Search for:
FreeBSD 11.1 Installation Guide

FreeBSD 11.1 Installation Guide &-8211; this Article or News was published on this date:2019-05-28 16:45:55 kindly share it with friends if you find it helpful

FreeBSD is a free, powerful, robust, flexible and stable Open Source operating system based on Unix which is designed with security and speed in mind.

FreeBSD can operate on a large variety of modern CPU architectures and can power servers, desktops and some kind of custom embedded systems, the most notable being Raspberry PI SBC. As in Linux case, FreeBSD comes with a large collection of pre-compiled software packages, more than 20,000 packages, that can be simply installed in the system from their repositories, called “Ports”.

Requirements:

  1. Download FreeBSD 11.1 CD 1 ISO Image

This tutorial will guide you on how to install the latest version of FreeBSD on an amd64 machine. Typically this installation covers only the command line version of the operating system, which makes it best-suited for servers.

If you don’t require a custom installation, you can skip the installation process and download and run a pre-build Virtual Machine image for VMware, VirtualBox, QEMU-KVM or Hyper-V.

FreeBSD Installation Guide

1. First, get the latest FreeBSD CD 1 ISO image released from FreeBSD download page and burn it to a CD.

Place the CD image into your machine CD/DVD drive and reboot the machine into BIOS/UEFI mode or boot menu sequence by pressing a special key (usually esc, F2, F11, F12) during the power-on sequence.

Instruct the BIOS/UEFI to use the CD/DVD appropriate drive to boot from and the first screen of the installation process should be displayed on your screen.

Press [Enter] key to start the installation process.

FreeBSD Grub MenuFreeBSD Grub Menu

FreeBSD Grub Menu

2. On the next screen select Install option and press [Enter] to continue.

FreeBSD Grub MenuFreeBSD Installer

FreeBSD Installer

3. Select your keyboard layout from the list and press [Enter] to move forward with the installation process.

FreeBSD Grub MenuFreeBSD Keyboard Layout

FreeBSD Keyboard Layout

4. Next, type a descriptive name for your machine hostname and press [Enter] to continue.

FreeBSD Grub MenuFreeBSD Machine Hostname

FreeBSD Machine Hostname

5. On the next screen select what components you want to install in the system by pressing the [space] key. For a production server it’s recommended you choose only lib32 compatibility libraries and Ports tree.

Press [enter] key after you’ve made your selections in order to continue.

FreeBSD Grub MenuFreeBSD Components

FreeBSD Components

6. Next choose the method your hard disk will be partitioned. Select Auto – Unix File SystemGuided Disk Setup and press [enter] key to move to the next screen.

In case you have more than one disk and need a resilient file system you should opt for ZFS method. However, this guide will only cover UFS file system.

FreeBSD Grub MenuFreeBSD Partitioning

FreeBSD Partitioning

7. On the next screen select to perform FreeBSD OS installation on the entire disk and press [enter] key again to continue.

However, be aware that this option is destructive and will completely wipe-out all your disk data. If the disk holds data, you should make a backup before continuing further.

FreeBSD Grub MenuFreeBSD Installation Disk

FreeBSD Installation Disk

8. Next, select you hard disk partition layout. In case your machine is UEFI based and the installation is performed from UEFI mode (not CSM or Legacy mode) or the disk is larger than 2TB, you must use GPT partition table.

Also, it’s recommended to disable Secure Boot option from UEFI menu if the installation is performed in UEFI mode. In case of an older hardware you’re safe to partition the disk in MBR scheme.

FreeBSD Grub MenuFreeBSD Partition Layout

FreeBSD Partition Layout

9. In the next screen review the automatically created partition table of your system and navigate to Finish using [tab] key to accept the changes.

Press [enter] to continue and on the new pop-up screen select Commit to start the effective installation process. The installation process can take up from 10 to 30 minutes depending on your machine resources and HDD speed.

FreeBSD Grub MenuFreeBSD Partition Summary

FreeBSD Partition Summary

FreeBSD Grub MenuFreeBSD Installation Changes

FreeBSD Installation Changes

FreeBSD Grub MenuFreeBSD Installation Progress

FreeBSD Installation Progress

FreeBSD Grub MenuFreeBSD Installation Continues

FreeBSD Installation Continues

10. After the installer extracts and writes the operating system data to your machine drive, you will be prompted to specify the password for the root account.

Choose a strong password for root account and press [enter] to continue. The password won’t be echoed on the screen.

FreeBSD Grub MenuFreeBSD Root Password

FreeBSD Root Password

11. On the next step, select the network interface you want to configure and press [enter] to setup the NIC.

FreeBSD Grub MenuFreeBSD Network Configuration

FreeBSD Network Configuration

12. Choose to use IPv4 protocol for your NIC and select to configure the network interface manually with a static IP address by negating the DHCP protocol as illustrated in the below screenshots.

FreeBSD Grub MenuFreeBSD IPv4

FreeBSD IPv4

FreeBSD Grub MenuFreeBSD DHCP

FreeBSD DHCP

13. Next, add your static network IP configurations (IP address, netmask and gateway) for this interface and press [enter] key to continue.

FreeBSD Grub MenuFreeBSD IP Configuration

FreeBSD IP Configuration

14. If the network equipment at your premises (switches, routers, servers, firewalls etc) is IPv4 based then is no point on configuring IPv6 protocol for this NIC. Choose No from the IPv6 prompt to continue.

FreeBSD Grub MenuFreeBSD IPv6 Disable

FreeBSD IPv6 Disable

15. The final network configuration for your machine involves setting-up the DNS resolver. Add your domain name for local resolving, if that’s the case, and the IP addresses of two DNS servers you run in your network, used for resolving domain names, or use the IP addresses of some public DNS caching servers. When you finish, press OK to save changes and move further.

FreeBSD Grub MenuFreeBSD DNS Configuration

FreeBSD DNS Configuration

16. Next, from the time zone selector choose the physical region where your machine is located and hit OK.

FreeBSD Grub MenuFreeBSD Timezone

FreeBSD Timezone

17. Select your country from the list and accept the abbreviation for your time setting.

FreeBSD Grub MenuFreeBSD Country Selection

FreeBSD Country Selection

18. Next, adjust the date and time setting for your machine if that’s the case or choose to Skip the setting in case your system time is correctly configured.

FreeBSD Grub MenuFreeBSD Time and Date Settings

FreeBSD Time and Date Settings

FreeBSD Grub MenuFreeBSD Set Date

FreeBSD Set Date

19. On the next step select by hitting the [space] key the following daemons to run system-wide: SSH, NTP and powerd.

Select powerd service in case your machine CPU supports adaptive power control. If FreeBSD is installed under a virtual machine you can skip powerd start-up service during the system boot initialization sequence.

Also, if you don’t connect into your machine remotely, you can skip SSH service automatic start-up during system boot. When you finish press OK to continue.

FreeBSD Grub MenuFreeBSD System Configuration

FreeBSD System Configuration

20. At the next screen, check the following options in order to minimally harden your system security: Disable reading kernel message buffer for unprivileged users, Disable process debugging facilities for unprivileged users, Clean /tmp filesystem on startup, Disable Syslogd network socket and Sendmail service in case you’re not planning to run a mail server.

FreeBSD Grub MenuFreeBSD System Hardening

FreeBSD System Hardening

21. Next, the installer will ask you whether you will like to add a new system user. Choose yes and follow the prompt in order to add the user information. It’s safe to leave the default settings for the user by pressing [enter] key.

You can select Bourne shell (sh) or C improved shell (tcsh) as the default shell for your user. When you finish, answer yes at the final question to create the user.

The prompt will ask you if you want to add another user in your system. If that’s not the case, answer with no in order to continue with the final stage of the installation process.

FreeBSD Grub MenuFreeBSD User Account

FreeBSD User Account

FreeBSD Grub MenuCreate FreeBSD User Account

Create FreeBSD User Account

FreeBSD Grub MenuFreeBSD User Account Summary

FreeBSD User Account Summary

22. Finally, a new screen will provide a list of options you can choose in order to modify your system configuration. If you have nothing else to modify on your system, select the Exit option in order to complete the installation and answer with no to not open a new shell in the system and hit on Reboot to restart the machine.

FreeBSD Grub MenuFreeBSD Final Configuration

FreeBSD Final Configuration

FreeBSD Grub MenuFreeBSD Manual Configuration

FreeBSD Manual Configuration

FreeBSD Grub MenuFreeBSD Installation Complete

FreeBSD Installation Complete

23. Remove the CD image from the machine drive and press [enter] at the first prompt to start the system and logon into the console.

FreeBSD Grub MenuFreeBSD Login Shell

FreeBSD Login Shell

Congratulations! You’ve just installed FreeBSD operating system in your machine. In the next tutorial we’ll discuss some initial configurations of FreeBSD and how to manage the system further from command line.

10 Things to Do After Fresh Installation of FreeBSD

10 Things to Do After Fresh Installation of FreeBSD &-8211; this Article or News was published on this date:2019-05-28 16:45:49 kindly share it with friends if you find it helpful

This tutorial will cover some initial configurations you need to perform on a fresh installed FreeBSD operating system and some basics on how to manage FreeBSD from command line.

Requirements

  1. FreeBSD 11.1 Installation Guide

1. Update FreeBSD System

The first thing every system administrator should perform after a fresh installation of an operating system is to make sure the system is up-to-date with the latest security patches and the latest versions of the kernel, package manager and software packages.

In order to update FreeBSD, open a console in the system with root privileges and issue the following commands.

- freebsd-update fetch
- freebsd-update install
Update FreeBSD SystemUpdate FreeBSD System

Update FreeBSD System

To update “Ports” package manager and installed software run the below command.

- pkg update
- pkg upgrade
Update FreeBSD SystemUpdate FreeBSD Packages

Update FreeBSD Packages

Update FreeBSD SystemUpgrade FreeBSD Packages

Upgrade FreeBSD Packages

2. Install Editors and Bash

In order to ease the job managing the system from command line you should install the following packages:

  • Nano text editoree is the default text editor in FreeBSD.
  • Bourne Again Shell – if you want to make the transition from Linux to FreeBSD more smooth.
  • Bash Completion – needed to autocomplete commands typed in console using the [tab] key.

All the presented utilities can be installed by issuing the below command.

- pkg install nano bash bash_completion
Update FreeBSD SystemInstall Editors and Bash on FreeBSD

Install Editors and Bash on FreeBSD

3. Secure SSH on FreeBSD

By default, FreeBSD SSH service won’t allow the root account to perform remote logins automatically. Although, disallowing remote root logins via SSH measure is mainly designed to secure the service and your system, there are cases where sometimes you need to authenticate via SSH with root.

To change this behavior, open SSH main configuration file and update the line PermitRootLogin from no to yes as illustrated in the below screenshot.

- nano /etc/ssh/sshd_config 

File excerpt:

PermitRootLogin yes
Update FreeBSD SystemSecure SSH on FreeBSD

Secure SSH on FreeBSD

Afterwards, restart SSH daemon to apply changes.

- service sshd restart

To test the configuration you can login from Putty Terminal or from remote Linux maching using the following syntax.

- [email protected]   [FreeBSD Server IP]

4. FreeBSD SSH Passwordless Login

To generate a new SSH key issue the following command. You can copy the public to another server instance and securely login to the remote server without a password.

- ssh-keygen –t RSA
- ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]
- ssh [email protected]
Update FreeBSD SystemGenerate SSH Key on FreeBSD

Generate SSH Key on FreeBSD

Update FreeBSD SystemFreeBSD SSH Passwordless Login

FreeBSD SSH Passwordless Login

5. Install and Configure Sudo on FreeBSD

Sudo is a software which is designed to allow a common user to execute commands with the security privileges of the superuser account. Sudo utility is not installed by default in FreeBSD.

To install sudo in FreeBSD run the following command.

- pkg install sudo
Update FreeBSD SystemInstall Sudo on FreeBSD

Install Sudo on FreeBSD

In order to allow a regular system account to run command with root privileges, open sudoers configuration file, located in /usr/local/etc/ directory, for editing by executing visudo command.

Navigate through the content of the file and add the following line, normally after the root line:

your_user	ALL=(ALL) ALL
Update FreeBSD SystemEnable Sudo Access on User

Enable Sudo Access on User

Always use visudo command in order to edit sudoers file. Visudo utility contains build-in capabilities to detect any error while editing this file.

Afterwards, save the file by pressing :wq! on your keyboard, login with the user who you’ve granted root privileges and execute an arbitrary command by appending sudo in front the command.

- su - yoursuer
$ sudo pkg update
Update FreeBSD SystemSudo User Login

Sudo User Login

Another method that can be used in order to allow a regular account with root powers, would be to add the regular user to system group called wheel and uncomment the wheel group from sudoers file by removing the - sign at the beginning of the line.

- pw groupmod wheel -M your_user
- visudo

Add the following line to /usr/local/etc/sudoers file.

%wheel	ALL=(ALL=ALL)	ALL
Update FreeBSD SystemAllow Sudo Access on User

Allow Sudo Access on User

6. Managing Users on FreeBSD

The process of adding a new user is pretty straightforward. Just run adduser command and follow the interactive prompt in order to finalize the process.

In order to modify the personal information of a user account, run the chpass command against a username and update the file. Save the file opened with vi editor by pressing :wq! keys.

- chpass your_user
Update FreeBSD SystemChange User Info on FreeBSD

Change User Info on FreeBSD

To update a user password, run passwd command.

- passwd your_user

To change an account default shell, first list all present shells in your system and then execute chsh command as illustrated below.

- cat /etc/shells
- chsh -s /bin/csh your_user
- env  -List user environment variables
Update FreeBSD SystemList FreeBSD Shells

List FreeBSD Shells

Update FreeBSD SystemChange FreeBSD Shell

Change FreeBSD Shell

7. Configure FreeBSD Static IP

Regular FreeBSD permanent network settings can be manipulated by editing /etc/rc.conf file. In order to configure a network interface with static IP address on FreeBSD.

First run ifconfig -a command to display a list of all NICs and identify the name of the interface you want to edit.

Then, manually edit /etc/rc.conf file, comment the DHCP line and add your NIC’s IP settings as illustrated below.

-ifconfig_em0="DHCP"
ifconfig_em0="inet 192.168.1.100 netmask 255.255.255.0"
-Default Gateway
defaultrouter="192.168.1.1"
Update FreeBSD SystemSet FreeBSD Static IP Address

Set FreeBSD Static IP Address

To apply the new network settings issue the following commands.

- service netif restart
- service routing restart

8. Configure FreeBSD DNS Network

DNS nameserver resolvers can be manipulated via editing /etc/resolv.conf file as presented in the below example.

nameserver your_first_DNS_server_IP
nameserver your_second_DNS_server_IP
search your_local_domain
Update FreeBSD SystemSet DNS in FreeBSD

Set DNS in FreeBSD

To change your machine name update the hostname variable from /etc/rc.conf file.

hostname=”freebsdhost”

To add multiple IP address for a network interface on FreeBSD add the below line in /etc/rc.conf file.

ifconfig_em0_alias0="192.168.1.5 netmask 255.255.255.255"
Update FreeBSD SystemMultiple IP Addresses on FreeBSD

Multiple IP Addresses on FreeBSD

Afterwards, restart the network service to reflect changes.

- service netif restart

9. Manage FreeBSD Services

Services can be managed in FreeBSD via service command. To list all system-wide enabled services issue the following command.

- service -e
Update FreeBSD SystemList FreeBSD Services

List FreeBSD Services

To list all services scripts located in /etc/rc.d/ system path run the below command.

- service -l
Update FreeBSD SystemList FreeBSD Service Scripts

List FreeBSD Service Scripts

To enable or disable a FreeBSD daemon during boot initialization process, use sysrc command. Assuming that you want to enable SSH service, open /etc/rc.conf file and append the following line.

sshd_enable=”YES”

Or use sysrc command which does the same thing.

- sysrc sshd_enable=”YES”
Update FreeBSD SystemEnable and Disable Service on FreeBSD

Enable and Disable Service on FreeBSD

To disable a service system-wide, append the NO flag for the disabled daemon as presented below. The daemons flags are case insensitive.

- sysrc apache24_enable=no
Update FreeBSD SystemDisable Service in FreeBSD

Disable Service in FreeBSD

Is worth mentioning that some services on FreeBSD require special attention. For example, if you want to only disable Syslog daemon network socket, issue the following command.

- sysrc syslogd_flags="-ss"

Restart Syslog service to apply changes.

- service syslogd restart
Update FreeBSD SystemDisable Syslog on FreeBSD

Disable Syslog on FreeBSD

To completely disable Sendmail service at system startup, execute the following commands or add them to /etc/rc.conf file:

sysrc sendmail_enable="NO"
sysrc sendmail_submint_enable="NO"
sysrc sendmail_outbound_enable="NO"
sysrc sendmail_msp_queue_enable="NO"

10. List Network Sockets

In order to display a list of open ports in FreeBSD use the sockstat command.

List all IPv4 network sockets on FreeBSD.

- sockstat -4
Update FreeBSD SystemList Ipv4 Ports on FreeBSD

List Ipv4 Ports on FreeBSD

Display all IPv6 network sockets on FreeBSD.

- sockstat -6
Update FreeBSD SystemList Ipv6 Ports on FreeBSD

List Ipv6 Ports on FreeBSD

You can combine the two flags to display all network sockets as illustrated in the below screenshot.

- sockstat -4 -6
Update FreeBSD SystemList FreeBSD Open Ports

List FreeBSD Open Ports

List all connected sockets on FreeBSD.

- sockstat -c
Update FreeBSD SystemList Connected Sockets on FreeBSD

List Connected Sockets on FreeBSD

Display all network sockets in listening state and Unix domain sockets.

- sockstat -l
Update FreeBSD SystemList Listening Sockets on FreeBSD

List Listening Sockets on FreeBSD

Other than sockstat utility, you can run netstat or lsof command to display system and network sockets as well.

lsof utility is not installed in FreeBSD by default. To install it from FreeBSD ports repositories issue the following command.

- pkg install lsof

To display all IPv4 and IPv6 network sockets with lsof command, append the following flags.

- lsof -i4 -i6
Update FreeBSD SystemList Sockets Using lsof Command

List Sockets Using lsof Command

In order to display all network sockets in listening state on FreeBSD with netstat utility, issue the following command.

- netstat -an |egrep 'Proto|LISTEN'

Or run the command without -n flag in order to display the name of the opened sockets in listening state.

- netstat -a |egrep 'Proto|LISTEN'
Update FreeBSD SystemList Listening Sockets Using Netstat

List Listening Sockets Using Netstat

These are just a few basic utilities and commands you need to know in order to manage a FreeBSD system on daily basis.

How to Install Apache, MariaDB and PHP (FAMP) Stack on FreeBSD

How to Install Apache, MariaDB and PHP (FAMP) Stack on FreeBSD &-8211; this Article or News was published on this date:2019-05-28 16:45:35 kindly share it with friends if you find it helpful

This guide will describe how to install and configure FBAMP in FreeBSD operating system, which is similar to a LAMP stack on Linux. FBAMP is an acronym which stands for a collection of software based on FreeBSD OS, Apache HTTP server, the most popular open-source web server in internet, MariaDB relational database management system (RDBMS), a fork of MySQL database engine, and PHP server-side.

Requirements

  1. A fresh installation of FreeBSD
  2. FreeBSD Initial Configurations
  3. Direct console access or SSH in case of a remote connection to FreeBSD.
  4. A static IP Address configured on a Network Interface.

Step 1: Install Apache on FreeBSD

1. The first service we’ll install is Apache HTTP server. By default, FreeBSD offers multiple versions with different runtime work modules for Apache web server.

The versions are pre-compiled into a binary package and provided by FreeBSD PORTS repositories. To display all Apache packages binaries provided by PORTS, issue the following command.

- ls /usr/ports/www/ | grep apache
List Apache Packages on FreeBSDList Apache Packages on FreeBSD

List Apache Packages on FreeBSD

You can also search for available pre-complied Apache packages on FreeBSD by issuing the below command.

- pkg search apache2
List Apache Packages on FreeBSDSearch Apache Packages on FreeBSD

Search Apache Packages on FreeBSD

2. Next, install the latest version of Apache HTTP server with all required modules by issuing the following command.

- pkg install apache24
List Apache Packages on FreeBSDInstall Apache on FreeBSD

Install Apache on FreeBSD

3. After Apache web server has been installed on the system, issue the following command to enable the daemon system-wide in FreeBSD.

- sysrc apache24_enable="yes"

An alternative method of enabling Apache daemon would be to manually edit and append the line apache24_enable="yes" in /etc/rc.conf file as illustrated in the below screenshot.

List Apache Packages on FreeBSDEnable Apache System Wide on FreeBSD

Enable Apache System Wide on FreeBSD

4. Finally, to test if the web server is properly working, start Apache daemon by issuing the below command and visit the default web page by pointing a browser to your server IP address of FQDN (http://IP-orFQDN) as shown in the below screenshot.

- service apache24 start
List Apache Packages on FreeBSDStart Apache Service

Start Apache Service

List Apache Packages on FreeBSDVerify Apache Page

Verify Apache Page

The default webroot directory of Apache web server in FreeBSD 11.x is located in /usr/local/www/apache24/data/ system path. There you will find a small index.html file you can edit as preferably.

List Apache Packages on FreeBSDApache DocumentRoot on FreeBSD

Apache DocumentRoot on FreeBSD

Step 2: Install PHP on FreeBSD

5. FreeBSD 11.x offers multiple versions of PHP interpreted server-side language packaged in pre-complied binaries. To get a list of all available PHP version packages provided by FreeBSD Ports repositories issue the following command.

- ls /usr/ports/lang/ | grep php
List Apache Packages on FreeBSDList PHP Versions in FreeBSD

List PHP Versions in FreeBSD

An alternative method of searching for all available FreeBSD PHP package versions is by running the below command.

- pkg search -o php
List Apache Packages on FreeBSDSearch PHP Versions in FreeBSD

Search PHP Versions in FreeBSD

6. To search for all available binaries provided by FreeBSD for a specific PHP version (5 or 7 versions currently) run the below commands. Use less command to narrow and navigate through the output.

- pkg search php5 |less
- pkg search php7
List Apache Packages on FreeBSDList PHP 5 Packages on FreeBSD

List PHP 5 Packages on FreeBSD

List Apache Packages on FreeBSDList PHP 7 Packages on FreeBSD

List PHP 7 Packages on FreeBSD

7. To be more specific on what modules a custom PHP version provides, run the following command as described below, which display all available modules for PHP 7.1 version.

- pkg search php71
List Apache Packages on FreeBSDList PHP Modules on FreeBSD

List PHP Modules on FreeBSD

8. In this guide we’ll install PHP 7.1 release for our FBAMP stack. Issue the following command to install PHP with some of the most important modules required for a typical CMS installation.

- pkg install php71 mod_php71 php71-mbstring php71-mcrypt php71-zlib php71-curl php71-gd php71-json 

9. Next, we need to create the php.conf configuration file for Apache web server in /usr/local/etc/apache24/Includes/ system path with the following content.

- nano /usr/local/etc/apache24/Includes/php.conf

Add the following lines to php.conf file.

IfModule dir_module>
    DirectoryIndex index.php index.html
    FilesMatch ".php$">
        SetHandler application/x-httpd-php
    /FilesMatch>
    FilesMatch ".phps$">
        SetHandler application/x-httpd-php-source
    /FilesMatch>
/IfModule>
List Apache Packages on FreeBSDConfigure PHP for Apache on FreeBSD

Configure PHP for Apache on FreeBSD

10. In order to test if PHP gateway is working as expected with Apache web server, create a PHP info.php file in /usr/local/www/apache24/data/system path, which is the default web document root path of Apache web server.

- echo '?php phpinfo();  ?>' | tee -a /usr/local/www/apache24/data/info.php

Restart Apache daemon to apply changes.

- service apache24 restart

Next, visit the following URI in a browser to view PHP summary.

http://IP-or-FQDN/info.php 
List Apache Packages on FreeBSDVerify PHP Modules on FreeBSD

Verify PHP Modules on FreeBSD

11. In order to activate PHP ini configuration file for production issue the below commands. You can modify php.ini production file in order to change diverse PHP settings in your FBAMP stack.

- cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini-production.bakup
- ln -s /usr/local/etc/php.ini-production /usr/local/etc/php.ini

Step 3: Install MariaDB on FreeBSD

12. The last missing component for our FBAMP stack is MySQL database server. FreeBSD 11.x offer more than 1000 packages for diverse databases.

In order to display what components are available for MariaDB or MySQL databases, issue the following commands. In this guide we’ll install MariaDB database over MySQL (which is now owned and developed actively by Oracle).

- ls -al /usr/ports/databases/ | grep mariadb
- pkg search -o mariadb
- ls -al /usr/ports/databases/ | grep mysql
- pkg search -o mysql5
List Apache Packages on FreeBSDList MariaDB Versions on FreeBSD

List MariaDB Versions on FreeBSD

List Apache Packages on FreeBSDSearch MariaDB Versions on FreeBSD

Search MariaDB Versions on FreeBSD

13. In this guide we’ll install the latest version of MariaDB database server in FreeBSD, which currently is represented by mariadb102 binary package release.

Run the following command in order to install MariaDB server and client and the required PHP 7.1 module needed to access the database via Apache server gateway.

- pkg install mariadb102-server mariadb102-client php71-mysqli

14. Next, enable MariaDB server system-wide and start the database daemon by running the following commands.

- sysrc mysql_enable="yes" 
- service mysql-server start

15. To secure the database run mysql_secure_installation scrip. Use the below script output excerpt to harden MariaDB.

- /usr/local/bin/mysql_secure_installation
Sample Output
MySQL Secure Installation Script Output
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
 
In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
 
Enter current password for root (enter for none):
OK, successfully used password, moving on...
 
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
 ... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

16. By default, MariaDB daemon listens for network connections outside localhost on port 3306/TCP. Run netstat, lsof or sockstat command to get MariaDB socket state. This configuration is dangerous and exposes the service to outside network attacks.

- lsof -i4 -i6
- sockstat -4 -6
List Apache Packages on FreeBSDVerify MariaDB Port

Verify MariaDB Port

17. If you don’t need remote access to MariaDB, make sure MariaDB daemon listens to localhost only, by issuing the below command. Subsequently, restart MariaDB service to apply changes.

- sysrc mysql_args="--bind-address=127.0.0.1"
- service mysql-server restart
or
- /usr/local/etc/rc.d/mysql-server restart

18. Again, run netstat, lsof or sockstat command in order to list MariaDB network socket. The socket should bind and listen on localhost now, as illustrated in the below image.

- lsof -i4 | grep mysql
- netstat -an | grep 3306
- sockstat -4 | grep 3306
List Apache Packages on FreeBSDCheck MariaDB Listening on Localhost

Check MariaDB Listening on Localhost

19. To test MariaDB database connectivity from console issue the following command. Enter MySQL root password in prompt and a list of default databases should be displayed in your console screen as illustrated in the below image.

- mysql -u root -p -e "show databases"
List Apache Packages on FreeBSDList MySQL Databases

List MySQL Databases

That’s all! You’ve successfully installed Apache web server with MariaDB database and PHP interpreter in FreeBSD. You can now start to deploy a WordPress website in no time.

On the next tutorial we’ll discuss some advanced FPBAMP topics, such as how to enable and create Apache virtual hosts, enable rewrite module required by .htaccess file to function properly and how to secure Apache connections using a Self-Signed certificate or a free Certificate offered by Let’s Encrypt entity.

How to Install Nginx, MariaDB and PHP (FEMP) Stack on FreeBSD

How to Install Nginx, MariaDB and PHP (FEMP) Stack on FreeBSD &-8211; this Article or News was published on this date:2019-05-28 16:45:26 kindly share it with friends if you find it helpful

This tutorial will guide you on how to install and configure FBEMP in FreeBSD 11.x latest release. FBEMP is an acronym which describes the following collection of software:

FreeBSD 11.1 Unix-like distribution, Nginx web server, MariaDB relational database management system (a community fork of MySQL) and PHP dynamic programming language which runs on server-side.

Requirements

  1. Installation of FreeBSD 11.x
  2. 10 Things to Do After FreeBSD Installation

Step 1: Install Nginx Web Server on FreeBSD

1. The first service we’ll install for our FBEMP stack in FreeBSD is the web server, represented by Nginx software.

Nginx web server has more pre-complied packages available in FreeBSD 11.x PORTS. In order to get a list of Nginx binaries from Ports repositories, issue the following commands in your server terminal.

- ls /usr/ports/www/ | grep nginx
- pkg search -o nginx
Find Nginx PackagesFind Nginx Packages

Find Nginx Packages

2. In this particular configuration, we’ll install the main package version of Nginx by issuing the below command. The pkg package management will ask you if you want to proceed with installing the nginx package. Answer with yes (y in command line) in order to start the installation process.

- pkg install nginx
Find Nginx PackagesInstall Nginx on FreeBSD

Install Nginx on FreeBSD

3. After Nginx web server package was installed in your system, execute the following commands in order to enable the daemon system-wide and start the service in your system.

- sysrc nginx_enable="yes"
- service nginx start
Find Nginx PackagesStart and Enable Nginx on FreeBSD

Start and Enable Nginx on FreeBSD

4. Next, using the sockstat command, verify Nginx service network sockets, if they are binding on 80/TCP port, by issuing the below command. The output of sockstat command will be piped through grep utility in order to reduce the returned results only to nginx string.

- sockstat -4 | grep nginx

5. Finally, open a browser on a desktop computer in your network and visit Nginx default web page via HTTP protocol. Write the FQDN of your machine or your domain name or the IP address of your server in browser’s URL filed to request Nginx web server default web page. The message “Welcome to nginx!” should be displayed in your browser, as illustrated in the below screenshot.

http://yourdomain.com
http://your_server_IP
http://your_machine_FQDN
Find Nginx PackagesVerify Nginx on FreeBSD

Verify Nginx on FreeBSD

6. The default weboot directory for Nginx web content in located in /usr/local/www/nginx/ absolute system path. In this location you should create, copy or install web content files, such as .html or .php files, for your website.

To change this location, edit nginx main configuration file and change the root directive to reflect your new webroot path.

- nano /usr/local/etc/nginx/nginx.conf

Here, search and update the following line to reflect your new webroot path:

root	/path/to/new/webroot;

Step 2: Install PHP on FreeBSD

7. Unlike Apache HTTP server, Nginx does not have the capability to natively process PHP code. In return, Nginx web server passes PHP requests to a PHP interpreter, such as php-fpm FastCGI daemon, which inspects and executes the code. The resulted code is then returned back to Nginx, which re-assembles the code back to the requested html format and sends the code further to visitor web browser.

FreeBSD 11.x Ports repositories offers multiple binary versions for PHP programming language, such as PHP 5.6, PHP 7.0 and PHP 7.1 releases. In order to display all available pre-compiled PHP versions in FreeBSD 11.x, run the below commands .

- pkg search -o php
- ls /usr/ports/lang/ | grep php

8. You can choose to install whatever version of PHP you find best suited for the web application you run in your system. However, in this guide we’ll install PHP latest version.

To install PHP 7.1 release and some PHP important modules required for diverse web applications, run the following command.

- pkg install php71 php71-mysqli php71-mcrypt php71-zlib php71-gd php71-json mod_php71 php71-mbstring php71-curl

9. After you’ve installed PHP packages in your system, open PHP-FPM configuration file for Nginx and adjust the user and group values to match the value on the Nginx runtime user, which is www. First, make a backup of the file with the below command.

- cp /usr/local/etc/php-fpm.d/www.conf{,.backup}

Then, open the file and update the following lines as presented in the below sample.

user = www
group = www
Find Nginx PackagesConfigure PHP-FPM on FreeBSD

Configure PHP-FPM on FreeBSD

10. Also, create a PHP configuration file used for production by issuing the below command. On this file you can make custom changes that will be applied to PHP interpreter at runtime.

- cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini

For instance, change the date.timezone setting for PHP interpreter in order to update your machine physical location as shown in the below example. PHP timezone list can be found here: http://php.net/manual/en/timezones.php.

- vi /usr/local/etc/php.ini

Add following timezone (set timezone as per your country).

date.timezone = Europe/London

You can also adjust other PHP variables, such as maximum file size of uploaded file, which can be increased by modifying the below values:

upload_max_filesize = 10M
post_max_size = 10M

11. After, you’ve made the custom settings for PHP, enable and start PHP-FPM daemon in order to apply the new configurations by issuing the below commands.

- sysrc php_fpm_enable=yes
- service php-fpm start
Find Nginx PackagesStart and Enable PHP-FPM on FreeBSD

Start and Enable PHP-FPM on FreeBSD

12. By default, PHP-FPM daemon in FreeBSD binds on a local network socket on port 9000/TCP. To display PHP-FPM network sockets execute the following command.

- sockstat -4 -6| grep php-fpm

13. In order for Nginx web server to pass the PHP scripts to FastCGI gateway server, which is listening on 127.0.0.1:9000 socket, open Nginx main configuration file and add the following block of code as illustrated in the below sample.

- vi /usr/local/etc/nginx/nginx.conf

FastCGI code block for nginx:

 location ~ .php$ {
        root	/usr/local/www/nginx;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param SCRIPT_FILENAME $request_filename;    
        include        fastcgi_params;
        	}
Find Nginx PackagesConfigure FastCGI for Nginx on FreeBSD

Configure FastCGI for Nginx on FreeBSD

14. In order to view the current PHP information for your server, create an info.php file in Nginx weboot path by issuing the following command.

- echo "?php phpinfo(); ?>" | tee /usr/local/www/nginx/info.php

15. Then, test and restart Nginx daemon to apply the PHP FastCGI settings and visit the info.php page in a browser.

- nginx -t - Test nginx configuration file for syntax errors
- service nginx restart

Replace the IP address or domain name in the below links accordingly. PHP info page should display information as illustrated in the below screenshot.

http://yourdomain.com/info.php
http://server_IP-or-FQDN/info.php
Find Nginx PackagesCheck PHP Information in FreeBSD

Check PHP Information in FreeBSD

Step 3: Install MariaDB on FreeBSD

16. The last component missing from your FEMP stack in the database. MariaDB/MySQL is one of the most associated open source RDBMS software with Nginx web server used for deploying dynamic websites.

Actually, MariaDB/MySQL is one of the most used relational databases in the world. Searching through FreeBSD Ports, you can find multiple releases of MariaDB/MySQL.

In this guide we’ll install MariaDB database, which is a community fork of MySQL database. To search for available versions of MariaDB, issue the following commands in terminal.

- ls -al /usr/ports/databases/ | grep mariadb
- pkg search mariadb
Find Nginx PackagesFind MariaDB Packages

Find MariaDB Packages

17. To install the latest version of MariaDB database server execute the following command. You should also install the PHP relational database driver module used by PHP scripts for connecting to MySQL.

- pkg install mariadb102-server php71-mysqli

18. After the database has been installed, enable MySQL daemon and start the database service by running the following commands.

- sysrc mysql_enable="YES" 
- service mysql-server start

19. Also, make sure you restart PHP-FPM daemon in order to load MySQL driver extension.

- service php-fpm restart
20. On the next step, secure MariaDB database by launching mysql_secure_installation script. Use the below sample of the installation script in order to answer the questions. Basically, say yes (y) for all asked questions to secure the database and type a strong password for MySQL root user.
- /usr/local/bin/mysql_secure_installation
MySQL Secure Installation Script Output
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
 
In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
 
Enter current password for root (enter for none):
OK, successfully used password, moving on...
 
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
 ... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
 ... Success!
Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
 ... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
 ... Success!
Cleaning up...
All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!

21. To test MariaDB database connection from console, execute the below command.

- mysql -u root -p -e "show status like ‘Connections’"

22. In order to further secure MariaDB, which by default to listens for incoming network connections on 0.0.0.0:3306/TCP socket, issue the below command to force the service to bind on loopback interface and completely disallow remote access. Afterwards, restart MySQL service to apply the new configuration.

- sysrc mysql_args="--bind-address=127.0.0.1"
- service mysql-server restart
Find Nginx PackagesBind MariaDB to Loopback Address

Bind MariaDB to Loopback Address

Verify if the localhost binding was successfully applied by running netstat command as shown in the below example.

- netstat -an -p tcp

That’s all! You’ve successfully installed Nginx web server, MariaDB relational database and PHP server-side programming language in FreeBSD. You can now start building dynamic web pages to serve web content to your visitors.

How to Secure Apache with SSL and Let’s Encrypt in FreeBSD

How to Secure Apache with SSL and Let&-8217;s Encrypt in FreeBSD &-8211; this Article or News was published on this date:2019-05-28 16:45:20 kindly share it with friends if you find it helpful

In this tutorial we’ll learn how to secure Apache HTTP server with TLS/SSL certificates offered by Let’s Encrypt in FreeBSD 11.x. We will also cover how to automate the process of the certificate renewal for Lets’ Encrypt.

Read Also: Install Let’s Encrypt for Nginx on FreeBSD

TLS/SSL certificates are used by Apache web server to encrypt the communication between end nodes, or more ordinary between the server and client in order to provide security. Let’s Encrypt provides certbot command line utility, which is an application that can facilitate the way you can obtain trusted certificates for free.

Requirements:

  1. Installation of FreeBSD 11.x
  2. 10 Things to Do After FreeBSD Installation
  3. How to Install Apache, MariaDB and PHP in FreeBSD

Step 1: Configure Apache SSL on FreeBSD

1. Before starting to install certbot utility and create the TSL configuration file for Apache, first create two distinct directories named sites-available and sites-enabled in Apache root configuration directory by issuing the below commands.

The purpose of these two directories is to facilitate the virtual hosting configuration management in the system, without modifying the main Apache httpd.conf configuration file each time we add a new virtual host.

- mkdir /usr/local/etc/apache24/sites-available
- mkdir /usr/local/etc/apache24/sites-enabled

2. After you’ve created both directories, open Apache httpd.conf file with a text editor and add the following line close to the end of the file as illustrated below.

- nano /usr/local/etc/apache24/httpd.conf

Add the following line:

IncludeOptional etc/apache24/sites-enabled/*.conf
Configure Apache on FreeBSDConfigure Apache on FreeBSD

Configure Apache on FreeBSD

3. Next, enable the TLS module for Apache by creating the following a new file named 020_mod_ssl.conf in modules.d directory with the following content.

- nano /usr/local/etc/apache24/modules.d/020_mod_ssl.conf

Add following lines to file 020_mod_ssl.conf.

Listen 443
SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLPassPhraseDialog  builtin
SSLSessionCacheTimeout  300
Configure Apache on FreeBSDApache SSL Configuration on FreeBSD

Apache SSL Configuration on FreeBSD

4. Now, uncomment the SSL module from /usr/local/etc/apache24/httpd.conf file by removing the hashtag from the beginning of the following line as illustrated below:

LoadModule ssl_module libexec/apache24/mod_ssl.so
Configure Apache on FreeBSDEnable SSL Module on Apache

Enable SSL Module on Apache

5. Next, create the TLS configuration file for your domain in sites-available directory, preferably with the name of your domain, as presented in the below excerpt:

- nano /usr/local/etc/apache24/sites-available/bsd.lan-ssl.conf

Add following virtualhost configuration to file bsd.lan-ssl.conf.

VirtualHost *:443>
    ServerName www.yourdomain.com
	ServerAlias yourdomain.com
                DocumentRoot "/usr/local/www/apache24/data/"
	SSLEngine on

	SSLCertificateFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/cert.pem"
	SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/privkey.pem"
	SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/fullchain.pem"

FilesMatch ".(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
/FilesMatch>

Directory "/usr/local/www/apache24/cgi-bin">
    SSLOptions +StdEnvVars
/Directory>

	BrowserMatch "MSIE [2-5]" 
        nokeepalive ssl-unclean-shutdown 
        downgrade-1.0 force-response-1.0

	CustomLog "/var/log/apache/httpd-ssl_request.log" 
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"

	Directory "/usr/local/www/apache24/data/">
            Options Indexes FollowSymLinks MultiViews
        -AllowOverride controls what directives may be placed in .htaccess files.       
                        AllowOverride All
        -Controls who can get stuff from this server file
                        Require all granted
        /Directory>
       
    ErrorLog "/var/log/apache/yourdomain.ssl-error.log"
    CustomLog "/var/log/apache/yourdomain.ssl-access_log" combined

/VirtualHost>

Makre sure you replace the domain name variable from ServerName, ServerAlias, ErrorLog, CustomLog statements accordingly.

Step 2: Install Lets’Encrypt on FreeBSD

6. On the next step, issue the following command in order to install certbot utility provided by Let’s Encrypt, which will be used to obtain Apache TSL free certificates for your domain.

While installing certbot a series of prompt will be displayed on your screen. Use the below screenshot to configure certbot utility. Also, compiling and installing certbot utility might take some time, depending on your machine resources.

- cd /usr/ports/security/py-certbot
- make install clean
Configure Apache on FreeBSDInstall Certbot on FreeBSD

Install Certbot on FreeBSD

7. After the compilation process has finished, issue the below command in order to update certbot utility and certbot required dependencies.

- pkg install py27-certbot
- pkg install py27-acme

8. In order to generate a certificate for your domain, issue the command as illustrated below. Make sure you provide the correct webroot location where your website files are stored in the file system (DocumentRoot directive from your domain configuration file) using the -w flag. If you have multiple subdomains add them all with the -d flag.

- certbot certonly --webroot -w /usr/local/www/apache24/data/ -d yourdomain.com -d www.yourdomain.com

While obtaining the certificate, supply an email address for certificate renewal, press a to agree with Let’s Encrypt terms and conditions and n to not share the email address Let’s Encrypt partners.

Certbot Command Output
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel):[email protected]
There seem to be problems with that address. Enter email address (used for
urgent renewal and security notices)  If you really want to skip this, you can
run the client with --register-unsafely-without-email but make sure you then
backup your account key from /etc/letsencrypt/accounts   (Enter 'c' to cancel):[email protected]

-------------------------------------------------------------------------------
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
https://acme-v01.api.letsencrypt.org/directory
-------------------------------------------------------------------------------
(A)gree/(C)ancel: a ------------------------------------------------------------------------------- Would you be willing to share your email address with the Electronic Frontier Foundation, a founding partner of the Let's Encrypt project and the non-profit organization that develops Certbot? We'd like to send you email about EFF and our work to encrypt the web, protect its users and defend digital rights. ------------------------------------------------------------------------------- (Y)es/(N)o: n Obtaining a new certificate Performing the following challenges: http-01 challenge for www.domain.com Using the webroot path /usr/local/www/apache24/data for all unmatched domains. Waiting for verification... Cleaning up challenges IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /usr/local/etc/letsencrypt/live/www.yourdomain.com/fullchain.pem. Your cert will expire on 2017-11-15. To obtain a new or tweaked version of this certificate in the future, simply run certbot again. To non-interactively renew *all* of your certificates, run "certbot renew" - Your account credentials have been saved in your Certbot configuration directory at /usr/local/etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. - If you like Certbot, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le

9. After you’ve obtained the certificates for your domain, you can run ls command in order to list all certificate’s components (chain, private key, certificate) as presented in the below example.

- ls -al /usr/local/etc/letsencrypt/live/www.yourdomain.com/
Configure Apache on FreeBSDList Domain Certificate and Keys

List Domain Certificate and Keys

Step 3: Update Apache TLS Certificates on FreeBSD

10. In order to add Let’s Encrypt certificates to your website, open apache configuration file for your domain and update the following lines to reflect the path of the issued certificates.

- nano /usr/local/etc/apache24/sites-available/bsd.lan-ssl.conf

Add these TLS certificate lines:

SSLCertificateFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/cert.pem"
	SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/privkey.pem"
	SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/www.yourdomain.com/fullchain.pem"
Configure Apache on FreeBSDConfigure SSL Certificate for Domain

Configure SSL Certificate for Domain

11. Finally, enable the TLS configuration file, by creating a symlink for your domain TLS configuration file to sites-enabled directory, check Apache configurations for possible syntax errors and, if the syntax is OK, restart Apache daemon by issuing the below commands.

- ln -sf /usr/local/etc/apache24/sites-available/bsd.lan-ssl.conf /usr/local/etc/apache24/sites-enabled/
- apachectl -t
- service apache24 restart

12. In order to check if Apache service is listening on HTTPS port 443, issue the following command to list httpd network sockets.

- sockstat -4 | grep httpd
Configure Apache on FreeBSDCheck Apache Ports

Check Apache Ports

13. You can navigate to your domain address from a browser via HTTPS protocol in order to confirm that Let’s Encrypt certificates are successfully applied.

https://www.yourdomain.com
Configure Apache on FreeBSDVerify HTTPS Let's Encrypt Certificate

Verify HTTPS Let’s Encrypt Certificate

14. In order to obtain extra information about the issued Let’s Encrypt certificate from command line, use the openssl command as follows.

- openssl s_client -connect www.yourdomain.com:443
Configure Apache on FreeBSDCheck Let's Encrypt Certificate Information

Check Let’s Encrypt Certificate Information

15. You can also verify if the traffic is encrypted with a valid certificate provided by Let’s Encrypt CA from a mobile device as illustrated in the below mobile screenshot.

Configure Apache on FreeBSDVerify Lets Encrypt HTTPS Traffic

Verify Lets Encrypt HTTPS Traffic

That’s all! The clients can now visit your website securely, because the traffic that flows between the server and the client’s browser is encrypted. For more complex tasks concerning certbot utility visit the following link: https://certbot.eff.org/