Install Lets encrypt on WHM and cPanel

Follow this: https://documentation.cpanel.net/display/CKB/The+Let%27s+Encrypt+Plugin
The this for the icon in cpanel: https://premium.wpmudev.org/blog/free-ssl-https-cpanel/

Log into your SSH client at root level, then add the Let’s Encrypt repository with the following command:


cd /etc/yum.repos.d/ && wget https://letsencrypt-for-cpanel.com/static/letsencrypt.repo

Next, install the plugin for cPanel with line below and yum:

yum -y install letsencrypt-cpanel

Output:

 yum -y install letsencrypt-cpanel
Loaded plugins: fastestmirror, universal-hooks
Loading mirror speeds from cached hostfile
 * EA4: 104.219.172.10
 * cpanel-addons-production-feed: 104.219.172.10
 * base: mirrors.usc.edu
 * extras: mirror.san.fastserv.com
 * updates: mirrors.xmission.com
letsencrypt-cpanel                                                                                                             | 2.9 kB  00:00:00
letsencrypt-cpanel/primary_db                                                                                                  | 9.4 kB  00:00:00
Resolving Dependencies
--> Running transaction check
---> Package letsencrypt-cpanel.x86_64 0:0.14.0-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================================================================
 Package                                  Arch                         Version                         Repository                                Size
======================================================================================================================================================
Installing:
 letsencrypt-cpanel                       x86_64                       0.14.0-1                        letsencrypt-cpanel                       3.5 M

Transaction Summary
======================================================================================================================================================
Install  1 Package

Total download size: 3.5 M
Installed size: 10 M
Downloading packages:
letsencrypt-cpanel-0.14.0-1.x86_64.rpm                                                                                         | 3.5 MB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
*** By running this installer, you indicate that you have read the end-user
 licence agreement (https://cpanel.fleetssl.com/eula) and agree to all of its terms, as stated. ***

Running installer as root
OS version OK
cPanel version OK
No licence file detected at /etc/letsencrypt-cpanel.licence
Fetching new trial licence ...
Licence file present
Redirecting to /bin/systemctl stop letsencrypt-cpanel.service
Failed to stop letsencrypt-cpanel.service: Unit letsencrypt-cpanel.service not loaded.
FleetSSL cPanel service daemon stopped
  Installing : letsencrypt-cpanel-0.14.0-1.x86_64                                                                                                 1/1

This server has self-signed service certificates
It is not safe to operate this plugin in this circumstance
'insecure' is being added to /etc/letsencrypt-cpanel.conf

If you wish to generate a Let's Encrypt cert for the server
Please read the configuration documentation on our website, at
https://cpanel.fleetssl.com/docs/service-certificates/

Config written to /etc/letsencrypt-cpanel.conf
Uninstallation of existing service failed (it's OK)
Installed init scripts.
Copied plugin files OK
Installing cPanel paper_lantern plugin (may take a minute) ...
cPanel Plugin installer succeeded OK
Installed chkservd scripts
Added apache pre virtualhost global include
Set cpanel tweak settings

--- Installation complete ---
The plugin should now be available in the cPanel feature manager
Will rebuild conf and restart Apache to reload AutoSSL DCV URLs
Rebuilding Apache conf and restarting now ...
Built /etc/apache2/conf/httpd.conf OK
  Verifying  : letsencrypt-cpanel-0.14.0-1.x86_64                                                                                                 1/1

Installed:
  letsencrypt-cpanel.x86_64 0:0.14.0-1

Complete!

Generate ssh keys on linux and use with PuTTY on Windows

Log into the Linux server as the user you are going to use to connect with ssh. Generate the key.

ssh-keygen -t rsa -b 4096 -C "email@domain.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:3/dDa9R+zzDpGNt/EU9Jusj/snbKt3+B8F+ULnxXtWk email@domain.com
The key's randomart image is:
+---[RSA 4096]----+
|                 |
|               ..|
|              o *|
|           . . E+|
|        S . = =o=|
|         . + * O=|
|          . + @.*|
|            .@ %=|
|            ++@+#|
+----[SHA256]-----+

Now copy the id_rsa key to your Windows desktop. This can be done by copying and pasting the contents of the file or using an SCP client such as PSCP which is supplied with the PuTTY install or FileZilla.

Read moreGenerate ssh keys on linux and use with PuTTY on Windows

Error After Upgrade from PHP 5.4 to 5.6 on CentOS

After an upgrade from PHP 5.4 to 5.6, I received an error when I run an app update:

Your requirements could not be resolved to an installable set of packages.
Problem 1 – This package requires php >=5.6 but your PHP version (5.4.45) does not satisfy that requirement.

Issue:

The shell cli is currently running on php5.4. You will need to specify what version the shell will use. This can be done by running the following command.


# echo "alias php='/opt/plesk/php/5.6/bin/php'" >> ~/.bashrc

The guide from Plesk

https://support.plesk.com/hc/en-us/articles/115003766853-How-to-specify-PHP-version-on-the-Plesk-server-for-command-line-command-php-for-user-

You can confirm here:


# php -v
PHP 5.6.35 (cli) (built: Mar 30 2018 12:52:22)
Copyright (c) 1997-2016 The PHP Group

Replace PHP 5.4 with 5.6 in CentOS 7.x

How to replace php 5.4 with php 5.6.

Before installing PHP 5.6, apply any existing updates available for your distribution:


# yum check-update
# yum update

Also, this is a good moment to get (and save somewhere) a list of our installed packages (in case we need to rollback):


# rpm -qa |grep php
php-mbstring-5.4.16-36.1.el7_2.1.x86_64
php-mysql-5.4.16-36.1.el7_2.1.x86_64
(...)
php-gd-5.4.16-36.1.el7_2.1.x86_64
php-odbc-5.4.16-36.1.el7_2.1.x86_64

Download and install the “repos” package:

# wget http://rpms.famillecollet.com/enterprise/remi-release-7.rpm


# rpm -Uhv remi-release-7.rpm

Now enable the repository in Yum by setting enable=1 for the remi-php56 repo:


# nano /etc/yum.repos.d/remi.repo
(...)

[remi-php56]
name=Remi's PHP 5.6 RPM repository for Enterprise Linux 7 - $basearch
mirrorlist=http://rpms.remirepo.net/enterprise/7/php56/mirror
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi

(...)

Replace PHP 5.4 with PHP 5.6
Install the packages not as a Software Collection but as “Replacement Packages”:

# yum update

This yum update command should upgrade all our PHP packages. If it does not upgrade them or we don’t have PHP already installed, then do:

# yum --enablerepo=remi-php56 install php-cli

Yum will remove the old packages and install the new ones.

Now, restart services:


# systemctl restart httpd
# systemctl restart nginx
# systemctl restart php-fpm

if you receive an Nginx error, then you may need to reconfigure it. See: https://geekdecoder.com/install-nginx-centos-7/

Stress Test CentOS with Stress

First, you need to download the file using Wget and then install it using RPM on your system to enable the EPEL repository.

RHEL/CentOS 7 64 Bit


# wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# rpm -ivh epel-release-latest-7.noarch.rpm

## RHEL/CentOS 6 64-Bit ##


# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -ivh epel-release-6-8.noarch.rpm

Check the installation

# yum repolist
*epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64

Now, install stress

# yum install stress

To test, first run the uptime command and note down the load average. Next, run the stress command to spawn 8 workers spinning on sqrt() with a timeout of 20 seconds. After running stress, again run the uptime command and compare the load average.

# uptime
16:39:03 up 1 day, 18:32,  1 user,  load average: 0.15, 0.24, 0.14
sudo stress --cpu  8 --timeout 20
stress: info: [65429] dispatching hogs: 8 cpu, 0 io, 0 vm, 0 hdd
stress: info: [65429] successful run completed in 20s

Now uptime again

# uptime
 16:40:18 up 1 day, 18:34,  1 user,  load average: 1.35, 0.59, 0.27

Spawn 8 workers spinning on sqrt() with a timeout of 30 seconds

]# uptime
 16:41:52 up 1 day, 18:35,  1 user,  load average: 0.28, 0.43, 0.24
[root@server rogerp]# sudo stress --cpu 8 -v --timeout 30s
stress: info: [65654] dispatching hogs: 8 cpu, 0 io, 0 vm, 0 hdd
stress: dbug: [65654] using backoff sleep of 24000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 8 [65655] forked
stress: dbug: [65654] using backoff sleep of 21000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 7 [65656] forked
stress: dbug: [65654] using backoff sleep of 18000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 6 [65657] forked
stress: dbug: [65654] using backoff sleep of 15000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 5 [65658] forked
stress: dbug: [65654] using backoff sleep of 12000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 4 [65659] forked
stress: dbug: [65654] using backoff sleep of 9000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 3 [65660] forked
stress: dbug: [65654] using backoff sleep of 6000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 2 [65661] forked
stress: dbug: [65654] using backoff sleep of 3000us
stress: dbug: [65654] setting timeout to 30s
stress: dbug: [65654] --> hogcpu worker 1 [65662] forked
stress: dbug: [65654] <-- worker 65659 signalled normally
stress: dbug: [65654] <-- worker 65658 signalled normally
stress: dbug: [65654] <-- worker 65660 signalled normally
stress: dbug: [65654] <-- worker 65656 signalled normally
stress: dbug: [65654] <-- worker 65655 signalled normally
stress: dbug: [65654] <-- worker 65657 signalled normally
stress: dbug: [65654] <-- worker 65662 signalled normally
stress: dbug: [65654] <-- worker 65661 signalled normally
stress: info: [65654] successful run completed in 30s
[root@server rogerp]# uptime
 16:43:10 up 1 day, 18:37,  1 user,  load average: 1.87, 1.06, 0.49