Category Archives: Linux

Step by Step Procedure To Setup Cassandra Cluster On Any Linux Distribution

Step by Step procedure to set-up Cassandra Cluster On Any Linux Distribution

1. What is Cassandra : Cassandra is an open source distributed database management system designed to handle large amounts of data across many commodity servers, providing high availability with no single point of failure.

2. Cassandra Cluster: A cluster is arranged as a ring of nodes. Clients send read/write requests to any node in the ring; that node takes on the role of coordinator node, and forwards the request to the node responsible for servicing it. A partitioner decides which nodes store which rows. The recommended partitioners assign rows to nodes based on a hash value of the row key. Nodes are assigned tokens that evenly divide the full range of possible hash values.

3. Prerequisites :
Setup iptables, allow below Cassandra ports.
For Centos:
iptables -A INPUT -p tcp -m tcp –dport 9160 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 7000 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 7001 -j ACCEPT
service iptables restart

For Ubuntu:
iptables -A INPUT -p tcp -m tcp –dport 9160 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 7000 -j ACCEPT
iptables -A INPUT -p tcp -m tcp –dport 7001 -j ACCEPT
sudo sh -c “iptables-save > /etc/iptables.rules”
sudo iptables-apply /etc/iptables.rules
Applying new iptables rules from ‘/etc/iptables.rules’… done.
Can you establish NEW connections to the machine? (y/N) y
… then my job is done. See you next time.

4. Installing Cassandra and Configuring: Login to Remote machine, where you want to install Cassandra.
Below are the steps to install and configure Cassandra Cluster.

Get Cassandra tar-ball
wget “http://downloads.datastax.com/community/dsc-cassandra-2.1.7-bin.tar.gz” -P /usr/share/
Setup Cassandra environment under /usr/share
tar -xvzf /usr/share/dsc-cassandra-2.1.7-bin.tar.gz -C /usr/share/

Delete tar file
rm -rf /usr/share/dsc-cassandra-2.1.7-bin.tar.gz

Cassendra configuration change cluster_name : change clustername with your Cluster
sed -i ‘s/Test Cluster/{{clustername}}/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change listen_address : hostname=serverip
sed -i ‘s/listen_address\:\ localhost/listen_address\:\ {{hostname}}/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change rpc_address
sed -i ‘s/rpc_address\:\ localhost/rpc_address\:\ 0.0.0.0/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change endpoint_snitch
sed -i ‘s/endpoint_snitch\:\ SimpleSnitch/endpoint_snitch\:\ GossipingPropertyFileSnitch/g’ /usr/share/dsc-
cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change broadcast_rpc_address hostname=serverip
sed -i ‘s/^# broadcast_rpc_address\:\ 1.2.3.4/broadcast_rpc_address\:\ {{hostname}}/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change seeds hostname=serverip seeds=seedsip
sed -i ‘s/- seeds\:\ “127.0.0.1”/- seeds\:\ “{{seeds}},{{hostname}}”/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change data_file_directories
sed -i ‘s/# data_file_directories/data_file_directories/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change /var/lib/cassandra/data
sed -i” ‘107 s/^#//’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change commitlog_directory
sed -i ‘s/# commitlog_directory/commitlog_directory/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change saved_caches_directory
sed -i ‘s/# saved_caches_directory/saved_caches_directory/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change thrift_framed_transport_size_in_mb
sed -i ‘s/thrift_framed_transport_size_in_mb\:\ 15/thrift_framed_transport_size_in_mb\:\ 100/g’ /usr/share/dsc-
cassandra-2.1.7/conf/cassandra.yaml

Cassendra configuration change phi_convict_threshold
sed -i ‘s/# phi_convict_threshold\:\ 8/phi_convict_threshold\:\ 10/g’ /usr/share/dsc-cassandra-2.1.7/conf/cassandra.yaml

Start Cassandra service
nohup sh /usr/share/dsc-cassandra-2.1.7/bin/cassandra

5. Command to check Cassandra cluster:
/usr/share/dsc-cassandra-2.1.7/bin/nodetool status
Address Status State Load Owns Token
113427455640312821154458202477256070484
10.1.1.7 Up Normal 459.27 MB 33.33% 0
10.1.1.8 Up Normal 382.53 MB 33.33% 56713727820156410577229101238628035242
10.1.1.6 Up Normal 511.34 MB 33.33% 113427455640312821154458202477256070484

Step by Step procedure to install and Configure ANSIBLE on Ubuntu

Step by step procedure to install and configure ansible on ubuntu

Before installing ANSIBLE, let us understand,

What is ANSIBLE ?

1.Ansible Introduction :

Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero
downtime rolling updates.
Ansible’s goals are foremost those of simplicity and maximum ease of use. It also has a strong focus on security and reliability, featuring a minimum of moving parts, usage of OpenSSH for transport (with an accelerated socket mode and pull modes as alternatives),
and a language that is designed around auditability by humans – even those not familiar with the program.

While there are many popular configuration management systems available for Linux systems, such as Chef and Puppet, these are often more complex than many people want or need.Ansible is a great alternative to these options because it has a much smaller overhead to get started.

for more information visit, Ansible docs.
http://docs.ansible.com/

Assumptions
● You have a ubuntu 12.04 and you are logged-in as root.

2.How Does Ansible Work :
Ansible works by configuring client machines from an computer with Ansible components
installed and configured.
It communicates over normal SSH channels in order to retrieve information from remote
machines, issue commands, and copy files. Because of this, an Ansible system does not require any additional software to be installed on the client computers.
This is one way that Ansible simplifies the administration of servers.
Configuration files are mainly written in the YAML data  format due to its
expressive nature and its similarity to popular markup languages.Ansible can interact with clients through either command line tools or through its configuration scripts called Playbooks.

3. Install Ansible on an Ubuntu 12.04 :
To begin exploring Ansible , we need to install the Ansible package on at least one machine. I have used ubuntu 12.04

git clone git@github.com:ansible/ansible.git
cd ansible
source ./hacking/env-setup
sudo pip install paramiko PyYAML jinja2 --upgrade

We now have all of the software required to administer our servers through Ansible.
Set Up SSH Keys , Ansible primarily communicates with client computers through SSH.While it certainly has the ability to handle password-based SSH authentication, SSH keys help keep things simple.

4. Creating a SSH Pair :
@Server:~> ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/a/.ssh/id_rsa):
Created directory ‘/home/a/.ssh’.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/a/.ssh/id_rsa.
Your public key has been saved in /home/a/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 a@A
Now use ssh to create a directory ~/.ssh as user b on Client. (The directory may already exist,
which is fine):
@Server:~> ssh root@123.123.123.123 mkdir -p .ssh
root@Client’s password:
Finally append a’s new public key to root@123.123.123.123:.ssh/authorized_keys and enter
client’s password one last time:
root@Server:~> cat .ssh/id_rsa.pub | ssh root@123.123.123.123 ‘cat >> .ssh/authorized_keys’
root@Client’s password:
From now on you can log into Client as root from A as a without password:
@Server:~> ssh root@123.123.123.123

5. Configuring Ansible Host:
Ansible keeps record of all of the servers that it know through a “hosts” file. We need to configure this file first before we can begin to communicate with our other computers.
Open the file and add,

vim /etc/ansible/hosts
[hosts]
devops ansible_ssh_host=123.123.123.123

Where hosts is list of nodes
devops = host name of one of the client.
123.123.123.123 is hosts ip.
To do this, we will create a directory in the Ansible configuration structure called group_vars.
Within this folder, we can create YAML-formatted files for each group we want to configure:

sudo mkdir /etc/ansible/group_vars
sudo nano /etc/ansible/group_vars/hosts

We can put our configuration in here. YAML files start with “—“, so make sure you don’t forget that part.

ansible_ssh_user: root
Save and close this file when you are finished.

6. Ansible test Examples:

Using Simple Ansible Commands
Now that we have our hosts set up and enough configuration details to allow us to
successfully connect to our hosts, we can try out our very first command.
Ping all of the servers you configured by typing:
root@server:/etc/ansible# ansible -m ping hosts
devops | success >> {
“changed”: false,
“ping”: “pong”
}
This is a basic test to make sure that Ansible has a connection to all of its hosts.

ansible -m shell -a ‘ifconfig’ devops

devops | success | rc=0 >>
eth0 Link encap:Ethernet HWaddr 00:0c:29:a2:42:c4
inet addr:123.123.123.123 Bcast:10.27.111.255 Mask:255.255.255.0

ansible -m shell -a ‘free -m’ devops
devops | success | rc=0 >>
total used free shared buffers cached
Mem: 487 440 47 0 108 173
-/+ buffers/cache: 158 329
Swap: 507 66 441

Lets install sendmail on client from Ansible server, to do that create playbook.yml file in
/etc/ansible 100 Jul 5 02:48 playbook.yml

root@server:/etc/ansible# cat playbook.yml

– hosts: devops
tasks:
– name: 1. install sendmail
apt: name=sendmail state=present

Now execute below command to install on remote server.
ansible-playbook –inventory-file=hosts playbook.yml –sudo –verbose
Below is the result,

ansible 1

Before executing above command, sendmail was not installed. ansible 2

Later after execution, sendmail installed on the remote host.

Advantages of Automation,

,Automation-Advantages

Hence we have Installed and Configured ANSIBLE, Enjoy !!!

shell script to replace a string in a file

shell script to replace a string in a file

Some times during automating any task, we may require to replace a string in a file.
Example:- I want to change “Linux” string with “Waseem” in a file called string.txt

cat replacestring.sh
#!/bin/bash
# Shell Script to replace string in a file
/bin/sed -i “s/Linux/Waseem/g” /PATH/TO/FILE/string.txt
exit 0;

Before:-
—————–
cat string.txt
Linux

Run the script:-
——————-
sh replacestring.sh

After:-
——————
cat string.txt
Waseem

Another way we can replace string by passing parameter,so that the script will be used dynamically.
cat replacestring.sh
#!/bin/bash
# Shell Script to replace string in a file
/bin/sed -i “s/$1/$2/g” /PATH/TO/FILE/string.txt
exit 0;

Run the script:-
—————–
sh replacestring.sh Linux Waseem

Shell Script : Auto Enable/Disable Specific Cronjob

Shell Script : Auto Enable/Disable Specific Cronjob

What is Cronjob ?
A cron job is a scheduled task that is executed by the system at a specified time/date.

Sometimes we want to perform some task during specific time(Ex: During production Hours), and once the production time completes, we will be disabling cronjob. this requires manual work.The above manual work, can be automated with this script.

Create two scripts,
1.Auto_enable_cron.sh
2. Auto_disable_cron.sh

Below are both the scripts with cronjob details,

COMMANDS used:

crontab -l | sed ‘/^#.*GIVE-SCRIPT-NAME-HERE.sh/s/^#//’ | crontab –
crontab -l | sed ‘/^[^#].*GIVE-SCRIPT-NAME-HERE.sh/s/^/#/’ | crontab –

cronandscript

cronoutput

In the above image we can see that after running Auto_enable_cron.sh
The script in the cron GIVE-SCRIPT-NAME-HERE.sh is uncommented and after running
Auto-disable_cron.sh the script GIVE-SCRIPT-NAME-HERE.sh is commented again.

Now add scripts to desired time in cronjob.
9 * * * * /home/cronjob/Auto_enable_cron.sh (This will enable GIVE-SCRIPT-NAME-HERE.sh @9)
23 * * * * /home/cronjob/Auto_disable_cron.sh (This will disable GIVE-SCRIPT-NAME-HERE.sh @23)

Enjoy, just now you have automated your task!!!!.

Shell Script : Basic mathematics

#!/bin/bash
# SCRIPT: calc.sh
# PURPOSE: Addition, Subtraction, Division and Multiplication of
# two numbers.
#
#####################################################################
# Variable Declaration #
#####################################################################

clear #Clears Screen

Bold=”\033[1m” #Storing escape sequences in a variable.
Normal=”\033[0m”

echo “$Bold Basic mathematics using bash script $Normal\n”

items=”1. ADDITTION
2. SUBTRACTION
3. MULTIPLICATION
4. DIVISION
5. EXIT”

choice=

#####################################################################
# Functions Starts from here #
#####################################################################
exit_function()
{
clear
exit
}

#Function enter is used to go back to menu and clears screen

enter()
{
unset num1 num2
ans=
echo “”
echo -e “Do you want to continue(y/n):\c”
stty -icanon min 0 time 0
while [ -z “$ans” ]
do
read ans
done

#The while loop ensures that so long as at least one character is

if [ “$ans” = “y” -o “$ans” = “Y” ]
then
stty sane # Restoring terminal settings
clear
else
stty sane
exit_function
fi
}

#####################################################################
# CALC Script MENU #
#####################################################################

while true
do
echo “$Bold \tWelcome to Waseem’s Tutorial $Normal\n”
echo “\t$items \n”
echo -n “Enter your choice : ”
read choice

case $choice in
1) clear
echo “Enter two numbers for Addition : ”
echo -n “Number1: ”
read num1
echo -n “Number2: ”
read num2
echo “$num1 + $num2 = `expr $num1 + $num2`”
;;
2) clear
echo “Enter two numbers for Subtraction : ”
echo -n “Number1: ”
read num1
echo -n “Number2: ”
read num2
echo “$num1 – $num2 = $((num1-num2))”
enter ;;
3) clear
echo “Enter two numbers for Multiplication : ”
echo -n “Number1: ”
read num1
echo -n “Number2: ”
read num2
echo “$num1 * $num2 = `echo “$num1*$num2″|bc`”
enter ;;
4) clear
echo “Enter two numbers for Division : ”
echo -n “Number1: ”
read num1
echo -n “Number2: ”
read num2
let div=num1/num2
echo “$num1 / $num2 = $div”
enter ;;
5) exit_function ;;
*) echo “You entered wrong option, Please enter 1,2,3,4 or 5″
echo “Press enter to continue”
read
clear
esac

done

Output:-

Capture

shell scripting in linux

What is Linux ?
Linux is an open-source operating system modelled on UNIX.

What is Shell Script ?

A shell script is a computer program designed to be run by the Unix shell, a command line interpreter. The various dialects of shell scripts are considered to be scripting languages. Typical operations performed by shell scripts include file manipulation, program execution, and printing text.

Different types of shell in linux ?
Bourne shell (sh)
C shell (csh)
TC shell (tcsh)
Korn shell (ksh)
Bourne Again SHell (bash)

I like Bourne shell(sh), you will find many of my scripts in sh.

Bourne shell (sh):
—————————————————————————————
This is the original Unix shell written by Steve Bourne of Bell Labs. It is available on all UNIX systems.The Bourne shell does provide an easy to use language with which you can write shell scripts.

Purpose of Shell script ?
Many a times we do repetitive work, for example.
1. Taking Database dumps
2. Generating Reports
3. Configuration Backup’s etc..

The above tasks can be automated with the help of scripting.

Writing your first script and getting it work!!

————————————————————————————————

To successfully write a shell script, you have to do three things:

1. Write a script
2. Give the shell permission to execute it
3. Put it somewhere the shell can find it

Writing Script :-
——————————————————————————————
A shell script is a file that contains ASCII text. To create a shell script, we can use a text editor.
A text editor is a program, like a word processor, that reads and writes ASCII text files.
There are many text editors available for your Linux system, both for the command line environment and the GUI environment.
Here is a list of some common ones:
vi
vim
nano
gedit etc.

Writing your first script
————————–
vim myfirstscript.sh
#!/bin/bash
#My First Script to print text
#Author : xyz
#Developed Date : dd/mm/yyyy
echo “Hello, This is my first script”
——————————————–
save and exit.

Give executable permissions,
chmod 755 myfirstscript.sh

we can run the script in two ways,
1. sh myfirstscript.sh
2. ./myfirstscript.sh

After running script, you should see “Hello, This is my first script” . you have just wrote a simple shell script and it worked!!

How To Install MediaWiki on Ubuntu 12.04

About MediaWiki

MediaWiki is a free open source wiki program that allows users to create their own personal wiki sites. Originally built for Wikpedia, MediaWiki is written in PHP and uses a backend database, like MySQL, to store its data.

Setup


The steps in this tutorial require the user to have root privileges.  
Before working with MediaWiki, you need to have LAMP installed on your server. If you don’t have the Linux, Apache, MySQL, PHP stack on your server, you can find the tutorial for setting it up http://mohammedwaseem.in/install-lamp-ubuntu/  .

Once you have the user and required software on the virtual private server, you can start installing MediaWiki!

Install Media Wiki

Because the apt-get package of MediaWiki is very out of date, MediaWiki should be installed from source. We can start off by downloading the latest version:

curl -O http://releases.wikimedia.org/mediawiki//1.19/mediawiki-1.19.9.tar.gz
After downloading tar, untar it.
tar -xvzf mediawiki-1.19.9.tar.gz

Move the contents of the MediaWiki directory to a a more convenient location:
sudo mv mediawiki-1.19.9 /etc/mediawiki
Create a symbolic link between the MediaWiki directory and Apache’s document root:
sudo ln -s /etc/mediawiki/ /var/www
And finish up by restarting apache.
sudo service apache2 restart

Create a MySQL User and Database


Although this step is not required for a successful installation of MediaWiki, it is definitely a recommended measure for added security. 

During the installation process, you will be asked to supply either a database and associated user for a MediaWiki database or your MySQL root password. MediaWiki uses this information to create the required wiki database and tables.

Setting up a dedicated database can be done very quickly and removes the need for sharing the MySQL root information and the associated security risks. We can go ahead and set up the database now:

Log into MySQL on your server:

mysql -u root -p


Once you are logged in, create your MediaWiki database. The default name that MediaWiki has in their configuration form is my_wiki, but you can name it whatever you prefer:

create database my_wiki;


Additionally, you will need to provide a user for the new database with the permissions that MediaWiki requires (replace the username and password below with details of your choice):

grant index, create, select, insert, update, delete, alter, lock tables on my_wiki.* to 'wikiuser'@'localhost' identified by 'password';


Finish up by implementing the changes and quitting MySQL:

FLUSH PRIVILEGES;
exit;


The next part of the installation needs to be completed through the onscreen instructions located at [domain]/mediawiki/index.php

Set Up MediaWiki


Go through and fill out the Media Wiki Site configuration in the browser. 

When you reach the “MySQL settings” section of the setup page, leave the Database Host as localhost and then enter in the MySQL database name and username and password, if you configured them in the previous step.

If you did not set up a new user for MediaWiki, write in root for the username and the root password in the password field.

You can leave the “MySQL specific options” section as is.

Once you have finished walking through the the configuration, keep pressing continue until you reach the page that says, “Complete!” 

Complete!

The LocalSettings.php file should start downloading automatically. Make sure that you have downloaded the file before closing out of the page. LocalSettings.php is auto-generated—if you do not have the Local Settings file, you will have to generate it once again by going through all of the MediaWiki setup steps.

Once the file downloads, you should upload it to /etc/mediawiki, or whichever directory contains MediaWiki’s “index.php” file on your virtual server. 

You can copy the LocalSettings.php file from your computer to the server, with SCP (Secure Copy), an SSH-based way of transferring files:

cp /path/to/LocalSettings.php /etc/mediawiki


After the file is uploaded, you will be able to access your personal wiki at[domain]/mediawiki.


	

Perform SCP Without Entering Password

In this article, I’ll explain how to perform scp without entering the password using the SSH Public Key authentication. There will be requirements like you would like to transfer files from one server to another with scripts and run it as cronjob. There are two levels of security in the SSH key based authentication. In order for you to login, you need both the private key and the passphrase. Even if one of them is compromised, attacker still cannot login to your account, as both of them are needed to login. This is far better than typical password based authentication, where if the password is compromised, attacker can gain access to the system.

There are two ways to perform ssh and scp without entering the password:

  1. No passphrase. While creating key pair, leave the passphrase empty. Use this option for the automated batch processing. for e.g. if you are running a cron job to copy files between machines this is suitable option.
  2. Use passphrase and SSH Agent. If you are using ssh and scp interactively from the command-line and you don’t want to use the password everytime you perform ssh or scp, I don’t recommend the previous option (no passphrase), as you’ve eliminated one level of security in the ssh key based authentication. Instead, use the passphrase while creating the key pair and use SSH Agent to perform ssh and scp without having to enter the password everytime as explained in the steps below.

Step:1. Verify that local-host and remote-host is running openSSH

[local-host]$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

[remote-host]$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006

Step:2. Generate key-pair on the local-host using ssh-keygen

[local-host]$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/waseem/.ssh/id_rsa):<Hit enter>
Enter passphrase (empty for no passphrase): <Enter your passphrase here>
Enter same passphrase again:<Enter your passphrase again>
Your identification has been saved in /home/waseem/.ssh/id_rsa.
Your public key has been saved in /home/waseem/.ssh/id_rsa.pub.
The key fingerprint is:

The public key and private key are typically stored in .ssh folder under your home directory. In this example, it is under /home/waseem/.sshd. You should not share the private key with anybody.

Step:3. Install public key on the remote-host.

Copy the content of the public key from the local-host and paste it to the /home/waseem/.ssh/authorized_keys on the remote-host. If the /home/waseem/.ssh/authorized_keys already has some other public key, you can append this to the end of it. If the .ssh directory under your home directory on remote-host doesn’t exist, please create it.
[remote-host]$ vi ~/.ssh/authorized_keys 

In simple words, copy the local-host:/home/waseem/.ssh/id_rsa.pub to remote-host:/home/jsmith/.ssh/authorized_keys

Step:4. Give appropriate permission to the .ssh directory on the remote-host.

[remote-host]$ chmod 755 ~/.ssh
[remote-host]$ chmod 644 ~/.ssh/authorized_keys

Step:5. Login from the local-host to remote-host using the SSH key

[local-host]$ <You are on local-host here>

[local-host]$ ssh -l waseem remote-host
Last login: Sat Jun 07 2008 23:03:04 -0700 [remote-host]$ <You are on remote-host here>

Step:6 Verify SCP working without password from local server

scp testscpwithoutpassword.csv  waseem@192.168.1.1:/home/waseem

How To Create a SSL Certificate on Apache for Ubuntu 12.04

About SSL Certificates

A SSL certificate is a way to encrypt a site’s information and create a more secure connection. Additionally, the certificate can show the virtual private server’s identification information to site visitors. Certificate Authorities can issue SSL certificates that verify the server’s details while a self-signed certificate has no 3rd party corroboration.

Set Up

The steps in this tutorial require the user to have root privileges on the VPS. You can see how to set that up here in steps 3 and 4.

Additionally, you need to have apache already installed and running on your virtual server.
If this is not the case, you can download it with this command:

sudo apt-get install apache2


Step One—Activate the SSL Module


The next step is to enable SSL on the droplet.
sudo a2enmod ssl
Follow up by restarting Apache.
sudo service apache2 restart
Step Two—Create a New Directory
We need to create a new directory where we will store the server key and certificate
sudo mkdir /etc/apache2/ssl

Step Three—Create a Self Signed SSL Certificate


When we request a new certificate, we can specify how long the certificate should remain valid by changing the 365 to the number of days we prefer. As it stands this certificate will expire after one year.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt
With this command, we will be both creating the self-signed SSL certificate and the server key that protects it, and placing both of them into the new directory.

This command will prompt terminal to display a lists of fields that need to be filled in.

The most important line is "Common Name". Enter your official domain name here or, if you don't have one yet, your site's IP address.
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New York
Locality Name (eg, city) []:NYC
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Awesome Inc
Organizational Unit Name (eg, section) []:Dept of Merriment
Common Name (e.g. server FQDN or YOUR name) []:example.com                  
Email Address []:webmaster@awesomeinc.com

Step Four—Set Up the Certificate


Now we have all of the required components of the finished certificate.The next thing to do is to set up the virtual hosts to display the new certificate. 

Open up the SSL config file:
 nano /etc/apache2/sites-available/default-ssl
Within the section that begins with <VirtualHost _default_:443>, quickly make the following changes.

Add a line with your server name right below the Server Admin email:
 ServerName example.com:443
Replace example.com with your DNS approved domain name or server IP address (it should be the same as the common name on the certificate).

Find the following three lines, and make sure that they match the extensions below:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
Save and Exit out of the file.

Step Five—Activate the New Virtual Host


Before the website that will come on the 443 port can be activated, we need to enable that Virtual Host:
sudo a2ensite default-ssl
You are all set. Restarting your Apache server will reload it with all of your changes in place.
sudo service apache2 reload
In your browser, type https://youraddress, and you will be able to see the new certificate.

Robots.txt

Web site owners use the /robots.txt file to give instructions about their site to web robots; this is called The Robots Exclusion Protocol.

It works likes this: a robot wants to vists a Web site URL, say http://www.example.com/welcome.html. Before it does so, it firsts checks for http://www.example.com/robots.txt, and finds:

User-agent: *
Disallow: /

The “User-agent: *” means this section applies to all robots. The “Disallow: /” tells the robot that it should not visit any pages on the site.

There are two important considerations when using /robots.txt:

  • robots can ignore your /robots.txt. Especially malware robots that scan the web for security vulnerabilities, and email address harvesters used by spammers will pay no attention.
  • the /robots.txt file is a publicly available file. Anyone can see what sections of your server you don’t want robots to use.

So don’t try to use /robots.txt to hide information.

How to create a /robots.txt file

Where to put it

The short answer: in the top-level directory of your web server.

The longer answer:

When a robot looks for the “/robots.txt” file for URL, it strips the path component from the URL (everything from the first single slash), and puts “/robots.txt” in its place.

For example, for “http://www.example.com/shop/index.html, it will remove the “/shop/index.html“, and replace it with “/robots.txt“, and will end up with “http://www.example.com/robots.txt”.

So, as a web site owner you need to put it in the right place on your web server for that resulting URL to work. Usually that is the same place where you put your web site’s main “index.html” welcome page. Where exactly that is, and how to put the file there, depends on your web server software.

Remember to use all lower case for the filename: “robots.txt“, not “Robots.TXT.

What to put in it

The “/robots.txt” file is a text file, with one or more records. Usually contains a single record looking like this:

To exclude all robots from the entire server
User-agent: *
Disallow: /
To allow all robots complete access
User-agent: *
Disallow:

(or just create an empty “/robots.txt” file, or don’t use one at all)

To exclude all robots from part of the server
User-agent: *
Disallow: /cgi-bin/
Disallow: /tmp/
Disallow: /junk/
To exclude a single robot
User-agent: BadBot
Disallow: /
To allow a single robot
User-agent: Google
Disallow:

User-agent: *
Disallow: /
To exclude all files except one

This is currently a bit awkward, as there is no “Allow” field. The easy way is to put all files to be disallowed into a separate directory, say “stuff”, and leave the one file in the level above this directory:

User-agent: *
Disallow: /~joy/stuff/

Alternatively you can explicitly disallow all disallowed pages:

User-agent: *
Disallow: /~joy/junk.html
Disallow: /~joy/foo.html
Disallow: /~joy/bar.html.