DigitalOcean – Host Name Control Panel
October 29, 2017
#DigitalOcean #DNS #Networking
Remember what that used to be like in the late 90s. IIRC, and my memory is hazy, we used to have to submit a request in writing! Not sure I could remember how to configure a dial-up modem any longer either.
October 17, 2017
#https #letsencrypt #ssl #tls
Let’s Encrypt we can create, install and manage our own certificates and enable HTTPS (SSL/TLS) for websites, for free. These are not self-signed certificates – Let’s Encrypt is a properly recognised certificate authority (CA)
sponsored by some of the internet's leading brands.
It’s a particularly good solution for anyone running their own server or VPS – using the Certbot client the process of obtaining and installing a certificate is largely automated for both Apache and NGINX. Excellent tutorials here at DigitalOcean. There is a little more involved when running multiple domains on a single VPS but it is easy to do.
Installing a third-party certificate with managed hosting is also possible in some cases via cPanel. GoDaddy has this tutorial. Let’s Encrypt certificates can also be created using a wide variety of third party alternatives to Certbot which implement the ACME protocol. Personally I am most comfortable using the Certbot client.
DigitalOcean: Cloud computing designed for developers
August 17, 2017
#DigitalOcean #VPS Hosting
DigitalOcean is a VPS provider – it offers a high performance alternative to fully managed hosting for developers who are comfortable setting up and self managing their own Linux installations. It’s functionally similar in many ways to working with a dedicated physical server but unlike fully
bare-metal solutions, DigitalOcean offers
virtualized instances. DigitalOcean has data-centers in San Francisco, New York, London, Amsterdam, Frankfurt, Bangalore & Singapore.
DigitalOcean has a wealth of excellent documentation and I have been using it a lot over the past two years. I more comfortable working like this than with managed hosting – simplification often makes things more convoluted. Anecdotally, much faster too – and it is certainly typically easier to upgrade the server specification,
add load balancing, migrate to a different country etc. I am okay using managed hosting interfaces such as cPanel – but I would much prefer to use the command line and a simple text editor. That’s my working environment of first choice. It’s great being able to quickly spin-up a ‘droplet’ based server – or to be able to trivially create a sub-domain, for example in order to create a staging version or to demonstrate possible changes. And if something isn’t working or is acting strange then I can be straight into the logs to try to figure out why.
Accessing remote databases using phpMyAdmin running locally
August 17, 2017
#Linux #MySQL #PHP #phpMyAdmin #Raspberry Pi #WordPress
I believe it makes a lot of sense to only ever use a local copy of the phpMyAdmin client typically used to manage MySQL databases – ie to access live servers remotely via the local client. Installing phpMyAdmin on an actual server creates an additional unnecessary potential vulnerability – another login point.
I have the phpMyAdmin client installed on the Raspberry Pi which is use as a local network web server for development. I can then access the client interface from any machine on the local network and use phpMyAdmin to manage the remote databases.
There are plenty of guides explaining this online. In brief – two steps involved in setting this up to access remote databases:
Create new entries for each of the remote databases in the config.inc.php file.
Use SSH tunnelling to create a secure connection from the local machine to the remote host. Eg:
sudo ssh -fNL 3307:localhost:3306 sudo_user@REMOTE_HOST_IP_ADDRESS
NB: I found that the repository version of phpMyAdmin for my Linux distribution was always somewhat out of date. I decided, instead, to manually install phpMyAdmin under the local web server’s default root directory and to access it directly from there. I probably wouldn’t have wanted to do that if I were not running it from behind a NAT router.