINX.

That’s it you are done. If you have any other questions, do feel free to drop a comment below.

Install and Secure phpMyAdmin on CentOS 6.4

PhpMyAdmin is a popular web interface for web developers to manage MySQL databases. This tutorial will guide you through on how to install and secure PhpMyAdmin on your CentOS web server.

Pre-requisites

This guide assumes that you already have Apache and MySQL installed on your CentOS web server.
(Optional) Note that if you want to access PhpMyAdmin using SSL, then you will need to configure SSL certificate by referring to the following guide.

Setting up an SSL Secured Web Server with CentOS

1. Add EPEL Repositories

PhpMyAdmin is not included in CentOS packages, therefore you will need to add EPEL (Extra Packages for Enterprise Linux) to your web server.

(Optional) Run the following command to install wget if you haven’t install wget yet

Command to install EPEL packages to your web server

Check that EPEL has been added to your repository

You should see the following

Once done remove the respository configuration package

2. Download PhpMyAdmin

Command to download PhpMyAdmin

3. Configure PhpMyAdmin

Find your IP Address first
Then edit PhpMyAdmin config file

Modify the following 4 lines in the config file

Then save and close the config file

4. Open PhpMyAdmin in your Web Browser

Open the following url in your web browser

 

That’s it you are done!

Feel free to contact me at [email protected] if you have any questions.

Setting up an SSL secured Webserver with CentOS

This guide will teach you how to configure and setup your own SSL certification on your CentOS web server.

1. Install required software

Use yum to get the following software if its not yet installed on your web server.

yum install mod_ssl openssl

2. Generate a self-signed certificate

The following steps guides you on how to generate your own self-signed certificate.

Generate private key

openssl genrsa -out ca.key 2048

Generate CSR

openssl req -new -key ca.key -out ca.csr

Generate self-signed key

openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

Copy the files to the respective locations

cp ca.crt /etc/pki/tls/certs

cp ca.key /etc/pki/tls/private/ca.key

cp ca.csr /etc/pki/tls/private/ca.csr

In cased you have moved the files and not copied them, use the following command to correct SELinux

restorecon -RvF /etc/pki

Update Apache SSL configuration file

sudo nano +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

Modified the paths to match where the new Key is stored

SSLCertificateFile /etc/pki/tls/certs/ca.crt

Then set the correct path for Certification Key file

SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Finally quit and save the file then restart Apache

sudo service httpd restart

3. Configure firewall

The last step to setting up your own SSL certificate is to configure the firewall to accept requests from port 443, which is used for SSL connections.

Command to accept port 443 requests

iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Save ip table

/sbin/service iptables save

iptables -L -v

 

That’s it! Your web server is now configured and ready for SSL connections.

Feel free to drop me any questions you have at [email protected]