Install SSL Certificates in Apache HTTPD on CentOS 6.5 Server
By Shay Anderson on February 2014
The following steps will assist in installing SSL certificates in Apache configuration on a CentOS Web server (CentOS 6.5 in this example).

Install Certificate Files
First, install your certificate files. I place them in these directories: /etc/httpd/conf/ssl.crt/example.com.crt
/etc/httpd/conf/ssl.key/example.com.key
/etc/httpd/conf/ssl.chain/example.com.chain.crt (ignore if not needed)
Change permissions of the certificate key file: # chmod 400 /etc/httpd/conf/ssl.key/example.com.key

Apache Configuration
Next, configure Apache for certificate files: # cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.BAK
# nano /etc/httpd/conf.d/ssl.confEdit the file to use your certificate, key and chain certificate (if needed): …
SSLCertificateFile /etc/httpd/conf/ssl.crt/example.com.crt
…
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/example.com.key
…
SSLCertificateChainFile /etc/httpd/conf/ssl.chain/example.com.chain.crt
…
Ensure the Apache configuration file syntax is correct: # apachectl -t
Syntax OKRestart Apache gracefully: # service httpd graceful

credit:http://www.shayanderson.com/linux/install-ssl-certificates-in-apache-httpd-on-centos-6-5-server.htm

Deny External Access to Subversion Directories on Web Servers
By Shay Anderson on February 2014
Denying access to Subversion directories on Web servers is a good idea.

Apache
Here is how to accomplish this in Apache (CentOS 6 example): # nano /etc/httpd/conf/httpd.confThen add these lines in the file and save:
Deny From All
Restart Apache: # service httpd restart
Nginx
Here is how to deny access in Nginx (CentOS 6 example): # nano /etc/nginx/conf.d/default.confAdd these lines in the server block and save file: # deny access to SVN dirs
location ~ /.svn/ {
deny all;
}
Restart nginx: # service nginx restart

Finally, test all access to Subversion directories for assurance.

Install Python 3 on CentOS 6.5 Server
By Shay Anderson on March 2014
In this article I will discuss installing Python 3 on a CentOS 6 server (CentOS 6.5 in this example).

Existing Python Packages
You may already have Python installed on your server, you can verify using: # which python
/usr/bin/python
# python –version
Python 2.6.6For this install we want to leave existing Python packages and executables in place.

Download Python 3
First, download the Python 3 package that you want to use, for this example I’m downloading version 3.3.2: # wget http://www.python.org/ftp/python/3.3.2/Python-3.3.2.tar.bz2 -O /var/tmp/Python-3.3.2.tar.bz2Unzip the archive: # bzip2 -cd /var/tmp/Python-3.3.2.tar.bz2 | tar xvf -

Install Python 3
Next, go to the extracted Python directory: # cd /var/tmp/Python-3.3.2Then setup compilation: # ./configure
Note: If you receive the error: configure: error: no acceptable C compiler found in $PATH during this step, run this command before configuring: # yum groupinstall “Development tools”Or Debian platforms: # apt-get install build-essential

Then build: # makeAnd install: # make install
Next, verify Python 3 installation: # /usr/local/bin/python3 –version
Python 3.3.2
Finally, create a link to Python 3 executable for easy usage: # ln -s /usr/local/bin/python3 /usr/bin/python3And check: # python3 –version
Python 3.3.2Now Python 3 is successfully installed and working.

Upgrade PHP 5.4 to PHP 5.5 on Ubuntu Server 12.10
By Shay Anderson on April 2014
Here are directions on how to upgrade from PHP 5.4 to PHP 5.5 on Ubuntu Server (12.10 in this example). Warning: the following instructions modify system settings and packages, make sure you know what you are doing before proceeding!

First, run update and install the package software-properties-common: # apt-get update && apt-get install software-properties-common
Next, add repo: # add-apt-repository ppa:ondrej/php5If you encounter an error and can’t add the repo try: # apt-get install python-software-properties
Finally, update the system and PHP 5.4 to PHP 5.5: # apt-get update && sudo apt-get dist-upgradeAfter finished restart Apache to make sure configuration file is working: # service apache2 restart

http://www.shayanderson.com/linux/install-google-authenticator-for-2-step-verification-on-centos-6-5.htm

How to Extend SSH Timeout on CentOS 6.5 Server
By Shay Anderson on March 2014
This article explains how to extend the default timeout time for SSH on CentOS 6 servers (in this example CentOS 6.5).

First, edit the file /etc/ssh/sshd_config: # nano /etc/ssh/sshd_configUncomment these lines: #ClientAliveInterval 0
#ClientAliveCountMax 3And change values so they look like: ClientAliveInterval 120
ClientAliveCountMax 10
The 120 value for ClientAliveInterval means SSH will send KeepAlive packets in 120 second intervals. If SSH doesn’t receive a response back from the client the 10 value for ClientAliveCountMax means SSH will retry sending up to 10 times.

Finally, restart the SSH service: # service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]

http://www.shayanderson.com/linux/how-to-extend-ssh-timeout-on-centos-6-5-server.htm

How to Disable Root SSH Access on CentOS 6 Server
By Shay Anderson on March 2014
The instructions below describe how to disable root SSH access for CentOS 6 servers. It is a good idea to disable root SSH access to prevent external root access.

Edit the file /etc/ssh/sshd_config: # nano /etc/ssh/sshd_configUncomment the line: #PermitRootLogin noSo it looks like: PermitRootLogin noSave the file and restart SSH: # service sshd restart

Disable SSH Login for User(s)
By Shay Anderson on April 2014
Disabling SSH logins for specific users can be a good idea for security. For example, you may want to disable a user like svn that is used only for internal server commands to control Subversion and the user will never need to login via SSH.

To disable SSH access for particular user edit the /etc/ssh/sshd_config file: # nano /etc/ssh/sshd_configThen add the following lines at the end of the file: # Deny users (space delimited)
DenyUsers user1If the DenyUsers entry already exists in the file use that entry. Close and save the file. Restart the SSH server: # service sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]Now the user1 user cannot access the server via SSH access. To disable multiple users simply use a space delimiter, for example: DenyUsers user1 user2 user3You can also block all user’s SSH access and only allow specific users to login via SSH access using: AllowUsers user10 user11This would allow only user10 and user11 to access the server via SSH.

It is also possible to deny specific user groups using the DenyGroups entry, or to allow specific user groups using the AllowGroups entry.

http://www.december.com/html/spec/colorcodes.html

pip install git+https://github.com/frankban/django-endless-pagination.git

http://stackoverflow.com/questions/20101834/pip-install-from-github-repo-branch

$ pip install git+git://github.com/myuser/foo.git@v123
or
$ pip install git+git://github.com/myuser/foo.git@newbranch

http://stackoverflow.com/questions/8247605/configuring-so-that-pip-install-can-work-from-github

https://pip.pypa.io/en/latest/reference/pip_install.html#vcs-support

Solving Bind DNS un-resolved when nslookup domain without WWW

This is common mistake when we try to nslookup our domain that working with “WWW” but not without “WWW”. This is some bind9 configuration :

;
; BIND data file for local loopback interface
;
$TTL 3600
@ IN SOA obroll.com. admin.obroll.com. (
30 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.obroll.com.
ns1 IN A 15.185.178.20
ns2 IN A 15.185.178.20
www IN A 15.185.178.20

You will see there nothing wrong here until you realize you missing something.
Yes, I’m missing “@ IN “. Then, it should be :

;
; BIND data file for local loopback interface
;
$TTL 3600
@ IN SOA obroll.com. admin.obroll.com. (
30 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS ns1.obroll.com.
@ IN A 15.185.178.20
ns1 IN A 15.185.178.20
ns2 IN A 15.185.178.20
www IN A 15.185.178.20

credit : http://obroll.com/solving-bind-dns-un-resolved-when-nslookup-domain-without-www/