Categories
GIDBlog Learning Journal

Certbot and Cloudflare DNS Plugin

I learnt today that I can run Certbot to create and renew Let’s Encrypt SSL/TLS for domains/web sites not hosted on the same machine – a fact I didn’t know before today.

Also, because Certbot can be used to manage Let’s Encrypt certificates for domain names hosted elsewhere, there is no requirement for the system running Certbot to have a web server like Apache/httpd running (for domain verification purposes).

In this case, (Certbot) domain verification is handled by DNS records managed by qualified third party DNS providers. One such provider is, of course, the ever-popular Cloudflare service. If, like gidblog.com, your web site is also protected and served by Cloudflare, this information is relevant to you.

Check if your DNS provider supports Certbot here.

So, to get a new (or renew a) Let’s Encrypt SSL/TLS certificate for your web site, you’ll need to do 3 tasks:

  1. Install Certbot
  2. Create a credentials file for your DNS provider
  3. Run a Certbot command

This what I did myself to accomplish these 3 tasks, and I have just replaced “gidblog.com” with “example.com” in the notes below.

1. Install Certbot on CentOS 7

Before proceeding, please ensure that you enable the EPEL (Extra Packages for Enterprise Linux) repository on your CentOS 7 server. Then…

In a terminal (as root):

yum install certbot python2-certbot-dns-cloudflare

2. Create a credentials file for Cloudflare

Next, you need to prepare a credentials file, e.g. credentials.ini, that will allow Certbot access to the Cloudflare API using your private data in the file. Let’s create this credentials file now. Again, in a terminal (as root):

mkdir $HOME/.secret $HOME/.secret/cf
vi $HOME/.secret/cf/credentials.ini

File: credentials.ini

# Cloudflare API credentials used by Certbot
#
dns_cloudflare_email = [email protected]
dns_cloudflare_api_key = 0123456789abcdef0123456789abcdef01234567

Line no. 3: You can get your email address here.
Line no. 4: Your Cloudflare API key here (use the Global API Key).

After saving and closing the credentials file, let’s modify the permissions of the file so no one else can access/read it. In the same terminal (as root):

chmod 600 $HOME/.secret/cf/credentials.ini

3. Run Certbot command to create certificate

To create a Let’s Encrypt SSL/TLS certificate for domain names: example.com and www.example.com. In a terminal (as root):

certbot certonly \
  --dns-cloudflare \
  --dns-cloudflare-credentials $HOME/.secret/cf/credentials.ini \
  -d example.com \
  -d www.example.com

If everything goes as planned, the final output from this command will look something like this:

IMPORTANT NOTES:
– Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/example.com/fullchain.pem
Your key file has been saved at: /etc/letsencrypt/live/example.com/privkey.pem
Your cert will expire on 2020-02-19. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run “certbot renew”

Categories
GIDBlog Learning Journal

Compress your PHP-FPM pages

Since the recent upgrade to gidblog.com, this web site is currently being hosted by various Docker containers. One of the Docker containers used is, of course, one derived from a Docker image like php:7-fpm-alpine.

I must confess that this is my first endeavour using PHP-FPM with Apache. All these years I have only been using the Apache module: mod_php to handle all my PHP web pages.

One of the areas I got stuck for a while (making this site work with PHP-FPM) is that PHP scripts — in this case generated web pages — were not sending gz-encoded data (compressed web pages) back to web browsers.

I know how to make Apache send compressed web pages and other documents using the Apache mod_deflate module.

I also know how to make individual PHP scripts turn output compression on.

Actually, reading that last link/page gave me the solution I was looking for – use the zlib.output_compression php.ini setting when creating my PHP-FPM Docker image.

So this was how my Dockerfile for the PHP-FPM/Alpine Linux image looks like with this setting all set up. See the last line:

File: Dockerfile

FROM php:7-fpm-alpine
RUN apk update; apk upgrade;
RUN docker-php-ext-install mysqli
RUN docker-php-ext-install opcache

# Other instructions removed for brevity #

# PHP.INI
RUN mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini"

# zlib compression
RUN echo "zlib.output_compression = On" >> "$PHP_INI_DIR/php.ini"

As soon as this Docker image was built again and running, all web pages generated by PHP-FPM for this web site are being compressed before being sent out to web browsers and clients that accept the encoding.

Categories
GIDBlog Learning Journal

WordPress Plugin for Google AdSense Auto Ads

I will show you how I inserted Google AdSense Auto Ads JavaScript ad code to this web site today.

The Google AdSense Auto Ads ad code is only a single line long, so it was unnecessary to get overly complicated with the plugin or PHP code.

Create file: gid-wp-google-adsense-auto-ads.php

Using my favourite text/PHP editor, I created a PHP file: gid-wp-google-adsense-auto-ads.php. This is how it looks:

<?php
/*
Plugin Name: GID WP Google AdSense Auto Ads
Plugin URI: https://www.gidblog.com/wordpress-plugin-google-adsense-auto-ads/
Description: Inserts Google AdSense Auto Ads, in the header.
Author: J de Silva
Version: 1.0
Author URI: https://www.gidblog.com/author/jdesilva/
*/

// Replace "NNNNNNNNNNNNNNNN" with your Google AdSense Publisher ID (just the 16-digit number)
define( "GID_GA_PUBID", "NNNNNNNNNNNNNNNN" );

function gid_google_adsense_autoads()
{
?>
<script data-ad-client="ca-pub-<?php echo GID_GA_PUBID; ?>" async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<?php
}
add_action( 'wp_head', 'gid_google_adsense_autoads', 10 );

Do not forget to paste your own Google AdSense publisher ID (just the 16-digit number) in the PHP code before uploading the file. See line no. 12 above.

Upload gid-wp-google-adsense-auto-ads.php

Save the file and upload it to the /wp-content/plugins/ folder of your WordPress site. On my Linux laptop, with the scp command, this is as simple as:

scp -v $HOME/gid-wp-google-adsense-auto-ads.php [email protected]:/var/www/html/wp-content/plugins/

Finally, go to the Plugins page inside your WordPress site’s admin dashboard to activate this plugin.

Categories
GIDBlog Learning Journal

WordPress Plugin for Google Analytics

I will show you how I inserted Google Analytics tracking code to this web site today.

I chose to write a WordPress plugin to accomplish this task but since I only manage 2 WordPress sites, I didn’t develop it with a lot of bells and whistles.

gid-wp-google-analytics.php

Using my favourite text/PHP editor, I created a PHP file: gid-wp-google-analytics.php. This is how it looks:

<?php

/*
Plugin Name: GID WP Google Analytics
Plugin URI: https://www.gidblog.com/wordpress-plugin-google-analytics/
Description: Inserts Google Analytics tracking code to web pages, in the header.
Author: J de Silva
Version: 1.0
*/

// Replace "NNNNN-N" with your Google Analytics site tracking ID
define( "GID_GAID", "NNNNN-N" );

function gid_google_analytics()
{
	// <!-- Global site tag (gtag.js) - Google Analytics --> ?> 
  <script async src="https://www.googletagmanager.com/gtag/js?id=UA-<?php echo GID_GAID; ?>"></script>
  <script>
    window.dataLayer = window.dataLayer || [];
    function gtag(){dataLayer.push(arguments);}
    gtag('js', new Date());

    gtag('config', 'UA-<?php echo GID_GAID; ?>');
  </script>
<?php
}
add_action( 'wp_head', 'gid_google_analytics', 10 );

Do not forget to paste your own Google Analytics tracking code ID in the PHP code before uploading the file. See line no. 12 above.

Upload gid-wp-google-analytics.php

Save the file and upload it to the /wp-content/plugins/ folder of your WordPress site. On my Linux laptop, with the scp command, this is as simple as:

scp -v $HOME/gid-wp-google-analytics.php [email protected]:/var/www/html/wp-content/plugins/

Finally, go to the Plugins page inside your WordPress site’s admin dashboard to activate this plugin.

Categories
GIDApp News

Track Your Favourite 4D Number on GIDApp

Starting today, you can save your favourite 4D number on every device you use when you visit www.gidapp.com to check the latest 4D results on the site. There is no requirement for you to register or login even! It is all very simple.

Desktop Computer

Saving favourite 4D number on www.gidapp.com with a PC
Saving favourite 4D number on www.gidapp.com with a PC

On a desktop computer just click on the link at the top of your screen to access the form that saves your favourite 4D number to the web site.

Mobile Phone

Saving your favourite 4D number to www.gidapp.com with your phone.
Saving your favourite 4D number to www.gidapp.com with your phone.

with a phone, just click on the navigation menu button (highlighted in yellow) at the top right of your screen to access the form that saves your favourite 4D number to the web site.

That’s it!

Now when you view a 4D result page on the web site, your favourite number will be highlighted in the results if it matches a winning number of the draw.

Favourite number highlighted in results page example.
Favourite 4D number highlighted in results page example.

Remember: you set it up only once and it works everywhere; even in the Singapore 4D & Malaysia 4D results pages.

Categories
GIDBlog News

Popular Sharing Buttons for GIDBlog.com

After such a long delay, I finally implemented share buttons from the 3 most popular social networking sites here today. The 3 most popular social networking sites are — at least according to me — Facebook, Google+ and Twitter.

If you scroll down to the bottom of the page, you will find a little bar where you can find the various buttons to Like, +1 or Tweet the story to your family, friends and associates.

A screenshot of gidblog.com site social network buttons.
Partial screenshot of gidblog.com site social network buttons.
Categories
GIDApp News

GIDApp Homepage Redesign

Over the past few days, I have been redesigning the homepage of GIDApp.com. Instead of creating a separate design for mobile devices and then another for regular desktop PCs, this time I decided to simply develop one layout for the web site (a responsive design with CSS) that will work with any device, at any screen size. Well, at least that is the plan…

Categories
Learning Journal

Yii Exception: Alias “user.UserModule” is invalid

I was attempting to get the Yii Framework yii-user extension working for a test web site earlier today when I got this fatal error / exception message:

Categories
Learning Journal

Redirect all subdomains to www

If you ever need to redirect all your subdomains to a main subdomain like www, here is a method for you to easily accomplish that. I kept these notes from when I wanted to implement it for my own site: www.gidforums.com.

Categories
Learning Journal

Cannot Login to Ubuntu

I could not log into my laptop (running on Ubuntu) yesterday. Every time I entered my password — a password I haven’t changed in years — I was returned to the same login screen all over again! But I could log into a console by pressing CTRL+ALT+F1, so it was definitely not a typo-in-the-password error. Since I always have a second user account on my PCs, it was also easy for me to verify that I could log in (in desktop/graphical mode) as a different user without any difficulty.