Force non-www to www and http to https using redirect rules

We can redirect non-www to www is quiet easy task with the mod_redirect. You can use below Redirect Rules for the same.

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

SSL certificate

First we need to create a private key. Note that this process will require a passphrase for the key - don't worry, we'll remove it later to make things easier:

openssl genrsa -des3 -out myssl.key 1024

As said, this will require you to enter a passphrase.

CSR

Now we need to create a CSR (Certificate Signing Request):

openssl req -new -key myssl.key -out myssl.csr

The process will ask for various details for the certificate. I entered the following for each question:
Country Name: GB
State or Province Name: Nottinghamshire
Locality Name: Nottingham
Organization Name: PickledOnion Ltd
Organizational Unit Name: Web Development
Common Name: admin.domain.com
Email Address: webadmin@domain.com
For the 'extra' attributes I simply pressed 'return' (i.e. I left them blank).
Note: For the Common Name I entered the domain name I want to associate with the certificate. In this case I want it for my administration area so I entered 'admin.domain.com'.
You are not restricted to using the certificate with just that domain but it will produce extra warnings if the Common Name does not match the URI.

Remove Passphrase

When we generated the myssl.key file, we had to enter a passphrase. One disadvantage of this is the need to enter the passphrase if the Slice is rebooted.
This is especially problematic if an unexpected reboot occurs as the boot sequence will simply stop until you enter the console via the SliceManager and enter it.
So unless you see a particular need to keep the passphrase, let's remove it:

cp myssl.key myssl.key.org
openssl rsa -in myssl.key.org -out myssl.key

You will be asked for the passphrase one last time to confirm it is a genuine request.
Now we have three files in the temp folder:

ls
...
myssl.csr  myssl.key  myssl.key.org

CRT

The last file we need generate is the actual ssl certificate:

openssl x509 -req -days 365 -in myssl.csr -signkey myssl.key -out myssl.crt

Good. Now we have the final piece in place as that generated our myssl.crt file.

Everything in its place

Now we need to copy the relevant files to the /etc/ssl/ directory.
First file to move is the certificate itself:

sudo cp myssl.crt /etc/ssl/certs/

and secondly, copy the key:

sudo cp myssl.key /etc/ssl/private/

Clean up

You are now free to delete the temp file and the four files we generated or, if you prefer, keep them around for a while until you know the ssl certificate works correctly.

Summary

Nginx requires more than the standard pem file that Apache is happy with. As such, we need to create a ssl key and a certificate file.
Once the files have been generated and moved to the /etc/ssl/ directory, we are now ready to configure Nginx to serve our domain from an HTTPS connection.

How to add Iptables in startup in ubuntu

In Ubuntu There is no any service to start iptables like Redhat, Centos & Fedora. We can add iptables in startup using below instructions.

• First open the required ports. See iptables.

      # sudo /sbin/iptables -A INPUT -p tcp --dport ssh -j ACCEPT 

• Let's Check your Iptables Rule..

      # sudo /sbin/iptables 

Saving iptables

• If you were to reboot your machine right now, your iptables configuration would disappear. Rather than type this each time you reboot, however, you can save the configuration, and have it start up automatically. To save the configuration, you can use iptables-save and iptables-restore. 

• Save your firewall rules to a file

      #sudo sh -c "/etc/iptables-save > /etc/iptables.rules"

Configuration on startup using /etc/network/interfaces

•  Modify the /etc/network/interfaces configuration file to apply the rules automatically. You will need to know the interface that you are using in order to apply the rules - if you do not know, you are probably using the interface eth0, although you should check with the following command first to see if there are any wireless cards:

      #iwconfig

• Edit /etc/network/interfaces with your favourite editor.

  When in the file, search for the interface you found, and at the end of the network related lines for that interface, add the line:

  pre-up iptables-restore < /etc/iptables.rules

  • You can also prepare a set of down rules, save them into second file /etc/iptables.downrules and apply it automatically using the above steps: 

            post-down iptables-restore < /etc/iptables.downrules 

Magento - Admin login problem after fresh installation

Many times it happens, that after fresh installation of magento we are unable to login with admin. Try the solution for the same.

1) Edit varien.php which located in /[Magento_Dir]/app/code/core/Mage/Core/Model/Session/Abstract/


2) Find out the below pattern & comment last three lines.

session_set_cookie_params(

$this->getCookie()->getLifetime(), $this->getCookie()->getPath()//, //$this->getCookie()->getDomain(), //$this->getCookie()->isSecure(), //$this->getCookie()->getHttponly()

);

 3) Now try to login with admin user

Step-by-step configuration of MySQL Replication

Environment:

Master : 192.168.0.2
Slave : 192.168.0.3

MASTER CONFIGURATION

1) Login to MySQL with root user & Create a user for replication.
 
GRANT REPLICATION SLAVE ON *.* TO 'slave_user'@'%' IDENTIFIED BY 'your_password';
FLUSH PRIVILEGES;

2) Edit your my.cnf on master & add below lines in [mysqld] section

log-bin = /home/mysql/logs/mysql-bin.log
binlog-do-db=my_database
server-id=1

3) Restart master server

/etc/rc.d/init.d/mysqld restart



Configuring the Slave

1) Edit my.cnf

server-id=2
master-host=128.0.0.1
master-connect-retry=60
master-user=slave_user
master-password=slave_password
replicate-do-db=my_database

2) Restart MySQL Service

/etc/init.d/mysqld restart



3) Again login to mysql On the Master...

mysql > FLUSH TABLES WITH READ LOCK;

mysql > SHOW MASTER STATUS;

+---------------------+----------+-------------------------------+------------------+
 | File                          | Position | Binlog_Do_DB     | Binlog_Ignore_DB |
+---------------------+----------+-------------------------------+-----------------+
 | mysql-bin.000001   | 98           | my_database       |                  |
+---------------------+----------+-------------------------------+------------------+

You need this info while starting slave So copy it somewhere.


5) Take a DBdump from master & copy it to slave

6) login to MySQL On the Slave

mysql > stop slave;
mysql > CREATE DATABASE `my_database`;

7) Import Ur master dump

8) Login to MySQL on slave.

mysql > CHANGE MASTER TO MASTER_HOST='192.168.0.2', MASTER_USER='slave_user', MASTER_PASSWORD='slave_password', MASTER_LOG_FILE='mysql-bin.000001', MASTER_LOG_POS=98;

slave start;

9) Back on the Master, log in to mysql & unlock the tables.
mysql > unlock tables;

10) Here we completed mysql replication configuration Now change any field in "my_database" on Master server, It will reflect on slave server.