Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OS UBUNTU SERVER 18.04 MINIMAL
- ***********************************
- Hardware : VPS 1GB RAM 1 vCore 20GB Disk
- OS : Ubuntu 18.04 LTS Minimal
- ***********************************
- Ini hanya sebatas pengingat Saya untuk membuat Server CBT pribadi di Instansi
- Kurang lebih beberapa konfigurasi nya ada dibawah:
- Server Ini Support:
- -PHP 7.2 yang dicocokkan untuk script framework Codeigniter 3
- -NGINX
- -PhpMyadmin
- -MariaDB
- -UFW (Firewall)
- -FTP
- -SSL
- ***********************************
- sudo apt-get update && apt-get upgrade
- sudo apt-get install nginx
- sudo apt-get install ufw
- sudo ufw allow http
- sudo ufw allow https
- sudo systemctl restart nginx
- sudo systemctl status nginx
- sudo apt install mariadb-server
- sudo mysql_secure_installation
- #SKIP aja, NO
- sudo mariadb
- GRANT ALL ON *.* TO 'admin'@'localhost' IDENTIFIED BY 'admin1234' WITH GRANT OPTION;
- FLUSH PRIVILEGES;
- exit;
- mariadb -u admin -p
- sudo nano /etc/nginx/sites-available/default
- server {
- listen 80;
- listen [::]:80;
- root /var/www/html;
- #menambah index.php
- index index.php index.html index.htm index.nginx-debian.html;
- server_name cbt.smkn1candipuro.sch.id;
- location / {
- #agar semua request diarahkan ke index.php
- try_files $uri $uri/ /index.php?$args;
- }
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
- }
- }
- sudo systemctl restart nginx.service
- sudo apt-get install php-fpm php-mysql php-cgi php-common php-pear php-mbstring
- sudo apt-get install phpmyadmin php-gettext
- sudo ln -s /usr/share/phpmyadmin /var/www/html
- nano /var/www/html/info.php
- <?php
- phpinfo();
- ?>
- #Ujicoba situs
- http://ipserver/info.php
- http://ipserver/phpmyadmin
- =========================================================================
- JIKA TERJADI ERROR PADA PHPMYADMIN SAAT DIAKSES
- =========================================================================
- phpmyadmin warning libraries/sql.lib.php#613
- sudo cp /usr/share/phpmyadmin/libraries/sql.lib.php /usr/share/phpmyadmin/libraries/sql.lib.php.bak
- sudo nano /usr/share/phpmyadmin/libraries/sql.lib.php
- Press CTRL + W and search for (count($analyzed_sql_results['select_expr'] == 1)
- Replace it with ((count($analyzed_sql_results['select_expr']) == 1)
- Save file and exit. (Press CTRL + X, press Y and then press ENTER)
- function PMA_isRememberSortingOrder($analyzed_sql_results)
- {
- return $GLOBALS['cfg']['RememberSorting']
- && ! ($analyzed_sql_results['is_count']
- || $analyzed_sql_results['is_export']
- || $analyzed_sql_results['is_func']
- || $analyzed_sql_results['is_analyse'])
- && $analyzed_sql_results['select_from']
- && ((empty($analyzed_sql_results['select_expr'])) ||
- (count($analyzed_sql_results['select_expr']) == 1)
- && ($analyzed_sql_results['select_expr'][0] == '*'))
- && count($analyzed_sql_results['select_tables']) == 1;
- }
- Warning in ./libraries/plugin_interface.lib.php#551
- sudo cp /usr/share/phpmyadmin/libraries/plugin_interface.lib.php /usr/share/phpmyadmin/libraries/plugin_interface.lib.php.bak
- sudo nano /usr/share/phpmyadmin/libraries/plugin_interface.lib.php
- Press CTRL + W and search for if (! is_null($options) && count($options) > 0) {
- If not found, try search for if ($options != null && count($options) > 0)
- Replace with if (! is_null($options) && count((array)$options) > 0) {
- =========================================================================
- MEMAKSIMALKAN RESOURCE PHP UNTUK php cli/fpm dan nginx
- =========================================================================
- nano /etc/php/7.2/cli/php.ini
- nano /etc/php/7.2/fpm/php.ini
- upload_max_filesize = 320M
- post_max_size = 480M
- memory_limit = 1024M
- max_execution_time = 6000
- max_input_time = 10000
- max_input_vars = 30000
- php-fpm7.2 -t
- service php7.2-fpm restart
- =========================================================================
- JIKA MUNCUL PESAN ERROR SAAT UPLOAD FILE BESAR
- Error: 413 “Request Entity Too Large” in Nginx with “client_max_body_size”
- sudo nano /etc/nginx/nginx.conf
- #tambahkan pada akhir http:
- client_max_body_size 100M;
- sudo service nginx restart
- =========================================================================
- INSTALASI FTP UNTUK KEPERLUAN UPLOAD FILE KE SERVER
- =========================================================================
- sudo apt install curl
- sudo apt install vsftpd -y
- sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak
- sudo nano /etc/vsftpd.conf
- write_enable=YES
- sudo systemctl restart vsftpd
- sudo apt install zip
- =========================================================================
- UJICOBA SAYA
- =========================================================================
- dump database cbt.sql dengan http://ipserver/phpmyadmin
- upload zip cbt.zip dengan FTP Client (WinSCP)
- =========================================================================
- BERI AKSES
- =========================================================================
- chown -R www-data:www-data /var/www/html
- chmod 755 /var/www/html
- =========================================================================
- jika ada pesan Failed to upload image: HTTP Error: 403
- ini karena alamat situs pada controller codeigniter admin/soal/uploadfile belum ditambahkan
- =========================================================================
- ADA 3 OPSI SSL YANG AKAN KITA BUAT DAN PILIH SESUAI KEINGINAN
- -selfsigned (buat sendiri)
- -sslforfree.com (daftar disitusnya pasang manual certnya)
- -letsencrypt.org (dengan certbotnya)
- =========================================================================
- =========================================================================
- selfsigned
- =========================================================================
- sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
- sudo nano /etc/nginx/snippets/self-signed.conf
- ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
- ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
- sudo nano /etc/nginx/snippets/ssl-params.conf
- ssl_protocols TLSv1.2;
- ssl_prefer_server_ciphers on;
- ssl_dhparam /etc/ssl/certs/dhparam.pem;
- ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
- ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
- ssl_session_timeout 10m;
- ssl_session_cache shared:SSL:10m;
- ssl_session_tickets off; # Requires nginx >= 1.5.9
- # ssl_stapling on; # Requires nginx >= 1.3.7
- # ssl_stapling_verify on; # Requires nginx => 1.3.7
- resolver 8.8.8.8 8.8.4.4 valid=300s;
- resolver_timeout 5s;
- add_header X-Frame-Options DENY;
- add_header X-Content-Type-Options nosniff;
- add_header X-XSS-Protection "1; mode=block";
- sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
- sudo nano /etc/nginx/sites-available/default
- server {
- listen 80;
- listen [::]:80
- listen 443 ssl;
- listen [::]:443 ssl;
- include snippets/self-signed.conf;
- include snippets/ssl-params.conf;
- root /var/www/html;
- index index.php index.html index.htm index.nginx-debian.html;
- server_name cbt.smkn1candipuro.sch.id;
- }
- sudo systemctl restart nginx
- =========================================================================
- /etc/hosts
- 141.136.47.220 cbt.smkn1candipuro.sch.id server.cbt.smkn1candipuro.sch.id
- sudo cp default subdomain
- server {
- listen 80;
- listen [::]:80;
- listen 443 ssl;
- listen [::]:443 ssl;
- include snippets/self-signed.conf;
- include snippets/ssl-params.conf;
- root /var/www/html/server;
- index index.php index.html index.htm index.nginx-debian.html;
- server_name server.cbt.smkn1candipuro.sch.id;
- location / {
- try_files $uri $uri/ /index.php?$args;
- }
- location ~ \.php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
- }
- }
- sudo nginx -t
- sudo systemctl restart nginx
- #TEST https://namaserver
- =========================================================================
- sslforfree.com
- =========================================================================
- https://sslforfree.com
- Download your certificate and upload zip
- cd /etc/ssl
- cat certificate.crt ca_bundle.crt >> certificate.crt
- sudo nano /etc/nginx/default
- server {
- listen 443 ssl;
- ssl on;
- ssl_certificate /etc/ssl/certificate.crt;
- ssl_certificate_key /etc/ssl/private.key;
- }
- sudo /etc/init.d/nginx restart
- UNTUK subdomain, kamu daftar ssl lagi kesitusnya
- =========================================================================
- letsencrypt.org
- =========================================================================
- sudo apt update
- sudo apt install software-properties-common
- sudo add-apt-repository ppa:certbot/certbot
- sudo apt install python-certbot-nginx
- sudo certbot --nginx -d namaserver.com -d www.namaserver.com
- #TEST https://namaserver
- Verifying Certbot Auto-Renewal
- sudo certbot renew --dry-run
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement