Bluetooth Hc-06 module

Serial Mode: 9600 8-N-1

AT command works when the module is not paired


Command list is very limited.

For HC06: On arduino serial monitor type “AT” (without the quotes) and press enter, “OK” will confirm AT mode. Unlike HC05, you can’t see the default name or baud rate. You can only change them. To change name type AT+NAMEDESIRED NAME, notice that there should be no space between the command and name. The module will reply OKyour set name. For example, AT+NAMEPROTOTYPE will set the name to PROTOTYPE. To change baud rate, type AT+BAUDX, where X=1 to 9.

1 set to 1200bps
2 set to 2400bps
3 set to 4800bps
4 set to 9600bps (Default)
5 set to 19200bps
6 set to 38400bps
7 set to 57600bps
8 set to 115200bps
so sending AT+BAUD4 will set the baud rate to 9600.

For Tera Term write down the commands somewhere else and paste it on the console by right clicking. No need of pressing enter. The command will be executed immediately and confirmed.

HC 06 AT commands are limited, all I could find are given here.

AT : check the connection
AT+NAME: Change name. No space between name and command.
AT+BAUD: change baud rate, x is baud rate code, no space between command and code.
AT+PIN: change pin, xxxx is the pin, again, no space.











Leave a comment

Selinux config for PHP-FPM on Centos 7

if your nginx on Centos or Redhat gives error like:

“No input files specified”

try first disabling selinux

sudo setenforce 0

$ ls -Z /apps/ppvapp/
drwxr-xr-x. nginx nginx unconfined_u:object_r:default_t:s0 ws

$sudo semanage fcontext -a -t httpd_sys_content_t "/apps/ppvapp(/.*)?"
$sudo restorecon -r /apps/ppvapp

$ls -Z /apps/ppvapp/

drwxr-xr-x. nginx nginx unconfined_u:object_r:httpd_sys_content_t:s0 ws

$sudo setsebool -P httpd_read_user_content 1

$sudo setsebool -P httpd_can_network_connect 1

if you want to connect to mysqldb or another use below setting:
$sudo setsebool -P httpd_can_network_connect_db on

Original Article is here

SELinux context

First I’d recommend installing this handy package for managing SELinux filesystem path contexts and port lists:

yum install policycoreutils-python

Php-fpm process runs as httpd_t (same label as Apache and Nginx) so I’ll use the following labels for filesystem:

  • httpd_sys_content_t for read-only
  • httpd_log_t for append only
  • httpd_sys_rw_content_t for read-write

As SELinux matches rules in order they created the most generic has to be created first. Making the whole application directory read-only:

semanage fcontext -a -t httpd_sys_content_t "/opt/dbut(/.*)?"

Log directory gets httpd_log_t. Functions like fopen() must use mode ‘a’ or file_put_contents() must be flagged with FILE_APPEND.

semanage fcontext -a -t httpd_log_t "/opt/dbut/log(/.*)?"

Session and user_content directories will be read-write.

semanage fcontext -a -t httpd_sys_rw_content_t "/opt/dbut/session(/.*)?"    
semanage fcontext -a -t httpd_sys_rw_content_t "/opt/dbut/document_root/user_content(/.*)?"

In case of oooops. To remove a rule

semanage fcontext -d "/opt/dbut/document_root/user_content(/.*)?"

Finally restore context restorecon the whole directory recursively

restorecon -r /opt/dbut

and ls -Z should say something like this:

[root@burp]# ls -Z /opt/dbut
drwxr-x---. dbut dbut unconfined_u:object_r:httpd_sys_content_t:s0 application
drwxr-xr-x. dbut dbut unconfined_u:object_r:httpd_sys_content_t:s0 document_root
drwxrwx---. dbut dbut unconfined_u:object_r:httpd_log_t:s0 log
drwxrwx---. dbut dbut unconfined_u:object_r:httpd_sys_rw_content_t:s0 session

, ,

Leave a comment

Mysql server installation on Centos 7.4

sudo rpm -ivh mysql57-community-release-el7-11.noarch.rpm
sudo yum update
sudo yum install mysql-server
sudo systemctl start mysqld
sudo systemctl enable mysqld

#check root password below:
grep 'temporary password' /var/log/mysqld.log

#change root password and disable remote root login via:

sudo mysql_secure_installation


Leave a comment

Setting up Nginx caching for API use

Written by Bram Neijt on .

With most of the HTTP basic auth secured API’s on the internet, you have a limit for the number of requests you are allowed to make. Nginx can help by doing two things: cache the responses and remove the need for authentication.

First, install nginx and add the basic proxy configuration: the cache path (where to store the data) and the location to proxy on which url:

proxy_cache_path  /var/cache/nginx/yourapi levels=1 keys_zone=yourapi:10m;

server {

    root /srv/http;
    index index.html index.htm;

    server_name localhost;

    location / {}

    location /yourapi {
	    proxy_cache yourapi;
	    proxy_set_header Authorization "Basic SECRET_BASE64_ENCODED_STRING";


The first line sets up a cache location where you will store responses with a single directory level of depth for the data to reside for at most 10 minutes (10m). All not that important. The important part is the basic auth header you set on the request.

To acquire the bsecretkeyyouneed you can simply use Chrome or Firebug to check the request you send out when you do an API request in the Network tab.

If you need to add more headers in your request, you can just add extra proxy_set_header lines.

With this configuration Nginx will proxy the requests to http://yourserver/yourapi to You should now be able to work with the API without having to add your password.

But we are not there yet, we still have no control over the time the request will be cached. This is because, as documented, the cache validity is based on the response headers of the upstream API. It’s very likely that your API will say not to cache it at all or only shortly.

To take full control of the cache timeout Nginx uses, we add two lines:

proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_cache_valid any 30s;

This will ignore any of the cache related headers from upstream and keep the cache valid for 30 seconds. This means that as you bombard Nginx, a request will only go out to upstream every 30 seconds. But another problem is, that it won’t be one request: it’s very possible that multiple requests will be made when multiple people request the same stale cache. We are still missing two things of the puzzle: only one request needs to go upstream at any time:

proxy_cache_lock on;

and if people want the cache during an update then give them the cache instead of waiting for upstream:

proxy_cache_use_stale updating;

After using all these extra lines, you can bombard Nginx and it will only send a single request every 30 seconds while still responding quickly with stale data. Now a last part of the puzzle is introduce headers that will request any user of your proxy api to not cache the response: add_header Cache-Control "no-cache, must-revalidate, max-age=0";

That’s it, all bases are covered and you can now start programming multiple clients for the proxy api without going over your API usage limit or having to add the password to each of your clients.

The complete configuration you end up with is:

proxy_cache_path  /var/cache/nginx/yourapi levels=1 keys_zone=yourapi:10m;

server {

    root /srv/http/yourapi;
    index index.html index.htm;

    server_name localhost;

    location / {

    location /yourapi {
	    add_header Cache-Control "no-cache, must-revalidate, max-age=0";

	    proxy_cache yourapi;
	    proxy_cache_use_stale updating;
	    proxy_cache_lock on;
	    proxy_cache_valid any 30s;
	    proxy_ignore_headers X-Accel-Expires Expires Cache-Control;

	    proxy_set_header Authorization "Basic VGhhbmsgeW91IGZvciByZWFkaW5nIGJuZWlqdC5ubAo=";


Leave a comment

Docker scripts

*** Start stop scripts for starting and stopping dockers

$ more start
docker run –name ${PWD##*/} -p 8001:80 -v $DIR/etc:/etc/nginx -v $DIR/data:/data -v $DIR/log:/var/log/nginx -v $DIR/resolv.conf:/etc/resolv.conf -d nginx

$more stop
docker rm -f ${PWD##*/}

data etc log nginx.conf resolv.conf start stop

*** if you got below error, please check /etc/resolv.conf file that it can contains blocked DNS servers.

host not found in upstream “” in /etc/nginx/nginx.conf


Leave a comment

How to Compile Nginx From Source on CentOS 7

Original article:

  • Added http echo module to compilation.

NGINX can be used as an HTTP/HTTPS server, reverse proxy server, mail proxy server, load balancer, TLS terminator, or caching server. It is quite modular by design. It has native modules and third-party modules created by the community. Written in the C programming language, it’s a very fast and lightweight piece of software.

NOTE: NGINX has two version streams that run in parallel – stable and mainline. Both versions can be used on a production server. It is recommended to use the mainline version in production.

Installing NGINX from source code is relatively “easy” – download the latest version of the NGINX source code, configure, build and install it.

In this tutorial, I will use the mainline version, which is 1.13.2 at the time of writing. Update version numbers accordingly when newer versions become available.

Requirements for building NGINX from source

Mandatory requirements:

  • OpenSSL library version between 1.0.2 – 1.1.0
  • zlib library version between 1.1.3 – 1.2.11
  • PCRE library version between 4.4 – 8.40
  • GCC Compiler

Optional requirements:

Before you begin

  1. Create regular user with sudo access.
  2. Switch to the new user:
    su - 
  3. Update system:
    sudo yum check-update || sudo yum update -y

Build NGINX from source

  1. Install “Development Tools” and Vim editor:
    sudo yum groupinstall -y 'Development Tools' && sudo yum install -y vim
  2. Install Extra Packages for Enterprise Linux (EPEL):
    sudo yum install -y epel-release
  3. Download and install optional NGINX dependencies:
    sudo yum install -y perl perl-devel perl-ExtUtils-Embed libxslt libxslt-devel libxml2 libxml2-devel gd gd-devel GeoIP GeoIP-devel
  4. Download the latest mainline version of NGINX source code and extract it:
    wget && tar zxvf nginx-1.13.2.tar.gz
  5. Download the NGINX dependencies’ source code and extract them:

    NGINX depends on 3 libraries: PCRE, zlib and OpenSSL:

    # PCRE version 8.40
    wget && tar xzvf pcre-8.40.tar.gz
    # zlib version 1.2.11
    wget && tar xzvf zlib-1.2.11.tar.gz
    # OpenSSL version 1.1.0f
    wget && tar xzvf openssl-1.1.0f.tar.gz
  6. Remove all .tar.gz files. We don’t need them anymore:
    rm -rf *.tar.gz
  7. Go to the NGINX source directory:
    cd ~/nginx-1.13.2
  8. For good measure, list nginx source code files and directories:
    # auto  CHANGES  conf  configure  contrib  html  LICENSE  man  README  src
  9. Copy NGINX manual page to /usr/share/man/man8:
    sudo cp ~/nginx-1.13.2/man/nginx.8 /usr/share/man/man8
    sudo gzip /usr/share/man/man8/nginx.8
    # Check that Man page for NGINX is working
    man nginx
  10. For help, you can list the available configuration switches by running:
    ./configure --help
    # To see want core modules can be build as dynamic run:
    ./configure --help | grep -F =dynamic
  11. I am using http-echo module. So clone it from its repository
    git clone
  12. Configure, compile, and install NGINX: (add the echo module to compile as below)
    ./configure --prefix=/etc/nginx \
                --sbin-path=/usr/sbin/nginx \
                --modules-path=/usr/lib64/nginx/modules \
                --conf-path=/etc/nginx/nginx.conf \
                --error-log-path=/var/log/nginx/error.log \
                --pid-path=/var/run/ \
                --lock-path=/var/run/nginx.lock \
                --user=nginx \
                --group=nginx \
                --build=CentOS \
                --builddir=nginx-1.13.2 \
                --with-select_module \
                --with-poll_module \
                --with-threads \
                --with-file-aio \
                --with-http_ssl_module \
                --with-http_v2_module \
                --with-http_realip_module \
                --with-http_addition_module \
                --with-http_xslt_module=dynamic \
                --with-http_image_filter_module=dynamic \
                --with-http_geoip_module=dynamic \
                --with-http_sub_module \
                --with-http_dav_module \
                --with-http_flv_module \
                --with-http_mp4_module \
                --with-http_gunzip_module \
                --with-http_gzip_static_module \
                --with-http_auth_request_module \
                --with-http_random_index_module \
                --with-http_secure_link_module \
                --with-http_degradation_module \
                --with-http_slice_module \
                --with-http_stub_status_module \
                --http-log-path=/var/log/nginx/access.log \
                --http-client-body-temp-path=/var/cache/nginx/client_temp \
                --http-proxy-temp-path=/var/cache/nginx/proxy_temp \
                --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
                --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
                --http-scgi-temp-path=/var/cache/nginx/scgi_temp \
                --with-mail=dynamic \
                --with-mail_ssl_module \
                --with-stream=dynamic \
                --with-stream_ssl_module \
                --with-stream_realip_module \
                --with-stream_geoip_module=dynamic \
                --with-stream_ssl_preread_module \
                --with-compat \
                --with-pcre=../pcre-8.40 \
                --with-pcre-jit \
                --with-zlib=../zlib-1.2.11 \
                --with-openssl=../openssl-1.1.0f \
                --with-openssl-opt=no-nextprotoneg \
                --with-debug \
  13. make 
    sudo make install
  14. Symlink /usr/lib64/nginx/modules to /etc/nginx/modules directory, so that you can load dynamic modules in nginx configuration like this load_module modules/;:
    sudo ln -s /usr/lib64/nginx/modules /etc/nginx/modules
  15. Print the NGINX version, compiler version, and configure script parameters:
    sudo nginx -V
    # nginx version: nginx/1.13.2 (CentOS)
    # built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC)
    # built with OpenSSL 1.1.0f  25 May 2017
    # TLS SNI support enabled
    # configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx . . .
    # . . .
    # . . .
  16. Create the NGINX system user and group:
    sudo useradd --system --home /var/cache/nginx --shell /sbin/nologin --comment "nginx user" --user-group nginx
  17. Check syntax and potential errors:
    sudo nginx -t
    # Will throw this error: nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (2: No such file or directory)
    # Just create directory
    sudo mkdir -p /var/cache/nginx && sudo nginx -t
  18. Create a systemd unit file for nginx:
    sudo vim /usr/lib/systemd/system/nginx.service
  19. Copy/paste the following content:

    NOTE: The location of the PID file and the NGINX binary may be different depending on how NGINX was compiled.

    Description=nginx - high performance web server
    ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/nginx.conf
    ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
    ExecReload=/bin/kill -s HUP $MAINPID
    ExecStop=/bin/kill -s TERM $MAINPID
  20. Start and enable the NGINX service:
    sudo systemctl start nginx.service && sudo systemctl enable nginx.service
  21. Check if NGINX will startup after a reboot:
    sudo systemctl is-enabled nginx.service
    # enabled
  22. Check if NGINX is running:
    sudo systemctl status nginx.service
    ps aux | grep nginx
    curl -I
  23. Reboot your VPS to verify that NGINX starts up automatically:
    sudo shutdown -r now
  24. Remove archaic files from the /etc/nginx directory:
    sudo rm /etc/nginx/koi-utf /etc/nginx/koi-win /etc/nginx/win-utf
  25. Place syntax highlighting of NGINX configuration for vim into ~/.vim/. You will get nice syntax highlighting when editing NGINX configuration file:
    mkdir ~/.vim/
    cp -r ~/nginx-1.13.2/contrib/vim/* ~/.vim/
  26. Remove all .default backup files from /etc/nginx/:
    sudo rm /etc/nginx/*.default


That’s it. You now have newest version of NGINX installed. It is compiled statically against some important libraries like OpenSSL. Often, the system OpenSSL version is outdated. By using this method of installing with a newer version of OpenSSL, you can take advantage of new ciphers like CHACHA20_POLY1305 and protocols like TLS 1.3 that will be available in OpenSSL 1.1.1 (which has not been released at the time of writing).


Leave a comment

HTTP Service Checker

use below script to check the http links reside in  liste.txt.
you can adjust intervals between checks via adjusting sleep seconds.

while true
while IFS='\n' read -r host; do
date_string=`date  +%Y%m%d.%H%M%S`
curl --connect-timeout 5 --max-time 10 --silent -w "$date_string;$host;%{time_connect};%{http_connect};%{http_code};%{time_total}\n" -o /dev/null http://$host >> output.txt
done < "./liste.txt"
sleep 3

if you want it as multithreaded change curl line as below. it is important to select connect-timeout below than sleep timer.

curl --connect-timeout 2.5 --max-time 2.5 --silent -w "$date_string;$host;%{time_connect};%{http_connect};%{http_code};%{time_total}\n" -o /dev/null http://$host >> output.$host.txt &

, , , , ,

Leave a comment