TL;DR Tips

Trust Your Technolust

Page 2 of 2

Mullvad Split VPN with SOCKS Proxy

3 May 2021 / / 0 Comments

This process should be similar for any other VPN providers that have OpenVPN servers, Private Internet Access and NordVPN are known to have this feature.

Edit your OpenVPN config from Mullvad and add the following line at the end

pull-filter ignore redirect-gateway

Your VPN config will look similar to

client

dev tun

resolv-retry infinite

nobind

persist-key

persist-tun

verb 3

remote-cert-tls server

ping 10

ping-restart 60

sndbuf 524288

rcvbuf 524288

cipher AES-256-CBC

tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA

proto udp

auth-user-pass /etc/openvpn/mullvad_userpass.txt

ca /etc/openvpn/mullvad_ca.crt

tun-ipv6

script-security 2

up /etc/openvpn/update-resolv-conf

down /etc/openvpn/update-resolv-conf

fast-io

remote-random

remote ca-mtr-102.mullvad.net 1194

remote ca-mtr-105.mullvad.net 1194

remote ca-mtr-104.mullvad.net 1194

remote ca-tor-103.mullvad.net 1194

remote ca-tor-101.mullvad.net 1194

remote ca-mtr-103.mullvad.net 1194

remote ca-tor-102.mullvad.net 1194

remote ca-van-003.mullvad.net 1194

remote ca-mtr-107.mullvad.net 1194

remote ca-van-002.mullvad.net 1194

remote ca-mtr-101.mullvad.net 1194

remote ca-mtr-108.mullvad.net 1194

remote ca-van-004.mullvad.net 1194

remote ca-mtr-106.mullvad.net 1194

pull-filter ignore redirect-gateway

Mullvad runs it’s SOCKS5 server on 10.8.0.1 so we can now use the VPN by binding a program to use the SOCKS proxy.

For example we can now use curl without sending all our traffic through the VPN, an example curl command would look like this :

curl –socks5-host 10.8.0.1 –keepalive-time 60 -m 1800 https://www.google.com

socks5-host tells curl which IP to bind to while also using the host system to resolve DNS, alternatively you can use –socks5 to bypass resolving DNS by the host.

To make sure the SOCKS5 proxy is still alive we set the timeout with “-m” so that the system does not wait infinitely for a reply.

Ubuntu 18.04 OVH VPS IPv6 Setup

20 May 2020 / / 0 Comments

With IPv4 addresses nearly exhausted everywhere the world could really use some more IPv6 adoption so here’s a handy guide for getting IPv6 to work on your OVH Ubuntu VPS’s, although this guide should work equally well on any VPS/Dedicated server host.

At the time of writing this there seems to be a bug in netplan which stops IPv6 working properly when using the official instructions from OVH, this can be fixed by bypassing netplan and doing the configuration straight from systemd-networkd

Open a new file

nano /etc/systemd/network/10-ens3.network

Edit in the required config lines, making sure that you name your network interface correctly.

[Match]

Name=ens3

[Network]

DHCP=ipv4

Gateway=Your IPv6 Gateway Address Here

DNS=2620:119:35::35

[Address]

Address=Your IPv6 Address Here/128

[Route]

Destination=Your IPv6 Gateway Address Here

Scope=link

After you’ve written out the configuration you have two choices for making sure the changes are applied

Either reboot your server entirely

reboot

Or restart the systemd network daemon to apply the change, this is faster of course, but may cause networking to drop for a few seconds.

systemctl restart systemd-networkd

 

Installing phpiredis on cPanel and CloudLinux

15 January 2020 / / 0 Comments

You may already be familiar with this message if customers have contacted you previously about messages from their Laravel installs

predis/predis suggests installing ext-phpiredis (Allows faster serialization and deserialization of the Redis protocol)

For anyone that uses Laravel you’re probably using the Redis for caching, but for optimal performance Laravel recommends the use of the phpiredis extension from github.com/nrk/phpiredis, which isn’t available on cPanel servers with CloudLinux, so here’s a way to install it so all your customers can benefit.

We’ll install it for PHP 7.3 on our CloudLinux server but the same process applies for all versions of the PHP Selector on CloudLinux.

First clone the Git repository of the extension, at the time of writing this extension isn’t on the PHP PECL website so we’ll have to get it from GitHub instead.

git clone https://github.com/nrk/phpiredis.git

Change directory to the extension folder.

cd phpiredis/

Run phpize on the source.

/opt/alt/php80/usr/bin/phpize

Configure the extension source.

./configure –with-php-config=/opt/alt/php80/usr/bin/php-config

Compile the extension.

make

Install the extension files.

make install

Create a new file for the extension information.

nano /opt/alt/php80//etc/php.d.all/phpiredis.ini

Add the following to the file so PHP Selector can enable it.

; Enable phpiredis extension module

extension=phpiredis.so

Rebuild Cage FS, to include the new extension.

cagefsctl –rebuild-alt-php-ini

Restart Apache to pick up your new extensions.

service httpd restart

At this point you can enable it for all your customers in WHM by going to the CloudLinux LVE Manager in WHM and enabling it for the 7.3 PHP version in the Selector tab, or allow your customers to select whether they want to use it in their cPanel account.

Install the CSF Firewall on Linux

12 December 2019 / / 0 Comments

Requirements

  • A Linux server with ip/xtables installed and running.
  • Any of the following distributions installed RedHat/CentOS/CloudLinux 5-7, Fedora, openSUSE, Debian, Ubuntu, Slackware.

What is CSF?

CSF is a set of extension scripts to iptables on Linux, that integrates with various control panels and Linux distribution packages to enhance the security standing of your server, for example CSF can detect brute forcing of your SSH server and automatically ban the offending IP’s at the firewall level, thwarting any brute force attacks easily. It also contains some configuration options that make things like traffic limiting very simple

Change to a different folder to keep it neat.

cd /usr/src

Remove any previous versions you’ve downloaded.

rm -fv csf.tgz

Download the latest version of the firewall.

wget https://download.configserver.com/csf.tgz

Extract the package.

tar -xzf csf.tgz

Change to the package directory.

cd csf

Run the install script.

sh install.sh

 

Install cPanel on a VPS or Dedicated Server

4 October 2019 / / 0 Comments

Requirements

  • A VPS or dedicated server with at least 1GB ram and 20GB SSD and a single core.
  • A working SSH client to connect to your shiny new server.
  • A server with either CloudLinux or CentOS installed, version 6 is still supported but we’ll use CloudLinux 7 because it’s far more up to date and has the best security profile, be aware CloudLinux does cost money and you need a license..
  • A cPanel license if you plan to use it for more than the 14 day trial period.

How to install cPanel on your Dedicated Server or VPS

(OPTIONAL) if your connection is unreliable it’s advisable to run your install through the screen program, which will protect you if you disconnect.

yum install screen

screen -S cpanelinstall

Ensure you have Perl install on the system, this should come as standard but some VPS providers will ship slimmed down images.

yum install perl

Ensure you have the correct hsotname set for your server, we’ll use test.tldrtips.com for this example but you should have a fully resolving hostname

hostnamectl set-hostname test.tldrtips.com

Change to your /home directory on your server

cd /home

Download th ecPanel install script

curl -o latest -L https://securedownloads.cpanel.net/latest

Run the install script

sh latest

Allow the script to run, now is a good time to fetch some Irn-Bru while you wait, this process may take up to an hour depending on how fast your server is. If you ran the install in a screen session you can now disconnect from the screen by press Ctrl + D. After the installation you should be able to visit the WHM/cPanel admin interface at https://<your IP address here>:2087

Setup your own TeamSpeak server on Windows

4 August 2019 / / 0 Comments

Prerequisites

Windows server 2008 R2 or later, Server 2008 (i.e. the Vista based Server OS is no longer supported.)

A copy of your favourite archiver program (WinRAR, 7-Zip etc..), we’ll use WinRAR in this example.

Install the TeamSpeak Server

Download the latest version from your preferred vendor, at the time of writing WinRAR is at version 5.50, so we will download WinRAR x64 (64 bit) 5.50 from http://www.rarlab.com/download.htm

Download the latest TeamSpeak Server for Windows from http://www.teamspeak.com/en/downloads.html#server at the time of writing this is Server 64-bit 3.0.13.8

Extract the archive to anywhere you like on your system, ideally you do not want to extract the files to any of C:\, C:\Windows\, C:Program Files\, as these folders are protected by windows UAC and may be problematic later.

Browse to the folder you extracted the files in and run ts3server.exe.

A window will pop up with information about your server, save this information in a safe place as you need it to become server admin.

With your TeamSpeak client connect to the IP of your server, when you connect a windows will pop up asking for the server token, this is the longest random string you were given in the previous step, enter this and you will be given server admin.

You can now administrate your TS3 server instance as you like.

Now you have your shiny new server, why not promote it on a TeamSpeak Server List? The extra exposure could help you become the number one server on the planet some day.

All of this too much? You can make a free Private TeamSpeak channel on many public servers.

TeamSpeak SRV Record setup (Cloudflare)

4 August 2019 / / 0 Comments

Requirements

  • A domain of your choosing, you can purchase one from somewhere like Namecheap.
  • A working recent TeamSpeak server version.
  • A Cloudflare account, although these instructions should apply to any DNS hosting.
  • A static IP for TeamSpeak, this isn’t strictly required, but do you really want to keep updating your DNS records when your IP changes?

What is an SRV record?

The SRV record allows you to specify a hostname and port in a DNS record to allow you to point to services without a client having to specify a port number, it also has the added benefit of allowing you to have your services all pointed to for the base domain name for all services, even if they’re on different IP’s. For example tldrtips.com could point to a TeamSpeak server and this website at the same time, even though the services woudl have different IP’s.

So how can do I add an SRV record for TeamSpeak?

First we’ll need to add an A record for a subdomain that points to our TeamSpeak server, go to your Cloudflare dashboard (https://dash.cloudflare.com) and click your domain, then press the DNS tab.

Select an A record from the drop down in the section to add new records and enter the following, replacing 127.0.0.1 with your TeamSpeak server IP address.

TSSRV1.png

After you’ve pressed “Add Record” then we’ll need to add the SRV record, in the drop down press SRV and a pop up like the following should appear.

TSSRV2.png

We’ll use the following values

Service : _ts3

Protocol : UDP

Name : tldrtips.com

For Service we always enter “_ts3”, which is the service name for TeamSpeak.

Protocol is always UDP, TeamSpeak is primarily a UDP application.

Name will be the (sub)domain that you want to use for TeamSpeak, you could use ts.tldrtips.com if you desire a subdomain, but for simplicity for the user we’ll pick tldrtips.com.

When you press save the following pop up will appear, for a simple setup we’ll use the following values

Priority : 0

Weight : 4

Port : 9987

Target : ts.tldrtips.com

Priority is the order in which SRV record of the same type will be looked at, a priority of 0 is the highest priority, this could be used to have fall-back servers if your main server is down, but TeamSpeak does not have this ability so we’ll keep it as 0.

Weight is considered when 2 records have the same priority, this could be used in other services for load balancing servers, but, again, TeamSpeak does not have this functionality.

Port will be the port of your TeamSpeak server, by default this is 9987, which we’ll sue here, your host may have given you a different port to use, so please check. this is NOT the query port of TeamSpeak.

Target is a pointer to the A record we made before we started to make this SRV record, this has to match the A record you made earlier or nothing will work.

TSSRV3.png

 

Press the save button. After all that is done you should have a working SRV record for TeamSpeak, you should see something similar to the following if all is working and well.

TSSRV4.png

 

Now you have a new SRV record set up, why not promote it on a TeamSpeak Server List? The extra exposure could help you become the number one server on the planet some day.

Too complicated? You can make a free Private TeamSpeak channel on many TeamSpeak servers.

TeamSpeak Server on Linux/BSD

4 August 2019 / / 0 Comments
Generic Linux Install Instructions

Create a new user to run the TeamSpeak server under, this is very important so you keep processes separate from each other.

adduser teamspeak

Switch to the teampseak user

su teamspeak

Download the latest Teamspeak server from https://www.teamspeak.com/en/downloads/#server

wget https://files.teamspeak-services.com/releases/server/3.13.6/teamspeak3-server_linux_amd64-3.13.6.tar.bz2

Unpack the archive

tar xvjf teamspeak3-server_linux_amd64-3.8.0.tar.bz2

Change directory to the folder

cd teamspeak3-server_linux_amd64

Run the TeamSpeak server

./ts3server_startscript.sh start

Your console will show a server admin/password and server token, save these in a safe place for later. The server should be started at this point, With your TeamSpeak client connect to the IP of your server, when you connect a windows will pop up asking for the server token, this is the longest random string you were given in the previous step, enter this and you will be given server admin. You can now administrate your TS3 server instance as you like.

Generic BSD Install Instructions

Create a new user to run the TeamSpeak server under.

fetch http://dl.4players.de/ts/releases/3.0.13.8/teamspeak3-server_freebsd_amd64-3.0.13.8.tar.bz2

Unpack the archive

tar xvjf teamspeak3-server_freebsd_amd64-3.0.13.8.tar.bz2

Change directory to the folder

cd teamspeak3-server_freebsd_amd64

Run the TeamSpeak server

./ts3server_startscript.sh start

 

Your console will show a server admin/password and server token, save these in a safe place for later. The server should be started at this point, With your TeamSpeak client connect to the IP of your server, when you connect a windows will pop up asking for the server token, this is the longest random string you were given in the previous step, enter this and you will be given server admin. You can now administrate your TS3 server instance as you like.

Now you have your shiny new server, why not promote it on a TeamSpeak Server List? The extra exposure could help you become the number one server on the planet some day.

Newer posts »

© 2024 TL;DR Tips

Theme by Anders NorénUp ↑