Ubuntu / Mint – Google Chrome start Incognito mode by default

A quick guide to set Incognito mode as default mode for Google Chrome in Linux Ubuntu / Mint (any version).

After Googling around for a while, I could only find a few tutorials going through a few confusing steps for new users (can be found here and here). Instead, here’s a quick tutorial that’ll help you set it up in under 30 seconds.

Execute the following commands in your terminal.

cd /usr/share/applications
sudo cp google-chrome.desktop google-chrome.backup
sudo vim google-chrome.desktop

Find the line

Exec=/usr/bin/google-chrome-stable %U

Replace the line with

Exec=/usr/bin/google-chrome-stable –incognito %U

Refer to this screenshot to ensure that your configuration file looks exactly like it.

That’s it! All new Google Chrome windows that you open will be incognito by default. You can remove the “incognito” text from the same configuration file in case you’d like to undo it.

cPanel How to – disable strict mode in MySQL

Need to disable strict mode in MySQL on a cPanel / WHM server? Here’s how you do it.

What is “strict mode” anyway?


Strict mode controls how MySQL handles invalid or missing values in data-change statements such as INSERT or UPDATE. A value can be invalid for several reasons. For example, it might have the wrong data type for the column, or it might be out of range. A value is missing when a new row to be inserted does not contain a value for a non-NULL column that has no explicit DEFAULT clause in its definition. (For a NULL column, NULL is inserted if the value is missing.) Strict mode also affects DDL statements such as CREATE TABLE. – From MySQL documentation

Follow these steps to disable strict mode –

  1. Login to your server via ssh
  2. Edit “/etc/my.cnf” configuration file
  3. Add a new line at the end sql_mode=””
  4. Restart MySQL with “service mysqld restart”

That should be it. Now let’s confirm if the strict mode is indeed turned off.

  1. Log in to your MySQL server (assuming you are the root user), this can be done by simply issuing “mysql” command
  2. Then use command “SHOW VARIABLES LIKE ‘sql_mode’;
  3. The output should have a blank value

How to setup SSL termination with Nginx

– How do I enable SSL on my website which was setup using Nginx?

As part of my series of tutorials on Nginx, its time to learn “how to install SSL using Nginx“. It is assumed that you already have your SSL certificate, if not, you can generate a free SSL certificate by following this tutorial which makes use of LetsEncrypt.

Continue reading “How to setup SSL termination with Nginx”

Best free alternatives to cPanel in 2019

– I am looking for a free alternative of cPanel
– I moved to cloud servers and cPanel is too expensive, are there any alternatives?

cPanel has been single-handedly dominating the market of a “GUI for web hosting” and “web hosting control panels” for a little over a decade now. If you have been using a shared hosting account, you would possibly be thinking of it as a “free software”, which simply isn’t true. I haven’t used it since about 5 years but the last time I checked it was $35 USD per dedicated server. That’s a LOT of money in context of a massive infrastructure. As more people are now moving out of shared hosting environments and embracing cloud servers, management and setup of these servers have become their primary concern now. Most of the people that signed up for a $5 DigitalOcean server or an AWS account with credits wouldn’t know how to actually manage a Linux server because they haven’t had to do it so far and having a GUI is really important for them as they aren’t really well-versed with the Linux terminal.

LEARN more

Explained – How do I host a website using Nginx?

I have purchased a cloud server with DigitalOcean / AWS / Azure / Google Cloud and now I want to host my website on it. But since it doesn’t have any GUI, how do I do that?

Note – This tutorial assumes you are working with an Ubuntu Server (any version).

Installing Nginx – the right way!

Step 1  – Add Nginx Repository

This is one of the very first questions thrown around by linux administrators that have just begun. In this tutorial, I will walk you through setting up nginx.

LEARN more

How do I run a bash script in Linux and Mac?

– I have downloaded a Linux script or tool from the internet which has “.sh” format, how do I run or install it?
 – I am getting a “permission denied” error while trying to execute the “.sh” file.

I usually run into this question from users that have just begun exploring Linux or Mac as their secondary operating system. An “.sh” file is nothing but a “bash script”, also referred to as a “shell script”. These scripts can be run directly using the Linux terminal or any Unix like OS for that matter, which includes a Mac.

LEARN more

Nginx – serving multiple website applications on port 80

It could be a little tricky for a less experienced Linux Administrator to setup multiple nginx configuration files in order to serve more than one website or one application for that matter. In this tutorial, I will walk you through the configuration setup and hopefully it will help you understand how nginx works.


Multiple applications being served on port 80

First Scenario:

I have two local python applications that are being served on localhost:5001 and localhost:5002. Now, I want both of these applications to be served on port 80.

Here is what the nginx configuration file would look like for first application that is live on “localhost:5001”.

upstream my_app1 {
 server localhost:5001;
}

server {
    listen 80;
    server_name my-app1.com;
    access_log  /var/logs/nginx/my_app1-access.log;
    error_log  /var/logs/nginx/my_app1-error.log;
    client_max_body_size 50M;

    location / {
        proxy_pass         http://my_app1/;
        proxy_redirect     off;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_read_timeout 300;
        #auth_basic           "Authentication";
        # auth_basic_user_file /etc/nginx/secrets/nonprod-es.pswd;
        }

    location /nginx_status {
        stub_status on;
        access_log off;
    }
}

Here is the second configuration file for the second application on the same server that is live on “localhost:5002”

upstream my_app2 {
 server localhost:5002;
}

server {
    listen 80;
    server_name my-second-app.com;
    access_log  /var/logs/nginx/my_app2-access.log;
    error_log  /var/logs/nginx/my_app2-error.log;
    client_max_body_size 50M;

    location / {
        proxy_pass         http://my_app2/;
        proxy_redirect     off;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_read_timeout 300;
        #auth_basic           "Authentication";
        # auth_basic_user_file /etc/nginx/secrets/nonprod-es.pswd;
        }

    location /nginx_status {
        stub_status on;
        access_log off;
    }
}

We are basically –
1. Using the “upstream” initially to inform nginx of the port where our application is live
2. and then passing the same upstream in the “location”
3. We’re also defining the log locations as well as “port 80” as an incoming port.
4. You would notice I have commented out two lines of “auth_basic”. You can enable them if you wish to place a simple HTTP auth when you don’t want the app to be public and share the credentials with your team for internal testing.

Scenario Two:

I have two different website files stored on my server and now I want to connect them to my domain names (two domains).

1. First website
Domain – first-website.com
Web Files – /var/www/first-website/html

2. Second website
Domain – second-website.com
Web Files – /var/www/second-website/htm

Here is the configuration file of the first-website.com.

Here is the configuration file of the second-website.com which is also being served from the same domain name.

The only different between an application such as Python, Node etc and a website is that you would be upstreaming tp the port for an application while you would simply be setting the website files root in case of a website. Hope you found this tutorial useful and feel free to comment if you have any questions.

“never connected” error while connecting a new agent in Wazuh

Wazuh is a fork of OSSEC which makes use of ELK stack in order to help you simplify monitoring and management of your distributed infrastructure. I personally have been playing around with it for about a month now in order to evaluate its maturity for a production environment. I would be making a separate post on my findings after I am fully satisfied of having studied all aspects of it. For now, I just wanted to share a solution of one of the most common errors that you might come across while getting your hands dirty with Wazuh.

Newly integrated agents show “never connected”  status:

  • You first want to ensure that the Wazuh Agent is running fine and is connected to your manager.
    – Ensure that your Wazuh Manager’s IP is appropriately added into “/var/ossec/etc/ossec.conf”. It should look something like this. This file is in your agent machine.root@my-agent:/var/ossec/etc# cat ossec.conf <!– Wazuh – Agent – Default configuration for ubuntu 14.04 More info at: https://documentation.wazuh.com Mailing list: https://groups.google.com/forum/#!forum/wazuh –> <ossec_config> <client> <server> <address>159.89.164.157</address> <port>1514</port> <protocol>udp</protocol> </server> …… – If you believe your .conf file to be setup properly, the next step is to check if the wazuh-agent is actually working in the background using following command.nishant@my-agent:~$ sudo netstat -anp | grep 1514 udp 0 0 139.162.58.211:34750 159.89.164.157:1514 ESTABLISHED 12972/ossec-agentd Note that Wazuh uses port 1514 in order to setup remote connections over UDP. 
  • If both of the steps mentioned above works out then you can be sure that the agent is installed and working fine locally in your agents, however, they are not able to connect to your manager. This could be due to several reasons, however, the most common reason is the firewall blocking the outgoing port.Again, keep in mind that Wazuh uses UDP protocol. Assuming you are using Ubuntu or another Debian based operating system, the best way to enable an outgoing port is to use UFW. Use following commands in order to do so.Note – DO NOT try this if you’ve never used UFW before because you might end up locking yourself out of the server if you do not allow incoming SSH ports while enabling UFW. I am adding the command to enable SSH in the list below just in case.nishant@b0x ~ $ sudo ufw status Status: inactive nishant@b0x ~ $ sudo ufw enable Firewall is active and enabled on system startup nishant@b0x ~ $ sudo ufw allow out 1514/udp Rule added Rule added (v6) nishant@b0x ~ $ sudo ufw status numbered Status: active To Action From — —— —- [ 1] 1514/udp ALLOW OUT Anywhere (out) [ 2] 1514/udp (v6) ALLOW OUT Anywhere (v6) (out) nishant@b0x ~ $ 

That should fix your problem. Also, its important to ensure that your Wazuh Manager server has allowed incoming traffic on port 1514 over UDP. You can use Google in order to find out more about UFW Commands.

Solution – vagrant Warning: Authentication failure. Retrying…

I recently ran into this error after generating a new set of SSH keys in my Vagrant machine. I looked around couldn’t find any concrete solution which is why I decided to make this post so that it might end up helping you.

Vagrant SSH – vagrant Warning: Authentication failure. Retrying…

This usually happens when you make any change to ~/.ssh  directory in your vagrant machine or you generate a new key. A “good to know” tip is that Vagrant stores the private key in “/home/USER/Documents/boxes/.vagrant/machines/your-machine/virtualbox” , where “USER/Documents/boxes” is assumed to be the location for your vagrant setup. Rest of the path remains the same. You would find a vagrant key at “./.vagrant/machines/your-machine/virtualbox/private_key”  where “your-machine” is the name of your Vagrant machine. Now you can simply modify your Vagrant file to use this particular key to log you in instead of the new key that you might have generated / setup.

Here’s how you do it – 

my-machine.ssh.private_key_path = "/home/USER/Documents/boxes/.vagrant/machines/my-machine/virtualbox/private_key"

Again, remember to replace /home/USER/Documents/boxes with the path of your Vagrantfile (Vagrant setup). So now your Vagrantfile should look like this with updated private keys.

Vagrant.configure("2") do |config|
  config.vm.define "jenkins" do |jenkins|
      jenkins.vm.box = "bento/ubuntu-16.04"
      jenkins.ssh.private_key_path = "/home/USER/Documents/boxes/.vagrant/machines/your-machine/virtualbox/private_key"
      jenkins.vm.hostname = "jenkins" 
      jenkins.vm.network "private_network", ip: "192.168.33.10"
  end
end
~

Feel free to comment below if your issue persists and I’d be happy to help you troubleshoot it further.