Code, InfoSec and Server Stuff
Views are personal and not my employers.
This is quick guide explaining how I created my first JavaFX application using the Gluon Scene Builder in the IntelliJ IDEA IDE.
Read the full article here: https://fearby.com/article/creating-your-first-java-fx-app-and-using-scene-builder-in-the-intellij-idea-ide
This is quick guide explaining how I created my first JavaFX application using the Gluon Scene Builder in the IntelliJ IDEA IDE.
Advertisement:
I have a number of guides on moving away from CPanel, Setting up VM’s on UpCloud, AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. I created this blog post on creating a Java GUI app with the older Swing technology (Java FX replaces Swing). I now want to create a JavaFX app to control my UpCloud VM’s.
If you have not read my previous posts I have now moved my blog etc to the awesome UpCloud host. Sign up using this link to get $25 free credit.
Do read: Preparing for JavaFX Application Development: https://wiki.openjdk.java.net/display/OpenJFX/Building+OpenJFX#BuildingOpenJFX-Mac
Downloading Java
Download and install Java SE 8 or higher from http://www.oracle.com/technetwork/java/javase/downloads/index.html
Download Intelli J IDEA IDE
Goto https://www.jetbrains.com/idea/
Click Download
Download the community edition
Install Intelli J IDEA IDE
Install Scenebuilder
I downloaded the Java Scene Builder (1.1 or 2.0) from here.
Install the Scene Builder (open the installer and drag it to your applications folder).
Configure the Scene Builder in IntelliJ IDEA IDE
You can now create a JavaFX project an have a workign scene builder GUI.
After you create a JavaFX project open your JavaFX fxml file in Scene Builder (right click on the .fxml file and select Open in Scene Builder)
Extended Scene Builder from Gluon
I read that there is a better Scene builder GUI available from https://gluonhq.com/products/scene-builder/
Read some of the Java Scene Builder v Gluon Scene Builder history here at Reddit for the latest on why.
I am going to download the Gluon Scene Builder from http://gluonhq.com/products/scene-builder/
Download and install the Gluon Scene builder (at the time of writing requires Java 9 or higher).
Now open IntelliJ IDEA IDE and open the preferences and change the scene builder path from “/Applications/JavaFX Scene Builder 2.0.app/” to “/Applications/SceneBuilder.app/“.
Save the IntelliJ IDEA preferences and Right click on your projects “fxml” file again and click “Open In Scene Builder” , do verify it is indeed the Gluon Scene builder by opening the about menu.
Designing your first JavaFX app
Now you can design and code a JavaFX application with Gluon Scene Builder.
I am not an expert at java apps so i’d highly recommend you follow this guide to learn how to build a well-structured JavaFX panel layout (just ignore that it is using the standard Scene Builder, it works with the gluon one).
You should now have a working Java FX App
The scene builder will save changes to your fxml file
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 | <?xml version="1.0" encoding="UTF-8"?> <?import javafx.geometry.Insets?> <?import javafx.scene.control.Button?> <?import javafx.scene.control.Label?> <?import javafx.scene.control.Menu?> <?import javafx.scene.control.MenuBar?> <?import javafx.scene.control.MenuItem?> <?import javafx.scene.control.TextArea?> <?import javafx.scene.control.TextField?> <?import javafx.scene.control.TreeView?> <?import javafx.scene.layout.BorderPane?> <?import javafx.scene.layout.HBox?> <?import javafx.scene.layout.Region?> <?import javafx.scene.layout.VBox?> <BorderPane maxHeight="-Infinity" maxWidth="-Infinity" minHeight="-Infinity" minWidth="-Infinity" prefHeight="400.0" prefWidth="600.0" xmlns="http://javafx.com/javafx/9.0.4" xmlns:fx="http://javafx.com/fxml/1" fx:controller="sample.Controller"> <top> <VBox BorderPane.alignment="CENTER"> <children> <MenuBar> <menus> <Menu mnemonicParsing="false" text="File"> <items> <MenuItem mnemonicParsing="false" text="Close" /> </items> </Menu> <Menu mnemonicParsing="false" text="Edit"> <items> <MenuItem mnemonicParsing="false" text="Delete" /> </items> </Menu> <Menu mnemonicParsing="false" text="Help"> <items> <MenuItem mnemonicParsing="false" text="About" /> </items> </Menu> </menus> </MenuBar> <HBox spacing="8.0"> <children> <TextField promptText="ip" /> <TextField promptText="Username" /> <TextField promptText="Password" /> <Button mnemonicParsing="false" onMouseClicked="#loginButtonClicked" prefHeight="27.0" prefWidth="68.0" text="Login" /> <Region HBox.hgrow="ALWAYS" /> <Button mnemonicParsing="false" onMouseClicked="#settingsButtonClicked" text="Settings" /> </children> <padding> <Insets bottom="8.0" left="8.0" right="8.0" top="8.0" /> </padding> </HBox> </children> </VBox> </top> <left> <TreeView prefHeight="200.0" prefWidth="200.0" BorderPane.alignment="CENTER" /> </left> <center> <TextArea prefHeight="200.0" prefWidth="200.0" BorderPane.alignment="CENTER" /> </center> <bottom> <HBox BorderPane.alignment="CENTER"> <children> <Label text="Label" /> </children> <padding> <Insets bottom="2.0" left="2.0" right="2.0" top="2.0" /> </padding> </HBox> </bottom> </BorderPane> |
Advertisement:
You can add functions into your controller class
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | package sample; public class Controller { public void loginButtonClicked(){ System.out.println("Login"); } public void settingsButtonClicked(){ System.out.println("Settings"); } } |
Instaling Gluon JavaFX Templates
Close your test project and create a new project, but before you do click Configure then Plugins
Now lets open In the following screen click Browse Repositories.
Search the repository for and install the “Gluon” plugin
Restart IntelliJ IDEA IDE then you can use templates when creating a project.
Get your own VM
If you have not read my previous posts I have now moved my blog etc to the awesome UpCloud host. Sign up using this link to get $25 free credit.
Packaging a Java app for distribution on OSX
I will show how you can package your app to run on a Mac by using this.
Coming Soon
I will add more guides soon on using a custom JavaFx app to allow you to manage your own UpCloud server and perform Deploy/Init/Setup/Configure/Operate actions. Running CLI commands to deploy and manage a server is fun but is very tedious.
I blogged recently about using the UpCloud API and setting up a subdomain recently (I will use this server to test and prove the Javmanagementnt app).
Advertisement:
Links
I hope this guide helps someone.
Ask a question or recommend an article
Revision History
V1.6 Jenkov Tutorials
V1.5 Reddit java help
V1.4 added java widgets link
V1.3 added javafx examples link.
V1.2 added Java learning paths
V1.1 added offical Javafx examples
v1.0 Initial post
How to use the UpCloud API to manage your UpCloud servers.
Read the full article here: https://fearby.com/article/how-to-use-the-upcloud-api-to-manage-your-upcloud-servers/
How to use the UpCloud API to manage your UpCloud servers.
Advertisement:
If you have not read my previous posts I have now moved my blog etc to the awesome UpCloud host. Sign up using this link to get $25 free credit.
I recently compared Digital Ocean, Vultr and UpCloud Disk IO here and UpCloud came out on top by a long way (read the blog post here).
Here is my blog post on moving from Vultr to UpCloud.
Spoiler: UpCloud performance is great.
I have never had an UpCloud page load take longer than 2 seconds since moving.
UpCloud API
UpCloud has an API that we can opt into to using where we can manage servers. Read the official UpCloud API documentation here.
The API allows you to control:
Create a sub-account to query the API
You should create a new user account (in the UpCloud dasbboard) just for API access. I created two accounts for use on my server and on my home laptop and my server (and set a limiting IP(s) that can access it).
Create a Sub Account for API Access
Login to your UpCloud account (create an account here and get $25 free credit),
TIP: Lock down the account to have the minimum permissions required.
e.g
Save the account.
Now let’s make our first API call
I use OSX and I use the awesome Paw API testing tool from https://paw.cloud (This is not a plug, they are awesome). Postman is a popular API testing tool too. Any good programing language or CLI will allow you to send API requests.
First, let’s prepare the authorization string (this is a Base64 encoded combination of your username and password) read more here.
A Base64 string will be outputted 🙂
e.g > eW91cmFwaXVzZXJuYW1lOnlvdXJzdXBlcnNlY3VyZXBhc3N3b3Jk
fyi
You can encode also Encode and Decode Base64 from the Ubuntu Command line
Encode Base64 from the CLI Sample
1 2 | echo -n 'yourapiusername:yoursupersecurepassword' | base64 eW91cmFwaXVzZXJuYW1lOnlvdXJzdXBlcnNlY3VyZXBhc3N3b3Jk |
Decode Base64 from the CLI Sample
1 2 | echo `echo eW91cmFwaXVzZXJuYW1lOnlvdXJzdXBlcnNlY3VyZXBhc3N3b3Jk | base64 --decode` yourapiusername:yoursupersecurepassword |
Now we can add an “Authorization Basic” token to the API request in Paw.
A quick test of the UpCloud Prices API endpoint https://api.upcloud.com/1.2/price reveals the API is working.
I can now see a full breakdown of my service prices in JSON 🙂
Query My Account
OK, Let’s see how much credit I have left by querying the https://api.upcloud.com/1.2/account, I duplicated the item in Paw and changed the URL to https://api.upcloud.com/1.2/account but no data returned?
I had to enable “Access to Billing section in Control Panel” for the user before this data returned from the API (make sense).
> HTTP/1.1 200 OK
Query (GET)
1 2 3 4 | GET /1.2/account HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Authorization: Basic ******************************************* |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 | HTTP/1.1 200 OK Date: Sun, 17 Jun 2018 04:23:32 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 91 Server: Apache { "account" : { "credits" : 2500.00, "username" : "yourapiusername" } } |
“2500.00” = cents ($25)
Query All of Your Servers
Ok, Let’s get server information by querying https://api.upcloud.com/1.2/server
Query (GET)
1 2 3 4 | GET /1.2/server HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Authorization: Basic ##############base64hash############## |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 | HTTP/1.1 200 OK Date: Sun, 17 Jun 2018 04:32:22 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 1154 Server: Apache { "servers" : { "server" : [ { "core_number" : "1", "hostname" : "server1nameredacted.com", "license" : 0, "memory_amount" : "2048", "plan" : "1xCPU-2GB", "plan_ipv4_bytes" : "3472464313", "plan_ipv6_bytes" : "166293599", "state" : "started", "tags" : { "tag" : [ "tag1" ] }, "title" : "server1nameredacted.com", "uuid" : "########-####-####-####-############", "zone" : "us-chi1" }, { "core_number" : "1", "hostname" : "server2nameredacted.com", "license" : 0, "memory_amount" : "1024", "plan" : "1xCPU-1GB", "plan_ipv4_bytes" : "198911", "plan_ipv6_bytes" : "19742", "state" : "started", "tags" : { "tag" : [ "tag2" ] }, "title" : "server1nameredacted.com", "uuid" : "########-####-####-####-############", "zone" : "us-chi1" } ] } } |
Query Server Information
I have redated the UUID’s for my servers but once you know them you can query them by hitting https://api.upcloud.com/1.2/server/########-####-####-####-############
Query (GET)
1 2 3 4 | GET /1.2/server/########-####-####-####-############ HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Authorization: Basic ##############base64hash############## |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 | HTTP/1.1 200 OK Date: Sun, 17 Jun 2018 04:45:14 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 1656 Server: Apache { "server" : { "boot_order" : "cdrom,disk", "core_number" : "1", "firewall" : "on", "host" : redacted, "hostname" : "server1nameredacted.com", "ip_addresses" : { "ip_address" : [ { "access" : "private", "address" : "##.#.#.###", "family" : "IPv4" }, { "access" : "public", "address" : "###.###.###.###", "family" : "IPv4", "part_of_plan" : "yes" }, { "access" : "public", "address" : "####:####:####:####:####:####:########", "family" : "IPv6" } ] }, "license" : 0, "memory_amount" : "2048", "nic_model" : "virtio", "plan" : "1xCPU-2GB", "plan_ipv4_bytes" : "3519033266", "plan_ipv6_bytes" : "168200052", "state" : "started", "storage_devices" : { "storage_device" : [ { "address" : "virtio:0", "boot_disk" : "0", "part_of_plan" : "yes", "storage" : "########-####-####-####-############", "storage_size" : 50, "storage_title" : "system", "type" : "disk" } ] }, "tags" : { "tag" : [ "fearby" ] }, "timezone" : "Australia/Sydney", "title" : "server1nameredacted.com", "uuid" : "########-####-####-####-############", "video_model" : "cirrus", "vnc" : "off", "vnc_password" : "#########################", "zone" : "us-chi1" } } |
The servers name, IPv4 and IPV6 network adapters are listed, CPU(s), Memory, Disk Sized and UUID’s are all visible 🙂
Surprisingly the VNC password is visible (enabling access to the root console).
TIP: Ensure your API account is safe and secure.
Query Storage Information
Now, Let’s query the storage with the GUID from above by querying https://api.upcloud.com/1.2/storage/########-####-####-####-############
Query (GET)
1 2 3 4 | GET /1.2/storage/########-####-####-####-############ HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Authorization: Basic ##############base64hash############## |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | HTTP/1.1 200 OK Date: Sun, 17 Jun 2018 04:53:36 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 559 Server: Apache { "storage" : { "access" : "private", "backup_rule" : {}, "backups" : { "backup" : [ "########-####-####-####-############" ] }, "license" : 0, "part_of_plan" : "yes", "servers" : { "server" : [ "########-####-####-####-############" ] }, "size" : 50, "state" : "online", "tier" : "maxiops", "title" : "system", "type" : "normal", "uuid" : "########-####-####-####-############", "zone" : "us-chi1" } } |
I can see information about the storage’s assigned server and backups 🙂
Query Backup Information
Backup storage can be queried with the same storge API endpoint https://api.upcloud.com/1.2/storage/########-####-####-####-############
Query (GET)
1 2 3 4 | GET /1.2/storage/014fd483-ea90-4055-b445-bf2011951999 HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Authorization: Basic ##############base64hash############## |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | HTTP/1.1 200 OK Date: Sun, 17 Jun 2018 05:01:11 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 412 Server: Apache { "storage" : { "access" : "private", "created" : "2018-06-16T04:47:56Z", "license" : 0, "origin" : "########-####-####-####-############", "servers" : { "server" : [] }, "size" : 50, "state" : "online", "title" : "On-Demand Backup", "type" : "backup", "uuid" : "########-####-####-####-############", "zone" : "us-chi1" } } |
Rename Backup
One thing that I would like to be able to do is to rename on-demand backups in the UpCloud dashboard (this is not a feature yet) but I can rename manual backup’s in the API though 🙂
Boring “On-Demand Backup” label.
I tried sending JSON to https://api.upcloud.com/1.2/storage/########-####-####-####-############ to rename a backup but kept getting an error?
JSON
{
> “storage”: {
> “title”: “Latest manual backup , Working NGINX, PHP, MySQL w Tweaks”,
> “size”: “50”
> }
> }
Result
> “error_code” : “CONTENT_TYPE_INVALID”,
> “error_message” : “The Content-Type header has an invalid value.”
I googled and found an old manual for UpClouds API (official support here).
I added these missing content type headers (108 was the length in chars of the payload)
1 2 | > Content-Type: application/json; Charset=UTF-8' > Content-Length: 108 |
Still no go?
I think the content length value is wrong, more here.
I fixed it, it turned out I had a semicolon in the Content-Type value. The JSON RFC always assumes that Content-Type is UTF8 encoded (more here).
This Fails
1 | Content-Type: application/json; charset=utf-8 |
This Works
1 | Content-Type: application/json |
Now I can rename my Backup (storage). I manually calculated the length of the JSON payload and added a “Content-Length” header and value.
Query (PUT)
1 2 3 4 5 6 7 8 | PUT /1.2/storage/########-####-####-####-############ HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Content-Type: application/json Content-Length: 113 Authorization: Basic ##############base64hash############## {"storage":{"size":"50","title":"Latest manual backup , Working NGINX, PHP, MySQL w Tweaks"}} |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | HTTP/1.1 202 ACCEPTED Date: Sun, 17 Jun 2018 05:47:02 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 453 Server: Apache { "storage" : { "access" : "private", "created" : "2018-06-16T04:47:56Z", "license" : 0, "origin" : "########-####-####-####-############", "servers" : { "server" : [] }, "size" : 50, "state" : "online", "title" : "Latest manual backup , Working NGINX, PHP, MySQL w Tweaks", "type" : "backup", "uuid" : "########-####-####-####-############", "zone" : "us-chi1" } } |
Success 🙂
Create a Backup
Backups can be performed with a “/backup” added to the end of the query string.
Query (POST)
1 2 3 4 5 6 7 8 9 10 11 12 | POST /1.2/storage/########-####-####-####-############/backup HTTP/1.1 Host: api.upcloud.com User-Agent: Paw/3.1.7 (Macintosh; OS X/10.13.5) NSURLConnection/1452.23 Content-Type: application/json Content-Length: 100 Authorization: Basic ##############base64hash############## { "storage": { "title": "Sunday 17th Latest backup , Working NGINX, PHP, MySQL w Tweaks" } } |
Output
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | HTTP/1.1 201 CREATED Date: Sun, 17 Jun 2018 06:17:35 GMT Content-Type: application/json; charset=UTF-8 Connection: close Content-Length: 487 Server: Apache { "storage" : { "access" : "private", "created" : "2018-06-17T06:17:35Z", "license" : 0, "origin" : "########-####-####-####-############", "progress" : "0", "servers" : { "server" : [] }, "size" : 50, "state" : "maintenance", "title" : "Sunday 17th Latest backup , Working NGINX, PHP, MySQL w Tweaks", "type" : "backup", "uuid" : "########-####-####-####-############", "zone" : "us-chi1" } } |
Success (UpCloud GUI)
Conclusion
UpCloud does have great API docs.
I can easily integrate this into bash scripts to manage my servers via API and a future Java app for managing servers.
Paw does give CURL output to allow me to copy working API’s for use in BASH 🙂
More to come
If you are signing up for UpCloud please consider using my referral code and get $25 credit for free.
Read my setup guide here.
https://www.upcloud.com/register/?promo=D84793
I hope this guide helps someone.
Ask a question or recommend an article
Revision History
V1.1 updated typo
v1.0 Initial Post.
Here is a quick guide that shows how you can create and compile your first Java app with Net Beans.
Advertisement:
I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Updating the serves is a pain so I am writing a java app for Windows and OSX to help me manage the server by telnetting in on port 22 and performing routine actions from a button click in Java.
Installing Java and NetBeans IDE
Goto https://netbeans.org/downloads/index.html and click “JDK with NetBeans IDE Java SE bundle”
Download Netbeans and Java SE bundle
Install Netbeans and Java SE bundle
Creating your first GUI Java Application
Create New Project (Java Application) in NetBeans, Click Next
Name the project and set the main class as “main”
Add a new file, a “Swing GUI Form/JFrame form“.
Name the J Frame Form and click Finish.
Adding GUI elements in NetBeans IDE
In the Net Beans IDE, you can simply drag and drop elements. I like to move my properties screen to the bottom centre.
Set the panel at the default startup element
Add the following code to the main.java file
> framemain form = new framemain();
> form.setVisible(true);
Compile the App
The app compiles 🙂
Add an action to a button
You can add button actions (events) in the design mode.
Add Hello World alert box code to the button
Add the following to the Panel code file
> public static void infoBox(String infoMessage, String titleBar)
> {
> JOptionPane.showMessageDialog(null, infoMessage, “InfoBox: ” + titleBar, JOptionPane.INFORMATION_MESSAGE);
> }
Add this to the action (event)
System.out.println(“Hello World”);
> frame1.infoBox(“Hello World”, “Hello World”);
Build
To build right-click on the project and click Clean and Build
The result is an app you can run by double-clicking the jar file.
I hope this helps someone.
Making an OSX APP file from the JAR file
Coming soon
Making a Windows EXE file from the JAR file
Coming soon
I hope this guide helps someone.
Ask a question or recommend an article
Revision History
v1.0 Initial post
This guide will show technically minded people how you can purchase your own domain name, set up a web server on Vultr with an online store using WordPress/WooCommerce from $5 a month. Warning this post is technical (if you have never used SSH, Ubuntu, Linux Command Line, hate risk or are not patient then this is NOT the guide you are after).
Advertisement:
Draft Post (released early to share)
I personally recommend (not a paid endorsement) the free WooCommerce plugin for the free WordPress.org CMS on the free Ubuntu Operating system with the free NGINX web server and the free MYSQL database engine and free SSL certificates from Lets Encrypt.
Update 2018: For the best performing VM host (UpCloud) read my guide on the awesome UpCloud VM hosts (get $25 free credit by signing up here).
Buy a domain name from Namecheap here.
Sorry for using the word free a lot but I like free things. One of the benefits of a using a self-managed server is you get the option to install free software and configure the server how you want and secure it how you want. Truth be told managed ho (e.g CPanel, etc) are in the business of making money via monthly feed, expensive SSL certificates, taxing your transactions or pushing you to higher priced tiers.
Legend:
I moved to a self-managed server after I was paying $25/m for a poorly performing website and $150/y for a poor quality SSL certificate and a slice of a server that seemed to always say “Usage Limit Exceeded”. Why pay for an insecure website that my visitors could not view because the usage limit was exceeded.
fyi: Fearby.com costs me $10 a month for a server and $5/m for CDN abilities.
CPanel hosts are an option when you don’t want to self-manage a service and take on the hassle but be prepared for server limitations (The image below was taken on an older CPanel based hosts before I moved to a self-managed Vultr server)
I recently discovered a well known and established website hosting service (that I used to use) and a friend is still using is insecure. My friend’s site has a static website on it but the server underneath was very old and insecure. Having a secure web server should be at the top of your list with any self-managed or hosted website (this will help search engine optimization and prevent risks to your website visitors).
Sites like Virus Total, SSL Labs and Alexa Site Info , Qualys are good ways to review a site’s credibility.
fyi: The awesome https://seositecheckup.com/ is awesome for evaluating our sites SEO score.
Before we set up a server with WordPress on your own server let’s quickly look at the alternative commercial ready to go website builders.
Alternative (paid) DIY Website Builders
The following leading commercial sites will allow you to build a site online.
In my opinion, five things matter with setting up site online website.
Ok, let’s see how much it will cost to set up a simple business site on the sites above.
Wix
Setup: Goto https://www.wix.com/, Login to Wix, click Create Site, click Business, Click Choose a Template, Edit the page, Click Save, Click “Connect your own customized domain“, Click “Connect a domain you already own“.
I was redirected to a Wix plan pricing page where I need to choose a plan to continue. From what I researched you cant control HTML on Wix so can’t add a MailChimp newsletter signup form so you would have to go with the $24.5/m option to enable Email Campaigns.
I could not see information about included SSL certificates, SEO or other chargers. SSL is free after you pay right?
The Wix editor appears OK (it may take a bit of learning though).
I clicked publish and the site was live
A quick check of the SSL, Accessibility and SEO and no obvious deal breakers here apart from the price and platform lock-in.
I performed a security check on the site with https://freescan.qualys.com (passed)
Conclusion: I hear Wix templates are hard to change so choose your template wisely, A large collection of apps are available that you can add to the site.
Although Wix was nice and it does include a full-featured look at the engine it is not for me ($24/m USD is too expensive).
Squarespace
Squarespace basic websites cost $16/$25 a month or $34/52 for online stores: https://www.squarespace.com/pricing/
Setup a Squarespace website: Goto https://www.squarespace.com/, Click Start a Free Trial, Choose a Template, Create an Account (a quick read of the terms of service and privacy policy, #scary), SpareSpace sites are pre-published?
Loading the webpage on a non-logged-in (with SquareSpace login) browser displays a trial warning. Trial pages are essentially restricted (unlike Wix).
The mobile view does not match the template? I guess the chosen template is more of a vibe and not a template.
Setting up a Squarespace website may take some time. Squarespace does have some nifty advance options in a slide-out menu though.
Because the public view of the page is restricted I cannot scan it with WCAG accessibility tools. Scanning the site performance speeds with gtmetrix also fails.
Squarespace is well known to be difficult to set up a website when compared to other drag and drop editors (but Squarespace sites do look nice).
I am not paying $54/m for a website so let’s move on.
Shopify
Shopify Setup: Goto https://shopify.com and click Create, Sign up and enter your store name. Complete the wizard.
Choose a Shopify Plan
Scalping transactions, no thanks. let’s move on.
Weebly
Weebly Setup: Goto https://www.weebly.com/au and click Get Started under Create Store. Enter your account details and click Create Your Site, enter the name of the store, Click I’m just trying Weebly, click the type of product you will be selling.
Weebly Site Setup
Theme Selection
Choose a Domain
Publish the site
Clicking publish appears to be a dead end.
“Please contact Weebly Support to verify your account”, No Thanks, let’s move on.
One candidate remains and that is WordPress hosted (wordpress.com not wordpress.org).
WordPress.com
WordPress.com offer hosted plans for WordPress in the cloud.
Setup a WordPress site, the only one that removes WordPress branding and allows third-party plugins to be installed it the Business plans for $33 a month.
Setup Basics
Choose a WordPress theme.
Assign a Domain
In order to buy a domain, you need to log in (top right) with an account
My working WordPress account (is no longer working), it was in my password manager.
I seem to be stuck in a signup loop
Time to move on. Time to set up my own server on Vultr and setup WordPress and WooCommerce,
But, before we do, let’s ensure our name is secure online.
Search for your Name/Brand
Do search for your website (or thing) in search engines to see if your name is already taken, don’t buy a domain that is owned or has IP or trademark presence. It is a good idea to use sites like https://namechk.com/ to see if your site or social media is already taken.
namechk.com will allow you to search for name availability online. The name “mything” is not fully available online.
You will want to see all green squares (name available) below before buying a domain name. This looks better.
I would recommend you create your social media accounts before or right after buying your domain. Sites like Twitter will insist on short usernames names so get your social media sites first.
Trademark and Brand Search
Also, perform a trademark and IP search.
Australian Trademark Search: https://search.ipaustralia.gov.au/trademarks/search/quick
United States Trademark Database: https://www.uspto.gov/trademarks-application-process/search-trademark-database
Global brand Search: http://www.wipo.int/branddb/en/
etc
Self Managed Warning
I tend to go the “self-managed server route” and install the free WordPress CMS because:
There are many reasons why you would not want to “self-manage” your own server
Being technically minded and choosing a “self-managed web servers” can take away time from the fun stuff like SEO, Site Design, customer needs, branding etc.
Self Managed Costs
For $5 a month you can buy a server with enough memory to install WordPress (cheaper if you don’t need WordPress)
Vultr is great. Vultr does have ready to go servers that you can deploy that have WordPress all set up.
The Vultr template above does use the Centos OS (read my guide setting up Centos on a different service provider here) but I prefer to manually setup a server with Ubuntu 16.04 OS on Vultr.
Wih a $5 server you can do what you want with it. I have blogged before about setting up your own Server. e.g Installing Centos and Ubuntu server on Digital Ocean. Digital Ocean does not have data centres in Australia and this kills scalability. AWS is good but 4x the price of Vultr. I have blogged about setting up and AWS server here (and upgrading an AWS instance). I tried to check out Alibaba Cloud but the verification process was broken so I decided to check our Vultr.
Manual Setup of Vultr on an Ubuntu 16.04 server
Manual WooCommerce Plugin Setup
Once you setup Woocommerce you can setup the store defaults. Goto the WordPress dashboard and click WooCommerce Settings
Settings – General
Settings – Products
Settings – Shipping
Settings – Checkout
Settings – Account
Settings – Emails
Settings – API
Optional Actions
Instaling a Woo Commerce Child Theme
Goto https://woocommerce.com/product-category/themes/storefront-child-theme-themes/ and choose a theme.
Purchase and Install the desired child theme (I uploaded it to my /wp-content/themes/ folder with forklift). I chose a free deli theme.
Goto your WordPress then themes folder and activate your new child theme.
Post Site Setup
Just because your site is live does not mean you can rest.
SEO Optimization
Do use sites like https://seositecheckup.com/ and follow recommended actions to improve your SEO like updating meta tags.
More Reading
Attaching an email to your domain
You can pay $5 a month and link a G Suite email to your domain.
Once you have a G Suite account you can link other domains (and domain emails) to it. You can login to your G Suite emails via G Mail and send emails from apps or the command line.
Why Vultr
I use the server host Vultr as they have data centres all around the world and the support of great, Digital Ocean is good too but they don’t have data centres in my country (Australia). Vultr allows you to deploy all over the world upgrade servers, move servers, add storage and restore servers.
Alternatively, you can buy a $2.5/m server and generate a static website
I use the Platforma Web HTML generator to build mobile and WCAG compliant websites.
Buying a domain, I buy my domains from https://www.namecheap.com/ it is a good idea to look for coupons first at https://www.namecheap.com/promos/coupons.aspx before buying a domain.
Once you buy a domain you can point it to a Vultr server and upload your website.
I hope this helps someone.
Donate and make this blog better
Ask a question or recommend an article
Revision History
v.1.2 WordPress WooCommerce
v1.1 SEO
v1.0 Initial Draft
It is possible to deploy a server in minutes to hours but it can take days to secure. What tools can you use to help identify what to secure on your website?
Advertisement:
I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line, installing a Free SSL certificate and setting up SSL security.
Security Tools
Qualys SSL Labs SSL Tester is the best tool for checking an SSL certificate strength
Most people don’t know Qualys also has another free (limited to 10 scans) vulnerability scanner for websites.
Goto https://freescan.qualys.com/ and click Start your free account.
Complete the signup form
Now check your email to login and confirm your email account
Login now from the email.
Create a password (why the 25 char max Qualys?)
Enter your website URL and click Scan
The scan can take hours
While the scan was being performed I noticed that Qualys offers alerts (I’ll check this out later): https://www.qualys.com/research/security-alerts/
Yes, the scan can take hours, take a walk or read other posts here.
The scan is almost complete
Yay, my latest scan revealed 0 High, 0 Medium and 0 Low-risk vulnerabilities.
It did report 23 informational alerts like “Firewall Detected“.
Threat Report Results
Patch Report Results
This report was empty (probably because I don’t run Windows)
Threat Report Results
The OWASP report contained partial scan results (maybe the full report is available to pro users)
Previous Scan Results
The Qualys dashboard will show all past scans.
My first scan showed a Low priority issue with the /wp-login.php page as the input fields did not have “autocomplete=”off””, I fixed this by adding “autocomplete=”off”” the removing the page (safer).
The second scan found two issues with cookies (possibly ad banner cookies) and 2 subfolders that I created in past development exercises. I deleted the two sub-folders that were not needed.
The third scan was clean.
Here is a scan of a static website of a friends server (static can be less secure if the server underneath is old or unpatched).
Happy scanning. I hope this guide helps someone.
Ask a question or recommend an article
Revision History
v1.1 Static Web Server Scan
v1.0 Initial post
OWASP is a non-profit that lists the Top Ten Most Critical Web Application Security Risks, they also have a GUI Java tool called OWASP Zap that you can use to check your apps for security issue.
Advertisement:
I have a number of guides on moving hosting away form CPanel , Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. It is important that you always update your site and software and test your sites and software for vulnerabilities. Zap is free and completely open source.
Disclaimer, I am not an expert (this Zap post and my past Kali Linux guide will be updated as I learn more).
OWASP Top 10
OWASP has a top 10 list of things to review.
Download the OWASP 10 10 Application security risks PDF here form here.
Using the free OWASP Zap Tool
Snip from https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
“The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers*. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It’s also a great tool for experienced pentesters to use for manual security testing.”
Zap Overview
Here is a quick demo of Zap in action.
Do check out the official Zap videos on youtube: https://www.youtube.com/user/OWASPGLOBAL/videos if you want to learn more.
Installing Zap
Download Zap from here.
Download Options
Download contents
Copy to the app to the OSX Application folder
App Installed
Open OSX’s Privacy and Security screen and click Open Anyway
OWASP Zap is now Installed
Ready for a Scan
But before we do let’s check out the Options
OWASP Zap allows you to label reports to ad from anyone you want.
Now let’s update the program and plugins, Click Manage Add-ons
Click Update All to Update addons
I clicked Update All
Installed some plugins
Zap is Ready
Add a site and right click on the site and you can perform an active scan or port scan.
First Scan (https failed)
I enabled unsafe SSL/TLS Renegotiation.
This did not work and this guide said I needed to install the “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files” from here.
The extract files to /Library/Java/JavaVirtualMachines/%your_jdk%/Contents/Home/jre/lib/security
I restarted OWASP Zap and tried to scan my site buy it appears Cloudflare (that I recently set up) was blocking my scans and reported error 403. I decided to scan another site of mine that was not on Cloudflare but had the same Lets Encrypt style SSL cert.
fyi: I own and set up the site I queried below.
OWASP Zap scan performed over 800 requests and tried traversal exploits and many other checks. Do repair any major failures you find.
Generating a Report
To generate a report click Report then the appropriate generation menu of choice.
FYI: The High Priority Alert is a false positive with an HTML item being mistaken for a CC number.
I hope this guide helps someone. Happy software/server hardening and good luck.
More Reading
Check out my Kali Linux guide.
Ask a question or recommend an article
Revision History
V1.3 fixed hasting typo.
v1.2 False Positive
v1.1 updated main features
v1.0 Initial post
This post will show you how to setup the Kali Linux distro to perform penetration testing of your systems
Advertisement:
I have a number of guides on moving hasting away form CPanel, Setting up VM’s on AWS, Vultr or Digital Ocean along with installing and managing WordPress from the command line. Securing your systems is very important (don’t stop) and keep learning (securing ubuntu in the cloud, securing checklist, run a Lynis system audit etc)
snip from: https://www.kali.org/about-us/
“Kali Linux is an open source project that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services. In addition to Kali Linux, Offensive Security also maintains the Exploit Database and the free online course, Metasploit Unleashed.”
Download Kali
I downloaded the torrent version (as the HTTP version kept stopping (even on 50/20 NBN).
After the download finished I checked the SHA sum to verify it’a integrity
1 2 3 | cd /Users/username/Downloads/kali-linux-2018.1-amd64 shasum -a 256 ./kali-linux-2018.1-amd64.iso ed88466834ceeba65f426235ec191fb3580f71d50364ac5131daec1bf976b317 ./kali-linux-2018.1-amd64.iso |
A least it matched the known (or hacked) hash here.
Installing Parallels in a VM on OSX
I use Parallels 11 on OSX to set up a VM os Demina Kali, you can use VirtualBox, VMWare etc.
Hardware: 2x CPU, 2048MB Ram, 32MB Graphics, 64GB Disk.
I selected Graphical Install (English, Australia, American English, host: kali, network: hyrule, New South Wales, Partition: Guided – entire disk, Default, Default, Default, Continue, Yes, Network Mirror: Yes, No Proxy, Installed GRUB bootloader on VM HD.
Post Install
Install Parallel Tools
Official Guide: https://kb.parallels.com/en/123968
I opened the VM then selected the Actions then Install Parallels Tools, this mounted /media/cdrom/, I copied all contents to /temp/
As recommended by the Parallels instal bash script I updated headers.
1 | apt install linux-headers-4.14.0-kali1-amd64 |
Then the following from https://kb.parallels.com/en/123968
1 2 3 4 5 | apt-get clean apt-get update apt-get upgrade -y apt-get dist-upgrade -y apt-get install dkms kpartx printer-driver-postscript-hp |
Parallels will not install, I think I need to upgrade to parallel 12 or 12 as the printer driver detection is not detecting (even though it is installed).
Installing Google Chrome
I used the video below
I have to run chrome with
1 | /usr/bin/gogole-chrome-stable %U --no-sandbox --user-data=dir & |
It works.
Running your first remote vulnerability scan in Kali
I found this video useful in helping me scan and check my systems for exploits
Simple exploit search in Armitage (metasploit)
A quick scan of my server revealed three ports open and (22, 80 and 443). Port 80 redirects to 443 and port 22 is firewalled. I have WordPress and exploits I rued failed to work thanks to patching (always stay ahead of patching and updating of software and the OS.
Without knowing what I was doing I was able to check my WordPress against known exploits. 
If you open the Check Exploits menu at the end of the Attacks menu you can do a bulk exploit check.
WP Scan
Kali also comes with a WordPress scanner
1 | wpscan --url https://fearby.com |
This will try and output everything from your web server and WordPress plugins.
/xmlrpc.php was found and I was advised to deny access to that file in NGINX. xmlrpc.php is ok but can be used in denial of service attacks.
1 2 3 4 5 | location = /xmlrpc.php { deny all; access_log off; log_not_found off; } |
I had a hit for a vulnerability in a Youtube Embed plugin but I had a patched version.
TIP: Check your WordPress often.
More to come (Draft Post).
Tips
Don’t have unwanted ports open, securely installed software, Use unattended security updates in Ubuntu, update WordPress frequently and limit plugins and also consider running more verbose audit tools like Lynis.
More Reading
Read my OWASP Zap guide on application testing and Cloudflare guide.
I hope this guide helps someone.
Ask a question or recommend an article
Revision History
v1.2 added More Reading links.
v1.1 Added bulk exploit check.
v1.0 Initial post
Adminer is a free GUI tool that can you can easily install on a PHP web server. Adminer allows you to easily connect to your MySQL instance, create databases/tables/indexes/rows and backup/import databases and much more.
Advertisement:
You can read my other posts on Useful Linux Terminal Commands and Useful OSX Terminal Commands.
I used to use phpMyAdmin to manage MySQL databases on AWS, Digital Ocean and Vultr but switched to Adminer due to forgotten issues. You can always manage MySQL via command line but that is quite boring.
The below screenshots were taken on my local Development Mac Laptop (with optional OSX Apache SSL Setup (that reports “Not Secure” (but it is good enough to use locally)). I prefer to code in SSL and warn when SSL is not detected.
Downloading and Installing Adminer
Navigate to https://www.adminer.org/ and click Download.
Click English only (.php file)
Save the Adminder for MySQL (.php) file to your web server and give it a random name and put in a folder also with a random name (I use https://www.grc.com/passwords.htm to generate strong password).
Tip: Uploading this file to a live serve offers hackers and unauthorized people potential access to your MySQL server. I would remove this file from live serves when you are not using it not to be sure.
Tip: Read my guide here on setting up NGINX, MySQL and PHP here. Basically I did this to setup MySQL on Ubuntu 16.04.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | sudo apt-get install mysql-common sudo apt-get install mysql-server mysql --version >mysql Ver 14.14 Distrib 5.7.19, for Linux (x86_64) using EditLine wrapper sudo mysql_secure_installation >Y (Valitate plugin) >2 (Strong passwords) >N (Don't chnage root password) >Y (Remove anon accounts) >Y (No remote root login) >Y (Remove test DB) >Y (Reload) service mysql status > mysql.service - MySQL Community Server |
TIP: Ensure MySQL is secure and has a good root password, also consider setting up Ubuntu Firewalls and Securing Ubuntu. Also ensure the Server is patched and does not have exploits like Spectre and meltdown.
Now you can access your Admirer php file on your Web Server (hopefully with an obfiscated name).
Login to Adminer with your MySQL root password.
Click Create databaase
Give the database a name and choose the character coding standard (e.g UTF8 ceneral ci). Different standards have different performance impacts too.
Now that you have a database you can create a table.
Consider adding an auto-incrementing ID and say a Key and Value varchar column.
When the table is created you can add a row to the table.
I created one with a “TestKey” and “TestValue” row.
The row was inserted.
The final thing to do is add a database user that code can connect to the database with. Click Privileges.
Click Create user
Tick All privileges and click Save
Now the user is added to the database
Let’s create a PHP file and talk to the database. Let’s use parameterized queries
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 | <?php date_default_timezone_set('Australia/Sydney'); echo "Last modified: " . date ("F d Y H:i:s.", getlastmod()) . "<br /><br />"; // Turn on if you need to see errors // error_reporting(E_ALL); // ini_set('display_errors', 0); $dbhost = '127.0.0.1'; $dbname = 'dbtest'; $dbusername = 'dbtestuser'; $dbpassword = '*****************************************''; $con = mysqli_connect($dbhost, $dbusername, $dbpassword, $dbname); // Turn on debug stuff if you need it // echo var_dump($con); // printf(" - Error: %s.n", $stmt->error); if($con->connect_errno > 0){ printf(" - Error: %s.n", $stmt->error); die("Error: Unable to connect to MySQL"); } else { echo "Charset set to utf8<br />"; mysqli_set_charset($con,"utf8"); } if (!$con) { echo "Error: Unable to connect to MySQL (E002)" . PHP_EOL; echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL; echo "Debugging error: " . mysqli_connect_error() . PHP_EOL; exit; } else { echo "Database Connection OK<br />"; echo " Success: A proper connection to MySQL was made! The $dbname database is great." . PHP_EOL . "<br />"; echo " - Host information: " . mysqli_get_host_info($con) . PHP_EOL . "<br />"; echo " - Server Info: '" . mysqli_get_server_info($con) . "'<br />"; echo " - Server Protocol Info : ". mysqli_get_proto_info($con) . "<br />"; echo " - Server Version: " . mysqli_get_server_version($con) . "<br />"; //echo " - Server Connection Stats: " . print_r(vmysqli_get_connection_stats($con)) . "<br />"; echo " - Client Version: " . mysqli_get_client_version($con) . "<br />"; echo " - Client Info: '" . mysqli_get_client_info() . "'<br />"; echo "Ready to Query the database '$dbname'.<br />"; // Input Var's that are parameterized/bound into the query statement $in_key = mysqli_real_escape_string($con, 'TestKey'); // Output Var's that the query fills after querying the database // These variables will be filled with data from the current returned row $out_id = ""; $out_key = ""; $out_value = ""; echo "1. About to query the database: '$dbname'<br />"; $stmt = mysqli_stmt_init($con); $sql = "SELECT testid, testkey, testvalue FROM tbtest WHERE testkey = ?"; echo "SQL: $sql (In = $in_key)<br /"; if (mysqli_stmt_prepare($stmt, $sql)) { echo "2. Query Returned<br />"; /* Type specification chars Character Description i corresponding variable has type integer d corresponding variable has type double s corresponding variable has type string b corresponding variable is a blob and will be sent in packets */ mysqli_stmt_bind_param($stmt, 's', $in_key); mysqli_stmt_execute($stmt); mysqli_stmt_bind_result($stmt, $out_id, $out_key, $out_value); mysqli_stmt_fetch($stmt); // Do something with the 1st returned row echo " - Row: ID: $out_id, KEY: $out_key, VAL: $out_value <br />";// // Do we have more rows to process while($stmt->fetch()) { // Output returned values echo " - Row: ID: $out_id, KEY: $out_key, VAL: $out_value <br />";// } mysqli_stmt_close($stmt); echo "Done<br />"; } else { echo "3. Error Querying<br/>"; printf(" - Error: %s.n", $stmt->error); } } ?> |
Result
If you don’t have a server check out my guides on AWS, Digital Ocean and Vultr.
Happy coding and I hope this helps someone.
Donate and make this blog better
Ask a question or recommend an article
Revision History
v1.0 Initial Version