2021- Ubuntu 20.04 Install Apache 2.4, PHP 7.3-FPM, Composer, php extension for laravel , MySQL 8.0.19, NodeJs(latest version), NPM(latest version), VUE(latest version) Vue CLI( latest version) , Redis (latest version), Git(latest version), Laravel init mysql

-------02-21--Update

--------------------------------AWS inbound rules ----------------------

Make sure following is enabled 

tcp 3306 (Default port for mysql)

http 80

https 443

ssh 22

tcp 8080 (for backend dev server)

tcp 9527 (for front end dev server)

---outbound is always all all

-----------------------------------------------------------------

----Install Apache2

sudo apt update 

sudo apt install apache2 libapache2-mod-fcgid

// Check apache2 status

# service apache2 status

# service apache2 restart

https://www.e2enetworks.com/help/knowledge-base/how-to-check-running-status-of-lamp-stack/

----Install PHP7.3-fpm

--------------------------------------------

#Install from repo not necessary proceed with next step

sudo apt install software-properties-common

sudo add-apt-repository ppa:ondrej/php

--------------------------------------------------

sudo apt update

sudo apt install php7.3 php7.3-fpm

sudo systemctl status php7.3-fpm

------Make php-FPM listen at 9000

 sudo vim /etc/php/7.3/fpm/pool.d/www.conf

;listen = /run/php/php7.3-fpm.sock
listen = 127.0.0.1:9000

-----Restart

sudo systemctl restart php7.3-fpm.service

https://serverfault.com/questions/189940/how-do-you-restart-php-fpm

-- Check php-fpm listens on 9000

sudo lsof  | grep "9000 (LISTEN)"

Results

│php-fpm7. 10606                            root    7u     IPv4              56273      0t0        TCP localhost:9000 (LISTEN)
                                                                                                                                       │php-fpm7. 10617                        www-data    9u     IPv4              56273      0t0        TCP localhost:9000 (LISTEN)
                                                                                                                                       │php-fpm7. 10618                        www-data    9u     IPv4              56273      0t0        TCP localhost:9000 (LISTEN)




https://askubuntu.com/questions/132426/weird-port-9000-service-how-do-i-find-out-what-it-is

----- Check Apache2 To See if it is Event(Should be by default)

a2query -M (check if its prefork, worker event)

• Disable prefork: 
  

  sudo a2dismod mpm_prefork

• Enable Event: 
  

  sudo a2enmod mpm_event

• Restart Apache: 
  

  sudo service apache2 restart

!!!!!!!!!!!!!!!!!!1!1Enable the following Apache config to talk to PHP: !!!!!!!!!!!!!!!!!!!

sudo a2enmod actions fcgid alias proxy_fcgi

   sudo systemctl restart apache2

If your apache is talking to PHP through a TCP socket (127.0.0.1:9000) instead of a Unix socket (/run/php/php7.1-fpm.sock), you will need to modify the following line:

#Note : php7.3-fpm.conf is available at   /etc/apache2/conf-available/ (Global configs for all sites after php7.3-fpm has been installed)

# sudo vim /etc/apache2/conf-available/php7.3-fpm.conf

!!!! Comment out Require all denied, to allow access of php file

  <FilesMatch ".+\.php$"> #Require all denied </FilesMatch>

# Define a matching worker.
    # The part that is matched to the SetHandler is the part that
    # follows the pipe. If you need to distinguish, "localhost; can
    # be anything unique.
    <Proxy "fcgi://localhost/" enablereuse=on max=10>
    </Proxy>
    <FilesMatch ".+\.ph(ar|p|tml)$">
        #SetHandler "proxy:unix:/run/php/php7.3-fpm.sock|fcgi://localhost"
        SetHandler "proxy:fcgi://127.0.0.1:9000"
    </FilesMatch>

# Test to see apache config syntax is ok
# sudo apache2ctl configtest

!!!!IMPORTANT /etc/apache2/conf-available/php7.3-fpm.conf applies to all virual host,  it is not enabled by default. To check go to /etc/apache2/conf-enabled. To enable

# sudo a2enconf php7.3-fpm.conf  

# sudo systemctl reload apache2     

# Restart apache

# sudo  systemctl restart apache2 && systemctl status apache2

// Check if port has been listened porperly by apache2 and php fpm

sof -i list open ports and the corresponding applications.

Check correct conf applied to PHP

grep -r php /etc/apache2/*

---------------------------------!!!!--------------------To check if php-fpm is talking with apache2

echo "<?php phpinfo(); ?>" > /var/www/html/info.php

then type yourhost/info.php to see if it is available 

----------------------------------------

To install php-fpm for 1 virtual host set 

<FilesMatch ".+\.ph(ar|p|tml)$">

#SetHandler "proxy:unix:/run/php/php7.3-fpm.sock|fcgi://localhost" SetHandler "proxy:fcgi://127.0.0.1:9000" </FilesMatch>

in 000-default.conf

https://tecadmin.net/install-apache-php-fpm-ubuntu-18-04/

-----------------------------Check for default site location for apache2

vim /etc/apache2/sites-available/000-default.conf

# Check for DocumenRoot (usually /var/www/html)

--------------------------------Install php extension for laravel

PHP 7.0 || PHP 7.2 || PHP 7.3
PHP EXTENSIONS : MYSQL, CURL, MBSTRING, XML
PHP MYSQL : sudo apt-get install php7.3-mysql
PHP CURL : sudo apt-get install php7.3-curl
PHP MB String: sudo apt-get install php7.3-mbstring
PHP DOM : sudo apt-get install php7.3-xml
PHP BCMATH: sudo apt-get install php7.3-bcmath

// BCMATH is for bcadd() function which adds two arbitrary precision 

// numbers in string ('1' + '3.4')  https://www.geeksforgeeks.org/php-bcadd-function/

https://tecadmin.net/install-apache-php-fpm-ubuntu-18-04/

---Install Composer 

Make sure you’re in your home directory, then retrieve the installer using curl:

cd ~
curl -sS https://getcomposer.org/installer -o composer-setup.php

 

Next, we’ll verify that the downloaded installer matches the SHA-384 hash for the latest installer found on the Composer Public Keys / Signatures page. To facilitate the verification step, you can use the following command to programmatically obtain the latest hash from the Composer page and store it in a shell variable:

HASH=`curl -sS https://composer.github.io/installer.sig`

 

If you want to verify the obtained value, you can run:

echo $HASH

 

Output
e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a

Now execute the following PHP code, as provided in the Composer download page, to verify that the installation script is safe to run:

php -r "if (hash_file('SHA384', 'composer-setup.php') === '$HASH') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"

 

You’ll see the following output:

Output

Installer verified

 

If the output says Installer corrupt, you’ll need to download the installation script again and double check that you’re using the correct hash. Then, repeat the verification process. When you have a verified installer, you can continue.

To install composer globally, use the following command which will download and install Composer as a system-wide command named composer, under /usr/local/bin:

sudo php composer-setup.php --install-dir=/usr/local/bin --filename=composer

 

You’ll see output similar to this:

Output
All settings correct for using Composer
Downloading...

Composer (version 1.10.5) successfully installed to: /usr/local/bin/composer
Use it: php /usr/local/bin/composer

To test your installation, run:

composer

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-composer-on-ubuntu-20-04

-------Install MySQL

sudo apt update

 

Then install the mysql-server package:

sudo apt install mysql-server

 

This will install MySQL, but will not prompt you to set a password or make any other configuration changes. Because this leaves your installation of MySQL insecure, we will address this next.

Step 2 — Configuring MySQL

For fresh installations of MySQL, you’ll want to run the DBMS’s included security script. This script changes some of the less secure default options for things like remote root logins and sample users.

Run the security script with sudo:

sudo mysql_secure_installation

 

This will take you through a series of prompts where you can make some changes to your MySQL installation’s security options. The first prompt will ask whether you’d like to set up the Validate Password Plugin, which can be used to test the password strength of new MySQL users before deeming them valid.

If you elect to set up the Validate Password Plugin, any MySQL user you create that authenticates with a password will be required to have a password that satisfies the policy you select. The strongest policy level — which you can select by entering 2 — will require passwords to be at least eight characters long and include a mix of uppercase, lowercase, numeric, and special characters:

Output
Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: Y

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
 2

Regardless of whether you choose to set up the Validate Password Plugin, the next prompt will be to set a password for the MySQL root user. Enter and then confirm a secure password of your choice:

Output
Please set the password for root here.


New password: 

Re-enter new password: 

Note that even though you’ve set a password for the root MySQL user, this user is not currently configured to authenticate with a password when connecting to the MySQL shell.

If you used the Validate Password Plugin, you’ll receive feedback on the strength of your new password. Then the script will ask if you want to continue with the password you just entered or if you want to enter a new one. Assuming you’re satisfied with the strength of the password you just entered, enter Y to continue the script:

Output
Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y

From there, you can press Y and then ENTER to accept the defaults for all the subsequent questions. This will remove some anonymous users and the test database, disable remote root logins, and load these new rules so that MySQL immediately respects the changes you have made.

Once the script completes, your MySQL installation will be secured. You can now move on to creating a dedicated database user with the MySQL client.

Step 3 — Creating a Dedicated MySQL User and Granting Privileges

Upon installation, MySQL creates a root user account which you can use to manage your database. This user has full privileges over the MySQL server, meaning it has complete control over every database, table, user, and so on. Because of this, it’s best to avoid using this account outside of administrative functions. This step outlines how to use the root MySQL user to create a new user account and grant it privileges.

In Ubuntu systems running MySQL 5.7 (and later versions), the root MySQL user is set to authenticate using the auth_socket plugin by default rather than with a password. This plugin requires that the name of the operating system user that invokes the MySQL client matches the name of the MySQL user specified in the command, so you must invoke mysql with sudo privileges to gain access to the root MySQL user:

sudo mysql

 

Note: If you installed MySQL with another tutorial and enabled password authentication for root, you will need to use a different command to access the MySQL shell. The following will run your MySQL client with regular user privileges, and you will only gain administrator privileges within the database by authenticating:

mysql -u root -p

 

Once you have access to the MySQL prompt, you can create a new user with a CREATE USER statement. These follow this general syntax:

CREATE USER 'username'@'host' IDENTIFIED WITH authentication_plugin BY 'password';

 

After CREATE USER, you specify a username. This is immediately followed by an @ sign and then the hostname from which this user will connect. If you only plan to access this user locally from your Ubuntu server, you can specify localhost. Wrapping both the username and host in single quotes isn’t always necessary, but doing so can help to prevent errors.

You have several options when it comes to choosing your user’s authentication plugin. The auth_socket plugin mentioned previously can be convenient, as it provides strong security without requiring valid users to enter a password to access the database. But it also prevents remote connections, which can complicate things when external programs need to interact with MySQL.

As an alternative, you can leave out the WITH authentication plugin portion of the syntax entirely to have the user authenticate with MySQL’s default plugin, caching_sha2_password. The MySQL documentation recommends this plugin for users who want to log in with a password due to its strong security features.

Run the following command to create a user that authenticates with caching_sha2_password. Be sure to change sammy to your preferred username and password to a strong password of your choosing:

// For php use mysql_native_password
CREATE USER 'sammy'@'localhost' IDENTIFIED BY 'password';

 

Note: There is a known issue with some versions of PHP that causes problems with caching_sha2_password. If you plan to use this database with a PHP application — phpMyAdmin, for example — you may want to create a user that will authenticate with the older, though still secure, mysql_native_password plugin instead:

FOR PHP !!!!!!!!!!!!!!!!!!!!!!! Need to create user identeified with mysql_native_password

CREATE USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

 

If you aren’t sure, you can always create a user that authenticates with caching_sha2_plugin and then ALTER it later on with this command:

ALTER USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

 

After creating your new user, you can grant them the appropriate privileges. The general syntax for granting user privileges is as follows:

GRANT PRIVILEGE ON database.table TO 'username'@'host';

 

The PRIVILEGE value in this example syntax defines what actions the user is allowed to perform on the specified database and table. You can grant multiple privileges to the same user in one command by separating each with a comma. You can also grant a user privileges globally by entering asterisks (*) in place of the database and table names. In SQL, asterisks are special characters used to represent “all” databases or tables.

To illustrate, the following command grants a user global privileges to CREATE, ALTER, and DROP databases, tables, and users, as well as the power to INSERT, UPDATE, and DELETE data from any table on the server. It also grants the user the ability to query data with SELECT, create foreign keys with the REFERENCES keyword, and perform FLUSH operations with the RELOAD privilege. However, you should only grant users the permissions they need, so feel free to adjust your own user’s privileges as necessary.

You can find the full list of available privileges in the official MySQL documentation.

Run this GRANT statement, replacing sammy with your own MySQL user’s name, to grant these privileges to your user:

GRANT CREATE, ALTER, DROP, INSERT, UPDATE, DELETE, SELECT, REFERENCES, RELOAD on *.* TO 'sammy'@'localh

https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-20-04

// https://stackoverflow.com/questions/1420839/cant-connect-to-mysql-server-error-111

// https://serverfault.com/questions/139323/how-to-bind-mysql-server-to-more-than-one-ip-address

// AWS public mysql connection problem

After above setup, you might still unable to be connec to mysql from your remote even with remote user jxiang@remotePublicIP

The reason is in  ubuntu >= 16.04 may have this line in /etc/mysql/mysql.conf.d/myqld.cnf

there is a line bind-address = 127.0.0.1 , this makes mysql only allows local connection

To verify this error if you try connect via commnad line you will get 111

mysql -ubeer -pbeer -h192.168.1.100
ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.1.100' (111)

You can 

#bind-address                   = 127.0.0.1

Binding is limited to either 0, 1, or all IP addresses on the server. 

then 

sudo service mysql restart

# Can use mysql bench to create schema

------------------------------------

 Install node-js(latest version)(JS able to run in backend) and npm (latest version)(pkg manager front-end) https://www.digitalocean.com/community/tutorials/how-to-install-node-js-on-ubuntu-18-04

sudo apt update

 

Install Node.js from the repositories:

sudo apt install nodejs

 

If the package in the repositories suits your needs, this is all you need to do to get set up with Node.js. In most cases, you’ll also want to install npm, the Node.js package manager. You can do this by typing:

sudo apt install npm

 

This will allow you to install modules and packages to use with Node.js.

Because of a conflict with another package, the executable from the Ubuntu repositories is called nodejs instead of node. Keep this in mind as you are running software.

To check which version of Node.js you have installed after these initial steps, type:

nodejs -v

---------------------------------------------------------

Install vue. JS and Vue-CLI(Vue comnad line tool) https://linuxhint.com/install-vue-ubuntu/

Vue Js

# latest stable
$ sudo npm install vue@next

$ vue --version

Vue CLI

# latest stable

$ sudo npm install -g @vue/cli

$ vue --version. ( will also update vue )

│@vue/cli 4.5.13

Getting started with Vue.js

To get started with Vue.js, to create a project using Vue CLI using the following command.

vue create demo-app

After running this command, you will be asked to choose a preset.

You can either go with the default or add custom features. You can also use the GUI method to create a Vue project by using the following command.

------------------ Install Redis  & config on laravel ----------------

 https://redis.io/topics/data-types-intro

Redis server is like mysql-server is a simple database that stores key-value pairs.

It is mostly used as a cache DB, or as a HashTable but more memory efficiency in scripting. Wrtting and reading from redis is O(1)

Install redis server on ubuntu :

https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-redis-on-ubuntu-18-04

Step 1 — Installing and Configuring Redis
In order to get the latest version of Redis, we will use apt to install it from the official Ubuntu repositories.
Update your local apt package cache and install Redis by typing:
sudo apt update
sudo apt install redis-server
 
This will download and install Redis and its dependencies. Following this, there is one important configuration change to make in the Redis configuration file, which was generated automatically during the installation.
Open this file with your preferred text editor:
sudo nano /etc/redis/redis.conf
 
Inside the file, find the supervised directive. This directive allows you to declare an init system to manage Redis as a service, providing you with more control over its operation. The supervised directive is set to no by default. Since you are running Ubuntu, which uses the systemd init system, change this to systemd:
/etc/redis/redis.conf
. . .

# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
#   supervised no      - no supervision interaction
#   supervised upstart - signal upstart by putting Redis into SIGSTOP mode
#   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
#   supervised auto    - detect upstart or systemd method based on
#                        UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
#       They do not enable continuous liveness pings back to your supervisor.
supervised systemd

. . .
 
That’s the only change you need to make to the Redis configuration file at this point, so save and close it when you are finished. Then, restart the Redis service to reflect the changes you made to the configuration file:
sudo systemctl restart redis.service
 
With that, you’ve installed and configured Redis and it’s running on your machine. Before you begin using it, though, it’s prudent to first check whether Redis is functioning correctly.
Step 2 — Testing Redis
As with any newly-installed software, it’s a good idea to ensure that Redis is functioning as expected before making any further changes to its configuration. We will go over a handful of ways to check that Redis is working correctly in this step.
Start by checking that the Redis service is running:
sudo systemctl status redis
 
If it is running without any errors, this command will produce output similar to the following:
Output
● redis-server.service - Advanced key-value store
   Loaded: loaded (/lib/systemd/system/redis-server.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-06-27 18:48:52 UTC; 12s ago
     Docs: http://redis.io/documentation,
           man:redis-server(1)
  Process: 2421 ExecStop=/bin/kill -s TERM $MAINPID (code=exited, status=0/SUCCESS)
  Process: 2424 ExecStart=/usr/bin/redis-server /etc/redis/redis.conf (code=exited, status=0/SUCCESS)
 Main PID: 2445 (redis-server)
    Tasks: 4 (limit: 4704)
   CGroup: /system.slice/redis-server.service
           └─2445 /usr/bin/redis-server 127.0.0.1:6379
. . .
Here, you can see that Redis is running and is already enabled, meaning that it is set to start up every time the server boots.
Note: This setting is desirable for many common use cases of Redis. If, however, you prefer to start up Redis manually every time your server boots, you can configure this with the following command:
sudo systemctl disable redis
 
To test that Redis is functioning correctly, connect to the server using the command-line client:
redis-cli
 
In the prompt that follows, test connectivity with the ping command:
ping
 
Output
PONG
This output confirms that the server connection is still alive. Next, check that you’re able to set keys by running:
set test "It's working!"
 
Output
OK
Retrieve the value by typing:
get test
 
Assuming everything is working, you will be able to retrieve the value you stored:
Output
"It's working!"
After confirming that you can fetch the value, exit the Redis prompt to get back to the shell:
exit
 
As a final test, we will check whether Redis is able to persist data even after it’s been stopped or restarted. To do this, first restart the Redis instance:
sudo systemctl restart redis
 
Then connect with the command-line client once again and confirm that your test value is still available:
redis-cli
 
get test
 
The value of your key should still be accessible:
Output
"It's working!"
Exit out into the shell again when you are finished:
exit
 
With that, your Redis installation is fully operational and ready for you to use. However, some of its default configuration settings are insecure and provide malicious actors with opportunities to attack and gain access to your server and its data. The remaining steps in this tutorial cover methods for mitigating these vulnerabilities, as prescribed by the official Redis website. Although these steps are optional and Redis will still function if you choose not to follow them, it is strongly recommended that you complete them in order to harden your system’s security.
Step 3 — Binding to localhost
By default, Redis is only accessible from localhost. However, if you installed and configured Redis by following a different tutorial than this one, you might have updated the configuration file to allow connections from anywhere. This is not as secure as binding to localhost.
To correct this, open the Redis configuration file for editing:
sudo nano /etc/redis/redis.conf
 
Locate this line and make sure it is uncommented (remove the # if it exists):
/etc/redis/redis.conf
bind 127.0.0.1 ::1
 
Save and close the file when finished (press CTRL + X, Y, then ENTER).
Then, restart the service to ensure that systemd reads your changes:
sudo systemctl restart redis
 
To check that this change has gone into effect, run the following netstat command:
# apt install net-tools     [On Debian/Ubuntu]
sudo netstat -lnp | grep redis

 
Output
tcp        0      0 127.0.0.1:6379          0.0.0.0:*               LISTEN      14222/redis-server  
tcp6       0      0 ::1:6379                :::*                    LISTEN      14222/redis-server  
This output shows that the redis-server program is bound to localhost (127.0.0.1), reflecting the change you just made to the configuration file. If you see another IP address in that column (0.0.0.0, for example), then you should double check that you uncommented the correct line and restart the Redis service again.
Now that your Redis installation is only listening in on localhost, it will be more difficult for malicious actors to make requests or gain access to your server. However, Redis isn’t currently set to require users to authenticate themselves before making changes to its configuration or the data it holds. To remedy this, Redis allows you to require users to authenticate with a password before making changes via the Redis client (redis-cli).
Step 4 — Configuring a Redis Password
Configuring a Redis password enables one of its two built-in security features — the auth command, which requires clients to authenticate to access the database. The password is configured directly in Redis’s configuration file, /etc/redis/redis.conf, so open that file again with your preferred editor:
sudo nano /etc/redis/redis.conf
 
Scroll to the SECURITY section and look for a commented directive that reads:
/etc/redis/redis.conf
# requirepass foobared
 
Uncomment it by removing the #, and change foobared to a secure password.
Note: Above the requirepass directive in the redis.conf file, there is a commented warning:
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
Thus, it’s important that you specify a very strong and very long value as your password. Rather than make up a password yourself, you can use the openssl command to generate a random one, as in the following example. By piping the output of the first command to the second openssl command, as shown here, it will remove any line breaks produced by that the first command:
openssl rand 60 | openssl base64 -A
 
Your output should look something like:
Output
RBOJ9cCNoGCKhlEBwQLHri1g+atWgn4Xn4HwNUbtzoVxAYxkiYBi7aufl4MILv1nxBqR4L6NNzI0X6cE
After copying and pasting the output of that command as the new value for requirepass, it should read:
/etc/redis/redis.conf
requirepass RBOJ9cCNoGCKhlEBwQLHri1g+atWgn4Xn4HwNUbtzoVxAYxkiYBi7aufl4MILv1nxBqR4L6NNzI0X6cE
After setting the password, save and close the file, then restart Redis:
sudo systemctl restart redis.service
 
To test that the password works, access the Redis command line:
redis-cli
 
The following shows a sequence of commands used to test whether the Redis password works. The first command tries to set a key to a value before authentication:
set key1 10
 
That won’t work because you didn’t authenticate, so Redis returns an error:
Output
(error) NOAUTH Authentication required.
The next command authenticates with the password specified in the Redis configuration file:
auth your_redis_password
 
Redis acknowledges:
Output
OK
After that, running the previous command again will succeed:
set key1 10
 
Output
OK
get key1 queries Redis for the value of the new key.
get key1
 
Output
"10"
After confirming that you’re able to run commands in the Redis client after authenticating, you can exit the redis-cli:
quit
 
Next, we’ll look at renaming Redis commands which, if entered by mistake or by a malicious actor, could cause serious damage to your machine.
Step 5 — Renaming Dangerous Commands
The other security feature built into Redis involves renaming or completely disabling certain commands that are considered dangerous.
When run by unauthorized users, such commands can be used to reconfigure, destroy, or otherwise wipe your data. Like the authentication password, renaming or disabling commands is configured in the same SECURITY section of the /etc/redis/redis.conf file.
Some of the commands that are considered dangerous include: FLUSHDB, FLUSHALL, KEYS, PEXPIRE, DEL, CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, SPOP, SREM, RENAME, and DEBUG. This is not a comprehensive list, but renaming or disabling all of the commands in that list is a good starting point for enhancing your Redis server’s security.
Whether you should disable or rename a command depends on your specific needs or those of your site. If you know you will never use a command that could be abused, then you may disable it. Otherwise, it might be in your best interest to rename it.
To enable or disable Redis commands, open the configuration file once more:
sudo nano  /etc/redis/redis.conf
 
Warning: The following steps showing how to disable and rename commands are examples. You should only choose to disable or rename the commands that make sense for you. You can review the full list of commands for yourself and determine how they might be misused at redis.io/commands.
To disable a command, simply rename it to an empty string (signified by a pair of quotation marks with no characters between them), as shown below:
/etc/redis/redis.conf
. . .
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
rename-command FLUSHDB ""
rename-command FLUSHALL ""
rename-command DEBUG ""
. . .
 
To rename a command, give it another name as shown in the examples below. Renamed commands should be difficult for others to guess, but easy for you to remember:
/etc/redis/redis.conf
. . .
# rename-command CONFIG ""
rename-command SHUTDOWN SHUTDOWN_MENOT
rename-command CONFIG ASC12_CONFIG
. . .
 
Save your changes and close the file.
After renaming a command, apply the change by restarting Redis:
sudo systemctl restart redis.service
 
To test the new command, enter the Redis command line:
redis-cli
 
Then, authenticate:
auth your_redis_password
 
Output
OK
Let’s assume that you renamed the CONFIG command to ASC12_CONFIG, as in the preceding example. First, try using the original CONFIG command. It should fail, because you’ve renamed it:
config get requirepass
 
Output
(error) ERR unknown command 'config'
Calling the renamed command, however, will be successful. It is not case-sensitive:
asc12_config get requirepass
 
Output
1) "requirepass"
2) "your_redis_password"
Finally, you can exit from redis-cli:
exit
 
Note that if you’re already using the Redis command line and then restart Redis, you’ll need to re-authenticate. Otherwise, you’ll get this error if you type a command:
Output
NOAUTH Authentication required.
Regarding the practice of renaming commands, there’s a cautionary statement at the end of the SECURITY section in /etc/redis/redis.conf which reads:
/etc/redis/redis.conf
. . .
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.
. . .
 
Note: The Redis project chooses to use the terms “master” and “slave,” while DigitalOcean generally prefers the alternatives “primary” and “secondary.” In order to avoid confusion we’ve chosen to use the terms used in the Redis documentation here.
That means if the renamed command is not in the AOF file, or if it is but the AOF file has not been transmitted to slaves, then there should be no problem.
So, keep that in mind when you’re trying to rename commands. The best time to rename a command is when you’re not using AOF persistence, or right after installation, that is, before your Redis-using application has been deployed.
When you’re using AOF and dealing with a master-slave installation, consider this answer from the project’s GitHub issue page. The following is a reply to the author’s question:
The commands are logged to the AOF and replicated to the slave the same way they are sent, so if you try to replay the AOF on an instance that doesn’t have the same renaming, you may face inconsistencies as the command cannot be executed (same for slaves).
Thus, the best way to handle renaming in cases like that is to make sure that renamed commands are applied to all instances in master-slave installations.

Install, Config redis on Laravel :

https://laravel.com/docs/8.x/redis

-------------------------------------------------------------------------------------------------------

How to install Git on ubuntu 

https://linuxize.com/post/how-to-install-git-on-ubuntu-18-04/

1. sudo apt update

2. Run the following command to install Git:

   sudo apt install git

3. Verify the installation by typing the following command which will print the Git version:

   git --version

   At the time of writing this article, the current version of Git available in the Ubuntu 18.04 repositories is 2.17.1.

   git version 2.17.1

How to add ssh key to git

https://www.blogger.com/u/0/blog/post/edit/2746942211977437381/840817451780116691

CREATE SCHEMA `new table` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci ;

---------------------------------Laravel mysql set up ---

Laravel Sql config is in config/database.php

Make sure to create corresponding database and also local host mysql user for laravel to access

specified in 

        'mysql' => [