Nginx is open-source software for web serving, reverse proxying, caching, load balancing, media streaming, and more. In this post, I will mention few Nginx configurations which we use frequently.
server{# Standard HTTP Protocollisten80;# Standard HTTPS Protocollisten443ssl;# Listen on 80 using IPv6listen[::]:80;# Listen only on using IPv6listen[::]:80ipv6only=on;}
Access Logging
server{# Relative or full path to log fileaccess_log/path/to/file.log;# Turn 'on' or 'off'access_logon;}
Domain Name
server{# Listen to yourdomain.comserver_nameyourdomain.com;# Listen to multiple domainsserver_nameyourdomain.comwww.yourdomain.com;# Listen to all domainsserver_name*.yourdomain.com;# Listen to all top-level domainsserver_nameyourdomain.*;# Listen to unspecified Hostnames (Listens to IP address itself)server_name"";}
server{listen80;server_nameyourdomain.com;location/{proxy_passhttp://0.0.0.0:3000;# where 0.0.0.0:3000 is your application server (Ex: node.js) bound on 0.0.0.0 listening on port 3000}}
server{listen443ssl;server_nameyourdomain.com;sslon;ssl_certificate/path/to/cert.pem;ssl_certificate_key/path/to/privatekey.pem;ssl_staplingon;ssl_stapling_verifyon;ssl_trusted_certificate/path/to/fullchain.pem;ssl_protocolsTLSv1TLSv1.1TLSv1.2;ssl_connection_timeout1d;ssl_session_cacheshared:SSL:50m;add_headerStrict-Transport-Securitymax-age=15768000;}# Permanent Redirect for HTTP to HTTPSserver{listen80;server_nameyourdomain.com;return301https://$host$request_uri;}
To put inside a configuration file in /etc/nginx/conf.d/
# do not cache xmlhttp requests
map$http_x_requested_with$http_request_no_cache{default0;XMLHttpRequest1;}# do not cache requests for the following cookies
map$http_cookie$cookie_no_cache{default0;"~*wordpress_[a-f0-9]+"1;"~*wp-postpass"1;"~*wordpress_logged_in"1;"~*wordpress_no_cache"1;"~*comment_author"1;"~*woocommerce_items_in_cart"1;"~*woocommerce_cart_hash"1;"~*wptouch_switch_toogle"1;"~*comment_author_email_"1;}# do not cache requests for the following uri
map$request_uri$uri_no_cache{default0;"~*/wp-admin/"1;"~*/wp-[a-zA-Z0-9-]+.php"1;"~*/feed/"1;"~*/index.php"1;"~*/[a-z0-9_-]+-sitemap([0-9]+)?.xml"1;"~*/sitemap(_index)?.xml"1;"~*/wp-comments-popup.php"1;"~*/wp-links-opml.php"1;"~*/wp-.*.php"1;"~*/xmlrpc.php"1;}# do not cache request with args (like site.tld/index.php?id=1)
map$query_string$query_no_cache{default1;""0;}# map previous conditions with the variable $skip_cache
map$http_request_no_cache$cookie_no_cache$uri_no_cache$query_no_cache$skip_cache{default1;00000;}
Define fastcgi_cache settings
To put inside another configuration file in /etc/nginx/conf.d
server{server_namedomain.tld;access_log/var/log/nginx/domain.tld.access.log;error_log/var/log/nginx/domain.tld.error.log;root/var/www/domain.tld/htdocs;indexindex.phpindex.htmlindex.htm;# add X-fastcgi-cache header to see if requests are cached
add_headerX-fastcgi-cache$upstream_cache_status;# default try_files directive for WP 5.0+ with pretty URLs
location/{try_files$uri$uri//index.php$is_args$args;}# pass requests to fastcgi with fastcgi_cache enabled
location~\.php${try_files$uri=404;includefastcgi_params;fastcgi_passphp;fastcgi_cache_bypass$skip_cache;fastcgi_no_cache$skip_cache;fastcgi_cacheWORDPRESS;fastcgi_cache_valid20030m;}# block to purge nginx cache with nginx was built with ngx_cache_purge module
location~/purge(/.*){fastcgi_cache_purgeWORDPRESS"$scheme$request_method$host$1";access_logoff;}}
location/folder/{# The / is important!
proxy_passhttp://127.0.0.1:3000/;# The / is important!
proxy_redirectoff;proxy_set_headerHost$host;proxy_set_headerX-Real-IP$remote_addr;proxy_set_headerX-Forwarded-For$proxy_add_x_forwarded_for;}
Proxy keepalive for websocket
# Upstreams
upstreambackend{server127.0.0.1:3000;keepalive5;}# HTTP Server
server{server_nameyour_hostname.com;error_log/var/log/nginx/rocketchat.access.log;location/{proxy_passhttp://backend;proxy_http_version1.1;proxy_set_headerUpgrade$http_upgrade;proxy_set_headerConnection"upgrade";proxy_set_headerHost$http_host;proxy_set_headerX-Real-IP$remote_addr;proxy_set_headerX-Forward-For$proxy_add_x_forwarded_for;proxy_set_headerX-Forward-Protohttp;proxy_set_headerX-Nginx-Proxytrue;proxy_redirectoff;}}
Reverse-Proxy For Apache
server{server_namedomain.tld;access_log/var/log/nginx/domain.tld.access.log;error_log/var/log/nginx/domain.tld.error.log;root/var/www/domain.tld/htdocs;# pass requests to Apache backend
location/{proxy_passhttp://backend;}# handle static files with a fallback
location~*\.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|zip|webm|mp3|aac|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ {add_header"Access-Control-Allow-Origin""*";access_logoff;log_not_foundoff;expiresmax;try_files$uri@fallback;}# fallback to pass requests to Apache if files are not found
location@fallback{proxy_passhttp://backend;}}
# serve WebP images if web browser support WebP
map$http_accept$webp_suffix{default"";"~*webp"".webp";}
Set conditional try_files to server WebP image :
if web browser support WebP
if WebP alternative exist
# webp rewrite rules for jpg and png images
# try to load alternative image.png.webp before image.png
location/wp-content/uploads{location~\.(png|jpe?g)${add_headerVary"Accept-Encoding";add_header"Access-Control-Allow-Origin""*";add_headerCache-Control"public,no-transform";access_logoff;log_not_foundoff;expiresmax;try_files$uri$webp_suffix$uri=404;}}
Representational state transfer (REST) or RESTful web services provide a way to exchange data between applications or systems on the Internet. RESTful web service also refers as RESTful API, uses HTTP request to GET, PUT, POST and DELETE data across platforms. In present days, RESTful API is an essential component of the web application.
When the CodeIgniter application requires communicating with another application, RESTful API is needed to integrate into CodeIgniter. Using RESTful API in CodeIgniter, you can exchange data between different applications or platform. This tutorial shows RESTful server implementation for CodeIgniter and you will learn how to create RESTful web services in CodeIgniter.
To demonstrate CodeIgniter REST API, we will implement CRUD operations in CodeIgniter web service. The following tasks will be performed to create a simple REST API in CodeIgniter.
Setup RESTful library for CodeIgniter.
Create API method to fetch the user information via GET request.
Create API methods to add, edit, and delete user information via POST, PUT, and DELETE request.
Interact with the CodeIgniter Rest API using PHP cURL.
Test HTTP calls with Google Chrome Postman extension.
Before you get started, take a look the files structure of CodeIgniter REST API.
Create Database Tables
To store user’s information, a table needs to be created in the database. The following SQL creates a users table with some basic fields in MySQL database.
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`first_name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`last_name` varchar(100) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`phone` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime NOT NULL,
`modified` datetime NOT NULL,
`status` enum('1','0') COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
The following SQL creates a keys table to store REST API key for authentication.
CREATE TABLE `keys` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`key` varchar(40) NOT NULL,
`level` int(2) NOT NULL,
`ignore_limits` tinyint(1) NOT NULL DEFAULT '0',
`is_private_key` tinyint(1) NOT NULL DEFAULT '0',
`ip_addresses` text,
`date_created` datetime NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Now insert an API key in keys table, which will be used on API call.
We will use CodeIgniter REST_Controller to build RESTful web services in CodeIgniter. Follow the below steps to setup REST Controller Library in your CodeIgniter application.
Download REST config file and place in the application/config/ directory.
Open the application/config/rest.php file and setup the following configuration.
Download REST_Controller file and place in the application/libraries/ directory.
Download Format class file and place in the application/libraries/ directory.
Download Language file and place in the application/language/english/ directory.
Note that: All the required library files are included in our example CodeIgniter application, so, you don’t need to download these files separately. Download our source code to get sample CodeIgniter RESTful Web service application.
Create Model
Open the application/models/ directory and create User.php file and add the following code to handle the database related works.
The User model has the following methods to fetch, insert, update, and delete user data in the database.
__construct() – Load the database library.
getRows() – Fetch the user data from the users table and returns single row or multiple rows.
insert() – Insert user data in the users table.
user_put() – Update user data in the users table based on the given ID.
user_delete() – Delete user from the users table based on the given ID.
load->database();
}
/*
* Fetch user data
*/
function getRows($id = ""){
if(!empty($id)){
$query = $this->db->get_where('users', array('id' => $id));
return $query->row_array();
}else{
$query = $this->db->get('users');
return $query->result_array();
}
}
/*
* Insert user data
*/
public function insert($data = array()) {
if(!array_key_exists('created', $data)){
$data['created'] = date("Y-m-d H:i:s");
}
if(!array_key_exists('modified', $data)){
$data['modified'] = date("Y-m-d H:i:s");
}
$insert = $this->db->insert('users', $data);
if($insert){
return $this->db->insert_id();
}else{
return false;
}
}
/*
* Update user data
*/
public function update($data, $id) {
if(!empty($data) && !empty($id)){
if(!array_key_exists('modified', $data)){
$data['modified'] = date("Y-m-d H:i:s");
}
$update = $this->db->update('users', $data, array('id'=>$id));
return $update?true:false;
}else{
return false;
}
}
/*
* Delete user data
*/
public function delete($id){
$delete = $this->db->delete('users',array('id'=>$id));
return $delete?true:false;
}
}
?>
Create API Controller
It’s always a good idea to group all API controllers in a separate folder for better usability. So, create an api/ folder in application/controllers/ directory to place the controller which will be used for API call.
Open the application/controllers/api/ directory and create Example.php file. At first, include the REST Controller library and add the following code.
The Example API controller has the following methods to handle the GET, POST, PUT, and DELETE request.
__construct() – Load the User model.
user_get() – Return the user data from database. If the ID parameter doesn’t exist, it returns all the rows otherwise single row will be returned.
user_post() – Add user data to the database.
user_put() – Update the user data in the database based on the ID.
user_delete() – Delete the user from the database based on the ID.
load->model('user');
}
public function user_get($id = 0) {
//returns all rows if the id parameter doesn't exist,
//otherwise single row will be returned
$users = $this->user->getRows($id);
//check if the user data exists
if(!empty($users)){
//set the response and exit
$this->response($users, REST_Controller::HTTP_OK);
}else{
//set the response and exit
$this->response([
'status' => FALSE,
'message' => 'No user were found.'
], REST_Controller::HTTP_NOT_FOUND);
}
}
public function user_post() {
$userData = array();
$userData['first_name'] = $this->post('first_name');
$userData['last_name'] = $this->post('last_name');
$userData['email'] = $this->post('email');
$userData['phone'] = $this->post('phone');
if(!empty($userData['first_name']) && !empty($userData['last_name']) && !empty($userData['email']) && !empty($userData['phone'])){
//insert user data
$insert = $this->user->insert($userData);
//check if the user data inserted
if($insert){
//set the response and exit
$this->response([
'status' => TRUE,
'message' => 'User has been added successfully.'
], REST_Controller::HTTP_OK);
}else{
//set the response and exit
$this->response("Some problems occurred, please try again.", REST_Controller::HTTP_BAD_REQUEST);
}
}else{
//set the response and exit
$this->response("Provide complete user information to create.", REST_Controller::HTTP_BAD_REQUEST);
}
}
public function user_put() {
$userData = array();
$id = $this->put('id');
$userData['first_name'] = $this->put('first_name');
$userData['last_name'] = $this->put('last_name');
$userData['email'] = $this->put('email');
$userData['phone'] = $this->put('phone');
if(!empty($id) && !empty($userData['first_name']) && !empty($userData['last_name']) && !empty($userData['email']) && !empty($userData['phone'])){
//update user data
$update = $this->user->update($userData, $id);
//check if the user data updated
if($update){
//set the response and exit
$this->response([
'status' => TRUE,
'message' => 'User has been updated successfully.'
], REST_Controller::HTTP_OK);
}else{
//set the response and exit
$this->response("Some problems occurred, please try again.", REST_Controller::HTTP_BAD_REQUEST);
}
}else{
//set the response and exit
$this->response("Provide complete user information to update.", REST_Controller::HTTP_BAD_REQUEST);
}
}
public function user_delete($id){
//check whether post id is not empty
if($id){
//delete post
$delete = $this->user->delete($id);
if($delete){
//set the response and exit
$this->response([
'status' => TRUE,
'message' => 'User has been removed successfully.'
], REST_Controller::HTTP_OK);
}else{
//set the response and exit
$this->response("Some problems occurred, please try again.", REST_Controller::HTTP_BAD_REQUEST);
}
}else{
//set the response and exit
$this->response([
'status' => FALSE,
'message' => 'No user were found.'
], REST_Controller::HTTP_NOT_FOUND);
}
}
}
?>
Interacting with CodeIgniter RESTful Web Services
Now it’s time to interact with the CodeIgniter RESTful Web Services. The cURL is the most flexible and easiest way to interact with a REST API. In the following example code, we will show you how to send GET, POST, PUT and DELETE request to CodeIgniter REST API using PHP cURL. Also, HTTP Basic authentication and API key will be used to connect with RESTful API.
Retrieve User Data via REST API
The following code performs a GET request to fetch the user data via RESTful Web Services (Example API).
The WordPress REST API was introduced in the WordPress core at the end of 2016 with the release of WordPress 4.6. Like all the big changes that appear in the platform, the REST API generated controversy in some and indifference in others.
It’s even possible that you have no idea what it is, but if you have an updated version of WordPress (and you should) you are exposing many aspects of your website publicly through the REST API. Just append the fragment /wp-json/ to your domain name and visit this URL to see it with your own eyes.
Moreover, do the exercise of visiting the following web URLs and you may be surprised with what you’ll find:
mydomain.com/wp-json/wp/v2/users
mydomain.com/wp-json/wp/v2/posts
As a result of the first URL you will have a JSON with the data of the users of your web. Notice that user identifiers are included there, and this is something that people traditionally hide due to security issues and to prevent possible attacks.
The second URL shows us a list with the last posts. However, if you have protected content that only certain premium users of your website (in a membership site, for example) should have access to, it’s possible that you’ve been exposing this premium content through the REST API.
Let’s see how we can avoid compromised situations by being more aware of what we publicly expose through the WordPress REST API.
Show WordPress REST API Only to Registered Users
A solution that we can implement to hide the WordPress REST API is to prevent those users who are not registered on our website from accessing it.
To hide the REST API to unregistered users, we must add the following code in our WordPress. Remember that you can put it in the functions.php file of your theme or just develop a plugin for it (a much better option).
}
if ( ! current_user_can( 'administrator' ) ) {
return new WP_Error( 'rest_not_admin', 'You are not an administrator.', array( 'status' => 401 ) );
}
return $result;
});
Change password in CodeIgniter with callback validation for check old password.
Controller
application/controllers/Users.php
defined('BASEPATH')ORexit('No direct script access allowed');classUsersextendsCI_Controller{publicfunction__construct(){parent::__construct();$this->load->helper('form');$this->load->library('form_validation');$this->load->model('users_model');}privatefunctionlogged_in(){if(!$this->session->userdata('authenticated')){redirect('users/login');}}publicfunctionchangePassword(){$this->logged_in();$data['title']='Change Password';$this->load->library('form_validation');$this->form_validation->set_rules('oldpass','old password','callback_password_check');$this->form_validation->set_rules('newpass','new password','required');$this->form_validation->set_rules('passconf','confirm password','required|matches[newpass]');$this->form_validation->set_error_delimiters('
','
');if($this->form_validation->run()==false){$this->load->view('header',$data);$this->load->view('users/change_password',$data);$this->load->view('footer',$data);}else{$id=$this->session->userdata('id');$newpass=$this->input->post('newpass');$this->users_model->update_user($id,array('password'=>md5($newpass)));redirect('users/logout');}}publicfunctionpassword_check($oldpass){$id=$this->session->userdata('id');$user=$this->users_model->get_user($id);if($user->password!==md5($oldpass)){$this->form_validation->set_message('password_check','The {field} does not match');returnfalse;}returntrue;}}?>
Model
application/models/Users_model.php
defined('BASEPATH')ORexit('No direct script access allowed');classUsers_modelextendsCI_Model{publicfunctionget_user($id){$this->db->where('id',$id);$query=$this->db->get('users');return$query->row();}publicfunctionupdate_user($id,$userdata){$this->db->where('id',$id);$this->db->update('users',$userdata);}}?>
View
application/views/users/change_password.php
div class="row justify-content-center"><div class="col-6"><h1>echo$title?>h1>echoform_open('users/changePassword',array('id'=>'passwordForm'))?><div class="form-group"><input type="password"name="oldpass"id="oldpass"class="form-control"placeholder="Old Password"/>echoform_error('oldpass','
CREATE TABLE IF NOT EXISTS `ci_sessions` (
`id` varchar(40) NOT NULL,
`ip_address` varchar(45) NOT NULL,
`timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
`data` blob NOT NULL,
KEY `ci_sessions_timestamp` (`timestamp`)
)
How do I install MySQL server 8.0 on CentOS 8 Linux server running on Linode and AWS cloud? How do I add and set up a new MySQL user and database account on the newly created CentOS server?
Oracle MySQL server version 8.0 is a free and open-source free database server. It is one of the most popular database system used in web apps and websites on the Internet.
Typically MySQL is part of the LAMP (Linux, Apache/Nginx, MySQL, Perl/Python/PHP) stack. Popular open-source software such as WordPress, MediaWiki, and others profoundly used by MySQL as a database storage engine. Let us see how to install MySQL server version 8.x on CentOS 8 Linux server.
First, open the terminal app and then log in to your CentOS server using the ssh command: $ ssh vivek@centos-8-ec2-box-ip
Now, update CentOS system to apply security updates and fixes on Linux system using the dnf command/yum command: $ sudo yum update ## or ##
$ sudo dnf update Sample outputs:
Luckily our CentOS 8 box comes with MySQL 8 server package. Let us search for it: $ sudo yum search mysql-server
$ sudo yum module list mysql
And we see:
Last metadata expiration check: 0:02:47 ago on Mon Nov 23 16:26:31 2020.
===================== Name Exactly Matched: mysql-server ======================
mysql-server.x86_64 : The MySQL server and related files
Next, find out version information, run: $ sudo yum info mysql-server
Here is what we see:
Last metadata expiration check: 0:02:22 ago on Mon Nov 23 16:26:31 2020.
Available Packages
Name : mysql-server
Version : 8.0.21
Release : 1.module_el8.2.0+493+63b41e36
Architecture : x86_64
Size : 22 M
Source : mysql-8.0.21-1.module_el8.2.0+493+63b41e36.src.rpm
Repository : AppStream
Summary : The MySQL server and related files
URL : http://www.mysql.com
License : GPLv2 with exceptions and LGPLv2 and BSD
Description : MySQL is a multi-user, multi-threaded SQL database server. MySQL
: is a client/server implementation consisting of a server daemon
: (mysqld) and many different client programs and libraries. This
: package contains the MySQL server and some accompanying files
: and directories.
Install it: $ sudo yum install mysql-server
Click to enlarge
Step 2 – Enabling MySQL 8 mysqld.service,server
The service name is mysqld.service, and we need to enable it using the following systemctl command: $ sudo systemctl enable mysqld.service
Confirmation displayed:
Start the service and then verify it: $ sudo systemctl start mysqld.service
$ sudo systemctl status mysqld.service
● mysqld.service - MySQL 8.0 database server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-11-23 16:50:14 UTC; 4s ago
Process: 551 ExecStopPost=/usr/libexec/mysql-wait-stop (code=exited, status=0/SUCCESS)
Process: 681 ExecStartPost=/usr/libexec/mysql-check-upgrade (code=exited, status=0/SUCCESS)
Process: 601 ExecStartPre=/usr/libexec/mysql-prepare-db-dir mysqld.service (code=exited, status=0/SUCCESS)
Process: 577 ExecStartPre=/usr/libexec/mysql-check-socket (code=exited, status=0/SUCCESS)
Main PID: 637 (mysqld)
Status: "Server is operational"
Tasks: 39 (limit: 24960)
Memory: 331.0M
CGroup: /system.slice/mysqld.service
└─637 /usr/libexec/mysqld --basedir=/usr
Nov 23 16:50:13 centos-aws-mysql systemd[1]: Stopped MySQL 8.0 database server.
Nov 23 16:50:13 centos-aws-mysql systemd[1]: Starting MySQL 8.0 database server...
Nov 23 16:50:14 centos-aws-mysql systemd[1]: Started MySQL 8.0 database server.
Step 3 – Securing MySQL 8 server
All you need to do is type the following command, and it will secure MySQL 8 server installation on CentOS Linux: $ sudo mysql_secure_installation
Please set the password for root here.
New password:
Re-enter new password:
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!
Step 4 – Starting/Stopping/Restarting MySQL 8 server
The syntax is: $ sudo systemctl start mysql.service
$ sudo systemctl stop mysql.service
$ sudo systemctl restart mysql.service
To view the MySQL 8 service log as follows using the journalctl command: $ sudo journalctl -u mysqld.service -xe
$ sudo tail -f /var/log/mysql/mysqld.log MySQL 8 log file sample entries:
2020-11-23T16:55:19.101316Z 0 [System] [MY-013172] [Server] Received SHUTDOWN from user . Shutting down mysqld (Version: 8.0.21).
2020-11-23T16:55:21.728819Z 0 [Warning] [MY-010909] [Server] /usr/libexec/mysqld: Forcing close of thread 10 user: 'root'.
2020-11-23T16:55:23.083389Z 0 [System] [MY-010910] [Server] /usr/libexec/mysqld: Shutdown complete (mysqld 8.0.21) Source distribution.
2020-11-23T16:56:19.225544Z 0 [System] [MY-010116] [Server] /usr/libexec/mysqld (mysqld 8.0.21) starting as process 524
2020-11-23T16:56:19.237500Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
2020-11-23T16:56:19.562441Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
2020-11-23T16:56:19.677202Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /var/lib/mysql/mysqlx.sock
2020-11-23T16:56:19.754024Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
2020-11-23T16:56:19.754207Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
2020-11-23T16:56:19.780843Z 0 [System] [MY-010931] [Server] /usr/libexec/mysqld: ready for connections. Version: '8.0.21' socket: '/var/lib/mysql/mysql.sock' port: 3306 Source distribution.
Step 5 – Testing MySQL 8 installation
So far, so good. You learned how to install, set up, secure, and start/stop the MySQL 8 on CentOS 8 Linux cloud server. It is time to log in as a
mysql root user. The syntax is: $ mysql -u root -p
$ mysql -u USER -h host -p
$ mysql -u USER -h host -p mysql
Let us type a few SQL commands at the mysql> prompt: STATUS;
SHOW VARIABLES LIKE "%version%";
quit
Step 6 – Creating a new MySQL 8 database and user account with password
Let create a new database called ‘spacedb‘, type at the mysql> prompt: CREATE DATABASE spacedb;
Next, we are going to create a new user named ‘mars‘ for our database called ‘spacedb’ as follows: CREATE USER 'mars'@'%' IDENTIFIED BY 'User_Password_Here';
Finally, give permissions: GRANT SELECT, INSERT, UPDATE, DELETE ON spacedb.* TO 'mars'@'%';
Of course, we can grant ALL PRIVILEGES too as follows: GRANT ALL PRIVILEGES ON spacedb.* TO 'mars'@'%';
See MySQL 8 users and their grants/permissions as follows: SELECT user,host FROM mysql.user;
SHOW GRANTS for mars;
quit
Test new user settings and DB as follows: mysql -u mars -p spacedb
mysql -u mars -h localhost -p spacedb
Where,
-u mars; : User name for login
-h localhost : Connect to server named localhost
-p : Prompt for password
spacedb : Connect to database named spacedb
Step 7 – Configuring MySQL 8 server on a CentOS 8
Let us see default config file using the cat command: # cat /etc/my.cnf.d/mysql-server.cnf Config:
WARNING: See MySQL documentation for a detailed explanation for tuning options as to each server and set up is unique. Do not set up values blindly. I provide them as a starting point for optimizing MySQL 8 installation and values depending upon available RAM, CPU cores, server load and other circumstances.
Step 8 – Firewall configuration to open MySQL server TCP port 3306
Are you using MySQL 8 server remotely? Do you have Apache/Nginx/PHP/Python/Perl app on another server? Then open port for everyone: $ sudo firewall-cmd --zone=public --add-service=mysql --permanent
Only allow access from 192.168.1.0/24 CIDR: $ sudo firewall-cmd \
--add-rich-rule 'rule family="ipv4" \
source address="192.168.1.0/24" \
service name="mysql" accept' --permanent
The above is fine grained firewalld access rules to restrict access to MySQL 8 server to VLAN users only. See how to set up a firewall using FirewallD on CentOS 8 Linux for more info.
Conclusion
And there you have it, Oracle MySQL server version 8.x set up and running correctly on a CentOS Linux 8 server with Firewalld config. Further, you learned how to add a new database, user, and password for your project including MySQL 8 server tuning options.
ISD ofron suport IT me staf të kualifikuar të gatshëm 24×7. Suporti ynë është i disponueshëm online, offline, remote, offsite dhe përmes manualeve të përdorimit dhe të administrimit. Suporti i ISD ofrohet në forma të ndryshme: të herëpashershëm, me kontratë të thjeshtë dhe me kontratë profesionale.
