How to setup composer globally

php -r "copy('', 'composer-setup.php');"
php composer-setup.php --install-dir=/usr/bin --filename=composer
php -r "unlink('composer-setup.php');"
 105   4 mon  

How to fix several compatibility issues with new MySQL versions

Let’s see how to solve some problems after updating MySQL server. All ones fixes in one place by one method, so I show detailed only first solve and next will be more short.

... which is not functionally dependent on columns in GROUP BY clause;
this is incompatible with sql_mode=only_full_group_by

Find path of mysqld program:

which mysqld

Find file which you can use for change mysqld options. Change mysqld path in command if you need.

sudo /usr/sbin/mysqld --verbose --help | grep -A 1 "Default options"

Remember printed filenames. Actually remember anyone filename e. g. “/etc/mysql/my.cnf”.

Next you need to know active sql modes:

sudo mysql -u root -p -e "select @@sql_mode"

Copy printed constants to somewhere. Drop “ONLY_FULL_GROUP_BY” constant from list. Next go to open filename of mysqld options file:

sudo mcedit /etc/mysql/my.cnf

And after “!includedir” put “[mysqld]” section (if it missing) and write into [mysqld] section:


Save file and restart mysql server:

sudo service mysql restart

Incorrect integer value

Open options file like above and from constants list drop “STRICT_TRANS_TABLES” constant. Save file and restart mysql server.

Incorrect datetime value: ‘0000-00-00 00:00:00’

Again, open options file and now drop constant “NO_ZERO_DATE” from list. Save file and restart mysql server.

 115   5 mon  
 141   5 mon  

How to protect from flood on nginx server

Add next lines into “http” section of nginx.conf file:

limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;

And add next lines into “server” section (wherever it placed):

limit_conn conn_limit_per_ip 10;
limit_req zone=req_limit_per_ip burst=10 nodelay;

Change values as you need, according to documenation:

 123   6 mon  
 105   6 mon  

How to fix Chromium forgets cookies at reboot

Warn: this topic have hatred.

I had updated Chromium on the other day. You know... some sites didn’t want to show some very useful content like videos of raccoons when you’re using old browser. Even if your browser had updated two months ago. So I had done it. I had updated Chromium and do you know what I had gotten? Nothing bad. It had been continuing its work. But for a while. Did I already said that I like hate flarking updates? After week or two weeks I closed browser and open it again. And it required interference. No, it didn’t frozed up. And it did’t want to hug. It forgot all cookies!

As the matter of fact it is no neccessary to descend deeper than may seem for looking for decision. The solution was on surface.

I dunno why but after flarking updates Chromium decided to change my privacy settings (and may be some options more). In a specific case how browser relates to keeping cookies at reboot.

So only what you need to do it is disable option “Keep local data only until you quit your browser” in Cookies settings which you can find at

 99   6 mon  

Setting up Linux firewall for make more safe web server

Server works in network with opened every ports — sounds not very safety. Let’s protect it by using netfilter firewall which delivered together with Linux. Netfilter, in turn, managed by iptables utility. So, iptables is what we need.

Warning: if you don’t have physical access to real server (working with it remotely e. g. by SSH) first you need find anybody (e. g. supportguy from hosting provider) who could restore SSH access to you or do something else if you accidentally, suddenly or not specially will block yourself.

So, iptables. I should warn you iptables doesn’t save self settings and after server restart, iptables settings will restored to default. Therefore it is possible to use iptables-persistent program which can save iptables settings when you ask about it. Let’s install it:

sudo apt install iptables-persistent

Setup program will ask you would you want to save present rules. Why not? Of course you want to save present rules because you will change it in next steps. Later on you can save your rules anytime by using next command:

sudo dpkg-reconfigure iptables-persistent

The next what you should know that netfilter will process rules in reverse order. If you block packet in some rule it won’t go to rule above last.

Every iptables command neccessary enter into the console. I added comments to every command for you know what it do.

sudo -i # Working with root privileges
iptables -L -n # Will show list of current rules in system
iptables -F # Will delete all current rules 
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Will block null-packets
iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # Will drop XMAS packets
iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Will protect from Syn-flood
iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT # Don't forget allow access to SSH oneself (change 22 port if your SSH working on another port)
iptables -A INPUT -i lo -j ACCEPT # Will allow access to local interface. It is neccessary for database, mail, etc.
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT # Will allow 80 port for access to sites by HTTP
iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT # It will allow 443 port for access to sites by HTTPS (if you have)
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT # Allow ping our server (if you block it external services will think that our server doesn't work)
iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # It is neccessary for server updates
iptables -P OUTPUT ACCEPT # Allow output traffic from our server
iptables -P INPUT DROP # It will close left ports
iptables -L -n # Check set rules

Now you need to exit from ssh connection and relogin it again. Check it. It’s ok? Now check how work sites on 80 or 443 port. Also check disallowed ports e. g. 2525:

telnet your_server_IP 2525

Warning: if you got “Connected” it is mean something wrong.

If all is good save your rules:

sudo dpkg-reconfigure iptables-persistent
 158   6 mon  

How to find IPs with highest count of requests in access.log

First command will show you IPs sorted by number and them count of requests:

cat access.log | awk '{print $1}' | sort | uniq -c

You will be able to find IP masks with highest count of requests:


Next command will show you IPs sorted by count of requests:

less access.log | cut -d' ' -f1 | sort | uniq -c | sort -bg

For example:

 91   7 mon  

How to fix wrong javascript after using Tidy

Almost every time when I updating something I become mean! In newest versions of Tidy (newest – 2015, lol) I found disappoint problem that javascript codes stopped working. Because Tidy converted javascript codes in page e. g.:

    script.onload = () => resolve(script);


            script.onload = () => resolve(script);

Instead of (in early versions):

    // <![CDATA[
            script.onload = () => resolve(script);
    // ]]>

If you have the same problem then don’t worry. Most likely Tidy tidying codes to xml or xhtml format default now. I found due solution this problem -- use option “output-html”:

$code = $tidy->repairString($code, [
    'output-html' => 1,
], 'utf8');
 88   7 mon  

How to fix issue when Munin doesn’t zoom/show graphs by day

For nginx:

sudo apt-get install spawn-fcgi libcgi-fast-perl libapache2-mod-fcgid
sudo spawn-fcgi -s /var/run/munin/fcgi-graph.sock -U www-data -u www-data -g www-data /usr/lib/munin/cgi/munin-cgi-graph

For Apache2:

sudo apt-get install libapache2-mod-fcgid
sudo a2enmod fcgid
sudo service apache2 restart
 80   7 mon  
Earlier Ctrl + ↓