data

Moving an Ubuntu 16.04 VM on Vultr from one data centre to another via snapshots

April 17, 2018 by Simon 1 Comment

This guide will show how you can move an Ubuntu VM server domain between Vultr data centres via snapshots.

I have a number of guides on moving away from CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Sometimes you need to move a sever between locations and/or upgrade the server (to have more memory t install WordPress).

Moving an existing Vultr server

If you don’t have an Ubuntu server click here (follow this guide).

Login to Vultr and specify a source server, click Snapshots and click Take Snapshot.

Wait for the snapshot to finish (It may take 1 hour).

Great, the snapshot is done.

Now I can create a new server (in a different data centre).

Deploy New Instance

Choose a location (Australia is at capacity, so I’ll deploy to Silicon Valley then move again in a few weeks), choose the snapshot to restore, choose a plan, I enabled IPV6/Auto Backups and Private Networking.

TIP: The password for the server will be the same as the source server so write it down.

Click Deploy Now

After a few minutes, you can see the new servers IP address, you can log in to your domain name provider (in my case Namecheap) and update the target IPV4 and IPV6 address.

You can find IPV4 and IPV6 addresses by opening your server, clicking settings then IPxV4 or IPV6.

You will need to update Vultr DNS settings (login to Vultr, Click Servers, Click DNS then edit your existing Domain DNS entry). Add you’re new serves IP addresses.

Update: I added an IPV6/AAAA record too.

Wait for DNS Replication

Goto https://www.whatsmydns.net/ and check the global DNS propagation for your new domain’s server.

If you are happy that the server has been migrated (snapshot restored) and that the domain DNS is pointing to your new server you can delete the old server in the Vultr server list.

Post-Migrate Actions

Setup Daily backups.
Review firewall settings (guide here).
Optional: Install MySQL
Optional: Install PHP
Optional: Install PHP Pooled Connections
Optional: Install WordPress
Optional: Install WordPress CDN
Optional: Configure Cloudflare
etc

I hope this guide helps someone.

Ask a question or recommend an article

Revision History

v1.1 Vultr Link

v1.0 Initial post

Add email alias to an existing GSuite email account

January 14, 2018 by Simon 1 Comment

This short post will show you how (and why) you should add email aliases to email accounts for previously added domains.

Here are my two posts related to setting up a new suite account and adding a second domain to an existing GSuite account. I used to have my own C Panel domain but moved all servers to self-managed servers first on Digital Ocean then AWS then Vultr. Vultr is now my preferred hosts as they are affordable and have server locations in Australia.

Click Users

I tried to add an email alias to existing 2x domains in Google Suite (the help did not align with the screens I was seeing in my admin consoles), there was no email alias section)??

Official Google Help: https://support.google.com/domains/answer/6304345?hl=en-AU

Snip:

Every user in a G Suite account has a <em>primary address</em> for signing in to their account and receiving mail. If a user wants another email address, you can create an <strong>email alias</strong> for them.

<strong>Why use an alias? </strong> If ann@solarmora.com wants a sales address to post to the company website, you can create the alias <strong>sales@solarmora.com</strong>. Mail sent to either address then appears in Ann's Gmail inbox.

You can add up to 30 email aliases for each user. Users continue to sign in to their G Suite account with their primary address, not an email alias.

Every user in a G Suite account has a primary address for signing in to their account and receiving mail. If a user wants another email address, you can create an email alias for them.

Why use an alias? If ann@solarmora.com wants a sales address to post to the company website, you can create the alias sales@solarmora.com. Mail sent to either address then appears in Ann's Gmail inbox.

You can add up to 30 email aliases for each user. Users continue to sign in to their G Suite account with their primary address, not an email alias.

I fired up the G Suite support

I wanted to add the following email aliases of “[email protected]”, “[email protected]” and “[email protected]” to an existing email on 2 domains to support security disclosures (post soon (nope Troy Hunt beat me, read his post on security disclosure here)).

While I was waiting for the support chat I figured out the email alias thing, it turned out I needed to click the “Account” header on the user screen (I did not realise “account word was clickable).

Solution: How to add Aliases

You need to click the account heading (It’s a link apparently).

When the Ajax content loads you can scroll down to alias section.

Tip: There is no “Apply” or “OK” button when adding aliases so just press enter.

Now if you want to be able to send as the new alias you need to add the aliases in Gmail.

Now you can send via this email alias in GMail or via CLI via the primary account 🙂

sendemail -f root@yourdomain.com -t to@email.com -u "Test email via alias" -s smtp.gmail.com:587 -o tls=yes -xu simon@yourdomain.com -xp YourPa$$w0rdH3r3 -m "Test email via alias"

1	sendemail -f root@yourdomain.com -t to@email.com -u "Test email via alias" -s smtp.gmail.com:587 -o tls=yes -xu simon@yourdomain.com -xp YourPa$$w0rdH3r3 -m "Test email via alias"

Read my blog post on sending email from the command line via G Suite.

Donate and make this blog better

Ask a question or recommend an article

Revision History
v1.1 Added Troy Hunt “Data Breach Disclosures” link

v1.0 Working Copy.

Hope this helps someone.

PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database

November 1, 2017 by Simon 1 Comment

Sanitising user input is a golden rule with web developing (see https://www.owasp.org/index.php/Input_Validation_Cheat_Sheet ), here is my code snippet to sanitise and parameterise MySQL queries in PHP 7.0.

First, watch and follow @jawache (Asim Hussein) demo how common hacks happen and why you should update and patch software often, sanitise user data and set up a firewall.

I have blogged before on how to set up a Vultr server and configure it, How to secure Ubuntu in the Cloud, How to run an Ubuntu System Audit and Beyond SSL with Content Security Policy, Public Key Pinning etc but a 100% secure server is impossible as zero-day exploits and flaws (e.g WPA WiFi) reminds us how limited technology lifespans can be. Yes, you can setup firewalls on Ubuntu and WordPress but you are only one exploit away from being hacked.Below is my code snippet (in PHP) to sanitise incoming data, query a MySQL database with object-oriented calls in PHP 7.0 and return data in variables. I have set up a firewall to block access to MySQL and non-essential ports (use https://www.shodan.io/ to test your server’s ports). I was using older deprecated PHP 5 era database calls and I researched newer calls available in PHP 7.0.

When you log in to an Ubuntu server and it says the following you should update

89 packages can be updated.
35 updates are security updates.

1 2	89 packages can be updated. 35 updates are security updates.

Also update software, node, npm etc

This code outputs too much information but will help you setup and get data on your servers (as long as you replace your database, table and field names).

<?php
echo "Last modified: " . date ("F d Y H:i:s.", getlastmod()) . "<br /><br />";
date_default_timezone_set('Australia/Sydney');

$dbhost = '127.0.0.1';
$dbusername = 'themysqlaccount';
$dbpassword = 'themysqlpassword';
$dbname = 'thedatabasename';
$con = mysqli_connect($dbhost, $dbusername, $dbpassword, $dbname);

//Debug stuff
//echo var_dump($con);
//printf(" - Error: %s.\n", $stmt->error);

if($con->connect_errno > 0){
    printf(" - Error: %s.\n", $stmt->error);
    die("Error: Unable to connect to MySQL (E001)");
} else {
 echo "Charset set to utf8<br />";
 mysqli_set_charset($con,"utf8");
}

if (!$con) {
    echo "Error: Unable to connect to MySQL (E002)" . PHP_EOL;
    echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;
    echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;
    exit;
} else {
    echo "Database Connection OK<br />";

    echo "&nbsp; Success: A proper connection to MySQL was made! The my_db database is great." . PHP_EOL . "<br />";
    echo "&nbsp; &nbsp;- Host information: " . mysqli_get_host_info($con) . PHP_EOL . "<br />";
    echo "&nbsp; &nbsp;- Server Info: '" . mysqli_get_server_info($con) . "'<br />";
    echo "&nbsp; &nbsp;- Server Protocol Info : ". mysqli_get_proto_info($con) . "<br />";
    echo "&nbsp; &nbsp;- Server Version: " . mysqli_get_server_version($con) . "<br />";
    //echo " - Server Connection Stats: " . print_r(mysqli_get_connection_stats($con)) . "<br />";
    echo "&nbsp; &nbsp;- Client Version: " . mysqli_get_client_version($con) . "<br />";
    echo "&nbsp; &nbsp;- Client Info: '" . mysqli_get_client_info() . "'<br />";

echo "Ready to Query the database '$dbname'.<br />";

// Input Var's that are parameterized/bound into the query statement
// I pre fill three vaiables with known fields in my users table
// Goot article in manual sanitization of strings in PHP http://php.net/manual/en/filter.filters.sanitize.php
    $in_username = mysqli_real_escape_string($con, 'FearTec');
    $in_f_guid = mysqli_real_escape_string($con, '5161a571-4a51-468d-9e96-6a5db5d35b1c');
    $in_mobile = mysqli_real_escape_string($con,'0456629533');

// Output Var's that the query fills after querying the database
// These variables will be filled with data from the current returned row
    $out_id = "";
    $out_f_guid = "";
    $out_username = "";
    $out_mobile = "";

echo "1. About to query the database: '$dbname'<br />";
$stmt = mysqli_stmt_init($con);
if (mysqli_stmt_prepare($stmt,"SELECT id, username, guid, user_mobile FROM thedatabasename WHERE username = ? AND guid = ? AND user_mobile = ?")) {

        echo "2. Query Returned<br />";

        /*
            Type specification chars
            Character   Description
            i   corresponding variable has type integer
            d   corresponding variable has type double
            s   corresponding variable has type string
            b   corresponding variable is a blob and will be sent in packets
        */
        mysqli_stmt_bind_param($stmt, 'sss', $in_username, $in_guid, $in_mobile);

        mysqli_stmt_execute($stmt);

        mysqli_stmt_bind_result($stmt, $out_id, $out_username, $out_guid, $out_mobile);

        mysqli_stmt_fetch($stmt);

        // Do something with the 1st returned row        
        echo " - Row: ID: $out_id, GUID: $out_guid, USR: $out_username, MOB: $out_mobile";//
        // Do we have more rows to process
        while($stmt->fetch()) { 
                // Deal with other rows
                echo " - Row: ID: $out_id, GUID: $out_f_guid, USR: $out_username, MOB: $out_mobile<br />";
        }
        mysqli_stmt_close($stmt);
        
        echo "c<br />";
    }
     else {
        echo "3. Error Querying<br/>";
        printf(" - Error: %s.\n", $stmt->error);
    }

}    

?>

<?php

echo "Last modified: " . date ("F d Y H:i:s.", getlastmod()) . " ";

date_default_timezone_set('Australia/Sydney');

$dbhost = '127.0.0.1';

$dbusername = 'themysqlaccount';

$dbpassword = 'themysqlpassword';

$dbname = 'thedatabasename';

$con = mysqli_connect($dbhost, $dbusername, $dbpassword, $dbname);

//Debug stuff

//echo var_dump($con);

//printf(" - Error: %s.\n", $stmt->error);

if($con->connect_errno > 0){

printf(" - Error: %s.\n", $stmt->error);

die("Error: Unable to connect to MySQL (E001)");

} else {

echo "Charset set to utf8 ";

mysqli_set_charset($con,"utf8");

}

if (!$con) {

echo "Error: Unable to connect to MySQL (E002)" . PHP_EOL;

echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;

echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;

exit;

} else {

echo "Database Connection OK ";

echo "  Success: A proper connection to MySQL was made! The my_db database is great." . PHP_EOL . " ";

echo "   - Host information: " . mysqli_get_host_info($con) . PHP_EOL . " ";

echo "   - Server Info: '" . mysqli_get_server_info($con) . "' ";

echo "   - Server Protocol Info : ". mysqli_get_proto_info($con) . " ";

echo "   - Server Version: " . mysqli_get_server_version($con) . " ";

//echo " - Server Connection Stats: " . print_r(mysqli_get_connection_stats($con)) . " ";

echo "   - Client Version: " . mysqli_get_client_version($con) . " ";

echo "   - Client Info: '" . mysqli_get_client_info() . "' ";

echo "Ready to Query the database '$dbname'. ";

// Input Var's that are parameterized/bound into the query statement

// I pre fill three vaiables with known fields in my users table

// Goot article in manual sanitization of strings in PHP http://php.net/manual/en/filter.filters.sanitize.php

$in_username = mysqli_real_escape_string($con, 'FearTec');

$in_f_guid = mysqli_real_escape_string($con, '5161a571-4a51-468d-9e96-6a5db5d35b1c');

$in_mobile = mysqli_real_escape_string($con,'0456629533');

// Output Var's that the query fills after querying the database

// These variables will be filled with data from the current returned row

$out_id = "";

$out_f_guid = "";

$out_username = "";

$out_mobile = "";

echo "1. About to query the database: '$dbname' ";

$stmt = mysqli_stmt_init($con);

if (mysqli_stmt_prepare($stmt,"SELECT id, username, guid, user_mobile FROM thedatabasename WHERE username = ? AND guid = ? AND user_mobile = ?")) {

echo "2. Query Returned ";

Type specification chars

Character Description

i corresponding variable has type integer

d corresponding variable has type double

s corresponding variable has type string

b corresponding variable is a blob and will be sent in packets

mysqli_stmt_bind_param($stmt, 'sss', $in_username, $in_guid, $in_mobile);

mysqli_stmt_execute($stmt);

mysqli_stmt_bind_result($stmt, $out_id, $out_username, $out_guid, $out_mobile);

mysqli_stmt_fetch($stmt);

// Do something with the 1st returned row

echo " - Row: ID: $out_id, GUID: $out_guid, USR: $out_username, MOB: $out_mobile";//

// Do we have more rows to process

while($stmt->fetch()) {

// Deal with other rows

echo " - Row: ID: $out_id, GUID: $out_f_guid, USR: $out_username, MOB: $out_mobile ";

}

mysqli_stmt_close($stmt);

echo "c ";

}

else {

echo "3. Error Querying ";

printf(" - Error: %s.\n", $stmt->error);

}

Returned Data

Last modified: November 01 2017 16:43:01.
Charset set to utf8
Database Connection OK
  Success: A proper connection to MySQL was made! The my_db database is great. 
   - Host information: 127.0.0.1 via TCP/IP 
   - Server Info: '5.7.19-0ubuntu0.16.04.1'
   - Server Protocol Info : 10
   - Server Version: 50719
   - Client Version: 50012
   - Client Info: 'mysqlnd 5.0.12-dev - 20150407 - $Id: b5######################## $'
Ready to Query the database 'thedatabasename'.
1. About to query the database: 'thedatabasename'
2. Query Returned
- Row: ID: 1, GUID: 0000000-0000-0000-0000-000000000001, USR: Bob, MOB: 1234567890
- Row: ID: 2, GUID: 0000000-0000-0000-0000-000000000002, USR: Joe, MOB: 1234567891
- Row: ID: 3, GUID: 0000000-0000-0000-0000-000000000003, USR: Jane, MOB: 1234567892

Last modified: November 01 2017 16:43:01.

Charset set to utf8

Database Connection OK

Success: A proper connection to MySQL was made! The my_db database is great.

- Host information: 127.0.0.1 via TCP/IP

- Server Info: '5.7.19-0ubuntu0.16.04.1'

- Server Protocol Info : 10

- Server Version: 50719

- Client Version: 50012

- Client Info: 'mysqlnd 5.0.12-dev - 20150407 - $Id: b5######################## $'

Ready to Query the database 'thedatabasename'.

1. About to query the database: 'thedatabasename'

2. Query Returned

- Row: ID: 1, GUID: 0000000-0000-0000-0000-000000000001, USR: Bob, MOB: 1234567890

- Row: ID: 2, GUID: 0000000-0000-0000-0000-000000000002, USR: Joe, MOB: 1234567891

- Row: ID: 3, GUID: 0000000-0000-0000-0000-000000000003, USR: Jane, MOB: 1234567892

Variable Bind Parameter Types

When you bind an incoming variable you can inform MySQL what the data type is expected to be.

mysqli_stmt_bind_param: Type specification chars
Character   Description
i   corresponding variable has type integer
d   corresponding variable has type double
s   corresponding variable has type string
b   corresponding variable is a blob and will be sent in packets

mysqli_stmt_bind_param: Type specification chars

Character Description

i corresponding variable has type integer

d corresponding variable has type double

s corresponding variable has type string

b corresponding variable is a blob and will be sent in packets

Debug Options

Errors Enabled: Turn on PHP Debug Errors On

Turning on errors on production servers is bad but on on development.

First, find php.ini files

locate php.ini
/php.ini.bak
/.c9/metadata/workspace/etc/php/7.0/fpm/php.ini
/etc/php/7.0/apache2/php.ini
/etc/php/7.0/cli/php.ini
/etc/php/7.0/fpm/php.ini
/etc/php/7.0/phpdbg/php.ini
/usr/lib/php/7.0/php.ini-development
/usr/lib/php/7.0/php.ini-production
/usr/lib/php/7.0/php.ini-production.cli

locate php.ini

/php.ini.bak

/.c9/metadata/workspace/etc/php/7.0/fpm/php.ini

/etc/php/7.0/apache2/php.ini

/etc/php/7.0/cli/php.ini

/etc/php/7.0/fpm/php.ini

/etc/php/7.0/phpdbg/php.ini

/usr/lib/php/7.0/php.ini-development

/usr/lib/php/7.0/php.ini-production

/usr/lib/php/7.0/php.ini-production.cli

Edit your appropriate PHP file

sudo nano /etc/php/7.0/fpm/php.ini

1	sudo nano /etc/php/7.0/fpm/php.ini

And turn on Error reporting.

Restart PHP and NGINX

sudo /etc/init.d/php7.0-fpm restart
sudo /etc/init.d/nginx restart

1 2	sudo /etc/init.d/php7.0-fpm restart sudo /etc/init.d/nginx restart

If you need to view your active php.ini file or see php configuration settings, add this to a .php file on your web server and view it’s contents.

<?php
phpinfo()
?>

<?php

phpinfo()

It is amazing how clear errors can be

Dump Connection Vars: PHP mysqli_connect: var_dump($con)

echo var_dump($con);

1	echo var_dump($con);

Output:

  public 'affected_rows' => int 0
  public 'client_info' => string 'mysqlnd 5.0.12-dev - 20150407 - $Id: b5###############################3 $' (length=79)
  public 'client_version' => int 50012
  public 'connect_errno' => int 0
  public 'connect_error' => null
  public 'errno' => int 0
  public 'error' => string '' (length=0)
  public 'error_list' => 
    array (size=0)
      empty
  public 'field_count' => int 0
  public 'host_info' => string '127.0.0.1 via TCP/IP' (length=20)
  public 'info' => null
  public 'insert_id' => int 0
  public 'server_info' => string '5.7.19-0ubuntu0.16.04.1' (length=23)
  public 'server_version' => int 50719
  public 'stat' => string 'Uptime: 1828089  Threads: 1  Questions: 15702  Slow queries: 0  Opens: 1529  Flush tables: 1  Open tables: 1461  Queries per second avg: 0.008' (length=142)
  public 'sqlstate' => string '00000' (length=5)
  public 'protocol_version' => int 10
  public 'thread_id' => int 7367
  public 'warning_count' => int 0

public 'affected_rows' => int 0

public 'client_info' => string 'mysqlnd 5.0.12-dev - 20150407 - $Id: b5###############################3 $' (length=79)

public 'client_version' => int 50012

public 'connect_errno' => int 0

public 'connect_error' => null

public 'errno' => int 0

public 'error' => string '' (length=0)

public 'error_list' =>

array (size=0)

empty

public 'field_count' => int 0

public 'host_info' => string '127.0.0.1 via TCP/IP' (length=20)

public 'info' => null

public 'insert_id' => int 0

public 'server_info' => string '5.7.19-0ubuntu0.16.04.1' (length=23)

public 'server_version' => int 50719

public 'stat' => string 'Uptime: 1828089 Threads: 1 Questions: 15702 Slow queries: 0 Opens: 1529 Flush tables: 1 Open tables: 1461 Queries per second avg: 0.008' (length=142)

public 'sqlstate' => string '00000' (length=5)

public 'protocol_version' => int 10

public 'thread_id' => int 7367

public 'warning_count' => int 0

Show Environment Vars: mysqli_get_host_info, mysqli_get_proto_info, mysqli_get_server_version, mysqli_get_client_version and mysqli_get_client_info.

echo "&nbsp; Success: Database connection OK." . PHP_EOL . "<br />";
echo "&nbsp; &nbsp;- Host information: " . mysqli_get_host_info($con) . PHP_EOL . "<br />";
echo "&nbsp; &nbsp;- Server Info: '" . mysqli_get_server_info($con) . "'<br />";
echo "&nbsp; &nbsp;- Server Protocol Info : ". mysqli_get_proto_info($con) . "<br />";
echo "&nbsp; &nbsp;- Server Version: " . mysqli_get_server_version($con) . "<br />";
//echo " - Server Connection Stats: " . print_r(mysqli_get_connection_stats($con)) . "<br />";
echo "&nbsp; &nbsp;- Client Version: " . mysqli_get_client_version($con) . "<br />";
echo "&nbsp; &nbsp;- Client Info: '" . mysqli_get_client_info() . "'<br />";

echo "  Success: Database connection OK." . PHP_EOL . " ";

echo "   - Host information: " . mysqli_get_host_info($con) . PHP_EOL . " ";

echo "   - Server Info: '" . mysqli_get_server_info($con) . "' ";

echo "   - Server Protocol Info : ". mysqli_get_proto_info($con) . " ";

echo "   - Server Version: " . mysqli_get_server_version($con) . " ";

//echo " - Server Connection Stats: " . print_r(mysqli_get_connection_stats($con)) . " ";

echo "   - Client Version: " . mysqli_get_client_version($con) . " ";

echo "   - Client Info: '" . mysqli_get_client_info() . "' ";

Output:

  Success: Database connection OK. 
   - Host information: 127.0.0.1 via TCP/IP 
   - Server Info: '5.7.19-0ubuntu0.16.04.1'
   - Server Protocol Info : 10
   - Server Version: 50719
   - Client Version: 50012
   - Client Info: 'mysqlnd 5.0.12-dev - 20150407 - $Id: b5######################################## $'

Success: Database connection OK.

- Host information: 127.0.0.1 via TCP/IP

- Server Info: '5.7.19-0ubuntu0.16.04.1'

- Server Protocol Info : 10

- Server Version: 50719

- Client Version: 50012

- Client Info: 'mysqlnd 5.0.12-dev - 20150407 - $Id: b5######################################## $'

Show errors in failed if statements: mysqli_stmt_prepare else

printf(" - Error: %s.\n", $stmt->error);

1	printf(" - Error: %s.\n", $stmt->error);

Output:

Error: Table 'thedatabasename.invalidtablename' doesn't exist.

1	Error: Table 'thedatabasename.invalidtablename' doesn't exist.

Debugging is your friend.

More to come..

Donate and make this blog better

Ask a question or recommend an article

V 1.0 initial post

Short (Article):

Development Blog

Coding for fun since 1996, Learn by doing and sharing.

data

Moving an Ubuntu 16.04 VM on Vultr from one data centre to another via snapshots

Add email alias to an existing GSuite email account

PHP 7 code to send object oriented sanitised input data via bound parameters to a MYSQL database

Popular

Security

Code

Tech

Wordpress

General

Main navigation

data

Footer

Popular

Security

Code

Tech

Wordpress

General