How to disable CloudFlare IPv6 access

If you want to disable IPv6, you are probably running project with some old code that is not able to process IPv6 REMOTE_ADDR in PHP. I assume you do not use CF API at all, so fastest option will be to use global API key to disable IPv6 and then generate new global API key.
Get your CF account global API key from CF user panel: https://dash.cloudflare.com/profile/api-tokens

Execute in terminal with curl installed (ex. Linux) or Postman:

curl -X PATCH "https://api.cloudflare.com/client/v4/zones/YOUR-ZONE-ID/settings/ipv6" \
-H "X-Auth-Email: YOUR@EMAIL.COM " \
-H "X-Auth-Key: YOUR-GLOBAL-API-KEY" \
-H "Content-Type: application/json" \
--data '{"value":"off"}'

with your ZONE ID, CF E-MAIL and GLOBAL API KEY.

If you execute this curl line on your Linux server without space as start of line, your CF global API key will be stored in Linux command line history. Generate new global API key in CF panel, it will disable old API key.

Getting free VPS from Oracle Cloud

There is new always-free offer on Oracle site:
– AMD Epyc CPU: 2 servers, each with: 1 core, 1 GB ram, 50 GB HDD, 480 mb/s connection
– Ampere ARM CPU: 4 servers, each with: 1 core 2.8GHz, 6 GB ram, 50 GB HDD, 1gb/s connection
– 10 TB/month transfer limit for all your machines together

These 4 Ampere servers you can combine into 1 server: 4×2.8GHz, 24 GB ram, 50 GB HDD with 4gb/s connection!
You can also create 6 VPSes for 6 small projects.

Registration:
https://www.oracle.com/pl/cloud/free/
You will have to add credit card to account. Virtual/prepaid cards are not accepted. Revolut virtual card generated in smartphone application is not accepted, but physical Revolut card is ok.

It takes around 15 minutes to activate account after you register.

How to order free 4 core VPS and unlock internet access

When you order any dedic or VPS, it always comes with all internet access opened by default. Here we get machine with almost everything closed (except port 22 for SSH). Every port is blocked in Oracle Cloud panel and in Ubuntu.
If you install nginx on it, it will say in webbrowser that site is offline. Read next 16 steps to unlock all ports.

Go to https://cloud.oracle.com/ and login to your account. Click on ‘Create a VM instance’.

Click on ‘Edit Image and shape’.

Click on ‘Change image’.

Select ‘Canonical Ubuntu’ and click ‘Select image’.

Click on ‘Change shape’.
1. Select shape ‘Ampere’
2. Unroll options
3. Change OCPUs number to 4, it will automatically change RAM to 24 GB
4. Tick ‘VM.Standard.A1.Flex’
5. Click ‘Select shape’

For next step machine configuration step, you must have SSH key pair. If you already have one, you can skip next 3 steps.

To generate key pair you need ‘Git Bash’. You can download it here: https://git-scm.com/download/win

Run Git Bash using Windows Search. Just type ‘git’, it should find it.

In Git Bash window type:

ssh-keygen.exe -t rsa

It will generate SSH key pair and save it in your Windows user directory, in subdirectory .ssh. This directory may be hidden (depends on Windows settings), so you can’t easily navigate there. In this case, you can open any directory in Windows explorer, click on address bar, type:

%HOMEPATH%/.ssh

and click Enter. It should open folder with your id_rsa.pub file. You can copy it on desktop or to Downloads folder, to make it easy to find.

On Oracle page scroll to ‘Add SSH Keys’ and select option ‘Upload public key files (.pub)’.

Select file ‘id_rsa.pub’ we generated in previous 3 steps in file picker (button ‘Browse’). Oracle will upload it to your new VPS. Git Bash with automatically login to your server using this key – using all keys which are in .ssh directory – when you use ‘ssh’ command in it.

Your machine should change status to ‘Running’ within 1 minute. On right top side of page, there will appear IP of your server. Copy it. We will use it later.

There will also appear ‘Virtual cloud network’ with some random name. Click on it.

Click on Subnet name – again some random value.

Click on Default Security List name – again some random value.

Click ‘Add Ingress Rules’.

In ‘source CIDR’ type:

0.0.0.0/0

and click ‘Add Ingress Rules’.

Network TCP – like Tibia and www – traffic is unlocked in Oracle Cloud panel. You may also unblock UDP protocol traffic, if you plan to host TeamSpeak or other application which uses UDP.

Now we got to unlock traffic in Ubuntu. Open Git Bash and type:

ssh ubuntu@x.x.x.x

with your server IP in place of x.x.x.x, like ssh ubuntu@138.3.243.101
On first connection it will ask you, if you are sure that you connected to valid server. Type ‘yes’ and press Enter.

You are now connected to your VPS, but you still can’t run web server or OTS on it. Type:

sudo su
iptables -I INPUT -j ACCEPT
iptables-save > /etc/iptables/rules.v4

It will unlock all incoming traffic in Ubuntu.

Compile otservbr and TFS 1.3 on Ubuntu 20.04 and Debian 10/11

Dockerfiles tested on 2021-08-24. You can comment otservbr / forgottenserver part to compile just one sources.

Ubuntu 20.04

FROM ubuntu:20.04

RUN apt-get update

ARG DEBIAN_FRONTEND=noninteractive
ENV TZ=Europe/London

RUN apt-get -y install tzdata

# 1: forgottenserver (TFS)
RUN apt-get -y install git cmake build-essential libluajit-5.1-dev zip ca-certificates pkg-config autoconf libmariadb-dev-compat libboost-date-time-dev libboost-filesystem-dev libboost-system-dev libboost-iostreams-dev libpugixml-dev libcrypto++-dev libfmt-dev

RUN cd /home/ && git clone --depth 1 https://github.com/otland/forgottenserver.git

RUN cd /home/forgottenserver/ && mkdir build && cd build && cmake ..
RUN cd /home/forgottenserver/build/ && make -j 16

# 2: otservbr-global
RUN apt-get install -y git cmake build-essential libluajit-5.1-dev zip ca-certificates curl zip unzip tar pkg-config yasm autoconf

RUN cd /home/ && git clone https://github.com/microsoft/vcpkg && cd vcpkg && ./bootstrap-vcpkg.sh
RUN cd /home/vcpkg/ && ./vcpkg --triplet x64-linux install boost-asio boost-filesystem boost-iostreams boost-lockfree boost-system boost-variant cryptopp curl jsoncpp libmariadb pugixml spdlog

RUN cd /home/ && git clone --depth 1 https://github.com/opentibiabr/otservbr-global.git && cd otservbr-global && git checkout develop
RUN cd /home/otservbr-global/ && mkdir build && cd build && cmake -DCMAKE_TOOLCHAIN_FILE=../../vcpkg/scripts/buildsystems/vcpkg.cmake ..
RUN cd /home/otservbr-global/build/ && make -j 16

Debian 11

FROM debian:11

RUN apt-get update

ARG DEBIAN_FRONTEND=noninteractive
ENV TZ=Europe/London

RUN apt-get -y install tzdata

# 1: forgottenserver (TFS)
RUN apt-get -y install git cmake build-essential libluajit-5.1-dev zip wget ca-certificates pkg-config autoconf libmariadb-dev-compat libboost-date-time-dev libboost-filesystem-dev libboost-system-dev libboost-iostreams-dev libpugixml-dev libcrypto++-dev libfmt-dev

RUN apt remove -y libfmt-dev
RUN cd /root/ && wget https://github.com/fmtlib/fmt/releases/download/7.1.3/fmt-7.1.3.zip && unzip fmt-7.1.3.zip
RUN cd /root/fmt-7.1.3/ && mkdir build && cd build && cmake .. && make -j 16 && make install

RUN cd /home/ && git clone --depth 1 https://github.com/otland/forgottenserver.git

RUN cd /home/forgottenserver/ && mkdir build && cd build && cmake ..
RUN cd /home/forgottenserver/build/ && make -j 16

# 2: otservbr-global
RUN apt-get install -y git cmake build-essential libluajit-5.1-dev wget zip ca-certificates curl zip unzip tar pkg-config yasm autoconf

RUN apt remove -y cmake
RUN cd /root/ && wget https://github.com/Kitware/CMake/releases/download/v3.21.1/cmake-3.21.1.tar.gz
RUN cd /root/ && tar -zxvf cmake-3.21.1.tar.gz && cd cmake-3.21.1 && ./bootstrap -- -DCMAKE_USE_OPENSSL=OFF && make -j 16 && make install

RUN cd /home/ && git clone https://github.com/microsoft/vcpkg && cd vcpkg && ./bootstrap-vcpkg.sh
RUN cd /home/vcpkg/ && ./vcpkg --triplet x64-linux install boost-asio boost-filesystem boost-iostreams boost-lockfree boost-system boost-variant cryptopp curl jsoncpp libmariadb pugixml spdlog

RUN cd /home/ && git clone --depth 1 https://github.com/opentibiabr/otservbr-global.git && cd otservbr-global && git checkout develop
RUN cd /home/otservbr-global/ && mkdir build && cd build && cmake -DCMAKE_TOOLCHAIN_FILE=../../vcpkg/scripts/buildsystems/vcpkg.cmake ..
RUN cd /home/otservbr-global/build/ && make -j 16

Debian 10

FROM debian:10

RUN apt-get update

ARG DEBIAN_FRONTEND=noninteractive
ENV TZ=Europe/London

RUN apt-get -y install tzdata

# 1: forgottenserver (TFS)
RUN apt-get -y install git cmake build-essential libluajit-5.1-dev zip wget ca-certificates pkg-config autoconf libmariadb-dev-compat libboost-date-time-dev libboost-filesystem-dev libboost-system-dev libboost-iostreams-dev libpugixml-dev libcrypto++-dev

RUN apt remove -y libfmt-dev
RUN cd /root/ && wget https://github.com/fmtlib/fmt/releases/download/7.1.3/fmt-7.1.3.zip && unzip fmt-7.1.3.zip
RUN cd /root/fmt-7.1.3/ && mkdir build && cd build && cmake .. && make -j 16 && make install

RUN cd /home/ && git clone --depth 1 https://github.com/otland/forgottenserver.git

RUN cd /home/forgottenserver/ && mkdir build && cd build && cmake ..
RUN cd /home/forgottenserver/build/ && make -j 16

# 2: otservbr-global
RUN apt-get install -y git cmake build-essential libluajit-5.1-dev wget zip ca-certificates curl zip unzip tar pkg-config yasm autoconf

RUN apt remove -y cmake
RUN cd /root/ && wget https://github.com/Kitware/CMake/releases/download/v3.21.1/cmake-3.21.1.tar.gz
RUN cd /root/ && tar -zxvf cmake-3.21.1.tar.gz && cd cmake-3.21.1 && ./bootstrap -- -DCMAKE_USE_OPENSSL=OFF && make -j 16 && make install

RUN cd /home/ && git clone https://github.com/microsoft/vcpkg && cd vcpkg && ./bootstrap-vcpkg.sh
RUN cd /home/vcpkg/ && ./vcpkg --triplet x64-linux install boost-asio boost-filesystem boost-iostreams boost-lockfree boost-system boost-variant cryptopp curl jsoncpp libmariadb pugixml spdlog

RUN cd /home/ && git clone --depth 1 https://github.com/opentibiabr/otservbr-global.git && cd otservbr-global && git checkout develop
RUN cd /home/otservbr-global/ && mkdir build && cd build && cmake -DCMAKE_TOOLCHAIN_FILE=../../vcpkg/scripts/buildsystems/vcpkg.cmake ..
RUN cd /home/otservbr-global/build/ && make -j 16

Set/change PHP version command [Ubuntu/Debian]

Command to change PHP version in system and Apache2 with multiple PHP versions installed (from https://launchpad.net/~ondrej/+archive/ubuntu/php )

#!/bin/sh

if [ -z "$1" ]
then
        echo 'PHP version required'
else
        if test -f "/usr/bin/php"$1; then
                sudo a2dismod php7.0 > /dev/null
                sudo a2dismod php7.1 > /dev/null
                sudo a2dismod php7.2 > /dev/null
                sudo a2dismod php7.3 > /dev/null
                sudo a2dismod php7.4 > /dev/null
                sudo a2enmod php$1 > /dev/null
                systemctl restart apache2

                sudo ln -fs /usr/bin/php$1 /etc/alternatives/php
                sudo ln -fs /usr/bin/php-config$1 /etc/alternatives/php-config
                sudo ln -fs /usr/bin/phpdbg$1 /etc/alternatives/phpdbg
                sudo ln -fs /usr/bin/phpize$1 /etc/alternatives/phpize
                sudo ln -fs /usr/bin/phar$1 /etc/alternatives/phar
                sudo ln -fs /usr/bin/phar.phar$1 /etc/alternatives/phar.phar
                echo 'Changed PHP version to: '$1
        else
                echo 'Wrong PHP version: '$1
        fi
fi

OTS Restarter script

restart.sh with console logs with timestamp and binary file copy (for GDB)

#!/bin/bash
ulimit -c unlimited
while true; do

 cp kasteria bins/kasteria_`date '+%Y-%m-%d_%H-%M'`_`crc32 kasteria`
 stdbuf -o 0 ./kasteria 2>&1 | ts '%Y-%m-%d_%H-%M-%.S' | tee -a 'console/console_'`date '+%Y-%m-%d'`'.log';

 echo START SLEEP FOR 3 SECONDS, PRESS CTRL+C TO TURN OFF RESTARTER
 sleep 3
 echo END SLEEP

done

Fast configure multiple PHP versions php.ini

Script to configure PHP variables for development environment.

<?php

$phpDir = '/etc/php';

$backupPath = __DIR__ . DIRECTORY_SEPARATOR . 'config_backup.' . date('Y-m-d_H-i-s') . '.zip';
echo 'Backup config file: ' . $backupPath . PHP_EOL;
system('zip -r ' . $backupPath . ' ' . $phpDir . ' > /dev/null');
chmod($backupPath, 0777);

$values = [
	'upload_max_filesize' => '256M',
	'post_max_size' => '256M',
	'max_file_uploads' => 100,
	'memory_limit' => '1024M',
	'max_execution_time' => 15,
	'error_reporting' => 'E_ALL & ~E_DEPRECATED & ~E_STRICT',
	'display_errors' => 'Off',
	'log_errors' => 'On',
	'xdebug.remote_enable' => '1',
];
setPhpConfigValues($values, $phpDir, ['5.6', '7.0', '7.1', '7.2', '7.3'], ['apache2', 'fpm']);

$values = [
	'memory_limit' => -1,
	'max_execution_time' => 0,
	'error_reporting' => 'E_ALL & ~E_DEPRECATED & ~E_STRICT',
	'display_errors' => 'On',
	'log_errors' => 'Off',
];
setPhpConfigValues($values, $phpDir, ['5.6', '7.0', '7.1', '7.2', '7.3'], ['cli']);

system('systemctl restart apache2');
foreach(['5.6', '7.0', '7.1', '7.2', '7.3'] as $version) {
	system('systemctl restart php' . $version . '-fpm');
}

function setPhpConfigValues($values, $phpDir, $phpVersions, $phpTypes)
{
	foreach($phpVersions as $phpVersion) {
		foreach($phpTypes as $phpType) {
			$filePath = $phpDir . DIRECTORY_SEPARATOR . $phpVersion . DIRECTORY_SEPARATOR . $phpType . DIRECTORY_SEPARATOR . 'php.ini';
			if (file_exists($filePath)) {
				if (is_readable($filePath)) {
					if (is_writable($filePath)) {
						$lines = file($filePath);
						echo 'FILE: ' . $filePath . PHP_EOL;
						foreach($values as $searchKey => $newValue) {
							foreach($lines as $line => $text) {
								if (substr_count($text, '=') > 0) {
									list($lineKey, $lineValue) = explode('=', $text, 2);

									if (strpos($lineKey, $searchKey) !== false) {
										if (trim($lineValue) != $newValue) {
											echo 'Change key "' . $searchKey . '" value from "' . trim($lineValue) . '" to "' . $newValue . '"' . PHP_EOL;
											$lines[$line] = $searchKey . ' = ' . $newValue . PHP_EOL;
										}
										continue 2;
									}
								}
							}

							echo 'Add key "' . $searchKey . '" with value"' . $newValue . '"' . PHP_EOL;
							$lines[] = $searchKey . ' = ' . $newValue . PHP_EOL;
						}
						file_put_contents($filePath, implode('', $lines));
						echo 'SAVE FILE: ' . $filePath . PHP_EOL;
					} else {
						echo 'Config file not writable: ' . $filePath . PHP_EOL;
					}
				} else {
					echo 'Config file not readable: ' . $filePath . PHP_EOL;
				}
			} else {
				echo 'Config file not found: ' . $filePath . PHP_EOL;
			}
		}
	}
}

Linux Mint 19 – PHP/MariaDB dev env v1

apt install htop screen screenie mc nano tcpdump vim mariadb-server mariadb-client sshfs filezilla dbeaver-ce postgresql wireshark

Hasło do konta 'root' MariaDB ustawić na 'root'.

mysql
UPDATE mysql.user SET plugin = '', host = '%';
flush privileges;
SET PASSWORD FOR 'root'@'%' = PASSWORD('root');
flush privileges;

add-apt-repository ppa:ondrej/php
add-apt-repository ppa:ondrej/apache2
apt update

apt install apache2

apt install php5.6 php5.6-fpm php5.6-bcmath php5.6-bz2 php5.6-calendar php5.6-cli php5.6-common php5.6-ctype php5.6-curl php5.6-dba php5.6-dev php5.6-dom php5.6-exif php5.6-fileinfo php5.6-gd php5.6-gettext php5.6-gmp php5.6-iconv php5.6-imagick php5.6-intl php5.6-json php5.6-ldap php5.6-mailparse php5.6-mbstring php5.6-mongodb php5.6-mysql php5.6-mysqli php5.6-mysqlnd php5.6-oauth php5.6-odbc php5.6-opcache php5.6-pdo php5.6-pdo-dblib php5.6-pdo-mysql php5.6-pdo-odbc php5.6-pdo-pgsql php5.6-pdo-sqlite php5.6-pgsql php5.6-phar php5.6-phpdbg php5.6-posix php5.6-radius php5.6-readline php5.6-redis php5.6-simplexml php5.6-smbclient php5.6-soap php5.6-sockets php5.6-solr php5.6-sqlite3 php5.6-ssh2 php5.6-sybase php5.6-tokenizer php5.6-uploadprogress php5.6-uuid php5.6-xdebug php5.6-xml php5.6-xmlreader php5.6-xmlrpc php5.6-xmlwriter php5.6-yaml php5.6-zip

apt install php7.0 php7.0-fpm php7.0-bcmath php7.0-bz2 php7.0-calendar php7.0-cli php7.0-common php7.0-ctype php7.0-curl php7.0-dba php7.0-dev php7.0-dom php7.0-exif php7.0-fileinfo php7.0-gd php7.0-gettext php7.0-gmp php7.0-http php7.0-iconv php7.0-imagick php7.0-intl php7.0-json php7.0-ldap php7.0-mailparse php7.0-mbstring php7.0-mongodb php7.0-mysql php7.0-mysqli php7.0-mysqlnd php7.0-oauth php7.0-odbc php7.0-opcache php7.0-pdo php7.0-pdo-dblib php7.0-pdo-mysql php7.0-pdo-odbc php7.0-pdo-pgsql php7.0-pdo-sqlite php7.0-pgsql php7.0-phar php7.0-phpdbg php7.0-posix php7.0-radius php7.0-readline php7.0-redis php7.0-simplexml php7.0-smbclient php7.0-soap php7.0-sockets php7.0-solr php7.0-sqlite3 php7.0-ssh2 php7.0-sybase php7.0-tokenizer php7.0-uploadprogress php7.0-uuid php7.0-xdebug php7.0-xml php7.0-xmlreader php7.0-xmlrpc php7.0-xmlwriter php7.0-yaml php7.0-zip

apt install php7.1 php7.1-fpm php7.1-bcmath php7.1-bz2 php7.1-calendar php7.1-cli php7.1-common php7.1-ctype php7.1-curl php7.1-dba php7.1-dev php7.1-dom php7.1-exif php7.1-fileinfo php7.1-gd php7.1-gettext php7.1-gmp php7.1-http php7.1-iconv php7.1-imagick php7.1-intl php7.1-json php7.1-ldap php7.1-mailparse php7.1-mbstring php7.1-mongodb php7.1-mysql php7.1-mysqli php7.1-mysqlnd php7.1-oauth php7.1-odbc php7.1-opcache php7.1-pdo php7.1-pdo-dblib php7.1-pdo-mysql php7.1-pdo-odbc php7.1-pdo-pgsql php7.1-pdo-sqlite php7.1-pgsql php7.1-phar php7.1-phpdbg php7.1-posix php7.1-radius php7.1-readline php7.1-redis php7.1-simplexml php7.1-smbclient php7.1-soap php7.1-sockets php7.1-solr php7.1-sqlite3 php7.1-ssh2 php7.1-sybase php7.1-tokenizer php7.1-uploadprogress php7.1-uuid php7.1-xdebug php7.1-xml php7.1-xmlreader php7.1-xmlrpc php7.1-xmlwriter php7.1-yaml php7.1-zip

apt install php7.2 php7.2-fpm php7.2-bcmath php7.2-bz2 php7.2-calendar php7.2-cli php7.2-common php7.2-ctype php7.2-curl php7.2-dba php7.2-dev php7.2-dom php7.2-exif php7.2-fileinfo php7.2-gd php7.2-gettext php7.2-gmp php7.2-http php7.2-iconv php7.2-imagick php7.2-intl php7.2-json php7.2-ldap php7.2-mailparse php7.2-mbstring php7.2-mongodb php7.2-mysql php7.2-mysqli php7.2-mysqlnd php7.2-oauth php7.2-odbc php7.2-opcache php7.2-pdo php7.2-pdo-dblib php7.2-pdo-mysql php7.2-pdo-odbc php7.2-pdo-pgsql php7.2-pdo-sqlite php7.2-pgsql php7.2-phar php7.2-phpdbg php7.2-posix php7.2-radius php7.2-readline php7.2-redis php7.2-simplexml php7.2-smbclient php7.2-soap php7.2-sockets php7.2-solr php7.2-sqlite3 php7.2-ssh2 php7.2-sybase php7.2-tokenizer php7.2-uploadprogress php7.2-uuid php7.2-xdebug php7.2-xml php7.2-xmlreader php7.2-xmlrpc php7.2-xmlwriter php7.2-yaml php7.2-zip

apt install php7.3 php7.3-fpm php7.3-bcmath php7.3-bz2 php7.3-calendar php7.3-cli php7.3-common php7.3-ctype php7.3-curl php7.3-dba php7.3-dev php7.3-dom php7.3-exif php7.3-fileinfo php7.3-gd php7.3-gettext php7.3-gmp php7.3-http php7.3-iconv php7.3-imagick php7.3-intl php7.3-json php7.3-ldap php7.3-mailparse php7.3-mbstring php7.3-mongodb php7.3-mysql php7.3-mysqli php7.3-mysqlnd php7.3-oauth php7.3-odbc php7.3-opcache php7.3-pdo php7.3-pdo-dblib php7.3-pdo-mysql php7.3-pdo-odbc php7.3-pdo-pgsql php7.3-pdo-sqlite php7.3-pgsql php7.3-phar php7.3-phpdbg php7.3-posix php7.3-radius php7.3-readline php7.3-redis php7.3-simplexml php7.3-smbclient php7.3-soap php7.3-sockets php7.3-solr php7.3-sqlite3 php7.3-ssh2 php7.3-sybase php7.3-tokenizer php7.3-uploadprogress php7.3-uuid php7.3-xdebug php7.3-xml php7.3-xmlreader php7.3-xmlrpc php7.3-xmlwriter php7.3-yaml php7.3-zip


wyłączyć 'raphf' w PHP 5.6 (crashuje PHPa, a jest zaciągane razem z którąś z paczek)
rm /etc/php/5.6/cli/conf.d/20-raphf.ini /etc/php/5.6/fpm/conf.d/20-raphf.ini /etc/php/5.6/phpdbg/conf.d/20-raphf.ini
wyłączyć 'propro' i 'http', mają zależności do 'raphf' w PHP 5.6



a2enmod proxy
a2enmod proxy_fcgi

zmienić konfig PHPa:

/etc/php/5.6/fpm/php.ini
/etc/php/7.0/fpm/php.ini
/etc/php/7.1/fpm/php.ini
/etc/php/7.2/fpm/php.ini
/etc/php/7.3/fpm/php.ini

upload_max_filesize = 128M
post_max_size = 256M
memory_limit = 1024M
max_execution_time = 0

systemctl restart php5.6-fpm php7.0-fpm php7.1-fpm php7.2-fpm php7.3-fpm

a2enconf php5.6-fpm php7.0-fpm php7.1-fpm php7.2-fpm php7.3-fpm

// konfig domen domyslny wywalic, dodac konfig dla domen php**.sbg.best

<VirtualHost *:80>
        ServerName php56.sbg.best 

        ServerAdmin webmaster@php56.sbg.best
        DocumentRoot /home/jskalski/p/

        <FilesMatch \.php$>
                SetHandler "proxy:unix:/var/run/php/php5.6-fpm.sock|fcgi://localhost/"
        </FilesMatch>

        ErrorLog ${APACHE_LOG_DIR}/error_56.log
        CustomLog ${APACHE_LOG_DIR}/access_56.log combined
</VirtualHost>



systemctl restart apache2



MySQL dump examples

Dump database to file with date in name:

mysqldump -u USERNAME -pSECRETPASSWORD --single-transaction --quick --lock-tables=false DBNAME_HERE > /home/backup/mysql/DBNAME_HERE_`date "+%Y-%m-%d-%H-%M"`.sql

Crontab version: dump every hour at minute 5

5 * * * * mysqldump -u USERNAME -pSECRETPASSWORD --single-transaction --quick --lock-tables=false DBNAME_HERE > /home/backup/mysql/DBNAME_HERE_`date "+\%Y-\%m-\%d-\%H-\%M"`.sql

Keep 2 folders synchronized

Code to copy all changes from one folder to another. I use it to copy changes from my local folder to development server mounted by SSHFS.

In example files are filtered. Only *.cpp and *.h files are copied.

while inotifywait -e modify,create,delete "/home/jskalski/p/prv/otserv/"; do
    rsync -zvur --include="*.cpp" --include="*.h" --exclude="*" "/home/jskalski/p/prv/otserv/" "/mnt/devserver/home/js/otserv/"
done

Limit number of connections per IP

Limit number of incoming concurrent connections per IP to 1.

On all ports and IPs of server:

iptables -t filter -I INPUT -p tcp -j ACCEPT
iptables -t filter -I INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -I INPUT -p tcp --syn -m connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP

On port 80 of server:

iptables -t filter -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -I INPUT -p tcp --dport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -I INPUT -p tcp --syn --dport 80 -m connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP

On port 80 and IP 91.134.189.246 of server (in case when server has more IPs):

iptables -t filter -I INPUT -p tcp -d 91.134.189.246 --dport 80 -j ACCEPT
iptables -t filter -I INPUT -p tcp -d 91.134.189.246 --dport 80 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t filter -I INPUT -p tcp --syn -d 91.134.189.246 --dport 80 -m connlimit --connlimit-above 1 --connlimit-mask 32 -j DROP