LAMP + DNS + SSL Cheat-sheet for Ubuntu Part – 1

πŸš€ The cheat-sheet root users love.

πŸ”Ή Apache

# Check Apache status
systemctl status apache2

# Reload / Restart Apache
sudo systemctl reload apache2
sudo systemctl restart apache2

# Test config
sudo apache2ctl configtest

πŸ”Ή DNS (Bind9 / named)

# Check config syntax
sudo named-checkconf

# Check a zone file
sudo named-checkzone it-india.net /etc/bind/zones/db.it-india.net

# Restart DNS
sudo systemctl restart named

# Query DNS locally
dig @127.0.0.1 it-india.net
dig @127.0.0.1 www.it-india.net

# Query DNS externally (use server IP)
dig @35.236.67.214 it-india.net

πŸ”Ή Firewall (ufw)

# Status
sudo ufw status

# Open ports
sudo ufw allow 'Apache Full'   # 80 + 443
sudo ufw allow 53/tcp          # DNS
sudo ufw allow 53/udp          # DNS
sudo ufw allow 22/tcp          # SSH

πŸ”Ή SSL (Let’s Encrypt / Certbot)

# Get certificate (first time)
sudo certbot --apache

# Test renewal (dry run)
sudo certbot renew --dry-run

# Show cert details
sudo certbot certificates

Cert files (auto-managed by Certbot):

  • /etc/letsencrypt/live/it-india.net/fullchain.pem
  • /etc/letsencrypt/live/it-india.net/privkey.pem

πŸ”Ή Logs (for troubleshooting)

# Apache
tail -n 50 /var/log/apache2/error.log
tail -n 50 /var/log/apache2/it-india.net_error.log

# DNS
journalctl -u named -n 50

πŸ”Ή Sanity Checks

# HTTP (should redirect)
curl -I http://it-india.net

# HTTPS (should return 200 OK)
curl -I https://www.it-india.net

βœ… With this cheat-sheet, you can restart, debug, or reissue anything without digging through docs.

Admins having resources on Google cloud want to watch UFW rules in GCP as well, see below:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

No Ads, No Buy Buttons! IT-INDIA.org