Allow Access to .well-known Folder For Let’s Encrypt/Certbot When Site Is Protected By HTTP Authentication

If you’re running Apache web server and you have your site protected with HTTP authentication but still want to allow Let’s Encrypt/Certbot to be able to issue a certificate you will have to allow access to the .well-known folder on your site. Otherwise they may give you an error and fail to issue you a certificate.

You can allow access to individual folders within that site by creating a .htaccess file in the folder (in this case within the .well-known folder) with the following contents:

Order allow,deny
Allow from all
Satisfy Any

This will allow anyone to access that folder thus allowing Let’s Encrypt/Certbot to verify your domain and issue you a certificate.

Install new ARK server on Ubuntu 16.04

First provision your server at your desired web host. I recommend using an 8GB Linode VPS. I could not get the server to start on a 4GB but maybe some day they will optimize it enough for that if you aren’t planning to have a lot of players. Linode is great because they have more RAM than some other hosts for the same price and it runs ARK great!

For the OS choice I prefer using Ubuntu 16.04 and this is what I’ll be using in this guide. We will also use the excellent ARK Server Tools. You don’t have download it yet, that part comes later.

Once you have your server running you can login to your shiney new SSH console. I’m logging in directly as root but if you are using another user you probably already know what you’re doing maybe you’re using a different host so just make sure to add sudo in front of all your commands until you switch to the steam user later on.

You might notice if you’ve already tried to update Ubuntu that it gets stuck at “Connecting to” so before we update let’s fix that. Edit the file at /etc/gai.conf with your favourite editor. I use vi so type:

vi /etc/gai.conf

Find this line:

#precedence ::ffff:0:0/96 10

Remove the # at the start by using the arrow keys to go down and press Delete to uncomment the line and save the file with :wq Enter

Now you can update properly!

apt-get update
apt-get dist-upgrade

If it prompts anything about grub config just hit enter to keep the current grub config.

Now install the necessary packages (Note: If using sudo be sure to put it in front of apt-get as well):

dpkg --add-architecture i386; apt-get install libcompress-raw-zlib-perl libc6-i386 curl wget file bzip2 gzip unzip lsof util-linux lib32gcc1 libstdc++6 libstdc++6:i386

Now let’s setup the firewall. If you have a static IP and want to allow only your IP to access your RCON and SSH you can run these:

ufw allow from YOURIPADDRESS proto any to any port 22
ufw allow from YOURIPADDRESS proto any to any port 32330

Otherwise you can run these:

ufw allow 22
ufw allow 32330

Now open some more ports:

ufw allow 27000:27030/udp
ufw allow 27015
ufw allow 27016
ufw allow 7777
ufw allow 7778
ufw allow 4380/udp

And finally enable the firewall:

ufw enable

Now we are going to increase some limits on the file system and whatnot. Run these commands:

echo fs.file-max=100000 >> /etc/sysctl.conf
sysctl -p /etc/sysctl.conf
echo *               soft    nofile          1000000 >> /etc/security/limits.conf
echo *               hard    nofile          1000000 >> /etc/security/limits.conf
echo session required >> /etc/pam.d/common-session

Now it’s time to reboot the server:


Once it comes back up and you’re logged back into your SSH console it’s time to install steam:

adduser steam
curl -sL | sudo bash -s steam

Now switch to the steam user:

su - steam

As the steam user type these commands to install SteamCMD:

mkdir ~/Steam && cd ~/Steam
curl -sqL "" | tar zxvf -

Now install the ARK server:

arkmanager install

Edit config files in /etc/arkmanager/ or create /home/steam/.arkmanager.cfg
More info about the config files.

Upload any backups to /home/steam/ARK/ShooterGame/Saved/SavedArks. If you do this as root make sure you change the ownership on the files after:

chown -R steam:steam /home/steam

Optionally install any mods you want to use:

arkmanager installmod 513353060

And finally, start the server:

arkmanager start

After a minute or two the server should be up and running and ready to play on. If not then you may have configured something wrong.

Website downloads instead of displaying

Recently I noticed a few sites had a page download instead of displaying when they were working perfectly fine before. I’m not 100% sure why but in my case the fix was to go into Virtualmin and toggle the PHP Version to some other version and back to my current one. I don’t know exactly what it changed, maybe it refreshed some config files somewhere. But it works and I wanted to make a note of it here in case it happens again.

Bash Script for Installing / Updating Java JDK RPM

Here’s a BASH script I wrote which downloads and installs the Java JDK RPM. Tested on CentOS 6.x. If you are looking to install on Ubuntu (or Mint) go here.

It also downloads the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files which are required for some applications.

You must replace the version variables in order to download the latest version. Here are the instructions for finding these.

  1. To find them go here and under the Java category go to Java SE.
  2. Click the big Java Download near the top.
  3. Click Accept License Agreement to view the links for the downloads.
  4. Find the Linux x64 if you are on a 64 bit OS or Linux i586 if you are on 32 bit. If you don’t know then you’re probably on 64 bit.
  5. Right click on the link in the right side column and go to Copy Link Location or Copy link address, etc.
  6. Now you can use this link you’ve copied to find the version numbers required. At the moment CURRENT and MINOR are not specified anywhere in the URL. Here is an image illustrating the MAJOR, REV and BUILD variables which you can update. In the future I am planning to write some regex to parse these out but haven’t
  7. Save the script below into a file and make the file executable:
    chmod +x
  8. Run the script to install / update java:
# Install Java JDK RPM

# Version variables
# md5 hash added to URL 17th Jan 2017

# Compile variables

# Download Java
wget --no-cookies --no-check-certificate --header 'Cookie: oraclelicense=accept-securebackup-cookie' "${URL}" -O "./${RPM}"

# Install Java
yum -y localinstall "./${RPM}"

# Alternatives
alternatives --install /usr/bin/java java ${JPATH}/jre/bin/java 20000
alternatives --install /usr/bin/jar jar ${JPATH}/bin/jar 20000
alternatives --install /usr/bin/javac javac ${JPATH}/bin/javac 20000
alternatives --install /usr/bin/javaws javaws ${JPATH}/jre/bin/javaws 20000
alternatives --set java ${JPATH}/jre/bin/java
alternatives --set javaws ${JPATH}/jre/bin/javaws
alternatives --set javac ${JPATH}/bin/javac
alternatives --set jar ${JPATH}/bin/jar

# Remove download
rm "./${RPM}"

# Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files
# Note: This is only required for some applications.
wget --no-cookies --no-check-certificate --header 'Cookie: oraclelicense=accept-securebackup-cookie' "${POLICY_URL}" -O "./${POLICY_FILE}"
unzip -u "./${POLICY_FILE}"
cp -f ./UnlimitedJCEPolicyJDK${MAJOR}/*.jar ${JPATH}/jre/lib/security/
rm "./${POLICY_FILE}"
rm -rf ./UnlimitedJCEPolicyJDK${MAJOR}/



  • Requires wget to be installed.
  • Requires unzip (for JCE) to be installed.
  • Does not update the JAVA_HOME or PATH environment variables. You can set them to /usr/java/latest which symlinks to the proper Java version.

Please report any issues.

Redirect Apache ServerAlias to ServerName

I had a website that was moved to a new domain name but I wanted to make all the old URLs redirect to the new domain.

However, redirecting using a typical .htaccess redirect as shown below wouldn’t work because it was new using the old domain as a ServerAlias to the new domain/ServerName.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^$ [OR]
RewriteCond %{HTTP_HOST} ^$
RewriteRule ^(.*)$$1 [R=301,L]


I found part of the solution to this here. I added in detection of HTTPS. Now whenever anyone accesses the site from a domain which isn’t it will redirect to including all the old URLs. I placed this in the Apache config file in the VirtualHost section for the domain rather than the .htaccess file. Replace with the new domain/ServerName.

RewriteEngine on
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST}  !^ [nocase] [OR]
RewriteCond %{HTTP_HOST}  !^ [nocase]
RewriteRule ^(.*)$$1 [last,redirect=301]
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST}  !^ [nocase] [OR]
RewriteCond %{HTTP_HOST}  !^ [nocase]
RewriteRule ^(.*)$$1 [last,redirect=301]

Recursively find and replace php.ini date.timezone

I recently had to update PHP on a server and the php.ini settings but then the date.timezone wasn’t set in a bunch of servers. So I decided just to search and replace them instead of doing them all individually.

find . -name 'php.ini' -type f -exec sed -i 's/;date.timezone =/date.timezone = "America\/Toronto"/g' {} +

Note the extra \ between America/Toronto which comes from the List of Supported Timezones.

Building mod_webpresence for ejabberd on CentOS

I keep forgetting how to setup the mod_webpresence for ejabberd whenever I happen to reinstall everything so I am typing it out here for future reference and maybe it’ll even be useful for others. The instructions aren’t 100% clear for me on the ejabberd-contrib github page since I have always had issues figuring it out. Hopefully these instructions will save some time in the future.

First I have to remove the existing erlang-kernel and all it’s packages and update to a new version of Erlang. I actually don’t know if this is necessary anymore but I update Erlang to the latest version since it was necessary in the past in order to properly be able to build the module.

yum remove erlang-kernel

Then I download latest Erlang package and install it instead. They have a bunch of operating systems including Ubuntu, CentOS, Fedora, Debian, Mac OS X and Windows.

yum localinstall esl-erlang_17.3-1~centos~6_amd64.rpm

From the ejabberd-contrib repository I upload to my ejabberd/lib folder the ejabberd-dev module and the mod_webpresence module. You can do this numerous ways. I simply download or clone the git repository and upload or move those module’s folders to the ejabberd/lib folder.

Then I go into the mod_webpresence folder, make the executable and run it.

chmod +x && ./

The output shouldn’t have any errors or unfortunately something else is wrong. It should create a beam file in the ebin folder and say something like: Recompile: src/mod_webpresence

Next I copy the ejabberd/lib/mod_webpresence/ebin/mod_webpresence.beam file to ejabberd/lib/ejabberd-14.07/ebin/mod_webpresence.beam

Edit the ejabberd/conf/ejabberd.yml file and add the parts to the appropriate sections as shown below.

This part goes under the port: 5280 listen section or whatever port you are running the ejabberd_http module on that you want to serve the mod_webpresence from.

        "presence": mod_webpresence

For example mine looks like this:

    port: 5280
    module: ejabberd_http
    http_poll: false
    http_bind: true
    captcha: true
        "presence": mod_webpresence

And this part goes down where all the other modules are defined. Make sure you update the /PATH/TO/ejabberd

    pixmaps_path: "/PATH/TO/ejabberd/lib/mod_webpresence/data/pixmaps/"
    baseurl: "http://@HOST@/presence/"
    access: local

Restart ejabberd and that should hopefully work out. If the ejabberd server doesn’t start then you probably should check the logs and see if you can see what’s wrong. If something is wrong then that really sucks! Especially if you don’t know much about Erlang. You will probably have to do some digging and try to figure it out.

If the server started fine and there are no errors in the logs then now you have to use a jabber client (I used Miranda NG) and login as the user you want to see the presence of. Access the Service Discovery under your jabber connection Services and Register with the webpresence service.

Once you do that it should send you a message telling you some examples and so forth like this:

Subject: Web Presence: registered
You have registered:

Use URLs like:




If all is well then you should now be able to find or write your own app to detect and display your online presence. I ended up using the xml URL like this: