Tagged: vestacp Toggle Comment Threads | 快速鍵

  • starway 9:54 pm on September 22, 2017 固定鏈結 | 回應
    Tags: vestacp   

    roundcube 連線到 imap 伺服器失敗 

    nano /etc/dovecot/dovecot.conf

    Add the following:
    namespace inbox {
    inbox = yes
    }

    廣告
     
  • starway 7:05 pm on July 3, 2017 固定鏈結 | 回應
    Tags: vestacp   

    log size 大小 

    cd /etc/logrotate.d

    nano nginx

    增加SIZE

    size 10M

     
  • starway 2:39 pm on July 3, 2017 固定鏈結 | 回應
    Tags: vestacp   

    [HOWTO] Recompile NGINX with OpenSSL 1.0.2+ for HTTP/2 via ALPN on Debian 8 Topic is solved 

    特別注意:

    每個版本 nginx 搭配 openssl
    會有成功與失敗 不同的結果
    要注意

    ===========================================================

    參考文件:

    http://hg.nginx.org/njs/archive/njs-63d7430291f2.zip

    ===========================================================

    nginx -V

    yum install gc gcc gcc-c++ pcre-devel zlib-devel make wget openssl-devel libxml2-devel libxslt-devel gd-devel perl-ExtUtils-Embed GeoIP-devel gperftools gperftools-devel libatomic_ops-devel perl-ExtUtils-Embed -y

    cd /usr/local/src/

    wget https://www.openssl.org/source/openssl-1.1.0e.tar.gz

    tar zxf openssl-1.1.0e.tar.gz

    wget https://nginx.org/download/nginx-1.12.0.tar.gz

    tar zxf nginx-1.12.0.tar.gz

    cd nginx-1.12.0

    service nginx stop

    ./configure –prefix=/etc/nginx –sbin-path=/usr/sbin/nginx –modules-path=/usr/lib64/nginx/modules –conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx.pid –lock-path=/var/run/nginx.lock –http-client-body-temp-path=/var/cache/nginx/client_temp –http-proxy-temp-path=/var/cache/nginx/proxy_temp –http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp –http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp –http-scgi-temp-path=/var/cache/nginx/scgi_temp –user=nginx –group=nginx –with-compat –with-file-aio –with-threads –with-http_addition_module –with-http_auth_request_module –with-http_dav_module –with-http_flv_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_mp4_module –with-http_random_index_module –with-http_realip_module –with-http_secure_link_module –with-http_slice_module –with-http_ssl_module –with-http_stub_status_module –with-http_sub_module –with-http_v2_module –with-mail –with-mail_ssl_module –with-stream –with-stream_realip_module –with-stream_ssl_module –with-stream_ssl_preread_module –with-cc-opt=’-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong –param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC’ –with-ld-opt=’-Wl,-z,relro -Wl,-z,now -pie’ –with-openssl=/usr/local/src/openssl-1.1.0e

    make & make install

    service nginx restart

    nginx -V

    ==============================================================
    最後修改樣板

    cd /usr/local/vesta/data/templates/web/nginx/

    nano force-https.stpl

    server {
    listen %ip%:%proxy_ssl_port%;
    改成
    server {
    listen %ip%:%proxy_ssl_port% http2;

    參考文件:
    https://forum.vestacp.com/viewtopic.php?f=11&t=13150&p=55968&hilit=http2#p55968

     
  • starway 11:03 am on July 3, 2017 固定鏈結 | 回應
    Tags: vestacp   

    vestacp 

    文件 https://vestacp.com/docs/
    樣板路徑 /usr/local/vesta/data/templates/web/nginx/

     
  • starway 2:12 pm on June 28, 2017 固定鏈結 | 回應
    Tags: vestacp   

    ssl 續用修正 

    touch /usr/local/vesta/data/queue/letsencrypt.pipe
    chmod 750 /usr/local/vesta/data/queue/letsencrypt.pipe

     
    • starway 3:06 下午 on 六月 28, 2017 固定鏈結

      新版已經不用修正了 以更正

  • starway 3:31 am on June 10, 2017 固定鏈結 | 回應
    Tags: vestacp   

    vestacp CRON jobs 

    https://forum.vestacp.com/viewtopic.php?t=5599

    wget -q –spider https://xxxx.xxx/xx.php > /dev/null 2>&1

    wget -q –spider <== -q 安靜模式 –spider 不下載東西 ,一定要加不然會多一堆紀錄檔案

    > /dev/null 2>&1 <==表示不寄信,一定要加不然會收到爆

     
  • starway 3:06 am on June 10, 2017 固定鏈結 | 回應
    Tags: vestacp   

    如何修改phpmyadmin url 網址 

    http://vestacp.com/docs/#config-log-location-rhel-centos

    修改
    nano /etc/httpd/conf.d/phpMyAdmin.conf

    Alias /phpMyAdmin /usr/share/phpMyAdmin
    Alias /phpmyadmin /usr/share/phpMyAdmin
    範例
    改/phpMyAdmin -> /phpmyadmin-xxxx
    改/phpmyadmin -> /phpmyadmin-xxxx
    最後重開httpd

     
  • starway 9:23 pm on May 27, 2017 固定鏈結 | 回應
    Tags: vestacp   

    安裝 Vesta 

    安裝 Vesta
    curl -O http://vestacp.com/pub/vst-install.sh
    bash vst-install.sh
    ==================================
    How to force https/SSL on a domain
    1. Install custom nginx template
    cd /usr/local/vesta/data/templates/web
    wget http://c.vestacp.com/0.9.8/rhel/force-https/nginx.tar.gz
    tar -xzvf nginx.tar.gz
    rm -f nginx.tar.gz
    ==================================
    To get SSL working for your VestaCP:
    (如果一開始主機沒設網域時才使用)

    You can do the following:

    CODE: SELECT ALL
    mv /usr/local/vesta/ssl/certificate.crt /usr/local/vesta/ssl/certificate.crt.backup

    CODE: SELECT ALL
    mv /usr/local/vesta/ssl/certificate.key /usr/local/vesta/ssl/certificate.key.backup

    CODE: SELECT ALL
    nano /usr/local/vesta/ssl/certificate.crt #paste your crt -> save.
    CODE: SELECT ALL
    nano /usr/local/vesta/ssl/certificate.key #paste your key -> save.

    CODE: SELECT ALL
    service vesta restart
    ==================================

    ################################################################

    項目 1. centos 安全設定

    1.建立新帳號密碼
    adduser 帳號
    passwd 帳號
    ex:
    adduser admin <==新增帳號
    passwd admin <==修改帳號admin 密碼

    2.停用root ssh登入
    編輯 /etc/ssh/sshd_config
    nano /etc/ssh/sshd_config
    尋找:
    #PermitRootLogin yes
    修改為:
    PermitRootLogin no
    最後輸入以下指令重新啟動
    systemctl restart sshd.service

    項目 2. 每天自動更新
    yum -y update
    yum -y install cronie
    yum -y install yum-cron

    編輯 /etc/yum/yum-cron.conf
    nano /etc/yum/yum-cron.conf
    尋找:
    apply_updates = no
    修改為:
    apply_updates = yes

    確認一下 update_messages = yes, download_updates = yes, apply_updates = yes

    最後,啟動 crond 和 yum-cron:
    systemctl start crond
    systemctl start yum-cron

    項目 3. 修改防火牆 fail2ban

    nano /etc/fail2ban/jail.conf

    [sshd]
    enabled = true
    port = ssh
    filter = sshd
    logpath = /var/log/auth.log
    maxretry = 5 # 最多幾次 (改成 3 次)
    findtime = 600 # 時間區間
    bantime = 1200 # 要 ban 多久 (改成86400 一天)
    .
    service fail2ban restart

    相關於文件參考:
    https://newtoypia.blogspot.tw/2016/04/fail2ban.html
    http://www.vixual.net/blog/archives/252

     
  • starway 3:47 pm on May 27, 2017 固定鏈結 | 回應
    Tags: vestacp   

    https://cloudwp.pro/blog/vesta-%E8%BF%91%E4%B9%8E%E5%AE%8C%E7%BE%8E%E7%9A%84%E5%85%8D%E8%B2%BB-vps-%E9%9D%A2%E6%9D%BF/

     
  • starway 12:41 pm on May 1, 2017 固定鏈結 | 回應
    Tags: vestacp   

    Nginx fails to start

    nano /etc/nginx/conf.d/01_caching_pool.conf
    You will see 2 line with the same content /var/cache/nginx/domain.com.
    Delete one of this lines and try again.

     
    • starway 9:44 上午 on 七月 2, 2017 固定鏈結

      /home/admin/conf/web/nginx.conf

c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
回應
e
編輯
o
Show/Hide comments
t
至頂
l
Go to login
h
Show/Hide help
shift + esc
取消