Asia VPN – Unlimited & Fast | Blog

Asia VPN Blog

recent posts

about

AsiaVPN Free VPN

Unlock the Internet with Speed & Security 🚀

  • Authenticating with Password in Apache and Nginx on Raspberry Pi OS

    Authenticating with Password in Apache and Nginx on Raspberry Pi OS

    In this guide, we’ll learn how to set up password authentication in both Apache and Nginx on Raspberry Pi OS (Debian).

    Prerequisites

    Before you begin, make sure you have:

    • A Raspberry Pi running Raspberry Pi OS (Debian).
    • Apache and Nginx installed and configured.

    Setting Up Password Authentication in Apache

    Step 1: Create a Password File

    First, create a password file using the htpasswd utility. Replace username1 and username2 with the desired usernames:

    htpasswd -c /etc/apache2/.htpasswd username1
htpasswd /etc/apache2/.htpasswd username2

    Step 2: Configure Apache

    Edit the Apache configuration file:

    sudo nano /etc/apache2/sites-available/000-default.conf

    Add the following lines inside the <VirtualHost> section:

            <Directory "/var/www/html">
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
            AuthType Basic
            AuthName "Restricted Content"
            AuthUserFile /etc/apache2/.htpasswd
            Require valid-user
        </Directory>

    Step 3: Restart Apache

    Restart the Apache service to apply the changes:

    sudo systemctl restart apache2

    Step 4: Access Restricted Content

    Now, when you access your website, you’ll be prompted to enter the username and password you created in Step 1.

    Setting Up Password Authentication in Nginx

    Step 1: Create a Password File

    Similar to Apache, create a password file using the htpasswd utility:

    sudo htpasswd -c /etc/nginx/.htpasswd username1
sudo htpasswd /etc/nginx/.htpasswd username2

    Step 2: Configure Nginx

    Edit the Nginx configuration file:

    sudo nano /etc/nginx/sites-available/default

    Add the following lines inside the server block:

            location / {
            auth_basic "Restricted Content";
            auth_basic_user_file /etc/nginx/.htpasswd;
        }

    Step 3: Restart Nginx

    Restart the Nginx service to apply the changes:

    sudo systemctl restart nginx

    Step 4: Access Restricted Content

    Now, accessing your website in Nginx will prompt you to enter the username and password you created in Step 1.

    Conclusion

    Congratulations! You’ve successfully set up password authentication in both Apache and Nginx on Raspberry Pi OS. This adds an extra layer of security to your web servers.

  • How to Install OpenVPN Server on Windows 10 Pro 22H2

    How to Install OpenVPN Server on Windows 10 Pro 22H2

    How to Install OpenVPN Server on Windows 10 Pro 22H2 (Build 19045.3448)

    1. Set up OpenVPN

    Set up an OpenVPN connection following this guide

    2. Generate a TA key

    Generate a TA key and place it in the same folder as the other certificates/keys: openvpn --genkey --secret ta.key

    3. Update server.ovpn profile

    Append the following lines to your server.ovpn profile:

    # Route all traffic through VPN
push "redirect-gateway def1"
# Push Google DNS to prevent leak
push "dhcp-option DNS 8.8.8.8"

    4. Update client.ovpn profile

    Append the following lines to your client.ovpn profile:

    # Block DNS leak
block-outside-dns

    Here is my completed configuration file

    local 1.2.3.4
port 9194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "block-outside-dns"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so login
client-cert-not-required
username-as-common-name
verb 3
crl-verify crl.pem
explicit-exit-notify
duplicate-cn

    5. Service Tweaks

    1. Open the Services window
    2. Find Routing and Remote Access and set it to: Startup type – Automatic
    3. Start the service

    6. Adapter Tweaks

    1. Open the network adapters window
    2. Right-click your internet adapter (e.g. Ethernet) and then: Properties -> Sharing -> Allow other network users to connect through this computer’s Internet connection
    3. (if applicable) From the drop-down list select your OpenVPN TAP adapter (e.g. Ethernet 2)
    4. Note: Only one adapter can be shared at a time, so if you don’t see the Sharing tab, make sure no other adapter is being shared.

    7. Registry Tweaks

    Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

    Value: IPEnableRouter

    Type: REG_DWORD

    Data: 0x00000001 (1)

    8. Configure a Static Route (if behind a router)

    You have to route all packets sent to the client’s virtual IP back to the VPN server.

    Example using Cisco router:

    • 10.8.0.0 – virtual network subnet
    • 255.255.255.0 – virtual network subnet mask
    • 192.168.1.175 – VPN server internal IP (in the subnet of the router)

    9. Issues with ICS (Internet Connection Sharing)

    There are a few issues you might encounter when using OpenVPN together with ICS:

    • ICS by default automatically assigns a static IP (192.168.137.1) on your LAN adapter, conflicting with OpenVPN IP. To address this, change OpenVPN config to have a consistent IP range or change HKLM\System\CurrentControlSet\services\SharedAccess\Parameters\ScopeAddress to 10.8.0.1.
    • On some later Windows versions, ICS might stop working after a reboot. The way to address this is mentioned in this Microsoft support article.

    10. Final OpenVPN Tweaks

    1. Right-click openvpn-gui.exe and then: Properties -> Compatibility -> Run this program as an administrator
    2. (optional) Configure the OpenVPN server to start and connect automatically:
    "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect server.ovpn

  • Setting Up an OpenVPN Server on DigitalOcean

    Setting Up an OpenVPN Server on DigitalOcean

    OpenVPN is a powerful open-source solution for creating a private VPN server. In this guide, we’ve walked through the process of installing and configuring an OpenVPN server on DigitalOcean’s cloud service. With an OpenVPN server, you can secure your internet connection and securely access a virtual private network from anywhere.

    Step 1: Create a Droplet on DigitalOcean

    1. Visit the DigitalOcean website and log in to your account or create a new one.
    2. Once logged in, click on “Create Droplet” to create a new virtual machine.
    3. In the Droplet creation interface:
      • Choose the Linux operating system you want to use (e.g., Ubuntu 20.04 LTS).
      • Select the Droplet type based on your needs.
      • Choose a Data Center Region near you.
      • Enable the “Private Networking” option if you want to activate private connections between your Droplets.
    4. Below, you can add optimization options for your Droplet, but it’s not necessary for this purpose.
    5. Click “Create Droplet” at the bottom of the page to create the new Droplet. DigitalOcean will create the server and email you the login information.

    Step 2: Access the Droplet and Update the OS

    1. Use SSH to access your Droplet. Use the public IP address of your Droplet and the SSH key (if used) for authentication:ssh root@your_droplet_ip
    2. Once logged in, update the operating system with the following commands: apt update apt upgrade

    Step 3: Install OpenVPN

    1. Install the necessary packages for OpenVPN with the following command:apt install openvpn easy-rsa
    2. Copy the sample configuration files for Easy-RSA: make-cadir ~/openvpn-ca cd ~/openvpn-ca
    3. Set up environment variables for Easy-RSA:source vars
    4. Initialize the Certificate Authority (CA) and create a series of certificates and security keys: ./clean-all ./build-ca
    5. Create private keys and certificates for the OpenVPN server:./build-key-server server
    6. Copy the sample configuration files for the server:openvpn –genkey –secret keys/ta.key

    Step 4: Configure OpenVPN Server

    Create a configuration file for the OpenVPN server. You can use the following sample configuration as a starting point (server.conf):

            proto udp
        dev tun
        ca /etc/openvpn/easy-rsa/keys/ca.crt
        cert /etc/openvpn/easy-rsa/keys/server.crt
        key /etc/openvpn/easy-rsa/keys/server.key
        dh /etc/openvpn/easy-rsa/keys/dh2048.pem
        server 10.8.0.0 255.255.255.0
        ifconfig-pool-persist ipp.txt
        push "redirect-gateway def1 bypass-dhcp"
        push "dhcp-option DNS 8.8.8.8"
        push "dhcp-option DNS 8.8.4.4"
        keepalive 10 120
        tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
        cipher AES-256-CBC
        comp-lzo
        user nobody
        group nogroup
        persist-key
        persist-tun
        status openvpn-status.log
        verb 3

    Step 5: Start OpenVPN Service

    Start the OpenVPN service using the following command:

            systemctl start openvpn-server@server.service

    Enable OpenVPN to start on boot:

            systemctl enable openvpn-server@server.service

    Conclusion

    By following the steps outlined in this guide, you’ve successfully set up an OpenVPN server on DigitalOcean. This server allows you to create a secure and private VPN, giving you the ability to protect your internet connection and access a virtual private network from anywhere. You can now further configure your OpenVPN server and connect to it from your devices to enjoy a secure online experience.