Setup nginx on centos7

sudo yum install epel-release
sudo yum install nginx
sudo systemctl start nginx
sudo systemctl enable nginx
systemctl status nginx

make sure nginx service is up and running

curl http://localhost

should return welcome centos html text

sudo firewall-cmd — permanent — zone=public — add-service=http
sudo firewall-cmd — permanent — zone=public — add-service=https
sudo firewall-cmd — reload
sudo iptables -I INPUT -p tcp -m tcp — dport 80 -j ACCEPT
sudo iptables -I INPUT -p tcp -m tcp — dport 443 -j ACCEPT

open browser

http://192.168.115.135/

should see welcome page


awk is mini language for text processing . could be useful when filtering columns or rows

[root@localhost home]# cat awk.txt
python, dynamic, webapp, medium
php, dynamic, webapp,easy
c, static, embed,hard
go, static, webapp, medium
[root@localhost home]# awk /python/’{print $1, $2, $3, $4}’ awk.txt 
python, dynamic, webapp, medium
[root@localhost home]# awk -F, /python/’{print $1, $2}’ awk.txt
python dynamic

here this using ‘,’ as field separator (because default is space)

other parameters

NF — Number of Fields: total fields in the current line
NR — Number of Records: total records processed
RS — Record Separator: delimiter for records (default is a new line)
OFS —…


the samples text file

[root@localhost /]# cat /home/sed.txt
use python with nginx to build webapp
python php c java are programming languages
linux is friendly to developer
grep sed and awk is useful to processing text
learn python and php is fun. use python and php to build app is great

Replace word

sed ‘s/python/go/’ /home/sed.txt
use go with nginx to build webapp
go php c java are programming languages
linux is friendly to developer
grep sed and awk is useful to processing text
learn go and php is fun. use python and php to build app is great

only…


linux command with samples

find all log files

 find . | grep .log$

count how many log files

ls /var/log | grep -c .log
11

grep keyword in file

grep -e Started* /var/log/boot.log

grep keyword in file and use -n to print line number

grep -e Started* /var/log/boot.log -n

grep recursively

grep -e Started* /var/log -r

find file by name(pattern)

find . -name boot.log
./var/log/boot.log
find . -name *.log
./var/log/tuned/tuned.log
./var/log/audit/audit.log

search in log folder with case insensitive

find /var/log -iname *Network.*log
/var/log/vmware-network.2.log
/var/log/vmware-network.1.log
/var/log/vmware-network.log

search all folders under log

find /var/log -type d
/var/log
/var/log/tuned
/var/log/audit
..

other…


Install apache marialDB php

Apache

sudo yum install httpdsudo systemctl start httpd.service

If you have nginx installed. need to stop it first (systemctl stop nginx)

MarialDB

sudo yum install mariadb-server mariadbsudo systemctl start mariadbsudo mysql_secure_installation

Php

sudo yum install php php-mysql

test installation

sudo vi /var/www/html/info.php

add line

<?php phpinfo(); ?>

curl http://localhost/info.php

Install Zabbix

sudo rpm -Uvh https://repo.zabbix.com/zabbix/4.2/rhel/7/x86_64/zabbix-release-4.2-1.el7.noarch.rpmsudo yum clean allsudo yum install zabbix-server-mysql zabbix-web-mysqlsudo yum install zabbix-agent

config zabbix database

mysql -u rootcreate database zabbix character set utf8 collate utf8_bin;grant all privileges on zabbix.* to zabbix@localhost identified by ‘secret’;flush privileges;quit;

Import zabbix database

zcat /usr/share/doc/zabbix-server-mysql*/create.sql.gz | mysql -uzabbix -p zabbix

update mysql config in conf

sudo vi /etc/zabbix/zabbix_server.conf

Clone and build modsecurity

yum group install “Development Tools”
yum install -y apt-utils autoconf automake build-essential git libcurl4-openssl-dev libgeoip-dev liblmdb-dev libpcre++-dev libtool libxml2-dev libyajl-dev pkgconf wget zlib1g-dev
git clone — depth 1 -b v3/master — single-branch https://github.com/SpiderLabs/ModSecurity
cd ModSecurity
git submodule init
git submodule update
./build.sh
./configure
make
make install
git clone — depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git

Install nginx and build modules

yum -y install nginx 
nginx -v
>1.19.7
wget http://nginx.org/download/nginx-1.19.7.tar.gz
tar zxvf nginx-1.19.7.tar.gz
cd nginx-1.19.7
./configure — with-compat — add-dynamic-module=../ModSecurity-nginx
cp objs/ngx_http_modsecurity_module.so /etc/nginx/modules

vi /etc/nginx/nginx.conf , add


load_module modules/ngx_http_modsecurity_module.so;

Configure module

mkdir /etc/nginx/modsec
wget -P /etc/nginx/modsec/ https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/modsecurity.conf-recommended
wget -P /etc/nginx/modsec/ https://raw.githubusercontent.com/SpiderLabs/ModSecurity/v3/master/unicode.mapping
mv /etc/nginx/modsec/modsecurity.conf-recommended…

Linux file system directory structure

bin : user binary files

boot : include files needed when boot system

dev : devices , appear as files

etc : system wide configuration files . user specific configuration file located in each user/home

home : home folder of each user

lib : system libraries . user specific library located in user/lib

media : removable media devices

mnt : mount points for temporary files systems

opt : optional software packages

sbin : system binary files

tmp : temporary files

usr: usr binaries and read-only data

var : writable counterpart to the /usr directory

root : root user home directory


Process life cycle

fork and exec

Fork : Create a separate duplicated process (child process memory space copied from parent )

Exec : create a process replace current entire process (replace pid)

creation

All process created from parent process except ‘init’

Init process created by os kernel , id= 1 , which is the root process (systemd)

Subprocess.popen and os.fock in python

subprocess.Popen execute an arbitrary program/command/executable/whatever in its own process.

os.fork only allows you to create a child process that will execute the same script from the exact line in which you called it. As its name suggests, it “simply” forks the current process into 2.

os.fork is only available on…


Virtual Memory

In linux there is mapping between virtual address and physical address to abstract application’s memory usage .

How it works

Each program maintain a mapping . what it brings :

#1 if not enough physical memory .could map to disk

#2 memory “hole” on physical memory . each program could “jump” to different physical address based on mapping

#3 multiple program trying always being mapped to different physical address

LORY

Software Developer/Technical Writer&Author/body builder

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store