Skip to main content

Posts

ISPConfig 3.2 Let's Encrypt on AWS EC2 instances

ISPConfig 3.2 brings a much welcomed feature of installing a Let's Encrypt SSL for the default ISPConfig interface. Prior to installation it is best to set the hostname of the EC2. e.g. 1. nano /etc/hosts add the instance default name at 127.0.0.1 2. hostnamectl set-hostname [new hostname] 3. nano /etc/cloud/cloud.cfg Change the following parameters to "true" preserve_hostname: true If the ISPConfig has already been configured, re-run the update routine and choose to reinstall the default SSL again. During installation, it might report an error that DNS fails to resolve the domain, just continue and it should generate the SSL corretly.
Recent posts

Tips: Adding more than one OneDrive account to Windows 10

There is a not-so-intuitive but not-so-difficult to find option to add more than one Microsoft OneDrive account to Windows 10. 1. Install OneDrive client 2. Setup the first account 3. Right-click on the OneDrive folder created by the first account -> Settings (under OneDrive) 4. Under the Account panel, there is an "Add Account" button  This allows you to add several OneDrive accounts at the same time

WordPress WAF blocking IPs due to 404 errors of autodiscover/autodiscover.xml

Problem: Our client is using Microsoft 365 and Outlook 365 (similar Microsoft e-mail clients) will try to access the following URL during configuration: https://domain.com/autodiscover/autodiscover.xml This has created a large amount of 404 errors and may result WordPress WAF (such as iThemes Security) to block the IPs. Diagnosis: The root cause for this is the standard behavior of Microsoft e-mail clients trying to look for the correct server. Here's an explanation of the process, provided by Microsoft support technician Martin Xu: The reason is you create CNAME in your host provider and re-point your Autodiscover service to xxx.outlook.com. The testing tool will follow the default process to test the connection. First it will find the original domain to test whether autodiscover can pass, and then will test autodiscover.yourdomain.com. Finally it will check whether there are some CNAME setting for you domain to re-point autodiscover. If you are using xyz@yourdomain.com, the prima...

Migration of EC2 from old to new generation (Nitro System)

Problem: During the migration of EC2 from older generation to newer generation that runs Nitro System, the system fails to boot Root Cause: We have 2 EBS attached and if the booting process involved the use of the second EBS, the booting will fail. In our case, we moved /var to another EBS. The reason is the in /etc/fstab, it refers to a /dev which no longer exists. This is due to new referencing convention used by Nitro System. Instead of /dev/xvdb1 etc, they become /dev/nvmen1p1 and so on. Solution: 1. Before switching instance to new generation, change the /etc/fstab e.g. from /dev/xvdb1 to /dev/nvme1n1p1 2. Stop the instance via AWS Console 3. Switch to the new instance, start instance Depending on how the dev is initially formatted, the change could be: e.g. from /dev/xvdb1 to /dev/nvme1n1 (i.e. without "p1") With the server upgrade to newer generation under AMD architecture, there is a cost saving of >15% and better network I/O. This upgrade exercise makes economic...

Speeding up Apache2 with Varnish; under ISPConfig 3

A virtual hosting requires Apache2 as webserver (due to the need for .htaccess). Hence can't directly replace it with NginX. Solution in brief: Setup a Varnish as cache but Varnish does not support SSL Hence we need to setup an NginX as reverse proxy to listen to port 443 and redirect the request to Varnish. The last step was to setup http to https re-direction. This could not be done directly under ISPConfig 3 http-to-https switch because this Apache2-based setting will create an infinite loop. This is resolved by creating a redirect within Varnish via its configuration language VCL. Solution step-by-step: Source: 1.  https://github.com/manoaratefy/ispconfig3-varnish When performing the steps by following Source 1, also turn off any Apache2 http to https redirect under ISPConfig after re-sync the websites. Then remove the default NginX vhost: rm /etc/nginx/sites-enabled/default Then perform the final steps as directed, i.e. restart the services: systemctl rest...

Backup iPhone to external hard drive in Mac OS Catalina

Issue: The MacBook internal SSD is too small for an iPhone backup. Under Mac OS Catalina, the iPhone backup and restore functionality is built in Finder. So iTunes is no longer needed. The path of the backup is essentially the same. Solution: Create a symlink so that it points to the external hard drive. Steps: 1/ Locate the Backup Folder. It should be inside: ~/Library/Application Support/MobileSync/ 2/ Rename the existing Backup folder to something like "Backup Old" so that you have a backup. 3/ Under the external SSD or storage, create a new "Backup" folder. 4/ Open Terminal and execute the symlink command: sudo ln -s /Volumes/ExternalHD/iPhoneBackup/Backup/ ~/Library/Application\ Support/MobileSync/Backup 5/ Under Finder, execute the backup, and verify that it is backing up Note: Similar methods applied to backup into specific backup folders (should be ideal for incremental backup) Photo Credit: Photo by Markus Spiske on Unsplash...

Installing php7.3 on ubuntu 18.04LTS

php 7.2 is the standard component of Ubuntu 16.04. The following steps can upgrade it to php7.3 sudo apt update sudo apt upgrade sudo apt install software-properties-common sudo add-apt-repository ppa:ondrej/php sudo apt update sudo apt install php7.3-fpm sudo apt install php7.3-common php7.3-mysql php7.3-xml php7.3-xmlrpc php7.3-curl php7.3-gd php7.3-imagick php7.3-cli php7.3-dev php7.3-imap php7.3-mbstring php7.3-opcache php7.3-soap php7.3-zip php7.3-intl -y