Posted in apache, linux, ssl

Install and Apply Let’s Encrypt SSL Certificates to Apache in CentOS 7

> Download and Install Let’s Encrypt

  • Login as root
  • Update your server’s software packages:
yum update
  • Install the git package:
yum install git
  • Download a clone of Let’s Encrypt from the official GitHub repository/opt is a common installation directory for third-party packages, so let’s install the clone to /opt/letsencrypt:
git clone /opt/letsencrypt
  • Navigate to the new /opt/letsencrypt directory:
cd /opt/letsencrypt

> Create an SSL Certificate

  • Stop Apache server
systemctl stop httpd.service
  • Run Let’s Encrypt with the --standalone parameter. For each additional domain name requiring a certificate, add -d to the end of the command.
./letsencrypt-auto certonly --standalone -d -d

Let’s Encrypt does not deploy wildcard certificates. Each subdomain requires its own certificate.

  • For the first time, enter your email and agree to the Terms of Service
  • If all goes well, a message similar to the one below will appear. Its appearance means Let’s Encrypt has approved and issued your certificates.
- If you lose your account credentials, you can recover them through
 e-mails sent to
- Congratulations! Your certificate and chain have been saved at
 /etc/letsencrypt/live/ Your
 cert will expire on 2016-03-31. To obtain a new version of the
 certificate in the future, simply run Let's Encrypt again.
- Your account credentials have been saved in your Let's Encrypt
 configuration directory at /etc/letsencrypt. You should make a
 secure backup of this folder now. This configuration directory will
 also contain certificates and private keys obtained by Let's
 Encrypt, so making regular backups of this folder is ideal.
- If you like Let's Encrypt, please consider supporting our work by:

Donating to ISRG / Let's Encrypt:
Donating to EFF:
  • Each key (.pem) file in /etc/letsencrypt/live/ a different purpose:
    • cert.pem: server certificate only.
    • chain.pem: root and intermediate certificates only.
    • fullchain.pem: combination of server, root and intermediate certificates (replaces cert.pem and chain.pem).
    • privkey.pem: private key (do not share this with anyone!).

> Apply SSL Certificate in Apache

  • Add a VirtualHost in /etc/httpd/conf.d/ssl.conf or in other .conf file in /etc/httpd/conf.d/
<VirtualHost *:443>
 DocumentRoot /var/www/html/
 SSLEngine on
 SSLCertificateFile /etc/letsencrypt/live/
 SSLCertificateKeyFile /etc/letsencrypt/live/
 SSLCertificateChainFile /etc/letsencrypt/live/
  • Restart Apache server
systemctl restart httpd.service



Posted in cPanel, web

Redirect to www with https in htaccess

RewriteEngine On

RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^(.*) https://www.%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

RewriteCond %{HTTPS} off
RewriteRule ^(.*) https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
Posted in cPanel, linux, web

Fixing the cPanel SoftException writable by group

If you’ve been following these posts, we now have a lovely git push to deploy setup, and can ssh into our server without constantly needing to enter our password through the use of ssh keys.

However, if you’re running on cPanel, you will probably have bumped into this error:

SoftException in Application.cpp:256: File "/home/username/public_html/index.php" is writeable by group

This is clearly a permissions error, and so the obvious thought is to chmod it. However, we don’t want to ssh in and chmod every time we push! On the testing server, the permissions are fine, but they are different once the git push has done its post-update.

The reason for this is something to do with a thing called umask. Umask is a user mask which is created for processes that are performing tasks, and affects new files and folders.

The solution to this is to edit ~/.bash_profile, and insert the following command:

umask 022

From now on you shouldn’t have the problem. With newly created files.

To sort already existing files, Chmod -R 755 any folders affected, OR just log out and in, and git pull or git reset –hard HEAD^ in order to re-fetch the files. This time they should be created without any strange permission errors!


Posted in git, linux command, web

Laravel + Git + GoDaddy

1. Configuring SSH and Git

Enable SSH: from cPanel go on Security > SSH Access > Enable SSH, then import your public key.

Check the SSH connection:

# From your local pc 
$ ssh [godaddy-user]@[]

where [godaddy-user] is the username configured for your GoDaddy’s cPanel and [] is the site domain name.

Check that Git is correctly installed on GoDaddy:

$ # From the GoDaddy host 
$ git --version

Create the bin directory on the user’s home:

$ # Always from the GoDaddy host
$ mkdir ~/bin

2. Check the PHP version

Open an SSH connection with GoDaddy, then:

$ php --version

Should print something like:

  PHP 5.5.24 (cgi-fcgi) (built: Apr 20 2015 06:24:55)

Check that the php version is correct (for Laravel 5.1 must be greater than 5.5.9).

Troubleshooting: wrong php version

Can happen that you have setted the newest PHP version from cPanel but via SSH you still have an old version.

If the PHP version is wrong, for example is 5.4.43 instead of 5.5.24, make sure you have changed it in cPanel (in Software > Select PHP Version) then try with:

$ /opt/alt/php55/usr/bin/php --version

If the path /opt/alt/php55/usr/bin/php print out the correct version then set it as your php default command:

$ cd
$ vim .bash_profile

In the file .bash_profile change the row




That is: prepend your local bin directory to assign it the first priority.

Create a link to the right php version:

$ cd bin
$ ln -s /opt/alt/php55/usr/bin/php

Close and reopen the ssh connection and check now the php version.

3. Create the application folder

From GoDaddy host, create the [app] folder in your home, where [app] is the name of your Laravel application:

$ cd ~
$ mkdir [app]

This folder will contains your application.

Depending if you want to install the application in the main domain, e.g., or in a subdomain, e.g., do one of the following.

Main domain

Replace the public_html folder with a symbolic link to [app]/public (be sure public_html is empty before delete it):

$ rm -r public_html
$ ln -s [app]/public public_html


Create a sub domain in GoDaddy


access the cPanel at the url then go on Domains > Subdomains > Create Subdomain and insert:

  • Subdomain: [sub-domain] (e.g. app)
  • Document root: /[app]/public

4. Get Composer

From GoDaddy host:

$ # Install composer
$ cd bin
$ curl -sS | php
$ ln -s ./composer.phar composer

5. Configuring Git for automatic deploy

Create the Git bare repository on the GoDaddy’s host:

$ # Create the git directory where the repository will be mantained
$ cd ~
$ mkdir git

$ # Create the repository
$ cd git
$ git init --bare --shared [app].git

$ # Create the post-receive hook file
$ cd [app].git/hooks
$ touch post-receive

$ # Make the hook executable
$ chmod +x post-receive

$ # Configure the hook
$ vim post-receive

Write in the file post-receive all the operations that will be performed after the push is done:


# Set up our PATH variable and export it
export PATH

# App directories

# Checkout the last commit inside the web app directory
git --work-tree=${APP_WEB_DIR} --git-dir=${APP_GIT_DIR} checkout -f

# Clean the app directory
# Use -e "[pattern]" to exclude some file or directory to be cleaned,
# as they are in the .gitignore file
# git --work-tree=${APP_WEB_DIR} clean -fd

# Run composer
composer install
# Ensure that storage's folder have write permission for the group
chmod -R g+w storage

# Optimizations
echo "Running optimizations"
php artisan config:cache
php artisan route:cache

# Do other things here, for example load database changes automatically
# php artisan migrate
# ...

6. Add the ‘production’ remote in your repository

From your PC:

$ # Go in the project's folder
$ cd /path/to/your/project
# Add the 'production' server's URL
$ git remote add production ssh://[godaddy-user]@[]/~/git/[app].git

Now you can deploy the project on GoDaddy (pushing it on the production remote) with:

$ git push production master

You should now be able to see your code on the folder ~/[app] on the GoDaddy’s host.

After configured the database in the host and configured your application (for example you have to create the .env file in the host and set here the db connection parameters) you will be able to access your application from your domain.


Posted in git, web

Learn Git

Git is the industry-standard version control system for web developers.

  • git init creates a new Git repository
  • git status inspects the contents of the working directory and staging area
  • git add adds files from the working directory to the staging area
  • git diff shows the difference between the working directory and the staging area
  • git commit permanently stores file changes from the staging area in the repository
  • git log shows a list of all previous commits


Git backtrack  allow you to undo changes made to your Git project.

  • git checkout HEAD filename: Discards changes in the working directory.
  • git reset HEAD filename: Unstages file changes in the staging area.
  • git reset SHA: Can be used to reset to a previous commit in your commit history.


Git branching allows users to experiment with different versions of a project by checking out separate branches to work on.

  • git branch: Lists all a Git project’s branches.
  • git branch branch_name: Creates a new branch.
  • git checkout branch_name: Used to switch from one branch to another.
  • git merge branch_name: Used to join file changes from one branch to another.
  • git branch -d branch_name: Deletes the branch specified.


A remote is a Git repository that lives outside your Git project folder. Remotes can live on the web, on a shared network or even in a separate folder on your local computer.

The Git Collaborative Workflow are steps that enable smooth project development when multiple collaborators are working on the same Git project.

  • git clone: Creates a local copy of a remote.
  • git remote -v: Lists a Git project’s remotes.
  • git fetch: Fetches work from the remote into the local copy.
  • git merge origin/master: Merges origin/master into your local branch.
  • git push origin <branch_name>: Pushes a local branch to the originremote.
Posted in web

HTTP Status Codes

  • 2xx : Success
    • 200 -> OK
    • 201 -> Created
    • 202 -> Accepted
    • 203 -> Partial Information
    • 204 -> No Response
  • 3xx : Redirection
    • 301 -> Moved
    • 302 -> Found
    • 303 -> Method
    • 304 -> Not Modified
  • 4xx, 5xx : Error
    • 400 -> Bad Request
    • 401 -> Unauthorized
    • 402 -> Payment Required
    • 403 -> Forbidden
    • 404 -> Not Found
    • 500 -> Internal Server Error
    • 501 -> Not Implemented
    • 502 -> Service Temporarily Overloaded
    • 503 -> Gateway Timeout
Posted in linux command

Some Linux commands

  • ls –> list what within current directory
  • pwd  –> output current working directory
  • mkdir –> create a new directory
  • touch –> create a new file
  • cp –> copy file
  • mv –> move/rename file
  • rm –> remove file/directory(-r)
  • cat –> view content of a file (cat … > … : replace; cat … >> … : append)
  • uniq –> filter out duplicate lines in a file
  • grep –> search file for line that matches a pattern and return the results (-i : case insensitive)
  • grep -R –> search all files in a directory and output filenames with matched result
  • sed –> searches for a text pattern, modifies it, and outputs it