beenhere4hours/vps2.txt

## vps2.txt
## Install EPEL
wget http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-1.noarch.rpm
rpm -Uvh yum install epel-release-7-1.noarch.rpm

## Install iptables-services
yum install iptables-services

## Configure the IP Tables
systemctl mask firewalld
systemctl enable iptables
systemctl enable ip6tables
systemctl stop firewalld
systemctl start iptables
systemctl start ip6tables
iptables -P INPUT ACCEPT
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
iptables -A INPUT -p tcp --sport 3306 -j ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -L -v
service iptables save

## Install LAMP
yum install -y httpd mysql-server php php-mysql

## Reset some services
service httpd restart
service mysqld restart
chkconfig httpd on
chkconfig mysqld on

## Configure the SQL server
X=$(tr -cd '[:alnum:]' < /dev/urandom | head -c32)
echo "$X"
mysqladmin -u root password "$X"
echo -e "[client]\nuser=root\npassword=$X\n" > /root/.my.cnf
chmod 600 /root/.my.cnf

mysql -e "DELETE FROM mysql.user WHERE User='';"
mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
mysql -e "UPDATE mysql.user SET password=password('$X') WHERE User='root';"
mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
mysql -e "DROP DATABASE test;"
mysql -e "FLUSH PRIVILEGES;"

## Configure Apache
## set up vars
SERVERNAME=""  # The server name EXAMPLE: www.example.com
SERVERALIAS="" # The server alias EXAMPLE: example.com
cd /etc/httpd/
echo 'Include virtual.d/*.conf' > conf.d/virtual.d.conf
mkdir virtual.d
echo "<VirtualHost *:80>
DocumentRoot /var/www/$SERVERALIAS
ServerName $SERVERNAME
ServerAlias $SERVERALIAS
ErrorLog logs/$SERVERALIAS-error.log
CustomLog logs/$SERVERALIAS-access.log common
</VirtualHost>" > virtual.d/$SERVERALIAS.conf

cd /etc/httpd/conf/
cp -pf httpd.conf httpd.conf.$(date +%Y%m%d%H%M%S).orig
# enable mod rewrite
sed -i -e 's/AllowOverride\sNone/AllowOverride All/g' httpd.conf
sed -i 's/#.*//g' httpd.conf
sed -i '/^ *$/d' httpd.conf
cp -pf httpd.conf httpd.conf.$(date +%Y%m%d%H%M%S).skinny
sed -i 's/access_log/access.log/' httpd.conf
sed -i 's/error_log/error.log/' httpd.conf
rm -f /var/log/httpd/*

cd /var/www/
tar -czvf cgi-bin.$(date +%Y%m%d%H%M%S).tar.gz cgi-bin/
tar -czvf error.$(date +%Y%m%d%H%M%S).tar.gz error/
rm -rf cgi-bin error
mv html $SERVERALIAS
ln -s $SERVERALIAS html

echo '<?php phpinfo(); ?>' >> dmasi/index.php

# if all went well you should see a phpinfo at www.dmasi.us/index.php
	## Install EPEL
	wget http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-1.noarch.rpm
	rpm -Uvh yum install epel-release-7-1.noarch.rpm

	## Install iptables-services
	yum install iptables-services

	## Configure the IP Tables
	systemctl mask firewalld
	systemctl enable iptables
	systemctl enable ip6tables
	systemctl stop firewalld
	systemctl start iptables
	systemctl start ip6tables
	iptables -P INPUT ACCEPT
	iptables -F
	iptables -A INPUT -i lo -j ACCEPT
	iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
	iptables -A INPUT -p tcp --dport 22 -j ACCEPT
	iptables -A INPUT -p tcp --dport 80 -j ACCEPT
	iptables -A INPUT -p tcp --dport 443 -j ACCEPT
	iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
	iptables -A INPUT -p tcp --sport 3306 -j ACCEPT
	iptables -P INPUT DROP
	iptables -P FORWARD DROP
	iptables -P OUTPUT ACCEPT
	iptables -L -v
	service iptables save

	## Install LAMP
	yum install -y httpd mysql-server php php-mysql

	## Reset some services
	service httpd restart
	service mysqld restart
	chkconfig httpd on
	chkconfig mysqld on

	## Configure the SQL server
	X=$(tr -cd '[:alnum:]' < /dev/urandom \| head -c32)
	echo "$X"
	mysqladmin -u root password "$X"
	echo -e "[client]\nuser=root\npassword=$X\n" > /root/.my.cnf
	chmod 600 /root/.my.cnf

	mysql -e "DELETE FROM mysql.user WHERE User='';"
	mysql -e "DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');"
	mysql -e "UPDATE mysql.user SET password=password('$X') WHERE User='root';"
	mysql -e "DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%'"
	mysql -e "DROP DATABASE test;"
	mysql -e "FLUSH PRIVILEGES;"

	## Configure Apache
	## set up vars
	SERVERNAME="" # The server name EXAMPLE: www.example.com
	SERVERALIAS="" # The server alias EXAMPLE: example.com
	cd /etc/httpd/
	echo 'Include virtual.d/*.conf' > conf.d/virtual.d.conf
	mkdir virtual.d
	echo "<VirtualHost *:80>
	DocumentRoot /var/www/$SERVERALIAS
	ServerName $SERVERNAME
	ServerAlias $SERVERALIAS
	ErrorLog logs/$SERVERALIAS-error.log
	CustomLog logs/$SERVERALIAS-access.log common
	</VirtualHost>" > virtual.d/$SERVERALIAS.conf

	cd /etc/httpd/conf/
	cp -pf httpd.conf httpd.conf.$(date +%Y%m%d%H%M%S).orig
	# enable mod rewrite
	sed -i -e 's/AllowOverride\sNone/AllowOverride All/g' httpd.conf
	sed -i 's/#.*//g' httpd.conf
	sed -i '/^ *$/d' httpd.conf
	cp -pf httpd.conf httpd.conf.$(date +%Y%m%d%H%M%S).skinny
	sed -i 's/access_log/access.log/' httpd.conf
	sed -i 's/error_log/error.log/' httpd.conf
	rm -f /var/log/httpd/*

	cd /var/www/
	tar -czvf cgi-bin.$(date +%Y%m%d%H%M%S).tar.gz cgi-bin/
	tar -czvf error.$(date +%Y%m%d%H%M%S).tar.gz error/
	rm -rf cgi-bin error
	mv html $SERVERALIAS
	ln -s $SERVERALIAS html

	echo '<?php phpinfo(); ?>' >> dmasi/index.php

	# if all went well you should see a phpinfo at www.dmasi.us/index.php