1. CentOS command to check version
cat /etc/centos-release2. install php 7
https://webtatic.com/packages/php70/3. install apache on centos7
http://www.liquidweb.com/kb/how-to-install-apache-on-centos-7/4. install phpMyAdmin
http://www.liberiangeek.net/2014/09/install-phpmyadmin-centos-7-lamp-support/5. install LAMP
https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-76. install firewall in centos 7
systemctl list-units --type=serviceInstall if not available:yum install firewalldYou can enable firewalld by typing:systemctl enable firewalld sudo systemctl enable firewalldYou can start firewalld by typing:systemctl start firewalld sudo systemctl start firewalldHave a look to check its status by typing:systemctl status firewalld
http://serverfault.com/questions/683666/how-to-enable-firewall-on-centos-7
advanced configuration:
https://www.howtoforge.com/tutorial/install-and-configure-csf-config-server-firewall-on-centos-7/
7. modify the config file with the bellow code for phpMyAdmin:
vi /etc/httpd/conf.d/phpMyAdmin.confAlias /phpMyAdmin /usr/share/phpMyAdminAlias /phpmyadmin /usr/share/phpMyAdmin<Directory /usr/share/phpMyAdmin/>AddDefaultCharset UTF-8<IfModule mod_authz_core.c># Apache 2.4<RequireAny>Require ip 192.168.1.196Require ip ::1Require all granted</RequireAny></IfModule><IfModule !mod_authz_core.c># Apache 2.2Order Deny,AllowDeny from AllAllow from 192.168.1.196Allow from ::1</IfModule></Directory><Directory /usr/share/phpMyAdmin/setup/><IfModule mod_authz_core.c># Apache 2.4<RequireAny>Require ip 192.168.1.196</RequireAny></IfModule><IfModule !mod_authz_core.c># Apache 2.2Order Deny,AllowDeny from AllAllow from 192.168.1.196</IfModule></Directory>
Restart Apache:
# service httpd restart
8. change and configure the root directory of apache / httpd and set SElINUX=disabled:
http://stackoverflow.com/questions/17442370/you-dont-have-permission-to-access-on-this-server
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/3/html/Reference_Guide/s1-apache-config.html
9. Tar and Untar files:
Extract / Uncompress:
tar -xvf file.tar
tar -xzvf file.tar.gz
tar -xjvf file.tar.bz2
tar -xvf file.tar etc/resolv.conf tar -xzvf file.tar.gz etc/resolv.conf tar -xjvf file.tar.bz2 etc/resolv.conf
source: http://www.cyberciti.biz/faq/tar-extract-linux/
Compress / Tar files:
tar -cvf file.tar etc/resolv.conf
source: https://www.centos.org/docs/2/rhl-gsg-en-7.2/s1-zip-tar.html
10. install and configure APC in CentOS:
http://anandarajpandey.com/2014/07/15/how-to-install-apc-in-centos-for-php-better-performance-opcode/
11. install DRUSH 8 in CentOS:
http://docs.drush.org/en/master/install/
12. Change root password and Create new user in CentOS:
How to change password via SSH in Linux/Centos? First, you need login SSH to your Linux server, then use command passwd to change password. below example is change root password for a Centos:
-bash-3.2# su - root - you don't need to do this if you already login ssh as root
[root @ ComfortVPS.com ~]# passwd root - usage: passwd <accountName> , passwd root means change password for accountname root
Changing password for user root.
New UNIX password: (You should type your new password here)
Retype new UNIX password: (You should retype your new password again)
passwd: all authentication tokens updated successfully.
[root @ ComfortVPS.com ~]# passwd root - usage: passwd <accountName> , passwd root means change password for accountname root
Changing password for user root.
New UNIX password: (You should type your new password here)
Retype new UNIX password: (You should retype your new password again)
passwd: all authentication tokens updated successfully.
Done, you have successfully changed your password!
copy from: http://www.comfortvps.com/VPS/How-change-password-SSH-Linux-Centos.html
Create a new user and granting root privilege:
- adduser demo
- passwd demo
- gpasswd -a demo wheel
13. List All Users In The System:
$ cat /etc/passwd
Linux Command to List Users:
$ awk -F':' '{ print $1}' /etc/passwd
http://www.cyberciti.biz/faq/linux-list-users-command/
14. Starting and Stopping vsftpd:
/sbin/service vsftpd start
/sbin/service vsftpd restart
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ftp-vsftpd-start.html
15. Change hostname of Linuxh machine:
Verify current hostname:
# hostname
Verify current dns domain name:
# dnsdomainname
Update the hostname:
# hostname NewHostMachineName
16. Create self-signed SSL certificate and implement
Create self-sign-in certificate ( https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-nginx-for-centos-6 ) in certificate folder (i.e.: /etc/pki/tls/certs/):
# openssl x509 -inform der -in ServerStaging.cer -out ServerStaging.key
PS: it is recommended to not to use passphrase.
Update the webserver configuration file (i.e.: /etc/nginx/conf.d/default.conf):
# HTTPS server server { listen 443; ServerStaging_name Server.Staging.com; add_header Strict-Transport-Security "max-age=31536000"; ssl_certificate /etc/ssl/certs/ServerStaging.crt; ssl_certificate_key /etc/ssl/certs/ServerStaging.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ... ... ... ... ... .... ... ... ... ... ... .... ... ... ... ... ... .... }
17. Implement CA authorized SSL certificate
a. Copy the CA generated DER ServerStaging.CER certificate along with ServerStaging.KEY file at the certificate folder (i.e. /etc/pki/tls/certs):
b. Used the following command to convert the DER .CER file to .PEM:
# openssl x509 -inform der -in ServerStaging.cer -out ServerStaging.pem
c. Replaced the CRT file with the PEM file in nGinx configuration file (i.e.: /etc/nginx/conf.d/default.conf).
# HTTPS server
server {
listen 443;
ServerStaging_name Server.Staging.com;
add_header Strict-Transport-Security "max-age=31536000";
ssl on;
ssl_certificate /etc/ssl/certs/ServerStaging.pem;
ssl_certificate_key /etc/ssl/certs/ServerStaging.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
... ... ... ... ... ....
... ... ... ... ... ....
... ... ... ... ... ....
}
d. Restart nGinx server (service nginx restart).
18. Force the search index to be rebuilt.
drush search-reindex
