Due to the increased of traffic and caused the site constantly crashed and break down. I have upgraded to a better plan and now page load faster than before significantly. Previously running on 128mb of memory and now running with 256mb.
Squid proxy itself will not hide your external IP address but I will show you how to do that when squid combined with OpenVPN. First you need to have a working OpenVPN connection from your PV to the Linux machine. Guide on how to install OpenVPN can be found here.
If you have a success OpenVPN connection, then you can proceed to next step to install Squid.
1. You can use yum to install squid
#yum install squid
2. Open the squid configuration file
#vi /etc/squid/squid.conf
3. Edit squid configuration to allow you to access to the web via the squid proxy.
Locate “http_port”, default port number is 3128, you can change it to any port you like. In this example I change it to 8080.
http_port 8080
Because you want to hide your IP address, you must connect to squid via OpenVPN tunnels. Now we need to create acl list to allow your VPN ip address to get through your squid proxy server. Search for “acl our_networks” then uncomment and modify it as follows:
acl our_networks src 10.8.0.2 #assume your client VPN address is 10.8.0.2
http_access allow our_networks
4. Save your squid.conf and restart your squid.
#/etc/init.d/squid restart
5. Config you web browser connection settings to access the web via your squid proxy
Firefox user:
Tools -> Options -> Network -> Settings , Select manual proxy configuration
HTTP Proxy: 10.8.0.1 and Port: 8080
IE User:
Tools -> Internet Options -> Connections -> LAN Settings , Tick the check box “Use a proxy server for your LAN…”
Address: 10.8.0.1 and Port: 8080
6. Go to http://www.whatismyip.com and check your IP address. You should be browsing with your squid server IP address now. Good luck.
If you got a fresh installed LAMP with phpMyAdmin and notice an error below saying
“The mbstring PHP extension was not found and you seem to be using a multibyte charset. Without the mbstring extension phpMyAdmin is unable to split strings correctly and it may result in unexpected results”
and
“Cannot load mycrypt extension. Please check you PHP configuration”
You are not alone, you can solve the problems with the followings steps.
mbstring
New linux repo has the mbstring removed by default, just install it back.
#yum install php-mbstring
mycrypt
Install libmcrypt and php-mcrypt
#yum install libmcrypt
#yum –enablerepo=centosplus install php-mcrypt
Restart your apache / httpd, the warnings should have gone now.
I was getting so frustrated when I try to copy and overwrite files in my CentOS linux, it keeps asking for confirmation even I added the -f (force) command.
# cp -Rf * backup/
cp: overwrite ‘index.php?’ y
Then I search around and finally found a solution ! It was an alias preset for the c, which alias -i to ask for confirmation.
#alias
alias cp= ‘cp -i’
alias l.=’ls -d .* –color=tty’
alias ll=’ls -l –color=tty’
alias ls=’ls –color=tty’
alias mv=’mv -i’
alias rm=’rm -i’
…….
Remove the cp alias
#unalias cp
Done, you should be able to cp -f without the confirmation now.
If you have an apf firewall setup on your linux box and running vsftpd as your ftp server. You might have problem when accessing to your ftp server via ftp client. Most of the ftp client transferring data via passive mode which used a big range of ports which usually blocked by your firewall by default. Users will get an error message and wont be able to get the dir listings “LIST”.
Example:
Command: LIST
Error: Transfer channel can’t be opened. Reason: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Error: Could not retrieve directory listing
There is a way to overcome this matter, first is to define a range of ports will be used for passive mode in vsftpd config file. Secondly, open the defined tcp port in your firewall setting.
1. Create vsftpd passive ports
#vi /etc/vsftpd/vsftpd.conf
Scroll down to the bottom and add the followings lines:
pasv_enable=YES
pasv_max_port=9000
pasv_min_port=9050pasv_max_port=9000
pasv_min_port=9050
Save the config file and restart vsftpd
#service vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
2. Firewalls rules (APF Firewall)
Open your apf firewall configuration file:
#vi /etc/apf/conf.apf
Add the ports range of 9000 to 9050 into IG_TCP_CPORTS
IG_TCP_CPORTS=”20,21,22,25,26,53,80,110,143,……,9000_9050″
Save it and restart your apf firewall
#apf -r
Now you should be able to access your ftp server in passive mode.
This tip is useful either for ppl with lots of RAM or less RAM. There is a way to set how your linux control the utilization of RAM and SWAP space called “swappiness”.
There is a range from 0 to 100 in swappiness setting, higher value means the system will move idle memory usage to SWAP file more often. Please note that by setting to “0″ does not men it disabled the SWAP space, this will just make the system write to the SWAP space as little as possible.
To check your current swappiness setting type:
#cat /proc/sys/vm/swappiness
60
You will see 60 by default, you can change it to other value to try out the effect before permanently change it in the configuration file:
#sysctl -w vm.swappiness=10
vm.swappiness = 10
Put a value between 0 to 100 above and then run a some high resources program to try out the different. After you hve found the best setting then you can set it to your server configuration.
#vi /etc/sysctl.conf
add the line: “vm.swappiness=10″ without the quote to the end of the file.
This way your swappiness will be set to 10 after the next reboot.
Ok, may be you bought a VPS server and noticed that the timezone is different than your local timezone and wondering how to change it ? In virtual environment many VPS are sharing one server hardware and by default all VPS will be using the hardware system clock. Therefore it is impossible to change the hardware time. However, You can still change the date and time with a few simple steps below:
1. Go to your timezone dir and look for your city
#cd /usr/share/zoneinfo
#ls
2. Now delete the original setting
#rm -r /etc/localtime
3. Use link command create a new localtime file linked to your city timezone, I choose Melbourne in this example:
#ln -s /usr/share/zoneinfo/Australia/Melbourne /etc/localtime
Restart your server to make the change.
Many ppl found that installing VPN on linux is not that easy, the abvailable installation guides on VPN is often limited. I have tried a lot of installation guides and finally get it connected successfully.
Here are the steps to guide you installed a secure connection between your� CentOS5 and Windows with OpenVPN open source application.
1. Download the required package files.
#wget http://openvpn.net/release/openvpn-2.0.9.tar.gz
#wget http://openvpn.net/release/lzo-1.08-4.rf.src.rpm
2. Install and build your download files
You may need the required repository before start your installation
#yum install rpm-build
#yum install autoconf.noarch
#yum install zlib-devel
#yum install pam-devel
#yum install openssl-devel
If you have the above dependencies installed, you can start your installation as follows:
#rpmbuild –rebuild lzo-1.08-4.rf.src.rpm
#rpm -Uvh /usr/src/redhat/RPMS/i386/lzo-*.rpm
#rpmbuild -tb openvpn-2.0.9.tar.gz
#rpm -Uvh /usr/src/redhat/RPMS/i386/openvpn-2.0.9-1.i386.rpm
3. Copy configuration files
#cp -r /usr/share/doc/openvpn-2.0.9/easy-rsa/ /etc/openvpn/
#cp /usr/share/doc/openvpn-2.0.9/sample-config-files/server.conf /etc/openvpn/