Skip to Content

tag

Tag Archives: web

post

OpenVPN Listen on Port 443 (HTTPS)

The default port and protocol for OpenVPN is UDP/1194.
Some server admins may block port 1194 so to get around this we can set OpenVPN to listen on port 443 instead. Port 443 is the default for HTTPS traffic so there is little chance it will be blocked.

To install OpenVPN on CentOS I recommend using this guide: https://www.digitalocean.com/community/tutorials/how-to-setup-and-configure-an-openvpn-server-on-centos-7

If you are running a web server, the chances are nginx/apache is already listening on port 443 and we can’t have more than one application binding to the same port. Once solution is to get nginx/apache to listen for HTTPS traffic on another port (e.g 22443) and get OpenVPN to listen on port 443 (forwarding all traffic to the port 22443).

First change the listen port for your web server (apache):

sudo vi /etc/httpd/conf/httpd.conf

Modify mod_ssl (you can choose any un-used port number):

</IfModule mod_ssl.c>
Listen 22443
</IfModule>

Check if port 443 is used in other config files and replace accordingly:

sudo grep '443' -r /etc/httpd/*

Modify OpenVPN server.conf:

sudo vi /etc/openvpn/server.conf

Change protocol to tcp, port 1194 to 443 and add a port-share for 22443 (your new web server port for HTTPS)

proto tcp
port 443
port-share 127.0.0.1 10443

You will also have to change your ovpn config file to use the new settings:

client
dev tun
proto tcp
remote your_server_ip 443
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
ca /path/to/ca.crt
cert /path/to/client.crt
key /path/to/client.key

Finally restart your web server and OpenVPN services:

sudo systemctl restart openvpn@server.service
sudo systemctl restart httpd
post

Subversion (SVN) on Debian 6 32-bit for Dummies Tutorial

This tutorial has been only tested on Debian 6 32-bit, it should work on other operating systems. The tutorial assumes you are familiar with entering basic linux commands. You will need root access!

This tutorial was adapted from: http://www.ultimatewebtips.com/how-to-configure-subversion-svn-with-apache/

I will install the SVN repository at this location on my website: http://svn.example.com

Update Aptitude

sudo apt-get update

Install subversion if you haven’t already:

sudo apt-get install subversion

Install apache (this is your web server) if you haven’t already:

sudo apt-get install apache2

Install svn libraries for apache:

sudo apt-get install subversion libapache2-svn

I will now create the repository at this location /var/www/svn
This location can be reached on your internet browser at http://example.com/svn/

mkdir /var/www/svn

Use svnadmin to create the repo at /var/www/svn

svnadmin create /var/www/svn

Verify this location with the following command, you should see: * Verified revision 0
svnadmin verify /var/www/svn

Now the hierarchy of the repo is create (i.e. branches/tags/trunk)
We will first go to your tmp (temporary) folder and create the structure there under a directory called svn

cd /tmp
mkdir svn
cd svn
mkdir branches
mkdir tags
mkdir trunk

The svn folder containing branches/tags/trunk is now imported to your svn repo created earlier at /vaw/www/svn
The ‘first import’ part is the comment for this revision.

svn import /tmp/svn file:///var/www/svn -m "first import"

Now we will password protect this directory so your svn repo is not public to the world. Replace username and password correspondingly.

htpasswd -cb /var/www/svn/htpasswd username password

This steps adds the subdomain http://svn.example.com to point to http://example.com/svn/
You will need to know how to use vim in this step or you could use a ssh browser and download and edit this file…

cd /etc/apache2/
vim httpd.conf

Your httpd.conf file should look like this (remember to change svn.example.com):

<table>
<tbody>
<tr>
<td>
<pre>LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
&lt;VirtualHost *:80&gt;
ServerName example.com
DocumentRoot /var/www/
&lt;/VirtualHost&gt;</pre>
<pre>&lt;VirtualHost *:80&gt;
        ServerName svn.example.com
        DocumentRoot /var/www/svn
        &lt;Directory /var/www/svn&gt;
                AllowOverride All
                Options MultiViews -Indexes Includes FollowSymlinks
                &lt;IfModule mod_access.c&gt;
                        Order allow,deny
                        Allow from all
                &lt;/IfModule&gt;
        &lt;/Directory&gt;

        # WebDAV access
        &lt;Location /&gt;
                DAV svn
                SVNPath /var/www/svn
                AuthType Basic
                AuthName "Your message for this realm"
                AuthUserFile /var/www/svn/htpasswd
                Require valid-user

                # authentication
                &lt;LimitExcept GET PROPFIND OPTIONS REPORT&gt;
                        Require valid-user
                &lt;/LimitExcept&gt;
        &lt;/Location&gt;
&lt;/VirtualHost&gt;</pre>
</td>
</tr>
</tbody>
</table>
Now we will restart your apache server for settings to take effect:
/etc/init.d/apache2 restart

If you followed all these steps then hopefully your svn repo should be setup. Test this by visiting svn.example.com
You should see revision 1!

To add additional users to access your repo:

htpasswd /var/www/svn/htpasswd username