the fact of real shit

SSL implementation for Django project in custom port

Here I’m going to implement SSL in Django project which will access through custom port. To do this I’m going to use Apache, for SSL I’m going to use letsencrypt and my Django project containerize in docker. I’m going to bring content through Apache proxy technique.

First of all we need to execute (any) Django project. Please follow Create Docker Container for Hello World with Django and uWsgi Server to create a simple Hello World Django project. We are going to uwsgi socket instead of http server. So, in Dockerfile last line need to change as follows –

ENTRYPOINT ["uwsgi", "--socket", ":9000", "--workers", "4", "--master", "--enable-threads", "--module", "helloworlddjango.wsgi"]

Now we have our project up and running. Now in Apache create entry for our domain and using certbot of letsencrypt install SSL. Please point document root in any safe location, we will use that document root to install SSL and then we will point our uWsgi server to bring content from our project. There has a lot of resource in internet to achieve this. Please configure such way that domain will redirect non-ssl to ssl url automatically.

After successfully access of domain securely we can move to change SSL port. To do this we need to change listen of Apache configuration. In my server I need to change /etc/apache2/ports.conf (it may vary server to server). Following commands need to use to access custom port –

<IfModule ssl_module>
	Listen 443
	Listen 59222
</IfModule>

Now we need to install “libapache2-mod-proxy-uwsgi” module to access content through Apache proxy technique.

sudo apt-get install libapache2-mod-proxy-uwsgi

Also we need to enable proxy at apache2

sudo a2enmod proxy
sudo a2enmod proxy_uwsgi

We are ready to access our Django project content. We need to append following configuration into our domain configuration of Apache server. In my case file location is /etc/apache2/sites-enabled/helpabodessltest.shahadathossain.com-le-ssl.conf

SSLProxyEngine on
SSLProxyVerify none 
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

ProxyRequests Off
ProxyPreserveHost On
ProxyPass / uwsgi://127.0.0.1:9000/ keepalive=On
ProxyPassReverse / uwsgi://127.0.0.1:9000/

Please note, we need to put these code inside “VirtualHost” block. Also need to change “VirtualHost” tag like as follows –

<VirtualHost *:59222>

Also we can put redirect code in Apache from http to https with custom port like following code. Note that we need to put this code into general (80) configuration of the domain (also inside VirtualHost block)

RewriteEngine on
RewriteCond %{SERVER_NAME} =helpabodessltest.shahadathossain.com
RewriteRule ^ https://%{SERVER_NAME}:59222%{REQUEST_URI} [END,NE,R=permanent]

That’s all, we need to restart Apache server. If everything goes fine we can visit our domain with custom port to see “Hello World” output in browser. Thanks.

Posted in apache, PythonTagged ,

JavaScript class encaptulation

My favorite JavaScript class structure –

(function(exports) {
	"use strict";
	var mySuperDupparClassOfSHKR=function(pValue){
	var myPrivateValue;
	this.setValue=function(pValue){
		myPrivateValue=pValue;
		return this;
	};
	var __construct = function(that, pValue) {
		return that.setValue(pValue);
		}(this, pValue);
	};
	exports.SuperDupparClass = {
		create : function(pValue) {
			if(typeof pValue==='undefined') throw 'please provide a value, unable to continue...';
			return new mySuperDupparClassOfSHKR(pValue);
		},
	};
})(this);

Usage as follows –

var myObj;
jQuery(document).ready(function($) {
	try{
		myObj=SuperDupparClass.create('any value');
	}catch(e){
		alert('ERR: '+e);
	}
});

 

Posted in javascript, study, webdevelopmentTagged , , ,

PHP Archive (.phar) Attaching with ZF2

PHP archive aka phar is a stream wrapper which can serve any packaged PHP library efficiently.

To create a phar document for a library (not for web output or for cli executable) is simple as pie like –

$phar = new \Phar('target-location-where-to-save.phar', 
 FilesystemIterator::CURRENT_AS_FILEINFO |
 FilesystemIterator::KEY_AS_FILENAME, 'optionalPharAliasName');
$phar->buildFromDirectory('source/lib/path');

After creating phar document, file can use to attach ZF2 standard autoloader as follows –

Zend\Loader\AutoloaderFactory::factory(array(
 'Zend\Loader\StandardAutoloader' => array(
   'autoregister_zf' => true,
   'namespaces' => array(
          'YourProjectNamespace'=>'phar:///absolute/path/of/project/phar/file.phar',
        ),
     ),
   ));

This works as simple folder of your file system. Easily distributable, packaged.

Posted in php, webdevelopmentTagged , , , , , , ,

Image size for social media (like facebook, twitter, google+, linkedin, pinterest, instagram, youtube) profile and other picture

As we faced many problem to work in social media about size of profile picture to use. Here is the dimension that analysis by renowned email marketing tools provider constant contact. Also I add some value to enrich the list –

Facebook
————————
Cover photo 815×315
Profile photo 180×180 (display area 160×160)
Fan page profile photo 200×200 (display area 176×176)
Tab 111×74
Link Image 1200×627
Image 1200×1200
Highlighted/milestone image 1200×717

Twitter
———————–
Header 1500×500
Profile photo 400×400
Image display size 880×440 (recommended)

Google+
—————————
Profile photo 250×250
Cover photo 2120×1192
Shared image 800×600

LinkedIn
————————-
Profile photo 200×200
Cover photo 646×220

Pinterest
————————–
Profile photo 600×600
Pins 600xINFINITE
Board thumbnail 222×150

Instagram
————————
Profile photo 161×161
Image viewed on desktop in lightbox as 612×612
Image feed 510×510

YouTube
—————————
Profile photo 800×800
Channel art 2560×1224
Custom video thumbnail 1280×720

* all dimensions listed in pixels

Hope it may help you to engineering the web for your client.

Posted in internet, Standard, webdevelopmentTagged , , , , , , , , , , , ,

ckeditor installation into drupal with imce

As a professional app developer, I faced to install ckeditor into drupal many times. Each times I need to dig again and again to its working. So, now I think I have to write it down that will help me and others too 😉

Install ckeditor into Drupal with IMCE

Its simple two step > Download & Put it into right place, Configure & use.

Download & Put it into right place

1. Download Drupal module of ckeditor from https://drupal.org/project/ckeditor
2. Download Drupal module for IMCE from https://drupal.org/project/imce
3. Put those module into “sites/all/modules” folder or where you think appropriate
4. Now download full version of ckeditor from http://ckeditor.com/download
5. Put full version of ckeditor into “<path where you put your ckeditor drupal module>/” please visit http://docs.cksource.com/CKEditor_for_Drupal/Open_Source/Drupal_7/Installation for details instruction where to put

That’s it, you are done the first step

Configure & use

Now enable that two module from your Drupal control panel.

1. Fix permission for ckeditor
2. Configure IMCE
3. Configure text format – Administration > Configuration > Content authoring > Text formats
3.a) For Advanced Html >> enable filter “limit allowed html tags” and leave it as it is or put “<a> <p> <div> <h1> <h2> <h3> <img> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <em> <b> <u> <i> <strong> <del> <ins> <sub> <sup> <quote> <blockquote> <pre>” allowed or as your requirement
3.b) For Full Html >> enable filter “limit allowed html tags” and put “<a> <abbr> <acronym> <address> <area> <article> <aside> <audio> <b> <bdo> <bgsound> <big> <blockquote> <br> <br /> <button> <canvas> <caption> <center> <cite> <code> <col> <colgroup> <command> <datalist> <dd> <del> <details> <dfn> <div> <dl> <dt> <em> <fieldset> <figcaption> <figure> <font> <footer> <form> <h1> <h2> <h3> <h4> <h5> <h6> <header> <hgroup> <hr> <hr /> <i> <img> <input> <ins> <kbd> <keygen> <label> <legend> <li> <link> <map> <mark> <marquee> <menu> <meter> <nav> <object> <ol> <optgroup> <option> <output> <p> <param> <pre> <progress> <q> <rp> <rt> <samp> <section> <select> <small> <source> <span> <strong> <sub> <summary> <sup> <table> <tbody> <td> <textarea> <tfoot> <th> <thead> <time> <tr> <tt> <ul> <var> <video> <wbr>” allowed or define tag to allow as your requirement
4. Now configure ckeditor. Specially for file browser settings. Point it to IMCE. Please configure both profile (Full, Advanced)

That’s it. nJoy….

Posted in php, webdevelopmentTagged , , , , , , ,

ABC on Internet

Introduction

The modern life is very much dependent on communicating with each other. How can we communicate with each other? Various media, like – Sending Mail through Post Office, Sending Message through Messenger, Say Hello by Land Phone or Mobile etc. At the ancient time we communicate each other with Pigeon or Messenger. But in the modern life we like to take advantages of digital technology. Internet is such a digital technology of modern life.

Elaboration of this Internet is “International Networking”. It’s a big network where computers are attached with each other all over the world. We know that, computer can attach with each other and can talk with each other, can share file with each other, can share music, can share video with each other. So, all the computer of the world is inter connecting with each other and makes a big network that virtually act as a big computer for a world. We don’t need to know how they communicate with each other. We just need to know how we can reach other computer that is outside of your computer or outside of your country. So, we can reach our friend’s computer easily to communicate with her.

Cyber café is such a place where you can use computer by paying money. Here all computers are pre-connected with internet. So, you don’t need to connect them. You need not to know how they connected, how a computer can open etc. You just need to know how you can use internet. You need to know a very basic knowledge about keyboard, mouse & monitor. Are you know, how a light is lighten by passing electricity? You just need to know where the switch to on that light is. How this switch is operated? And use this light by switch on. Internet is easy like switch on a light of your room.
Now the things you need to know for switching internet communication, is – Browser, Website, Email Address, Checking & Sending Mail, Searching or Surfing Internet for Information etc.

So, what about operating procedure of a computer? Nothing, we need not to know! Well, let me explain. When we were 2 years old, are we know about all the stuff of our room? No, not at all. But, we recognized the toy by which we can play.

About Browser & About Form

Now the most important part to use internet is browser. I like to compare browser as our “Table”. Where we can put our book for reading. It’s such a place where we can put our writing pad on it and write. So, it’s a workstation where we do our regular duties, isn’t it?

Now, what is the category of the table? Is it furniture? Yes, its furniture. In computer we can categorize “Browser” as program. If we think a computer like our room, then browser is a type of furniture like table.

Now, we already hear a word “website”. What does a website means? Website is such a place where certain information is written and can access from anywhere of the world through internet. Now, what types of information are written to the website? It’s may be the details of a product, about a place, any instruction etc. Well, let’s consider an example. Someone wants to know about “Sundarban”. Someone wants to know how he can reach to “Sundarban”. Now, if we can written all the information about “Sundarban” and put it a such open place from where anyone can access to that place and can read about “Sundarban” then she easily get all the answer about “Sundarban” from that place. That such place we call “website”. Now, what happen, if we can publish a book on “Sundarban”? Write all the information about “Sundarban” into that book. And keep that book on our table and read! Exactly, we compare our website as like as book. Where information is stored and people can read it by putting it on the table. It makes some sense about the relationship between browser and website, isn’t it?

Now, what about form? Form is nothing but a predefined question paper that need to collection information for a certain purpose. If you go to admit a school your parent need to fill up a form about you and your family. That form contains your name, your father’s name, mother’s name etc. etc. In that form we need to write but here at web form we need to type information by keyboard. After writing that form we need to submit it to school authority by handing over the filled up form. Here we need to submit it through a button that we call “Submit Button”. Its simple, we just need to know about the parts of the form. The main parts of a web form are – Text Box, Text Area, Select Box Multiple & Single, and Option Box Multiple & Single. No need to worry about form in this time. You will be familiar with web form while use net regularly.

About Mail Server & Storage Technique

As we already know that we have a common place where we preserve information for public access that is called server. We can store our information as webpage into server. Also we can store mail into that server.
Well, let’s consider a scenario. One of your friends wants to send a message through courier service. He will write a letter then go to courier service to post it. The courier service authority will send that letter to your friend’s city branch of that courier service. Then the postman will search you to give you that letter. If you don’t at home at that time the postman will drop it to your home. When you come to your home you will get that letter of your friend. Here server is act like as your home. All the mail is stored into server until you read it.

About User ID & Password

I’m trying to make you understood with some real life example. It will help the issue to understand easily. Now think you admitted into a new school and meet with your new friend. There you found that there has another friend who has the same name of you. Suppose your name “Mithila” now what other identified you? Its simple, they make a new name of you like “New Mithila” or something else. And it’s your identity at your school. In server the unique name is called “User ID”.

Now what is password? It simple, it’s a secret phrases that only known by you! Now why you need password? Basically computers don’t know you. It’s a machine. So if your friend claims that her name is “Mithila” then what happen? Cause you and your friend Mithila are using same computer. So you need a secret word or code to claim your uniqueness, isn’t it? That’s password need.

Mail Header / Parts of Mail Message

Mail header is the information about mail. You all know about traditional letter. In that letter you will find from whom you receive that letter and when you received that letter. This is called the information about letter. As like as every email have this information. We called those information as “Mail Header”.

Now what about a gift? Suppose your elder brother send a nice gift like a “Barbie Doll” to you. What you think, isn’t it nice? Your elder brother may send that gift and write a letter to you. Now what is the scenario? You getting letter with a gift. Here in electronics system we have same approach. Suppose we need to send a song with a letter. What can we do? We just need to attach that song with that email. And that is called “Attachment”. It’s also a part of email.

Now you have two another term of email header, they are – CC & BCC. CC means Carbon Copy. You all know about carbon. When we need a document more then one copy for preserving purpose or another purpose we use this carbon to copy it. In the modern technology we can photocopy that document as much as we need. So, what about CC? When you need to send your same mail to many of your friend then you need to use this option. Suppose you want to send “Eid Greetings” to your entire friends. What you will do? You will type your message and send to a friend. For another friend you need to type again and send it to that friend. May be you can copy the message text for sending the same message. But with CC option you can send the same mail to as many as you can. Just type the friends email address separated with comma and send it. It simple! Now what about BCC? You don’t need to use this BCC option now. Its elaboration is Broadcasting Carbon Copy. Its same as CC but with little functioning difference. You can use it as CC. You will learn it by using I think.

About Yahoo Profile, Yahoo Mail Account & Address Book

Yahoo profile is a profile that keeping by Yahoo. Information about you is kept by Yahoo called Yahoo Profile. In the profile it contain your name, from where you from, from where you surfing or accessing the site etc.

Yahoo Mail Account is a space where your mail stored. If someone sent you mail the mail will stored into that area until you read it. You can also store it permanently in to this account. It’s also an identification to reach you or to send you email.

Address Book is the register of email address. In this book you can save your friends email address for future use.

About Search Engine

Search engine is a special site where you can find the address of your desire word. Suppose you want to know about “123 Sisimpur”, but you don’t know where you can get information. So, first of all you need to search the address related on “123 Sisimpur” then you can go to that website to get the information about “123 Sisimpur”. From which you get the address by searching them we called it search engine. Those search engines is maintain the name of all other website. The search engine will provide the list of website that is related with your keyword. You need to put your keyword into specific text box to search. After getting the list you can easily find out your desired website.

Conclusion

Internet is easy to use & very cheap communication facilities with each other. But its global. The main fact of internet defend our real life is, if we have a permanent address we can use it to get any letter from our friend. But when we are on travel, then how can we get those letters instantly? But with email address we can get mail from anywhere anytime.

Disclaimer:

This article is written for a primary concept on internet who have no idea about internet. Basically I’m trying to establish a relationship between our real lives with internet. Internet is a vast subject. It’s not possible to give a greater knowledge at the very first time.

by-

| Md. Shahadat Hossain Khan
|
Web Developer, Square InformatiX Ltd.

Posted in internet, study, webdevelopmentTagged , , , , , , , , , , , , , , , , , , , , , ,

Apache (httpd) 403 errors & SELinux in RHLE5

The “targeted” policy confines certain network daemons to run in their own specific “security domain”. These daemons include dhcpd, httpd (apache), named, nscd, ntpd, portmap, snmpd, squid, and syslogd.

When I setup apache on a system where it wil be utilized, I have a habit of not using /var/www/html as my starting point for document roots, but rather create a dir at /home/websites and place my document roots in there. In the good ol’ days of Discretionary Access Controls (DAC) just making sure that apache had the perms it needed to read the documents in there was enough (using chmod, chown, and the like).

Not so with SELinux enabled. In addition to the regular DAC we’re all used to, we now have Mandatory Access Controls (MAC) that define security contexts for files/directories etc. Turns out it looks like by default, apache only has access to /var/www/html when it’s fired up…. I’m guessing that and probably /var/log/httpd (which is exactly as it should be). To enable apache to view my files in /home/websites, I had to apply a new security context to these files. The answer to this is the chcon command. To be brief, the full command I executed was:

chcon -R -t httpd_sys_content_t /home/websites

After executing this, apache could read my files.

I like where this SELinux thing is going. Permissions done right, for sure. This doesn’t come with out growing pains though. It’s complex (or so it seems to me after only working with it for a couple days) and will take some time to learn. I’m prepared for some frustration….

Now many of you are probably asking yourself why would anyone (let alone me) want to bother with this? Well I think a simple example of one of the cool things is that even though something like /etc/passwd has DAC octal perms of 644 (rw-r–r–), apache still can’t read it because that file is not with in apache’s security context. So any users on your system can’t write a little script that reads your /etc/passwd file and basically posts it on a web page for the world to see (giving potential crackers a list of valid user accounts on the system).

Actually this is a little bit extra security that provide by SELinux e.g. Security Enhanced!

Ohh, one more tips to change the direcotry live…

chcon --reference=/var/www <your website directory>
chcon --reference=/var/www/html <your public_html directory>

I suggest you to make a shell script to put it together… with following commands…

useradd <your website user name> #password and other necessary staff to point home directory
chmod --reference=/var/www /home/<your website user name>
mkdir /home/<your website user name>/public_html
# most probably the following line need not to execute
chmod --reference=/var/www/html /home/<your website user name>/public_html
# then do other necessary staff for your website suppose add virtual host, ftp user, database user etc.

nJoy…

Posted in linuxTagged , , , , , , , , , 2 Comments on Apache (httpd) 403 errors & SELinux in RHLE5