Scams in Binary Options - Blacklist of Brokers and Services

Binary Options SCAMS - Check out my new page with proven blacklisted binary options services

submitted by JonathanQ11 to binaryoption [link] [comments]

Addressing recent controversies + A new idea for the Trusted Sellers list.

Hello everyone. I just took a brief hiatus from moderating, as I’ve been in the process of a major post-graduation move. I just caught up with some of the recent controversy regarding Will, and we did a thorough investigation on the matter. Unfortunately, we found evidence of bad faith on the side of the primary individual attacking Will, including usage of alternate accounts to fake grassroots momentum in the "petition” to remove (which he deleted, after being found out), as well as strong suspicions of vote manipulation. Luckily, nothing worthy of an exposé post, like the last time this happened. We have no reason to believe that his motives were more nefarious than simply getting the attention and gratification of being a Cancel Culture Star. But suffice it to say, we are disinclined to bow to his attempt to “cancel” Will.
That said, Will is far from innocent. Most of the comments on the individuals posts were not fake and/or motivated for the same reasons as the user behind the main posts. We identified many issues via customer anecdotes and examples of Will’s (un)professional manner, which will not continue to fly as a trusted seller on this board. Will is going to be on thin ice for the time being, and despite being an OG seller on Repsneakers, we are not opposed to removing or even blacklisting him from the TS list if issues persist.
Onto the next topic: It is unfortunate that we have had to remove several trusted sellers recently, and I have come to the realization that the current system is not optimal in the way list removals are handled. For example, until a few months ago, UABat was one of the most popular sellers on this subreddit. But he was recently removed from the TS list. Despite this removal, he still appears to be dedicated to making amends with the community, and climbing out of the hole he dug himself into. Not good enough to be on the TS list. Not bad enough to be on the blacklist...
So what do we do about these situations where we have sellers have solid history of good service, but go through rough patches which cause loss of confidence by the community? Simply being removed from the list and forgotten/shunned doesn’t seem to be the best answer.
The solution may be a third section for the purpose of further distinguishing the many sellers on this board. The idea is to categorize sellers in a less polarizing way than the simply binary (tri-nary?) "on the list", "off the list", or "blacklisted". We would call this section “New/Probationary Sellers”, which is yet another idea adopted from our grandfather community, RWI Forum.
In this section, we would post profiles for new or new-to-Repsneakers sellers which have established a positive/neutral reputation on Repsneakers, but not yet to the extent that they belong on the TS list. We would also migrate profiles for sellers which were previously on the TS list, but fell out of favor with the community for reasons which did not justify blacklisting. Sellers on this "NP list” will have the opportunity to move up to the TS list if they prove their commitment to the community.
The primary purpose of the pinned post is to provide easily-accessible information on the full breadth of sellers on this board, including those which should be avoided (the blacklist). Merely removing sellers from the TS list does the community a disservice, because users will be left with questions about why ‘x’ seller is not on the list, but also isn’t blacklisted. I believe creating a fuller picture of the marketplace options will have a positive effect. It may also result in probationary sellers finding more motivation to earn their place back on the TS list, and remain there.
This may apply to all or most of the recent removals from the TS List, such as Vicky and UABat, as well as new sellers like Firecloud and Wedosneakers.
Let me know what you guys think of the idea. I hope all my fellow Americans had a good Independence Day! 🇺🇸
submitted by Walt_F to Repsneakers [link] [comments]

what is this i just downloaded (youtube code?)

so this is kinda a wierd story. I was planning to restart my computer. (cant remember why) I spend most of my time watching youtube videos so i had alot of tabs open. So i was watching the videos then deleting the tab but not opening new tabs. So i was down 2 i think 1 it was a pretty long video so i tried to open a youtube home page tab just to look while i listened to the video. And this is a short exerp of what i got.





YouTube











submitted by inhuman7773 to techsupport [link] [comments]

Nvidia, It thinks its using it but its not.

Recently had a hard drive go bad, was previously configured correctly, however did do a recent version upgrade.While I have purged and reinstalled, how I am installing is: [email protected]:~$ sudo add-apt-repository ppa:graphics-drivers/ppa , [email protected]:~$ sudo apt update , [email protected]:~$ sudo ubuntu-drivers autoinstall
My system current status, it displays graphics it boots, however the options in change screen size and add additional monitors are unavailable although they were previously, also graphics appear to have no hardware support.
[email protected]:**~**$ lsb_release -a No LSB modules are available.Distributor ID: UbuntuDescription: Ubuntu 18.04.4 LTSRelease: 18.04Codename: bionic
[email protected]:**~**$ lspci | grep VGA01:00.0 VGA compatible controller: NVIDIA Corporation GP104 [GeForce GTX 1080] (rev a1)
[email protected]:**~**$ cat /proc/drivenvidia/version NVRM version: NVIDIA UNIX x86_64 Kernel Module 440.26 Sun Oct 13 18:00:57 UTC 2019GCC version: gcc version 8.3.0 (Ubuntu 8.3.0-6ubuntu1)
[email protected]:~$ cat /valog/gpu-manager.log log_file: /valog/gpu-manager.log last_boot_file: /valib/ubuntu-drivers-common/last_gfx_boot new_boot_file: /valib/ubuntu-drivers-common/last_gfx_boot can't get module info via kmodcan't access /opt/amdgpu-pro/bin/amdgpu-pro-px Looking for nvidia modules in /lib/modules/5.0.0-38-generic/updates/dkms Looking for amdgpu modules in /lib/modules/5.0.0-38-generic/updates/dkms Is nvidia loaded? yes Was nvidia unloaded? no Is nvidia blacklisted? no Is intel loaded? no Is radeon loaded? no Is radeon blacklisted? no Is amdgpu loaded? no Is amdgpu blacklisted? no Is amdgpu versioned? no Is amdgpu pro stack? no Is nouveau loaded? no Is nouveau blacklisted? yes Is nvidia kernel module available? no Is amdgpu kernel module available? no VendoDevice Id: 10de:1b80 BusID "PCI:[email protected]:0:0" Is boot vga? yes Skipping "/dev/dri/card0", driven by "nvidia-drm" Skipping "/dev/dri/card0", driven by "nvidia-drm" Skipping "/dev/dri/card0", driven by "nvidia-drm" Skipping "/dev/dri/card0", driven by "nvidia-drm" Does it require offloading? no last cards number = 1 Has amd? no Has intel? no Has nvidia? yes How many cards? 1 Has the system changed? No Single card detected Nothing to do [email protected]:~$
o [email protected]:~$ dpkg -l | grep -i nvidia ii libnvidia-cfg1-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVIDIA binary OpenGL/GLX configuration library ii libnvidia-common-440 440.100-0ubuntu0.18.04.1 all Shared files used by the NVIDIA libraries ii libnvidia-compute-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVIDIA libcompute package ii libnvidia-compute-440:i386 440.100-0ubuntu0.18.04.1 i386 NVIDIA libcompute package ii libnvidia-decode-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVIDIA Video Decoding runtime libraries ii libnvidia-decode-440:i386 440.100-0ubuntu0.18.04.1 i386 NVIDIA Video Decoding runtime libraries ii libnvidia-encode-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVENC Video Encoding runtime library ii libnvidia-encode-440:i386 440.100-0ubuntu0.18.04.1 i386 NVENC Video Encoding runtime library ii libnvidia-extra-440:amd64 440.100-0ubuntu0.18.04.1 amd64 Extra libraries for the NVIDIA driver ii libnvidia-fbc1-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVIDIA OpenGL-based Framebuffer Capture runtime library ii libnvidia-fbc1-440:i386 440.100-0ubuntu0.18.04.1 i386 NVIDIA OpenGL-based Framebuffer Capture runtime library ii libnvidia-gl-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVIDIA OpenGL/GLX/EGL/GLES GLVND libraries and Vulkan ICD ii libnvidia-gl-440:i386 440.100-0ubuntu0.18.04.1 i386 NVIDIA OpenGL/GLX/EGL/GLES GLVND libraries and Vulkan ICD ii libnvidia-ifr1-440:amd64 440.100-0ubuntu0.18.04.1 amd64 NVIDIA OpenGL-based Inband Frame Readback runtime library ii libnvidia-ifr1-440:i386 440.100-0ubuntu0.18.04.1 i386 NVIDIA OpenGL-based Inband Frame Readback runtime library ii nvidia-compute-utils-440 440.100-0ubuntu0.18.04.1 amd64 NVIDIA compute utilities ii nvidia-dkms-440 440.100-0ubuntu0.18.04.1 amd64 NVIDIA DKMS package ii nvidia-driver-440 440.100-0ubuntu0.18.04.1 amd64 NVIDIA driver metapackage ii nvidia-kernel-common-440 440.100-0ubuntu0.18.04.1 amd64 Shared files used with the kernel module ii nvidia-kernel-source-440 440.100-0ubuntu0.18.04.1 amd64 NVIDIA kernel source package ii nvidia-modprobe 384.111-2 amd64 utility to load NVIDIA kernel modules and create device nod es ii nvidia-prime 0.8.8.2 all Tools to enable NVIDIA's Prime ii nvidia-settings 440.64-0ubuntu0~0.18.04.1 amd64 Tool for configuring the NVIDIA graphics driver ii nvidia-utils-440 440.100-0ubuntu0.18.04.1 amd64 NVIDIA driver support binaries ii xserver-xorg-video-nvidia-440 440.100-0ubuntu0.18.04.1 amd64 NVIDIA binary Xorg driver
[email protected]:**~**$ nvidia-settings
ERROR: An internal driver error occurred
ERROR: Unable to load info from any available system
(nvidia-settings:2032): GLib-GObject-CRITICAL **: 14:59:48.082: g_object_unref: assertion 'G_IS_OBJECT (object)' failed** Message: 14:59:48.086: PRIME: No offloading required. Abort** Message: 14:59:48.086: PRIME: is it supported? no
[email protected]:**~**$ sudo nvidia-modprobe
[email protected]:**~**$ sudo lsof /dev/nvidia*
[email protected]:**~**$ nvidia-smi Failed to initialize NVML: Drivelibrary version mismatch
submitted by netfire4 to linuxquestions [link] [comments]

1xbet: Global scam, piracy, fraud and money laundering!

Hello,
This may come of no surprise to some, but I'm here to discuss and expose the company (and it's plethora of aliases) known as 1xbet.com
1xbet was on track to become the world's leading online gambling operator, they are current sponsors of FC Barcelona and the African Football Association and other partnerships on the way.
Promoting illegal sports and video piracy they were rapidly banned in the UK, and their contracts with Chelsea and Tottenham terminated. They are also financially blacklisted in Russia their home country.

1xbet use a variety of proxies and aliases to circumvent and distribute their website to every location around the world.
They also operate under a number of different brand names: 1xbit stavkabet.kz astekbet betwinner melbet betandyou 22bet fan-sport.com db-bet.com pegas.bet xparibet sportloto99.com
Having been denied the use of PayPal platform, they use third party personal accounts to collect deposits on their behalf. Also providing deposit methods through a multitude of crypto currencies and obscure payment processors.

My experience was the same as thousands of others, and had an account with them for years. Deposits are immediate, however an attempt to withdraw triggers a series of loops and obstacles over months that ultimately consist of preventing the customer from receiving their money, with no explanation. This involves providing your entire life history and ridiculous information. I was put through this on three occasions, before I was ignored and funds forfeit.
Their only method of support is an email address which consists of one line replies, no agent names, and inconsistent messages.

A simple search on Google will bring up thousands of pages of user complaints and scam reports.
Delving further into this company, there is no information on staff, management or headquarters.

Their permanent residence is registered in Cyprus to a MS KYRIAKI KOSTIKIAN.
Evgeniy Kiriushin is head of business development.
MR KOSTIKIAN has hundreds of companies to his name, the corruption delves further. He was charged with defrauding €60m from investors back in 2015, in which he subsequently fled the country: https://www.thisismoney.co.uk/money/experts/article-3034903/TONY-HETHERINGTON-Half-money-vanishes-murky-tangle-binary-options.html
I have been in touch with the Curacao eGaming Authority, who have little interest in mediating these issues, 1xbet even failed to reply to their initial courtesy email and it is fair to say the licensor is complicit in facilitating these operations. Their revenues and underhand profits being the most likely factor.
Curacao is essentially lawless in this regard, I can only imagine the amount of money laundering and corruption involved.
How this company is able to continue to operate in this illicit manner, without regulations, accountability and absolute disregard to consumers and the law is a complete disgrace.
Please feel free to discuss this further and share any additional information!
submitted by prst8 to sportsbook [link] [comments]

Can't install: "pihole-FTL: no process found" and "DNS service is NOT running"

Hi, I'm having problems installing pihole on a raspberry pi.
I installed using method 2:
wget -O basic-install.sh https://install.pi-hole.net sudo bash basic-install.sh
The dashboard says DNS Service is not running.
Here is the output from pihole -r:
 [✓] Root user check .;;,. .ccccc:,. :cccclll:. ..,, :ccccclll. ;ooodc 'ccll:;ll .oooodc .;cll.;;looo:. .. ','. .',,,,,,'. .',,,,,,,,,,. .',,,,,,,,,,,,.... ....''',,,,,,,'....... ......... .... ......... .......... .......... .......... .......... ......... .... ......... ........,,,,,,,'...... ....',,,,,,,,,,,,. .',,,,,,,,,'. .',,,,,,'. ..'''. [i] Existing PHP installation detected : PHP version 7.3.14-1~deb10u1 [i] Repair option selected [✓] Disk space check [✓] Update local cache of available packages [✓] Checking apt-get for upgraded packages... up to date! [i] Installer Dependency checks... [✓] Checking for dhcpcd5 [✓] Checking for git [✓] Checking for iproute2 [✓] Checking for whiptail [i] SELinux not detected [i] Performing reconfiguration, skipping download of local repos [✓] Resetting repository within /etc/.pihole... [✓] Resetting repository within /vawww/html/admin... [i] Main Dependency checks... [✓] Checking for cron [✓] Checking for curl [✓] Checking for dnsutils [✓] Checking for iputils-ping [✓] Checking for lsof [✓] Checking for netcat [✓] Checking for psmisc [✓] Checking for sudo [✓] Checking for unzip [✓] Checking for wget [✓] Checking for idn2 [✓] Checking for sqlite3 [✓] Checking for libcap2-bin [✓] Checking for dns-root-data [✓] Checking for libcap2 [✓] Checking for lighttpd [✓] Checking for php7.3-common [✓] Checking for php7.3-cgi [✓] Checking for php7.3-sqlite3 [✓] Checking for php7.3-xml [✓] Checking for php-intl [✓] Enabling lighttpd service to start on reboot... [✓] Checking for user 'pihole' [i] FTL Checks... [✓] Detected ARM-hf architecture (armv6 or lower) Using ARM binary [i] Checking for existing FTL binary... [i] Latest FTL Binary already installed (v5.0). Confirming Checksum... [i] Checksum correct. No need to download! perl: warning: Setting locale failed. perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LC_TERMINAL = "iTerm2", LC_CTYPE = "UTF-8", LANG = "en_GB.UTF-8" are supported and installed on your system. perl: warning: Falling back to a fallback locale ("en_GB.UTF-8"). [✓] Installing scripts from /etc/.pihole [i] Installing configs from /etc/.pihole... [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone! [✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf [i] Installing blocking page... [✓] Creating directory for blocking page, and copying files [i] Backing up index.lighttpd.html No default index.lighttpd.html file found... not backing up [✓] Installing sudoer file [✓] Installing latest Cron script [✓] Installing latest logrotate script [i] Backing up /etc/dnsmasq.conf to /etc/dnsmasq.conf.old [✓] man pages installed and database updated [i] Testing if systemd-resolved is enabled [i] Systemd-resolved is not enabled [✓] Restarting lighttpd service... [✓] Enabling lighttpd service to start on reboot... [i] Restarting services... [✓] Enabling pihole-FTL service to start on reboot... [✓] Restarting pihole-FTL service... [✓] Deleting existing list cache [i] Neutrino emissions detected... [✓] Pulling blocklist source list into range [✓] Preparing new gravity database [i] Target: https://raw.githubusercontent.com/StevenBlack/hosts/mastehosts [✓] Status: Retrieval successful [i] Received 57671 domains [i] Target: https://mirror1.malwaredomains.com/files/justdomains [✓] Status: Retrieval successful [i] Received 26853 domains [i] Target: https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt [✓] Status: Retrieval successful [i] Received 34 domains [i] Target: https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt [✓] Status: Retrieval successful [i] Received 2701 domains [✓] Storing downloaded domains in new gravity database [✓] Building tree [✓] Swapping databases [i] Number of gravity domains: 87259 (84818 unique domains) [i] Number of exact blacklisted domains: 0 [i] Number of regex blacklist filters: 0 [i] Number of exact whitelisted domains: 0 [i] Number of regex whitelist filters: 0 [✗] pihole-FTL: no process found [✓] Cleaning up stray matter [✓] Restarting DNS server [✗] DNS service is NOT running [i] The install log is located at: /etc/pihole/install.log Update Complete! Current Pi-hole version is v5.0. Current AdminLTE version is v5.0. Current FTL version is v5.0. 
I tried apt-get upgrade and uninstalling and reinstalling a few times. Searching for the error all I find are old posts and the solutions don't seem to work.
What logs would I need to look?
Edit: debug token: k87a8bs9jb
submitted by andres_i to pihole [link] [comments]

Selenium Headless Getting Detected on Remote Linux(Ubuntu) vs Undetected On Mac

I am working on a white hat side project, my intention is to scrape behind a login screen of my own data so that I can plot it :)

I am able to run the code on local env (mac os/ details below) it logins in and able to go to the desired behind login page.

However when promoted to remote linux server (ubuntu/ details below) it fails to login and is rerouted back to login page.

At first I thought it was ip/ dns registering as blacklisted but then I ran both behind a nordvpn (server: us5793) and was still getting the same result: (Works on local not on Remote)

*This is the same result for local env and remote env*
IP Location | Chicago, Illinois (US)
-- | --
NordVPN
64.44.80.68, 198.143.57.3
Mac OS X
Chrome 83.0.4103.97
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
1920px X 1080px
Enabled
Enabled


The expected result is that the function below returns success in finding the "mytrips" text within the html. This indicates the login was a success.

**My Speculation** Is one of two things,
1 the chromedriver binary responds differently to the `cdc` replacement you do in your code acts differently in my linux env
2 the way javascript is reinjected back into the code isn't correctly working in linux.



Other found resources:
[How to inject JS and beat detection](https://intoli.com/blog/not-possible-to-block-chrome-headless/)
[Many Tests for bot indication](https://antoinevastel.com/bots)
[general chrome headless](https://arh.antoinevastel.com/bots/areyouheadless) *My code passes this for both environments*


I'm going to continue hacking away at this thing and would love to help develop a solution for this and other things moving forward :) , Ideally would love to have the equivalent of the networking tab in inspect to debug these things.



'''
Local MacOS (success) -- Login Success
sys.platform: darwin
sysname: Darwin
version: Darwin Kernel Version 19.3.0: Thu Jan 9 20:58:23 PST 2020; root:xnu-6153.81.5~1/RELEASE_X86_64
release: 19.3.0
machine: x86_64
selenium : 3.141.0
'''

Tried this in python3.6 & 3.8. No luck on either.
```
Remote Linux(fail) -- Login Fail -- Shouldn't matter with vpn, but this lives in AWS Ec2
sys.platform: linux
sysname: Linux
version: #21~18.04.1-Ubuntu SMP Mon May 11 12:33:03 UTC 2020
release: 5.3.0-1019-aws
machine: x86_64
selenium : 3.141.0
```

achieved running behind nordvpn with a shell script
```
#!/bin/bash

echo "Executing Nord VPN"
nordvpn connect us5793


echo "Executing Python"
python3.8 /home/ubuntu/test.py

echo "Disconnecting VPN"
nordvpn disconnect
```



**Created a fake account for you to test on as well **


```
import os
import sys


print(f""" \n
sys.platform: {sys.platform}
sysname: {os.uname().sysname}
version: {os.uname().version}
release: {os.uname().release}
machine: {os.uname().machine}
\n
""")

import undetected_chromedriver as uc
uc.install() #important this is first
from selenium.webdriver import Chrome, ChromeOptions
from selenium.webdriver.support import expected_conditions as EC
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.common.by import By
from bs4 import BeautifulSoup

from time import sleep



class BotDriver:
def __init__(self,username, pw, start_url, url_behind_login, headless_input = True):
self.username = username
self.pw = pw
chrome_options = ChromeOptions()
chrome_options.headless = headless_input
chrome_options.add_argument("--incognito")
chrome_options.add_argument('--disable-extensions')
chrome_options.add_argument("--start-maximized")

self.driver = Chrome(chrome_options=chrome_options)
self.start_url = start_url
self.url_behind_login = url_behind_login
self.driver.get('https://www.iplocation.net/')
self.driver.get_screenshot_as_file(f"iplocation.png")
self.driver.get(start_url)
self.waitdriver = WebDriverWait( self.driver, 10)

def get_element(self,findby,argument_to_click):
element = self.waitdriver.until(EC.element_to_be_clickable((findby, argument_to_click)))

return element
def slow_keys(self,input_keys,element,speed=.2):
for character in input_keys:
sleep(speed)
element.send_keys(character)
sleep(1)
def main(self):
element0 = self.get_element( By.LINK_TEXT,"Sign In or Join" )
element0.click()
element1 = self.get_element( By.XPATH,'//*[@id="user-id"]' )
element1.click()
self.slow_keys(self.username,element1)
element2 = self.get_element( By.XPATH,'//*[@id="password"]' )
element2.click()
self.slow_keys(self.pw,element2)
self.driver.get_screenshot_as_file(f"before_submit.png")
element3 = self.get_element( By.XPATH,"//button[@name='submitButton']" )
element3.click()
self.driver.get_screenshot_as_file(f"after_submit.png")
sleep(3)
#test string to find
soup = BeautifulSoup(self.driver.page_source, 'lxml')
test = soup.body.findAll(text='My Trips')
if len(test) > 1:
print(f'\n\n\n Login Success ({test} len {len(test)})\n\n\n')
else:
print(f'\n\n\n Login failed ({test} len {len(test)})\n\n\n')
self.driver.get(self.url_behind_login)
self.driver.get_screenshot_as_file(f"last.png")

if __name__ == "__main__":
username = input('Enter your login email: ')
pw = input('Enter your login pw: ')
start_url = 'https://www.marriott.com/default.mi'
url_behind_login = 'https://www.marriott.com/loyalty/findReservationList.mi'
pbd = BotDriver(username, pw, start_url, url_behind_login, headless_input = True)
pbd.main()

```
*Quick update: * I am still getting this issue. To extract variables from the equation, IE Ubuntu vs Mac os and Local vs Amazon, I'm spinning up a ubuntu instance on an old mac mini to see if the code can run there.
Will update on how it goes!
submitted by jkail1011 to selenium [link] [comments]

SecureBoot - Using Custom Keys with OpenCore

Does anyone have any experience getting OpenCore to work with SecureBoot using custom SecureBoot keys?
I recently started work on an XPS 15 9570 Hackintosh build centered around OpenCore, essentially forked from https://github.com/xxxzc/xps15-9570-macos.
Currently, the macOS install and all features of OpenCore work perfectly using the above configuration with SecureBoot disabled. I am aware of the usual requirement to disable SecureBoot as the BOOTx64.efi and OpenCore.efi binaries ship with no signature valid under Microsoft's SecureBoot keys (indeed they ship completely unsigned.)
However, I still want to take advantage of the security benefits which SecureBoot gives its users.
Therefore, I have replaced the SecureBoot Platform Key (PK), Key Exchange Key (KEK), database key (db) and database blacklist key (dbx) with my own keys as detailed in this article. I normally run Linux, and have verified that these keys are in fact installed in the the firmware as they successfully verify my custom-signed linux kernel + efi boot stub.
In theory, it is possible to sign ANY EFI binary with your custom signing keys to make them work with this custom SecureBoot setup. I have, in various combinations, signed every EFI binary provided by OpenCore and all of the driver EFI binaries to no avail. The custom-signed OpenCore.efi DOES successfully launch with SecureBoot enabled, however my mac partition does not appear under the list of boot options. I am certain I am not invalidating the OpenCore.efi binary by signing it because the signed OpenCore.efi DOES detect the mac partition when SecureBoot is disabled.
I have so far tried the following configurations without any of them being able to detect my hackintosh's APFS boot partition:
All of these configurations work fine with SecureBoot disabled, and none of them are able to detect the APFS filesystem when SecureBoot is enabled.
The setup uses ApfsDriverLoader.efi to read APFS filesystems. I suspect the issue may lay in how this EFI binary works with SecureBoot.
To test my theory, I booted into a signed EFI shell, loaded the ApfsDriverLoader.efi driver and mapped out the visible filesystems. This was done once with SecureBoot off and once with SecureBoot on.
I'm wondering if maybe ApfsDriverLoader.efi is loading in a dependency that isn't signed by my custom SecureBoot keys? Do EFI binaries loaded by signed EFI binaries need to themselves be signed in order to work with SecureBoot?
I have included boot logs for two boot attempts, one with SecureBoot disabled and the other with SecureBoot enabled. https://gist.github.com/andrewnicolalde/62dc76265173bcd18fa6ac529923269f
What am I missing guys? I would enormously appreciate any help you could provide as this has had me stumped for almost 3 days now.
submitted by hackintosherSB to hackintosh [link] [comments]

A new Splinter Cell game would be a disaster

What we need is:
  1. A remaster and upgrade of Blacklist with fixed glitches and bugs, improvement of stealth mechanics, more stealth options/pathways to finish each mission, split jump, adjustable running speed, non-binary visibility mode
  2. Remake of all previous games with the remastered and upgraded Blacklist engine
  3. Modding and level-building enabled
I love to dream, ok? fuck you
submitted by Lucianberg to Splintercell [link] [comments]

Ambrosia and Registration

Now that Ambrosia is gone, new registrations are no longer possible, and due to their expiring codes, using legitimate license keys has become difficult. We may hope to see a few of their games revived in the future but at present, only the original releases are available. Perhaps this case study on Ambrosia's registration algorithms will be useful to some.

The Old System

In their earliest days, ASW didn't require registration, but they eventually began locking core features away behind codes. All of their classic titles use the original algorithm by Andrew Welch.
Given a licensee name, number of copies, and game name, the code generator runs through two loops. The first loop iterates over each letter of the capitalized licensee name, adding the ASCII representation of that letter with the number of copies and then rotating the resulting bits. The second loop repeats that operation, only using the game's name instead of the license holder's name.
Beginning with Mars Rising, later games added a step to these loops: XOR the current code with the common hex string $DEADBEEF. However, the rest of the algorithm remained essentially unchanged.
The resulting 32 bits are converted into a text registration code by adding the ASCII offset of $41 to each hex digit. This maps the 32-bit string into 8 characters, but due to the limit of a hex digit to only encode 16 values, codes only contain letters from the first 16 of the alphabet.
The following chart shows an example using a well-known hacked code for Slithereens.
 Iteration 1 ('A' in ANONYMOUS) Name: Anonymous Code = $0 + $41 Number: 100 (hex: $64) -> << 6 ... -> Code = $FD53 FFA0 Game: Slithereens + $64 ^ $DEAD BEEF >> 1 Add $41 to each digit: Registration -> $41 + $F = $50 = P -> Reverse string -> ------------ $41 + $D = $4E = N | AKPPDFNP | ... ------------ 
Here is a Python implementation of the v1 system: aswreg_v1.py
Once you have the bitstring module installed via sudo pip install bitstring, you can test the output yourself with python aswreg_v1.py "Anonymous" 100 "Slithereens".

The New System

As Ambrosia's Matt Slot explains, the old system continued to allow a lot of piracy, so in the early 2000's they decided to switch to a more challenging registration system. This new method was based on polynomial hashing and included a timestamp so that codes could be expired and renewed. Ambrosia now had better control over code distribution, but they assumed their renewal server would never be shut down...
They also took more aggressive steps to reduce key sharing. The registration app checks against a list of blacklisted codes, and if found to be using one, the number of licenses is internally perturbed so that subsequent calculations fail. To combat tampering, your own information can get locally blacklisted in a similar manner if too many failed attempts occur, at least until the license file is deleted. Furthermore, the app attempts to verify the system time via a remote time server to minimize registration by changing the computer's clock.
You can disable the internet connection, set the clock back, and enter codes. There's also a renewal bot for EV: Nova. But let us look at the algorithm more closely.

64-bit Codes

The first noticeable difference is that registration codes in v2 are now 12 digits, containing both letters and numbers. This is due to a move from a 32-bit internal code to a 64-bit one. Rather than add an ASCII offset to hex digits, every letter or number in a new registration code has a direct mapping to a chunk of 5 bits. Using 5 bits per digit supports up to 32 values, or almost all letters of the alphabet and digits up to 9 (O, I, 0, and 1 were excluded given their visual similarities).
The resulting 64 bits (really only 60 because the upper 4 are unused: 12 digits * 5 bits each = 60) are a combination of two other hashes XOR'd together. This is a notable change from v1 because it only used the registration code to verify against the hashing algorithm. Only the licensee name, number of copies, and game name were really used. In v2, the registration code is itself a hash which contains important information like a code's timestamp.

Two Hashes

To extract such information from the registration code, we must reverse the XOR operation and split out the two hashes which were combined. Fortunately, XOR is reversible, and we can compute one of the hashes. The first hash, which I'll call the userkey, is actually quite similar to v1's algorithm. It loops through the licensee name, adding the ASCII value, number of copies, and shifting bits. This is repeated with the game name. An important change is including multiplication by a factor based on the string size.
The second hash, which I'll call the basekey, is the secret sauce of v2; it's what you pay Ambrosia to generate when registering a product. It is not computed by the registration app, but there are several properties by which it must be validated.
The chart below visualizes the relationships among the various hashes, using the well-known "Barbara Kloeppel" code for EV: Nova.
 TEXTCODE: ------------------ | L4B5-9HJ5-P3NB | ------------------ HASH1 (userkey): | calculated from licensee name, | copies, and game name BINCODE: ---------------------- 5 bits per character, /-> | 0x0902f8932acce305 | plus factors & rotation / ---------------------- ---------------------- / | 0x0008ecc1c2ee5e00 | <-- XOR ---------------------- \ \ ---------------------- \-> | 0x090a1452e822bd05 | ---------------------- HASH2 (basekey): generated by Ambrosia, extracted via XOR 

The Basekey

The basekey is where we must handle timestamps and several validation checks. Consider the binary representation of the sample 0x090a1452e822bd05:
binary basekey (above) and indices for reference (below): 0000 1001 0000 1010 0001 0100 0101 0010 1110 1000 0010 0010 1011 1101 0000 0101 b0 b3 b7 b11 b15 b19 b23 b27 b31 b35 b39 b43 b47 b51 b55 b59 b63 

Timestamps

Timestamp are encoded as a single byte comprised of bits indexed at b56,51,42,37,28,23,14,9 from the basekey. In this example, the timestamp is 01100010 or 0x62 or 98.
The timestamp represents the number of fortnights that have passed since Christmas Day, 2000 Eastern time, modulo 256 to fit in one byte. For example, 98 fortnights places the code at approximately October 2004.
Stored as a single byte, there are 256 unique timestamps. This is 512 weeks or about 10 years. Yes, this means that a code's validity rotates approximately once every decade.
After the code's timestamp is read, it is subtracted from the current timestamp (generated from the system clock or network time server if available). The difference must be less than 2, so codes are valid for 4 weeks or about a month at a time.
Of note, Pillars of Garendall has a bug in which the modulo is not taken correctly, so the timestamp corresponding to 0xFF is valid without expiry.

Validity Check

The last three bits, b60-63, contain the sum of all other 3-bit chunks in the basekey, modulo 7. Without the correct number in these bits, the result will be considered invalid.
To this point, we have covered sufficient material to renew licenses. The timestamp can be changed, the last three bits updated, the result XOR'd with the userkey, and finally, the code converted from binary to text.

Factors for Basekey Generation

I was next curious about code generation. For the purposes of this write-up, I have not fully reverse engineered the basekey, only duplicated the aspects which are used for validation. This yields functional keys, just not genuine ones. If the authors of the EV: Nova renewal bot have fully reversed the algorithm, perhaps they will one day share the steps to genuine basekey creation.
One aspect validated by the registration app is that the licensee name, number, and game name can be modified to yield a set of base factors. These are then multiplied by some number and written into the basekey. We do not need the whole algorithm; we simply must check that the corresponding regions in the basekey are multiples of the appropriate factors.
The regions of note in the basekey are f1 = b5-9,47-51,33-37,19-23, f2 = b43-47,29-33,15-19,57-61, and f3 = b24-28,10-14,52-56,38-42. The top 5 bits and f3 are never actually checked, so they can be ignored.
Considering f1 and f2, the values in the sample basekey are 0x25DA and 0x1500, respectively. The base factors are 0x26 and 0x1C, which are multiples by 0xFF and 0xC0, respectively.
Rather than analyze the code in detail, I wrote a small script to translate over the disassembled PPC to Python wholesale. It is sufficient for generating keys to EV: Nova, using the perfectly-valid multiple of 1x, but I have found it fails for other v2 products.

Scripts

Here is a Python implementation for v2: aswreg_v2.py and aswreg_v2core.py
With bitstring installed, you can renew codes like python aswreg_v2.py renew "L4B5-9HJ5-P3NB" "Barbara Kloeppel" 1 "EV Nova" (just sample syntax, blacklisted codes will still fail in the app). There's also a function to check a code's timestamp with date or create a new license with generate.
As earlier cautioned, generating basekeys relies on code copied from disassembled PPC and will likely not work outside EV: Nova. In my tests with other v2 products, all essential parts of the algorithm remain the same, even the regions of the basekey which are checked as multiples of the factors. What differs is the actual calculation of base factors. Recall that these keys were created by Ambrosia outside the local registration system, so the only options are to copy the necessary chunks of code to make passable factors for each product or to fully reverse engineer the basekey algorithm. I've no doubt the factors are an easy computation once you know the algorithm, but code generation becomes less critical when renewal is an option for other games. I leave it to the authors of the Zeus renewal bot if they know how to find these factors more generally.
To renew codes for other games, keep in mind the name must be correct. For instance, Pillars of Garendall is called "Garendall" internally. You can find a game's name by typing a gibberish license in the registration app and seeing what file is created in Preferences. It should be of the form License.
Finally, a couple disclaimers: I have only tested with a handful of keys, so my interpretations and implementations may not be completely correct. YMMV. Furthermore, these code snippets are posted as an interesting case study about how a defunct company once chose to combat software piracy, not to promote piracy. Had Ambrosia remained operational, I'm sure we would have seen a v3 registration system or a move to online-based play as so many other games are doing today, but I hope this has been helpful for those who still wish to revisit their favorite Ambrosia classics.
submitted by asw_anon to evnova [link] [comments]

Can't Access Admin Interface

I have had Pihole and Wireguard running on Digital Ocean droplet for quite a while. Today, I decided to upgrade Pihole to Version 5 and after doing so, it seems that am no longer able to access the admin interface.
Both pihole and WG appear to be operating correctly as when I turn off the VPN connection on my phone I start to see ads appearing in certain apps (they disappear when I restore the VPN). In addition to updating to V5 I also ran pihole - r as I wanted to revert to using the default block-lists. I specified the WG0 interface for Pihole to listen on when I reconfigured (see below). Was this correct?
Can anyone shed some insight into why I'm unable to access the admin interface?

[i] Existing PHP installation detected : PHP version 7.2.24-0ubuntu0.18.04.4
[i] Reconfigure option selected
[✓] Disk space check
[✓] Update local cache of available packages
[✓] Checking apt-get for upgraded packages... up to date!
[i] Installer Dependency checks...
[✓] Checking for dhcpcd5
[✓] Checking for git
[✓] Checking for iproute2
[✓] Checking for whiptail
[i] SELinux not detected
[i] Using interface: wg0
[i] Using upstream DNS: DNS.WATCH (84.200.69.80, 84.200.70.40)
[i] Static IP already configured
[i] Found IPv6 ULA address, using it for blocking IPv6 ads
[i] IPv4 address: xxxxxxxxxxxxxxxx
[i] IPv6 address: xxxxxxxxxxxxxxx
[i] Web Interface On
[i] Web Server On
[i] Logging On.
[i] Privacy level 0 [i] Performing reconfiguration, skipping download of local repos
[✓] Resetting repository within /etc/.pihole...
[✓] Resetting repository within /vawww/html/admin...
[i] Main Dependency checks...
[✓] Checking for cron
[✓] Checking for curl
[✓] Checking for dnsutils
[✓] Checking for iputils-ping
[✓] Checking for lsof
[✓] Checking for netcat
[✓] Checking for psmisc
[✓] Checking for sudo
[✓] Checking for unzip
[✓] Checking for wget
[✓] Checking for idn2
[✓] Checking for sqlite3
[✓] Checking for libcap2-bin
[✓] Checking for dns-root-data
[✓] Checking for libcap2
[✓] Checking for lighttpd
[✓] Checking for php7.2-common
[✓] Checking for php7.2-cgi
[✓] Checking for php7.2-sqlite3
[✓] Checking for php7.2-xml
[✓] Checking for php-intl
[✓] Enabling lighttpd service to start on reboot...
[✓] Checking for user 'pihole'
[i] FTL Checks...
[✓] Detected x86_64 architecture
[i] Checking for existing FTL binary...
[i] Latest FTL Binary already installed (v5.0). Confirming Checksum...
[i] Checksum correct. No need to download!
[✓] Installing scripts from /etc/.pihole
[i] Installing configs from /etc/.pihole...
[i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
[✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf
[i] Installing blocking page...
[✓] Creating directory for blocking page, and copying files
[i] Backing up index.lighttpd.html
No default index.lighttpd.html file found... not backing up
[✓] Installing sudoer file
[✓] Installing latest Cron script
[✓] Installing latest logrotate script
[i] Backing up /etc/dnsmasq.conf to /etc/dnsmasq.conf.old
[✓] man pages installed and database updated
[i] Testing if systemd-resolved is enabled
[i] Systemd-resolved does not need to be restarted
[✓] Restarting lighttpd service...
[✓] Enabling lighttpd service to start on reboot...
[i] Restarting services...
[✓] Enabling pihole-FTL service to start on reboot...
[✓] Restarting pihole-FTL service...
[✓] Deleting existing list cache
[i] Neutrino emissions detected...
[✓] Pulling blocklist source list into range
[✓] Preparing new gravity database
[i] Target: https://raw.githubusercontent.com/StevenBlack/hosts/mastehosts
[✓] Status: Retrieval successful
[i] Received 57671 domains
[i] Target: https://mirror1.malwaredomains.com/files/justdomains
[✓] Status: Retrieval successful
[i] Received 26853 domains
[i] Target: http://sysctl.org/cameleon/hosts
[✓] Status: Retrieval successful
[i] Received 20567 domains
[i] Target: https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
[✓] Status: Retrieval successful
[i] Received 0 domains
[i] Target: https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
[✓] Status: Retrieval successful
[i] Received 34 domains
[i] Target: https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
[✓] Status: Retrieval successful
[i] Received 2701 domains
[i] Target: ttps://v.firebog.net/hosts/AdguardDNS.txt
[✗] Status: Connection Refused
[✗] List download failed: no cached list available
[i] Target: ttps://v.firebog.net/hosts/Easyprivacy.txt
[✗] Status: Connection Refused
[✗] List download failed: no cached list available
[i] Target: https://v.firebog.net/hosts/Prigent-Ads.txt
[✓] Status: Retrieval successful
[i] Received 3670 domains
[i] Target: https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/masteSmartTV.txt
[✓] Status: Retrieval successful
[i] Received 197 domains
[i] Target: https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/masteAmazonFireTV.txt
[✓] Status: Retrieval successful
[i] Received 17 domains
[i] Target: https://v.firebog.net/hosts/Prigent-Malware.txt
[✓] Status: Retrieval successful
[i] Received 53095 domains
[i] Target: https://mirror.cedia.org.ec/malwaredomains/immortal_domains.txt
[✓] Status: Retrieval successful
[i] Received 3196 domains
[i] Target: https://www.malwaredomainlist.com/hostslist/hosts.txt
[✓] Status: Retrieval successful
[i] Received 1104 domains
[i] Target: https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
[✓] Status: Retrieval successful
[i] Received 134925 domains
[i] Target: https://raw.githubusercontent.com/anudeepND/blacklist/masteadservers.txt
[✓] Status: Retrieval successful
[i] Received 42594 domains
[i] Target: https://v.firebog.net/hosts/static/SamsungSmart.txt
[✓] Status: Retrieval successful
[i] Received 60 domains
[✓] Storing downloaded domains in new gravity database
[✓] Building tree
[✓] Swapping databases
[i] Number of gravity domains: 346684 (297043 unique domains)
[i] Number of exact blacklisted domains: 34
[i] Number of regex blacklist filters: 24
[i] Number of exact whitelisted domains: 265
[i] Number of regex whitelist filters: 0
[✓] Flushing DNS cache
[✓] Cleaning up stray matter
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled
[i] View the web interface at http://pi.hole/admin or http:/xx.xx.xx.xx/admin
[i] You may now configure your devices to use the Pi-hole as their DNS server
[i] Pi-hole DNS (IPv4): xxxxxxxxxxxx
[i] Pi-hole DNS (IPv6): xxxxxxxxxxxxx
[i] If you set a new IP address, please restart the server running the Pi-hole
[i] The install log is located at: /etc/pihole/install.log
submitted by GentleSoul22 to pihole [link] [comments]

DS Video doesn't play DTS despite ffmpeg (DS216Play)

Installed ffmpeg via the Syno community. Still get the "Format not supported" error in DS Video. Any ideas how I might fix this?

Edit:
For future reference, Synology removed DTS support (among other things). To get it back, install ffmpeg via the community packages, then run the following code via SSH as root (Source 1, Source 2):

# replace old ffmpeg binary by the one from the community package, and filter unsupported "hls_seek_time" option mv /vapackages/VideoStation/target/bin/ffmpeg /vapackages/VideoStation/target/bin/ffmpeg.old echo H4sIAMiai1wAA32SMU/DMBCF9/sVhxuhBhRMWatUXRgYEAOiS1VVbnJOrCaxFZsyAP+d2KlQUgU8WXf33vN98uyKH1TDD8KWADPKSo0sWjNcrZC72nApa0PFXaULANEWNp3H8FGqinC7xWiGSeHwHnc7yDVkwlKnXjBUDWB3krKye0t03DtVUxxqtlTShduomXpdKC+XvVZdztf6pAZz/jW36ZwlioXQeKi+iUczwzZZkUHvmuuGfrd+ftk8PWKKUciZJqAk8pNouRHZURRk+UblpF+dcEo33HVx5AJPKU2rD57G2e1hdb3ALyxaMsjeGvtujG4d5ZjpnDK2RFdSgNap03FG/4Cxu68AVZZgSGJE1FMZF+Jp/793CIvrKgepACw5TJLO9NPnbde7b3ZGF3XTU7j+/059d4py8PMy+AEpctu1ngIAAA==|base64 -d|gunzip > /vapackages/VideoStation/target/bin/ffmpeg chown VideoStation:VideoStation /vapackages/VideoStation/target/bin/ffmpeg chmod 755 /vapackages/VideoStation/target/bin/ffmpeg # remove "eac3" from blacklisted codecs in LibSynoVTE::ArgumentHelper::AbleToDecodeAudioByCodec() cp /vapackages/VideoStation/target/lib/libsynovte.so /vapackages/VideoStation/target/lib/libsynovte.so.old sed -i 's/eac3/ZXXZ/' /vapackages/VideoStation/target/lib/libsynovte.so 

submitted by subvertedexpectation to synology [link] [comments]

Problem running php on nginx ubuntu (files get downloaded)

Hi everyone,
I'm very new to php and ran into some issue that I have been trying to fix for a couple of hours.
I have setup Nginx on ubuntu 19.10, and installed php7.4-fpm. But whenever I try to open a file like index.php, located in my root folder /vawww/html (so localhost/index.php) it will download the file instead of running it.
Nginx is not communicating with php7.4-fpm, is my guess, but I can not find the mistake in my configuration files..

Could anyone take a look and spot what would be wrong.
Below I've put the files, in order
  1. /etc/nginx/fastcgi.conf:
  2. /etc/nginx/fastcgi_params:
  3. /etc/nginx/sites-enabled/server.conf
  4. /etc/nginx/mime.types
  5. /etc/php/7.4/fpm/php-fpm.conf
  6. /etc/php/7.4/fpm/pool.d/www.conf
  7. selection of /etc/php/7.4/fpm/php.ini since posting it all is too long
  8. output service nginx status & service php7.4-fpm status

If I'm looking at the wrong files or something and the error could be located elsewhere please guide me in the right direction.
And if you already read this far, I would like to thank you for your time!

1/etc/nginx/fastcgi.conf:


fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REQUEST_SCHEME $scheme; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; 

2. /etc/nginx/fastcgi_params:

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REQUEST_SCHEME $scheme; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; 

3. /etc/nginx/sites-enabled/server.conf

# Version=2.1 server { listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443 ssl http2; # # This file will be managed by ATK, and overwitten without warning. # # To enable external access please consider installing DuckDNS using ATK. # # For external access using a custom domain: # # 1) Make a copy of this file and rename it to match your domain # # ex: /etc/nginx/sites-available/mydomain.com.conf # # 2) Edit your file and replace the entire `server_name` line with `server_name mydomain.com;` # # (do not include IP addresses) # # 3) Run `sudo ln -s /etc/nginx/sites-available/mydomain.com.conf /etc/nginx/sites-enabled/mydomain.com.conf` # # 4) Run `sudo systemctl reload nginx` # # You can then use ATK to run Certbot on your custom domain for HTTPS # # You can also modify your new file to enabling some of the extra features below by uncommenting the lines # # If you modify your file you will need to rerun the command in step 4 above server_name 127.0.0.1 localhost 192.168.1.248 0.0.0.0; access_log /valog/nginx/server.atomic.access.log; error_log /valog/nginx/server.atomic.error.log; index index.html index.php; root /vawww/html/; client_body_buffer_size 128k; client_max_body_size 100M; send_timeout 5m; server_tokens off; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/varun/php7.4-fpm.sock; fastcgi_index index.php; include fastcgi.conf;} location ~ /\.ht { deny all; } ## # Snippet Config ## include /etc/nginx/snippets/gzip.atomic.conf; # include /etc/nginx/snippets/headers-hsts.atomic.conf; # WARNING: Only enable Strict Transport after confirming HTTPS is working include /etc/nginx/snippets/headers.atomic.conf; # include /etc/nginx/snippets/https-redirect.atomic.conf; # WARNING: Only enable HTTPS Redirect after confirming HTTPS is working include /etc/nginx/snippets/letsencrypt.atomic.conf; include /etc/nginx/snippets/proxy.atomic.conf; # include /etc/nginx/snippets/ssl-dhparam.atomic.conf; # WARNING: Only enable dhparam after running `openssl dhparam -out /etc/nginx/dhparam.pem 4096` include /etc/nginx/snippets/ssl.atomic.conf; ## # App Location Config ## include /etc/nginx/locations-enabled/*.atomic.conf; ssl_certificate /etc/letsencrypt/live/****/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/****/privkey.pem; # managed by Certbot } 

4. /etc/nginx/mime.types

types { text/html html htm shtml; text/css css; text/xml xml; image/gif gif; image/jpeg jpeg jpg; application/javascript js; application/atom+xml atom; application/rss+xml rss; text/mathml mml; text/plain txt; text/vnd.sun.j2me.app-descriptor jad; text/vnd.wap.wml wml; text/x-component htc; image/png png; image/tiff tif tiff; image/vnd.wap.wbmp wbmp; image/x-icon ico; image/x-jng jng; image/x-ms-bmp bmp; image/svg+xml svg svgz; image/webp webp; application/font-woff woff; application/java-archive jar war ear; application/json json; application/mac-binhex40 hqx; application/msword doc; application/pdf pdf; application/postscript ps eps ai; application/rtf rtf; application/vnd.apple.mpegurl m3u8; application/vnd.ms-excel xls; application/vnd.ms-fontobject eot; application/vnd.ms-powerpoint ppt; application/vnd.wap.wmlc wmlc; application/vnd.google-earth.kml+xml kml; application/vnd.google-earth.kmz kmz; application/x-7z-compressed 7z; application/x-cocoa cco; application/x-java-archive-diff jardiff; application/x-java-jnlp-file jnlp; application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; application/x-stuffit sit; application/x-tcl tcl tk; application/x-x509-ca-cert der pem crt; application/x-xpinstall xpi; application/xhtml+xml xhtml; application/xspf+xml xspf; application/zip zip; application/octet-stream bin exe dll; application/octet-stream deb; application/octet-stream dmg; application/octet-stream iso img; application/octet-stream msi msp msm; application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; audio/midi mid midi kar; audio/mpeg mp3; audio/ogg ogg; audio/x-m4a m4a; audio/x-realaudio ra; video/3gpp 3gpp 3gp; video/mp2t ts; video/mp4 mp4; video/mpeg mpeg mpg; video/quicktime mov; video/webm webm; video/x-flv flv; video/x-m4v m4v; video/x-mng mng; video/x-ms-asf asx asf; video/x-ms-wmv wmv; video/x-msvideo avi; } 

5. /etc/php/7.4/fpm/php-fpm.conf

;;;;;;;;;;;;;;;;;;;;; ; FPM Configuration ; ;;;;;;;;;;;;;;;;;;;;; ; All relative paths in this configuration file are relative to PHP's install ; prefix (/usr). This prefix can be dynamically changed by using the ; '-p' argument from the command line. ;;;;;;;;;;;;;;;;;; ; Global Options ; ;;;;;;;;;;;;;;;;;; [global] ; Pid file ; Note: the default prefix is /var ; Default Value: none ; Warning: if you change the value here, you need to modify systemd ; service PIDFile= setting to match the value here. pid = /run/php/php7.4-fpm.pid ; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ; into a local file. ; Note: the default prefix is /var ; Default Value: log/php-fpm.log error_log = /valog/php7.4-fpm.log ;syslog.facility = daemon ;syslog.ident = php-fpm ;log_level = notice ;log_limit = 4096 ;log_buffering = no ;emergency_restart_threshold = 0 ;emergency_restart_interval = 0 ;process_control_timeout = 0 ; process.max = 128 ; process.priority = -19 ; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. ; Default Value: yes ;daemonize = yes ;rlimit_files = 1024 ;rlimit_core = 0 ;events.mechanism = epoll ; When FPM is built with systemd integration, specify the interval, ; in seconds, between health report notification to systemd. ; Set to 0 to disable. ; Available Units: s(econds), m(inutes), h(ours) ; Default Unit: seconds ; Default value: 10 ;systemd_interval = 10 ;;;;;;;;;;;;;;;;;;;; ; Pool Definitions ; ;;;;;;;;;;;;;;;;;;;; ; Multiple pools of child processes may be started with different listening ; ports and different management options. The name of the pool will be ; used in logs and stats. There is no limitation on the number of pools which ; FPM can handle. Your system will tell you anyway :) ; Include one or more files. If glob(3) exists, it is used to include a bunch of ; files from a glob(3) pattern. This directive can be used everywhere in the ; file. ; Relative path can also be used. They will be prefixed by: ; - the global prefix if it's been set (-p argument) ; - /usr otherwise include=/etc/php/7.4/fpm/pool.d/*.conf 

6. /etc/php/7.4/fpm/pool.d/www.conf

; Start a new pool named 'www'. [www] ;prefix = /path/to/pools/$pool user = user group = user listen = /varun/php/php7.4-fpm.sock listen.owner = user listen.group = user ;listen.mode = 0660 pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 ;chroot = ;chdir = /vawww ;catch_workers_output = yes ;decorate_workers_output = no ;clear_env = no 7. /etc/php/7.4/fpm/php.ini [PHP] engine = On short_open_tag = Off precision = 14 output_buffering = 4096 zlib.output_compression = Off implicit_flush = Off unserialize_callback_func = serialize_precision = -1 ;open_basedir = disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, disable_classes = zend.enable_gc = On zend.exception_ignore_args = On ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; expose_php = Off ;;;;;;;;;;;;;;;;;;; ; Resource Limits ; ;;;;;;;;;;;;;;;;;;; max_execution_time = 360 max_input_time = 360 ;max_input_nesting_level = 64 ; How many GET/POST/COOKIE input variables may be accepted ;max_input_vars = 1000 ; Maximum amount of memory a script may consume (128MB) ; http://php.net/memory-limit memory_limit = 512M ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; Error handling and logging ; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors = Off display_startup_errors = Off log_errors = On log_errors_max_len = 1024 ignore_repeated_errors = Off ignore_repeated_source = Off report_memleaks = On ;;;;;;;;;;;;;;;;; ; Data Handling ; ;;;;;;;;;;;;;;;;; variables_order = "GPCS" request_order = "GP" register_argc_argv = Off auto_globals_jit = On post_max_size = 8M auto_prepend_file = auto_append_file = default_mimetype = "text/html" default_charset = "UTF-8" ;;;;;;;;;;;;;;;;;;;;;;;;; ; Paths and Directories ; ;;;;;;;;;;;;;;;;;;;;;;;;; doc_root = user_dir = enable_dl = Off ;cgi.force_redirect = 1 ;cgi.nph = 1 ;cgi.redirect_status_env = ;cgi.fix_pathinfo=1 ;cgi.discard_path=1 ;fastcgi.impersonate = 1 ;fastcgi.logging = 0 ;cgi.rfc2616_headers = 0 ;cgi.check_shebang_line=1 ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; file_uploads = On upload_max_filesize = 250M max_file_uploads = 20 ;;;;;;;;;;;;;;;;;; ; Fopen wrappers ; ;;;;;;;;;;;;;;;;;; allow_url_fopen = On allow_url_include = Off ;user_agent="PHP" default_socket_timeout = 320 ;auto_detect_line_endings = Off ;;;;;;;;;;;;;;;;;;;;;; ; Dynamic Extensions ; ;;;;;;;;;;;;;;;;;;;;;; ;extension=bz2 ;extension=curl ;extension=ffi ;extension=ftp ;extension=fileinfo ;extension=gd2 ;extension=gettext ;extension=gmp ;extension=intl ;extension=imap ;extension=ldap ;extension=mbstring ;extension=exif ; Must be after mbstring as it depends on it ;extension=mysqli ;extension=oci8_12c ; Use with Oracle Database 12c Instant Client ;extension=odbc ;extension=openssl ;extension=pdo_firebird ;extension=pdo_mysql ;extension=pdo_oci ;extension=pdo_odbc ;extension=pdo_pgsql ;extension=pdo_sqlite ;extension=pgsql ;extension=shmop ;extension=snmp ;extension=soap ;extension=sockets ;extension=sodium ;extension=sqlite3 ;extension=tidy ;extension=xmlrpc ;extension=xsl ;;;;;;;;;;;;;;;;;;; ; Module Settings ; ;;;;;;;;;;;;;;;;;;; [CLI Server] cli_server.color = On [Date] ;date.timezone = [filter] ; http://php.net/filter.default ;filter.default = unsafe_raw ; http://php.net/filter.default-flags ;filter.default_flags = [iconv] ;iconv.input_encoding = ;iconv.internal_encoding = ;iconv.output_encoding = [imap] ;imap.enable_insecure_rsh=0 [intl] ;intl.error_level = E_WARNING ;intl.use_exceptions = 0 [sqlite3] ;sqlite3.extension_dir = ;sqlite3.defensive = 1 [Pcre] ;pcre.backtrack_limit=10000 ;pcre.recursion_limit=100000 ;pcre.jit=1 [Pdo] ;pdo_odbc.connection_pooling=strict ;pdo_odbc.db2_instance_name [Pdo_mysql] ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. pdo_mysql.default_socket= [Phar] ; http://php.net/phar.readonly ;phar.readonly = On ; http://php.net/phar.require-hash ;phar.require_hash = On ;phar.cache_list = [mail function] ; For Win32 only. ; http://php.net/smtp SMTP = localhost ; http://php.net/smtp-port smtp_port = 25 ; For Win32 only. ; http://php.net/sendmail-from ;sendmail_from = [email protected] ; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). ; http://php.net/sendmail-path ;sendmail_path = ;mail.force_extra_parameters = ; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename mail.add_x_header = Off ; The path to a log file that will log all mail() calls. Log entries include ; the full path of the script, line number, To address and headers. ;mail.log = ; Log mail to syslog (Event Log on Windows). ;mail.log = syslog [ODBC] ; http://php.net/odbc.default-db ;odbc.default_db = Not yet implemented ; http://php.net/odbc.default-user ;odbc.default_user = Not yet implemented ; http://php.net/odbc.default-pw ;odbc.default_pw = Not yet implemented ; Controls the ODBC cursor model. ; Default: SQL_CURSOR_STATIC (default). ;odbc.default_cursortype ; Allow or prevent persistent links. ; http://php.net/odbc.allow-persistent odbc.allow_persistent = On ; Check that a connection is still valid before reuse. ; http://php.net/odbc.check-persistent odbc.check_persistent = On ; Maximum number of persistent links. -1 means no limit. ; http://php.net/odbc.max-persistent odbc.max_persistent = -1 ; Maximum number of links (persistent + non-persistent). -1 means no limit. ; http://php.net/odbc.max-links odbc.max_links = -1 ; Handling of LONG fields. Returns number of bytes to variables. 0 means ; passthru. ; http://php.net/odbc.defaultlrl odbc.defaultlrl = 4096 ; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. ; See the documentation on odbc_binmode and odbc_longreadlen for an explanation ; of odbc.defaultlrl and odbc.defaultbinmode ; http://php.net/odbc.defaultbinmode odbc.defaultbinmode = 1 [MySQLi] ; Maximum number of persistent links. -1 means no limit. ; http://php.net/mysqli.max-persistent mysqli.max_persistent = -1 ; Allow accessing, from PHP's perspective, local files with LOAD DATA statements ; http://php.net/mysqli.allow_local_infile ;mysqli.allow_local_infile = On ; Allow or prevent persistent links. ; http://php.net/mysqli.allow-persistent mysqli.allow_persistent = On ; Maximum number of links. -1 means no limit. ; http://php.net/mysqli.max-links mysqli.max_links = -1 ; Default port number for mysqli_connect(). If unset, mysqli_connect() will use ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look ; at MYSQL_PORT. ; http://php.net/mysqli.default-port mysqli.default_port = 3306 ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. ; http://php.net/mysqli.default-socket mysqli.default_socket = ; Default host for mysqli_connect() (doesn't apply in safe mode). ; http://php.net/mysqli.default-host mysqli.default_host = ; Default user for mysqli_connect() (doesn't apply in safe mode). ; http://php.net/mysqli.default-user mysqli.default_user = ; Default password for mysqli_connect() (doesn't apply in safe mode). ; Note that this is generally a *bad* idea to store passwords in this file. ; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") ; and reveal this password! And of course, any users with read access to this ; file will be able to reveal the password as well. ; http://php.net/mysqli.default-pw mysqli.default_pw = ; Allow or prevent reconnect mysqli.reconnect = Off [mysqlnd] ; Enable / Disable collection of general statistics by mysqlnd which can be ; used to tune and monitor MySQL operations. mysqlnd.collect_statistics = On ; Enable / Disable collection of memory usage statistics by mysqlnd which can be ; used to tune and monitor MySQL operations. mysqlnd.collect_memory_statistics = Off ; Records communication from all extensions using mysqlnd to the specified log ; file. ; http://php.net/mysqlnd.debug ;mysqlnd.debug = ; Defines which queries will be logged. ;mysqlnd.log_mask = 0 ; Default size of the mysqlnd memory pool, which is used by result sets. ;mysqlnd.mempool_default_size = 16000 ; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. ;mysqlnd.net_cmd_buffer_size = 2048 ; Size of a pre-allocated buffer used for reading data sent by the server in ; bytes. ;mysqlnd.net_read_buffer_size = 32768 ; Timeout for network requests in seconds. ;mysqlnd.net_read_timeout = 31536000 ; SHA-256 Authentication Plugin related. File with the MySQL server public RSA ; key. ;mysqlnd.sha256_server_public_key = [OCI8] ;oci8.privileged_connect = Off ;oci8.max_persistent = -1 ;oci8.persistent_timeout = -1 ;oci8.ping_interval = 60 ;oci8.connection_class = ;oci8.events = Off ;oci8.statement_cache_size = 20 ;oci8.default_prefetch = 100 ;oci8.old_oci_close_semantics = Off [PostgreSQL] pgsql.allow_persistent = On pgsql.auto_reset_persistent = Off ; Maximum number of persistent links. -1 means no limit. ; http://php.net/pgsql.max-persistent pgsql.max_persistent = -1 ; Maximum number of links (persistent+non persistent). -1 means no limit. ; http://php.net/pgsql.max-links pgsql.max_links = -1 pgsql.ignore_notice = 0 pgsql.log_notice = 0 [bcmath] ; Number of decimal digits for all bcmath functions. ; http://php.net/bcmath.scale bcmath.scale = 0 [browscap] ; http://php.net/browscap ;browscap = extra/browscap.ini [Session] session.save_handler = files ;session.save_path = "/valib/php/sessions" session.use_strict_mode = 0 ; Whether to use cookies. ; http://php.net/session.use-cookies session.use_cookies = 1 ; http://php.net/session.cookie-secure ;session.cookie_secure = session.use_only_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.cookie_samesite = ; Handler used to serialize data. php is the standard serializer of PHP. ; http://php.net/session.serialize-handler session.serialize_handler = php session.gc_probability = 0 session.gc_divisor = 1000 ; After this number of seconds, stored data will be seen as 'garbage' and ; cleaned up by the garbage collection process. ; http://php.net/session.gc-maxlifetime session.gc_maxlifetime = 1440 session.referer_check = ; Set to {nocache,private,public,} to determine HTTP caching aspects ; or leave this empty to avoid sending anti-caching headers. ; http://php.net/session.cache-limiter session.cache_limiter = nocache ; Document expires after n minutes. ; http://php.net/session.cache-expire session.cache_expire = 180 session.use_trans_sid = 0 ; Default Value: 32 ; Development Value: 26 ; Production Value: 26 session.sid_length = 26 session.trans_sid_tags = "a=href,area=href,frame=src,form=" ; Default Value: "" ; Development Value: "" ; Production Value: "" ;session.trans_sid_hosts="" session.sid_bits_per_character = 5 ;session.upload_progress.enabled = On ;session.upload_progress.cleanup = On ;session.upload_progress.prefix = "upload_progress_" ;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" ;session.upload_progress.freq = "1%" ;session.upload_progress.min_freq = "1" ; Only write session data when session data is changed. Enabled by default. ; http://php.net/session.lazy-write ;session.lazy_write = On [Assertion] ; Switch whether to compile assertions at all (to have no overhead at run-time) ; -1: Do not compile at all ; 0: Jump over assertion at run-time ; 1: Execute assertions ; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) ; Default Value: 1 ; Development Value: 1 ; Production Value: -1 ; http://php.net/zend.assertions zend.assertions = -1 ;assert.active = On ;assert.exception = On ;assert.warning = On ;assert.bail = Off ;assert.callback = 0 ;assert.quiet_eval = 0 [COM] ;com.typelib_file = ;com.allow_dcom = true ;com.autoregister_typelib = true ;com.autoregister_casesensitive = false ;com.autoregister_verbose = true ;com.code_page= [mbstring] ;mbstring.language = Japanese ;mbstring.internal_encoding = ;mbstring.http_input = ;mbstring.http_output = ;mbstring.encoding_translation = Off ;mbstring.detect_order = auto ;mbstring.substitute_character = none ;mbstring.func_overload = 0 ;mbstring.strict_detection = On ;mbstring.http_output_conv_mimetype= ;mbstring.regex_stack_limit=100000 ;mbstring.regex_retry_limit=1000000 [gd] ;gd.jpeg_ignore_warning = 1 [exif] ;exif.encode_unicode = ISO-8859-15 ;exif.decode_unicode_motorola = UCS-2BE ;exif.decode_unicode_intel = UCS-2LE ;exif.encode_jis = ;exif.decode_jis_motorola = JIS ;exif.decode_jis_intel = JIS [Tidy] tidy.clean_output = Off [soap] soap.wsdl_cache_enabled=1 soap.wsdl_cache_dir="/tmp" soap.wsdl_cache_ttl=86400 soap.wsdl_cache_limit = 5 [sysvshm] ;sysvshm.init_mem = 10000 [ldap] ; Sets the maximum number of open links or -1 for unlimited. ldap.max_links = -1 [dba] ;dba.default_handler= [opcache] ; Determines if Zend OPCache is enabled ;opcache.enable=1 ; Determines if Zend OPCache is enabled for the CLI version of PHP ;opcache.enable_cli=0 ; The OPcache shared memory storage size. ;opcache.memory_consumption=128 ; The amount of memory for interned strings in Mbytes. ;opcache.interned_strings_buffer=8 ; The maximum number of keys (scripts) in the OPcache hash table. ; Only numbers between 200 and 1000000 are allowed. ;opcache.max_accelerated_files=10000 ; The maximum percentage of "wasted" memory until a restart is scheduled. ;opcache.max_wasted_percentage=5 ;opcache.use_cwd=1 ;opcache.validate_timestamps=1 ;opcache.revalidate_freq=2 ;opcache.revalidate_path=0 ;opcache.save_comments=1 ;opcache.enable_file_override= ;opcache.optimization_level=0x7FFFBFFF ;opcache.dups_fix=0 ;opcache.blacklist_filename= ;opcache.max_file_size=0 ;opcache.consistency_checks=0 ;opcache.force_restart_timeout=180 ;opcache.error_log= ;opcache.log_verbosity_level=1 ;opcache.preferred_memory_model= ;opcache.protect_memory=0 ;opcache.restrict_api= ;opcache.mmap_base= ; Facilitates multiple OPcache instances per user (for Windows only). All PHP ; processes with the same cache ID and user share an OPcache instance. ;opcache.cache_id= ; Enables and sets the second level cache directory. ; It should improve performance when SHM memory is full, at server restart or ; SHM reset. The default "" disables file based caching. ;opcache.file_cache= ; Enables or disables opcode caching in shared memory. ;opcache.file_cache_only=0 ; Enables or disables checksum validation when script loaded from file cache. ;opcache.file_cache_consistency_checks=1 ; Implies opcache.file_cache_only=1 for a certain process that failed to ; reattach to the shared memory (for Windows only). Explicitly enabled file ; cache is required. ;opcache.file_cache_fallback=1 ; Enables or disables copying of PHP code (text segment) into HUGE PAGES. ; This should improve performance, but requires appropriate OS configuration. ;opcache.huge_code_pages=1 ; Validate cached file permissions. ;opcache.validate_permission=0 ; Prevent name collisions in chroot'ed environment. ;opcache.validate_root=0 ; If specified, it produces opcode dumps for debugging different stages of ; optimizations. ;opcache.opt_debug_level=0 ; Specifies a PHP script that is going to be compiled and executed at server ; start-up. ; http://php.net/opcache.preload ;opcache.preload= ; Preloading code as root is not allowed for security reasons. This directive ; facilitates to let the preloading to be run as another user. ; http://php.net/opcache.preload_user ;opcache.preload_user= ; Prevents caching files that are less than this number of seconds old. It ; protects from caching of incompletely updated files. In case all file updates ; on your site are atomic, you may increase performance by setting it to "0". ;opcache.file_update_protection=2 ; Absolute path used to store shared lockfiles (for *nix only). ;opcache.lockfile_path=/tmp [curl] ; A default value for the CURLOPT_CAINFO option. This is required to be an ; absolute path. ;curl.cainfo = [openssl] ; The location of a Certificate Authority (CA) file on the local filesystem ; to use when verifying the identity of SSL/TLS peers. Most users should ; not specify a value for this directive as PHP will attempt to use the ; OS-managed cert stores in its absence. If specified, this value may still ; be overridden on a per-stream basis via the "cafile" SSL stream context ; option. ;openssl.cafile= ; If openssl.cafile is not specified or if the CA file is not found, the ; directory pointed to by openssl.capath is searched for a suitable ; certificate. This value must be a correctly hashed certificate directory. ; Most users should not specify a value for this directive as PHP will ; attempt to use the OS-managed cert stores in its absence. If specified, ; this value may still be overridden on a per-stream basis via the "capath" ; SSL stream context option. ;openssl.capath= [ffi] ; FFI API restriction. Possible values: ; "preload" - enabled in CLI scripts and preloaded files (default) ; "false" - always disabled ; "true" - always enabled ;ffi.enable=preload ; List of headers files to preload, wildcard patterns allowed. ;ffi.preload= 

8. output service nginx status & service php7.4-fpm status


# sudo service php7.4-fpm status ● php7.4-fpm.service - The PHP 7.4 FastCGI Process Manager Loaded: loaded (/lib/systemd/system/php7.4-fpm.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2020-03-03 17:01:34 CET; 1min 59s ago Docs: man:php-fpm7.4(8) Process: 620 ExecStartPost=/uslib/php/php-fpm-socket-helper install /run/php/php-fpm.sock /etc/php/7.4/fpm/pool.d/www.conf 74 (code=exited, status=0/SUCCESS) Main PID: 598 (php-fpm7.4) Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec" Tasks: 3 (limit: 4915) Memory: 12.4M CGroup: /system.slice/php7.4-fpm.service ├─598 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf) ├─618 php-fpm: pool www └─619 php-fpm: pool www Mär 03 17:01:34 user systemd[1]: Starting The PHP 7.4 FastCGI Process Manager... Mär 03 17:01:34 user systemd[1]: Started The PHP 7.4 FastCGI Process Manager. 

# sudo service nginx status ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2020-03-03 17:01:39 CET; 2s ago Docs: man:nginx(8) Process: 639 ExecStartPre=/ussbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 657 ExecStart=/ussbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Main PID: 658 (nginx) Tasks: 5 (limit: 4915) Memory: 4.9M CGroup: /system.slice/nginx.service ├─658 nginx: master process /ussbin/nginx -g daemon on; master_process on; ├─659 nginx: worker process ├─660 nginx: worker process ├─661 nginx: worker process └─662 nginx: worker process Mär 03 17:01:39 user systemd[1]: Starting A high performance web server and a reverse proxy server... Mär 03 17:01:39 user systemd[1]: Started A high performance web server and a reverse proxy server. 
submitted by xmr123 to PHPhelp [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Expert Option Scam Review Withdrawal Proof In India (Hindi/Urdu)  Scammers In Binary Option NEED FOR SPEED MOST WANTED PART 11 blacklist 13 2 tollboth races Need For Speed Most Wanted : Kabylie Tech vs Blacklist N15 and Blacklist N14 Blacklisted Binary Options Brokers 31

Binary Options Brokers Blacklist. Typically the unregulated brokers have more freedom to scam because nobody is watching their moves. When a broker is not regulated, there is no one checking up on them to make sure they follow the law. There is no one checking that the quotes they give clients on assets and execution prices are correct. Binary Options Brokers Blacklist Binary options brokers help investors in making transaction for sale and purchase of assets in exchange as it is the special subspecies of all the options. The uniqueness of the instrument is that at the fixed time the purchase can be accomplished in future or at present with an expense of binary options . Blacklist of binary options scams. We explain how to spot a scam and provide lists of dishonest brokers, known scammers, rigged systems and other frauds. The Binary Options Brokers Blacklist. Unfortunately, every day there are scam Binary Options brokers looking to scam unsuspecting victims. The table below is a blacklist consisting of Binary Options brokers who have scammed those who made complaints on Broker Complaint Registry. Binary Options Blacklist. I have compiled Binary Options Tested’s Blacklist! Here you can see an updated list of scam brokers. All it takes a few handful fake sites to destroy the reputation of well established binary options brokers. You can inspect the Blacklist too see who they are and stay away from such offers.

[index] [7289] [9065] [5184] [14316] [6316] [5943] [14833] [1658] [3674] [12155]

Expert Option Scam Review Withdrawal Proof In India (Hindi/Urdu) Scammers In Binary Option

Don't let a pushy representative convince you to deposit $5,000 for a "free binary options training", bonuses or any special VIP offers. The best training is available free on YouTube channels like... Salut tous le monde c'est Amar rzk Aujourd'hui je vais vous présenter une nouvel vidéo sur Need For Speed Most Wanted : Kabylie Tech vs Blacklist N15 and Bla... Please avoid any and all brokers on this blacklist, like the plague! Please submi... Skip navigation Sign in. Search. ... Binary Options Doctor Binary Options Strategy & Trading Systems 3,535 ... Best Binary Options Strategy 2020 - 2 Minute Strategy LIVE TRAINING! - Duration: 43:42. BLW Online Trading Recommended for you Best Binary Options Strategy 2020 - 2 Minute Strategy LIVE TRAINING! - Duration: 43:42. ... NEED FOR SPEED MOST WANTED PART 5 BLACKLIST 14= 1 circuit race - Duration: 5:31.