Let’s Encrypt – Adding new domain with Certbot (Ubuntu 16.04, nginx)

sudo certbot --nginx -d <domain>

You may encounter the following error after running the above command:

Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

If that is the case, please use the following command instead:

sudo certbot --authenticator standalone --installer nginx -d <domain> --pre-hook "service nginx stop" --post-hook "service nginx start"

Laravel – Installation steps after cloning

    • Clone the project from Git repository
    • Go to the folder application using cd
    • Run composer install
    • Copy .env.example file to .env on root folder.  cp .env.example .env
    • Open .env file and change the database name (DB_DATABASE) , username (DB_USERNAME) and password (DB_PASSWORD)
    • Run php artisan key:generate
    • Run php artisan migrate
    • Run sudo chgrp -R www-data storage bootstrap/cache
    • Run sudo chmod -R ug+rwx storage bootstrap/cache


Installing PHP7.1 on Ubuntu 16.04

Step 1

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update

Note: There might be some errors as follows after running sudo apt-get update:

Reading package lists... Done
W: GPG error: http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 4F4EA0AAE5267A6C
W: The repository 'http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.

This can be fixed by running the following command:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 4F4EA0AAE5267A6C

Then run sudo apt-get update again. The error messages should disappear.

Step 2

sudo apt-get install php7.1
sudo apt-get install php7.1 php7.1-cli php7.1-common php7.1-json php7.1-opcache php7.1-mysql php7.1-mbstring php7.1-mcrypt php7.1-zip php7.1-fpm
php -v

If there are multiple versions of PHP installed, use the following command to switch between versions:

update-alternatives --config php

Ubuntu 16.06 Server Firewall (iptables), open port 80 and 443

apt-get install -y iptables-persistent

# Add netfilter-persistent Startup

invoke-rc.d netfilter-persistent save

# Stop netfilter-persistent Service

service netfilter-persistent stop

add the following lines in /etc/iptables/rules.v4

-A INPUT -p tcp -m state –state NEW,ESTABLISHED –dport 80 -j ACCEPT
-A INPUT -p tcp -m state –state NEW,ESTABLISHED –dport 443 -j ACCEPT

example of rules.v4 content:
# Generated by iptables-save v1.6.0 on Sun Aug 13 11:50:58 2017
:OUTPUT ACCEPT [226:36784]
:f2b-sshd - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A f2b-sshd -j RETURN
# Completed on Sun Aug 13 11:50:58 2017
# Start netfilter-persistent Service
service netfilter-persistent start
# Check if IPTables were applied
iptables -L