• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • Create a VM ($25 Credit)
  • Buy a Domain
  • 1 Month free Back Blaze Backup
  • Other Deals
    • Domain Email
    • Nixstats Server Monitoring
    • ewww.io Auto WordPress Image Resizing and Acceleration
  • About
  • Links

IoT, Code, Security, Server Stuff etc

Views are my own and not my employer's.

Personal Development Blog...

Coding for fun since 1996, Learn by doing and sharing.

Buy a domain name, then create your own server (get $25 free credit)

View all of my posts.

  • Cloud
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • How to buy a new domain and SSL cert from NameCheap, a Server from Digital Ocean and configure it.
    • Setting up a Vultr VM and configuring it
    • All Cloud Articles
  • Dev
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • How to setup pooled MySQL connections in Node JS that don’t disconnect
    • NodeJS code to handle App logins via API (using MySQL connection pools (1000 connections) and query parameters)
    • Infographic: So you have an idea for an app
    • All Development Articles
  • MySQL
    • Using the free Adminer GUI for MySQL on your website
    • All MySQL Articles
  • Perf
    • PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • Measuring VM performance (CPU, Disk, Latency, Concurrent Users etc) on Ubuntu and comparing Vultr, Digital Ocean and UpCloud – Part 1 of 4
    • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
    • Setting up a website to use Cloudflare on a VM hosted on Vultr and Namecheap
    • All Performance Articles
  • Sec
    • Using the Qualys FreeScan Scanner to test your website for online vulnerabilities
    • Using OWASP ZAP GUI to scan your Applications for security issues
    • Setting up the Debian Kali Linux distro to perform penetration testing of your systems
    • Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare
    • PHP implementation to check a password exposure level with Troy Hunt’s pwnedpasswords API
    • Setting strong SSL cryptographic protocols and ciphers on Ubuntu and NGINX
    • Securing Google G Suite email by setting up SPF, DKIM and DMARC with Cloudflare
    • All Security Articles
  • Server
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • All Server Articles
  • Ubuntu
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • Useful Linux Terminal Commands
    • All Ubuntu Articles
  • VM
    • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
    • All VM Articles
  • WordPress
    • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
    • Installing and managing WordPress with WP-CLI from the command line on Ubuntu
    • How to backup WordPress on a host that has CPanel
    • Moving WordPress to a new self managed server away from CPanel
    • Moving a CPanel domain with email to a self managed VPS and Gmail
    • All WordPress Articles
  • All

Git

How to create a Private GitHub repository and access via SSH with TortiseGIT

July 17, 2021 by Simon

Here is a guide on using the GUI TortoiseGIT, GIT for Windows with GitHub.

Creating a GitHub Account

Make sure you have a GitHub account (free is OK)  https://github.com/

GitHub Main Page

Login to GitHub

Github login page

I used my defined hardware Security Key

I used my defined security key

I clicked New Repo

New Repo button

Repo Settings

  • I set Private
  • Added a readme
  • Set .gitignore for Visual Studio files
  • I had no idea what licence to select (read more on licences here)
repo settings as desired

I clicked Create repository

The repo is now ready for files

Creating RSA Keys

Now I will create an SSH key to protect communications with GitHub.

When logged into GitHub, I clicked the SSH and GPG Keys menu

I clicked New SSH Key button

New SSH Key Button

GitHub wants a public SSH Key

Add SSH Key Here

More on Generating SSH Keys

I used this command to generate a public and private SSH key

ssh-keygen -t rsa

Generate key output.

FYI: These Keys have been deleted, they have not been used beyond this demo

A Public and Private key was generated

Public and Private Key in explorer

id_github_test.pub = Public Key

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDKeAydCIpEB9EuBH/h0FbsnhUlmQT/ylKowlOWEkvl0CRZO2b7ak71GI5V4IJtVESjx/yZ3hHAhlOYp5VXbpTXv9rbKGEA12ii6d7cNOzfaAqXoHhdWqxfsfSRq0oocDVt1Inwdwsnh7tRqLHxRt0z0Gg/7m2s3sEIQqbtFkaQGjugQqs6Y9npWLd9utUcnUIRk3kajnlEeAZNVUMEn1hbX/PjODrzyI2JvGMxFzeRUTOSDWRAh6cNTM6fNZI6TLBdWHbmlZujgitiRxkWjmph31epxAkyTc0CsZ4VelU2uDgRLiWFdv+/SY2uT0/WaqZY3AlqM2GdR+WVTtiJJoh4e9ARR/ehZIkJMoWQlZa5Y8t1GnMcOa9sj3VTW5lGt1u+0JJP6IGa9T4UmxkqZRvJTDrZ1Flxcdu61is5tNLI10PYOcXz78jGSNnb8cfNzaMIHsI4oLMdurDDUz5w+5AQ9lA7gi4DE4uiX5cAsNe9jJsixB7TvCr6LF+k36Q0T3c= [email protected]

id_github_test = Private Key

-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABB8qp/Pde
q+G2Xrp+27vB7PAAAAEAAAAAEAAAGXAAAAB3NzaC1yc2EAAAADAQABAAABgQDKeAydCIpE
B9EuBH/h0FbsnhUlmQT/ylKowlOWEkvl0CRZO2b7ak71GI5V4IJtVESjx/yZ3hHAhlOYp5
VXbpTXv9rbKGEA12ii6d7cNOzfaAqXoHhdWqxfsfSRq0oocDVt1Inwdwsnh7tRqLHxRt0z
0Gg/7m2s3sEIQqbtFkaQGjugQqs6Y9npWLd9utUcnUIRk3kajnlEeAZNVUMEn1hbX/PjOD
rzyI2JvGMxFzeRUTOSDWRAh6cNTM6fNZI6TLBdWHbmlZujgitiRxkWjmph31epxAkyTc0C
sZ4VelU2uDgRLiWFdv+/SY2uT0/WaqZY3AlqM2GdR+WVTtiJJoh4e9ARR/ehZIkJMoWQlZ
a5Y8t1GnMcOa9sj3VTW5lGt1u+0JJP6IGa9T4UmxkqZRvJTDrZ1Flxcdu61is5tNLI10PY
OcXz78jGSNnb8cfNzaMIHsI4oLMdurDDUz5w+5AQ9lA7gi4DE4uiX5cAsNe9jJsixB7TvC
r6LF+k36Q0T3cAAAWQW2CKdldNidDA+k4SncUsW+IYNcL85ir3tozfEaJHQB8icJJQpMB/
x0Y8pCpo88L3uaIeh5013yaiX4wPLt45701g0r4sBzH2UirEeyWRMGU02K2MNbGBgWUJJR
74VJ1ZjVVCptlNKoh0hebsOoVO4cdbN3FDs0D3ui/dXQb9h6D0UdyMmN9yFO7YXvtvmNyI
JEvVTJEPlt55Bill+0AQJex7lHj0z1B5sDZyjfDeMuKys+kb8ly73ZVm/59DQYiEVTAlU+
Ky70jzgwRTxhhmziGfDl+YhJI/xIYvWLhTZIw87kWyjP1fNIy4pYWLeCz+pLFDgVEI23Gl
f4P/r/OtPOf6tDu1MmHAlZ0Hw7qLTxu8sHtRxinzHcin7HcarquoouGPXPjFPPINjS/s4I
OPApLBsh0TvQdlkyTnQK2ZjNNoedLE5467sMN8sp65z+8LwaSidJkmrG38eUKWtg1qtDJN
Iyh8/5UVp+pyyu4IDVRIull6b0qmY93EcPfZVaADIKj0DDSZyacjkywSJDdupRwdCmwwKc
QB5ENvBNMU3f5IuL14F1VGickRcz2P1rLN1bndffH6MbvHRlrzKM9fymexTT1uFFTPtOnK
wzI8KYMwUynt7FDcUVTnK6OIyTxN/tfkaYWmV7AtTM5TH+GmJL+R+8QVlU+9i8LRzmjnVE
fUYc0zem/5sJqVQgJu/uSCCmtNdSVFKnSWq+/WFa1cQjnJ0baC9kuviFN/iWPZOvLJ1tyS
WsVxU+oTLCf9L0gTE8MJGFBh8QB7DVDuFFBrM3h0SsqkESKicWKL0RIPcyChQXAiQgxbSK
YAvTl6znCgVLyUHG5ggJpfKp+T57MqVUuZCPsEwAZ9ZOik3fPyVPN5a59SmCRMpY5w8N3Y
n+YgAd3tyIkzH/RbGOOGS2Oy8FyONWMXt9XnAXx2HHbvYl7nqCiSIfTSrsuAqX7CwaXk/5
8FHsx65YYWikxtb2FY5Mo+mKONXIbEbDlmFuDXYmGdi2dUyrrZMpfUMRMI4VaARH2Y1pX4
MtLfAjPPFkYF2GFnI1eUnexH36FS6DKoM5/YhQbqMlsEtzsyH2l2sosd/PgITpq94quToA
Cr12uXaYy/037pNutZXPkYD5R5vwcZgnAu8d3KOA+VzRedz1R4K4iTGgfoRRFyjz1tugvM
ruJGLDyAk09JDoqWasFtpsjjGAt9Z9s34s9PbQggFFs44ZbBvPeaD5peBbaP6bo1ekG+2B
5A+zMkeajCoKJx/W3T7oZeSL5Z9SscwsmcPRA/hP9tfXMKA93b55pHgXlu0Qbkvm3mrd05
a3RrrPCfy8dJAeW7ieR1p+BSc7t1btZfQ1n2HF994hOEkkWZ1lghXNY0/F5eP6glDnT795
ZPx00M96+6Jz7EnJOblQemfKfB3Da33MgyTMnQ/5kzQMMhk2KD7CFvzFXuVmA0oTy8Ney6
6w7BreBWYmuNUYPa+WGxkkGlivMf0a4uIcjNcPD/eyKnAp+sbRP8ZrfKFyAaZC8KWNkhPf
GA13aqMF2vIDCBTlvhMN8uGsojn7f4NVy8Frvqbm+ZqG3TwSrtgUfx2cXN1QLXvuAcFc0z
BQrh4aLy31dXpzoj0cPp3DMQF7jyp6mhcFopICrpUW+2wQKD8wOMc1BtziIpJtDXFQrh3l
QhN3/T15hnwgrt2qO/cyP0MxNLgVqN8F1+Am2gPqASyI0U/mZbh1W0ydpupcHBRc/BN37U
pc6KwT2uQ8D/b/Y8etn3QSlcTnVzZIFSSUWTHJKDnGIh/UwFj/6rESuuV+oSmH3nTVAjPT
XDTZUjd3GH7R4Ghf5dfl7eouHHLvYd58EVSZV1kGEY7W3jk74y0Vkjx9unjY1TtolIiNkD
A6h6Yt32e8MjNec0XzVHjEbXn+8=
-----END OPENSSH PRIVATE KEY-----

FYI: These Keys have been deleted, they have not been used beyond this demo

I added the Public Key to GitHub

Pased Public SSH Key

SSH Keys are listed in GitHub

Multiple SSH Keys

I create a different key per repository.

Setup Git Locally

I checked to see if the “git” command was installed on my local machine.

No Git

I will install Git from https://gitforwindows.org/ 

Git for Windows Webpage

I download Git-2.32.0.2-64-bit.exe and started the installer

Installing GIF WIzard

Folder C:\Program Files\Git

Choose a folder

Set Options (e.g I like Check for Daily updates)

GIt Options

Start Menu Folder

Start Menu

Text Editor: I like Sublime Text from https://www.sublimetext.com/3

Set Test Editor

Set an Initial Branch name

Initial Branch Name

Set 3rd party software options

3rd party options

Set HTTPS options

Open SSL

Set Line Endings preferences

Line Ending Preferences

Set Terminal Emulators preferences

Terminal Emulator settings

Set Git Pull default preferences

git pull defaults

Set Credential Manager preferences

git credential preferences

Set Extra Options

Set Options

Experimental Options

Opt out of experimental options

Installing

Installing

First Launch

First launch

Git is installed

Install Tortoise GIt

Visit https://tortoisegit.org/

Tortoiuse git website

Download Gif (64bit)

Download options

I started the installer.

Setup Wizard.

Licence Agreement

Licence Agreement

SSH Type

set ssh type

Components

Componentts

Install

Installing (Wizard)

Install


Language: English

 

English

Shell Extension

Shell Integration

I checked for a known git path.

Git path check

I set my desired git username and email

Default git username

I set desired SSH settings

SSH Settings

Folder for Code Repositories

I create C:\Code\MyTestRepo

C:\Code

Before I can clone a repository I need o set the past to SSH in TortoiseGit.

I right-clicked on C:\Code\MyTestRepo and selected TortiseGit\Settings

TortoiseGit Settings

I expanded the Network Node and set the following as the SSH Client

“C:\Program Files\TortoiseGit\bin\TortoiseGitPLink.exe”

SSH Client Set

I saved the Settings.

Clone a GitHub Repository via git and Tortoise GIT

Now I can clone a repositor to C:\Code\MyTestRepo, 

I right clicked on C:\Code\MyTestRepo in explorer and clicked Git Clone

I added by GIT URL (Obtained from GitHub), I also set the path for the Private Key I created earlier.

Git Clone

I was informed that the key is in the wrong format

Wrong Format Error

I need to convert the RAS Private Key to a Putty PPK Key

Convert an RSA Key to a Putty PPK with PuuttyGen

I opened the Open Putty Gen

https://www.puttygen.com/

I click Load and select the id_github_test private key I created earlier

Load private key

I entered my private key password

Private Key Password.

The private key loaded.

Private Key Loaded

Now I can export the private key to a PPK format

Export as PPK

Clone (with a PPK Private Key)

Getting back to cloning a repository I right-clicked on C:\Code\MyTestRepo

I set the PPK private key

Clone with PPK

I entered the password

Enter password

I accepted the key

Accpet key

The Repository started cloning.

Repository Cloning

Creating a Quick Visual Studio Project

I created a quick Visual Studio project and saved it to C:\Code\MyTestRepo\Hello World

New Visual Studio project

Visual Studio files were visible in C:\Code\MyTestRepo

C:\Code\MyTestRepo

I Commit the new files to the repository (main branch)

Commit

I selected desired files to commit

Commit

Files were added

I right-clicked on C:\Code\MyTestRepo and selected TortoiseGit\Push

Push Dialog

Files are now visible in GitHub

Awesome

Setup on Multiple Machines

I set up Git on multiple machines, cloned, made chances, committed those changes and pushed.  I was able to Sync down those changes to each machine.

Good advice on Using Git

  • Git Guides – git push (github.com)
  • What is git commit, push, pull, log, aliases, fetch, config & clone | by Ameet Prajapati | MindOrks | Medium
  • GitHub 101 — Introduction to GitHub for Newbies | by Arerosuoghene Wisdom | Medium

Happy Coding

Filed Under: Code, Git, GitHub, Uncategorized, Windows Tagged With: git, GitHub, gui, TortoiseGit, windows

How to code PHP on your localhost and deploy to the cloud via SFTP with PHPStorm by Jet Brains

March 31, 2019 by Simon

This is a quick guide that will show you how you can connect to a cloud server via SFTP with the PHPStorm IDE from Jet Brians and deploy files from your localhost to the cloud. This is my opinion, I am not paid to promote PHPStorm or UpCloud.

Pre-Requisites/Assumptions

This guide will assume you already have (or know how to)..

  • Buy a domain name and point it’s DNS to a server (I use Namecheap.com for buying domains)
  • Buy and deploy a server in the cloud. I have used AWS, Digital Ocean, Vultr but now use UpCloud for deploying fast self-managed servers. Read this guide here to see how I create a server from scratch on Up Cloud.
  • Setup SSH access to your server and configure a firewall.
  • You have or know how to set up PHP and Web Servers and configure them on your localhost and remote server (guides here, here, here, here, here and here).
  • etc ( check out all my guides here https://fearby.com/all )

I am using Windows 10 Home (with IIS Web Server (document root redirected to S:\Code\) and a pre built Ubuntu Cloud servers.

IIS pointing to S:\Code

Why no FTP? I do not create FTP servers on my serves to increase security and I only access servers via SSH via white-listed IP’s and then authenticate with hardware 2FA keys from YubiCo (read me 2FA guide here and also how to secure *nix servers and WordPress with 2FA).

Background

2 years ago I used to use the Cloud 9 IDE to connect to, and code files on cloud servers and life was good. I could configure and connect to servers, drag and drop files, run bash scripts from a web page and close the Cloud 9 browsers tabs, travel hundreds of kilometres and log back into C9 and all code and bash scripts would reappear.

Here is the Cloud 9 IDE showing code on the left and a Browser on the right.

C9.IDE showing code on the left and web page on the right

With Cloud 9 code could be easily accessed, edited and run.

See screenshot of code running from a Cloud 9 hosted server with properties windows on the right.

C9 IDE showing  a bash terminal windows and code

Regrettably, I cancelled my $9/m subscription to Cloud 9 after a minor stroke and since then I have gone back to a terminal screen to code and transfer files. In the last 2 years.

Screenshot of the putty program connected to a Ubuntu box editing a file with nano

Uploading and downloading files on mass is painful via pure SSH.

AWS has since purchased Cloud 9 and I am not sure if it will ditch support of non-AWS servers in the future. AWS is good but servers are very expensive for what you get IMHO. I have found Disk IO on UpCloud is awesome (also UpCloud support is great (I am not paid to say that)).

PHPStorm IDE?

A quick Google of IDE’s like Cloud 9 mentioned PHPStorm from Jet Brains. I have used IntelliJ IDEA from Jet Brains before and PHPStorm seems to be very popular.

Go to
https://www.jetbrains.com/phpstorm/ and see the features of PHPStorm

Watch PHPStorm in action

Whats new in PHPStorm 2019.1

Install PHPStorm

Visit https://www.jetbrains.com/phpstorm/download/ and download and install PHPStorm (free trial 30 days)

System requirements

  • Microsoft 10/8/7/Vista/2003/XP (incl. 64-bit)
  • 2 GB RAM minimum
  • 4 GB RAM recommended
  • 1024×768 minimum screen resolution

Pricing

PHPStorm is $8.90/m for individual use (or $19.90/m commercial). For the first 12 months of uninterrupted subscription payments qualify you for receiving a perpetual fallback license (20% discount for an uninterrupted subscription for a 2nd year, 40% discount for an uninterrupted subscription for 3rd year onwards).

PHPStorm work on Windows, OSX or Linux. This great an I use Windows locally and Linux remotely but I’m keen to use Linux locally to match local and remote dev environments.

Official PHPStorm Pricing Page:
https://www.jetbrains.com/phpstorm/buy/#edition=commercial

fyi: Jet Brains has free licencing for individual use for Students and faculty members.

Creating a Project

Open PHPStorm and select “Create New Project”.

Create New Project screen

Choose a project type on the left (e.g “PHP Empty Project“) and choose a location to save too (I chose “S:\code\php001) on my local machine. I chose “S:\code\php001” on my local machine.

New Project screenshot asking for a name and save location

Choose a folder to save to.

Choose a project and location to save to locally

Click “OK” to create the project.

PHPStorm will have created a project for you. You will notice a “.idea“folder under the location you saved with these files.

  • misc.xml
  • modules.xml
  • php001.xml
  • wordspace.xml

Do not delete these files.

Creating your first PHP file

You can right click on the project root and select New then PHP File

Right click on the root in the tree view then new PHP File

Or clicking the File then New menu choosing PHP File.

File new PHP File dialog

Name the file (e.g index.php)

Naming a file index.php

The file has been created and its available in my localhost web server.

Screenshot showing PHPStorm with index.php, S:\Code showing index.php and http://localhpst/php001/index.php loading

Creating a Deploy Target

Now we need to specify a deploy target in PHPStorm to push the file changes to the cloud. Backup your server (yes backup your server just in case).

Open your PHPStorm project and click Tools, Deployment and then Configuration.

Click Tools, Deployment and then Configuration.

Click the plus icon near the top left and choose SFTP

Screenshot showing add new deployment server (SFTP)

Name the deployment target (e.g “server (project)”)

Screenshot of an input box showing a server name
  • Enter your “server name” or IP and port
  • Enter your “ssh username” (ensure the SSH user had write access to the wwwroot folder and the web server can read the files written by this user)
  • Under password I chose “Key pair OpenSSH or Putty (as I had SSH details already setup in Putty details
  • You can add your ppk private key from Putty (use the puttygen program to conbvert ssh public and private kets to ppk format)
  • If you have a passphrase on your SSH key add it now
  • Enter your web servers remote path (for the project)
  • Enter your web server URL
Screenshot showing a server name, port, username, password, ssh file passphrase, root path and web server url.

I did SSH to my remote server and created the destination folder. This will ensure I can deploy code here (PHPStorm does not create the remote path fpor you ).

mkdir /wwwroot/php001
chown -R www-data:www-data /wwwroot/php001/

Click Test Connection

Test Successful screenshot

No we need to click the Mappings tab and add a mapping.

  • Local path is your local path
  • Deployment path is / (the web root path is carried forward from the previous tab)
  • Web path is the web path that is entered in the browser
Screenshot showing a manual file mapping of local and remote file locations

Click Add New Mapping. Now we are ready to deploy

Deploying code to the cloud

I right clicked on the root note in PHPStorm and created an index.php file.

Creating an index.php file by file new

I edited the index.php on my local machine and then click the Tools then Deployment and choose “Upload to fearby.com (php001)” menu.

Manual upload available in Tools menu then Deployment menu

The File Transfer output window showed the transfer progress.

Screenshot showing the file transfer window output saying the file uploaded.

I loaded https://fearby.com/php001/index.php in Google chrome. It worked.

Screenshot showing https://fearby.com/php001/index.php loaded in a bowser

Don’t forget to turn off Automatic uploads under Tools, Deployment menu.

'Screenshot showing Automatic updated turned on

Now when I create new files or change existing files they will auto upload.

Sourc Control

I will add this soon.

Shell Command

You can also open an SSH console to the server and run commands

e.g zip files

zip -r backup.zip .

I can also open a folder window in PHPStorm and show all remote files by clicking Tools then Deployment then Show Remote Files, Zip files can be easily downlaoded or other files uploaded. Nice.

Screenshot showing remote files

Linux Client

I will review the Linux PHPStorm client soon.

Troubleshooting

Watch the Official guide on Deployment and Remote Hosts in PhpStorm – PhpStorm Video Tutorial

Good Luck. I hope this guide helps someone.

Version

1.2 Removed advertisements

1.1 Minor Updates

1.0 Initial Version

Filed Under: 2FA, Backup, Cloud, Code, Git, GUI, IDE, Linux, SSH

Infographic: So you have an idea for an app

October 31, 2017 by Simon

I created this graphic as I was asked by multiple people how to develop an app. This does not include tips on coding but many people with the non-technical prerequisites to building an app.

I hope this graphic helps someone (It’s my first infographic/decision flow image, feedback welcome).

So You Have an Idea For An App: Graphic

Click for a larger version.

Infographic-So-you-have-an-idea-for-an-app-v1-3

Standalone Image URL’s

v1.3 (22nd November 2017)
  https://fearby.com/wp-content/uploads/2017/10/Infographic-So-you-have-an-idea-for-an-app-v1-3.jpg
v1.2 (4th Nov 2017, Added requirements and MoSCoW): 
  https://fearby.com/wp-content/uploads/2017/10/Infographic-So-you-have-an-idea-for-an-app-v1-2.jpg
v1.1 (1st Nov 2017, Fixed Typos): 
  https://fearby.com/wp-content/uploads/2017/10/Infographic-So-you-have-an-idea-for-an-app-v1-1.jpg

todo: Things to add Issues to fix in 1.4:
 - Add user personas and Epic, Story and Task stages.
 - How to capture good stories (and validated ideas (landing pages/interviews/problems/value/painpoints)

Define the problem(s) (pain points)

Before you start coding, do list your app requirements (problem’s to solve (pain points)).

Atlassian JIRA or Trello can help with this. I personally use (and like) Atlaz.io (now Hygger), I reviewed the BETA here).

Using Trello lists are also a simple way to capture tasks/ideas.

ListMore on these Read more here also read my Atlaz.io BETA Preview here.

Nothing beats pen and paper too.

Notepad

Moscow Prioritization

Must-Have Should-Have, Could-Have and Won’t-have are buckets you should sort ideas into. If you have trouble moving items away from Must to Should, Could or Won’t then assign a fictitious monetary value to spend on each item and that will help you decide what is more important.

Read this MoSCoW Method article at Wikipedia: https://en.wikipedia.org/wiki/MoSCoW_method

Managing MoSCoW tasks on paper is OK if you do not want to use planning software.

More

Read my guide on how to prototype apps with Adobe XD guide here.  You can also Prototype a Web app with Platforma (review here).

Read my post on how to develop software and stay on track.

Research

Do research your idea for market fit/need, competition, complexity, legal and validate ideas early. It’s best to find out early that Google will quote $60,000+ TAX a year to allow you to use Google map’s in your app early, then you can use https://www.mapbox.com for $499 a year.

Do you have competition?

Some people say “don’t develop an app that already exists”. Why would you develop a new Uber app? Henry Ford did make a new transportation mode when people were happy with horses, other car manufacturers like Tesla are moving in on the space so don’t be discouraged.

Landing Page

A landing page with a signup form (Newsletter and Register Interest) form is a good way to validate ideas and get feedback early (I would suggest you use a free Mainchimp signup form, a generated website with Platforma on a $5/m server for quick results). There is no point coding and launching to crickets.

Do you have an app Prototype or Mock-Up?

This is very important and easy step.  Programs like Adobe XD CC  (read my guide here) and Balsamiq can help you prototype an app, Platforma can help you prototype web apps.

Wire up a prototype

Drag and Drop

Have you validated your idea (app) with end-users?

If you don’t do this you are mad.  Watch this video to see lessons learned from Trades Cloud.

Is this app idea a hobby (passion)?

This can help you limit costs and expectations.  Cheap serves exist (read here and here).

Do you have time to develop/manage this?

Developing and managing an app and planning (paying for) development cycle can be time-consuming and mentally draining.

Can you code?

Do you need to hire developers or learn to code?  Blog post coming soon on how to hire coders.

Do you have funds?

Having funds on hand to set up and build an app is very important.

Do you want to hide developers (or get Venture Capital)?

This can help you get moving but you will have to give away a slice of the profits and or IP, managing mentors and VC’s can be tiresome.

Have you set failure criteria (post-mortem)?

Read this page on lessons learned from over 200 startup failures, save your favourites.  Having realistic goals and limits is a wise idea, do stop when you reach preset limits.

Do you have a business case?

There is plenty of business case generator template’s,  you will want to document some of the following.

  • What is your apps Purpose – App X will be..
  • What is your Mission Statement – App X will..
  • Who are your Target Customers – Retail..
  • Who are the Early Adopters – Retail..
  • What Problems does your app solve – App X will..
  • What Milestones will your app go through – iOS, Android, Apple TV, Web etc..
  • What Existing solutions exist – App: A, B and C..
  • How does your app Solve your customer’s problems (pain points) – App X will..
  • How will your app Find customers – Word of Mouth, Referrals, Advertisements?
  • What is your Revenue model – Sales, Ad’s, Subscriptions?
  • What is your apps Goal statement – App X will hit X users in X?
  • What are your apps Failure points – If app X does not reach X or monthly costs reach Y….
  • What is your Marketing message – App X will..
  • What is your apps Metrics – iOS, Android, Apple TV apps..
  • What is your Unfair Advantage – Why will you succeed over others?

Are you using a project management methodology?

Proven Methodology can help you develop software and stay on track, software like Atlaz, JIRA or Trello are highly recommended tools. Capturing ideas and processing feedback in tools is very important.

Before you code (or hire coders) use source code versioning software like GitHub and Bitbucket (guides here and here).  You want to retain the code and insist on owning it.

Product Goal

Simon Sinek has a good video on companies (or Products) being in a finite or infinite game.

Are you in full control of your development stack?

If you are not a developer you may not care if you are in control, but you will if there are issues with hired developers or issues with service providers.  I moved from CPanel to self-managed servers, moved from IBM Cloudant to Digital Ocean to AWS then Vultr servers where I can have full control or scalability, features, security and costs.

Can you forecast the costs?

Lowering cost and boosting performance is important and having spare money is a good thing.

I read recently that  Telsla is burning through $6,000 a minute and is forecast to need something like 2 billion dollars in the next 2 years. Software as Service platforms will drain your budget quick (they do take on some risk and maintenance tasks), is this worth it?

Mark Fedin (CEO and Co-founder at Atlaz) has a great post on the topic of viability Stop Dabbling At Startups .

Are you using the right tech?

Don’t be afraid of changing tech along the way, you may start with MySQL and move to MongoDB, Redis, Oracle ot MSSQL database servers etc.

Do you have systems to capture customer feedback?

Self-explanatory, you are solving customer problems, right? You will pivot in the first year (trust me).

What is your revenue/sales model?

If you don’t know how to make money then don’t make an app (apps are expensive to code and maintain).

Are you prioritizing task?

I have blogged about this before, do use the tools to stay on track.

Funny Bit

Project Mangement LolProject Mangement Lol

Donate and make this blog better


Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

v1.5 Fixed typos and fixed CDN link issue.

v1.4 Updated the graphic to version v1.3.

Short (Article): https://fearby.com/go2/so/

Short (Image): https://fearby.com/go2/so-img/

Filed Under: Advice, Android, App, Atlassian, AWS, Cost, Development, Digital Ocean, Feedback, Git, GitHub, JIRA, Marketing, MongoDB, MySQL, Project Management, Redis, Scalable, Software, Tech Advice, Trello, VM, Vultr Tagged With: an, app, for, have, idea, Infographic, So, you

Securing Ubuntu in the cloud

August 9, 2017 by Simon

It is easy to deploy servers to the cloud within a few minutes, you can have a cloud-based server that you (or others can use). ubuntu has a great guide on setting up basic security issues but what do you need to do.

If you do not secure your server expects it to be hacked into. Below are tips on securing your cloud server.

First, read more on scanning your server with Lynis security scan.

Always use up to date software

Always use update software, malicious users can detect what software you use with sites like shodan.io (or use port scan tools) and then look for weaknesses from well-published lists (e.g WordPress, Windows, MySQL, node, LifeRay, Oracle etc). People can even use Google to search for login pages or sites with passwords in HTML (yes that simple).  Once a system is identified by a malicious user they can send automated bots to break into your site (trying millions of passwords a day) or use tools to bypass existing defences (Security researcher Troy Hunt found out it’s child’s play).

Portscan sites like https://mxtoolbox.com/SuperTool.aspx?action=scan are good for knowing what you have exposed.

You can also use local programs like nmap to view open ports

Instal nmap

sudo apt-get install nmap

Find open ports

nmap -v -sT localhost

Starting Nmap 7.01 ( https://nmap.org ) at 2017-08-08 23:57 AEST
Initiating Connect Scan at 23:57
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 80/tcp on 127.0.0.1
Discovered open port 3306/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 9101/tcp on 127.0.0.1
Discovered open port 9102/tcp on 127.0.0.1
Discovered open port 9103/tcp on 127.0.0.1
Completed Connect Scan at 23:57, 0.05s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00020s latency).
Not shown: 994 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
3306/tcp open  mysql
9101/tcp open  jetdirect
9102/tcp open  jetdirect
9103/tcp open  jetdirect

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
           Raw packets sent: 0 (0B) | Rcvd: 0 (0B)

Limit ssh connections

Read more here.

Use ufw to set limits on login attempts

sudo ufw limit ssh comment 'Rate limit hit for openssh server'

Only allow known IP’s access to your valuable ports

sudo ufw allow from 123.123.123.123/32 to any port 22

Delete unwanted firewall rules

sudo ufw status numbered
sudo ufw delete 8

Only allow known IP’s to certain ports

sudo ufw allow from 123.123.123.123 to any port 80/tcp

Also, set outgoing traffic to known active servers and ports

sudo ufw allow out from 123.123.123.123 to any port 22

Don’t use weak/common Diffie-Hellman key for SSL certificates, more information here.

openssl req -new -newkey rsa:4096 -nodes -keyout server.key -out server.csr
 
Generating a 4096 bit RSA private key
...

More info on generating SSL certs here and setting here and setting up Public Key Pinning here.

Intrusion Prevention Software

Do run fail2ban: Guide here https://www.linode.com/docs/security/using-fail2ban-for-security

I use iThemes Security to secure my WordPress and block repeat failed logins from certain IP addresses.

iThemes Security can even lock down your WordPress.

You can set iThemes to auto lock out users on x failed logins

Remember to use allowed whitelists though (it is so easy to lock yourself out of servers).

Passwords

Do have strong passwords and change the root password provided by the hosts. https://howsecureismypassword.net/ is a good site to see how strong your password is from brute force password attempts. https://www.grc.com/passwords.htm is a good site to obtain a strong password.  Do follow Troy Hunt’s blog and twitter account to keep up to date with security issues.

Configure a Firewall Basics

You should install a firewall on your Ubuntu and configure it and also configure a firewall with your hosts (e.g AWS, Vultr, Digital Ocean).

Configure a Firewall on AWS

My AWS server setup guide here. AWS allow you to configure the firewall here in the Amazon Console.

Type Protocol Port Range Source Comment
HTTP TCP 80 0.0.0.0/0 Opens a web server port for later
All ICMP ALL N/A 0.0.0.0/0 Allows you to ping
All traffic ALL All 0.0.0.0/0 Not advisable long term but OK for testing today.
SSH TCP 22 0.0.0.0/0 Not advisable, try and limit this to known IP’s only.
HTTPS TCP 443 0.0.0.0/0 Opens a secure web server port for later

Configure a Firewall on Digital Ocean

Configuring a firewall on Digital Ocean (create a $5/m server here).  You can configure your Digital Ocean droplet firewall by clicking Droplet, Networking then Manage Firewall after logging into Digital Ocean.

Configure a Firewall on Vultr

Configuring a firewall on Vultr (create a $2.5/m server here).

Don’t forget to set IP rules for IPV4 and IPV6, Only set the post you need to allow and ensure applications have strong passwords.

Ubuntu has a firewall built in (documentation).

sudo ufw status

Enable the firewall

sudo ufw enable

Adding common ports

sudo ufw allow ssh/tcp
sudo ufw logging on
sudo ufw allow 22
sudo ufw allow 80
sudo ufw allow 53
sudo ufw allow 443
sudo ufw allow 873
sudo ufw enable
sudo ufw status
sudo ufw allow http
sudo ufw allow https

Add a whitelist for your IP (use http://icanhazip.com/ to get your IP) to ensure you won’t get kicked out of your server.

sudo ufw allow from 123.123.123.123/24 to any port 22

More help here.  Here is a  good guide on ufw commands. Info on port numbers here.

https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

If you don’t have a  Digital Ocean server for $5 a month click here and if a $2.5 a month Vultr server here.

Backups

rsync is a good way to copy files to another server or use Bacula

sudo apt install bacula

Basics

Initial server setup guide (Digital Ocean).

Sudo (admin user)

Read this guide on the Linux sudo command (the equivalent if run as administrator on Windows).

Users

List users on an Ubuntu OS (or compgen -u)

cut -d: -f1 /etc/passwd

Common output

cut -d: -f1 /etc/passwd
root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
gnats
nobody
systemd-timesync
systemd-network
systemd-resolve
systemd-bus-proxy
syslog
_apt
lxd
messagebus
uuidd
dnsmasq
sshd
pollinate
ntp
mysql
clamav

Add User

sudo adduser new_username

e.g

sudo adduser bob
Adding user `bob' ...
Adding new group `bob' (1000) ...
Adding new user `bob' (1000) with group `bob' ...
Creating home directory `/home/bob' ...
etc..

Add user to a group

sudo usermod -a -G MyGroup bob

Show users in a group

getent group MyGroup | awk -F: '{print $4}'

This will show users in a group

Remove a user

sudo userdel username
sudo rm -r /home/username

Rename user

usermod -l new_username old_username

Change user password

sudo passwd username

Groups

Show all groups

compgen -ug

Common output

compgen -g
root
daemon
bin
sys
adm
tty
disk
lp
mail
proxy
sudo
www-data
backup
irc
etc

You can create your own groups but first, you must be aware of group ids

cat /etc/group

Then you can see your systems groups and ids.

Create a group

groupadd -g 999 MyGroup

Permissions

Read this https://help.ubuntu.com/community/FilePermissions

How to list users on Ubuntu.

Read more on setting permissions here.

Chmod help can be found here.

Install Fail2Ban

I used this guide on installing Fail2Ban.

apt-get install fail2ban

Check Fail2Ban often and add blocks to the firewall of known bad IPs

fail2ban-client status

Best practices

Ubuntu has a guide on basic security setup here.

Startup Processes

It is a good idea to review startup processes from time to time.

sudo apt-get install rcconf
sudo rcconf

Accounts

  • Read up on the concept of least privilege access for apps and services here.
  • Read up on chmod permissions.

Updates

Do update your operating system often.

sudo apt-get update
sudo apt-get upgrade

Minimal software

Only install what software you need

Exploits and Keeping up to date

Do keep up to date with exploits and vulnerabilities

  • Follow 0xDUDE on twitter.
  • Read the GDI.Foundation page.
  • Visit the Exploit Database
  • Vulnerability & Exploit Database
  • Subscribe to the Security Now podcast.

Secure your applications

  • NodeJS: Enable logging in applications you install or develop.

Ban repeat Login attempts with FailBan

Fail2Ban config

sudo nano /etc/fail2ban/jail.conf
[sshd]

enabled  = true
port     = ssh
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 3

Hosts File Hardening

sudo nano /etc/host.conf

Add

order bind,hosts
nospoof on

Add a whitelist with your ip on /etc/fail2ban/jail.conf (see this)

[DEFAULT]
# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not                          
# ban a host which matches an address in this list. Several addresses can be                             
# defined using space separator.
                                                                         
ignoreip = 127.0.0.1 192.168.1.0/24 8.8.8.8

Restart the service

sudo service fail2ban restart
sudo service fail2ban status

Intrusion detection (logging) systems

Tripwire will not block or prevent intrusions but it will log and give you a heads up with risks and things of concern

Install Tripwire.

sudo apt-get install tiger tripwire

Running Tripwire

sudo tiger

This will scan your system for issues of note

sudo tiger
Tiger UN*X security checking system
   Developed by Texas A&M University, 1994
   Updated by the Advanced Research Corporation, 1999-2002
   Further updated by Javier Fernandez-Sanguino, 2001-2015
   Contributions by Francisco Manuel Garcia Claramonte, 2009-2010
   Covered by the GNU General Public License (GPL)

Configuring...

Will try to check using config for 'x86_64' running Linux 4.4.0-89-generic...
--CONFIG-- [con005c] Using configuration files for Linux 4.4.0-89-generic. Using
           configuration files for generic Linux 4.
Tiger security scripts *** 3.2.3, 2008.09.10.09.30 ***
20:42> Beginning security report for simon.
20:42> Starting file systems scans in background...
20:42> Checking password files...
20:42> Checking group files...
20:42> Checking user accounts...
20:42> Checking .rhosts files...
20:42> Checking .netrc files...
20:42> Checking ttytab, securetty, and login configuration files...
20:42> Checking PATH settings...
20:42> Checking anonymous ftp setup...
20:42> Checking mail aliases...
20:42> Checking cron entries...
20:42> Checking 'services' configuration...
20:42> Checking NFS export entries...
20:42> Checking permissions and ownership of system files...
--CONFIG-- [con010c] Filesystem 'fuse.lxcfs' used by 'lxcfs' is not recognised as a valid filesystem
20:42> Checking for indications of break-in...
--CONFIG-- [con010c] Filesystem 'fuse.lxcfs' used by 'lxcfs' is not recognised as a valid filesystem
20:42> Performing rootkit checks...
20:42> Performing system specific checks...
20:46> Performing root directory checks...
20:46> Checking for secure backup devices...
20:46> Checking for the presence of log files...
20:46> Checking for the setting of user's umask...
20:46> Checking for listening processes...
20:46> Checking SSHD's configuration...
20:46> Checking the printers control file...
20:46> Checking ftpusers configuration...
20:46> Checking NTP configuration...
20:46> Waiting for filesystems scans to complete...
20:46> Filesystems scans completed...
20:46> Performing check of embedded pathnames...
20:47> Security report completed for simon.
Security report is in `/var/log/tiger/security.report.simon.170809-20:42'.

My Output.

sudo nano /var/log/tiger/security.report.username.170809-18:42

Security scripts *** 3.2.3, 2008.09.10.09.30 ***
Wed Aug  9 18:42:24 AEST 2017
20:42> Beginning security report for username (x86_64 Linux 4.4.0-89-generic).

# Performing check of passwd files...
# Checking entries from /etc/passwd.
--WARN-- [pass014w] Login (bob) is disabled, but has a valid shell.
--WARN-- [pass014w] Login (root) is disabled, but has a valid shell.
--WARN-- [pass015w] Login ID sync does not have a valid shell (/bin/sync).
--WARN-- [pass012w] Home directory /nonexistent exists multiple times (3) in
         /etc/passwd.
--WARN-- [pass012w] Home directory /run/systemd exists multiple times (2) in
         /etc/passwd.
--WARN-- [pass006w] Integrity of password files questionable (/usr/sbin/pwck
         -r).

# Performing check of group files...

# Performing check of user accounts...
# Checking accounts from /etc/passwd.
--WARN-- [acc021w] Login ID dnsmasq appears to be a dormant account.
--WARN-- [acc022w] Login ID nobody home directory (/nonexistent) is not
         accessible.

# Performing check of /etc/hosts.equiv and .rhosts files...

# Checking accounts from /etc/passwd...

# Performing check of .netrc files...

# Checking accounts from /etc/passwd...

# Performing common access checks for root (in /etc/default/login, /securetty, and /etc/ttytab...
--WARN-- [root001w] Remote root login allowed in /etc/ssh/sshd_config

# Performing check of PATH components...
--WARN-- [path009w] /etc/profile does not export an initial setting for PATH.
# Only checking user 'root'

# Performing check of anonymous FTP...

# Performing checks of mail aliases...
# Checking aliases from /etc/aliases.

# Performing check of `cron' entries...
--WARN-- [cron005w] Use of cron is not restricted

# Performing check of 'services' ...
# Checking services from /etc/services.
--WARN-- [inet003w] The port for service ssmtp is also assigned to service
         urd.
--WARN-- [inet003w] The port for service pipe-server is also assigned to
         service search.

# Performing NFS exports check...

# Performing check of system file permissions...
--ALERT-- [perm023a] /bin/su is setuid to `root'.
--ALERT-- [perm023a] /usr/bin/at is setuid to `daemon'.
--ALERT-- [perm024a] /usr/bin/at is setgid to `daemon'.
--WARN-- [perm001w] The owner of /usr/bin/at should be root (owned by daemon).
--WARN-- [perm002w] The group owner of /usr/bin/at should be root.
--ALERT-- [perm023a] /usr/bin/passwd is setuid to `root'.
--ALERT-- [perm024a] /usr/bin/wall is setgid to `tty'.

# Checking for known intrusion signs...
# Testing for promiscuous interfaces with /bin/ip
# Testing for backdoors in inetd.conf

# Performing check of files in system mail spool...

# Performing check for rookits...
# Running chkrootkit (/usr/sbin/chkrootkit) to perform further checks...
--WARN-- [rootkit004w] Chkrootkit has detected a possible rootkit installation
Possible Linux/Ebury - Operation Windigo installetd

# Performing system specific checks...
# Performing checks for Linux/4...

# Checking boot loader file permissions...
--WARN-- [boot02] The configuration file /boot/grub/menu.lst has group
         permissions. Should be 0600
--FAIL-- [boot02] The configuration file /boot/grub/menu.lst has world
         permissions. Should be 0600
--WARN-- [boot06] The Grub bootloader does not have a password configured.

# Checking for vulnerabilities in inittab configuration...

# Checking for correct umask settings for init scripts...
--WARN-- [misc021w] There are no umask entries in /etc/init.d/rcS

# Checking Logins not used on the system ...

# Checking network configuration
--FAIL-- [lin013f] The system is not protected against Syn flooding attacks
--WARN-- [lin017w] The system is not configured to log suspicious (martian)
         packets

# Verifying system specific password checks...

# Checking OS release...
--WARN-- [osv004w] Unreleased Debian GNU/Linux version `stretch/sid'

# Checking installed packages vs Debian Security Advisories...

# Checking md5sums of installed files

# Checking installed files against packages...
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.dep' does not
         belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.alias.bin' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.devname' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.softdep' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.alias' does not
         belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.symbols.bin'
         does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.builtin.bin'
         does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.symbols' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-87-generic/modules.dep.bin' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.dep' does not
         belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.alias.bin' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.devname' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.softdep' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.alias' does not
         belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.symbols.bin'
         does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.builtin.bin'
         does not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.symbols' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/modules/4.4.0-89-generic/modules.dep.bin' does
         not belong to any package.
--WARN-- [lin001w] File `/lib/udev/hwdb.bin' does not belong to any package.

# Performing check of root directory...

# Checking device permissions...
--WARN-- [dev003w] The directory /dev/block resides in a device directory.
--WARN-- [dev003w] The directory /dev/char resides in a device directory.
--WARN-- [dev003w] The directory /dev/cpu resides in a device directory.
--FAIL-- [dev002f] /dev/fuse has world permissions
--WARN-- [dev003w] The directory /dev/hugepages resides in a device directory.
--FAIL-- [dev002f] /dev/kmsg has world permissions
--WARN-- [dev003w] The directory /dev/lightnvm resides in a device directory.
--WARN-- [dev003w] The directory /dev/mqueue resides in a device directory.
--FAIL-- [dev002f] /dev/rfkill has world permissions
--WARN-- [dev003w] The directory /dev/vfio resides in a device directory.

# Checking for existence of log files...
--FAIL-- [logf005f] Log file /var/log/btmp permission should be 660
--FAIL-- [logf007f] Log file /var/log/messages does not exist

# Checking for correct umask settings for user login shells...
--WARN-- [misc021w] There is no umask definition for the dash shell
--WARN-- [misc021w] There is no umask definition for the bash shell

# Checking symbolic links...

# Performing check of embedded pathnames...
20:47> Security report completed for username.

More on Tripwire here.

Hardening PHP

Hardening PHP config (and backing the PHP config it up), first create an info.php file in your website root folder with this info

<?php
phpinfo()
?>

Now look for what PHP file is loadingPHP Config

Back that your PHP config file

TIP: Delete the file with phpinfo() in it as it is a security risk to leave it there.

TIP: Read the OWASP cheat sheet on using PHP securely here and securing php.ini here.

Some common security changes

file_uploads = On
expose_php = Off
error_reporting = E_ALL
display_errors          = Off
display_startup_errors  = Off
log_errors              = On
error_log = /php_errors.log
ignore_repeated_errors  = Off

Don’t forget to review logs, more config changes here.

Antivirus

Yes, it is a good idea to run antivirus in Ubuntu, here is a good list of antivirus software

I am installing ClamAV as it can be installed on the command line and is open source.

sudo apt-get install clamav

ClamAV help here.

Scan a folder

sudo clamscan --max-filesize=3999M --max-scansize=3999M --exclude-dir=/www/* -i -r /

Setup auto-update antivirus definitions

sudo dpkg-reconfigure clamav-freshclam

I set auto updates 24 times a day (every hour) via daemon updates.

tip: Download manual antivirus update definitions. If you only have a 512MB server your update may fail and you may want to stop fresh claim/php/nginx and mysql before you update to ensure the antivirus definitions update. You can move this to a con job and set this to update at set times over daemon to ensure updates happen.

sudo /etc/init.d/clamav-freshclam stop

sudo service php7.0-fpm stop
sudo /etc/init.d/nginx stop
sudo /etc/init.d/mysql stop

sudo freshclam -v
Current working dir is /var/lib/clamav
Max retries == 5
ClamAV update process started at Tue Aug  8 22:22:02 2017
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1152
Software version from DNS: 0.99.2
Retrieving http://db.au.clamav.net/main.cvd
Trying to download http://db.au.clamav.net/main.cvd (IP: 193.1.193.64)
Downloading main.cvd [100%]
Loading signatures from main.cvd
Properly loaded 4566249 signatures from new main.cvd
main.cvd updated (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Querying main.58.82.1.0.C101C140.ping.clamav.net
Retrieving http://db.au.clamav.net/daily.cvd
Trying to download http://db.au.clamav.net/daily.cvd (IP: 193.1.193.64)
Downloading daily.cvd [100%]
Loading signatures from daily.cvd
Properly loaded 1742284 signatures from new daily.cvd
daily.cvd updated (version: 23644, sigs: 1742284, f-level: 63, builder: neo)
Querying daily.23644.82.1.0.C101C140.ping.clamav.net
Retrieving http://db.au.clamav.net/bytecode.cvd
Trying to download http://db.au.clamav.net/bytecode.cvd (IP: 193.1.193.64)
Downloading bytecode.cvd [100%]
Loading signatures from bytecode.cvd
Properly loaded 66 signatures from new bytecode.cvd
bytecode.cvd updated (version: 308, sigs: 66, f-level: 63, builder: anvilleg)
Querying bytecode.308.82.1.0.C101C140.ping.clamav.net
Database updated (6308599 signatures) from db.au.clamav.net (IP: 193.1.193.64)

sudo service php7.0-fpm restart
sudo /etc/init.d/nginx restart
sudo /etc/init.d/mysql restart 

sudo /etc/init.d/clamav-freshclam start

Manual scan with a bash script

Create a bash script

mkdir /script
sudo nano /scripts/updateandscanav.sh

# Include contents below.
# Save and quit

chmod +X /scripts/updateandscanav.sh

Bash script contents to update antivirus definitions.

sudo /etc/init.d/clamav-freshclam stop

sudo service php7.0-fpm stop
sudo /etc/init.d/nginx stop
sudo /etc/init.d/mysql stop

sudo freshclam -v

sudo service php7.0-fpm restart
sudo /etc/init.d/nginx restart
sudo /etc/init.d/mysql restart

sudo /etc/init.d/clamav-freshclam start

sudo clamscan --max-filesize=3999M --max-scansize=3999M -v -r /

Edit the crontab to run the script every hour

crontab -e
1 * * * * /bin/bash /scripts/updateandscanav.sh > /dev/null 2>&1

Uninstalling Clam AV

You may need to uninstall Clamav if you don’t have a lot of memory or find updates are too big.

sudo apt-get remove --auto-remove clamav
sudo apt-get purge --auto-remove clamav

Setup Unattended Ubuntu Security updates

sudo apt-get install unattended-upgrades
sudo unattended-upgrades -d

At login, you should receive

0 updates are security updates.

Other

  • Read this awesome guide.
  • install Fail2Ban
  • Do check your log files if you suspect suspicious activity.

Check out the extensive Hardening a Linux Server guide at thecloud.org.uk: https://thecloud.org.uk/wiki/index.php?title=Hardening_a_Linux_Server

Donate and make this blog better




Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

v1.92 added hardening a linux server link

Filed Under: Ads, Advice, Analitics, Analytics, Android, API, App, Apple, Atlassian, AWS, Backup, BitBucket, Blog, Business, Cache, Cloud, Community, Computer, CoronaLabs, Cost, CPI, DB, Development, Digital Ocean, DNS, Domain, Email, Feedback, Firewall, Free, Git, GitHub, GUI, Hosting, Investor, IoT, JIRA, LetsEncrypt, Linux, Malware, Marketing, mobile app, Monatization, Monetization, MongoDB, MySQL, Networking, NGINX, NodeJS, NoSQL, OS, Planning, Project, Project Management, Psychology, push notifications, Raspberry Pi, Redis, Route53, Ruby, Scalability, Scalable, Security, SEO, Server, Share, Software, ssl, Status, Strength, Tech Advice, Terminal, Transfer, Trello, Twitter, Ubuntu, Uncategorized, Video Editing, VLOG, VM, Vultr, Weakness, Web Design, Website, Wordpress Tagged With: antivirus, brute force, Firewall

How to develop software ideas

July 9, 2017 by Simon

I was recently at a public talk by Alan Jones at the UNE Smart Region Incubator where Alan talked about launching startups and developing ideas.

Alan put it quite eloquently that “With change comes opportunity” and we are all very capable of building the next best thing as technological barriers and costs are a lot lower than 5 years ago but Alan also mentioned 19 start-ups-ups fail but “if you focus on solving customer problems you have a better chance of succeeding”. Regions need to share knowledge and you can learn from other peoples mistakes.”

I was asked after this event to share thoughts on “how do I learn to develop an app” and “how do you get the knowledge”. Here is my poor “brain dump” on how to develop software ideas (It’s hard to condense 30 years experience developing software). I will revise this post over the coming weeks so check back often.

If you have never programmed before check out this programming 101 guides here.

I have blogged on technology/knowledge things in the past at www.fearby.com and recently I blogged about how to develop cloud-based services (here, here, here, here and here) but this blog post assumes you have a validated “app idea” and you want to know how to develop yourself. If you do not want to develop an app yourself you may want to speak with Blue Chilli.

Find a good mentor.


True App Development Quotes

  • Finding development information is easy, following a plan is hard.
  • Aim for progress and not perfection.
  • Learn one thing at a time (Multitasking can kill your brain).
  • Fail fast and fail early and get feedback as early as possible from customers.
  • 10 engaged customers are better than 10,000 disengaged users.

And a bit of humour before we start.

Project Mangement Lol

(click for larger image)

Here is a funny video on startup/entrepreneur life/lingo


This is a good funny, open and honest video about programming on YouTube.

Follow Seth F Samuel on twitter here.

Don’t be afraid to learn from others before you develop

My fav tips from over 200 failed startups (from https://www.cbinsights.com/blog/startup-failure-post-mortem/ )

  • Simpler websites shouldn’t take more than 2-3 months.You can always iterate and extrapolate later. Wet your feet asap
  • As products became more and more complex, the performance degrades. Speed is a feature for all web apps. You can spend hundreds of hours trying to speed of the app with little success. Benchmarking tools incorporated into the development cycle from the beginning is a good idea
  • Outsource or buy in talent if you don’t know something (e.g marketing). Time is money.
  • Make an environment where you will be productive. Working from home can be convenient, but often times will be much less productive than a separate space. Also it’s a good idea to have separate spaces so you’ll have some work/life balance.
  • Not giving enough time to stress and load testing or leaving it until the last minute is something startups are known for — especially true of small teams — but it means things tend to get pretty tricky at scale, particularly if you start adding a user every four seconds.
  • It’s possible to make a little money from a lot of people, or a lot of money from a few people. Making a little money from a few people doesn’t add up. If you’re not selling something, you better have a LOT of eyeballs. We didn’t.
  • We received conflicting advice from lots of smart people about which is more important. We focused on engagement, which we improved by orders of magnitude. No one cared. Lesson learned: Growth is the only thing that matters if you are building a social network. Period. Engagement is great but you aren’t even going to get the meeting unless your top-line numbers reach a certain threshold (which is different for seed vs. series A vs. selling advertising).
  • We most definitely committed the all-too-common sin of premature scaling. Driven by the desire to hit significant numbers to prove the road for future fundraising and encouraged by our great initial traction in the student market, we embarked on significant work developing paid marketing channels and distribution channels that we could use to demonstrate scalable customer acquisition. This all fell flat due to our lack of product/market fit in the new markets, distracted significantly from product work to fix the fit (double fail) and cost a whole bunch of our runway.
  • If you’re bootstrapping, cash flow is king. If you want to possibly build a product while your revenue is coming from other sources, you have to get those sources stable before you can focus on the product.
  • Don’t multiply big numbers. Multiply $30 times 1.000 clients times 24 months. WOW, we will be rich! Oh, silly you, you have no idea how hard it is to get 1.000 clients paying anything monthly for 24 months. Here is my advice: get your first client. Then get your first 10. Then get more and more. Until you have your first 10 clients, you have proved nothing, only that you can multiply numbers.
  • Customers pay for information, not raw data. Customers are willing to pay a lot more for information and most are not interested in data. Your service should make your customers look intelligent in front of their stakeholders. Follow up with inactive users. This is especially true when your service does not give intermediate values to your users. Our system should have been smarter about checking up on our users at various stages.
  • Do not launch a startup if you do not have enough funding for multiple iterations. The chances of getting it right the first time are about the equivalent of winning the lotto.

Here are my tips on staying on track developing apps. What is the difference between a website, app, API, web app, hybrid app and software (my blog post here)?

I have seen quite a few projects fail because:

  • The wrong technology was mandated.
  • The software was not documented (by the developers).
  • The software was shelved because new developers hated it or did not want to support it.

Project Roles (hats)

It is important to understand the roles in a project (project management methodology aside) and know when you are being a “decision maker” or a “technical developer”. A project usually has these roles.

  • Sponsor/owner (usually fund the project and have the final say).
  • Executive/Team leader/scrum master (manage day to day operations, people, tasks and resources).
  • Team members (UI, UX, Marketers, Developers (DevOps, Web, Design etc) are usually the doers.
  • Stakeholders (people who are impacted (operations, owners, Helpdesk)).
  • Subject Matter Experts (people who should guide the work and not be ignored).
  • Testers (people who test the product and give feedback).

It can be hard as a developer to switch hats in a one-person team.

How do you develop and gain knowledge?

First, document what you need to develop (what problem are you solving and what value will your idea bring). Does this solution exist already? Don’t solve a problem that already exists.

Developing software is not hard, you just need to be logical, research, be patient and follow a plan. The hardest part can be gluing components together.

I like to think of developing software like making a car if you need 4 wheels do you have 4 wheels? If you want to build it yourself and save some money can you make wheels (make rubber strips with steel reinforced/vulcanized rubber, make alloys and add bearings and have them pass regulations) or should you buy wheels (some things are cheaper to make than other things)? Developing software can be easy if you know what your are doing and have the experience and are aware of the costs and risks.  Developing software can lead you down a rabbit hole of endless research, development, and testing if you don’t know what you are doing.

Examples 1:

I “need a webpage”:

  • Research: Will Wix, Shopify or a hosted WordPress website do (is it flexible or cheap enough) or do I install WordPress (guide here) or do I  learn and build an HTML website and buy a theme and modify it (and have a custom/flexible solution)?

Example 2:

I “need an iPhone and Android app”:

Research: You will need to learn iOS and Android programming and you may need a server or two to hold the apps data, webpage and API. You will also need to set up and secure the servers or choose to install a database or go with a “database as a service” like cloud.mongodb.com or google firebase.

Money can buy anything (but will it be flexible/cheap enough), time can build anything (but will it be secure enough).

Developing software can be easy if you know what your are doing and have the experience and are aware of the costs and risks but developing software can lead you down a rabbit hole of endless research, development and testing if you don’t know what you are doing.

Almost all systems will need a central database to store all data, you can choose a traditional relational SQL database or a newer NoSQL database. MySQL is a good/cheap relational SQL database and MongoDB is a good NoSQL database. You will need to decide on how your app talks to the database (directly or via an API (protected by OAuth or limited access tokens)).  It is a bad idea to open a database directly to the world with no security. Sites like www.shodan.io will automatically scan the Internet looking for open databases or systems and report this as an insecure site to anyone. It is in your interest to develop secure systems in all stages of development.

CRUD (Create, Read, Update and Delete) is a common group of database tasks that you can do to prove you can read, write, update and delete from a database. While performing CRUD operations is a good to benchmark to also see how fast the database it.  if a database is the slowest link then you can use memory to cache database values (read my guide here). Caching can turn a cheap server into a faster server. Learning by doing can quickly build skills so “research”, “do” and “learn”.

Most solutions will need a website (and a web server). Here is a good article comparing Apache and Nginx (the leading open source web servers).

Stacks and Technology – There are loads of development environments (stacks), frameworks and technologies that you can choose. Frameworks supposedly make things easier and faster but frameworks and technologies change (See 2016 frameworks to learn guide and 2017 frameworks to learn guide) frequently (and can be abandoned). Frameworks supposedly make things easier and faster but be careful most frameworks run 30% slower than raw server-side and client code. I’d recommend you learn a few technologies like NGINX, NodeJS, PHP and MySQL and move up from there.

The Mean Stack is a  popular web development platform (MEAN = MongoDB, ExpressJS, Angular and NodeJS.).

Apps can be developed for Apple platforms by signing up here (about $150 AUD a year) and using the XCode IDE. Apps can be developed for the Android Platform by using Android Studio (for about $20 (one-off fee)). Microsoft has a developer portal for the Windows Platform. Google also has an online scalable database as a service called Firebase. If you look hard enough you will find a service for everything but connecting those services can be timely, costly or make security and a scalable solution impossible so beware of using as-a-service platforms. I used the Corona SDK to develop an app but abandoned the platform due to changes in the vendor’s communication and enforced policies.

If you are not sure don’t be afraid of ask for help on Twitter.

Twitter is awesome for finding experts

Recent twitter replies to a problem I had.

Learning about new Technology and Stacks

To build the knowledge you need to learn stuff, build stuff, test (benchmark), get feedback and build more stuff. I like to learn about new technology and stacks by watching Udemy courses and they have a huge list of development courses (Web Development, Mobile Apps, Programming Languages, Game Development, Databases,  Software Testing,  Software Engineering etc).

I am currently watching a Practical iOS 11 course by Stephen DeStefano on Udemy to learn about unreleased/upcoming features on the Apple iPhone (learning about XCode 9, Swift 4, What’s new in iOS 11, Drag and drop, PDF and ARKit etc).

Udemy is awesome (Udemy often have courses for $15).

If you want to learn HTML go to https://www.w3schools.com/.

https://devslopes.com/have a number or development related courses and an active community of developers in a chat system.

You can also do formal study via an education provider (e.g. Bachelor of computer sciences at UNE or Certificate IV in programming or Diploma in Software Development at TAFE).

I would recommend you use Twitter and follow keywords (hashtags) around key topics (e.g #www, #css, #sql, #nosql, #nginx, #mongodb, #ios, #apple, #android, #swift, #objectivec, #java, #kotlin) and identify users to follow. Twitter is great for picking up new information.

I follow the following developers on YouTube (TheSwiftGuy, AppleProgrammer, AwesomeTuts, LetsBuildThatApp, CodingTech etc)

Companies like https://www.civo.com/ offer developer-friendly features with hosting, https://www.pebbled.io/ offer to develop for you and https://serverpilot.io/ help you spin up software on hosting providers.

What To Develop

First, you need to break down what you need. (e.g ” I want an app for iOS and Android in 5 months that does XYZ. The app must be secure and be fast. Users must be able to register an account and update their profile”).

Choosing how high to ensure your development project scales depends on your peak expected/active concurrent users (ratio of paying and free users). You can develop your app to scale very high but this may cost more money initially, it can be bad to pay to ensure scalability early. As long as you have a good product and robust networking/retry routines and UI you don’t need to scale high early.

Once you know what you need you can search the open-source community for code that you can use. I use Alamofire for iOS network requests, SwiftyJSON for processing JSON data and other open-source software. The only downside of using open source software is it may be abandoned by the creators and break in the future. Saving your time early may cost you time later.

Then you can break down what you don’t want. (e.g “I don’t want a web app or a windows phone or windows desktop app”). From here you will have a list of what you need and what you can avoid.

You will also need to choose a project management methodology (I have blogged about this here). Having a list of action item’s and a plan and you can work through developing your app.

While you are researching it is a good idea to develop smaller fun projects to refine your skills.  There are a number of System Development Life Cycles (SDLC’s) but don’t worry if you get stuck, seek advice or move on. It is a  good idea to get users beta testing your app early and seek feedback. Apple has the TestFlight app where you can send beta versions of apps to best testers. Here is a good guide on Android beta testing.

If you are unsure about certain user interface options or features divide your beta testers and perform A/B or split testing to determine the most popular user interfaces. Capturing user data and logs can also help with debugging and user usage actions.

Practice

Develop smaller proof of concept apps in new technologies or frameworks and you will build your knowledge and uncover limitations in certain frameworks and how to move forward with confidence. It is advisable to save your source code for later use and to share with others.

I have shared quite a bit of code at https://simon.fearby.com/blog/ that I refer to from time to time. I should have shared this on GitHub but I know Google will find this if people want it.

Get as much feedback as you can on what you do and choose (don’t trust the first blog post you read (me included)).

Most companies offer Webinars on their products. I like the NGINX webinars. Tutorialspoint have courses on development topics. Sitepoint is a  good development site that offers free books, courses, and articles. What are API’s information by Programmable web.

You may want to document your application flow to better understand how the user interface works.

Useful Tools

Balsamic Mockups and Blueprint are handy for mocking up applications.

C9.io is a great web-based IDE that can connect to a VM on AWS or Digital Ocean.  I have a guide here on connecting Cloud 9 to an AWS VM here.

I use the Sublime Text 3 text editor when editing websites locally.

(image courtesy of https://www.sublimetext.com/ )

I use the Mac Paw app to help test API’s I develop locally.

(image courtesy of https://paw.cloud )

Snippets is a great application for the Mac for storing code snippets.

I use the Cornerstone Subversion app for backing up my code on my Mac.

Webservers: https://www.iis.net/IIS Webserver, NGINX Webserver, Apache Webserver.

NodeJS programming manual and tutorials.

I use Little Snitch (guide here) for simulating network down in app development.

I use the Forklift file manager on OSX.

Databases: SQL tutorials, NoSQL Tutorials, MySQL documentation.

Siege is a command-line HTTP load testing tool.

CPU Busy

http://loader.io/ is a nice web-based benchmarking tool.

Bootstrap is an essential mobile responsive framework.

Atlassian Jira is an essential project tracking tool. More on Agile Epics v Stories v Tasks on the Atlassian community website here. I have a post on developing software and staying on track here using Jira.

Jsfiddle is a good site that allows you to share code you are working on or having trouble with.

Dribbble is a “show and tell” site for designers and creatives.

Stackoverflow is the go-to place to ask for help.

Things I care about during development phases.

  • Scalability
  • Flexibility
  • Risk
  • Cost
  • Speed

Concentrating too much on one facet can risk exposing other facets. Good programmers can recommend a deliver a solution that can be strong in all areas ( I hate developing apps that are slow but secure or scalable and complex).

Platforms

You can signup for online servers like Azure, AWS (my guide here) or you can use a cheaper CPanel based hosting. Read my guide on the costs of running a cloud-based service.

Use my link to get a free Digital Ocean server for two months by using this link. Read my blog post here to help setup you VM. You can always use Ubuntu on your local machine to use Ubuntu (read my guide here). Don’t forget to use a GIT code repository like GitHub or Bitbucket.

Locally you can install Ubuntu (developers edition) and have a similar environment as cloud platforms.

Lessons Learned

  • Deploy servers close to the customers (Digital Ocean is too far away to scale in Australia).
  • Accessibility and testing (make things accessible from the start).
  • Backup regularly (Use GIT, backup your server and use Rsync to copy files to remote servers and use services like backblaze.com to backup your machine).
  • Transportability of technology (Use open technology and don’t lock yours into one platform or service).
  • Cost (expensive and convenient solutions may be costly).
  • Buy in themes and solutions (wrapbootstrap.com).
  • Do improve what you have done (make things better over time). Thing progress and not perfection.

There is no shortage of online comments bagging certain frameworks or platforms so look for trends and success stories and don’t go with the first framework you find. Try candidate frameworks and services and make up your own mind.

A good plan, violently executed now, is better than a perfect plan next week. – General George S. Patton

Costs

Sometimes cost is not the deciding factor (read my blog post on Alibaba cloud). You should estimate your apps costs per 1000 users. What do light v heavy users cost you? I have a blog post on the approx cost of cloud services.  I started researching a scalable NoSQL platform on IBM Cloudant and it was going to cost $4,000 USD a month and integrating my own App logic and security was hard. I ended up testing MongoDB Cloud where I can scale to three servers for $80 a month but for now, I am developing my current project on my own AWS server with MongoDB instance. Read my blog post here on setting up MongoDB and read my blog post on the best MongoDB GUI.

Here is a great infographic for viewing what’s involved in mobile app development.

You can choose a number of tools or technologies to achieve your goals, for me it is doing it economically, securely and in a scalable way that has predictable costs. It is quite easy to develop something that is costly, won’t scale or not secure or flexible. Don’t get locked into expensive technologies. For example, AWS has a user pays Node JS service called Lambada where you get Million of free hits a month and then you get charged $0.0000002 per request thereafter. This sounds good but I prefer fixed pricing/DIY servers better as it allows me to build my own logic into apps (this is more important than scalability).

Using open-source software of off the shelf solutions may speed things up initially? Will It slow you down later though? Ensure free solutions are complete and supported and Ensure frameworks are helping. Do you need one server or multiple servers (guide on setting up a distributed MySQL environment )? You can read about my scalability on a budget journey here. You can speed up a server in two ways Scale Up (Add more Mhz or CPU cores) or scale-out (add more servers).

Start small and use free frameworks and platforms but have a tested scale-up plan, I researched cheap Digital Ocean servers and moved to AWS to improve latency and tested MongoDB on Digital Ocean and AWS but have a plan to scale up to cloud.mongodb.com if need be.

Outsource (contractors) 

Remember outsourcing work tasks (or complete outsourcing of development) can buy you time and or deliver software faster. Outsourcing can also introduce risks and be expensive. Ask for examples of previous work and get raw numbers on costs (now and in the future) and concurrent users that a particular bit of outsourcing work will achieve.

If you are looking to outsource work do look at work that the person or company has done before (if is fast, compliant, mobile scalable, secure, robust, backup up, do you have rights to edit/own and own the IP etc). I’d be cautious of companies who say they can do everything and don’t show live demos.

Also, beware of restrictions on your code set by the contractors. Can they do everything you need (compare with your list of Moscow must haves)? Sometimes contractors only code or do what they are comfortable with that can impact your deliverables.

Do use a private Git repository (that you own) like GitHub or BitBucket to secure your code and use software like Trello or Atlassian JIRA to track your project. Insist the contractors use your repository to retain control.

You can always sell equity in your idea to an investor and get feedback/development from companies like Bluechilli.

Monetization and data

Do have multiple monetization streams (initial app purchase cost, in-app purchase, subscriptions, in-app credit, advertising, selling code/components etc). Monthly revenue over yearly subscription works best to ensure cash flow.

Capture usage data and determine trends around successful engagement, Improve what works. Use A/B testing to roll out new features.

I like Backblaze post on getting your first 1,000 customers.

Maintenance, support risk and benefits

Building your own service can be cheaper but also riskier if you fail to secure an app you are in trouble if you cannot scale you are in trouble. If you don’t update your server when vulnerabilities come out you are in trouble. Also, Google on monetization strategies. Apple apps do appear to deliver more profits over Android. Developers often joke “Apple devices offer 90% of the profits and 10% of the problems and Android apps offer 90% of the problems and 10% of the profits”.

Also, Apple users tend to update to the latest operating system sooner where Android devices are rather fragmented.

Do inform you users with self-service status pages and informative error messages and don’t annoy users.

Use Free Trials and Credit

Most vendors have free trials so use them

https://aws.amazon.com/free/AWS have 12 month free tiers.

Use this link to get two months free with Digital Ocean.

Microsoft Azure also give away free credit.

Google cloud also have free credit.

Don’t be afraid to ask.

MongoDB Cloud also gives away free credit if you ask.

Security

Sites like Shodan.io will quickly reveal weaknesses in your server (and services), this will help you build robust solutions from the start before hackers find them. Read https://www.owasp.org/index.php/Main_Page to know h0w to develop secure websites. Listen to the SecurityNow podcast to learn how the technology works and is broken. Following TroyHunt is recommended to keep up to date with security in general. @0xDUDE is a good ethical hacker to follow to stay up-to date on security exploits also @GDI_FDN is a good non-profit organization that helps defend sites that use open source software.

White hack hackers exist but so do black hat ones.

Read the Open Web Application Security site here. Read my guide on setting up public key pinning in security certificates here.

I use the ASafaWeb site to test your sites from common ASP security flaws. If you have a secure certificate on your site you will need to ensure the certificate is secure and up to date with the SSL Labs SSL Test site.

SSL Cert

Once your websites IP address is known (get it from SSL Labs) run a scan over your site with https://www.shodan.io/ to find open ports or security weaknesses.

Shodan.io allows you and others to see public information about your server and services. You can read about well-known internet ports here.

Anyone can find your server if you are running older (or current) web servers and or services.

It is a  good idea to follow security researchers like Steve Gibson and Troy Hunt and stay up to date with live exploits. http://blog.talosintelligence.com is also a good site for reading technical breakdowns of exploits.

Networking

Do share and talk about what you do with other developers. You can learn a lot from other developers and this can save you loads of time and mistakes. True developers love talking about their code and solutions.

Decision Making

Quite a lot of time can be spent on deciding on what technology or platform to use, I decide by factoring in cost, risk and security over flexibility, support and scalability. If I need flexibility, lower support or scalability then I’ll choose a different technology/platform. Generally, technology can help with support. Scalable solutions need effort from start to finish (it is quite easy to slow down any technology or service).

Don’t be afraid to admit you have chosen the wrong technology or platform. It is far easier to research and move on than live with poor technology.

If you have chosen the wrong technology and stick with it, you (and others) will loath working with it (impacting productivity/velocity).  Do you spend time swapping technology or platforms now or be less productive later?

Intellectual property and Trademarks

Ensure you search international trademarks for your app terms before you start using them. The Australian ATO has a good Australian business name checker here.

https://namechk.com/ is also a good place to search for your app ideas name before you buy or register any social media accounts.

Using https://namechk.com/ you can see “mystartupidea” name is mostly free.

And the name “microsoft’ is mostly taken.

Seek advice from a start-up experts from https://www.bluechilli.com/ like Alan Jones.

See my guide on how to get useful feedback for your ideas here.

Tips

  1. Use Git Source Control systems like GitHub or Bitbucket from the start and offsite backup your server and environments frequently. Digital Ocean charges 20% of your servers costs to back it up. AWS has multiple backup offerings.
  2. Start small and scale up when needed.
  3. Do lots of research and test different platforms, frameworks, and technologies and you will know what you should choose to develop with.

(Image above found at http://startupquotes.startupvitamins.com/ Follow Startup Vitamins on Twitter here.).

You will know when you are a developer when you have gained knowledge and experience and can automatically avoid technologies that will not fit a  solution.

Share

Don’t be afraid to share what you know (read my blog post on this here). Sharing allows you to solidify your knowledge and get new information. Shane Bishop from EWWW Image Optimizer  WordPress plugin wrote Setting up a fast distributed MySQL environment with SSL for us. If you have something to share on here please let me know here on twitter.

It’s never too late to do

One final tip is knowledge is not everything, planning and research is key, a mind that can’t develop may be better than a mind that can because they have no experience (or baggage) and may find faster ways to do things. Thanks to http://zachvo.com/ for teaching me this during a recent WordPress re-deployment. Sometimes the simplest solution is.

Donate and make this blog better




Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

DRAFT: 1.86 added short link

Short: https://fearby.com/go2/develop/

Filed Under: Advice, Android, Apple, Atlassian, Backup, BitBucket, Blog, Business, Cloud, CoronaLabs, Cost, Development, Domain, Firewall, Free, Git, GitHub, Hosting, JIRA, mobile app, MySQL, Networking, NodeJS, OS, Project Management, Scalability, Scalable, Security, Server, Software, Status, Trello, VM Tagged With: ideas

Setting up BitBucket on an iMac and creating a project

June 30, 2017 by Simon

I use Jira for managing software development tasks on AWS and Digital Ocean and I recently tried out GitHub, It’s about time I checked out the free BitBuucket.

I have a dedicated Jira software page at https://mysecertprojectnamehere.atlassian.net/ and from there I can set up a BitBucket account. I read the use SSH with Bitbucket and setup SSH for git.

BitBucket

I downloaded the BitBucket v2.5.3 application for free. BitBucket offers free private repositories for up to 5 users, 1GB total and 50 build minutes with pipelines. Get started with pipelines guide.

BitBucket

I needed to log in to bitbucket.org before signing up. I have a few Atlassian accounts so I made sure I logged in with the right account.

After logging in I was prompted with the Bitbucket beta (I said OK).

BitBucket

BitBucket beta is now activated now I can create a repository.

BitBucket

It appears BitBucket gives you 1Gb file storage for free, then $10 after that for 100 GB.

The next thing I did was include a menu item (link) to my new BitBucket Account in my Jira (Settings then Applications then Application Navigator) in Jira.

Now I can easily get to my BitBucket from JIRA.

When you create a repository on BitBucket you can import a repository from GitHub (I imported my repo that I created in GitHub).

I was able to import my GitHub project I created in this blog post ok.

Adding SSH Keys Locally

You can find SSL related SSL settings by clicking your user profile picture when logged into https://bitbucket.org/ then Bitbucket settings.

Then click SSH Keys.

As with GitHub we can generate a local machine generated SSH key and assign it to BitBucket to prevent using BitBucket password when we push code to BitBucket.

You can learn how to generate a key here.

Locally I entered a terminal and typed the following to generate a key.

cd ~/.ssh
mkdir backup
sudo cp *.* backup/
ssh-keygen -t rsa -C "bitbucket [email protected]"

I entered the following output filename when generating the key.

bitbucket_rsa.pub

Performing a list directory in terminal you should see two new files.

cd ~/.ssh/
ls -al
total 80
drwx------  13 simon  staff   442 30 Jun 22:19 .
[email protected] 92 simon  staff  3128 28 Jun 00:56 ..
...
-rw-------   1 root   wheel  3326 27 Jun 22:45 githubrsa
-rw-r--r--   1 root   wheel   742 27 Jun 22:45 githubrsa.pub

You can use this command to copy the new public SSH key to clipboard.

cat bitbucket_rsa.pub | pbcopy

You can now paste this SSH key into Bitbucket’s UI.

I edited the description of the SSH key to include my laptop name.

You can see how I set up SSH keys on GitHub here.

You will also need to add your SSK key to the end of the known_hosts file

# edit the known_hosts file
sudo nano known_hosts
# Add this to the end of your known_host file (keep all contents in this file)
bitbucket.org,104.192.143.3,131.103.20.167,131.103.20.168,131.103.20.169,131.103.20.170 ssh-rsa AAAA_paste_your_ssh_key_text_here bitbucket [email protected]

I found the possible listening Atlassian Bitbucket serves here. Atlassian recommend you monitor the @bitbucket account on twitter and watch the bitbucket status page.

Verifying your SSH connection to Bitbucket

sudo ssh -T [email protected]
The authenticity of host 'bitbucket.org (104.192.143.2)' can't be established.
RSA key fingerprint is SHA256:removed.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'bitbucket.org,104.192.143.2' (RSA) to the list of known hosts.
Permission denied (publickey)..

I have issues with my terminal connecting to BitBucket?  I have asked @Bitbucket and have not had a response.

My following command was failing?

sudo ssh -T [email protected]
Permission denied (publickey).

I thought I would give the Bitbucket Gut SourceTree application a try.

BitBucket

I downloaded the zip file containing the application and ran the install wizard.

BitBucket

Unfortunately, the Atlassian Bitbucket SourceTree application failed to allow my account to sign in (infinite spinning wheel of death for 24 hours) – note the spinning wheel near the Cancel button.

BitBucket

I have had no luck getting SSH access to bitbucket from the terminal or SourceTree to log in. I asked @BitBucket for help on Twitter but have not heard anything.

In desperation, I tried again and this time selected HTTPS in SurceTree and was asked to grant access to my account (read and modify).

BitBucket

I can now see remote repositories (with my logged in identity).

BitBucket

Syncing (Pulling) the Repository with SourceTree

Time to check out an empty project #1 (repository clone) in SourceTree (seems SSH /terminal is not working in BitBucket).

BitBucket

This worked, I can see files locally.

BitBucket

Now it is time to clone a larger project that I imported from GitHub.  This one took a little longer to clone.

BitBucket

All files synced down ok and teh SourceTree application is looking good.

BitBucket

Adding my first new local file(s) to the repository

Bitbucket is not working via terminal/SSH yet so I added a file ( called “testbitbucketfile.txt”) in Finder and tried to upload it with SourceTree by selecting Workspaces then File status then checking the file to ensure it was going to be uploaded (I was expecting a prompt to add the file after I created it but nothing appeared).

BitBucket

Submitting (pushing) changes (adding another file)

Because BitBucket was not working via terminal/SSH I tried to commit via SourceTree.

I selected Push then OK.

It appears I have an authentication error when I sync (why?, I am logged in and can see repositories and I granted read/modify access earlier)?

> Error: “Invalid username or password. If you log in via a third party service you must ensure you have an account password set in your account profile. fatal: Authentication failed”.

My account has been pre-authenticated, what gives SourceTree?

The only option I can see is switching to “basic” authentication (no thanks).

More worryingly BitBucket Source Tree reports “Completed successfully” when it is clear that the new files were not uploaded.

I appear to have to write access permissions for my repo so I have no ideas what is wrong.

I may be wrong but it appears I need to be a paid user to have a working Git repository?  Time to use GitHib (as I know it works with SSH and syncs files).

This hereby ends my BitBucket test. I have no working BitBucket SSH environment on my OSX , poor support from Atlassian (poor documentation, slow social media replies and poor SourceTree error messages/UI) and SourceTree is overly optimistic on actions. I was logged in, granted read/modify access to SourceTree but I am unable to push back to a repo?

Atlassian support

I received a message on my question on Twitter to @bitbucket and was asked to log a support issue.


I googled Atlassian support


I logged in and tried to log a support request but got stuck in an update profile loop

When I clicked save I was not redirected anywhere new and was directed back to the update profile details screen (no other tabs were open on my mobile device Safari/iPhone).

I submitted a bug report on a desktop browser (bug 4825 on the BitBucket/SRCTREE for Mac Jira).

Conclusion

I’ll stick with using  GitHub (paid to get private repos) as Github’s SSH is working for me and files synced ok from the terminal with little effort. I am not happy with Bitbucket’s SSH (never got it working), SourceTree and Atlassian’s products appear to have many  (700+) undocumented features.

Agile Project Management

Read my blog post on developing software and staying on track here.

I highly recommend you follow Dmitri Iarandine at http://joinagile.com/ (Agile Coach, Trainer, Host of Lean and Mean Agile). Podcast. Author of GET HIRED as SCRUM MASTER).

Dmitri can be found here too.

Soundcloud (Lean and Mean Agile Podcast):
https://soundcloud.com/user-364782318

iTunes:
https://itunes.apple.com/au/podcast/lean-and-mean-agile-podcast/id1269551866

YouTube:
https://www.youtube.com/channel/UC00OZqfM9VmznEOTVzrQQxw

Twitter:
http://twitter.com/iarandine

Udemy:
https://www.udemy.com/agile-coaching-101/

Amazon:
https://www.amazon.com/author/iarandine

Tips and Troubleshooting

BitBucket tutorials.

Git tutorials.

You may need to set up a new branch for each repository and assign permissions before you can read the repositories.

Donate and make this blog better




Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

v0.94 added info on agile and staying on track

Filed Under: Atlassian, BitBucket, Git, IoT Tagged With: bitbucket, git, sourcetree

Setting up GitHub on an iMac and creating a project

June 25, 2017 by Simon

Here is my quick guide on setting up a new GitHub repository on an iMac adding files and syncing with a  repository. Read the GitHub 101 if you are a beginner. Read my BitBucket guide here.

Why

Using git allows you to make backups, use code versioning, rollback code, use multiple development machines/have multiple users, auto merging code etc.

Github can be cheaper, more flexible and offer more features than something like Dropbox.

How

Create an account at GitHub and Login ( https://github.com/login ).

Don’t forget to set up Two Factor Authentication for extra security.

Login to GitHub (signup for a free account if need be).

Enter your Two Factor Authentication code every time you login.

Before you can read or write to your Git repository you need to set up a link between your computer (Mac) and GitHub by Setting up a Secure SSH Key with GitHub. About SSH.

If you have read any of my guides on setting up servers (e.g The quickest way to setup a scalable development IDE and web server, How to buy a new domain and SSL cert from NameCheap, a Server from Digital Ocean and configure it or Connecting to an AWS EC2 Ubuntu instance with Cloud 9 IDE as user ubuntu and root ) you will be familiar with SSH keys.

You can check your existing SSH Keys by typing the following.

ls -al ~/.ssh

Follow this GitHub guide on creating a new SSH key to use with GitHub.

I found I had to do the following in the Mac terminal to get this to work.

eval "$(ssh-agent -s)"
mkdir /gitrsatemp
cd /gitrsatemp
sudo ssh-keygen -t rsa -b 4096 -C "[email protected]"
# specify output as /gitrsatemp/githubrsa
# used a passphrase from https://www.grc.com/passwords.htm
mv /gitrsatemp/* ~/.ssh/
cd ~/.ssh/
ssh-add -K ./githubrsa

You can now add your SSH key to GitHub. 

cd ~/.ssh/ 
sudo pbcopy < ./githubrsa.pub

You can then add your public key to https://github.com/settings/keys

Add the SSH Key.

You can then test the SSH connection to GitHub.

At first, I tried this but got an error.

sudo ssh -T [email protected]
The authenticity of host 'github.com (192.30.255.113)' can't be established.
RSA key fingerprint is SHA256:key_redacted.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'github.com,192.30.255.113' (RSA) to the list of known hosts.

This is what I got when I added my SSH Key to my GitHub account. This worked for me (this updated my known_hosts file).

sudo ssh -T [email protected]
Hi SimonFearby! You've successfully authenticated, but GitHub does not provide shell access.

Tip: Don’t forget to save adding your SSH Key to GitHub

If you need help contact GitHub.

GitHub Pricing

GitHub offers free public repository pricing or $7 a month for unlimited personal repositories for personal use. Bitbucket is the Atlassian owned alternative to GitHub, they have free repositories for up to 5 users with 1TB.

Read my Setting up BitBucket on an iMac and creating a project guide.

Read on the differences between GitHub and BitBucket.

Create your first test public Repository. 

Load https://www.github.com and click Start a Project, or go to https://github.com/new

To specify a Readme file and an ignore file if need be (we can do this later). You will need to be a paid Git member to create private repositories.

When your repository is created it will be ready to upload files: https://github.com/SimonFearby/testgitproject001

Creating a local folder

Create a local folder for the repository etc.

# create a folder on your desktop
cd ~/Desktop/
mkdir testgitproject001
cd testgitproject001/

# Check the git status
git status
fatal: Not a git repository (or any of the parent directories): .git

# the folder is now ready files from the repository.

Liking the remote repository to the local folder.

First, we need to initialize git locally by typing the following.

git init
> Initialized empty Git repository in /Users/simon/Desktop/testgitproject001/.git/

Now we can add the remote “origin” repository to the local repo.

git remote add origin [email protected]:SimonFearby/testgitproject001.git

We can now see connected remote repositories by typing the following

git remote -v
origin	[email protected]:SimonFearby/testgitproject001.git (fetch)
origin	[email protected]:SimonFearby/testgitproject001.git (push)

Syncing (Pulling) the Repository

Generally, you want to pull all files from the remote repository after you create it (and the readme file).

git pull origin master

This worked 🙂

# What directory are we in
pwd
/Users/simon/Desktop/testgitproject001

# No files
ls -al
total 0
drwxr-xr-x   3 simon  staff   102 28 Jun 00:19 .
drwx------+ 53 simon  staff  1802 28 Jun 00:00 ..
drwxr-xr-x  10 simon  staff   340 28 Jun 00:21 .git

# Let's get the repo files

git pull origin master
remote: Counting objects: 4, done.
remote: Compressing objects: 100% (3/3), done.
Unpacking objects: 100% (4/4), done.
remote: Total 4 (delta 0), reused 0 (delta 0), pack-reused 0
From github.com:SimonFearby/testgitproject001
 * branch            master     -> FETCH_HEAD
 * [new branch]      master     -> origin/master

# Is the readme is there.
ls -al
total 32
drwxr-xr-x   5 simon  staff    170 28 Jun 00:30 .
drwx------+ 53 simon  staff   1802 28 Jun 00:00 ..
drwxr-xr-x  13 simon  staff    442 28 Jun 00:30 .git
-rw-r--r--   1 simon  staff  11357 28 Jun 00:30 LICENSE
-rw-r--r--   1 simon  staff     49 28 Jun 00:30 README.md

Pulling, Pushing, Branches and Forking.

You can read more about pulling, pushing, branches and forking here.

This course helped me https://www.udemy.com/learn-android/

Adding your first local file(s) to the repository

Adding all files to the new directory.

git add -A

Adding a single file:

git add newfilename.txt

Here is an example of adding a new file.

# Create a new file
touch newfilename.txt

#edit the file.
sudo nano newfilename.txt

# Tell git we want this file to be managed
git add newfilename.txt

# What is the status of this repository
git status
On branch master
Changes to be committed:
  (use "git reset HEAD <file>..." to unstage)

Set your default commit username (help)

git config --global user.name "Mona Lisa"

Set your default commit email address (help).

git config --global user.email "[email protected]"

Double-check config here

git config --global --edit

You will need to use vim to insert then save changes. I like the nano text editor better so I am changing the default editor.

Setting your default as nano (and not vim)

nano (and not vim)

git config --global core.editor nano

Submitting (pushing) changes

# Create a new file locally
touch newfilename.txt

# edit the local file
sudo nanonewfilename.txt

# Tell git we want to include it.
git addnewfilename.txt

# commit the file to the remote (origin) server with a commit message
git commitnewfilename.txt -m "addednewfilename.txt"

# Merge all changes with the remote (origin) server
git push origin master

The changes have been pushed (merged)

Adding another file.

This is how I added another single file locally and pushed to the remote (origin) server

# Create a new file locally
touch anothernewfile.txt

# edit the local file
sudo nano anothernewfile.txt 

# Tell git we want to include it.
git add anothernewfile.txt 

# commit the file to the remote (origin) server with a commit message
git commit anothernewfile.txt -m "added anothernewfile.txt"

# Merge all changes with the remote (origin) server
git push origin master

Now we have two new public files in a repository and locally.

README.md and markdown 

Now we need to make the README.MD file look nice and reflect the changes.

More info in markdown formatting here, here, here and here. Here is a good markdown table generator.

I made some changes (see) and pushed to the repository (origin).

# edit the file
sudo nano README.md 

# Tell git we want to commit the changes
git commit README.md -m "edited README.md"

# Merge local changes with the remote repository (origin)
git push origin master

My local README.md markdown changes

# testgitproject001
Simon's Test Git Project 001

# *Added* **two** test __text__ files (~~they are not important~~)

- [x] newfilename.txt
- [x] anothernewfilename.txt
- [ ] notmergedlocalfile.txt

## This is for my (GitHub guide on my blog](https://www.fearby.com/article/setting-up-github-on-an-imac-and-creating-a-project/)

Inline-style: 
![Simon Fearby Avatar](https://fearby.com/Avatar.jpeg "Simon Fearby Avatar")

This is what is looks like on GitHub after I commit and push

You can use pages on GitHub with markdown to create versioned documentation and help.

Commit and check the git status frequently

It is strongly advisable to frequently commit files (to a staging/not master repository) and check local it status for any issues. Commit as frequently as you remember.

# A forgotten local edit
sudo nano README.md 

# Show a gitstatus report
git status
On branch master
Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git checkout -- <file>..." to discard changes in working directory)

	modified:   README.md

no changes added to commit (use "git add" and/or "git commit -a")

You can push or delete changes if need be.

Adding many subfolders and many files.

Let’s say you have just added three subfolders (iOS Project Code (12 files), Android Projet Code (1255 items) and a Windows Desktop Project Code (.NET) folder (27 items) and you want to add them all to the remote repository (origin).

Now we need to add the 1,294 files to the local repository.

We can simply type the following to tell git we want it to manage all the local files.

# Add all sub folders and files in tbhis folder.
git add .

# Show a local status report.
simon$ git status
On branch master
Changes to be committed:
  (use "git reset HEAD <file>..." to unstage)

	new file:   .DS_Store
	new file:   Android Project Code/.gitignore
	new file:   Android Project Code/.idea/.name
	new file:   Android Project Code/.idea/compiler.xml
	new file:   Android Project Code/.idea/copyright/profiles_settings.xml
.. 1000+ orther files are listed

Now you can merge the files top remote repository (origin).

git push origin master

Don’t forget to updates your README.md file with changes.

fyi: GitHub may take a minute or two to show changes.

# Edt the README.md
sudo nano README.md 

# Commit the changed file
git commit README.md -m "edited README.md again"

# merge chnages.
push origin master

Ignoring local files

You may want to ignore local files or folders.  In your git folder type.  I like to ignore all files with “secret” in the filename.

AWS recommend you ignore secret keys and logs to prevent inadvertent account access via sharing secret keys.

# Edit your repositories ignore file
sudo nano .git/info/exclude

# Add These exclusions
secret*.*
*secret.*
*secert*.*
*.secret*
*.*secret
*.*secret*

You can find other things to ignore here. You can setup global ignore list by reading this.

You can see I have created a few secret files and new thirdnewfile.txt (and added it to git) and committed and pushed and the secret files remain local (they will remain local while they match the ignored list).

ls -al
total 112
drwxr-xr-x  15 simon  staff    510 28 Jun 15:31 .
drwx------+ 53 simon  staff   1802 28 Jun 14:53 ..
[email protected]  1 simon  staff  12292 28 Jun 15:00 .DS_Store
drwxr-xr-x  14 simon  staff    476 28 Jun 15:34 .git
drwxr-xr-x  15 simon  staff    510 28 Jun 14:59 Android Project Code
-rw-r--r--   1 simon  staff  11357 28 Jun 00:30 LICENSE
-rw-r--r--   1 simon  staff    544 28 Jun 15:19 README.md
drwxr-xr-x   6 simon  staff    204 28 Jun 15:00 Windows Desktop Project Code
-rw-r--r--   1 simon  staff     10 28 Jun 14:06 anothernewfile.txt
drwxr-xr-x   5 simon  staff    170 28 Jun 14:49 iOS Project Code
-rw-r--r--   1 simon  staff     17 28 Jun 15:30 my.secret
-rw-r--r--   1 simon  staff     10 28 Jun 01:10 newfilename.txt
-rw-r--r--   1 simon  staff     26 28 Jun 15:23 secertapikey.txt
-rw-r--r--   1 simon  staff     22 28 Jun 15:23 secretfile.txt
-rw-r--r--   1 simon  staff     21 28 Jun 15:31 thirdnewfile.txt

GitHub view.

Local Git View

Note the secret files.

GitHub Desktop Application

I checked out the GitHub Desktop application at https://desktop.github.com/.

The downloaded compressed file.

I extracted and copied the app to the Applications folder.

Now I logged into to the application.

Much respect to GitHub for integrating Two Factor Authentication into the login.

Unfortunately, GitHub Desktop thinks I have zero repositories (I have 9 repositories when I log in via the web using the same email address). I contacted support on Twitter but have not had a response yet?

I was able to clone the repository I made via the command line earlier or add a local repository.

I added a new text file (afileaddedwithgithubdesktop.txt) to the folder and GitHub Desktop noticed this new file straight away. I added this file to the repository.

I pushed all local changes to the origin/remote master repository.

All local changes were merged with the remote origin master (I could never do this with Atlassian’s SourceTree application).

Conclusion

Now I can sync up my projects that to GitHub repositories from the terminal and GitHub Desktop application and benefit from the features of git (backups, versioning, rollbacks, multiple machines/multiple users, auto merging etc).

Next

I will add how to pull a repository to a $5 month Digital Ocean and or AWS (Ubuntu) VM.

Read my Setting up BitBucket on an iMac and creating a project guide.

Git repositories on Raspberry Pi’s.

Related guides

Setting up a development environment on Digital Ocean 14.04

https://www.digitalocean.com/community/tutorials/how-to-install-git-on-ubuntu-14-04

Tips and Troubleshooting

GitHub has a good tips page here.  I had @GitHubHelp pro-actively contact me for support on Twitter. Contact GitHub here.

How to add all local files and commit all local files.

git add -A && git commit

I hope this is helpful to someone.

20 essential git tips. 

P.S Don’t edit live code, use GitHub.

Agile Project Management

Read my blog post on developing software and staying on track here.

I highly recommend you follow Dmitri Iarandine at http://joinagile.com/ (Agile Coach, Trainer, Host of Lean and Mean Agile). Podcast. Author of GET HIRED as SCRUM MASTER).

Dmitri can be found here too.

Soundcloud (Lean and Mean Agile Podcast):
https://soundcloud.com/user-364782318

iTunes:
https://itunes.apple.com/au/podcast/lean-and-mean-agile-podcast/id1269551866

YouTube:
https://www.youtube.com/channel/UC00OZqfM9VmznEOTVzrQQxw

Twitter:
http://twitter.com/iarandine

Udemy:
https://www.udemy.com/agile-coaching-101/

Amazon:
https://www.amazon.com/author/iarandine

Donate and make this blog better




Ask a question or recommend an article
[contact-form-7 id=”30″ title=”Ask a Question”]

v1.7 added info on agile and staying on track,

Filed Under: Git, GitHub Tagged With: add, code, git, merge, pull, push, rfep[ository, rollback, versions

Primary Sidebar

Poll

What would you like to see more posts about?
Results

Support this Blog

Create your own server today (support me by using these links

Create your own server on UpCloud here ($25 free credit).

Create your own server on Vultr here.

Create your own server on Digital Ocean here ($10 free credit).

Remember you can install the Runcloud server management dashboard here if you need DevOps help.

Advertisement:

Tags

2FA (9) Advice (17) Analytics (9) App (9) Apple (10) AWS (9) Backup (21) Business (8) CDN (8) Cloud (49) Cloudflare (8) Code (8) Development (26) Digital Ocean (13) DNS (11) Domain (27) Firewall (12) Git (7) Hosting (18) IoT (9) LetsEncrypt (7) Linux (21) Marketing (11) MySQL (24) NGINX (11) NodeJS (11) OS (10) Performance (6) PHP (13) Scalability (12) Scalable (14) Security (45) SEO (7) Server (26) Software (7) SSH (7) ssl (17) Tech Advice (9) Ubuntu (39) Uncategorized (23) UpCloud (12) VM (45) Vultr (24) Website (14) Wordpress (25)

Disclaimer

Terms And Conditions Of Use All content provided on this "www.fearby.com" blog is for informational purposes only. Views are his own and not his employers. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. Never make changes to a live site without backing it up first.

Advertisement:

Footer

Popular

  • Backing up your computer automatically with BackBlaze software (no data limit)
  • How to back up an iPhone (including photos and videos) multiple ways
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Setup two factor authenticator protection at login on Ubuntu or Debian
  • Using the Yubico YubiKey NEO hardware-based two-factor authentication device to improve authentication and logins to OSX and software
  • I moved my domain to UpCloud (on the other side of the world) from Vultr (Sydney) and could not be happier with the performance.
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
  • Add Google AdWords to your WordPress blog

Security

  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Setup two factor authenticator protection at login on Ubuntu or Debian
  • Using the Yubico YubiKey NEO hardware-based two-factor authentication device to improve authentication and logins to OSX and software
  • Setting up DNSSEC on a Namecheap domain hosted on UpCloud using CloudFlare
  • Set up Feature-Policy, Referrer-Policy and Content Security Policy headers in Nginx
  • Securing Google G Suite email by setting up SPF, DKIM and DMARC with Cloudflare
  • Enabling TLS 1.3 SSL on a NGINX Website (Ubuntu 16.04 server) that is using Cloudflare
  • Using the Qualys FreeScan Scanner to test your website for online vulnerabilities
  • Beyond SSL with Content Security Policy, Public Key Pinning etc
  • Upgraded to Wordfence Premium to get real-time login defence, malware scanner and two-factor authentication for WordPress logins
  • Run an Ubuntu VM system audit with Lynis
  • Securing Ubuntu in the cloud
  • No matter what server-provider you are using I strongly recommend you have a hot spare ready on a different provider

Code

  • How to code PHP on your localhost and deploy to the cloud via SFTP with PHPStorm by Jet Brains
  • Useful Java FX Code I use in a project using IntelliJ IDEA and jdk1.8.0_161.jdk
  • No matter what server-provider you are using I strongly recommend you have a hot spare ready on a different provider
  • How to setup PHP FPM on demand child workers in PHP 7.x to increase website traffic
  • Installing Android Studio 3 and creating your first Kotlin Android App
  • PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database
  • How to use Sublime Text editor locally to edit code files on a remote server via SSH
  • Creating your first Java FX app and using the Gluon Scene Builder in the IntelliJ IDEA IDE
  • Deploying nodejs apps in the background and monitoring them with PM2 from keymetrics.io

Tech

  • Backing up your computer automatically with BackBlaze software (no data limit)
  • How to back up an iPhone (including photos and videos) multiple ways
  • US v Huawei: The battle for 5G
  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Is OSX Mojave on a 2014 MacBook Pro slower or faster than High Sierra
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..
  • The case of the overheating Mac Book Pro and Occam’s Razor
  • Useful Linux Terminal Commands
  • Useful OSX Terminal Commands
  • Useful Linux Terminal Commands
  • What is the difference between 2D, 3D, 360 Video, AR, AR2D, AR3D, MR, VR and HR?
  • Application scalability on a budget (my journey)
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Why I will never buy a new Apple Laptop until they fix the hardware cooling issues.

Wordpress

  • Replacing Google Analytics with Piwik/Matomo for a locally hosted privacy focused open source analytics solution
  • Setting web push notifications in WordPress with OneSignal
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..
  • Check the compatibility of your WordPress theme and plugin code with PHP Compatibility Checker
  • Add two factor auth login protection to WordPress with YubiCo hardware YubiKeys and or 2FA Authenticator App
  • Monitor server performance with NixStats and receive alerts by SMS, Push, Email, Telegram etc
  • Upgraded to Wordfence Premium to get real-time login defence, malware scanner and two-factor authentication for WordPress logins
  • Wordfence Security Plugin for WordPress
  • Speeding up WordPress with the ewww.io ExactDN CDN and Image Compression Plugin
  • Installing and managing WordPress with WP-CLI from the command line on Ubuntu
  • Moving WordPress to a new self managed server away from CPanel
  • Moving WordPress to a new self managed server away from CPanel

General

  • Backing up your computer automatically with BackBlaze software (no data limit)
  • How to back up an iPhone (including photos and videos) multiple ways
  • US v Huawei: The battle for 5G
  • Using the WinSCP Client on Windows to transfer files to and from a Linux server over SFTP
  • Connecting to a server via SSH with Putty
  • Setting web push notifications in WordPress with OneSignal
  • Infographic: So you have an idea for an app
  • Restoring lost files on a Windows FAT, FAT32, NTFS or Linux EXT, Linux XFS volume with iRecover from diydatarecovery.nl
  • Building faster web apps with google tools and exceed user expectations
  • Why I will never buy a new Apple Laptop until they fix the hardware cooling issues.
  • Telstra promised Fibre to the house (FTTP) when I had FTTN and this is what happened..

Copyright © 2023 · News Pro on Genesis Framework · WordPress · Log in

Some ads on this site use cookies. You can opt-out if of local analytics tracking by scrolling to the bottom of the front page or any article and clicking "You are not opted out. Click here to opt out.". Accept Reject Read More
GDPR, Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT