based on picture by Diddgery
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" php composer-setup.php --install-dir=/usr/bin --filename=composer php -r "unlink('composer-setup.php');"
Let’s see how to solve some problems after updating MySQL server. All ones fixes in one place by one method, so I show detailed only first solve and next will be more short.
... which is not functionally dependent on columns in GROUP BY clause;
this is incompatible with sql_mode=only_full_group_by
Find path of mysqld program:
Find file which you can use for change mysqld options. Change mysqld path in command if you need.
sudo /usr/sbin/mysqld --verbose --help | grep -A 1 "Default options"
Remember printed filenames. Actually remember anyone filename e. g. “/etc/mysql/my.cnf”.
Next you need to know active sql modes:
sudo mysql -u root -p -e "select @@sql_mode"
Copy printed constants to somewhere. Drop “ONLY_FULL_GROUP_BY” constant from list. Next go to open filename of mysqld options file:
sudo mcedit /etc/mysql/my.cnf
And after “!includedir” put “[mysqld]” section (if it missing) and write into [mysqld] section:
sql_mode = "YOUR_NEW_CONSTANTS_LIST"
Save file and restart mysql server:
sudo service mysql restart
Incorrect integer value
Open options file like above and from constants list drop “STRICT_TRANS_TABLES” constant. Save file and restart mysql server.
Incorrect datetime value: ‘0000-00-00 00:00:00’
Again, open options file and now drop constant “NO_ZERO_DATE” from list. Save file and restart mysql server.
If your sendmail program freezes up on a server and php mail() function freezes up too you have to check hostname of server which setting up in hoster’s console and/or in the /etc/hosts file.
The fandom shall define it now: Rocket Raccoon Day shall be October 18th, and “Rocktober” shall be Rocket’s month.
Add next lines into “http” section of nginx.conf file:
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m; limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
And add next lines into “server” section (wherever it placed):
limit_conn conn_limit_per_ip 10; limit_req zone=req_limit_per_ip burst=10 nodelay;
Change values as you need, according to documenation:
There is only one method really works: set Snap update time when computer will be turned off.
snap set core refresh.schedule=3:00-5:00
Warn: this topic have hatred.
I had updated Chromium on the other day. You know... some sites didn’t want to show some very useful content like videos of raccoons when you’re using old browser. Even if your browser had updated two months ago. So I had done it. I had updated Chromium and do you know what I had gotten? Nothing bad. It had been continuing its work. But for a while. Did I already said that I
like hate flarking updates? After week or two weeks I closed browser and open it again. And it required interference. No, it didn’t frozed up. And it did’t want to hug. It forgot all cookies!
As the matter of fact it is no neccessary to descend deeper than may seem for looking for decision. The solution was on surface.
I dunno why but after flarking updates Chromium decided to change my privacy settings (and may be some options more). In a specific case how browser relates to keeping cookies at reboot.
So only what you need to do it is disable option “Keep local data only until you quit your browser” in Cookies settings which you can find at
Server works in network with opened every ports — sounds not very safety. Let’s protect it by using netfilter firewall which delivered together with Linux. Netfilter, in turn, managed by iptables utility. So, iptables is what we need.
Warning: if you don’t have physical access to real server (working with it remotely e. g. by SSH) first you need find anybody (e. g. supportguy from hosting provider) who could restore SSH access to you or do something else if you accidentally, suddenly or not specially will block yourself.
So, iptables. I should warn you iptables doesn’t save self settings and after server restart, iptables settings will restored to default. Therefore it is possible to use iptables-persistent program which can save iptables settings when you ask about it. Let’s install it:
sudo apt install iptables-persistent
Setup program will ask you would you want to save present rules. Why not? Of course you want to save present rules because you will change it in next steps. Later on you can save your rules anytime by using next command:
sudo dpkg-reconfigure iptables-persistent
The next what you should know that netfilter will process rules in reverse order. If you block packet in some rule it won’t go to rule above last.
Every iptables command neccessary enter into the console. I added comments to every command for you know what it do.
sudo -i # Working with root privileges iptables -L -n # Will show list of current rules in system iptables -F # Will delete all current rules iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Will block null-packets iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # Will drop XMAS packets iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Will protect from Syn-flood iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT # Don't forget allow access to SSH oneself (change 22 port if your SSH working on another port) iptables -A INPUT -i lo -j ACCEPT # Will allow access to local interface. It is neccessary for database, mail, etc. iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT # Will allow 80 port for access to sites by HTTP iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT # It will allow 443 port for access to sites by HTTPS (if you have) iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT # Allow ping our server (if you block it external services will think that our server doesn't work) iptables -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # It is neccessary for server updates iptables -P OUTPUT ACCEPT # Allow output traffic from our server iptables -P INPUT DROP # It will close left ports iptables -L -n # Check set rules
Now you need to exit from ssh connection and relogin it again. Check it. It’s ok? Now check how work sites on 80 or 443 port. Also check disallowed ports e. g. 2525:
telnet your_server_IP 2525
Warning: if you got “Connected” it is mean something wrong.
If all is good save your rules:
sudo dpkg-reconfigure iptables-persistent