The term hairpinning comes from the fact that the traffic comes from one source into a router or similar devices, makes a U-turn and goes back the same way it came.

Visualize this and you see something that looks like a hairpin.

Hairpin NAT is a useful technique for accessing an internal server using a public IP. Since you are using a public IP to attempt to access a server in your network, the traffic will attempt to go out to the internet. In order to reach the server, the traffic will need to be redirected to the correct location.
The issue with this article is that you need to load a website or use curl to access the website on an internal IP that is set up as NAT to a public IP.

Scenario:

Server1 – Web Server. Has a public IP 214.44.55.44 and is behind a firewall with the private IP 10.0.0.12.

When you try and load the site on this server, it does not load.
Fix: Set up hosts file to point to the private IP.

Use this information when changing the hostname in centos 7.

Ways to show the hostname

# hostname
# hostname -s
# hostname -f
# cat /etc/hostname
# hostnamectl

How to change the hostname.
In order to change or set a CentOS 7 machine hostname, use the hostnamectl command as shown in the below command excerpt.

# hostnamectl set-hostname your-new-hostname

In order to apply the new hostname, a system reboot is required, issue one of the below commands in order to reboot a CentOS 7 machine.


# init 6
# systemctl reboot
# shutdown -r now

A second method to setup a CentOS 7 machine hostname is to manually edit the /etc/hostname file

# nano /etc/hostname

Follow this: https://documentation.cpanel.net/display/CKB/The+Let%27s+Encrypt+Plugin
The this for the icon in cpanel: https://premium.wpmudev.org/blog/free-ssl-https-cpanel/

Log into your SSH client at root level, then add the Let’s Encrypt repository with the following command:


cd /etc/yum.repos.d/ && wget https://letsencrypt-for-cpanel.com/static/letsencrypt.repo

Next, install the plugin for cPanel with line below and yum:

yum -y install letsencrypt-cpanel

Output:

 yum -y install letsencrypt-cpanel
Loaded plugins: fastestmirror, universal-hooks
Loading mirror speeds from cached hostfile
 * EA4: 104.219.172.10
 * cpanel-addons-production-feed: 104.219.172.10
 * base: mirrors.usc.edu
 * extras: mirror.san.fastserv.com
 * updates: mirrors.xmission.com
letsencrypt-cpanel                                                                                                             | 2.9 kB  00:00:00
letsencrypt-cpanel/primary_db                                                                                                  | 9.4 kB  00:00:00
Resolving Dependencies
--> Running transaction check
---> Package letsencrypt-cpanel.x86_64 0:0.14.0-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================================================================
 Package                                  Arch                         Version                         Repository                                Size
======================================================================================================================================================
Installing:
 letsencrypt-cpanel                       x86_64                       0.14.0-1                        letsencrypt-cpanel                       3.5 M

Transaction Summary
======================================================================================================================================================
Install  1 Package

Total download size: 3.5 M
Installed size: 10 M
Downloading packages:
letsencrypt-cpanel-0.14.0-1.x86_64.rpm                                                                                         | 3.5 MB  00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
*** By running this installer, you indicate that you have read the end-user
 licence agreement (https://cpanel.fleetssl.com/eula) and agree to all of its terms, as stated. ***

Running installer as root
OS version OK
cPanel version OK
No licence file detected at /etc/letsencrypt-cpanel.licence
Fetching new trial licence ...
Licence file present
Redirecting to /bin/systemctl stop letsencrypt-cpanel.service
Failed to stop letsencrypt-cpanel.service: Unit letsencrypt-cpanel.service not loaded.
FleetSSL cPanel service daemon stopped
  Installing : letsencrypt-cpanel-0.14.0-1.x86_64                                                                                                 1/1

This server has self-signed service certificates
It is not safe to operate this plugin in this circumstance
'insecure' is being added to /etc/letsencrypt-cpanel.conf

If you wish to generate a Let's Encrypt cert for the server
Please read the configuration documentation on our website, at
https://cpanel.fleetssl.com/docs/service-certificates/

Config written to /etc/letsencrypt-cpanel.conf
Uninstallation of existing service failed (it's OK)
Installed init scripts.
Copied plugin files OK
Installing cPanel paper_lantern plugin (may take a minute) ...
cPanel Plugin installer succeeded OK
Installed chkservd scripts
Added apache pre virtualhost global include
Set cpanel tweak settings

--- Installation complete ---
The plugin should now be available in the cPanel feature manager
Will rebuild conf and restart Apache to reload AutoSSL DCV URLs
Rebuilding Apache conf and restarting now ...
Built /etc/apache2/conf/httpd.conf OK
  Verifying  : letsencrypt-cpanel-0.14.0-1.x86_64                                                                                                 1/1

Installed:
  letsencrypt-cpanel.x86_64 0:0.14.0-1

Complete!

Log into the Linux server as the user you are going to use to connect with ssh. Generate the key.

ssh-keygen -t rsa -b 4096 -C "email@domain.com"
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:3/dDa9R+zzDpGNt/EU9Jusj/snbKt3+B8F+ULnxXtWk email@domain.com
The key's randomart image is:
+---[RSA 4096]----+
|                 |
|               ..|
|              o *|
|           . . E+|
|        S . = =o=|
|         . + * O=|
|          . + @.*|
|            .@ %=|
|            ++@+#|
+----[SHA256]-----+

Now copy the id_rsa key to your Windows desktop. This can be done by copying and pasting the contents of the file or using an SCP client such as PSCP which is supplied with the PuTTY install or FileZilla.

Read More

After an upgrade from PHP 5.4 to 5.6, I received an error when I run an app update:

Your requirements could not be resolved to an installable set of packages.
Problem 1 – This package requires php >=5.6 but your PHP version (5.4.45) does not satisfy that requirement.

Issue:

The shell cli is currently running on php5.4. You will need to specify what version the shell will use. This can be done by running the following command.


# echo "alias php='/opt/plesk/php/5.6/bin/php'" >> ~/.bashrc

The guide from Plesk

https://support.plesk.com/hc/en-us/articles/115003766853-How-to-specify-PHP-version-on-the-Plesk-server-for-command-line-command-php-for-user-

You can confirm here:


# php -v
PHP 5.6.35 (cli) (built: Mar 30 2018 12:52:22)
Copyright (c) 1997-2016 The PHP Group