Welcome to Centmin Mod Community
Register Now

From oblivion to zen - moving from old server to new one

Discussion in 'Install & Upgrades or Pre-Install Questions' started by Sunka, Nov 1, 2015.

  1. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    Edited by Sunka!

    This will be my roadmap of transfering my XenForo forum Pijani Tvor from "VPS" with no root access to new VPS server with root access (y)

    Old server specification
    • apache - 2.2.31
    • PHP - 5.5.30
    • MySQL - 5.6.27
    • Architecture - x86_64
    • Operating System - linux
    • Perl Version - 5.10.1
    • Kernel Version - 2.6.32- 604.30.3.lve1.3.63.el…
    • Disk space - 43,95 GB
    • Files on server - 13 GB
    • Ram - 5 GB (I am not sure)

    New VPS server (Droplet on Digital Ocean)
    • Disk Space - 60 Gb
    • Ram - 4 GB
    • Centmin Mod 1.2.3-eva2000.08
      • Nginx 1.9.6 (https / SPDY SSL / HTTP/2 SSL + ngx_pagespeed + Lua/LuaJIT support)
      • PHP-FPM 5.4.45 + Zend OpCache installed & support for PHP 5.3, 5.4, 5.5, 5.6, PHP 7.0
      • MariaDB 10.0.x MySQL performance fork (MariaDB 10.1.x soon)
      • PHP opcode cache: Zend OpCache 7.0.5+, APC Cache 3.13, Xcache 3.2.0
      • Memcached Server 1.4.24 + Memcache 3.0.8 PHP Extension
      • Libmemcached 1.0.18 + Memcached 2.2.0 PHP Extension
      • Multi-threaded compression: pigz, pbzip2, lbzip2, plzip, p7zip (optional)
      • CSF Firewall
      • Pure-FTPD Virtual FTP User support

    My XenForo forum specification

    • XenForo - 1.5.1
    • Database - 831 MB (about 126 MB zipped)
    • Number of attachments - 3,601
    • Attachments disk usage - 9,737 MB
    • Addons - 66
    • Posts - 243,337
    • Users - 3,613 (online registered users in peak time is about 50 + guests)

    First of all, I do not know nothing about managing server, nor about Linux. So it will be interesting time to learn all of that in short time, with my little 8 months daughter with her own wishes that dad should play with her and not try to understand how to make a new dir in linux terminal ;)

    My forum is alive on old server, from which I have to move till january. My plan is to setup vps server I have bought on Digital Ocean, and after optimization is done, I just upload xenforo files from old server and upload database.

    I do not have ssh (yet!) enabled on old server, I have it enabled, but after hackers ruined all servers from my old host through security hole in cPanel, Server admin do not want to communicate with us, buyers, and we beg him to delete cPanel hackers redirect script so we can use cpanel again. But still, he is not enabled ssh again for all of us (customers) couse he has not time to do that.

    That is the biggest problem, couse without files on new server, I can not setup many things there (dns,tweaking ...), so I am locked to do only server optimizations for which is not "a must" to have files or database of my forum.
     
    Last edited: Nov 2, 2015
    • Like Like x 1
    • Informative Informative x 1
  2. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    Yep, but I am afraid that I can not do that yet.
    My forum is alive on old server, from which I have to move till january. My plan is to setup vps server I have bought on Digital Ocean, and after optimization is done, I just upload xenforo files from old server and upload database.

    I do not have ssh enabled on old server, I have it enabled, but after hackers ruined all servers from my old host through security hole in cPanel, Server admin do not want to communicate with us, buyers, and we beg him to delete cPanel hackers redirect script so we can use cpanel again. But still, he is not enabled ssh again for all of us (customers) couse he has not time to do that :wideyed:

    So, my big problem regarding files for my xenforo forum is 10 gb of attachments. I can do backup in cpanel and then download that to my PC, but upload that from my PC to vps droplet would last minimum 5 days (50kb/sec)

    So I do not know what to do now. I can not set dns to new server right now, nor setup domain to new server.
    beside that I can install and optimize nginx and all of that stuff in centimon mod.

    Easy to install it, but I do not know how to find is some addon installed or not, or which version of installed addon is on server.

    All I was enable to did was upgrading php to 5.6.15, and learned that ls command will list all files in folder, also, I have managed to setup server time to +1 hour :)
     
  3. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    ouch unfortunately without access to SSH on old server it's alot harder to get your data migrated over :(

    moreover, if your old server has been hacked - probably not a good idea to just move files over as they could be infected or altered, so you'd want to clean the infection or restore a good known clean copy of backed up files too.

    you need transfer from cpanel to do via ssh for best speed

    might something you need to hire someone to do - like @Matt from MattWServices but that is only if you can get ssh access on old server

    Although you can probably do a whm/cpanel to whm/cpanel account level transfer too first but then with 10+ GB data can be tricky if servers are not optimally configured on old and new servers. And still leaves cleaning infections too.
     
    Last edited: Nov 1, 2015
    • Like Like x 1
  4. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    They change only .htaccess on my files to redirect to their website

    I do not have money for extra services, unfortunately.
     
  5. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    I edited thread name and first post with new information.
    I will try to post in this thread my fight with complete server transfer and optimization. Whish me a luck.

    P.S. Sorry for my gramatical errors in english language :shame:
     
    • Informative Informative x 1
  6. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    What I have done in last 24 hours:
    • updated php to 5.6.15
    • added swap 2 gb
    • added vm.vfs_cache_pressure to 50
    • added vm.swappiness = 10
    • setup correct time zone for server
    • edited MariaDB to be utf8 by default
    • edited my.cnf for MariaDB 10.x for server with 4 GB ram
    • Installed PHP extension ssh2

    Also, I have learned in shell (terminal) how to:
    • rename/copy/delete/create folder/file
    • list files/folders in nice view (ls -la)
    • shutdown server (shutdown -h )
    • reboot server (reboot)
    • using pwd command
    • using cat command for files
    • using cd, cd /, cd -, cd ..
    • using free -m,
    • using df -h
    • using php --ini
    • using nano (still do not understand how to select/replace text)
     
    • Like Like x 1
    • Winner Winner x 1
  7. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    @eva2000, I am reading getting started guide, and I am not for sure that should I do steps 1 and 2.
    Remember that I can not yet upload files and database from old server to new one, nor, because of that, I can update DNSsettings.

    Also, I will have only one domain on my server, so is it necessary to add Nginex Vhost domain (step 2 from your mod)?
     
  8. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    yes you can do step 1 and 2 still.. just don't update your domain DNS just create the vhost to be ready
     
    • Agree Agree x 1
  9. Matt

    Matt Moderator Staff Member

    691
    319
    63
    May 25, 2014
    Sheffield, UK
    Ratings:
    +444
    Local Time:
    11:43 AM
    1.7.1
    MariaDB 10
    If you don't have SSH access to the old server, but have FTP, you can mount the FTP directory as a drive in Linux, and then use rsync etc to mirror the old public_html directory over.

    Mount remote ftp directory host locally into linux filesystem

    I've used this for 60GB of attachments with VB3 and no SSH access to the old hosting server.
     
    • Informative Informative x 3
    • Useful Useful x 1
  10. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    I installed curlftpfs, then I created directory in mnt (mkdir mnt/tvorstari), and then in terminal I paste:
    Code:
    curlftpfs ftp-MYUSERNAME:ftp-MYPASSWORD@pijanitvor.com /mnt/tvorstari/
    Error was:
    Code:
    Error connecting to ftp:
    Then I tried:
    Code:
    curlftpfs -v -o allow_other -o user="USERNAME:PASSWORD" pijanitvor.com /mnt/tvorstari
    And error is:
    Code:
    * Couldn't find host pijanitvor.com in the .netrc file; using defaults
    * About to connect() to pijanitvor.com port 21 (#0)
    *   Trying ::1...
    * Connected to pijanitvor.com (::1) port 21 (#0)
    < 220---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
    < 220-You are user number 1 of 25 allowed.
    < 220-Local time is now 13:51. Server port: 21.
    < 220 You will be disconnected after 15 minutes of inactivity.
    > USER pijanitv
    < 421 Sorry, cleartext sessions are not accepted on this server.
    * We got a 421 - timeout!
    * Closing connection 0
    Error connecting to ftp: 
     
  11. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    looks like your cpanel server uses passive ftp and does not accept cleartext transmission. Centmin Mod's pure-ftpd setup is the same it's setup to secure SSL ftp passive connections only so you might need to pass more parameters

    no_verify_peer if trying to connect Centmin Mod based pure-ftpd server as it's setup with self-signed SSL certificate
    Code:
    curlftpfs -o allow_other,disable_eprt,disable_epsv,ssl,no_verify_peer USERNAME:PASSWORD@pijanitvor.com /mnt/tvorstari
    however be aware, on Centmin Mod side, OpenVZ based virtualised servers may not support fuse mounts, so you want to do this from KVM or Xen based Centmin Mod VPS server
     
    • Like Like x 1
    • Informative Informative x 1
  12. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    Thanks @eva2000, but VPS server on Digital Ocean are KVM, so I think that it will not succeed, but I will give a try.
    I found that I can establish pure ftp remote server to remote server, so last 3 hours I am transfering files. If your example would not working, I will continue ftp to ftp. It will be finished in 5 nights, each night 8 hours of uploading files. In morning (it is 01:29h here) when first part of uploading will finished, I will try run your terminal command.

    I have some questions, if someone could answer me, I will be glad.


    @eva2000, in step 1 in your Getting started guide I am little lost. I allready give a name of my host same as my web page address is. My web page is www.pijanitvor.com and my host name on Digital Ocean is pijanitvor.com, so if I understand correctly your step one, I have to do nothing, couse hosting name is same as domain name, and fot this part "You need to change one line within this default hostname's Nginx vhost configuration file for the server_name defined as localhost" because I install last version of centmin mod, it changed by default localhost to pijanitvor.com in virtual.conf. Am I missed something to do in step one, or it is accomplished?


    @eva2000, I did step 2 in your Getting started guide. I named vhost domain pijanitvor.com. I started upload files to folder public => /home/nginx/domains/pijanitvor.com/public
    Is that right path?
    Also, ftp username and password created during creation of vhost are for which case? When I connect via some ftp program, or when connect and point to the remote directory above?
    I have root password and with it I allready connected via ftp program and started uploading files to above directory, so I do not understand when I use vhost generated username and password.


    @eva2000, also in step 2 in your Getting started guide, when I finished uploading of all files from my old server, I should type chown -R nginx:nginx /home/nginx/domains/pijanitvor.com/public I understand this, but what is strange for me is this part Whenever you completed uploading new files, you'd need to give them correct user and group permissions within SSH window so whenever I update XenForo or some xenforo addon, when upload files to server, I will have to start that command in terminal?


    Regarding DNS stuff, I did this steps:
    In networking section on Digital Ocean I added domain (@ and IP adress of server), and added two CNAME records (www part and * part).
    What I did not is Changing my Domain Server part. That I will do when my forum files and database will be complete on this new server. I will change DNS on my domain register website (name.com).
    Is that all like it should be, or I am missing something?


    I am trying to find is PIGZ addon installed on server by your centmin addon by default and enabled. Is it? If not, how to installing it and enabling?


    Is it safe to update centos by command yum update or that will be ruined some part of installed centmin addon?


    In Nginx vhost conf path pijanitvor.com.conf should I uncomment rows 4-8 if I want to redirect from non www to www, or is enough what I setup in CNAME records on Digital Ocean Networking page?
    Code:
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    #server {
    #  listen  80;
    #  server_name pijanitvor.com;
    #  return 301 $scheme://www.pijanitvor.com$request_uri;
    #  }
    
    server {
      server_name pijanitvor.com www.pijanitvor.com;

    @eva2000 regarding option number 17 in your addon Centmin (Multi-thread compression: pigz,pbzip2,lbzip2) which I installed, how to choose which one compression to be enabled on server?


    @eva2000 regarding option number 19 in your addon Centmin (Install FFMPEG and FFMPEG PHP Extension) - this is not working, some error with repo. How to install that, couse is needed for xenforo gallery addon


    Are all needed PHP extensions to run xenforo installed by default with centmin addon (MySQLi, GD (with JPEG support), PCRE, SPL, SimpleXML, DOM, JSON, iconv, ctype)? Also, is php safe_mode off by default?


    About friendly urls, I managed them on old server (apache), but for nginx xenforo manual say:
    To enable friendly URLs in Nginx, you must put the following in your server configuration:
    Code:
    location /xf/ {
        try_files $uri $uri/ /xf/index.php?$uri&$args;
        index index.php index.html;
    }
    
    location /xf/internal_data/ {
        internal;
    }
    location /xf/library/ {
           internal;
    }
    
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass    127.0.0.1:9000;
        fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include         fastcgi_params;
    }
    The /xf/ paths must be changed to match your XenForo installation path.
    What file is that, and where it is?
    Also, xenfro installation path will be in my case www.pijanitvor.com or something else?


    Thank you very much! (y)
     
  13. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    your misread - fuse mount not work on OpenVZ, works fine on KVM or Xen so DO should be fine

    step 1 you want hostname to be different from main domain name, so do something like host.pijanitvor.com for step 1

    that is correct web root is /home/nginx/domains/pijanitvor.com/public

    the ftp user/pass is for using ftp/sftp program to connect to pijanitvor.com - you can also connect via sftp with root user if you want

    sounds right

    should be typing
    Code:
    pigz -h
    
    should output help info confirming pigz is installed

    totally safe

    up to you as some folks have a preference to redirect to www version.. i usually don't care myself

    they all get installed, not choice for specific ones

    see Xenforo - Xenforo Media Gallery & FFMPEG Binary | Centmin Mod Community

    everything is available out of box, Centmin Mod php extensions installed meet all vBulletin, Xenforo and IP.Board's php extension requirements :D

    See config list at Nginx Configuration Examples - CentminMod.com LEMP Nginx web stack for CentOS specifically for Xenforo Nginx Rewrites for Xenforo Friendly Urls - CentminMod.com LEMP Nginx web stack for CentOS would of been mentioned in your introduction post welcome reply by me :)
     
    • Like Like x 1
  14. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    I did, but it get error, so for now only solution is ftp to ftp. I allready upload 2GB of files through last night
    Code:
    Error connecting to ftp: Cannot communicate securely with peer: no common encryption algorithm(s).
    So, right steps will be:
    Code:
    hostnamectl set-hostname hostname.pijanitvor.com
    then edit /etc/hosts
    after editing hosts file still have old host name too, could I keep it there, or should I delete that row (first row)
    Code:
    127.0.0.1 pijanitvor.com pijanitvor.com
    127.0.0.1 localhost.localdomain localhost
    127.0.0.1 localhost4.localdomain4 localhost4
    46.101.130.248 hostname.pijanitvor.com hostname
    And last step after restarting network service is editing server's default hostname's Nginx vhost configuration file, and change old server_name pijanitvor.com to new one hostname.pijanitvor.com. Should it be like this?
    Code:
    server {
    #         listen   80;
                listen   80 default_server backlog=2048 reuseport;
                server_name hostname.pijanitvor.com;
                root   html;
    

    yep, it is installed :)

    I just want to redirect non www to www, so is it enough for that CNAME records settings on Digital Ocean Networking page, or should I uncomment rows 4-8 too?

    I read it then, but then was like you give me a book to read and I do not know letters yet, now I learned few letters and tonight I will try to start that tutrial to reality ;)

    Edit:
    I am not shure where exactly put code in pijanitvor.com.conf
    Should that be OK:
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    server {
                listen   80;
                server_name pijanitvor.com;
                return 301 $scheme://www.pijanitvor.com$request_uri;
           }
    
    server {
      server_name pijanitvor.com www.pijanitvor.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/pijanitvor.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/pijanitvor.com/log/error.log;
    
      root /home/nginx/domains/pijanitvor.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
       deny all;
      }
    
    location / {
    index index.php index.html index.htm;
    try_files $uri $uri/ /index.php?$uri&$args;
    
    }
    
    location /internal_data/ {
    internal;
    allow 127.0.0.1;
    allow YOURIPADDRESS;
    deny all;
    }
    
    location /library/ {
    internal;
    allow 127.0.0.1;
    allow YOURIPADDRESS;
    deny all;
    }
    
      location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
      }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }


    Edit 2
    I found it, is that Ok now?
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    server {
                listen   80;
                server_name pijanitvor.com;
                return 301 $scheme://www.pijanitvor.com$request_uri;
           }
    
    server {
      server_name pijanitvor.com www.pijanitvor.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/pijanitvor.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/pijanitvor.com/log/error.log;
    
      root /home/nginx/domains/pijanitvor.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
       deny all;
      }
    
      location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
      }
    
      location / {
                index index.php index.html index.htm;
                try_files $uri $uri/ /index.php?$uri&$args;
          
            }
      location /internal_data/ {
            internal;
            allow 127.0.0.1;
            allow MYIPADDRESS;
            deny all;
            }
    
      location /library/ {
            internal;
            allow 127.0.0.1;
            allow MYIPADDRESS;
            deny all;
            }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }

    Edit 3
    Found a error in edit 2. Not able to restart nginx because:
    nginx: [emerg] duplicate location "/" in /usr/local/nginx/conf/conf.d/pijanitvor.com.conf:52
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
    I used this command to see this error: nginx -t -c /usr/local/nginx/conf/nginx.conf

    So, I commented 2 lines
    Code:
     #}
    
      #location / {
    This is final now. nginx restarted normaly. Is this OK?
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    server {
                listen   80;
                server_name pijanitvor.com;
                return 301 $scheme://www.pijanitvor.com$request_uri;
           }
    
    server {
      server_name pijanitvor.com www.pijanitvor.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/pijanitvor.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/pijanitvor.com/log/error.log;
    
      root /home/nginx/domains/pijanitvor.com/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
       deny all;
      }
    
      location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
    #}
    
      #location / {
                index index.php index.html index.htm;
                try_files $uri $uri/ /index.php?$uri&$args;
           
            }
      location /internal_data/ {
            internal;
            allow 127.0.0.1;
            allow 46.101.130.248;
            deny all;
            }
    
      location /library/ {
            internal;
            allow 127.0.0.1;
            allow 46.101.130.248;
            deny all;
            }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }



    And please, could you tell me something about this question:
     
    Last edited: Nov 4, 2015
  15. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    ok weird looks like ssl algorithms mismatch
    yes
    yes remove the old hostname 1st row
    yes

    yes uncomment lines 4-8
    you had double location / {} contexts instead of 1 for xenforo settings
    yes pretty close if you remove the commented out doubled location / {} context, you can use vhost generator at centminmod.com/vhost.php enter domain name and then in drop down box select xenforo, so give one a complete version which is basically same as one outlined at end of guide at Nginx Rewrites for Xenforo Friendly Urls - CentminMod.com LEMP Nginx web stack for CentOS
    yes everytime up upload you may want to chown -R nginx:nginx /home/nginx/domains/pijanitvor.com/public

     
    • Like Like x 1
  16. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    hmm...
    vhost generato put some extra text for enabling security for install folder and admin.php.
    If I do not want that, I dont need to execute -
    /usr/local/nginx/conf/htpasswd.sh create /usr/local/nginx/conf/htpasswd_admin_php USERNAME PASSWORD, and because of this I can remove parts of that in pijanitvor.com.conf.

    This will be final version. @eva2000 - what do you think, should I download pijanitvor.com.conf, remove all text, put this new text inside, and upload it back to server?
    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    server {
                listen   80;
                server_name pijanitvor.com;
                return 301 $scheme://www.pijanitvor.com$request_uri;
           }
    
    server {
      server_name pijanitvor.com www.pijanitvor.com;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/pijanitvor.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/pijanitvor.com/log/error.log;
    
      root /home/nginx/domains/pijanitvor.com/public;
    
    location / {
         index index.php index.html index.htm;
         try_files $uri $uri/ /index.php?$uri&$args;
    }
    
    location /internal_data/ {
         internal;
         allow 127.0.0.1;
         allow MYIPADDRESS;
         deny all;
    }
    
    location /library/ {
         internal;
         allow 127.0.0.1;
         allow MYIPADDRESS;
         deny all;
    } 
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    Should not there be some automatic process? For example, when user upload attachment in post, file is going to /internal_data/attachments and nobody execute above command for nginx?
    I am confused that for every update of Xenforo, or any addon for xenforo I have to connect to terminal and execute this command. I can not just upload files via ftp, and in Xenforo ACP just click install for that addon?
     
  17. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    yes that's correct
    attachments and uploads are fine as they are uploaded from executing php which runs as user = nginx already so they are created on server with nginx user ownership

    if you install xenforo addon install and upgrade then you can just upload addon zips via admin.php and they too will be owned by php owner = nginx

    direct ftp uploads via pure-ftpd login details would also be owned by nginx just not if uploaded via root user and sftp so chown is needed.
     
    • Like Like x 1
  18. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    wait, wait...
    What is pure-ftpd login? Classic ftp transfer?
    If I connect to server with some ftp client (flashFXp or FTP Voyager...) and choose connection type FTP (not SFTP over SSH) I do not need to chown uploaded files later?
    If that is true, still I have to connect with username root and my password?
     
  19. eva2000

    eva2000 Administrator Staff Member

    30,161
    6,785
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,136
    Local Time:
    8:43 PM
    Nginx 1.13.x
    MariaDB 5.5
    when you create a nginx vhost in 123.08 stable and higher pure-ftpd virtual ftp user is created and login info provided at end of nginx vhost creation Pure-FTPD Virtual FTP Users - CentminMod.com LEMP Nginx web stack for CentOS that is pure-ftpd virtual ftp which has files uploaded as nginx user

    however, centmin mod has always allowed full linux root user login via sftp prior to 123.08stable and after - this is the one that really needs chown -r nginx:nginx otherwise files would be owned by root user
     
    • Informative Informative x 1
  20. Sunka

    Sunka Active Member

    917
    240
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +388
    Local Time:
    12:43 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    Yes, I have username and password created when I created vhost.
    My question is could I use that username and password and login with that in some ftp client from my home computer and upload files to server and not after uploading do extra step (chown)