π The cheat-sheet root users love.
πΉ Apache
# Check Apache status
systemctl status apache2
# Reload / Restart Apache
sudo systemctl reload apache2
sudo systemctl restart apache2
# Test config
sudo apache2ctl configtest
πΉ DNS (Bind9 / named)
# Check config syntax
sudo named-checkconf
# Check a zone file
sudo named-checkzone it-india.net /etc/bind/zones/db.it-india.net
# Restart DNS
sudo systemctl restart named
# Query DNS locally
dig @127.0.0.1 it-india.net
dig @127.0.0.1 www.it-india.net
# Query DNS externally (use server IP)
dig @35.236.67.214 it-india.net
πΉ Firewall (ufw)
# Status
sudo ufw status
# Open ports
sudo ufw allow 'Apache Full' # 80 + 443
sudo ufw allow 53/tcp # DNS
sudo ufw allow 53/udp # DNS
sudo ufw allow 22/tcp # SSH
πΉ SSL (Letβs Encrypt / Certbot)
# Get certificate (first time)
sudo certbot --apache
# Test renewal (dry run)
sudo certbot renew --dry-run
# Show cert details
sudo certbot certificates
Cert files (auto-managed by Certbot):
/etc/letsencrypt/live/it-india.net/fullchain.pem
/etc/letsencrypt/live/it-india.net/privkey.pem
πΉ Logs (for troubleshooting)
# Apache
tail -n 50 /var/log/apache2/error.log
tail -n 50 /var/log/apache2/it-india.net_error.log
# DNS
journalctl -u named -n 50
πΉ Sanity Checks
# HTTP (should redirect)
curl -I http://it-india.net
# HTTPS (should return 200 OK)
curl -I https://www.it-india.net
β With this cheat-sheet, you can restart, debug, or reissue anything without digging through docs.
Admins having resources on Google cloud want to watch UFW rules in GCP as well, see below:
