Month: November 2018

How to make phpmyadmin publicly available in aws ec2 bitnami ubuntu 16.04

Introduction

This article will be helpful for those who is using Ubuntu 16.04 – bitnami based server on amazon aws EC2 instance only. In this post i’m explaining how make phpmyadmin publicly available in bitnami based servers.

 

nano /opt/bitnami/apps/phpmyadmin/conf/httpd-app.conf

Use the following rules

<IfVersion < 2.3 >
Order allow,deny
Allow from All
Satisfy all
</IfVersion>
<IfVersion >= 2.3>
Require all granted
</IfVersion>

 

restart apache

sudo /opt/bitnami/ctlscript.sh restart apache

 

After doing the above step phpmyadmin will be accessible using the following url pattern

http://<your domian OR ip>/phpmyadmin

 

 

 

 

Integrate Let’s Encrypt on an Amazon Linux AMI EC2 Instance Using Certbot

I’m using some latest Amazon Machine Image ( AMI ) called LAMP Stack PHP 5.3 LTS, Actually i was using some old AMI that released in 2013 and the instance also created at that time. It was almost impossible for me to integrate certbot in it, so that i finally decided to migrate my codeignitor app into new instance that support php 5.3

Here also i struggled so much to integrate certbot but finally i did it by the following steps.

  1. cd /tmp
  2. git clone https://github.com/certbot/certbot
  3. cd certbot
  4. chmod a+x certbot-auto
  5. ./certbot-auto certonly --webroot -w /var/www/html/ -d <domainName> --debug
  6. sudo ln -s /etc/letsencrypt/live/<domainName>/fullchain.pem /jet/etc/apache//server.crt
    sudo ln -s /etc/letsencrypt/live/<domainName>/privkey.pem /jet/etc/apache//server.key
  7. cd /jet/etc/apache
  8.  nano httpd.conf
  9. uncomment the following line of code in httpd.conf file
  10. Include /jet/etc/apache//extra/httpd-ssl.conf
  11. nano extra/httpd-ssl.conf     // uncomment and set the following things with newly created crt and key file paths
  12. DocumentRoot
  13. ServerName
  14. SSLCertificateFile
  15. SSLCertificateKeyFile
  16. restart service by using the following command
  17. /jet/enter restart

Auto-renew your SSL certificates.

You are all set now. But take a note, Let’s Encrypt’s certificates are only valid for 90 days. This is to encourage users to automate their certificate renewal process. You can setup a cron job which will run everyday at a particular time to renew certificates. Certificates are renewed only when they expire.

  • To test the renewal process, you can do a dry run with certbot:
sudo /tmp/certbot/certbot-auto renew --dry-run

  • Then update the crontab:
sudo crontab -e
  • Then, add the following line to crontab:
12 3 * * *   /tmp/certbot/certbot-auto renew --post-hook "sudo /jet/enter restart" >> /etc/letsencrypt/log/renew.log

This runs the renew everyday at 3:12 am. Remember that certs don’t get renewed unless they are near to expiration, and monthly/weekly cron job would cause your existing certs to occasionally be expired already before they get renewed.

 

You can contact me in case you need any help to setup the above things, I will providing premium support