How to create a basic web server in Node.js

Node.js has become one of the most popular choices for server-side development since its initial release over a decade ago. Although it is still relatively new compared to PHP and other backend technologies, it has been widely adopted by tech giants like LinkedIn, PayPal, Netflix, etc.

This article will teach you how to build and run your own web server with Node.js and the Express.js web framework.

Technologies and packages involved

Node.js is a JavaScript runtime built on Chrome’s V8 engine that allows you to run JavaScript code outside of the browser. Traditionally, the JavaScript programming language has been used to manipulate the Document Object Model (DOM), adding interactivity to websites.

For this reason, the JavaScript code has been restricted to run only in the browser, as the DOM only exists on web pages. With Node.js, you can run JavaScript at the command line and on servers. Therefore, it is essential to install Node.js and npm on your machine before starting.

On the other hand, Express.js is a minimalist web framework that has become the de facto backend framework for Node.js. However, Express.js is not a necessity. You can still use the http Node.js module to build your server. Express.js is built on top of the http module and provides a simpler API with all the necessary configurations.

Build a web server

To better organize your code, you can start by creating a folder where all the files and dependencies will reside. Since Express.js is not a built-in Node.js module, you will need to install it using npm.

Read more: What is npm?

To install the Express.js package, run the command npm install express on your terminal or command prompt. Make sure you are in the project directory before installation.

Install express via npm

When done, you can open the folder using any text editor or IDE of your choice and create a new file named server.js. To use the Express.js package, you must first import and create an instance of it in the server.js file like this:

const express = require('express');
const app = express();

The main purpose of a web server is to respond to requests from different routes with the appropriate handler function. This code handles all GET requests made at the root (“/”) and responds with “Hello World!”

app.get('/', (req, res) => {
res.send('

Hello World

');
});

Likewise, you can display dynamic content and perform other operations depending on the path and type of request you make. This can be done using the route parameters, indicated by the semicolon : in front of the parameter.

app.get('/:name', (req, res) => {
res.send(`

Welcome to ${req.params.name}!

`);
};

In the two examples above, the first line represents the use of the .to have() Express.js method which takes 2 parameters: the endpoint or the route, and a callback handler function which takes requests and response objects as parameters. These 2 parameters are sent automatically when you make a request.

In the second line, the answer is made through the .send() method on the response object. Inside the parenthesis, you can enter any text or HTML code you want. In the case of dynamic routes, access req.params.name (since you used /:Name) of the request object will return the value of the dynamic route parameter (name in that case.)

Finally, to start listening for incoming requests on a port, you can use the .Listen() method that takes the port number and an optional callback function to execute on successful execution.

app.listen(5000, console.log('Server is running on port 5000'));

I used port 5000 in the example, but you can change it to any valid port. That’s all the code you need to build a basic web server with Node.js and Express.js. The same concept can be extended further to make other demands such as PUBLISH, TO PUT, Where WIPE OFF to other routes. Here is how the server.js the file will look like:

ExpressJS code for web server

Server test

To run the code and start the server, run the node server on your terminal or at the command prompt in the project directory. This will perform the callback function you provided on the .Listen() method.

Express server running

To confirm that the server is running, open a web browser and visit http: // localhost: 5000

Express.js - root route demo

Likewise, if you are visiting a dynamic route such as http: // localhost: 5000 / muo, the second handler function will run and display:

Express.js - Dynamic route demo

To stop the server, press Ctrl + C under Windows or Cmd + C on macOS.

Node.js can do more

The popularity of JavaScript is increasing sharply as developers use it on both the front-end and the back-end. This eliminates the need to learn multiple programming languages ​​and helps you start your journey as a full-stack web developer using only JavaScript.

If you decide you’d rather try out Google’s programming language, building a basic web server is a great starter project.


featured image for Go web server
How to create a basic web server in Go

Ready, Ready, Golang: Start building web servers with Go.

Read more


About the Author


Source link

GoAhead Developers Fix Embedded Web Server Null Byte Injection Vulnerability

Exploitation requires additional vulnerability or device misconfiguration

UPDATE Embedthis fixed a null byte injection vulnerability in GoAhead, the embedded web server deployed in hundreds of millions of devices.

“A specially crafted URL with an embedded character before the extension can result in an incorrect file with a truncated filename serving,” read a security advisory on GitHub documenting the bug.

Quoting the hypothetical URL https://example.com/example%00.html, the notice states that “the is decoded to be NULL”, causing the file manager to serve as “example” instead of ” example.html ”.

As a result, “remote attackers could access documents whose names are strict subsets of longer valid URLs.”

The advisory nonetheless describes the severity of the bug as “low” because “an exploit requires [either] additional vulnerability via downloaded malicious files ”or device configuration errors.

“Unlikely configuration”

The fault was discovered by Luc Rindel, infosec master’s student at Carnegie Mellon University, during a 2021 PlaidCTF challenge earlier this month that involved manipulating the values ​​of the camera and IoT sensor.

“The vulnerability abuses the mismatch between the scan of the route extension and the decoded filename to trick GoAhead into believing that a file should be sent to the JST [JavaScript Template] manager even if it has an incorrect extension, ”says Rindels The daily sip.

“GoAhead should only send .html files to the JST manager, but the vulnerability allows any file to be sent to the JST manager.”

While Rindels achieved XSS via a CSP bypass, it was done, he conceded, “using a highly personalized and unlikely setup.”

With the correct incorrect device configurations and ‘combined vulnerabilities required – this could cause a DoS or [an attacker to] take unwanted control of the device, ”said Michael O’Brien, CEO and founder of Embedthis. The daily sip.

Obstacles to exploitation

However, real-world exploitation appears to be an unlikely scenario.

The server must be misconfigured to “allow file downloads to a directory that can also run JST templates” and a JST template must be uploaded “to a file in the download directory of the same base name without the extension, ”before the file is served with it, O’Brien explains.

But “if an attacker can modify the configuration of the route, he already has access to the whole server and documents anyway”.

Keep up to date with the latest infosec research news

Additionally, the vulnerability “requires that a file with the same base name without an extension be present.” i.e. ‘example’ and example.html. Needless to say, most device manufacturers don’t and [it] It would be rather strange to do it on purpose.

JST expressions are also device-specific, he adds, so source code access is likely required as well.

Find the loophole

While looking for evidence of an incorrect extension analysis during CTF, Rindels realized that “the request URL must have been decoded, otherwise it couldn’t call with and delimiters,” Rindels says in a blog post published yesterday (April 26).

He suspected that a null byte exploit would fail, perhaps because “dangerous URL encodings like” would not be allowed or decoded, resulting in an error or an “attempt to serve.”

Alternatively, he speculated, “if the is decoded, in an extension request will simply be cut. There will be no overtime and GoAhead will attempt to serve.”

Undeterred, he downloaded a snapshot with the name containing, issued a request for, “and to my amazement the nuncio was there!”

Incidentally, the exploit failed to secure the CTF flag because Chrome blocks “URL encoded null bytes” but could pave the way for Rindels’ very first CVE.

Patching, attenuation

Embedthis fixed the vulnerability in GoAhead versions 4.1.4 and 5.1.2. Version 2.2 is not affected.

Embedthis “responded very quickly,” correcting the flaw on April 5, four days after it was reported, Rindels said.

In addition to applying the update, O’Brien urges users to avoid serving JST templates “from directories that do not overlap with download directories.” You should NEVER upload files to a directory that allows content to be served and JST models to be processed ”.

Vendor Says GoAhead is the World’s Most Popular Embedded Web Server, Hosting “Dynamic Embedded Web Applications Through a Single-Threaded, Event-Driven Kernel” in medical devices, network equipment and automation systems factory, among other devices.

This article was updated on April 28 with comments from Embedthis CEO Michael O’Brien.

DON’T FORGET TO READ Pwn2Own 2021: Zoom exploit without click among winners as payout record was broken



Source link

How to create a basic web server in Go

Go is an exciting programming language for building modern web applications as well as system software. It swept the tech industry upon its release and powers services like Docker, Kubernetes, Terraform, Dropbox, and Netflix.

Plus, Go’s solid collection of built-in packages make it a great choice for web programming. This article will teach you how to write a basic web server in Go.

Importing the necessary packages

The net / HTTP package provides everything needed to create web servers and clients. This package exposes several useful functions for handling web programming.

You can import it by adding the line below at the top of your source code:

import "net/http"

We will also use the fmt package for formatting strings and Newspaper package to handle errors. You can either import them individually as shown above, or factor all packages using a single import statement:

import (
"fmt"
"log"
"net/http"
)

You can proceed to write the main function after importing the required packages. Go ahead and save the source file with a .go extension. If you are using Vim, use the command below to save and exit Vim:

:wq server.go

Writing the main function

Go programs live in the main function, aptly named “main”. You will need to implement the server call here. Add the following lines to your source code and see what they do:

func main() {
http.HandleFunc("https://www.makeuseof.com/", index)
log.Fatal(http.ListenAndServe(":8080", nil))
}

We define the main function using the function keyword. Go has strict rules regarding the placement of the opening splint, so make sure the starting splint is on the correct line. The first statement in main defines that all web requests arriving at root (“https://www.makeuseof.com/”) the path will be managed by index, a function of the type http.HandlerFunc.

The second line starts the web server through the http.ListenAndServe function. It signals the server to constantly listen for incoming HTTP requests on port 8080 of the host machine. The second parameter of this function is necessary to block the program until the end.

Since http.ListenAndServe always returns an error, we wrap this call in a log.Fatal call. This statement logs all error messages generated on the server side.

Implementing the manager function

As you can see, the main function calls the index of the manager’s function to process customer requests. However, we have not yet defined this function for our server.

Let’s add the instructions needed to make the index function usable:

func index(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hi there, welcome to %s!", r.URL.Path[1:])
}

This function takes two different arguments of type http.ResponseWriter and http.Query. The http.ResponseWriter parameter contains the server’s response to the incoming request, which is in the form of an http.Request object.

The Fprintf function of the fmt package is used to display and manipulate text strings. We use it to display the server response to our web requests. Finally, the r.URL.Path[1:] The component is used to retrieve data that comes after the root path.

Add all parts together

Your Go web server should be ready once you’ve added everything together. The code should look like the following:

package main
import (
"fmt"
"log"
"net/http"
)
func index(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hi there, welcome to %s!", r.URL.Path[1:])
}
func main() {
http.HandleFunc("https://www.makeuseof.com/", index)
log.Fatal(http.ListenAndServe(":8080", nil))
}

The first line is required to compile this Go web server code as an executable file.

Simple web server built with Go

Create web servers with Go

Go’s robust library packages make web programming easy for beginners. You can quickly develop simple web servers with just a few lines of code.

In addition, the powerful testing features of this programming language also facilitate the implementation of Agile programming methodologies. It is a group of software development strategies based on iterative development and extensive collaboration between teams.


People collaborating at a table
What is the Agile Programming Methodology?

Whether you are applying for programming positions or want a more efficient way of working, you need to know Agile.

Read more


About the Author


Source link

SUNY Canton Achieves High Ratings in Online Directories and Ranking Services | Education

CANTON – SUNY Canton is a smart choice for adult learners according to Abbound’s 2021 Directory of Top Adult Credentials.

College admissions professionals are increasingly recruiting non-traditional students and those who attended college but never graduated. As of fall 2020, 31% of students seeking a degree at SUNY Canton were 24 years of age or older. About 70% of this population study online during a traditional semester.

“Our strength in online programs and flexible learning options are the main factors non-traditional students choose SUNY Canton,” said Melissa J. Evans, Executive Director of Enrollment. “We are also able to accompany people throughout the university application process, whether they have been away for a few months or 10 years.”

Abound selected the college for its accessibility, affordability, acceleration and advancement. The mention of the unranked repertoire has been added to a multitude of other lists denoting the continuing excellence of the college.

The most common programs were offered by the college’s new Center for Criminal Justice, Intelligence and Cyber ​​Security (CJIC). Criminal Justice Degree Hub has ranked SUNY Canton as the third best criminal justice program in New York City. The website is an independent resource dedicated to providing useful and accurate information to those interested in the field.

Study.com, a website aimed at making education accessible, has published rankings for several SUNY Canton programs, including:

The Bachelor of Homeland Security Technology was the first choice in a list of 11 similar degrees. Study.com said it is the perfect program for criminal justice students looking for a bachelor’s degree or for those who have already completed their associate degree. Students can choose between online or face-to-face courses and receive investigation and intelligence training through CJIC.

The Bachelor of Science in Legal Studies got ninth place out of a list of 21. The program provides students with internship opportunities in law firms. Students can also earn a law degree in six years through its three plus three agreement with the University of Buffalo School of Law.

The college was also on a list of the best bachelor’s degrees in criminal justice, earning a 47th place. Students can opt for one of the many four-year programs in the field, including the popular Bachelor of Technology in Criminal Justice: Law Enforcement Leadership and Bachelor of Technology in Criminal Investigation programs. CJIC professors have also recently created a Bachelor of Science in Forensic Criminology.

Intelligent.com, a website designed to help students on their pre-university journey by ranking colleges and programs across the country using publicly available aggregate data, ranked three of the college’s online programs:

The Bachelor of Business Administration in Finance was ranked 14 out of 45.

The Bachelor of Science in Emergency Management was ranked 43 out of 60.

The Bachelor of Homeland Security Technology was ranked 47 out of 63.

The website published rankings for these three programs and one other in a previous announcement.

As an Amazon Associate, I earn income on qualifying purchases.


Source link

Web Server Log Analysis Tools for 2021

Modern organizations track and record data from virtually every business process, which is why web server log analysis tools are essential for effectively using this information to get a clear picture of your network state. . Event logs, security logs, transactions, web server uptime, and CDN traffic are just a few of the types of logs you will collect.

Why do i need a web server log analyzer?

So why do you need a web server log analyzer? All of this data can quickly become overwhelming. To maximize data usage, you need to be able to easily find and analyze log files from a central location. Web log analysis tools allow you to filter logs, perform real-time searches, and query specific log data. These tools also present this data in a centralized view accessible from anywhere.

In some cases, analysis tools will also provide log management capabilities. Instead of inspecting data after it is saved, log management deals with how you manage that data. This can mean creating policies on how you generate and store logs or automating when logs are archived after a certain amount of time.

Pros and Cons of the 4 Best Web Log Analysis Tools

We’ve compiled a list of four web log analysis tools to help you start your research and get the most out of your log file data.

SolarWinds Loggly

SolarWinds Loggly is a SaaS log analytics and management provider focused on simplifying the log management process to alleviate some of the burden on system administrators and DevOps. Loggly can be used with Amazon AWS, Microsoft Azure, hybrid cloud environments, IoT systems, and microservices.

Advantages: Loggly’s dynamic field explorer, combined with its full-text searches, ranges, and Booleans, makes it easy to analyze large amounts of data and find the information you need. It also provides robust graphs and reports so that you can identify trends and identify unique network activity and root causes of issues.

The inconvenients: The basic plan is reasonably priced, but some great features, such as the LiveTail feature, are only available at an additional cost. So, the overall price may increase quickly depending on the number of features you need.

Graylog

Graylog is an open source tool designed to simplify data mining, compliance, and threat hunting. There is also a business version of Graylog, the price of which is based on the number of licenses on a server. Its flexible tool includes a REST API.

Advantages: This tool is popular for its seamless scalability, so it can grow exponentially with web properties. It has load balancing capabilities and can handle several terabytes of data per day. Its built-in fault tolerance allows multithreaded searches to analyze and correlate multiple potential threats simultaneously. This allows IT teams to quickly diagnose the root cause of problems.

The inconvenients: What Graylog lacks is its dashboard. Users find its visualizations and graphics limited.

Splunk

Splunk is a veteran in the field of newspaper management and analysis, since 2003. Its offerings are specifically tailored to large companies.

Advantages: Splunk makes delivering real-time data a priority. Not only can you search the logs in real time, but you can also configure thresholds and trigger conditions to send alerts in real time to reduce event resolution time. This tool also includes in-depth analyzes to support fast ad-hoc queries. Beyond log analysis, its log management capabilities shine among the competition. It includes powerful ways to determine how you will collect, store, index, and view log files.

The inconvenients: Splunk is expensive because it’s built for the business, but its biggest flaw is its ease of use. It’s a robust tool with a lot of advanced features, so there can be a steep learning curve.

Sumo Logic

Sumo Logic is a SaaS offering that takes log analytics technology into the future by implementing machine learning capabilities into its solution. The cloud-native solution analyzes over 100 petabytes of data every day.

Advantages: Sumo Logic’s machine learning technology unifies logs and metrics to provide real-time insight into business models to identify issues that need to be addressed and reveal new opportunities for improvement. You can also create predefined metric filters to identify anomalies in the network. Sumo Logic includes an intuitive dashboard to display graphical representations of anomalies and other system activity, and offers the ability to thoroughly filter logs.

The inconvenients: A constant problem with Sumo Logic is that searching the interface can be slow.

The benefits of log analysis tools

Efficient use of web log analysis tools can offer multiple benefits to make your job easier and keep your network efficient. Some of the benefits of log analysis tools include:

  • You can identify key trends and anomalies to gain a clear understanding of the health of your network and areas for improvement.
  • You can correlate event data with downtime on your network to identify the root cause of problems and resolve them quickly.
  • Use these logs to identify unauthorized user access or suspicious activity to prevent data breaches and locate entry points.
  • With all of your log files in one location, you’ll reduce the time you spend switching between different log locations to find the information most relevant to the task at hand.

How to Choose the Right Log Analysis Tool

When determining how to choose the right log analytics tool for your organization, focus on the specific features that will best address the issues you face.

Unique search features: Are you primarily focused on being able to find the log files you are looking for as quickly as possible? Then look for a tool with the most unique and robust search capabilities. These may include:

  • Filter logs by server, application, or custom settings
  • Search for individual queries
  • Perform granular searches
  • Perform real-time searches

Dashboard: Do you want to have an overview of the state of your system at a glance? Some web log analysis tools make it a priority to provide a clear, easy-to-use dashboard so that you can easily switch between views to determine the health, safety, and efficiency of your business. system.

Log management: If you want to reduce your budget or the number of tools in your technology stack, look for analytics tools with built-in log management functionality to avoid implementing another stand-alone product.

Advanced technology: Do you want to make sure that your web log analytics tool is ready for the problems of the future? This can be of particular concern if safety is a priority. Some tools now integrate machine learning capabilities into their solutions to make your job even easier and keep your system efficient.


Source link

Web Server Log Analysis Tools for 2021

Modern organizations track and record data from virtually every business process, which is why web server log analysis tools are essential for effectively using this information to get a clear picture of your network state. . Event logs, security logs, transactions, web server uptime, and CDN traffic are just a few of the types of logs you will collect.

Why do i need a web server log analyzer?

So why do you need a web server log analyzer? All of this data can quickly become overwhelming. To maximize data usage, you need to be able to easily find and analyze log files from a central location. Web log analysis tools allow you to filter logs, perform real-time searches, and query specific log data. These tools also present this data in a centralized view accessible from anywhere.

In some cases, analysis tools will also provide log management capabilities. Instead of inspecting data after it is saved, log management deals with how you manage that data. This can mean creating policies on how you generate and store logs or automating when logs are archived after a certain amount of time.

Pros and Cons of the 4 Best Web Log Analysis Tools

We’ve compiled a list of four web log analysis tools to help you start your research and get the most out of your log file data.

SolarWinds Loggly

SolarWinds Loggly is a SaaS log analytics and management provider focused on simplifying the log management process to alleviate some of the burden on system administrators and DevOps. Loggly can be used with Amazon AWS, Microsoft Azure, hybrid cloud environments, IoT systems, and microservices.

Advantages: Loggly’s dynamic field explorer, combined with its full-text searches, ranges, and Booleans, makes it easy to analyze large amounts of data and find the information you need. It also provides robust graphs and reports so that you can identify trends and identify unique network activity and root causes of issues.

The inconvenients: The basic plan is reasonably priced, but some great features, such as the LiveTail feature, are only available at an additional cost. So, the overall price may increase quickly depending on the number of features you need.

Graylog

Graylog is an open source tool designed to simplify data mining, compliance, and threat hunting. There is also a business version of Graylog, the price of which is based on the number of licenses on a server. Its flexible tool includes a REST API.

Advantages: This tool is popular for its seamless scalability, so it can grow exponentially with web properties. It has load balancing capabilities and can handle several terabytes of data per day. Its built-in fault tolerance allows multithreaded searches to analyze and correlate multiple potential threats simultaneously. This allows IT teams to quickly diagnose the root cause of issues.

The inconvenients: What Graylog lacks is its dashboard. Users find its visualizations and graphics limited.

Splunk

Splunk is a veteran in the field of newspaper management and analysis, since 2003. Its offerings are specifically tailored to large companies.

Advantages: Splunk makes delivering real-time data a priority. Not only can you search the logs in real time, but you can also configure thresholds and trigger conditions to send alerts in real time to reduce event resolution time. This tool also includes in-depth analyzes to support fast ad-hoc queries. Beyond log analysis, its log management capabilities shine among the competition. It includes powerful ways to determine how you will collect, store, index, and view log files.

The inconvenients: Splunk is expensive because it’s built for the business, but its biggest flaw is its ease of use. It’s a robust tool with a lot of advanced features, so there can be a steep learning curve.

Sumo Logic

Sumo Logic is a SaaS offering that takes log analytics technology into the future by implementing machine learning capabilities into its solution. The cloud-native solution analyzes over 100 petabytes of data every day.

Advantages: Sumo Logic’s machine learning technology unifies logs and metrics to provide real-time insight into business models to identify issues that need to be addressed and reveal new opportunities for improvement. You can also create predefined metric filters to identify anomalies in the network. Sumo Logic includes an intuitive dashboard to display graphical representations of anomalies and other system activity, and offers the ability to thoroughly filter logs.

The inconvenients: A constant problem with Sumo Logic is that searching the interface can be slow.

The benefits of log analysis tools

Efficient use of web log analysis tools can offer multiple benefits to make your job easier and keep your network efficient. Some of the benefits of log analysis tools include:

  • You can identify key trends and anomalies to gain a clear understanding of the health of your network and areas for improvement.
  • You can correlate event data with downtime on your network to identify the root cause of problems and resolve them quickly.
  • Use these logs to identify unauthorized user access or suspicious activity to prevent data breaches and locate entry points.
  • With all of your log files in one location, you’ll reduce the time you spend switching between different log locations to find the information most relevant to the task at hand.

How to Choose the Right Log Analysis Tool

When determining how to choose the right log analytics tool for your organization, focus on the specific features that will best address the issues you face.

Unique search features: Are you primarily focused on being able to find the log files you are looking for as quickly as possible? Then look for a tool with the most unique and robust search capabilities. These may include:

  • Filtering logs by server, application, or custom settings
  • Search for individual queries
  • Perform granular searches
  • Perform real-time searches

Dashboard: Do you want to have an overview of the state of your system at a glance? Some web log analysis tools make it a priority to provide a clear, easy-to-use dashboard so that you can easily switch between views to determine the health, safety, and efficiency of your business. system.

Log management: If you want to reduce your budget or the number of tools in your technology stack, look for analytics tools with built-in log management functionality to avoid implementing another stand-alone product.

Advanced technology: Do you want to make sure that your web log analytics tool is ready for the problems of the future? This can be of particular concern if safety is a priority. Some tools now integrate machine learning capabilities into their solutions to make your job even easier and keep your system efficient.


Source link

How to install WordPress on Lighttpd web server – Ubuntu 20.04 / 18.04

Lighttpd is a popular web server known for its fast speed and light weight. Just like Apache2, it is also very easy to install and use with PHP to run various web applications and content management systems such as WordPress.

Here today we will show the process of installing WordPress on Lighttpd with MySQL and PHP. So, follow the steps below to get started.

Steps to install and configure WordPress on Lighttpd web server

It doesn’t matter if you are on a local server or cloud hosting, the process will be the same for both. Here we are using Ubuntu 20.04, however, we can run it on Ubuntu 18.04 LTS server and other similar operating systems like Linux Mint, MX Linux and Debian.

Run the system update command

Let the system installed packages reach their last state by running the update and upgrade commands:

sudo apt update
sudo apt upgrade

Install Lighttpd for WordPress and other web applications

As we are using Ubuntu Linux here, so we don’t need to add any third party repository for installing Lighttpd web server. Everything is there on the official repo of this Linux, just run the command below:

sudo apt install lighttpd

Activate and check the status of Lighttpd

To make sure that the web server is automatically declared with system startup, we have to activate it every time. So, run the command below:

sudo systemctl enable lighttpd

Check the condition:

sudo systemctl status lighttpd

Now open the system browser or on any PC available in your network and type the IP address of the server where you installed the Lighttpd: http://ip-address

Install PHP

The command below installs not only PHP but also the plugins that we would need when using WordPress. However, when installing the same, apache2 will be installed automatically, so we ignore it.

sudo apt-get install php php-cgi php-cli php-fpm php-curl php-gd php-mysql php-mbstring zip unzip apache2-

Activate the FastCGI and FastCGI-PHP modules

Now everything is done, just one last thing before confirming that our PHP works fine with the Lighttpd web server which enables FastCGI extensions.

sudo lighty-enable-mod fastcgi fastcgi-php

Reload the service to apply the changes

sudo service lighttpd force-reload

Download and install MySQL

If you already have this MySQL or MariaDB database, you can skip this step, otherwise install it using the command below:

sudo apt install mysql-server

By default on Ubuntu 20.04 LTS, version 8 of Mysql will be available for installation.

Secure installation of MySQL

To make sure that our database server is secure and would not be easily compromised, run the MySQL secure command. This will remove demo users and databases, disable the remote root login, and allow you to configure a password for the MySQL root user.

sudo mysql_secure_installation

Create a database for Wordpres

Once you’re done securing your MySQL, run the following commands to create a database that we’ll use with our WordPress instance:

sudo mysql

Create a database that we use to store data from our website based on Wordpres CMS running on Lighttpd. Here in the command below light_word is the name of our database. You can change it with whatever you want.

create database `light_word` character set="utf8";

Now create a user to use with the database created above

create user 'demoh2s'@'localhost' identified by 'password';

The demoh2s is the username in the above command created on our system to access the database. Change the ‘password‘with the password you want to assign to your MySQL database user.

Finally, grant full permissions to the user to read, write, modify and delete data in the database. So, for this race:

GRANT ALL PRIVILEGES ON `light_word`.* to `demoh2s`@localhost;

Exit the MySQL command line:

exit

Download WordPress

Now we need to get ourselves the open source WordPress files that we need to set up this CMS on Lighttpd.

cd /tmp
wget https://wordpress.org/latest.zip

Create a folder in the webroot directory of Lighttpd

sudo mkdir /var/www/html/h2s

To note: You can change h2s in the syntax above with the name of the website you are installing WordPress for.

Extract the WordPress files, then move to the folder created above:

sudo unzip /tmp/latest.zip
sudo mv /tmp/wordpress/* /var/www/html/h2s

Now we have a directory inside the web root with a name h2s and all the files we need to use Wordpres inside.

Also give your Internet user all access to the created folder:

sudo chown -R www-data:www-data /var/www/html/h2s

Install WordPress on Lighttpd

Finally, go to your browser again and type IP address of the serer with the name of the directory where you extracted the WordPress file. If we follow the steps above, the directory name in our case is h2s. So, it will be like this: http://server-ip-address/h2s

Here is the screenshot to give you an idea:

Connection to the MySQL database min

Configure virtual host on Lighttpd

Now if you install it on hosting server or cloud and want to use domain or subdomain with Lighttpd, we need to create virtual host configuration file for them. So let’s say we want to use example.com for the WordPress instance created above.

To note: Replace example.com with your domain name.

Then create a configuration file for it

sudo nano /etc/lighttpd/example.com.conf

Add the following lines.

$HTTP["host"] =~ "example.com" {
server.document-root = "/var/www/html/h2s"
accesslog.filename = "/var/www/html/h2s/logs/access.log">
}

In the lines above, replace the Example with your domain name and .com with the TLD you have such as .com, .in, .org, etc. After that for /var/www/html/h2s– type the path of the folder where you have the WordPress files. If we follow our tutorial, the h2s is the folder where we extracted our files in the web root.

Now save it.

In the same way, we can create a subdomain configuration file. Once you’ve created all of that, it’s time to add them to Lighttpd’s main config file to tell it that, hey, “here are the files for the specific domain name and you need to serve them only”.

Open the Lighttpd configuration file:

sudo nano /etc/lighttpd/lighttpd.conf

Add the public IP address of your web server.

36.0.1.106 is just, for example, replacing it with your own.

server.bind = "36.0.1.106"

Bind the lighttpd server to the public IP address

Also include your domain configuration file:

include "example.com.conf"

Add a virtual host to lighttpd

After the changes, save the file and exit. Ctrl + X, hurry Yes, then press the Enter key.

Restart Lighttpd:

sudo systemctl restart lighttpd

In this way, we can use multiple domains to retrieve files hosted on a server delivered through the Lighttpd web server. You can read more about configuring Lighttpd virtual host from this Web page


Source link

New online directories support Burien businesses

information from the City of Burien

The Town of Burien and Discover Burien announce the launch of two new resources to support local restaurants and retail businesses. The City of Burien has launched Burien Eat Streets, a hyperlocal and comprehensive online restaurant directory that makes it easy to support local Burien restaurants. Discover Burien is also announcing the launch of its virtual shopping directory linking independent Burien retail stores that offer online shopping. The Town of Burien and Discover Burien are working together to help Burien businesses adapt to changing economic and public health realities to ensure the safety of their employees and customers.

The Burien Eat Streets directory offers the ability to find a restaurant based on cuisine type, location, and currently available services including: curbside pickup, delivery, and contactless pickup options. Direct links to the restaurant’s website, social media, online ordering platform and phone number are also available.

“Restaurants and eating establishments have been severely affected by public health orders restricting indoor dining; the ‘Burien Eat Streets’ tool aims to help mitigate impacts by directing local consumers to information on the best ways to find and support local restaurants through take-out and delivery options, ”said Chris Craig, City’s Director of Economic Development.

The Burien Eat Streets The directory will be continually updated to reflect changes in business service options and to provide information on the reopening of temporarily closed restaurants. Burien Eat Streets will endeavor to provide daily updates to ensure that the information is up to date and up to date.

Businesses who find that their restaurant list needs to be added or changed can contact the city’s economic development team directly at [email protected]

New Discover Burien virtual shopping resource

Continuing “Burien Strong’s” effort to support local businesses, Discover Burien encourages everyone to shop local, shop small, and shop often during the holiday season. While online sales increased dramatically during the pandemic, the majority of these purchases were made through “big box” retailers.

Discover Burien has launched an online retail shopping directory for Burien small businesses to facilitate online shopping with a single purchase link. The goal is to help keep these storefronts active during the pandemic and support a successful holiday shopping season. Visit Discoverburien.org to access information on how to support local businesses through online shopping.


Source link

Online directories appear in a bid to boost small business sales amid COVID-19

TORONTO – When Ali Haberstroh brought home a full-length sheepskin coat that she recently found at a vintage store, the Toronto woman couldn’t help but talk about it.

TORONTO – When Ali Haberstroh brought home a full-length sheepskin coat that she recently found at a vintage store, the Toronto woman couldn’t help but talk about it.

“This is the most fabulous item I have ever bought for myself and if it had been anywhere else it would have cost a billion dollars,” she said of buying $ 38 made at Expo Vintage.

Haberstroh wanted to help his friends discover great products and also support small businesses. In her spare time, she created a shareable Google Docs list of independent and local businesses on not-amazon.ca.

Within hours, it spread like wildfire on social media, inspired friends to create versions in Halifax, Calgary and Vancouver, and prompted local tech genius Baker Baha to offer his help with them. turn all of them into a suitable website.

Haberstroh had a lot of company. Directories, Google Docs lists and social media accounts full of links to small businesses in need of help sprang up in most major cities during the COVID-19 pandemic.

Although they are meant as a small gesture to help in a difficult time, some believe they can have a big impact.

“I’ve seen a lot of people say, ‘I just bought three items from two stores’ on the list,’ Haberstroh said.

“There is now a push to do everything for small businesses and it seems more than ever the responsibility of the city to keep them alive… given what they have been through this year.”

A poll conducted in August by the Canadian Federation of Independent Business found that 82 percent of Canadians fear their favorite local businesses are closing.

This possibility is very real. The CFIB has estimated that 225,000 businesses across the country could shut down permanently due to COVID-19. Even those who survive could pay off their debts for years to come, the organization warned.

Christie Pinese isn’t quite sure how her Rose City Goods store got on Haberstroh’s list, but she’s grateful because she’s noticed that people shop mostly in their neighborhood or where they can get to without transportation. in common or long drive.

An appearance on a list can expand that radius or help someone nearby find it.

“The more people know about the store, the better,” she said.

She has spent much of the pandemic relying on online sales, but worries about how independent retailers can compete with big box stores that have been allowed to stay open in and near Toronto. Peel region while small vendors who do not stock essentials must close.

“If we don’t support small businesses, when this is all over, we’re just going to be left with Walmart and Costco and I don’t think anyone wants that,” Pinese said.

Amy Robinson has similar concerns.

She created the BC Small Business Support Group and the LoCo Directory about 10 years ago and it is now seeing renewed interest amid COVID-19.

Robinson is seeing more and more people deciding to buy entirely local produce on this holiday or to seek independent store recommendations from friends online.

According to an Ipsos poll commissioned by Google this summer, 66 percent of Canadian consumers will buy more from local small businesses during the holiday season.

“It’s interesting because our message has always been that you have to shop with local businesses, so they survive, and now I feel like people really get it,” Robinson said.

This change was sparked by people seeing a physical manifestation of how our lives and the economy change as they walk along their main street and notice store after store closing, said Joanne McNeish. , professor of marking at Ryerson University.

As people dissociated businesses from warm and fuzzy feelings, the essential work they do has made us more nostalgic and emotional when we think about their demise, she said.

“It’s almost like losing a good friend who you always thought was going to be there, until all of a sudden they weren’t.”

The pandemic has also made the additional challenges some groups face more glaring and difficult to ignore.

Small business owners, for example, had neither the money nor the resources to quickly deploy the marketing campaigns, fancy websites, or delivery offers that big box stores were offering when COVID-19 hit.

Entrepreneurs who are women, Indigenous, racialized, or disabled have faced even more challenges due to chronic underfunding, less mentoring, and more responsibility for raising children.

“People with disabilities often have to get creative or create employment opportunities for themselves because they haven’t necessarily had the same opportunities as the general public,” said Mayaan Ziv, the Toronto-based creator of a Google Doc Sharing Small International Managed Businesses. by people with disabilities.

“People don’t think about this part of the population often enough.”

While people are now eager to use lists and help small businesses like the ones Ziv highlighted, it’s hard to predict whether the trend will survive COVID, McNeish said.

While some may revert to frequenting big box stores if they are the cheapest or most convenient option, McNeish said if people develop small business habits now “then maybe those habits will stick. “.

“But we won’t find out for two years.”

This report by The Canadian Press was first published in December. 8, 2020.

Tara Deschamps, The Canadian Press


Source link

Online directories to support Latino-owned businesses while on vacation

After the Thanksgiving shopping vacation, the next two weeks are the best opportunity to support local small businesses. Hispanic leaders and organizations supporting Latino-owned businesses are urging consumers to support Hispanic businesses to boost the economy.

“The purchasing power and influence of consumers in our community should not be underestimated at a contribution of $ 2.3 trillion to GDP. Think of local businesses and small businesses when shopping and shopping. supplier decisions, “said Ramiro A. Cavazos, president and CEO of the US Hispanic Chamber of Commerce.” Every dollar spent in a Latino-owned business helps them create jobs and support families, supporting other businesses and providing valuable services in cities across the country, ”said María Samaniego, Senior Program Director The Aspen Institute Latinos and Society Program. Latino-owned businesses are contributing to the American economy and that we support them so that we can collectively build back stronger. “

Business directories appear to help consumers find Hispanic-owned stores and businesses.

Here are some of them:

LATINO COMPANIES DIRECTORY

Business Directory

Support Latino Business (SLB), a non-profit organization, recently hosted its second annual National Latino Support Day on September 14. SLB announced the launch of the SLB Impact Fund to provide grants to small Latino / x businesses across the country. To be eligible, businesses had to be majority Latino / x owned and in business for at least one year and register to be part of the FREE Latino Support Business Directory at www.supportlatino.biz. Cavazos and Samaniego made their statements in a press release promoting Latino Business Day. SLB is supported by a diverse group of partners, including The Aspen Institute Latinos and Society Program, Small Business Majority, US Hispanic Chamber of Commerce, Amplify Latinx, MXDC, We Are All Human, Momento Latino, Latino Business Action Network and Friends of l ‘American Latino Museum, among others.

HISPANICYA!

It is a site “dedicated to the Hispanic market both online and traditional”. It was created by Danay Escanaverino, CEO of LunaSol Media. In addition to the business directory, the site offers several resources, including a LinkedIn networking group, a Facebook group, and an events calendar.

SHOPLATINX

https://www.shoplatinx.com/

This site promotes itself as the “leading beauty, fashion and lifestyle e-commerce designed by and designed for Latinas”. The brainchild of two Los Angeles-based Latinas, Brittany Chavez and Raquel Garcia, launched their website before Black Friday in 2016. It features over 200 brands.

HISPANIC MARKET

Resource Center for Hispanic Businesses

Hello Alice, a free multi-channel platform that helps small and medium-sized businesses get started and grow, is developing an online Hispanic marketplace that is slated to launch soon, according to the Hispanic Business Resource Center. Hello Alice, founded by Carolyn Rodz and Elizabeth Gore, has also partnered with Miami singer Pitbull (M. Worldwide) and the Global Entrepreneurship Network to provide Hispanic businesses with cash grants of up to $ 10,000 to help them. get through the pandemic. A report from the National Bureau of Economic Research said that 32% of Latinx small business owners disappeared between February and April 2020. “I know being an entrepreneur is tough,” Pitbull says in this online promotion. “This program directly benefits Latino entrepreneurs by helping them keep their businesses open and their employees paid.


Source link