Search Results

Creating a configuration file mkdir /etc/iptables touch /etc/iptables/rc.firewall chmod +x /etc/iptables/rc.firewall nano -w /etc/iptables/rc.firewall #!/bin/bash # Setting variables ipt="/usr/sbin/iptables" iface="ifname" # SYN Rate (pps) syn_...

Updating the system apt update apt upgrade Creating a user adduser username usermod -aG sudo username Setting up SSH mkdir /home/username/.ssh/ touch /home/username/.ssh/authorized_keys nano -w /home/username/.ssh/authorized_keys chown -R username:...

Creating a config file touch /etc/rc.local chmod +x /etc/rc.local nano -w /etc/rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other #...

Setting up a timezone timedatectl list-timezones timedatectl set-timezone Pacific/Auckland Checking the packages (getting rid of systemd-timesyncd, adding ntp/ntpsec) apt list ntp systemd-timesyncd systemctl status ntp Configuring NTP nano -w /etc/ntp...

Creating a config file and setting things up (more details here) mkdir /etc/systemd/journald.conf.d/ touch /etc/systemd/journald.conf.d/null.conf nano -w /etc/systemd/journald.conf.d/null.conf [Journal] Storage=persistent Compress=100M SystemMaxUse=5G...

Installing knockd apt install knockd systemctl enable knockd Making the config file to look something like this (remember to change the port sequence and set the interface for knockd to listen on) nano -w /etc/knockd.conf [options] UseSyslog ...

Installing the package apt install fail2ban systemctl enable fail2ban Making the config file to look like this touch /etc/fail2ban/jail.local nano -w /etc/fail2ban/jail.local [sshd] enabled = false [apache-auth] enabled = true port = http,ht...

fail2ban-client status fail2ban-client status apache-modsecurity fail2ban-client set apache-modsecurity unbanip IP

According to the manual, we need the following PHP extensions gd, dom, iconv, mbstring, mysqlnd, openssl, pdo, pdo_mysql, tokenizer, xml Yet as it turns out, openssl и pdo_mysql are missing from the repositories so installing as is. We also need curl and zip e...

Dropping anonymous user and a default DB. Blocking remote root connections mariadb-secure-installation Setting the root password or using the unix_socket ensures that nobody can log into the MariaDB root user without the proper authorisation. You already...

Downloading CMS cd /var/www/ mkdir bookstack git clone https://github.com/BookStackApp/BookStack.git --branch release --single-branch bookstack cd bookstack/ composer install --no-dev Setting up an APP_URL, DB connection details and language # Applicati...

Creating a configuration file for a virtual host touch /etc/apache2/sites-available/bookstack.conf nano -w /etc/apache2/sites-available/bookstack.conf <VirtualHost *:80> # This is a simple example of an Apache VirtualHost configuration ...

It's assumed that you already have certificates signed by LetsEncrypt (more details here)Updating the virtual host config file cd /etc/apache2/sites-available/ cp bookstack.conf bookstack.conf_ echo > bookstack.conf nano -w bookstack.conf <VirtualHost *:8...

Installing lego (ref link) cd /var/tmp curl -Ls https://api.github.com/repos/go-acme/lego/releases/latest | \ grep browser_download_url | grep linux_amd64 | cut -d '"' -f 4 | \ wget -i - tar xf lego_v*_linux_amd64.tar.gz mv lego /usr/local/sbin/ Che...

Setting up revision limit nano -w /var/www/bookstack/.env # Set the revision limit to 200 # Defaults to '100' REVISION_LIMIT=1

Setting up documents lifetime nano -w /var/www/bookstack/.env # Set a recycle bin item lifetime of 30 days RECYCLE_BIN_LIFETIME=30

Setting up Logical Theme System mkdir /var/www/bookstack/themes/custom mkdir /var/www/bookstack/themes/custom/includes cd /var/www/bookstack/themes/custom touch includes/prune.revisions.php touch functions.php chown -R root:www-data /var/www/bookst...

Adding the following JavaScript to HTML Metadata <!-- Open links in a new tab --> <script type="module"> const links = document.querySelectorAll('.page-content a'); for (const link of links) { link.target = '_blank'; } </script> <!-...