Skip to content

NXNJZ

Linux and Security

  • BLOG
  • Cowsay Fortune
  • Contact
  • Gitlab
  • Company Homepage

Tag: wallabag

How to Install WallaBag on Ubuntu 18.04 LTS

Posted on February 21, 2019 - February 21, 2019 by nxnjz

Introduction

Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a Ubuntu 18.04 system.

Prerequisites

  • A Ubuntu 18.04 VPS.
  • Root access to your server (via a user with sudo privileges.)
  • A web server with PHP (Instructions below.)
  • A MySQL database (Instructions below.)

Preparations

Update your system and install required software.

sudo apt update
sudo apt upgrade -y
sudo apt install -y git make composer

Git will be used to download Wallabag from its github repository and composer, via the make command, to install PHP libraries.

Installing a web server stack:

We will be using Apache with PHP, and MariaDB for the database. Execute the following to install the required packages:

sudo apt install -y apache2 php7.2 php7.2-common php7.2-xml php7.2-mbstring php7.2-mysql php7.2-json php7.2-pdo php7.2-gd php7.2-tidy php7.2-curl php7.2-bcmath php7.2-zip mariadb-server mariadb-client

Make sure Apache and MariaDB are enabled and running:

sudo systemctl enable --now apache2.service mariadb.service

Configuring Apache

Using a text editor of your choice, create a new Apache configuration file. For instance:

sudo vim /etc/apache2/sites-available/wallabag.conf

Populate it with the following (insert your Vultr IP address or a domain name pointing to your IP for ServerName):

<VirtualHost *:80>
    ServerName IP_or_DOMAIN_NAME 
    DocumentRoot /var/www/wallabag/web
    <Directory /var/www/wallabag/web>
        AllowOverride None
        Order Allow,Deny
        Allow from All
        <IfModule mod_rewrite.c>
            Options -MultiViews
            RewriteEngine On
            RewriteCond %{REQUEST_FILENAME} !-f
            RewriteRule ^(.*)$ app.php [QSA,L]
        </IfModule>
    </Directory>
 <Directory /var/www/wallabag/web/bundles>
        <IfModule mod_rewrite.c>
            RewriteEngine Off
        </IfModule>
    </Directory>
    ErrorLog /var/log/apache2/wallabag_error.log
    CustomLog /var/log/apache2/wallabag_access.log combined
</VirtualHost>

Save, exit, and enable this virtual host:

sudo a2ensite wallabag.conf

Enable the rewrite apache module:

sudo a2enmod rewrite

Restart Apache to apply changes:

sudo systemctl restart apache2.service

Configuring MariaDB for WallaBag

Start by securing your MySQL installation with this command:

sudo mysql_secure_installation

Answer the questions as shown:

Enter current password for root (enter for none): Enter
Set root password? [Y/n]: Y
New password: <your-password>
Re-enter new password: <your-password>
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y

Make sure you use a strong password.

Configuring MariaDB

Create a database and user for Wallabag:

sudo mysql -u root -p

MariaDB [(none)]> CREATE DATABASE wallabag; 
MariaDB [(none)]> CREATE USER 'wallabaguser'@'localhost' IDENTIFIED BY 'wallabagpassword';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wallabag.* TO 'wallabaguser'@'localhost';
MariaDB [(none)]> exit;

Make sure you replace wallabagpassword with a secure password. It should be different from the password you chose for the MariaDB root user.

Installing Wallabag

Since Wallabag is hosted on github, we’ll clone the repository locally:

cd /var/www/
sudo git clone https://github.com/wallabag/wallabag.git 

And transfer ownership to the apache user:

sudo chown -R www-data:www-data /var/www/wallabag

It is not recommended to run the installation scripts as root, so we will use the apache user:

sudo -u www-data /bin/bash
cd /var/www/wallabag/
make install

You will be asked several questions regarding desired configuration:

database_driver (pdo_mysql): pdo_mysql
database_driver_class (null): Press Enter
database_host (127.0.0.1): 127.0.0.1
database_port (null): 3306
database_name (wallabag): wallabag
database_user (root): wallabaguser
database_password (null): wallabagpassword
database_path (null): Press Enter
database_table_prefix (wallabag_): Prefix of your choice or Press Enter for the default.
database_socket (null): Press Enter
database_charset (utf8mb4): Press Enter
domain_name ('https://your-wallabag-url-instance.com'): http://IP_or_DOMAIN_NAME 

Choose the default (press Enter) for the remaining questions.

If you followed the steps correctly, you’ve successfully installed WallaBag on Ubuntu. You should now be able to access it on http://IP_or_DOMAIN_NAME. For better security/privacy, you should consider using a domain name with HTTPS, however this is beyond the scope of this guide.

 

Want to Install WallaBag on Fedora 29 instead?

Posted in LinuxTagged apache, ubuntu, wallabagLeave a comment

How to Install Wallabag on Fedora 29.

Posted on February 12, 2019 - February 20, 2019 by nxnjz

Introduction

Wallabag is a self-hosted PHP web application allowing you to save web pages for later reading. It extracts content so that you can read it when you have time. This article will explain the installation of Wallabag on a Fedora 29 system.

Prerequisites

  • Something running Fedora 29.
  • Root access to your system (via a user with sudo privileges.)
  • A web server with PHP 7 (Instructions below.)
  • A MySQL database (Instructions below.)

Preparations

Update your system:

sudo dnf update -y

Installing a web server stack:

We will be using Apache with PHP, and MariaDB for the database. Execute the following to install the required packages:

sudo dnf install -y httpd php php-common php-xml \
php-json php-curl php-zip php-mbstring php-mysqlnd \
php-pdo php-gd php-tidy php-bcmath mariadb-server mariadb

Make sure Apache and MariaDB are enabled and running:

sudo systemctl enable --now httpd.service mariadb.service

Install miscellaneous packages.

sudo dnf install -y git make composer unzip policycoreutils-python-utils

Git will be used to download Wallabag from its github repository and the make command, along with composer to complete the installation of Wallabag. The policy utilities package is needed for optional SELinux configuration (instructions below)

Configuring Apache

Using a text editor of your choice, create a new Apache configuration file. For instance:

sudo vim /etc/httpd/conf.d/wallabag.conf

Populate it with the following (insert your Vultr IP address or a domain name pointing to your IP for ServerName):

<VirtualHost *:80>
    ServerName IP_or_DOMAIN_NAME 
    DocumentRoot /var/www/wallabag/web
    <Directory /var/www/wallabag/web>
        AllowOverride None
        Order Allow,Deny
        Allow from All
        <IfModule mod_rewrite.c>
            Options -MultiViews
            RewriteEngine On
            RewriteCond %{REQUEST_FILENAME} !-f
            RewriteRule ^(.*)$ app.php [QSA,L]
        </IfModule>
    </Directory>
 <Directory /var/www/wallabag/web/bundles>
        <IfModule mod_rewrite.c>
            RewriteEngine Off
        </IfModule>
    </Directory>
    ErrorLog /var/log/httpd/wallabag_error.log
    CustomLog /var/log/httpd/wallabag_access.log combined
</VirtualHost>

Save and exit.

Reload Apache configuration to apply changes:

sudo systemctl reload httpd.service

Configuring MariaDB

Start by securing your MySQL installation with this command:

sudo mysql_secure_installation

Answer the questions as shown:

Enter current password for root (enter for none): Enter
Set root password? [Y/n]: Y
New password: <your-password>
Re-enter new password: <your-password>
Remove anonymous users? [Y/n]: Y
Disallow root login remotely? [Y/n]: Y
Remove test database and access to it? [Y/n]: Y
Reload privilege tables now? [Y/n]: Y

Make sure you use a strong password.

Configuring MariaDB

Create a database and user for Wallabag:

sudo mysql -u root -p

MariaDB [(none)]> CREATE DATABASE wallabag; 
MariaDB [(none)]> CREATE USER 'wallabaguser'@'localhost' IDENTIFIED BY 'wallabagpassword';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON wallabag.* TO 'wallabaguser'@'localhost';
MariaDB [(none)]> exit;

Make sure you replace wallabagpassword with a secure password. It should be different from the password you chose for the MariaDB root user.

Installing Wallabag

Since Wallabag is hosted on github, we’ll clone the repository locally:

cd /var/www/
sudo git clone https://github.com/wallabag/wallabag.git 

And transfer ownership to the apache user:

sudo chown -R apache:apache /var/www/wallabag

It is not recommended to run the installation scripts as root, so we will use the apache user:

sudo -u apache /bin/bash
cd /var/www/wallabag/
make install

You will be asked several questions regarding desired configuration:

database_driver (pdo_mysql): pdo_mysql
database_driver_class (null): Press Enter
database_host (127.0.0.1): 127.0.0.1
database_port (null): 3306
database_name (wallabag): wallabag
database_user (root): wallabaguser
database_password (null): wallabagpassword
database_path (null): Press Enter
database_table_prefix (wallabag_): Prefix of your choice or Press Enter for the default.
database_socket (null): Press Enter
database_charset (utf8mb4): Press Enter
domain_name ('https://your-wallabag-url-instance.com'): http://IP_or_DOMAIN_NAME 

Choose the default (press Enter) for the remaining questions, then exit back to your own user shell session: exit

Security configuration:

SELinux (Security-Enhanced Linux) will interfere with the wallabag application. To disable it, open the file /etc/sysconfig/selinux and replace SELINUX=enforcing with SELINUX=disabled. Reboot to apply changes. If you do not wish to disable SELinux entirely, follow the instrucions below to configure SELinux contexts for web directories.

Five labels are required:

sudo semanage fcontext -a -t httpd_sys_content_t "/var/www/wallabag(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/wallabag/data(/.*)?"
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/wallabag/var(/.*)?"  
sudo semanage fcontext -a -t httpd_log_t "/var/www/wallabag/var/logs(/.*)?"  
sudo semanage fcontext -a -t httpd_cache_t "/var/www/wallabag/var/cache(/.*)"

And apply changes with:

sudo restorecon -R /var/www/wallabag

And set the following SELinux booleans to true:

sudo setsebool -P httpd_can_network_connect 1
sudo setsebool -P httpd_can_network_connect_db 1

Finally, enable HTTP traffic through the firewall:

sudo firewall-cmd --add-service http --permanent
sudo firewall-cmd --reload

You should now be able to access Wallabag on http://IP_or_DOMAIN_NAME. For better security/privacy, you should consider using a domain name with HTTPS, however this is beyond the scope of this guide.

If you’d like to host your own music streaming server, check out these guides.

Posted in LinuxTagged apache, fedora, linux, mariadb, php, wallabagLeave a comment

Recent Posts

  • CVE-2021-42052 full disclosure
  • How to Set Up an Interactive SSH Honeypot on CentOS 8.
  • HackTheBox.eu Jarvis Writeup
  • How to setup a simple proxy server with tinyproxy (Debian 10 Buster)
  • How to Install qdPM 9.1 on Debian 10 LEMP

Tags

802.11 ampache apache aspx bash cd centos cms crm cve debian exploits fedora fulldisclosure hackthebox honeypot http httpd ifconfig iw iwconfig labs lfi linux mariadb memory monit music nginx pastebin php privatebin privesc project management proxy reconnoitre selinux shopt ssh systemd txpower ubuntu wallabag wireless xxe

Categories

  • BASH (1)
  • CTF/Labs (2)
  • CVE / full disclosure (1)
  • Information Gathering (1)
  • Linux (25)
  • Password Cracking (1)
  • Privilege Escalation (2)
  • SQL Injection (1)
  • Web-Shells (1)
  • Wifi (2)
  • XXE (1)

Recent Comments

  • Bernard Martiny on How to Install PrivateBin on Ubuntu 18.04 LTS
  • VuCSA on List of security labs/challenges/CTFs
  • Brian on How to Install PrivateBin on Fedora 29.
  • Tyreeb on Installing Ampache on CentOS 7.
  • Christian Mora on Installing Ampache on CentOS 7.