08 October, 2018

How to clear the yum cache on CentOS ?..

How to clear the yum cache... CentOS, Fedora, Redhat..


When a package is downloaded, installed and is removed there is a chance that the package may still be saved/stored in the yum's cache. So to clean all the cached packages from the enabled repository cache directory, login as root and execute the following:

# yum clean packages

2: To purge the old package information completely, execute the following command:

# yum clean headers

3: To clean any cached xml metadata from any enabled repository, execute the following

# yum clean metadata

4: but if you wish to clean all the cached files from any enabled repository at once, execute the following command:

# yum clean all

06 December, 2017

#How_Do_I_Find_Out_Linux_Gateway / #Router_IP_Address?

How do I find out my #gateway IP for a #computer or a #network device that allows or controls access to another computer or network under #Linux / #UNIX operating systems?
The ansver is almost simple for unix users...

A gateway is a network point that acts as an entrance to another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within your company’s network or at your local Internet service provider (ISP) are gateway nodes. In the network for an enterprise, a computer server acting as a gateway node is often also acting as a proxy server and a firewall server. A gateway is often associated with both a router, which knows where to direct a given packet of data that arrives at the gateway, and a switch, which furnishes the actual path in and out of the gateway for a given packet.

You need to use route command. Open an Terminal and type this command will show you #IP_routing_tables. It can be also use to print gateway / router IP address. Type the following command to see #default_gateway:

$ route -n
Output:

Kernel IP routing table
Destination    Gateway       Genmask           Flags   Metric   Ref   Use   Iface
0.0.0.0           192.168.1.1   0.0.0.0               UG     100         0      0       enp5s0
192.168.1.0   0.0.0.0           255.255.255.0   U        100         0      0       enp5s0

192.168.1.1 is gateway IP address for our computer.
The flag:
U indicates that route is up
G indicates that it is gateway.

01 December, 2016

How To Install Linux, Nginx, MySQL, PHP (LEMP) stack On CentOS 7




Introduction

A LEMP software stack is a group of open source software that is typically installed together to enable a server to host dynamic websites and web apps. This term is actually an acronym which represents theLinux operating system, with the ENginx web server (which replaces the Apache component of a LAMP stack). The site data is stored in a MySQL database (using MariaDB), and dynamic content is processed byPHP.

In this guide, we'll get a LEMP stack installed on an CentOS 7 server.
CentOS will fullfill our first requirement: a Linux operating system.

Prerequisites
Before you begin with this guide, you should have a separate, non-root user account set up on your server. You can learn how to do this by completing steps 1-4 in the initial server setup for CentOS 7.

Note about SELinux: If you run into issues with Nginx not running, make sure the SELinux context of your Nginx configuration files is correct or change the SELinux mode to permissive or disabled.


Step 1 — Install Nginx

In order to display web pages to our site visitors, we are going to employ Nginx, a modern, efficient web server.
To add the CentOS 7 EPEL repository, open terminal and use the following command:

# sudo yum install epel-release

Since we are using a sudo command, these operations get executed with root privileges. It will ask you for your regular user's password to verify that you have permission to run commands with root privileges.

Now that the Nginx repository is installed on your server, install Nginx using the following yum command:

# sudo yum install nginx

Afterwards, your web server is installed.
Once it is installed, you can start Nginx on your server:

# sudo systemctl start nginx

You can do a spot check right away to verify that everything went as planned by visiting your server's public IP address in your web browser (see the note under the next heading to find out what your public IP address is if you do not have this information already):

Open in a web browser:

# http://server_domain_name_or_IP/
or write 
# localhost

You will see the default CentOS 7 Nginx web page, which is there for informational and testing purposes. It should look something like this:


! If you see this page, then your web server is now correctly installed.


Before continuing, you will want to do is enable Nginx to start on boot. Use the following command to do so:

# sudo systemctl enable nginx

How To Find Your Server's Public IP Address

If you do not know what your server's public IP address is, there are a number of ways you can find it. Usually, this is the address you use to connect to your server through SSH.

From the command line, you can find this a few ways. First, you can use the iproute2 tools to get your address by typing this:

# ip addr show eth0 | grep inet | awk '{ print $2; }' | sed 's/\/.*$//'

This will give you one or two lines back. They are both correct addresses, but your computer may only be able to use one of them, so feel free to try each one.

An alternative method is to use an outside party to tell you how it sees your server. You can do this by asking a specific server what your IP address is:

# curl http://icanhazip.com

Regardless of the method you use to get your IP address, you can type it into your web browser's address bar to get to your server.

--- end of step 1.......

Step 2 — Install MySQL (MariaDB)

Now that we have our web server up and running, it is time to install MariaDB, a MySQL drop-in replacement. MariaDB is a community-developed fork of the MySQL relational database management system. Basically, it will organize and provide access to databases where our site can store information.

Again, we can use yum to acquire and install our software. This time, we'll also install some other "helper" packages that will assist us in getting our components to communicate with each other:

# sudo yum install mariadb-server mariadb

When the installation is complete, we need to start MariaDB with the following command:

# sudo systemctl start mariadb

Now that our MySQL database is running, we want to run a simple security script that will remove some dangerous defaults and lock down access to our database system a little bit. Start the interactive script by running:

# sudo mysql_secure_installation

The prompt will ask you for your current root password. Since you just installed MySQL, you most likely won’t have one, so leave it blank by pressing enter. Then the prompt will ask you if you want to set a root password. Go ahead and enter Y, and follow the instuctions:

mysql_secure_installation prompts:
Enter current password for root (enter for none): OK,
successfully used password, moving on...
 Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation.
 New password: password
 Re-enter new password: password Password updated successfully!
Reloading privilege tables.. ... Success!

For the rest of the questions, you should simply hit the "ENTER" key through each prompt to accept the default values. This will remove some sample users and databases, disable remote root logins, and load these new rules so that MySQL immediately respects the changes we have made.

The last thing you will want to do is enable MariaDB to start on boot. Use the following command to do so:

# sudo systemctl enable mariadb

At this point, your database system is now set up and we can move on.

--- end of step 2....


Step 3 — Install PHP

PHP is the component of our setup that will process code to display dynamic content. It can run scripts, connect to our MySQL databases to get information, and hand the processed content over to our web server to display.

We can once again leverage the yum system to install our components. We're going to include the php-mysql and php-fpm packages as well:

# sudo yum install php php-mysql php-fpm

Configure the PHP Processor

We now have our PHP components installed, but we need to make a slight configuration change to make our setup more secure.

Open the main php-fpm configuration file with root privileges:

# sudo nano /etc/php.ini

What we are looking for in this file is the parameter that sets cgi.fix_pathinfo. This will be commented out with a semi-colon (;) and set to "1" by default.

This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if a PHP file does not match exactly. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute.

We will change both of these conditions by uncommenting the line and setting it to "0" like this:


# sudo nano /etc/php.ini 
                          find & change to..  cgi.fix_pathinfo=0

Save and close the file when you are finished.
Next, open the php-fpm configuration file www.conf:

# sudo nano /etc/php-fpm.d/www.conf

Find the line that specifies the listen parameter, and change it so it looks like the following:

1/3
# sudo nano /etc/php-php.d/www.conf
listen = /var/run/php-fpm/php-fpm.sock

Next, find the lines that set the listen.owner and listen.group and uncomment them. They should look like this:

2/3
# sudo nano /etc/php-php.d/www.conf 

listen.owner = nobody 
listen.group = nobody 



Lastly, find the lines that set the user and group and change their values from "apache" to "nginx":

3/3
# sudo nano /etc/php-php.d/www.conf

user = nginx 
group = nginx 


Then save and quit.
Now, we just need to start our PHP processor by typing:

# systemctl start php-fpm

This will implement the change that we made.
Next, enable php-fpm to start on boot:

# systemctl enable php-fpm

----- end step 3.....


Step 4 — Configure Nginx to Process PHP Pages

Now, we have all of the required components installed. The only configuration change we still need to do is tell Nginx to use our PHP processor for dynamic content.

We do this on the server block level (server blocks are similar to Apache's virtual hosts). Open the default Nginx server block configuration file by typing:

# sudo nano /etc/nginx/conf.d/default.conf

Currently, with the comments removed, the Nginx default server block looks like this:

/etc/nginx/conf.d/default.conf — originalserver


    listen 80; 
    server_name localhost; 
    location / 
 { 
    root /usr/share/nginx/html; 
    index index.html index.htm; }

    error_page 500 502 503 504 /50x.html; 
    location = /50x.html { root /usr/share/nginx/html; 
}



We need to make some changes to this file for our site.
First, we need to add an index.php option as the first value of our index directive to allow PHP index files to be served when a directory is requested
We also need to modify the server_name directive to point to our server's domain name or public IP address
The actual configuration file includes some commented out lines that define error processing routines. We will uncomment those to include that functionality
For the actual PHP processing, we will need to uncomment a portion of another section. We will also need to add a try_files directive to make sure Nginx doesn't pass bad requests to our PHP processor


The changes that you need to make are in red in the text below. If you prefer, you may just copy and paste everything, then replace the value of server_name with the appropriate domain name or IP address:

# /etc/nginx/conf.d/default.conf — updatedserver
{
     listen 80;
     server_name server_domain_name_or_IP;

 # note that these lines are originally from the "location /" block root /usr/share/nginx/html;
   
     index index.php index.html index.htm;
     location / { try_files $uri $uri/ =404; }
     error_page 404 /404.html;
     error_page 500 502 503 504 /50x.html;
     location = /50x.html { root /usr/share/nginx/html;
 }
     location ~ \.php$ { try_files $uri =404;
     fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
     fastcgi_index index.php;
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     include fastcgi_params;
  }
}


When you've made the above changes, you can save and close the file.

!! Restart Nginx to make the necessary changes:

# sudo systemctl restart nginx

--- end step 4...


Step 5 — Test PHP Processing on your Web Server

In order to test that our system is configured properly for PHP, we can create a very basic PHP script.


We will call this script info.php. In order for Apache to find the file and serve it correctly, it must be saved to a very specific directory, which is called the "web root".


In CentOS 7, this directory is located at /usr/share/nginx/html/. We can create the file at that location by typing:

# sudo vi /usr/share/nginx/html/info.php

This will open a blank file. We want to put the following text, which is valid PHP code, inside the file:


Test PHP Script

When you are finished, save and close the file.
Now we can test whether our web server can correctly display content generated by a PHP script. To try this out, we just have to visit this page in our web browser. You'll need your server's public IP address again.

The address you want to visit will be:

Open in a web browser:

## http://your_server_IP_address/info.php

The page that you come to should look something like this:




This page basically gives you information about your server from the perspective of PHP. It is useful for debugging and to ensure that your settings are being applied correctly.


If this was successful, then your PHP is working as expected.


You probably want to remove this file after this test because it could actually give information about your server to unauthorized users. To do this, you can type this:
sudo rm /usr/share/nginx/html/info.php

You can always recreate this page if you need to access the information again later.

Conclusion
Now that you have a LEMP stack installed, you have many choices for what to do next. Basically, you've installed a platform that will allow you to install most kinds of websites and web software on your server.

--- end step 5...
... you are finish... Good luck...

22 July, 2016

Install Flash Player for Vivaldi on Linux UBUNTU

How to install Adobe Flash Player in Vivaldi browser on Linux Ubuntu.

Open terminal and type:

If Google Chrome is not installed on your system, to get Vivaldi browser to use the Google Chrome Pepper Flash plugin, you can install a package called "pepperflashplugin-nonfree".


sudo apt-get install pepperflashplugin-nonfree

Then restart Vivaldi. That's it!

Important note: since Google Chrome is now only available for 64bit on Linux, it means that its Pepper Flash plugin is also only available on 64bit. So the instructions below only work on 64bit! Flash might work on Vivaldi 32bit if you have an old Google Chrome for 32bit installed, but it won't receive any updates so you shouldn't use it.

Vivaldi supports the Google Chrome built-in Pepper Flash plugin, but it doesn't come bundled with it. If you have Google Chrome installed on your system, Vivaldi should already be using its Pepper Flash plugin, so there's nothing you need to do.

Check Flash plugin shows PPAPI setting after install by visiting vivaldi://plugins

22 April, 2016

Commannd line update...

Bash shell script for update your ubuntu debian box.

I make a little shell script that will update your ubuntu by command line [ cli ], easier..

you are welocome to ad some ideas to that script and post it on my blog...




#!/bin/bash

clear

echo ""
echo " Script will update Operating System"
echo ""
echo " Welcome, $USER! "
echo " .. now apt-get will run update "
echo ""
sleep 5s;
sudo apt-get update &&
clear &&

echo ""
echo " .. now apt-get will upgrade "
echo ""
sleep 5s;
sudo apt-get upgrade -y &&
clear &&

echo ""
echo " .. now apt-get will remove and clean "
echo ""
sleep 5s;
sudo apt-get autoremove -y &&
clear &&

echo ""
read -p " Updating GRUB $foo? [y/n] " answer
echo ""
# run 'yes' command
if [[ $answer = y ]] ; then
sudo update-grub ;
# run 'no' command

fi

clear
echo ""
echo " Your box is up to date.."
echo ""
sleep 5s;

echo ""
read -p "Reboot your system $foo? [y/n] " answer
echo ""

# run 'yes' command

if [[ $answer = y ]] ; then
sudo init 6 ;
echo ""
echo " ... rebooting... "
echo ""
sleep 5s;

fi

clear
echo ""
echo " bye..., $USER! "
echo ""

03 February, 2016

How to remove VirtualBox on Ubuntu Linux

To remove VirtualBox, I actually recommend running this command and not replacing * with anything (just run it exactly like so):
# sudo apt-get remove virtualbox-\*
If you want to remove global configuration files too (this does not remove your virtual machines), run exactly this instead:
# sudo apt-get purge virtualbox-\*

24 January, 2016

How to secure your phpMyAdmin site with NGINX

Secure your phpMyAdmin

The phpMyAdmin instance installed on our server should be completely usable at this point. However, by installing a web interface, we have exposed our MySQL system to the outside world.
Even with the included authentication screen, this is quite a problem. Because of phpMyAdmin's popularity combined with the large amount of data it provides access to, installations like these are common targets for attackers.
We will implement two simple strategies to lessen the chances of our installation being targeted and compromised. We will change the location of the interface from /phpmyadmin to something else to sidestep some of the automated bot brute-force attempts. We will also create an additional, web server-level authentication gateway that must be passed before even getting to the phpMyAdmin login screen.

Changing the Application's Access Location

In order for our Nginx web server to find and serve our phpMyAdmin files, we created a symbolic link from the phpMyAdmin directory to our document root in an earlier step.
To change the URL where our phpMyAdmin interface can be accessed, we simply need to rename the symbolic link. Move into the Nginx document root directory to get a better idea of what we are doing:
$ cd /usr/share/nginx/html
$ ls -l
total 8
-rw-r--r-- 1 root root 537 Mar  4 06:46 50x.html
-rw-r--r-- 1 root root 612 Mar  4 06:46 index.html
lrwxrwxrwx 1 root root  21 Aug  6 10:50 phpmyadmin -> /usr/share/phpmyadmin


As you can see, we have a symbolic link called phpmyadmin in this directory. We can change this link name to whatever we would like. This will change the location where phpMyAdmin can be accessed from a browser, which can help obscure the access point from hard-coded bots.
Choose a name that does not indicate the purpose of the location. In this guide, we will name our access location /nothingtosee. To accomplish this, we will just rename the link:

$ sudo mv phpmyadmin nothingtosee
$ ls -l
total 8
-rw-r--r-- 1 root root 537 Mar  4 06:46 50x.html
-rw-r--r-- 1 root root 612 Mar  4 06:46 index.html
lrwxrwxrwx 1 root root  21 Aug  6 10:50 nothingtosee -> /usr/share/phpmyadmin


Now, if you go to the previous location of your phpMyAdmin installation, you will get a 404 error:


http://server_domain_or_IP/phpmyadmin



phpMyAdmin 404 error




However, your phpMyAdmin interface will be available at the new location we selected:

http://server_domain_or_IP/nothingtosee


phpMyAdmin login screen



Setting up a Web Server Authentication Gate

The next feature we wanted for our installation was an authentication prompt that a user would be required to pass before ever seeing the phpMyAdmin login screen.
Fortunately, most web servers, including Nginx, provide this capability natively. We will just need to modify our Nginx configuration file with the details.
Before we do this, we will create a password file that will store our the authentication credentials. Nginx requires that passwords be encrypted using the crypt() function. The OpenSSL suite, which should already be installed on your server, includes this functionality.
To create an encrypted password, type:

$ openssl passwd


You will be prompted to enter and confirm the password that you wish to use. The utility will then display an encrypted version of the password that will look something like this:

O5az.RSPzd.HE


Copy this value, as you will need to paste it into the authentication file we will be creating.
Now, create an authentication file. We will call this file pma_pass and place it in the Nginx configuration directory:

$ sudo nano /etc/nginx/pma_pass


Within this file, you simply need to specify the username you would like to use, followed by a colon (:), followed by the encrypted version of your password you received from the openssl passwd utility.

We are going to name our user demo, but you should choose a different username. The file for this guide looks like this:

demo:O5az.RSPzd.HE

Save and close the file when you are finished.
Now, we are ready to modify our Nginx configuration file. Open this file in your text editor to get started:

$ sudo nano /etc/nginx/sites-available/default

Within this file, we need to add a new location section. This will target the location we chose for our phpMyAdmin interface (we selected /nothingtosee in this guide).
Create this section within the server block, but outside of any other blocks. We will put our new location block below the location / block in our example:

server {
    . . .

    location / {
        try_files $uri $uri/ =404;
    }

    location /nothingtosee {
    }

    . . .
}

Within this block, we need to set the value of a directive called auth_basic to an authentication message that our prompt will display to users. We do not want to indicate to unauthenticated users what we are protecting, so do not give specific details. We will just use "Admin Login" in our example.

We then need to use a directive called auth_basic_user_file to point our web server to the authentication file that we created. Nginx will prompt the user for authentication details and check that the inputted values match what it finds in the specified file.
After we are finished, the file should look like this:

server {
    . . .

    location / {
        try_files $uri $uri/ =404;
    }

    location /nothingtosee {
        auth_basic "Admin Login";
        auth_basic_user_file /etc/nginx/pma_pass;
    }

    . . .
}

Save and close the file when you are finished.
To implement our new authentication gate, we must restart the web server:

$ sudo service nginx restart

Now, if we visit our phpMyAdmin location in our web browser (you may have to clear your cache or use a different browser session if you have already been using phpMyAdmin), you should be prompted for the username and password you added to the pma_pass file:

http://server_domain_or_IP/nothingtosee

Nginx authentication page


Once you enter your credentials, you will be taken to the normal phpMyAdmin login page. This added layer of protection will help keep your MySQL logs clean of authentication attempts in addition to the added security benefit.

Conclusion


You can now manage your MySQL databases from a reasonably secure web interface. This UI exposes most of the functionality that is available from the MySQL command prompt. You can view databases and schema, execute queries, and create new data sets and structures.

23 January, 2016

Easy WebServer setup NGINX, PHP-FPM, MariaDB on Debian 8

WEB-SERVER on Debian 8 easy setup

Debian, MariaDB SQL set up guide

This guide will show you how to correctly install and configure an "alternative" LAMP stack on Debian 8 utilizing NGINX, PHP Fast Process Manager, and MariaDB.

NGINX

NGINX is a "reverse proxy first, web server second". It is a popular and growing alternative to Apache, offering greater flexibility and better performance in many instances. In this tutorial, we will be using it as our web server.
Fire up your favorite SSH client and login to your server. For Windows users, "PuTTY" is a free and lightweight SSH client. Linux and Mac users can use the terminal included by default with their operating system. For this tutorial, we will assume that you are logged in to your server as the "root" user.

For starters, let's just make sure everything is up to date. Type the following to check for and then install updates.

$apt-get update && apt-get upgrade

We'll be editing our configuration files in vim. Vim is not installed by default, so let's install it!

$ apt-get install vim

Now it's time to install NGINX. We'll want to install the latest version of NGINX from the official NGINX Debian repository.

$ wget http://nginx.org/keys/nginx_signing.key
$ apt-key add nginx_signing.key
$ echo 'deb http://nginx.org/packages/debian/ jessie nginx' >> /etc/apt/sources.list
$ echo 'deb-src http://nginx.org/packages/debian/ jessie nginx' >> /etc/apt/sources.list
$ apt-get update && apt-get install nginx

Now we need to tweak the NGINX configuration some. Navigate to the configuration directory.

$ cd /etc/nginx

A quick vim lesson
Use the arrow keys to navigate the text document. To begin making edits, press the "insert" button on your keyboard. If your keyboard doesn't have an insert button, then press the "i" key. Towards the bottom of vim you'll notice it now says "INSERT". Insert mode will let you delete via backspace or insert new characters by typing them.

Let's open up our nginx.conf and poke around:

$ vi nginx.conf

Let's change the default user, check the number of worker processes, and turn off the access log.
The directives "user" and "worker_processes" are near the top. Try the values below:
Note that you'll want to set "worker_processes" to the number of CPU cores available on your server. In this example, we have 1, which is the NGINX default.

/user www-data;
/worker_processes 1;

We'll also want to disable the access log, for sake of improving I/O performance. Navigate downwards with the arrow keys until you find "access_log". Modify it to the following:

/access_log off;

And lastly, we'll set the "client_max_body_size" to correspond with some changes made to PHP later on. Let's save the trouble and do it now. Add just below "access_log":

client_max_body_size 12m;

When you've finished up editing, press "Esc" on your keyboard. Vim will no longer say "INSERT" towards the bottom of the file.

To save our changes and quit vim, press the following key sequence:
SHIFT :(colon)
wq
Press "Enter"
The above vim kung fu will write your changes to disk and exit vim, dropping you back into the bash shell.

Now, we need to make a site-specific configuration for our example! We'll also delete the other example configurations. Try the following:

$ cd conf.d
$ rm example_ssl.conf default.conf
$ vi my_site.conf

We'll make a short and simple default.conf based loosely on the default NGINX configuration, but with a few tweaks. Press insert and you can copy/paste the below example.
Don't forget to edit the "root" directive to point to the root directory of your website, and "server_name" to correspond to your domain.

server {
    listen 80;

    root /path/to/your/website;
    index index.php index.html index.htm;

    server_name mydomainname.com www.mydomainname.com;

    location / {
            try_files $uri $uri/ /index.php;
    }

    location ~ \.php$ {
            try_files $uri =404;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include fastcgi_params;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
    }
}


Now we're done with the NGINX configuration section of this tutorial. We'll restart NGINX in a little bit, right after we install PHP.


PHP-FPM

PHP-FPM is the PHP Fast Process Manager. It's required when using NGINX, because unlike Apache, NGINX doesn't run PHP as a module. This was done to reduce NGINX's memory footprint. Remember that part about NGINX being a reverse proxy first and foremost? Here's where that comes into play; PHP requests sent to NGINX are fed to PHP-FPM to do the heavy lifting.

Let's install PHP-FPM.

$ apt-get install php5-fpm php5-mysqlnd

Note that depending on what your PHP scripts require, you may have to install other PHP modules not included by default. Popular ones are php5-gd and php5-mcrypt. You can install these with the following command.

$ apt-get install php5-module_name_here

Now that we've got PHP-FPM installed, we'll want to make a few quick edits to enhance security and functionality.

$ cd /etc/php5/fpm
$ vi php.ini

Time for another quick vim lesson! The php.ini file is absolutely huge. Looking for a few key values will take all day. So since we know what we're looking for, we'll search. Type the following:

/upload_max_filesize

This, by default, is set to 2 megabytes. If you want to allow users to upload files to your PHP applications greater than 2 megabytes, you will need to change this. 10M is probably a safe bet for now, but higher values are also acceptable. This setting will vary among configurations. For sake of tutorial:

/upload_max_filesize = 10M

One more glaring security flaw. Scroll down a little further or search. We need to turn "allow_url_fopen" to "Off". This will prevent PHP from running PHP files hosted REMOTELY, otherwise known as RFI (Remote File Inclusion). Many servers are hacked this way.

/allow_url_fopen = Off

And because we changed "upload_max_filesize", we now have to change "post_max_size". This value should be a little bigger than "upload_max_filesize", because we have to take into account the overhead associated with our requests processed by PHP.

Let's search one more time with "/post_max_size".

/post_max_size = 12M

Note that you'll have to go back to your NGINX configuration and edit "client_max_body_size" if you decide to go with larger values than these examples for your PHP file sizes.
That's about it for now. Make sure you aren't in edit mode by pressing "Esc". Save and exit vim.
SHIFT :(colon)
wq
Press 'Enter'
PHP-FPM setup is complete.


MariaDB (SQL)

Even in a world continuously moving towards NoSQL or MongoDB, some of us still find it easier to just stick with MySQL. This is especially true for many web applications. Fortunately, there now exist a number of "drop-in" replacements for Oracle MySQL. Debian 8 now includes the ever popular MariaDB. MariaDB is a fork of Oracle MySQL based on version 5.5. MariaDB, for all intents and purposes, calls this MariaDB 10. It is considered a FULL replacement for Oracle MySQL. Think of it as MySQL at heart, sans the Oracle branding, and some new features.

$ apt-get install mariadb-server

IMPORTANT: You absolutely, positively, need to pick a strong root password for MariaDB. Save it somewhere secure. You'll need to enter it twice during the MariaDB installation.

Let's tweak the MariaDB configuration slightly. We're going to disable MariaDB listening via the network interface. Instead, as with PHP-FPM earlier, we'll stick only to a UNIX socket. Most PHP applications should support connecting to the database server via a UNIX socket instead of the local loopback interface.

$ cd /etc/mysql
$ vi my.cnf

Look for "bind-address = 127.0.0.1". Comment that line out. Above or below it add "skip-networking".

/ #bind-address = 127.0.0.1
/skip-networking

We're done with MariaDB! Eventually, you may want to tweak your MariaDB configuration depending on if you'll be using primarily the MyISAM or InnoDB storage engines, but also for the number of CPU cores and RAM available to your server. The defaults will get us up and running in the mean time.

Let's restart each of the services for which configuration files were modified in this tutorial.

$ systemctl restart nginx.service
$ systemctl restart php5-fpm.service
$ systemctl restart mysql.service


Install phpMyAdmin

if you wanna install phpMyAdmin use this command:

$ sudo apt-get install phpmyadmin

when the phpMyAdmin installation has been completed,
Create a symbolic link between phpMyAdmin and the website root directory.
Here will be website root document directory /usr/share/nginx/html/.

$ sudo ln -s /usr/share/phpmyadmin/ /usr/share/nginx/html

Restart nginx server again
with command:

$ sudo service nginx restart

Now manage your databases from phpMyAdmin web interface.

That's it - we're all done. At this point, you have a fully functional LNMP ( LEMP ) server online!

This guide was to serve as a general rule of thumb for getting started with with the above services with minimal tweaking. For further information, read the documentation for the above packages. While this example setup should work well right "out of the box", adjustments can, and most likely will need to be made to better suit your needs.