Temporary solution when Robomongo SSH support was disabled since 0.9.0 RC1

The previous robomongo that I used is version 0.8.5. It’s great, but there is a bug that floating-point numbers are displayed with incorrect precision.

So I upgrade to latest 0.9.0 RC7. But unfortunately,  SSH tab is missing due to the function was disabled since RC1. Here is the link to the announcement.

Luckily here is a temporary solution from GitHub. Give it a try if you need to connect your server mongodb instance with SSH.

ssh -L 27018:localhost:27017 username@yourserver.com

OwnCloud 8.2 configuration for Nginx subdirectory

I installed the latest OwnCloud 8.2 under the subdirectory on https://crossrt.me, so I can share the SSL certificate to protect my files during transfer between remote and client. I search the Nginx configuration for my circumstance, but not luck since no one is working. So I decide to modify the config file from administration manual, here is the link to it.

My circumstance:

  • Want to install OwnCloud 8.2
  • WordPress installed on the domain.
  • Share SSL certificate.

Here is my nginx config file, modify it according to your need:

PASTEBIN


server {
	listen 443 default_server;
	ssl on;
	ssl_certificate /PATH/TO/YOUR/SSL.crt;
	ssl_certificate_key /PATH/TO/YOUR/SSL.key;

	server_name domainname.com;
	root /PATH/TO/YOUR/domainname.com;
	index index.php index.html index.htm;

	location / {
		try_files $uri $uri/ /index.php?q=$uri&$args;
	}

	location ~ \.php$ {
		try_files $uri =404;
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		fastcgi_pass unix:/run/php/php7.0-fpm.sock;
		fastcgi_index index.php;
		include fastcgi_params;
	}

	# deny access to .htaccess files, if Apache's document root concurs with nginx's one
	location ~ /\.ht {
		deny all;
	}

	error_page 404 /404.html;
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
		root /usr/share/nginx/html;
	}

	# Add headers to serve security related headers
	# add Strict-Transport-Security to prevent man in the middle attacks
	add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
	add_header X-Content-Type-Options nosniff;
	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Robots-Tag none;

	location /owncloud {

		client_max_body_size 2G; # set max upload size
		fastcgi_buffers 64 4K;

		error_page 403 /owncloud/core/templates/403.php;
		error_page 404 /owncloud/core/templates/404.php;

		rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ permanent;
		rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ permanent;

		# The following 2 rules are only needed for the user_webfinger app.
		# Uncomment it if you're planning to use this app.
		#rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
		#rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;

		location = /owncloud/robots.txt {
			allow all;
			log_not_found off;
			access_log off;
		}

		location ~ ^/owncloud/(build|tests|config|lib|3rdparty|templates|data)/ {
			deny all;
		}

		location ~ ^/owncloud/(?:\.|autotest|occ|issue|indie|db_|console) {
			deny all;
		}

		rewrite ^/owncloud/remote/(.*) /remote.php last;
		rewrite ^/owncloud(/core/doc/[^\/]+/)$ $1/index.html;
		try_files $uri $uri/ =404;

		location ~ \.php(?:$|/) {
			fastcgi_split_path_info ^(.+\.php)(/.+)$;
			include fastcgi_params;
			fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
			fastcgi_param PATH_INFO $fastcgi_path_info;
			fastcgi_param HTTPS on;
			fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
			fastcgi_pass unix:/run/php/php7.0-fpm.sock;
			fastcgi_intercept_errors on;
		}

		# Adding the cache control header for js and css files
		# Make sure it is BELOW the location ~ \.php(?:$|/) { block
		location ~* \.(?:css|js)$ {
			add_header Cache-Control "public, max-age=7200";
			# Add headers to serve security related headers
			add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
			add_header X-Content-Type-Options nosniff;
			add_header X-Frame-Options "SAMEORIGIN";
			add_header X-XSS-Protection "1; mode=block";
			add_header X-Robots-Tag none;
			# Optional: Don't log access to assets
			access_log off;
		}

		# Optional: Don't log access to other assets
		location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
			access_log off;
		}
	}
}


So basically I just modify the rewrite rules in the config file from its official document. Again, remember to refer OwnCloud official document, it’s always helped.

 

How to fix WordPress user registration email not sending while admin notification is sent.

Today I noticed my WordPress is not sending registration email to new user, but I’m received the notification email.
I spent 2 hours to figure it out.

  • Local SMTP mail server checked, email sent without any error.
  • External SMTP mail server tried, email sent without any error.

Both sending method sent notification to admin only, but not user registration email.

I suspect the problem is not caused by mail server, then I check all  installed plugins.

Finally I found a plugin called “Stop Spammers Spam Control” cause the problem I mentioned above. By deactivating it, everything works like charm again.

Conclusion

So if you having the same problem like me, try deactivate some installed anti-spammer plugins. It might helped.

Upgrade PHP 5.5 to 7.0 on Ubuntu 14.04

PHP 7.0 just released 2 weeks ago, and it has good reviews about performance improved a lot. So I would like to give it a try, upgrading my Ubuntu 14.04 VPS on DigitalOcean to this latest PHP version.  Here is my upgrade snippet.

My VPS details before upgrade:
  • Ubuntu 14.04
  • PHP 5.5.9
  • nginx 1.4.6
  • phpmyadmin installed
Steps
  1. Add the repository
    add-apt-repository ppa:ondrej/php-7.0
  2. Update
    apt-get update
  3. You can check installed php5-* packages with this command, for better understanding before remove them.
    dpkg --get-selections | grep php
  4. Remove all php5-* packages
    apt-get purge php5-*
    apt-get --purge autoremove
  5. Install php7.0 packages. Some might not necessary, depends on your requirement.
    apt-get install php7.0-fpm php7.0-mysql php7.0-cli php7.0-common php7.0-json php7.0-opcache
  6. After everything installed properly, you will need to update your web server configuration. For me, I need to modify fastcgi_pass directive in Nginx config file to something like this:
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    

    This is because the location of socket file has changed in php7.

  7. Restart your nginx and php7.0-fpm
    service nginx restart
    service php7.0-fpm restart
Notes:
  • Run all commands with sudo or your root account.
  • phpMyAdmin will be removed during the steps above. Because it requires some php5 packages.

Setup SFTP for a user to access restricted folder only on Ubuntu 14.04

Today I need to give my friend access to my server, so he can edit any files in that folder. My server is running OpenSSH and SFTP is enabled by default, actually I can create a new Linux user for him to access with SFTP. But I just want he accessing to the folder I gave him, so here I modify OpenSSH configuration to fit my need.

System details:

  • Ubuntu 14.04
  • Running OpenSSH

Steps:

  1. Add a group called sftp.
    sudo addgroup sftp
  2. Add new user with default home path, assign to sftp group and disable shell access.
    sudo useradd -m -g sftp -s /bin/false username
  3. Give a new password for the user.
    sudo passwd username
  4. Change home directory’s user and group to root.
    sudo chown root:root /home/username
  5. Change home directory’s permission
    sudo chmod 755 /home/username
  6. Go into the folder
    cd /home/username
  7. Create a new folder named www.
    sudo mkdir www
  8. Change www folder’s user and group to username.
    sudo chown username:username www
  9. This step is the core. Edit to /etc/ssh/sshd_config with the editor you used to.
    sudo nano /etc/ssh/sshd_config
  10. Add following lines to the end of  /etc/ssh/sshd_config.
    Match group sftp
    	ChrootDirectory %h
    	X11Forwarding no
    	AllowTcpForwarding no
    	ForceCommand internal-sftp
    	# PasswordAuthentication yes

    Enable PasswordAuthentication by uncomment it if you enabled PubkeyAuthentication for other users in sshd_config.

  11. Restart ssh service. Done.
    sudo /etc/init.d/ssh restart

 

Hello world!

This is a place for me to share my setup, projects and solutions. I think most of the topics will related with free and open source software, Linux, server, web development. This blog is created as a contribution for the world of open source.  Hope you can found anything useful from here.

Cheers.