AsiaVPN Free VPN

Unlock the Internet with Speed & Security 🚀

  • Authenticating with Password in Apache and Nginx on Raspberry Pi OS

    In this guide, we’ll learn how to set up password authentication in both Apache and Nginx on Raspberry Pi OS (Debian).

    Prerequisites

    Before you begin, make sure you have:

    • A Raspberry Pi running Raspberry Pi OS (Debian).
    • Apache and Nginx installed and configured.

    Setting Up Password Authentication in Apache

    Step 1: Create a Password File

    First, create a password file using the htpasswd utility. Replace username1 and username2 with the desired usernames:

    htpasswd -c /etc/apache2/.htpasswd username1
    htpasswd /etc/apache2/.htpasswd username2
        

    Step 2: Configure Apache

    Edit the Apache configuration file:

    sudo nano /etc/apache2/sites-available/000-default.conf
        

    Add the following lines inside the <VirtualHost> section:

            <Directory "/var/www/html">
                Options Indexes FollowSymLinks
                AllowOverride All
                Require all granted
                AuthType Basic
                AuthName "Restricted Content"
                AuthUserFile /etc/apache2/.htpasswd
                Require valid-user
            </Directory>
        

    Step 3: Restart Apache

    Restart the Apache service to apply the changes:

    sudo systemctl restart apache2
        

    Step 4: Access Restricted Content

    Now, when you access your website, you’ll be prompted to enter the username and password you created in Step 1.

    Setting Up Password Authentication in Nginx

    Step 1: Create a Password File

    Similar to Apache, create a password file using the htpasswd utility:

    sudo htpasswd -c /etc/nginx/.htpasswd username1
    sudo htpasswd /etc/nginx/.htpasswd username2
        

    Step 2: Configure Nginx

    Edit the Nginx configuration file:

    sudo nano /etc/nginx/sites-available/default
        

    Add the following lines inside the server block:

            location / {
                auth_basic "Restricted Content";
                auth_basic_user_file /etc/nginx/.htpasswd;
            }
        

    Step 3: Restart Nginx

    Restart the Nginx service to apply the changes:

    sudo systemctl restart nginx
        

    Step 4: Access Restricted Content

    Now, accessing your website in Nginx will prompt you to enter the username and password you created in Step 1.

    Conclusion

    Congratulations! You’ve successfully set up password authentication in both Apache and Nginx on Raspberry Pi OS. This adds an extra layer of security to your web servers.

  • How to Install OpenVPN Server on Windows 10 Pro 22H2

    How to Install OpenVPN Server on Windows 10 Pro 22H2 (Build 19045.3448)

    1. Set up OpenVPN

    Set up an OpenVPN connection following this guide

    2. Generate a TA key

    Generate a TA key and place it in the same folder as the other certificates/keys: openvpn --genkey --secret ta.key

    3. Update server.ovpn profile

    Append the following lines to your server.ovpn profile:

    # Route all traffic through VPN
    push "redirect-gateway def1"
    # Push Google DNS to prevent leak
    push "dhcp-option DNS 8.8.8.8"
        

    4. Update client.ovpn profile

    Append the following lines to your client.ovpn profile:

    # Block DNS leak
    block-outside-dns
        

    Here is my completed configuration file

    local 1.2.3.4
    port 9194
    proto udp
    dev tun
    ca ca.crt
    cert server.crt
    key server.key
    dh dh.pem
    auth SHA512
    tls-crypt tc.key
    topology subnet
    server 10.8.0.0 255.255.255.0
    push "redirect-gateway def1 bypass-dhcp"
    ifconfig-pool-persist ipp.txt
    push "dhcp-option DNS 8.8.8.8"
    push "dhcp-option DNS 8.8.4.4"
    push "block-outside-dns"
    keepalive 10 120
    cipher AES-256-CBC
    user nobody
    group nogroup
    persist-key
    persist-tun
    plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so login
    client-cert-not-required
    username-as-common-name
    verb 3
    crl-verify crl.pem
    explicit-exit-notify
    duplicate-cn
    

    5. Service Tweaks

    1. Open the Services window
    2. Find Routing and Remote Access and set it to: Startup type – Automatic
    3. Start the service

    6. Adapter Tweaks

    1. Open the network adapters window
    2. Right-click your internet adapter (e.g. Ethernet) and then: Properties -> Sharing -> Allow other network users to connect through this computer’s Internet connection
    3. (if applicable) From the drop-down list select your OpenVPN TAP adapter (e.g. Ethernet 2)
    4. Note: Only one adapter can be shared at a time, so if you don’t see the Sharing tab, make sure no other adapter is being shared.

    7. Registry Tweaks

    Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

    Value: IPEnableRouter

    Type: REG_DWORD

    Data: 0x00000001 (1)

    8. Configure a Static Route (if behind a router)

    You have to route all packets sent to the client’s virtual IP back to the VPN server.

    Example using Cisco router:

    • 10.8.0.0 – virtual network subnet
    • 255.255.255.0 – virtual network subnet mask
    • 192.168.1.175 – VPN server internal IP (in the subnet of the router)

    9. Issues with ICS (Internet Connection Sharing)

    There are a few issues you might encounter when using OpenVPN together with ICS:

    • ICS by default automatically assigns a static IP (192.168.137.1) on your LAN adapter, conflicting with OpenVPN IP. To address this, change OpenVPN config to have a consistent IP range or change HKLM\System\CurrentControlSet\services\SharedAccess\Parameters\ScopeAddress to 10.8.0.1.
    • On some later Windows versions, ICS might stop working after a reboot. The way to address this is mentioned in this Microsoft support article.

    10. Final OpenVPN Tweaks

    1. Right-click openvpn-gui.exe and then: Properties -> Compatibility -> Run this program as an administrator
    2. (optional) Configure the OpenVPN server to start and connect automatically:
    "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect server.ovpn

  • Setting Up an OpenVPN Server on DigitalOcean

    OpenVPN is a powerful open-source solution for creating a private VPN server. In this guide, we’ve walked through the process of installing and configuring an OpenVPN server on DigitalOcean’s cloud service. With an OpenVPN server, you can secure your internet connection and securely access a virtual private network from anywhere.

    Step 1: Create a Droplet on DigitalOcean

    1. Visit the DigitalOcean website and log in to your account or create a new one.
    2. Once logged in, click on “Create Droplet” to create a new virtual machine.
    3. In the Droplet creation interface:
      • Choose the Linux operating system you want to use (e.g., Ubuntu 20.04 LTS).
      • Select the Droplet type based on your needs.
      • Choose a Data Center Region near you.
      • Enable the “Private Networking” option if you want to activate private connections between your Droplets.
    4. Below, you can add optimization options for your Droplet, but it’s not necessary for this purpose.
    5. Click “Create Droplet” at the bottom of the page to create the new Droplet. DigitalOcean will create the server and email you the login information.

    Step 2: Access the Droplet and Update the OS

    1. Use SSH to access your Droplet. Use the public IP address of your Droplet and the SSH key (if used) for authentication:ssh root@your_droplet_ip
    2. Once logged in, update the operating system with the following commands: apt update apt upgrade

    Step 3: Install OpenVPN

    1. Install the necessary packages for OpenVPN with the following command:apt install openvpn easy-rsa
    2. Copy the sample configuration files for Easy-RSA: make-cadir ~/openvpn-ca cd ~/openvpn-ca
    3. Set up environment variables for Easy-RSA:source vars
    4. Initialize the Certificate Authority (CA) and create a series of certificates and security keys: ./clean-all ./build-ca
    5. Create private keys and certificates for the OpenVPN server:./build-key-server server
    6. Copy the sample configuration files for the server:openvpn –genkey –secret keys/ta.key

    Step 4: Configure OpenVPN Server

    Create a configuration file for the OpenVPN server. You can use the following sample configuration as a starting point (server.conf):

            proto udp
            dev tun
            ca /etc/openvpn/easy-rsa/keys/ca.crt
            cert /etc/openvpn/easy-rsa/keys/server.crt
            key /etc/openvpn/easy-rsa/keys/server.key
            dh /etc/openvpn/easy-rsa/keys/dh2048.pem
            server 10.8.0.0 255.255.255.0
            ifconfig-pool-persist ipp.txt
            push "redirect-gateway def1 bypass-dhcp"
            push "dhcp-option DNS 8.8.8.8"
            push "dhcp-option DNS 8.8.4.4"
            keepalive 10 120
            tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
            cipher AES-256-CBC
            comp-lzo
            user nobody
            group nogroup
            persist-key
            persist-tun
            status openvpn-status.log
            verb 3
        

    Step 5: Start OpenVPN Service

    Start the OpenVPN service using the following command:

            systemctl start openvpn-server@server.service
        

    Enable OpenVPN to start on boot:

            systemctl enable openvpn-server@server.service
        

    Conclusion

    By following the steps outlined in this guide, you’ve successfully set up an OpenVPN server on DigitalOcean. This server allows you to create a secure and private VPN, giving you the ability to protect your internet connection and access a virtual private network from anywhere. You can now further configure your OpenVPN server and connect to it from your devices to enjoy a secure online experience.