I checked out

https://securityheaders.com/

# set security headers in apache

# test with https://www.keycdn.com/blog/http-security-headers

and added in cat /etc/apache2/conf-enabled/security.conf 

Header set X-XSS-Protection “1; mode=block”

Header set X-Frame-Options “SAMEORIGIN”

Header set X-Content-Type-Options “nosniff”

Header set Feature-Policy “autoplay ‘none’; camera ‘none'”

Header always set Referrer-Policy “same-origin”

Header set Strict-Transport-Security “max-age=31536000; includeSubDomains; preload”

Header always set Permissions-Policy “geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()”

Then I went to the the WordPress installed directory

See: https://blog.sucuri.net/2012/07/wordpress-and-server-hardening-taking-security-to-another-level.html

# adduser wordpressuser
# cd /var/www/pathtoyoursite
# chown -R wordpressuser:apache .
# chmod -R 750 .
# find . -type f -exec chmod 440 {} \;
#find . -name “*.php” -exec chmod 440 {} \;
#find . -type d -exec chmod 750 {} \;

update WordPress I do with the wp.cli commands:

since I use root I run it with –allow-root:

#wp plugin install wordfence –activate –allow-root
#wp plugin install cookie-law-info –activate –allow-root
#wp core update –skip-plugins –skip-themes –allow-root
#wp theme update –all –allow-root
#wp plugin update –all –allow-root

You’ve probably heard that Pokemon Go players are going out and “catching ’em all”. Well, in honor of them (and you caught my drift), let’s talk about how to reach heaven. I’m not talking about Heaven itself here. I’m talking about how to get there from here.

We all want to live forever. And we all want free Wi-Fi everywhere and a smart blender. But the 5 steps you need to take to get there are different.

The afterlife is a mysterious place, and it can be hard to predict what’s waiting for us when we die. However, that hasn’t stopped people from trying to describe it. Below are 5 descriptions of the afterlife from famous scientists\’ statements on religion. Hearing more after my logic thought “5 steps? What can that really be?”. Did I have an idea of what this could be? Of course. Could I have guessed it in advance? Not even in the farthest corner of my mind could I have considered this possibility.

The afterlife is a big unknown. It’s hard to imagine what it will be like, but many of us want to know what happens when we die.

There are many theories about what happens after we die, but there is no scientific evidence that any of them are true. However, there are some things we do know about death and the afterlife:

We don’t need food or water after we die. Our bodies stop working and start to decay.

Our brains stop working very soon after our hearts stop beating. This means that if you’re not brain dead, your mind will still be active until you’re dead.

When your brain stops working, other organs in your body stop working as well — especially those organs that control breathing and heartbeat. This means that once your brain stops working, it won’t ever work again, even if someone brings you back from the brink of death with CPR or defibrillation (both forms of life support). The exception is if someone keeps you alive using artificial life support machines for years after your heart stops beating and your brain stops functioning normally — in which case you might eventually regain consciousness again if doctors can keep machines like ventilators going long enough for you to recover from being

In this article, I am going to introduce you to the five most common ways of getting into the afterlife.

1: The soul is recycled and reborn into another body. This is done by your soul being sent back to earth in a new body with a different genetic makeup. The idea is that every time we die, our soul goes through a rebirth cycle where it takes on new experiences, encounters and interactions with the world at large. This process continues until you have learned all that you need to learn from life on Earth and can then move on to higher levels of existence.

2: The soul lives in heaven for eternity. This one is pretty straightforward; after death, your soul goes straight up to heaven where it lives out an eternal life of happiness and joy with no other worries or cares in the world. Heaven is usually depicted as being somewhere above us (and possibly outside our solar system), but some people believe that there are multiple heavens (or multiple levels) within this one universe and that they may even exist within other universes as well! Many religions teach that God Himself will welcome us into His wonderful kingdom when we die, but others say that only those who have earned their way

The afterlife is a location that is either in another dimension or plane of existence, or an imagined realm that transcends physical reality. The concept of an afterlife is found in many religious and philosophical systems, as well as in fiction.

The Abrahamic religions believe that a human soul can survive death and reach an afterlife, where it will be judged by God. According to these religions, the dead will then be consigned to heaven (the Garden of Eden) or hell (the Netherworld).

There are different traditions regarding the timing of a person’s death and the transition to the afterlife. In some cultures, such as those of Ancient Egypt and ancient Greece, funerary rituals included provisions for a safe passage to the afterlife; this was accomplished through magic spells and offerings made to gods, who were thought to intervene in human affairs.[11] Other cultures like the Vikings and Japanese left their dead on board ship for transportation to Valhalla.[12] In most pre-modern pagan traditions, such as those of northern Europe and modern-day Scandinavia, a person’s fate after death was often tied directly to the circumstances surrounding their birth; for example if they were born under poor astrological conditions,

There are five methods to get there alive:

1. You can become immortal through the use of science and technology (becoming a cyborg or an AI).
2. You can become immortal by making yourself immortal by having an heir or heirship that will carry on after you die (i.e., having children).
3. You can become immortal through faith in God or a higher power, either by being saved after death (by going to Heaven) or being resurrected from death (by returning as a zombie).
4. You can become immortal by using science and technology but not getting caught (i.e., not dying at all, or at least not until you want to).
5. You can become immortal by using faith in God or a higher power but not getting caught (i.e., not dying at all, or at least not until you want to).

Where is the gold

https://cheapsslsecurity.com/p/the-advantages-of-http2/
https://www.howtoforge.com/how-to-enable-http-2-in-apache/
https://http2.pro/doc/Apache
https://www.collectiveray.com/what-is-http2
https://www.tecmint.com/enable-http2-in-apache-on-ubuntu/

Debian 10

apt-get install php7.4-fpm
a2dismod php7.4
a2enconf php7.4-fpm
a2enmod proxy_fcgi

 

a2dismod mpm_prefork

a2enmod mpm_event

a2enmod ssl

a2enmod http2

systemctl restart apache2

Protocols h2 http/1.1

  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /var/www/public_html/example.com
  SSLEngine on
  SSLCertificateKeyFile /path/to/private.pem
  SSLCertificateFile /path/to/cert.pem
  SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
  Protocols h2 http/1.1

what a farce

XRDP installation

https://linuxize.com/post/how-to-install-xrdp-on-debian-10/

install software on laptop / mobile

https://www.64characters.com/telephone/

for installation see LINK

check out this one link voyced.eu

mysql -u USER -p
use database;
select id, user_login, user_pass FROM wp-users;

update wp-users set user_pass = MD5(MYNEWPASSWORD);
select id, user_login, user_pass FROM wp-users;

/usr/lib/cgi-bin/awstats.pl -update -config="example.com" -LogFile="/usr/share/awstats/tools/logresolvemerge.pl /var/log/apache2/access.log* |"

apt-get -y update

apt-get -y upgrade

# install apache software-prop

apt-get -y install tasksel apache2 software-properties-common mariadb-client mariadb-server  python-certbot-apache lsb-release apt-transport-https ca-certificates

# install php 7.3

apt -y install lsb-release apt-transport-https ca-certificates

wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg

echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” | tee /etc/apt/sources.list.d/php7.3.list

apt-get -y updateapt-get -y upgradeapt-get -y install libapache2-mod-php7.3 php7.3-gd php7.3-mysql php7.3-curl php7.3-intl php7.3-xsl php7.3-mbstring php7.3-zip php7.3-bcmath php7.3-soap php7.3-imagick

apt-get -y update
apt-get -y upgrade

# install apache software-prop

apt-get -y install tasksel apache2 software-properties-common mariadb-client mariadb-server  python-certbot-apache lsb-release apt-transport-https ca-certificates

# install php 7.3
apt -y install lsb-release apt-transport-https ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” | tee /etc/apt/sources.list.d/php7.3.listapt-get -y update

apt-get -y upgrade

apt-get -y install libapache2-mod-php7.3 php7.3-gd php7.3-mysql php7.3-curl php7.3-intl php7.3-xsl php7.3-mbstring php7.3-zip php7.3-bcmath php7.3-soap php7.3-imagick

### install lets encrypt#
apt-get -y install python-certbot-apache
# set cert
certbot –apache

## harden mysql

mysql_secure_installation

I created a couple of scripts

1/ the script to create the certs

And the third script will update the cerst and update the haproxy part

root@groupmgt:~# cat refreshCert.sh 

/usr/bin/letsencrypt renew >> /var/log/certRenewal.log

/root/createAll_PEM.sh >> /var/log/cert_createPEM.log

The haproxy part like installation and restartting after the update of the created pem’s that’s something which will not be written out in this section 🙂

cp  script.sh  /etc/init.d/.
chmod 755 /etc/init.d/script.sh
vi /etc/rc.local
# add in file
/etc/init.d/script.sh

requirements for os

First, do the Debian updates/upgrades:
su – 
apt-get update
apt-get upgrade
apt-get dist-upgrade
reboot

Login again:

cat /etc/os-release

update php

apt-get remove php7.0
apt install apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
sh -c ‘echo “deb https://packages.sury.org/php/ $(lsb_release -sc) main” > /etc/apt/sources.list.d/php.list’
apt update
apt-get install php7.1 php7.1-common

apt-get install php7.1-curl php7.1-xml php7.1-zip php7.1-gd php7.1-mysql php7.1-mbstring php7.1-mcrypt php7.1-intl php7.1-xsl php7.1-bcmath php7.1-iconv php7.1-fpm php7.1-soap

a2enmod proxy_fcgi setenvif
a2enconf php7.1-fpm
systemctl restart apache2

NOTICE: You are seeing this 

update Magento:

cd

composer require magento/product-community-edition 2.3.0 –no-update

Specify additional packages for composer Run this

composer require --dev phpunit/phpunit:~6.2.0 friendsofphp/php-cs-fixer:~2.10.1 lusitanian/oauth:~0.8.10 pdepend/pdepend:2.5.2 sebastian/phpcpd:~3.0.0 squizlabs/php_codesniffer:3.2.2 --no-update

composer require –dev phpunit/phpunit:~6.2.0 friendsofphp/php-cs-fixer:~2.10.1 lusitanian/oauth:~0.8.10 pdepend/pdepend:2.5.2 sebastian/phpcpd:~3.0.0 squizlabs/php_codesniffer:3.2.2 –no-update

Remove unused packages

composer remove --dev sjparkinson/static-review fabpot/php-cs-fixer --no-update

Update autoload

Open composer.json and edit the "autoload": "psr-4" section to include "Zend\\Mvc\\Controller\\": "setup/src/Zend/Mvc/Controller/" :

"Magento\\Framework\\": "lib/internal/Magento/Framework/",
"Magento\\Setup\\": "setup/src/Magento/Setup/",
"Magento\\": "app/code/Magento/",
"Zend\\Mvc\\Controller\\": "setup/src/Zend/Mvc/Controller/"

composer update

composer require magento/product-community-edition 2.3.0 –no-update
composer update

error with symfony:
composer require –dev phpunit/phpunit:~6.2.0 friendsofphp/php-cs-fixer:~2.10.1 lusitanian/oauth:~0.8.10 pdepend/pdepend:2.5.2 sebastian/phpcpd:~3.0.0 squizlabs/php_codesniffer:3.2.2 –no-update

Error with sampledata:
./bin/magento sampledata:reset

Error with sampledata:

edit composer.json and remove the sampledata
see: magentosite
try again:
composer update

./bin/magento sampledata:deploy

chown -R www-data .
find . -type f -exec chmod 400 {} \;
find . -type d -exec chmod 500 {} \;
find var/ -type f -exec chmod 600 {} \;
find media/ -type f -exec chmod 600 {} \;
find var/ -type d -exec chmod 700 {} \;
find media/ -type d -exec chmod 700 {} \;
chmod 775 /bin/magento