By now you know that your website needs to run over HTTPS. One of the easiest and cheapest ways to do this is by using
https://certbot.eff.org/ which in turn deploys https://letsencrypt.org/ certificates.
Once you have it installed, you’ll want to install a crontab entry that will run the updates 2x per day:
23 3,15 * * * /usr/local/sbin/certbot-renew.sh
# Save this file as /usr/local/sbin/certbot-renew.sh
rm -f $UPDATE_FLAG_FILE
/usr/local/bin/certbot-auto renew --post-hook "touch $UPDATE_FLAG_FILE"
if [ $? -gt 0 ]; then
if [ ! -f $UPDATE_FLAG_FILE ]; then
service apache2 status
if [ $? -eq 0 ]; then
service apache2 reload
if [ $? -gt 0 ]; then
>&2 echo failed to reload apache2
I’ve found that the easiest way to create a password protected zip file, is to use the freely available 7-zip.
C:\7z.exe a test.zip fileyouwantzipped -pPUT_PASS_PHRASE_HERE
7-Zip 18.05 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2018-04-30
Scanning the drive:
1 file, 13626 bytes (14 KiB)
Creating archive: test.zip
Add new data to archive: 1 file, 13626 bytes (14 KiB)
Files read from disk: 1
Archive size: 11376 bytes (12 KiB)
Everything is Ok
A pretty easy way to generate passwords/pass phrases is to visit: https://untroubled.org/pwgen/ppgen.cgi and change options as you see fit.
(taken from: Linode guide to Limiting Access with SFTP Jails on Debian and Ubuntu
As the system administrator for your Linode, you may want to give your users the ability to securely upload files to your server. The most common way to do this is to allow file transfers via Secure File Transfer Protocol (SFTP), which uses SSH to provide encryption. This requires that you give your users SSH logins. However, by default SSH users are able to view your Linode’s entire filesystem, which may not be desirable.
This guide will help you configure OpenSSH to restrict users to their home directories, and to SFTP access only. Please note that these instructions are not intended to support shell logins; any user accounts modified in accordance with this guide will have the ability to transfer files, but not the ability to log into a remote shell session.
These instructions will work for Ubuntu 9.04, Debian 5, and later. Unfortunately, the version of SSH packaged with Ubuntu 8.04 is too old to support this configuration.
/etc/ssh/sshd_config file with your favorite text editor:
Add or modify the
Subsystem sftp line to look like the following:
Subsystem sftp internal-sftp
Add this block of settings to the end of the file:
Match Group filetransfer
Save the changes to your file.
service ssh restart
OpenSSH has been successfully modified.
Modify User Accounts
This section will set up the correct groups, ownership, and permissions for your user accounts.
Create a system group for users whom you want to restrict to SFTP access:
addgroup --system filetransfer
Modify the user accounts that you wish to restrict to SFTP. Issue the following commands for each account, substituting the appropriate username. Please keep in mind that this will prevent these users from being able to log into a remote shell session.
usermod -G filetransfer username
chown root:root /home/username
chmod 755 /home/username
These users will now be unable to create files in their home directories, since these directories are owned by the root user.
Next, you need to create new directories for each user, to which they will have full access. Issue the following commands for each user, changing the directories created to suit your needs:
mkdir docs public_html
chown username:filetransfer *
Your users should now be able to log into their accounts via SFTP and transfer files to and from their assigned subdirectories, but they shouldn’t be able to see the rest of your Linode’s filesystem.
sftp from the terminal:
You can use the
help command to see what commands you have access too within the SFTP shell. You have the ability to
ls, for instance. There are also commands like
lpwd, that will print the local working directory. In the local home directory type
Transfer local files to the remote system:
Transfer files to the local system from the remote system:
You can test the file permissions by navigating to a different directory within the SFTP shell, and trying to transfer a file.
sftp> put test.txt /tmp/
Uploading test.txt to /tmp/
remote open("/tmp/"): Failure
Exit the session with the
Here are some of the more frequently used commands that I find useful.
To search for a particular package by name or description:
From the command-line, use:
apt-cache search keyword
The apt tool on Ubuntu 14.04 and above makes this very easy.
apt list --installed
On older versions of Ubuntu/Debian, try this instead:
dpkg --get-selections | grep -v deinstall
Check available version of a package in Ubuntu repositories from command line:
You may wonder if the given package is installed or not. It’s easy to find out too.
In the above output, you see two words namely Installed and Candidate.
Installed : This will tell you the version that you have currently installed in your Ubuntu system.
Candidate : This is actual version that will be installed from the Ubuntu repositories when you install the package using apt-get.
If your system is in state where apt-get is mostly unusable you could try using dpkg to remove the affected package, in this case try:
sudo dpkg --purge php5-memcache