[![Docker Hub](https://img.shields.io/badge/docker-ready-blue.svg)](https://hub.docker.com/r/pengbai/docker-mkdocs/) # RUG WEBHOSTING * Kubernetes domain hosting * 5+ GB website space ( fair use policy ) * PHP support (Linux/Apache variant) * ASP support (Windows/IIS variant) * All container based services. The following options are available at an extra charge: * expansion of web space (in consultation with CIT) * e-mail addresses * domain registration (.nl, .com, .org, .eu, etc.). Since 2017 every new hosting domain is automatically a docker environment. There's still a active connection between the old shared environment and the new one. ## HTTPS The whole webhosting environment is behind several loadbalancers, force ssl does not work out of the box. Because the internal communication between the loadbalancers (lb) and webservers are plain http. If you force a website without the correct headers, the application will stay in a loop and fail. The answer is simple , the webserver doesn't know that the request is secure! only the loadbalancer knows. If we do a htaccess override, actually were telling the webserver , redirect once, if the Header HTTP:X-SSL-Enabled is true, don't do anything! otherwise redirect to https. ### Examples standard ``` client http (80) <-> http (80) -> http (80) -> website (80) ``` or both ``` client https (443) <--> (443) -> http (80) -> website(80) ``` force https ``` client http (80) <-> force redirect https (443) -> http (80) -> website (80) ``` htaccess Override ``` # auto redirect to ssl, only for webhosting.rug.nl domains or with own certificates RewriteEngine On RequestHeader set HTTP:X-SSL-Enabled "true" RewriteCond %{HTTP:X-SSL-Enabled} !true RewriteRule (.*) https://domain.webhosting.rug.nl/$1 [R,L] ``` wordpress https ``` Add the following to the wp-config.php if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'X-SSL-Enabled') != 'true') { $_SERVER['HTTPS']='on'; } If you get mixed content warnings, in the default theme. edit the file : wp-content/themes/twentyseventeen/assets/images/svg-icons.svg and replace http to https old xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> new xmlns="https://www.w3.org/2000/svg" xmlns:xlink="https://www.w3.org/1999/xlink"> ``` ## SSH SSH provides a secure channel over an unsecured network in a client-server architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. Example Connection ``` ssh f-number@ssh.webhosting.rug.nl ``` Example Tunnel ``` ssh -L 8080:IP:80 f-number@ssh.webhosting.rug.nl -N 1 ``` WEB This only works with Two Factor Authentication ``` https://ssh.webhosting.rug.nl ``` Two factor auth ``` Put two files inside you're homedir/.ssh folder mobile_number and email_address $ cat ~/.ssh/mobile_number 0612345678 $ cat ~/.ssh/email_address email@rug.nl ``` Aps ``` filezilla putty wincp ducky ssh ``` ## MYSQL PHPmyAdmin ``` https://mysql.webhosting.rug.nl ``` CLI dump database ``` $ ssh account@ssh.webhosting.rug.nl $ mysqldump --host mysql01.service.rug.nl -u account -p -D database \ | gzip -c | > ~/backup/database.sql.gz ``` CLI restore database ``` $ ssh account@ssh.webhosting.rug.nl $ gunzip < ~/backup/database.sql.gz | mysql --host mysql01.service.rug.nl \ -u account -p database > ~/backup/database.sql ``` CLI optimize database ``` $ ssh account@ssh.webhosting.rug.nl $ mysqloptimze --host mysql01.service.rug.nl -u account -p -D database ``` CLI enter database ``` $ ssh account@ssh.webhosting.rug.nl $ mysql --host mysql01.service.rug.nl -u account -p ``` CLI remote access database ``` $ ssh -L 3306:mysql01.service.rug.nl:3306 account@ssh.webhosting.rug.nl -N 1 $ mysql --host localhost -u account -p ``` ## POSTGRES phpPgAdmin https://psql.webhosting.rug.nl ## PHP $ cat ~\site\.htaccess Override upload filesize ``` php_value upload_max_filesize 100M php_value post_max_size 100M php_value max_execution_time 200 php_value max_input_time 200 ``` Override memory limit ``` php_value memory_limit 64M ``` Access ``` RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR] RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$ RewriteCond %{REMOTE_ADDR} !^129\.125\. RewriteCond %{REMOTE_ADDR} !^77\.43\.20\. RewriteCond %{REMOTE_ADDR} !^10\.9\. RewriteRule ^(.*)$ - [R=403,L] ```