Convert PDF to Excel online and free with Onlineconvertfree

Problem running php on nginx ubuntu (files get downloaded)

Hi everyone,
I'm very new to php and ran into some issue that I have been trying to fix for a couple of hours.
I have setup Nginx on ubuntu 19.10, and installed php7.4-fpm. But whenever I try to open a file like index.php, located in my root folder /vawww/html (so localhost/index.php) it will download the file instead of running it.
Nginx is not communicating with php7.4-fpm, is my guess, but I can not find the mistake in my configuration files..

Could anyone take a look and spot what would be wrong.
Below I've put the files, in order
  1. /etc/nginx/fastcgi.conf:
  2. /etc/nginx/fastcgi_params:
  3. /etc/nginx/sites-enabled/server.conf
  4. /etc/nginx/mime.types
  5. /etc/php/7.4/fpm/php-fpm.conf
  6. /etc/php/7.4/fpm/pool.d/www.conf
  7. selection of /etc/php/7.4/fpm/php.ini since posting it all is too long
  8. output service nginx status & service php7.4-fpm status

If I'm looking at the wrong files or something and the error could be located elsewhere please guide me in the right direction.
And if you already read this far, I would like to thank you for your time!

1/etc/nginx/fastcgi.conf:


fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REQUEST_SCHEME $scheme; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; 

2. /etc/nginx/fastcgi_params:

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; fastcgi_param CONTENT_LENGTH $content_length; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param REQUEST_URI $request_uri; fastcgi_param DOCUMENT_URI $document_uri; fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SERVER_PROTOCOL $server_protocol; fastcgi_param REQUEST_SCHEME $scheme; fastcgi_param HTTPS $https if_not_empty; fastcgi_param GATEWAY_INTERFACE CGI/1.1; fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; fastcgi_param REMOTE_ADDR $remote_addr; fastcgi_param REMOTE_PORT $remote_port; fastcgi_param SERVER_ADDR $server_addr; fastcgi_param SERVER_PORT $server_port; fastcgi_param SERVER_NAME $server_name; # PHP only, required if PHP was built with --enable-force-cgi-redirect fastcgi_param REDIRECT_STATUS 200; 

3. /etc/nginx/sites-enabled/server.conf

# Version=2.1 server { listen 80; listen [::]:80; listen 443 ssl http2; listen [::]:443 ssl http2; # # This file will be managed by ATK, and overwitten without warning. # # To enable external access please consider installing DuckDNS using ATK. # # For external access using a custom domain: # # 1) Make a copy of this file and rename it to match your domain # # ex: /etc/nginx/sites-available/mydomain.com.conf # # 2) Edit your file and replace the entire `server_name` line with `server_name mydomain.com;` # # (do not include IP addresses) # # 3) Run `sudo ln -s /etc/nginx/sites-available/mydomain.com.conf /etc/nginx/sites-enabled/mydomain.com.conf` # # 4) Run `sudo systemctl reload nginx` # # You can then use ATK to run Certbot on your custom domain for HTTPS # # You can also modify your new file to enabling some of the extra features below by uncommenting the lines # # If you modify your file you will need to rerun the command in step 4 above server_name 127.0.0.1 localhost 192.168.1.248 0.0.0.0; access_log /valog/nginx/server.atomic.access.log; error_log /valog/nginx/server.atomic.error.log; index index.html index.php; root /vawww/html/; client_body_buffer_size 128k; client_max_body_size 100M; send_timeout 5m; server_tokens off; location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/varun/php7.4-fpm.sock; fastcgi_index index.php; include fastcgi.conf;} location ~ /\.ht { deny all; } ## # Snippet Config ## include /etc/nginx/snippets/gzip.atomic.conf; # include /etc/nginx/snippets/headers-hsts.atomic.conf; # WARNING: Only enable Strict Transport after confirming HTTPS is working include /etc/nginx/snippets/headers.atomic.conf; # include /etc/nginx/snippets/https-redirect.atomic.conf; # WARNING: Only enable HTTPS Redirect after confirming HTTPS is working include /etc/nginx/snippets/letsencrypt.atomic.conf; include /etc/nginx/snippets/proxy.atomic.conf; # include /etc/nginx/snippets/ssl-dhparam.atomic.conf; # WARNING: Only enable dhparam after running `openssl dhparam -out /etc/nginx/dhparam.pem 4096` include /etc/nginx/snippets/ssl.atomic.conf; ## # App Location Config ## include /etc/nginx/locations-enabled/*.atomic.conf; ssl_certificate /etc/letsencrypt/live/****/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/****/privkey.pem; # managed by Certbot } 

4. /etc/nginx/mime.types

types { text/html html htm shtml; text/css css; text/xml xml; image/gif gif; image/jpeg jpeg jpg; application/javascript js; application/atom+xml atom; application/rss+xml rss; text/mathml mml; text/plain txt; text/vnd.sun.j2me.app-descriptor jad; text/vnd.wap.wml wml; text/x-component htc; image/png png; image/tiff tif tiff; image/vnd.wap.wbmp wbmp; image/x-icon ico; image/x-jng jng; image/x-ms-bmp bmp; image/svg+xml svg svgz; image/webp webp; application/font-woff woff; application/java-archive jar war ear; application/json json; application/mac-binhex40 hqx; application/msword doc; application/pdf pdf; application/postscript ps eps ai; application/rtf rtf; application/vnd.apple.mpegurl m3u8; application/vnd.ms-excel xls; application/vnd.ms-fontobject eot; application/vnd.ms-powerpoint ppt; application/vnd.wap.wmlc wmlc; application/vnd.google-earth.kml+xml kml; application/vnd.google-earth.kmz kmz; application/x-7z-compressed 7z; application/x-cocoa cco; application/x-java-archive-diff jardiff; application/x-java-jnlp-file jnlp; application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; application/x-stuffit sit; application/x-tcl tcl tk; application/x-x509-ca-cert der pem crt; application/x-xpinstall xpi; application/xhtml+xml xhtml; application/xspf+xml xspf; application/zip zip; application/octet-stream bin exe dll; application/octet-stream deb; application/octet-stream dmg; application/octet-stream iso img; application/octet-stream msi msp msm; application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; audio/midi mid midi kar; audio/mpeg mp3; audio/ogg ogg; audio/x-m4a m4a; audio/x-realaudio ra; video/3gpp 3gpp 3gp; video/mp2t ts; video/mp4 mp4; video/mpeg mpeg mpg; video/quicktime mov; video/webm webm; video/x-flv flv; video/x-m4v m4v; video/x-mng mng; video/x-ms-asf asx asf; video/x-ms-wmv wmv; video/x-msvideo avi; } 

5. /etc/php/7.4/fpm/php-fpm.conf

;;;;;;;;;;;;;;;;;;;;; ; FPM Configuration ; ;;;;;;;;;;;;;;;;;;;;; ; All relative paths in this configuration file are relative to PHP's install ; prefix (/usr). This prefix can be dynamically changed by using the ; '-p' argument from the command line. ;;;;;;;;;;;;;;;;;; ; Global Options ; ;;;;;;;;;;;;;;;;;; [global] ; Pid file ; Note: the default prefix is /var ; Default Value: none ; Warning: if you change the value here, you need to modify systemd ; service PIDFile= setting to match the value here. pid = /run/php/php7.4-fpm.pid ; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ; into a local file. ; Note: the default prefix is /var ; Default Value: log/php-fpm.log error_log = /valog/php7.4-fpm.log ;syslog.facility = daemon ;syslog.ident = php-fpm ;log_level = notice ;log_limit = 4096 ;log_buffering = no ;emergency_restart_threshold = 0 ;emergency_restart_interval = 0 ;process_control_timeout = 0 ; process.max = 128 ; process.priority = -19 ; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. ; Default Value: yes ;daemonize = yes ;rlimit_files = 1024 ;rlimit_core = 0 ;events.mechanism = epoll ; When FPM is built with systemd integration, specify the interval, ; in seconds, between health report notification to systemd. ; Set to 0 to disable. ; Available Units: s(econds), m(inutes), h(ours) ; Default Unit: seconds ; Default value: 10 ;systemd_interval = 10 ;;;;;;;;;;;;;;;;;;;; ; Pool Definitions ; ;;;;;;;;;;;;;;;;;;;; ; Multiple pools of child processes may be started with different listening ; ports and different management options. The name of the pool will be ; used in logs and stats. There is no limitation on the number of pools which ; FPM can handle. Your system will tell you anyway :) ; Include one or more files. If glob(3) exists, it is used to include a bunch of ; files from a glob(3) pattern. This directive can be used everywhere in the ; file. ; Relative path can also be used. They will be prefixed by: ; - the global prefix if it's been set (-p argument) ; - /usr otherwise include=/etc/php/7.4/fpm/pool.d/*.conf 

6. /etc/php/7.4/fpm/pool.d/www.conf

; Start a new pool named 'www'. [www] ;prefix = /path/to/pools/$pool user = user group = user listen = /varun/php/php7.4-fpm.sock listen.owner = user listen.group = user ;listen.mode = 0660 pm = dynamic pm.max_children = 5 pm.start_servers = 2 pm.min_spare_servers = 1 pm.max_spare_servers = 3 ;chroot = ;chdir = /vawww ;catch_workers_output = yes ;decorate_workers_output = no ;clear_env = no 7. /etc/php/7.4/fpm/php.ini [PHP] engine = On short_open_tag = Off precision = 14 output_buffering = 4096 zlib.output_compression = Off implicit_flush = Off unserialize_callback_func = serialize_precision = -1 ;open_basedir = disable_functions = pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, disable_classes = zend.enable_gc = On zend.exception_ignore_args = On ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; expose_php = Off ;;;;;;;;;;;;;;;;;;; ; Resource Limits ; ;;;;;;;;;;;;;;;;;;; max_execution_time = 360 max_input_time = 360 ;max_input_nesting_level = 64 ; How many GET/POST/COOKIE input variables may be accepted ;max_input_vars = 1000 ; Maximum amount of memory a script may consume (128MB) ; http://php.net/memory-limit memory_limit = 512M ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; Error handling and logging ; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors = Off display_startup_errors = Off log_errors = On log_errors_max_len = 1024 ignore_repeated_errors = Off ignore_repeated_source = Off report_memleaks = On ;;;;;;;;;;;;;;;;; ; Data Handling ; ;;;;;;;;;;;;;;;;; variables_order = "GPCS" request_order = "GP" register_argc_argv = Off auto_globals_jit = On post_max_size = 8M auto_prepend_file = auto_append_file = default_mimetype = "text/html" default_charset = "UTF-8" ;;;;;;;;;;;;;;;;;;;;;;;;; ; Paths and Directories ; ;;;;;;;;;;;;;;;;;;;;;;;;; doc_root = user_dir = enable_dl = Off ;cgi.force_redirect = 1 ;cgi.nph = 1 ;cgi.redirect_status_env = ;cgi.fix_pathinfo=1 ;cgi.discard_path=1 ;fastcgi.impersonate = 1 ;fastcgi.logging = 0 ;cgi.rfc2616_headers = 0 ;cgi.check_shebang_line=1 ;;;;;;;;;;;;;;;; ; File Uploads ; ;;;;;;;;;;;;;;;; file_uploads = On upload_max_filesize = 250M max_file_uploads = 20 ;;;;;;;;;;;;;;;;;; ; Fopen wrappers ; ;;;;;;;;;;;;;;;;;; allow_url_fopen = On allow_url_include = Off ;user_agent="PHP" default_socket_timeout = 320 ;auto_detect_line_endings = Off ;;;;;;;;;;;;;;;;;;;;;; ; Dynamic Extensions ; ;;;;;;;;;;;;;;;;;;;;;; ;extension=bz2 ;extension=curl ;extension=ffi ;extension=ftp ;extension=fileinfo ;extension=gd2 ;extension=gettext ;extension=gmp ;extension=intl ;extension=imap ;extension=ldap ;extension=mbstring ;extension=exif ; Must be after mbstring as it depends on it ;extension=mysqli ;extension=oci8_12c ; Use with Oracle Database 12c Instant Client ;extension=odbc ;extension=openssl ;extension=pdo_firebird ;extension=pdo_mysql ;extension=pdo_oci ;extension=pdo_odbc ;extension=pdo_pgsql ;extension=pdo_sqlite ;extension=pgsql ;extension=shmop ;extension=snmp ;extension=soap ;extension=sockets ;extension=sodium ;extension=sqlite3 ;extension=tidy ;extension=xmlrpc ;extension=xsl ;;;;;;;;;;;;;;;;;;; ; Module Settings ; ;;;;;;;;;;;;;;;;;;; [CLI Server] cli_server.color = On [Date] ;date.timezone = [filter] ; http://php.net/filter.default ;filter.default = unsafe_raw ; http://php.net/filter.default-flags ;filter.default_flags = [iconv] ;iconv.input_encoding = ;iconv.internal_encoding = ;iconv.output_encoding = [imap] ;imap.enable_insecure_rsh=0 [intl] ;intl.error_level = E_WARNING ;intl.use_exceptions = 0 [sqlite3] ;sqlite3.extension_dir = ;sqlite3.defensive = 1 [Pcre] ;pcre.backtrack_limit=10000 ;pcre.recursion_limit=100000 ;pcre.jit=1 [Pdo] ;pdo_odbc.connection_pooling=strict ;pdo_odbc.db2_instance_name [Pdo_mysql] ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. pdo_mysql.default_socket= [Phar] ; http://php.net/phar.readonly ;phar.readonly = On ; http://php.net/phar.require-hash ;phar.require_hash = On ;phar.cache_list = [mail function] ; For Win32 only. ; http://php.net/smtp SMTP = localhost ; http://php.net/smtp-port smtp_port = 25 ; For Win32 only. ; http://php.net/sendmail-from ;sendmail_from = [email protected] ; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). ; http://php.net/sendmail-path ;sendmail_path = ;mail.force_extra_parameters = ; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename mail.add_x_header = Off ; The path to a log file that will log all mail() calls. Log entries include ; the full path of the script, line number, To address and headers. ;mail.log = ; Log mail to syslog (Event Log on Windows). ;mail.log = syslog [ODBC] ; http://php.net/odbc.default-db ;odbc.default_db = Not yet implemented ; http://php.net/odbc.default-user ;odbc.default_user = Not yet implemented ; http://php.net/odbc.default-pw ;odbc.default_pw = Not yet implemented ; Controls the ODBC cursor model. ; Default: SQL_CURSOR_STATIC (default). ;odbc.default_cursortype ; Allow or prevent persistent links. ; http://php.net/odbc.allow-persistent odbc.allow_persistent = On ; Check that a connection is still valid before reuse. ; http://php.net/odbc.check-persistent odbc.check_persistent = On ; Maximum number of persistent links. -1 means no limit. ; http://php.net/odbc.max-persistent odbc.max_persistent = -1 ; Maximum number of links (persistent + non-persistent). -1 means no limit. ; http://php.net/odbc.max-links odbc.max_links = -1 ; Handling of LONG fields. Returns number of bytes to variables. 0 means ; passthru. ; http://php.net/odbc.defaultlrl odbc.defaultlrl = 4096 ; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. ; See the documentation on odbc_binmode and odbc_longreadlen for an explanation ; of odbc.defaultlrl and odbc.defaultbinmode ; http://php.net/odbc.defaultbinmode odbc.defaultbinmode = 1 [MySQLi] ; Maximum number of persistent links. -1 means no limit. ; http://php.net/mysqli.max-persistent mysqli.max_persistent = -1 ; Allow accessing, from PHP's perspective, local files with LOAD DATA statements ; http://php.net/mysqli.allow_local_infile ;mysqli.allow_local_infile = On ; Allow or prevent persistent links. ; http://php.net/mysqli.allow-persistent mysqli.allow_persistent = On ; Maximum number of links. -1 means no limit. ; http://php.net/mysqli.max-links mysqli.max_links = -1 ; Default port number for mysqli_connect(). If unset, mysqli_connect() will use ; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the ; compile-time value defined MYSQL_PORT (in that order). Win32 will only look ; at MYSQL_PORT. ; http://php.net/mysqli.default-port mysqli.default_port = 3306 ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. ; http://php.net/mysqli.default-socket mysqli.default_socket = ; Default host for mysqli_connect() (doesn't apply in safe mode). ; http://php.net/mysqli.default-host mysqli.default_host = ; Default user for mysqli_connect() (doesn't apply in safe mode). ; http://php.net/mysqli.default-user mysqli.default_user = ; Default password for mysqli_connect() (doesn't apply in safe mode). ; Note that this is generally a *bad* idea to store passwords in this file. ; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") ; and reveal this password! And of course, any users with read access to this ; file will be able to reveal the password as well. ; http://php.net/mysqli.default-pw mysqli.default_pw = ; Allow or prevent reconnect mysqli.reconnect = Off [mysqlnd] ; Enable / Disable collection of general statistics by mysqlnd which can be ; used to tune and monitor MySQL operations. mysqlnd.collect_statistics = On ; Enable / Disable collection of memory usage statistics by mysqlnd which can be ; used to tune and monitor MySQL operations. mysqlnd.collect_memory_statistics = Off ; Records communication from all extensions using mysqlnd to the specified log ; file. ; http://php.net/mysqlnd.debug ;mysqlnd.debug = ; Defines which queries will be logged. ;mysqlnd.log_mask = 0 ; Default size of the mysqlnd memory pool, which is used by result sets. ;mysqlnd.mempool_default_size = 16000 ; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. ;mysqlnd.net_cmd_buffer_size = 2048 ; Size of a pre-allocated buffer used for reading data sent by the server in ; bytes. ;mysqlnd.net_read_buffer_size = 32768 ; Timeout for network requests in seconds. ;mysqlnd.net_read_timeout = 31536000 ; SHA-256 Authentication Plugin related. File with the MySQL server public RSA ; key. ;mysqlnd.sha256_server_public_key = [OCI8] ;oci8.privileged_connect = Off ;oci8.max_persistent = -1 ;oci8.persistent_timeout = -1 ;oci8.ping_interval = 60 ;oci8.connection_class = ;oci8.events = Off ;oci8.statement_cache_size = 20 ;oci8.default_prefetch = 100 ;oci8.old_oci_close_semantics = Off [PostgreSQL] pgsql.allow_persistent = On pgsql.auto_reset_persistent = Off ; Maximum number of persistent links. -1 means no limit. ; http://php.net/pgsql.max-persistent pgsql.max_persistent = -1 ; Maximum number of links (persistent+non persistent). -1 means no limit. ; http://php.net/pgsql.max-links pgsql.max_links = -1 pgsql.ignore_notice = 0 pgsql.log_notice = 0 [bcmath] ; Number of decimal digits for all bcmath functions. ; http://php.net/bcmath.scale bcmath.scale = 0 [browscap] ; http://php.net/browscap ;browscap = extra/browscap.ini [Session] session.save_handler = files ;session.save_path = "/valib/php/sessions" session.use_strict_mode = 0 ; Whether to use cookies. ; http://php.net/session.use-cookies session.use_cookies = 1 ; http://php.net/session.cookie-secure ;session.cookie_secure = session.use_only_cookies = 1 session.name = PHPSESSID session.auto_start = 0 session.cookie_lifetime = 0 session.cookie_path = / session.cookie_domain = session.cookie_httponly = session.cookie_samesite = ; Handler used to serialize data. php is the standard serializer of PHP. ; http://php.net/session.serialize-handler session.serialize_handler = php session.gc_probability = 0 session.gc_divisor = 1000 ; After this number of seconds, stored data will be seen as 'garbage' and ; cleaned up by the garbage collection process. ; http://php.net/session.gc-maxlifetime session.gc_maxlifetime = 1440 session.referer_check = ; Set to {nocache,private,public,} to determine HTTP caching aspects ; or leave this empty to avoid sending anti-caching headers. ; http://php.net/session.cache-limiter session.cache_limiter = nocache ; Document expires after n minutes. ; http://php.net/session.cache-expire session.cache_expire = 180 session.use_trans_sid = 0 ; Default Value: 32 ; Development Value: 26 ; Production Value: 26 session.sid_length = 26 session.trans_sid_tags = "a=href,area=href,frame=src,form=" ; Default Value: "" ; Development Value: "" ; Production Value: "" ;session.trans_sid_hosts="" session.sid_bits_per_character = 5 ;session.upload_progress.enabled = On ;session.upload_progress.cleanup = On ;session.upload_progress.prefix = "upload_progress_" ;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" ;session.upload_progress.freq = "1%" ;session.upload_progress.min_freq = "1" ; Only write session data when session data is changed. Enabled by default. ; http://php.net/session.lazy-write ;session.lazy_write = On [Assertion] ; Switch whether to compile assertions at all (to have no overhead at run-time) ; -1: Do not compile at all ; 0: Jump over assertion at run-time ; 1: Execute assertions ; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) ; Default Value: 1 ; Development Value: 1 ; Production Value: -1 ; http://php.net/zend.assertions zend.assertions = -1 ;assert.active = On ;assert.exception = On ;assert.warning = On ;assert.bail = Off ;assert.callback = 0 ;assert.quiet_eval = 0 [COM] ;com.typelib_file = ;com.allow_dcom = true ;com.autoregister_typelib = true ;com.autoregister_casesensitive = false ;com.autoregister_verbose = true ;com.code_page= [mbstring] ;mbstring.language = Japanese ;mbstring.internal_encoding = ;mbstring.http_input = ;mbstring.http_output = ;mbstring.encoding_translation = Off ;mbstring.detect_order = auto ;mbstring.substitute_character = none ;mbstring.func_overload = 0 ;mbstring.strict_detection = On ;mbstring.http_output_conv_mimetype= ;mbstring.regex_stack_limit=100000 ;mbstring.regex_retry_limit=1000000 [gd] ;gd.jpeg_ignore_warning = 1 [exif] ;exif.encode_unicode = ISO-8859-15 ;exif.decode_unicode_motorola = UCS-2BE ;exif.decode_unicode_intel = UCS-2LE ;exif.encode_jis = ;exif.decode_jis_motorola = JIS ;exif.decode_jis_intel = JIS [Tidy] tidy.clean_output = Off [soap] soap.wsdl_cache_enabled=1 soap.wsdl_cache_dir="/tmp" soap.wsdl_cache_ttl=86400 soap.wsdl_cache_limit = 5 [sysvshm] ;sysvshm.init_mem = 10000 [ldap] ; Sets the maximum number of open links or -1 for unlimited. ldap.max_links = -1 [dba] ;dba.default_handler= [opcache] ; Determines if Zend OPCache is enabled ;opcache.enable=1 ; Determines if Zend OPCache is enabled for the CLI version of PHP ;opcache.enable_cli=0 ; The OPcache shared memory storage size. ;opcache.memory_consumption=128 ; The amount of memory for interned strings in Mbytes. ;opcache.interned_strings_buffer=8 ; The maximum number of keys (scripts) in the OPcache hash table. ; Only numbers between 200 and 1000000 are allowed. ;opcache.max_accelerated_files=10000 ; The maximum percentage of "wasted" memory until a restart is scheduled. ;opcache.max_wasted_percentage=5 ;opcache.use_cwd=1 ;opcache.validate_timestamps=1 ;opcache.revalidate_freq=2 ;opcache.revalidate_path=0 ;opcache.save_comments=1 ;opcache.enable_file_override= ;opcache.optimization_level=0x7FFFBFFF ;opcache.dups_fix=0 ;opcache.blacklist_filename= ;opcache.max_file_size=0 ;opcache.consistency_checks=0 ;opcache.force_restart_timeout=180 ;opcache.error_log= ;opcache.log_verbosity_level=1 ;opcache.preferred_memory_model= ;opcache.protect_memory=0 ;opcache.restrict_api= ;opcache.mmap_base= ; Facilitates multiple OPcache instances per user (for Windows only). All PHP ; processes with the same cache ID and user share an OPcache instance. ;opcache.cache_id= ; Enables and sets the second level cache directory. ; It should improve performance when SHM memory is full, at server restart or ; SHM reset. The default "" disables file based caching. ;opcache.file_cache= ; Enables or disables opcode caching in shared memory. ;opcache.file_cache_only=0 ; Enables or disables checksum validation when script loaded from file cache. ;opcache.file_cache_consistency_checks=1 ; Implies opcache.file_cache_only=1 for a certain process that failed to ; reattach to the shared memory (for Windows only). Explicitly enabled file ; cache is required. ;opcache.file_cache_fallback=1 ; Enables or disables copying of PHP code (text segment) into HUGE PAGES. ; This should improve performance, but requires appropriate OS configuration. ;opcache.huge_code_pages=1 ; Validate cached file permissions. ;opcache.validate_permission=0 ; Prevent name collisions in chroot'ed environment. ;opcache.validate_root=0 ; If specified, it produces opcode dumps for debugging different stages of ; optimizations. ;opcache.opt_debug_level=0 ; Specifies a PHP script that is going to be compiled and executed at server ; start-up. ; http://php.net/opcache.preload ;opcache.preload= ; Preloading code as root is not allowed for security reasons. This directive ; facilitates to let the preloading to be run as another user. ; http://php.net/opcache.preload_user ;opcache.preload_user= ; Prevents caching files that are less than this number of seconds old. It ; protects from caching of incompletely updated files. In case all file updates ; on your site are atomic, you may increase performance by setting it to "0". ;opcache.file_update_protection=2 ; Absolute path used to store shared lockfiles (for *nix only). ;opcache.lockfile_path=/tmp [curl] ; A default value for the CURLOPT_CAINFO option. This is required to be an ; absolute path. ;curl.cainfo = [openssl] ; The location of a Certificate Authority (CA) file on the local filesystem ; to use when verifying the identity of SSL/TLS peers. Most users should ; not specify a value for this directive as PHP will attempt to use the ; OS-managed cert stores in its absence. If specified, this value may still ; be overridden on a per-stream basis via the "cafile" SSL stream context ; option. ;openssl.cafile= ; If openssl.cafile is not specified or if the CA file is not found, the ; directory pointed to by openssl.capath is searched for a suitable ; certificate. This value must be a correctly hashed certificate directory. ; Most users should not specify a value for this directive as PHP will ; attempt to use the OS-managed cert stores in its absence. If specified, ; this value may still be overridden on a per-stream basis via the "capath" ; SSL stream context option. ;openssl.capath= [ffi] ; FFI API restriction. Possible values: ; "preload" - enabled in CLI scripts and preloaded files (default) ; "false" - always disabled ; "true" - always enabled ;ffi.enable=preload ; List of headers files to preload, wildcard patterns allowed. ;ffi.preload= 

8. output service nginx status & service php7.4-fpm status


# sudo service php7.4-fpm status ● php7.4-fpm.service - The PHP 7.4 FastCGI Process Manager Loaded: loaded (/lib/systemd/system/php7.4-fpm.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2020-03-03 17:01:34 CET; 1min 59s ago Docs: man:php-fpm7.4(8) Process: 620 ExecStartPost=/uslib/php/php-fpm-socket-helper install /run/php/php-fpm.sock /etc/php/7.4/fpm/pool.d/www.conf 74 (code=exited, status=0/SUCCESS) Main PID: 598 (php-fpm7.4) Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec" Tasks: 3 (limit: 4915) Memory: 12.4M CGroup: /system.slice/php7.4-fpm.service ├─598 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf) ├─618 php-fpm: pool www └─619 php-fpm: pool www Mär 03 17:01:34 user systemd[1]: Starting The PHP 7.4 FastCGI Process Manager... Mär 03 17:01:34 user systemd[1]: Started The PHP 7.4 FastCGI Process Manager. 

# sudo service nginx status ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2020-03-03 17:01:39 CET; 2s ago Docs: man:nginx(8) Process: 639 ExecStartPre=/ussbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Process: 657 ExecStart=/ussbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS) Main PID: 658 (nginx) Tasks: 5 (limit: 4915) Memory: 4.9M CGroup: /system.slice/nginx.service ├─658 nginx: master process /ussbin/nginx -g daemon on; master_process on; ├─659 nginx: worker process ├─660 nginx: worker process ├─661 nginx: worker process └─662 nginx: worker process Mär 03 17:01:39 user systemd[1]: Starting A high performance web server and a reverse proxy server... Mär 03 17:01:39 user systemd[1]: Started A high performance web server and a reverse proxy server. 
submitted by xmr123 to PHPhelp [link] [comments]

A Comprehensive Guide on Securing Your System, Archives and Documents

A Comprehensive Guide on Securing Your System, Archives and Documents
How can you make your system and documents secure? Today, 256-bit AES encryption is offered by everyone and their dog. However, AES encryption does not mean much (or anything at all) when it comes to the real security of your data. Implementing encryption at the right time and in the right spot is no less important than choosing strong encryption credentials and managing the encryption keys.
While the previous part may sound a bit complicated, it all comes down to much simpler things than choosing the strongest encryption algorithm or selecting the length of the encryption key. If you are a Windows user, it all comes down to choosing the optimal data protection strategy for your particular usage scenario; protecting your storage media and the data you keep on them.

Defining your goals

Before you start considering encrypting your hard drives and files, make sure to define your objectives. What information would you like to protect? What threats do you consider important, less important and quite improbable?

Full-disk encryption part I: protecting your boot device

A reliable system protection is impossible without protecting your boot device. An unencrypted boot device (disk C: on most systems) allows for way too many vectors of attack ranging from hibernation and page file analysis to instant extraction of stored passwords from your Web browser vault. In other words, securing your boot device with BitLocker is an absolutely mandatory preliminary step and the most important security layer.
  • Availability: Windows 10 Professional and higher with TPM2.0, Intel PTT or Group Policy edit; all Windows editions for device encryption in thin and light devices meeting minimum requirements.
    • Note: although Windows 10 Home cannot natively create new BitLocker volumes, it can unlock BitLocker encrypted drives with full read-write access
  • Physical access, hard drive only: strong protection
  • Physical access, entire computer: it’s complicated
  • Other users on the same computer: not applicable
  • Malware/ransomware: not applicable
  • Online attacks: not applicable
  • Usage cases: protect data against theft of computer or hard drive; protect data if hard drives are sold or RMA’d; protect data against physical extraction.
If your computer meets the requirements (namely, the presence of a hardware TPM2.0 module or software-based Intel Platform Trust Technology), enabling BitLocker on your computer can be as easy as opening the Control Panel and launching the BitLocker Drive Encryption applet. Note that not all editions of Windows 10 can use BitLocker protection.
We have a comprehensive article on BitLocker protection in our blog, which is highly recommended. Introduction to BitLocker: Protecting Your System Disk
What caveats are there when it comes to securing data against physical extraction? The thing is, while BitLocker is nearly a 100% effective solution for protecting the bare drive, it might not be as secure if the intruder has access to the entire computer with the hard drive installed. Even if your computer is equipped with a TPM2.0/Intel PTT module, Windows will still unlock the encrypted hard drive if Secure Boot conditions are met. This in turn opens numerous vectors of attack that may allow the intruder to intercept the on-the-fly BitLocker encryption key and decrypt the hard drive. These vectors of attack include:
  1. Making a RAM image of a running computer with BitLocker volume(s) mounted. This can be done via a Thunderbolt attack (Windows, by default, does not disable Thunderbolt DMA access when locked) or a cold boot attack.
  2. Breaking or extracting your Windows logon password (e.g. extracting from your Google account, your smartphone, or from another computer you have logged in and synced your data to).
  3. Obtaining your BitLocker Recovery Key from your Microsoft Account or Active Directory.
Advanced users and system administrators can read the following guide to secure their BitLocker volumes: BitLocker recovery guide

Full-disk encryption part II: protecting external storage devices

BitLocker is good not only for protecting your boot device, but for encrypting data on other volumes, built-in and removable. BitLocker protects external storage devices with BitLocker To Go, an encryption algorithm based on a password. In addition to passwords, external drives encrypted with BitLocker To Go have an option to unlock with a smart card on another computer by using BitLocker Drive Encryption in Control Panel. Finally, users can opt to make their encrypted external devices automatically unlock when connected to their (trusted) computer.
  • Availability:
    • Encrypt external devices: Windows 10 Professional and Enterprise
    • Access BitLocker encrypted devices: although Windows 10 Home cannot natively encrypt drives with BitLocker, it can access BitLocker encrypted drives with full read-write access
  • Physical access, device only: protection as strong as your password
  • Physical access, entire computer: it’s complicated (see previous chapter)
    • Note: if you enabled the option “Unlock automatically on this PC”, then effectively no protection
  • Other users on the same computer: strong protection if offline/not mounted
  • Malware/ransomware: strong protection if offline/not mounted
  • Online attacks: strong protection if offline/not mounted
  • Usage cases: protect data stored on external storage devices such as external drive enclosures, USB flash drives etc.
Unlike system drive encryption, BitLocker To Go does not support multifactor authentication. This means you cannot use TPM protection as an additional form of authentication. You can, however, make BitLocker To Go devices unlock automatically when they are inserted in your (trusted) computer, which carries obvious security implications.

Full-disk encryption part III: using third-party crypto containers

I put it here just for the sake of completeness. If you are considering using a crypto-container such as VeraCrypt or PGP, you probably know what it is good for and how to use it. I’ll just add several things that aren’t immediately obvious when you set up encryption. In fact, the two things are so non-obvious that many coach experts have it backwards. (The right way: Choosing the right hashing algorithm – it’s all about slowness).
  • Availability: VeraCrypt is available on most relevant platforms
  • Physical access, hard drive only: very strong protection unless misconfigured
    • Misconfiguration examples: volume stays mounted when computer sleeps or hibernates; volume stays mounted when computer is locked (matter of security vs. convenience); volume unlocked with security key (e.g. USB flash drive) and no password (if USB flash drive is discovered)
  • Physical access, entire computer:
    • volume not mounted at time of analysis: very strong protection
    • volume mounted: very little protection
  • Other users on the same computer
    • volume not mounted at time of analysis: very strong protection
    • volume mounted: very little protection
  • Malware/ransomware: same as above
  • Online attacks: same as above
  • Usage cases: protect data against theft of computer or hard drive; protect data if hard drives are sold or RMA’d; protect data against physical extraction.
The choice of encryption algorithm (spoiler: use AES)
Crypto containers such as VeraCrypt offer the choice of several (actually, multiple) encryption algorithms that range from the industry-standard AES to some quite exotic algorithms such as Serpent or Kuznyechik. For the paranoiacs among us, VeraCrypt offers stacked encryption (e.g. the Serpent(AES) option). The thing is, the choice of an encryption algorithm does not affect the security of your data (unless you pick an algorithm with known or suspected vulnerabilities; finger pointed to Kuznyechik).
The choice of encryption algorithm does not affect the security of your data. A single round AES-256 encryption will be exactly as secure as Serpent(AES) or Serpent(Twofish(AES)). Moreover, the choice of encryption does not even affect the recovery speed (the speed of brute-force attacks on your password)!
Considering that AES is the only hardware-accelerated encryption algorithm in all reasonably modern processors, choosing any encryption algorithm other than AES-256 will unnecessarily slow down your reads and writes (expect a difference of 2 to 3 orders of magnitude in theoretical RAM-to-RAM encryption speeds) without providing any additional security benefit.
If choosing an encryption algorithm other than AES does not affect security, then what does?
The choice of hashing algorithm
When VeraCrypt encrypts (or decrypts) your data, it is using a binary encryption key to perform symmetric cryptographic operations. This media encryption key (MEK) is stored along with the encrypted data. The Media Encryption Key (MEK) is encrypted with a Key Encryption Key (KEK), which, in turn, is the result of multiple (hundreds of thousands) iterative hash operations performed on the user’s password.
In other words, when you type a password, the crypto container will perform a calculation of a certain hash function, and repeat that a 100,000 times or more (in order to deliberately slow down brute-force attacks).
If you want to make your encrypted volume more secure, you can change one of the two things:
  1. Increase the number of hash iterations
  2. Don’t use defaults
  3. Choose a slower hash function
VeraCrypt allows modifying the number of hash iterations by adjusting the PIM (Personal Iterations Multiplier); here is the how-to. The PIM value controls the number of iterations that is used to derive the encryption key from the password that you type. This value can be specified through the password dialog or in the command line. If you don’t manually specify the PIM value, VeraCrypt will use the default number of iterations, which is bad because (2). For SHA-512 or Whirlpool (the two recommended choices), VeraCrypt defaults to Iterations = 15000 + (PIM x 1000).
Why would you want to change the number of hash iterations? Because an attacker will first try to break your password using the defaults. Most tools used by the attackers to brute-force your password will first run the attack using all-defaults: the default encryption algorithm (AES), hash function (SHA-512) and PIM. Changing the PIM value is an easy way to substantially increase security without making your password more complex. Changing the hashing algorithm from default (SHA-512) to Whirlpool also makes sense in this context.
Which brings us to the choice of a hashing algorithm. VeraCrypt offers the choice of SHA-512 (slow, good choice), Whirlpool (slower, even better choice), SHA-256 (slow, but not as slow as SHA-512, use other hash instead), and Streebog (untested). Choosing the right hashing algorithm – it’s all about slowness has some benchmarks and some good explanations; highly recommended. Selecting Whirlpool makes a lot of sense because a) it is slower than SHA-512 (thus will be significantly slower to attack), and b) it is a non-default selection, which significantly increases the complexity of the attack.

File system encryption: when and how to use EFS

If you read the Wikipedia article about Microsoft Encrypting File System (EFS), you’ll get that EFS has been introduced in NTFS 3.0 in order to provides file system level encryption. The article reads: “The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.”
While all of that is interesting, neither statement explains who and, most importantly, why should be using EFS, and what exactly the encrypting file system protects against.
  • Availability: all versions and all editions of Windows 10 (and most older versions of Windows)
  • Physical access, hard drive only: as strong as your Windows account password
  • Physical access, entire computer: same as above
  • Other users on the same computer: effective protection
  • Malware/ransomware: not applicable
  • Online attacks: not applicable
  • Usage cases: protect your documents from other users of your computer; an extra layer of security on BitLocker-protected drives; reasonably strong, very easy and fully transparent document encryption on computers where BitLocker is not supported.
What does EFS protect against, and who should be using it?
The purpose of Encrypting File System is protecting your data from users who share your computer. If you have a PC with several users, and each user has their own Windows login (as opposed to sharing a single Windows account), activating EFS encryption is the easiest way to protect your files from being accessed by those other users.
What is the relation between EFS and BitLocker, and which one should you use?
BitLocker protects your entire system volume. Any user who can log in to your computer will unlock the system volume. If a user has administrative privileges (or can escalate a non-admin account by using an exploit), he or she will also gain access to files and documents stored in other users’ accounts on that computer.
Encrypting File System, on the other hand, only protects selected folders. It won’t, for example, protect your instant messenger databases or encrypt your browsing history. It’s mostly just for documents, pictures and videos you keep in your account. However, EFS will effectively protect those files against other users who can log on to your computer, even if they have administrative privileges.
If an attacker got physical access to the computer, BitLocker is the first line of defence. Relying solely on EFS to secure the PC against attacks with physical access is not the best idea.
How does it all work? It’s actually quite simple. Right-click on a file or folder you’d like to encrypt, select Properties and click the Advanced button in the General tab. In the Advanced Attributes dialog select Encrypt contents to secure data and click OK.

https://preview.redd.it/742u0dpqdjc41.png?width=1019&format=png&auto=webp&s=26dcec93aba51d314531f65c6e68ac12302bc88f
This is it. Windows will now encrypt the selected file or folder with your Windows logon credentials. There are no passwords to type and no encryption keys to save.
There is a certain drawback to using EFS encryption. If you ever forget your Windows password and have to reset it from a separate Administrator account (or your domain administrator resets the password for you), the EFS encryption keys will be lost, and you will be unable to decrypt your data without going through the data recovery process with Elcomsoft Advanced EFS Data Recovery. Note that you must recover your Windows password in order to decrypt the files. However, if you simply change your Windows password by following the normal procedure (typing your old password followed by entering the new one), you will be fine.

Document encryption

Encrypting individual documents is an important part of multi-layer security. Microsoft Office apps can use passwords to encrypt the documents’ content. No one without a password should be able to decrypt the document.
  • Availability: all versions of Microsoft Office
  • Security: depends on the version of Microsoft Office, the file format you’re using to save the files and the strength of your password.
  • Physical access, hard drive only: strong protection (with caveats)
  • Physical access, entire computer: strong protection (with caveats)
  • Other users on the same computer: strong protection (with caveats)
  • Other users on your Local Area Network: strong protection (with caveats)
  • Malware/ransomware: content protection. Malware won’t be able to decrypt your files and read your data. However, malware/ransomware can still encrypt your files, effectively locking you out.
  • Online attacks: content protection. Strong protection against unauthorized data access; no protection against unauthorized deletion
  • Usage cases: protect the content of your documents against anyone who does not know the encryption password.
  • How to: Protect a document with a password
A million dollar question: if you are on a local area network, should you use EFS or document encryption to protect documents against other users on the same LAN? In this case, it’s better to use both. EFS will make it impossible to gain access to encrypted files and folders without knowing your Windows account/domain credentials. Password protection of individual documents will make documents difficult to break even if the attacker knows your logon credentials.
The caveats of document encryption
So what exactly does “strong protection (with caveats)” mean? The thing is, your documents are just as secure as the password you use to protect them. If you re-use a password you already stored in your browser cache or in the keychain, extracting that password and decrypting the documents will be a matter of minutes in many types of attacks.
What if you use a cryptographically strong and truly unique password to encrypt documents? Are these documents secure? The thing is, they will be just as secure as the office app permits them to be. In Microsoft Office encryption evolution: from Office 97 to Office 2019 I discussed the encryption algorithms and protection strength of Microsoft Office apps from the early days to the most current release.
Generally speaking, everything before Office 2000 was insecure (no protection). Office 2000, XP and Office 2003 had very weak encryption that can be usually broken in under a day.
Since Office 2007, Microsoft started taking encryption seriously. Office 2010, 2013, 2016, 2019 brought security to the new level, making encrypted documents very secure.
Okay, so you are using the latest Office and selected a strong password; are we secure now? The thing is, you’ll be just as secure as the document format allows. If you are using the newer DOCX/XLSX format (files with .docx / .xlsx extensions), you’re good. If, however, you are saving your documents in “compatibility” mode, you are sacrificing encryption and make your documents as vulnerable as if they were saved by an Office 2003 app.
Best practices:
  1. Use the latest version of Microsoft Office to save documents. If the latest version is not available, use at least Office 2013 (the newer the better).
  2. Never save documents in “compatibility” mode. Make sure that the files are DOCX/XLSX as opposed to DOC/XLS.
  3. Use a unique, cryptographically strong password to encrypt documents. Remember: if the password is broken once (e.g. pulled from your Google account or recovered from a document you accidentally saved in the “compatible” format), it will be used to break everything else, including documents with strong encryption.
  4. If you email an encrypted document, do use a unique, one-time password for that document, and never send both the document and the password in the same email. In fact, you should never send the password by email since that would allow an attacker who gained access to your email account to decrypt the document. Send the document and the password via separate communication channels (e.g. email / text message, chat or phone call).

Protecting backups and archives

Making regular backups is a common wisdom. Protecting those backups is a wisdom much less common. Once you make a backup, make sure to give it as strong a protection as your boot drive.
  1. Store backups on BitLocker-protected media. Even if your backup tool (e.g. the one built into Windows) does not support encryption, at very least your storage media is protected with full-disk encryption. Note: Windows 10 does support the recovery from BitLocker-protected disks. Just create a bootable install image from Microsoft Web site (use “Create Windows 10 installation media”).
  2. If your backup tool supports encryption, it may be a good idea to encrypt your backups (AND store them on a BitLocker-protected media). Note, however, that a backup tool will probably cache (store) your backup password on your computer to automatically encrypt new and incremental backups. For this reason, make sure to have a truly unique, never reused password for encrypting backups.
Individual folders are frequently backed up using common archive tools such as WinZip, 7Zip or WinRar. All of these tools offer the ability to encrypt archives with a password. While the encryption strength is different among the three formats (ZIP, 7Z and RAR), an up to date version of each tool provides adequate protection if you choose a reasonably complex password (e.g. 8 characters or more, combining small and capital letters with numbers and special characters). To achieve the best level of protection, do keep those archives on BitLocker-protected media.
Note that password recovery tools work significantly faster on ZIP/7Z/RAR compared to attacking BitLocker encryption or Office 2013 (and newer) documents. For this reason, never reuse your password, and make sure that your BitLocker media, your documents and your backups/archives use very different passwords (ideally, not based on the same pattern).
More information:

Cloud security: OneDrive Personal Vault

Microsoft started offering an extra layer of security to all users of its cloud storage service in the form of a Personal Vault. OneDrive Personal Vault helps secure your files both on your computer and in the cloud in the event that someone gains access to your account or your device.
Unlike ransomware protection, Personal Vault is available to all users of Microsoft OneDrive and not just to Office 365 subscribers. Technically speaking, Personal Vault is an area in the OneDrive folder on your computer and in the OneDrive cloud storage that features additional protection. You can only access this protected area after passing a strong authentication. If your Microsoft Account is protected with two-factor authentication, you will have to pass the second step of identity verification in addition to typing your Microsoft Account password.
Once configured, Personal Vault must be manually unlocked every time you need access to secured data. To unlock, you must type in your Microsoft Account password and pass the second authentication step if your account has two-factor authentication. Once you’ve finished accessing the data, Personal Vault will automatically relock after a short period of inactivity. Once locked, any files you were using will also lock and require re-authentication to access.
Setting up Personal Vault only takes a few clicks as outlined in Protect your OneDrive files in Personal Vault.
OneDrive Personal Vault is still new; no independent security analysis has been performed until today. In our view, Personal Vault is worth consideration as an extra security layer for some of the most private but rarely accessed types of data. Examples of such data may include BitLocker escrow keys and binary encryption keys, or the list of passwords some users store in encrypted Excel spreadsheets. I personally keep my two-factor authentication secrets (scanned QR codes to initialize the Authenticator app) in the Vault as well.
  • Physical access: unknown (not yet analyzed)
  • Other users on the same computer: strong protection
  • Malware/ransomware: strong protection (unless Personal Vault is unlocked at the time malware is running)
  • Online attacks: as strong as your Microsoft Account security
  • Usage cases: activate to add an extra layer of security for a handful of personal documents, encryption keys, 2fa secrets etc.

Ransomware protection

One of the most important threats not covered by any encryption is the type of malware called ransomware. Ransomware is a type of malware that threatens to either publish the data stolen from the victim or perpetually block access to the victim’s files by encrypting them with a key that is only known to the attacker. The term ‘ransomware’ has emerged from the fact that, on many cases, attackers demand a ransom payment to decrypt data.
Protecting your data against ransomware is a complex topic in itself. However, computer users can choose one or both of the following two defences when it comes to ransomware protection.
Ransomware protection is effective against the following threats.
  • Physical access: no protection
  • Other users on the same computer: no protection
  • Malware/ransomware: effective protection
  • Online attacks: as strong as your cloud account security
  • Usage cases: available automatically to Office 365 subscribers. Available to paid Dropbox users. Automatically protects files stored in OneDrive/Dropbox. Automatic alerts (OneDrive only). Automatic restore (OneDrive only); manual restore (Dropbox).
Use cloud storage with automatic ransomware protection
If you are using Windows 10, most likely you already have a Microsoft Account. The Microsoft Account gives you access to OneDrive, Microsoft’s cloud storage solution. The free tier includes 5 to 15 GB of online storage, while Office 365 subscribers receive the whole terabyte of cloud storage.
Microsoft actively promotes OneDrive Ransomware Protection. OneDrive automatically detects when the files are mass-deleted or mass-edited (such as when ransomware encrypts the entire Documents folder), alerts the user and prompts to restore the known-good snapshot. The File Restore feature is only available to Office 365 subscribers (Home and Personal levels are enough to receive protection).
More information at Ransomware detection and recovering your files.
If you prefer Dropbox to Microsoft OneDrive, Dropbox gets you covered against ransomware attacks, but mostly for higher-level paid tiers. Users of the free Basic tier as well as Plus subscribers can roll back individual encrypted files during the first 30 days after the attack (there will be no warning of mass-deletion of mass-encryption of files coming from the Dropbox app). If you want to roll back the entire Documents folder with Dropbox Rewind, you’ll need to be a paid Plus or Professional tier subscriber.
More information:
Make backup snapshots. Keep backup media offline
Once ransomware is installed on your computer, it will try to encrypt every document that is accessible. The obvious solution is making documents inaccessible by physically disconnecting backup media (such as using 2.5” portable USB drives to back up). In this scenario, you would only connect backup media to your computer when you actually want to make the backup, disconnecting the disk after the backup tool finishes its job. With this approach, even if your computer is attacked by ransomware, your offline backups will not be affected (unless you connected the external drive to the computer at the time the ransomware was installed).
In addition, configure your backup tool to keep snapshots of your data going back as long as permitted by available storage. In our office, an affordable 4TB USB hard drive can keep approximately 30 to 40 full snapshots of the Documents folder; this number becomes significantly larger if you enable incremental backups, with each snapshot saving only
More information:
submitted by Elcomsoft to computerforensics [link] [comments]

Disk Digger Pro Apk || DiskDigger Importance || Recover Lost Files

In the Present scenario, Technology is growing too fast and we all are experiencing that our smartphone, PC, and Laptops carrying various files with the help of SD cards and internal memory. We will think that our files are in very secure places but if any file deleted unexpectedly then what you will do?. Don't worry, I already told you that tech is growing as fast as it can. Here I'm going to discuss the best data recovery services aka (DiskDigger) which are a perfect example of it. Let's go down to get more details of DiskDigger( Deep file recovery from any drive).
DiskDigger is a tool which can recover deleted files like photos, documents, music, video and much more.
DiskDigger Features:
DiskDigger can recover lost files from most types of media that your computer can read: hard disks, USB flash drives, memory cards, CDs, DVDs, and floppy disks. (Note: Make sure that you have to connect your device with a USB port to recover lost data from Android and IOS devices ). And one more important thing is you have to download the diskdigger app on your android phone to recover lost files. Suppose if your Android device uses a microSD card for saving the data, please remove the card and connect it directly to your PC using a card reader, so that you can scan it directly using DiskDigger for Windows.)
DiskDigger has two processes which you have to choose every time while scanning a disk. These methods are named as “dig deep” and “dig deeper“.
Dig Deep:
Dig Deeper:
Advanced Features
To find more information go through remaining articles in our site like hard drive data recovery, SD card data Recovery, Android Data Recovery, USB flash drive data recovery, Linux Data Recovery etc.
submitted by diskdiggerproapk to u/diskdiggerproapk [link] [comments]

Wine 3.3 Released

The Wine development release 3.3 is now available.
 
https://www.winehq.org/announce/3.3 
 
What's new in this release (see below for details):
 
- Beginnings of Vulkan support. - Direct3D multi-threaded command stream enabled by default. - Multisample textures enabled by default. - Support for game controllers through SDL. - Support for loading CIL-only .Net binaries. - Various bug fixes. 
 
The source is available from the following locations:
http://dl.winehq.org/wine/source/3.x/wine-3.3.tar.xz http://mirrors.ibiblio.org/wine/source/3.x/wine-3.3.tar.xz 
 
Binary packages for various distributions will be available from:
http://www.winehq.org/download 
 
You will find documentation on
http://www.winehq.org/documentation 
 
You can also get the current source directly from the git repository.
Check
http://www.winehq.org/git for details. 
 
Wine is available thanks to the work of many people.
See the file AUTHORS in the distribution for the complete list.
 
 
Bugs fixed in 3.3 (total 35):
 
7284 Max Payne 2 light reflections on people are too bright and blocky 9914 Implement a Kerberos provider for SSPI 10347 Action Replay Code Manager crashes on start up 14336 BCG tooltips don't display correctly (Foxit PDF Reader) 19508 Multiple games fail to start after CreateDCW(DIB or DIRDIB) error (Cosmology of Kyoto, Secret of the Luxor, Pingu, Pettson and Findus, many Klik & Play games) 32186 Multiple kernel drivers crash on unimplemented function ntoskrnl.exe.KeWaitForMultipleObjects (Franson VSerial service 'bizvserialnt.sys', VSphere 6.0 'hcmon.sys') 32802 Janetter 4.1.1.0 fails to start properly and gives an error saying: "Backend server cannot init" 36143 Symantec Norton 360 installer reports 'This product is not compatible with this computer's current operating system' (RtlVerifyVersionInfo doesn't handle majominoservice pack condition mask properly) 37025 Photo Renamer 3.x/4.x crashes on startup 37852 Sentinel HASP 'hardlock.sys' kernel driver custom imports resolver can't cope with many 'ntoskrnl.exe' functions being fowarded to 'ntdll.dll' (Minitab 16 fails to start) 38661 64-bit .NET CLmanaged executables can't be run by Wine loader (entry point not set to mscoree.dll _CorExeMain/_CorDllMain)(Demoscene 'Coronoid', Rust, SIGMA Photo Pro 6) 39500 DRM kernel drivers used by some game demos crash on unimplemented function hal.dll.KeQueryPerformanceCounter (Secret Files: Tunguska, Sherlock Holmes vs Jack the Ripper) 39970 Bankperfect 8.0.0.373 defect 40002 Edit control is not repainted on focus change 42468 Broken msxml text nodes escaping 42592 The Witcher 3 has poor performance (buffer access flags are ignored) 42820 Multiple games (The Witness, Just Cause 2) require D3D11 multisample textures 42851 The BaiduMusic can not be launched 43041 Multiple application installers crash due to missing message string for 0x800b0100 (TRUST_E_NOSIGNATURE) (CodeXL 2.3, RT Se7en Lite) 43351 x64dbg needs kernel32.dll CreateRemoteThreadEx in Win7+ mode 43520 Magic The Gathering Online - corrupted rendering of CMYK jpegs 43740 GenerateMips not implemented for d3d10 (Just Cause 2) 44255 Wolf RPG Editor: Game.exe zombifies upon quit 44265 Options dialog triggers exception upon close in Windows Media Player 6.4 44279 Wine can't enumerate HID device that is based on Bluetooth (a Wiimote) 44460 Wine's loader should prevent multiple executable mappings of images (dlls) backed by the same physical file (long path vs. short path) 44462 Stuttering/Low fps in Unigine Valley 44473 glyph overlap in Delphi editor 44486 Stack overflow in The Witness, The Witcher 3 (multisample texture location loading) 44542 Multiple Vista+ UAC-aware applications need support for execution level information in manifest data/activation context 44556 SYN_DROPPED undeclared on Linux < 2.6.39 44578 ShellDispatch::BrowseForFolder is not implemented 44593 Improve Wine loader diagnostic output for .NET (IL) applications in case of 'mscoree.dll' load failures 44628 BaiduMusic needs dwmapi.DwmSetIconicThumbnail (stub) 44636 Sentinel HASP 'hardlock.sys' kernel driver access to CR4 via %ESI register operand not handled in ntoskrnl emulate_instruction 
submitted by catulirdit to linux_gaming [link] [comments]

[Hiring] PHP Security Help / RFI & LFI Prevention

Hello. I have a website that pulls in a number of pdfs and force downloads them into a zip file. Right now, my security scans come up with RFI and DFI as the high risks. I am looking to prevent it. Has anyone had any luck or experience with this? I have posted the code below. Let me know cost! Thanks!!
/************/
$sourceFile = $_GET['file'];
if( headers_sent() ) die('Headers Sent');
if (ini_get('zlib.output_compression')) ini_set('zlib.output_compression', 'Off');
// Check if we're downloading a url or file path if (filter_var($sourceFile, FILTER_VALIDATE_URL)) { $file_headers = array_change_key_case(get_headers($sourceFile, 1), CASE_LOWER);
if($file_headers[0] == 'HTTP/1.1 404 Not Found') { echo 'Error: File was not found.'; exit; }
$len = $file_headers['content-length']; } else {
if (!is_file($sourceFile)) { echo 'Error: File was not found.'; exit; }
$len = filesize($sourceFile); }
$filename = basename($sourceFile); $file_extension = strtolower(substr(strrchr($filename,"."),1));
switch( $file_extension ) { case "pdf" : $ctype="application/pdf"; break; case "exe" : $ctype="application/octet-stream"; break; case "zip" : $ctype="application/zip"; break; case "doc" : $ctype="application/msword"; break; case "xls" : $ctype="application/vnd.ms-excel"; break; case "ppt" : $ctype="application/vnd.ms-powerpoint"; break; case ".docx": $ctype="application/vnd.openxmlformats-officedocument.wordprocessingml.document"; break; case ".pptx": $ctype="application/vnd.openxmlformats-officedocument.presentationml.presentation"; break; case ".xlsx": $ctype="application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"; break; case "gif" : $ctype="image/gif"; break; case "png" : $ctype="image/png"; break; case "jpeg" : case "jpg" : $ctype="image/jpg"; break; case "mp3" : $ctype="audio/mpeg"; break; case "wav" : $ctype="audio/x-wav"; break; case "mpeg" : case "mpg" : case "mpe" : $ctype="video/mpeg"; break; case "mov" : $ctype="video/quicktime"; break; case "avi" : $ctype="video/x-msvideo"; break; case "mp4" : $ctype="video/mpeg"; break;
//The following are for extensions that shouldn't be downloaded case "php" : case "css" : case "js" : case "htm" : case "html" : case "txt" : die("Cannot be used for ". $file_extension ." files!"); break;
default : $ctype="application/force-download"; }
header("Pragma: public"); header("Expires: 0"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Cache-Control: public"); header("Content-Description: File Transfer"); header("Content-Type: $ctype"); $header = "Content-Disposition: attachment; filename=" . $filename . ";"; header($header); header("Content-Transfer-Encoding: binary"); header("Content-Length: " . $len); header("X-Frame-Options: DENY"); header("x-frame-options: SAMEORIGIN"); @readfile($sourceFile); exit;
submitted by Ozarksweb to forhire [link] [comments]

Wine 3.3 Released

The Wine development release 3.3 is now available.
 
https://www.winehq.org/announce/3.3 
 
What's new in this release (see below for details):
 
- Beginnings of Vulkan support. - Direct3D multi-threaded command stream enabled by default. - Multisample textures enabled by default. - Support for game controllers through SDL. - Support for loading CIL-only .Net binaries. - Various bug fixes. 
 
The source is available from the following locations:
http://dl.winehq.org/wine/source/3.x/wine-3.3.tar.xz http://mirrors.ibiblio.org/wine/source/3.x/wine-3.3.tar.xz 
 
Binary packages for various distributions will be available from:
http://www.winehq.org/download 
 
You will find documentation on
http://www.winehq.org/documentation 
 
You can also get the current source directly from the git repository.
Check
http://www.winehq.org/git for details. 
 
Wine is available thanks to the work of many people.
See the file AUTHORS in the distribution for the complete list.
 
 
Bugs fixed in 3.3 (total 35):
 
7284 Max Payne 2 light reflections on people are too bright and blocky 9914 Implement a Kerberos provider for SSPI 10347 Action Replay Code Manager crashes on start up 14336 BCG tooltips don't display correctly (Foxit PDF Reader) 19508 Multiple games fail to start after CreateDCW(DIB or DIRDIB) error (Cosmology of Kyoto, Secret of the Luxor, Pingu, Pettson and Findus, many Klik & Play games) 32186 Multiple kernel drivers crash on unimplemented function ntoskrnl.exe.KeWaitForMultipleObjects (Franson VSerial service 'bizvserialnt.sys', VSphere 6.0 'hcmon.sys') 32802 Janetter 4.1.1.0 fails to start properly and gives an error saying: "Backend server cannot init" 36143 Symantec Norton 360 installer reports 'This product is not compatible with this computer's current operating system' (RtlVerifyVersionInfo doesn't handle majominoservice pack condition mask properly) 37025 Photo Renamer 3.x/4.x crashes on startup 37852 Sentinel HASP 'hardlock.sys' kernel driver custom imports resolver can't cope with many 'ntoskrnl.exe' functions being fowarded to 'ntdll.dll' (Minitab 16 fails to start) 38661 64-bit .NET CLmanaged executables can't be run by Wine loader (entry point not set to mscoree.dll _CorExeMain/_CorDllMain)(Demoscene 'Coronoid', Rust, SIGMA Photo Pro 6) 39500 DRM kernel drivers used by some game demos crash on unimplemented function hal.dll.KeQueryPerformanceCounter (Secret Files: Tunguska, Sherlock Holmes vs Jack the Ripper) 39970 Bankperfect 8.0.0.373 defect 40002 Edit control is not repainted on focus change 42468 Broken msxml text nodes escaping 42592 The Witcher 3 has poor performance (buffer access flags are ignored) 42820 Multiple games (The Witness, Just Cause 2) require D3D11 multisample textures 42851 The BaiduMusic can not be launched 43041 Multiple application installers crash due to missing message string for 0x800b0100 (TRUST_E_NOSIGNATURE) (CodeXL 2.3, RT Se7en Lite) 43351 x64dbg needs kernel32.dll CreateRemoteThreadEx in Win7+ mode 43520 Magic The Gathering Online - corrupted rendering of CMYK jpegs 43740 GenerateMips not implemented for d3d10 (Just Cause 2) 44255 Wolf RPG Editor: Game.exe zombifies upon quit 44265 Options dialog triggers exception upon close in Windows Media Player 6.4 44279 Wine can't enumerate HID device that is based on Bluetooth (a Wiimote) 44460 Wine's loader should prevent multiple executable mappings of images (dlls) backed by the same physical file (long path vs. short path) 44462 Stuttering/Low fps in Unigine Valley 44473 glyph overlap in Delphi editor 44486 Stack overflow in The Witness, The Witcher 3 (multisample texture location loading) 44542 Multiple Vista+ UAC-aware applications need support for execution level information in manifest data/activation context 44556 SYN_DROPPED undeclared on Linux < 2.6.39 44578 ShellDispatch::BrowseForFolder is not implemented 44593 Improve Wine loader diagnostic output for .NET (IL) applications in case of 'mscoree.dll' load failures 44628 BaiduMusic needs dwmapi.DwmSetIconicThumbnail (stub) 44636 Sentinel HASP 'hardlock.sys' kernel driver access to CR4 via %ESI register operand not handled in ntoskrnl emulate_instruction 
submitted by catulirdit to wine_gaming [link] [comments]

#Welcome windows Refugees, welcome to GNU/Linux (an update for the sticky)

Microsoft will terminate support for Windows 10 on October 14, 2025.
Microsoft will terminate support for Windows 8 on January 10, 2023.

Microsoft will terminate support for Windows 7 on January 14, 2020.

Microsoft terminated support for Windows VISTA on April 11, 2017.
Microsoft terminated support for Windows XP on April 8, 2014.
Microsoft terminated support for Windows ME on July 11, 2006.
Microsoft terminated support for Windows 98 on July 11, 2006.
Microsoft terminated support for Windows 95 on December 31, 2001.
Microsoft terminated support for Windows 3.1 on December 31, 2001.
Microsoft terminated support for Windows NT on July 27, 2000.
What to do: Your decision, but we recommend you change your operating system to be Linux (GNU/Linux).
GNU? What is this GNU? http://www.tldp.org/LDP/sag/html/gnu-or-not.html - Linux is only the kernel, not the applications that run on it. The Kernel and GNU together are the OS. GNU is the compiler, libraries binary utilities(many of the terminal commands) and shell(BASH). Some are used in Windows and Mac. A kernel is the lowest level of software that interfaces with the hardware in your computer. It's the bridge between GNU and the hardware.
Desktop environment?? A collection of GUI applications are referred to as a desktop environment or DE. This is things like a menu, icons, toolbars wallpaper, widgets, and windows manager. Some DEs take more system resources to run http://www.renewablepcs.com/about-linux/kde-gnome-or-xfce. Most end users don't care too much about the DE, GNU, or Kernel, they really only care about the applications like games, email, word processor etcetera. So how to get started with the migration?
The Migration.
THE BACKUP Even if you toast your machine, you will be able to recover your data. If your backup software has a "verify" feature, use it. You'll want to backup to an external device, if possible. Do NOT back up your data onto your existing C: drive, as if you somehow delete your C: drive during installation of Linux, your backup will be deleted too. Move things to an external Drive/USB stick or a cloud account (note: the Downloads, Music, My Pictures, My Videos collections sub directories may be VERY large). What to back up? Well you aren't going to be able to run windows programs on Linux (well you can but that's another story see WINE) so there is no need to back them up, but you will want things like documents, pictures, movies, music and things of that nature. Unfortunately some of these can be hard to find in Windows. Things like emails, browser profile/bookmarks.
  • Things on the Desktop are actually located at C:\Documents and Settings\USERNAME\Desktop or %USERPROFILE%\Desktop
  • Favorites (Internet Explorer) C:\Documents and Settings\USERNAME\Favorites or %USERPROFILE%\Favorites
  • The My Documents folder is C:\Documents and Settings\USERNAME\My Documents or %USERPROFILE%\Documents
  • %USERPROFILE%\Music & %USERPROFILE%\Video & %USERPROFILE%\Pictures
  • Email. Microsoft likes to move these around from version to version. http://www.howtogeek.com/howto/21384/where-is-my-pst-file-and-how-can-i-move-it-somewhere-else/
  • Contacts (Outlook Express) C:\Documents and Settings\USERNAME\Application Data\Microsoft\Address Book
  • Contacts (Outlook) - Address book is contained in a PST file 2010 click the file tab>account settings>account settings> data tab>click an entry>click open folder location usually C:\users\username\AppData\Local\Microsoft\Outlook or %USERPROFILE%\AppData\Local
  • 2013/16 C:\users\username\Documents\Outlook Files
  • email (Outlook Express) C:\Documents and Settings\USERNAME\Local Settings\Application Data\Identities\XXXXX\Microsoft\Outlook Express (where XXXXX is a long string of alphanumeric characters)
  • email (Outlook 2003) C:\Documents and Settings\USERNAME\Application Data\Microsoft\Outlook
  • Getting things out of a PST file is another thing all together. A utility like readpst will be needed. For contacts or vcards importing 1 by 1 is simply enough but for bulk import you will need to open a terminal and type some commands.
    • $ cat ./* >> mycontacts.vcf
    • $ sed -i 's/VCARDBEGIN/VCARD\n\nBEGIN/g' mycontacts.vcf
    • Then import the mycontacts.vcf into the particular program you are using. Thunderbird or Claws or something else.
This is a short list for a few programs. You should make a list of the programs you use and the file types that result and confirm their location. Keep in mind some Microsoft formats are proprietary and may not be able to be transferred to another program. Some can be but sometimes the markup used is proprietary so the content of a word doc for instance may be there but the spacing or special columns might not be, or a particular font might be and a substitution might be made.
Each user on a Windows XP machine has a separate profile, these are all stored in the C:\Documents and Settings directory. Ensure to copy the data for each profile on the system that you want to create on the Linux system. Some directories (eg. Application Data) may be hidden, to browse to them, first enable "show hidden files and folders" (http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/).
Migration tips: When you're installing, try and have access to a second computer with a working internet connection. If you run into problems during the install, you can use the other computer to search for a solution.
If you encounter problems, don't forget to try any "test installation media", "test memory" and/or "test hard disk" options you may be offered on the install disc.
Using the same wallpaper on your new Linux installation might help make the transition easier psychologically.
Select a distribution CPU type: When downloading Linux, ensure to select the correct build for your CPU. Many distributions have separate downloads for 32-bit or 64-bit CPU architectures - they also may have downloads for non-X86 CPUs. If you're migrating from Windows, you'll likely want X86, 32-bit or 64-bit.
Have a look at the various Linux distributions available (there's quite a few to choose from) and make a shortlist of possibles. Many of them have a "Live CD" which is a version that runs from CD/usb stick which can be downloaded and burned. You boot off the liveCD/usb and you see whether the software works for you & your hardware, without making any changes to your existing Windows install.
Some distributions may pull from stable repositories or testing, more on this below(see Repositories). Some distros may have to reinstall the OS to upgrade to the next version where others may be rolling release. This may affect how you choose to set up home (see "Chose the location for home" below).
You can find a list of distributions in many places, including these:
The /g/ OS guide (updated to v.1.3.2) http://i.imgur.com/wXsA1Ls.jpg
Comparison of Linux distributions http://en.wikipedia.org/wiki/Comparison_of_Linux_distributions
DistroWatch http://www.distrowatch.com/
For recommendations try the articles linked below, or just browse the sidebar. Several distributions have been specifically designed to provide a Windows-like experience, a list of these is below. You could also try the Linux Distribution Chooser (2011).
Why so many distro?? Don't think of a distro as a different Linux but instead as one linux packaged with a unique collection of software packages. Things like DEs. ONE DE might be Gnome which is similar to a MAC or Amiga in style, while another might be KDE which is similar to windows, or Unity which is like a tablet. They all use GNU and the Linux kernel however and they all pull from the same group of software repositories.
REALLY DIFFERENT OSs
Linux comes in a lot of flavours, some are set up to be as tiny as possible and some even to run entirely from RAM. Puppy linux is one such Linux OS. Puppy now comes in a variety of flavours and is more suited to machines that windows 95 came on. Precise puppy is the more original flavour http://distro.ibiblio.org/quirky/precise-5.7.1/precise-5.7.1-retro.iso and is a mere 201 MB in size. It uses very tiny prgrams you have never heard of and takes getting used to but it's fully usable if you take the time to learn the programs. It uses seamonkey for instance as seamonkey is a browser, email client, html composer and newsgroups client all in one program(like Netscape used to be). That's part of how it stays so small, and because the entire thing is in RAM is lightning fast. There are heavier version for win 98 and ME machines like Lucid Puppy http://distro.ibiblio.org/pub/linux/distributions/puppylinux/puppy-5.2.8/lupu-528.005.iso The puppy website is a horror story http://puppylinux.org/ but you can always go straight to the forums http://murga-linux.com/puppy .
Download the ISO and Burn it
If you don't have the ability to burn a Disto ISO to disc or have really slow internet you can have one sent to you by snailmail, or even pic them up at local computer shops. Otherwise you can download the iso image (some as small as 100MB someover a Gig). You will need to have a CD or DVD burner in you machine and software to run it. You can even put this ISO onto a USB device.
There are many guides out there for this.
Verify the hash of the ISO
This is to verify the download is intact http://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them/
Do a test boot with a LiveCD
It's pretty simple. Insert the distro ISO medium (CD/usb) and use your BIOS UEFI selector to select that medium to boot from. Most distros have tools to test your RAM as well as booting to a version of the distro you can use to poke around and try it out.
install the new OS
This is where things get complicated. There are several things to consider first. Dual boot, location of home. Read the section below and installing will be covered more later.
Choose Dual Boot or Linux Only
Dual-boot (sometimes called multi-boot) is a good way to experiment. If you want to keep your Windows install, you can do that by using "dual boot", where you select which OS you want to use from a menu when you first power on the machine. This topic is a bit complex for this post, so we recommend making a post about it if you have queries (search the linux4noobs sub for "dual boot"). There are videos on youtube on how to dual boot. However, you will need to have sufficient disk space to hold both operating systems at once. Linux is small compared to Windows Each distro page will state it's required space. If you keep an old no longer supported version of windows you should NOT go on the internet with it as it is no longer secure!!! Do not use it for internet, email chat, etcetera, use linux for going online. https://help.ubuntu.com/community/DualBoot/Windows
All of this assumes you are going to allow linux to replace the windows Master Boot Record with Grub2 (linux boot menu), but thre is an alternate method of dual booting keeping the windows menu and using easybcd to put in a linux option. http://www.youtube.com/watch?v=xlTgaWs9BD0 This is the diagram in that vid http://i.imgur.com/AFIaGRd.png Keeping the windows loader is a far more complex way to go. https://askubuntu.com/questions/139966/how-can-i-add-an-entry-for-ubuntu-to-the-windows-7-boot-menu
Chose the location for home
First what is /home/? Home is where you store your pics, docs, movies etcetera. There are three options for home. Choose /home/ as its own partition or even it's own drive, or inside the Linux install partition.
The drawback of separating home from the linux install partition is that is a little more complex to set up. The benefit is that the Linux OS partition can be wiped out and your files on home (a separate partition/drive) are safe. Having home on it's own drive means the entire drive the OS is installed on could die and your files are safe on another drive. You just install a new drive, install an os and you are back up and running. See Partitioning further below. However the drawback of home on it's own drive is that drive can die and you lose your home files. Of course home files should always be backed up to the cloud or another drive so it should be easy to recover in the face of that kind of failure.
Chose your Apps or selecting and installing software
Linux does not natively support Windows programs, so you'll need to find a "workalike" for each Windows application you use. Some distros come with a collection of some of these on the install but they can all be installed later from the repositories or from their websites. More on what a repository is further down below.
Here are some websites that list equivalents.
The primary APPS people will be concerned about are
Windows APPS you can't just do without
You can also try Wine https://winehq.org/, which lets some Windows applications run on unix-like systems, including Linux. However this may not work for your particular needs, you'll need to test it to see. There is a compatibility list here https://appdb.winehq.org/. It's also possible to "virtualize" your Windows install, using software such as VirtualBox, and run it in a window under Linux. https://www.virtualbox.org/
Running OLD DOS Apps/games
If you have DOS apps, try DOSbox http://www.dosbox.com/ or DOSEMU http://www.dosemu.org/ . There are many other emulators that will run on linux from old ARCADE MAME games to Sony playstation.
Repositories
Above we mention repositories. What are they? Well with windows you can search for software on the web and download a file and extract and install it. It Linux all the software is in one place called a repository. There are many repos. Major repositories are designed to be malware free. Some with stable old stogy software that won't crash your system. Some are testing and might breakthings, and others are bleeding edge aka "unstable" and likely to break things. By break things we mean things like dependancies. One version of software might need another small piece of software to work say program called Wallpaper uses a small program called SillyScreenColours(SCC) V1, but SSC might be up to V3 already but V3 won't work for Wallpaper because it needs V1. Well in a testing repo another new program say ExtremeWallpaper might need V3 of SCC and if you install it, it will remove V1 to install V3 and now the other program Wallpaper doesn't work. That's the kind of thing we mean by break. So to keep that kind of thing from happening Linux pulls from repositories that are labelled/staged for stability. So when you want more software you open your distro's "software manager". An application that connects to the repository where you select and install software from there and it warns you of any possible problems. You can still get software from websites with Linux but installing may involve copy and pasting commands to do it or to "compile from source" to make sure all the program dependencies are met. You can sometime break things doing it that way however, or what you are trying to install won't run on your distros kernel or unique collection of software.
Software manager.
Each distro has chosen a repository and can have different software programs to install from them. Debian systems use APT where others like Fedora use RPM, or YUM on Redhat, or Pacman on Arch. These are a collection of text based commands that can be run from terminal. Most desktop distros have GUI sofware managers like Synaptic or their own custom GUI software. Mint's is called Mintinstall. Each distro has their own names for their repositories. Ubuntu has 4 repositories Main, Universe, restricted, and Multiverse as well as PPA's. Personal Package Archives.Packages in PPAs do not undergo the same process of validation as packages in the main repositories
  • Main - Canonical-supported free and open-source software. (??stable, testing, unstable??)
  • Universe - Community-maintained free and open-source software. (??stable, testing, unstable??)
  • Restricted - Proprietary drivers for devices.
  • Multiverse - Software restricted by copyright or legal issues.
You can change your system to go from Debian stable to only use testing or you can even run a mixed system pulling from stable and testing but this is more complex. Each distro will have a way to add repositories (or PPA's if ubuntu based) or change sources. On Debian based Mint to install software you would launch the software managerinput your password then either do a word search like desktop publishing, or drawing and see the matches or you can navigate categories like Games, Office, Internet. For instance Graphics then breaks down to 3D, Drawing, Photography, Publishing, Scanning, and viewers. When you find software you want to install you click on it to read it's details. For instance Scribus, a desktop page layout program, and you get more details "Scribus is an open source desktop page layout program with the aim of producing commercial grade output in PDF and Postscript. Scribus supports professional DTP features, such as CMYK color" and here you can simply click a button "Install" to install software. It's the same process to remove software. There is a toggle in menu "view" for "installed" and "Available". The same software can be installed or removed via synaptec but it's a little less graphical and more texted based but still GUI based point and click. It's a similar process in other distributions.
Actually installing
There are Two more hurdles to running linux.
UEFI & Secure boot: newer machines have a feature which can prevent non-Windows operating systems from booting. You may need to disable Secure Boot in your BIOS / UEFI if your hardware has this feature. http://www.howtogeek.com/175649/what-you-need-to-know-about-using-uefi-instead-of-the-bios/
Drivers: This can get tricky, especially for newer, consumer-grade hardware. If you find a problem here, please make a post about it so we can assist. Using a live CD can show up problems here before you spend time on a full install. Some hardware is so new or rare there just aren't open drivers available for it and you may have to use a non open proprietary driver or change some hardware. This is mostly going to affect wifi cards and graphics cards. A lot of older hardware that won't run on win7 and up will run fine on Linux because the drivers are available and supported. There is a graphical program for adding and removing drivers, but it's best to look up the text commands when changing a graphics card driver because you may lose graphics and be reduced to a command line to enter text on to revert the change to get your graphics back if the driver you tried failed.
Partitioning
This is where things can get SCARY. Not really, but it can be challenging for some. What is a partition? It is simply a division of your hard drive. Think of Stark in Farscape "Your side my side, your side my side". Basically you are labeling a chunk of a hard drive space to be used for a specific purpose. A section to hold boot info, a section to use for swapping memory to hard drive, a section for windows, a section for Linux, a section for holding docs pics etcetera called HOME in linux. Home is where your user account folder will be created. You can do this partitioning in windows with it's own partitioning tool if you prefer. This is best for shrinking the windows partition because windows can have a RAID set up of can be spanning multiple hard drives and sometime windows needs to be shut down holding the shift key to make it completely release a lock on the hard drive. Or you can use a tool on the live distro called Gparted to do this. Gparted takes a little getting used to visually but does the same thing the windows tool does. The one thing it can't do is force windows to let go of the hard drive and keep the partition intact, it can forcibly wipe the partition however. You can use gparted to label partitions as "/home" where your docs go(home if not specifically designated is inside the Linux OS space), or "/" the linux OS, or "boot" where grub2 will go, or "swap", and there are multiple file system types available fat32, ntfs ext2,3,4 and more. There are dozens of videos on youtube on how to use.
Why use Gparted? Doesn't the installer re-partition? Yes it does but it may not have the options you want, there is a manual option that is gparted but sometimes it is a different GUI of gparted with fewer options or some other partition software altogether. The manual options vary from distro to distro. Some will let you share space with windows by using a slider but it gives you no options to make home a separate partition or put it on a separate drive. Others only have "take over whole disc" or "manual". It varies distro to distro. If there is a hard drive in the machine you absolutely don't want touched you should shut down and unplug the power from it. If a partition has menu items grayed out it means it is mounted and must be unmounted before operations can be performed on it. Often SWAP will have to be unmounted. The labeling of hard drives in windows is IDE0, IDE1 or HD0,1 ; HD0,2 ; HD1 etc.. In linux the nomenclature is SDA, SDB and partitions are numbered SDA1, SDA2, SDB1,SDB2,SDB3, SDC1, SDD1 etc.. So after you have decided on how to partition then decide if to use the windows tool or the liveCD automatic tool or the manual tool(or gparted). Yes as the install is running you can use the livecd software to browse the internet.
Also be aware of FAKE RAID. https://help.ubuntu.com/community/FakeRaidHowto
Printers
Using a printer on a home network attached to and shared from a windows machine for a linux machine is fairly straight forward, but if your entire network is now all linux machines you need to know to do so(share the printer) by opening a web browser on and typing 127.0.0.1:631 . Then clicking on the printers tab. On most linux distros this is already all set up but if it isn't https://www.blackmoreops.com/2013/11/15/install-configure-printers-linux-cups-foomatic-db/ or look at https://help.ubuntu.com/lts/serverguide/cups.html
Troubleshooting
This is a huge topic and really needs to be narrowed down to what you are troubleshooting.
Recommended reading:
Contributors to this doc: u/Pi31415926, PaperPlaneFlyer123, Pi31415926, provocatio, spammeaccount
submitted by spammeaccount to linux4noobs [link] [comments]

Windows 10 GPO - Start Menu & File Associations

Hi,
Has anyone got both Start Menu/Taskbar customisations and default File Associations respective group policies to work with the latest 1703 Win 10 build?
This should not be as hard as it is.
What I've tried;
Use Export-StartLayout, export the xml file, use the User Configuration or Computer Configuration > Administrative Templates >Start Menu and Taskbar GPO and link to the xml file.
The result;
All programs removed, only Windows 10 apps remain in the entire start menu and where I configured the layout has completely disappeared.
BUT
the taskbar stayed and worked. So that's somethin'.
Also; default file associations.
What I've tried;
Exported the FileAssoc.xml file using dism. Imported using associated GPO, linked to the xml file. Also tried changing it to .txt, just in case. Doesn't seem to work at all; even at first login for a completely new user profile.
Any ideas? Am at my wits end with this. This should be the easiest part of customising any Win 10 build, right?
My respective xml's;
/start:Group /start:Group /start:Group /defaultlayout:StartLayout
App association;

submitted by ValeoAnt to sysadmin [link] [comments]

Ignore testing formatting.

Welcome windows Refugees, welcome to GNU/Linux

Microsoft will terminate support for Windows 10 on October 14, 2025.
Microsoft will terminate support for Windows 8 on January 10, 2023.

Microsoft will terminate support for Windows 7 on January 14, 2020.

Microsoft terminated support for Windows VISTA on April 11, 2017.
Microsoft terminated support for Windows XP on April 8, 2014.
Microsoft terminated support for Windows ME on July 11, 2006.
Microsoft terminated support for Windows 98 on July 11, 2006.
Microsoft terminated support for Windows 95 on December 31, 2001.
Microsoft terminated support for Windows 3.1 on December 31, 2001.
Microsoft terminated support for Windows NT on July 27, 2000.
What to do: Your decision, but we recommend you change your operating system to be Linux (GNU/Linux).
GNU? What is this GNU? http://www.tldp.org/LDP/sag/html/gnu-or-not.html - Linux is only the kernel, not the applications that run on it. The Kernel and GNU together are the OS. GNU is the compiler, libraries binary utilities(many of the terminal commands) and shell(BASH). Some are used in Windows and Mac. A kernel is the lowest level of software that interfaces with the hardware in your computer. It's the bridge between GNU and the hardware.
Desktop environment?? A collection of GUI applications are referred to as a desktop environment or DE. This is things like a menu, icons, toolbars wallpaper, widgets, and windows manager. Some DEs take more system resources to run http://www.renewablepcs.com/about-linux/kde-gnome-or-xfce. Most end users don't care too much about the DE, GNU, or Kernel, they really only care about the applications like games, email, word processor etcetera. So how to get started with the migration?
The Migration.
THE BACKUP Even if you toast your machine, you will be able to recover your data. If your backup software has a "verify" feature, use it. You'll want to backup to an external device, if possible. Do NOT back up your data onto your existing C: drive, as if you somehow delete your C: drive during installation of Linux, your backup will be deleted too. Move things to an external Drive/USB stick or a cloud account (note: the Downloads, Music, My Pictures, My Videos collections sub directories may be VERY large). What to back up? Well you aren't going to be able to run windows programs on Linux (well you can but that's another story see WINE) so there is no need to back them up, but you will want things like documents, pictures, movies, music and things of that nature. Unfortunately some of these can be hard to find in Windows. Things like emails, browser profile/bookmarks.
  • Things on the Desktop are actually located at C:\Documents and Settings\USERNAME\Desktop
  • Favorites (Internet Explorer) C:\Documents and Settings\USERNAME\Favorites
  • The My Documents folder is C:\Documents and Settings\USERNAME\My Documents
  • Email. Microsoft likes to move these around from version to version. http://www.howtogeek.com/howto/21384/where-is-my-pst-file-and-how-can-i-move-it-somewhere-else/
  • Contacts (Outlook Express) C:\Documents and Settings\USERNAME\Application Data\Microsoft\Address Book
  • Contacts (Outlook) - Address book is contained in a PST file 2010 click the file tab>account settings>account settings> data tab>click an entry>click open folder location usually C:\users\username\AppData\Local\Microsoft\Outlook
  • 2013/16 C:\users\username\Documents\Outlook Files
  • email (Outlook Express) C:\Documents and Settings\USERNAME\Local Settings\Application Data\Identities\XXXXX\Microsoft\Outlook Express (where XXXXX is a long string of alphanumeric characters)
  • email (Outlook 2003) C:\Documents and Settings\USERNAME\Application Data\Microsoft\Outlook
  • Getting things out of a PST file is another thing all together. A utility like readpst will be needed. For contacts or vcards importing 1 by 1 is simply enough but for bulk import you will need to open a terminal and type some commands.
    • $ cat ./* >> mycontacts.vcf
    • $ sed -i 's/VCARDBEGIN/VCARD\n\nBEGIN/g' mycontacts.vcf
    • Then import the mycontacts.vcf into the particular program you are using. Thunderbird or Claws or something else.
This is a short list for a few programs. You should make a list of the programs you use and the file types that result and confirm their location. Keep in mind some Microsoft formats are proprietary and may not be able to be transferred to another program. Some can be but sometimes the markup used is proprietary so the content of a word doc for instance may be there but the spacing or special columns might not be, or a particular font might be and a substitution might be made.
Each user on a Windows XP machine has a separate profile, these are all stored in the C:\Documents and Settings directory. Ensure to copy the data for each profile on the system that you want to create on the Linux system. Some directories (eg. Application Data) may be hidden, to browse to them, first enable "show hidden files and folders" (http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/).
Migration tips: When you're installing, try and have access to a second computer with a working internet connection. If you run into problems during the install, you can use the other computer to search for a solution.
If you encounter problems, don't forget to try any "test installation media", "test memory" and/or "test hard disk" options you may be offered on the install disc.
Using the same wallpaper on your new Linux installation might help make the transition easier psychologically.
Select a distribution CPU type: When downloading Linux, ensure to select the correct build for your CPU. Many distributions have separate downloads for 32-bit or 64-bit CPU architectures - they also may have downloads for non-X86 CPUs. If you're migrating from Windows, you'll likely want X86, 32-bit or 64-bit.
Have a look at the various Linux distributions available (there's quite a few to choose from) and make a shortlist of possibles. Many of them have a "Live CD" which is a version that runs from CD/usb stick which can be downloaded and burned. You boot off the liveCD/usb and you see whether the software works for you & your hardware, without making any changes to your existing Windows install.
Some distributions may pull from stable repositories or testing, more on this below(see Repositories). Some distros may have to reinstall the OS to upgrade to the next version where others may be rolling release. This may affect how you choose to set up home (see "Chose the location for home" below).
You can find a list of distributions in many places, including these:
The /g/ OS guide (updated to v.1.3.2) http://i.imgur.com/wXsA1Ls.jpg
Comparison of Linux distributions http://en.wikipedia.org/wiki/Comparison_of_Linux_distributions
DistroWatch http://www.distrowatch.com/
For recommendations try the articles linked below, or just browse the sidebar. Several distributions have been specifically designed to provide a Windows-like experience, a list of these is below. You could also try the Linux Distribution Chooser (2011).
Why so many distro?? Don't think of a distro as a different Linux but instead as one linux packaged with a unique collection of software packages. Things like DEs. ONE DE might be Gnome which is similar to a MAC or Amiga in style, while another might be KDE which is similar to windows, or Unity which is like a tablet. They all use GNU and the Linux kernel however and they all pull from the same group of software repositories.
REALLY DIFFERENT OSs
Linux comes in a lot of flavours, some are set up to be as tiny as possible and some even to run entirely from RAM. Puppy linux is one such Linux OS. Puppy now comes in a variety of flavours and is more suited to machines that windows 95 came on. Precise puppy is the more original flavour http://distro.ibiblio.org/quirky/precise-5.7.1/precise-5.7.1-retro.iso and is a mere 201 MB in size. It uses very tiny prgrams you have never heard of and takes getting used to but it's fully usable if you take the time to learn the programs. It uses seamonkey for instance as seamonkey is a browser, email client, html composer and newsgroups client all in one program(like Netscape used to be). That's part of how it stays so small, and because the entire thing is in RAM is lightning fast. There are heavier version for win 98 and ME machines like Lucid Puppy http://distro.ibiblio.org/pub/linux/distributions/puppylinux/puppy-5.2.8/lupu-528.005.iso The puppy website is a horror story http://puppylinux.org/ but you can always go straight to the forums http://murga-linux.com/puppy .
Download the ISO and Burn it
If you don't have the ability to burn a Disto ISO to disc or have really slow internet you can have one sent to you by snailmail, or even pic them up at local computer shops. Otherwise you can download the iso image (some as small as 100MB someover a Gig). You will need to have a CD or DVD burner in you machine and software to run it. You can even put this ISO onto a USB device.
There are many guides out there for this.
Verify the hash of the ISO
This is to verify the download is intact http://www.howtogeek.com/67241/htg-explains-what-are-md5-sha-1-hashes-and-how-do-i-check-them/
Do a test boot with a LiveCD
It's pretty simple. Insert the distro ISO medium (CD/usb) and use your BIOS UEFI selector to select that medium to boot from. Most distros have tools to test your RAM as well as booting to a version of the distro you can use to poke around and try it out.
install the new OS
This is where things get complicated. There are several things to consider first. Dual boot, location of home. Read the section below and installing will be covered more later.
Choose Dual Boot or Linux Only
Dual-boot (sometimes called multi-boot) is a good way to experiment. If you want to keep your Windows install, you can do that by using "dual boot", where you select which OS you want to use from a menu when you first power on the machine. This topic is a bit complex for this post, so we recommend making a post about it if you have queries (search the linux4noobs sub for "dual boot"). There are videos on youtube on how to dual boot. However, you will need to have sufficient disk space to hold both operating systems at once. Linux is small compared to Windows Each distro page will state it's required space. If you keep an old no longer supported version of windows you should NOT go on the internet with it as it is no longer secure!!! Do not use it for internet, email chat, etcetera, use linux for going online. https://help.ubuntu.com/community/DualBoot/Windows
All of this assumes you are going to allow linux to replace the windows Master Boot Record with Grub2 (linux boot menu), but thre is an alternate method of dual booting keeping the windows menu and using easybcd to put in a linux option. http://www.youtube.com/watch?v=xlTgaWs9BD0 This is the diagram in that vid http://i.imgur.com/AFIaGRd.png Keeping the windows loader is a far more complex way to go. https://askubuntu.com/questions/139966/how-can-i-add-an-entry-for-ubuntu-to-the-windows-7-boot-menu
Chose the location for home
First what is /home/? Home is where you store your pics, docs, movies etcetera. There are three options for home. Choose /home/ as its own partition or even it's own drive, or inside the Linux install partition.
The drawback of separating home from the linux install partition is that is a little more complex to set up. The benefit is that the Linux OS partition can be wiped out and your files on home (a separate partition/drive) are safe. Having home on it's own drive means the entire drive the OS is installed on could die and your files are safe on another drive. You just install a new drive, install an os and you are back up and running. See Partitioning further below. However the drawback of home on it's own drive is that drive can die and you lose your home files. Of course home files should always be backed up to the cloud or another drive so it should be easy to recover in the face of that kind of failure.
Chose your Apps or selecting and installing software
Linux does not natively support Windows programs, so you'll need to find a "workalike" for each Windows application you use. Some distros come with a collection of some of these on the install but they can all be installed later from the repositories or from their websites. More on what a repository is further down below.
Here are some websites that list equivalents.
The primary APPS people will be concerned about are
Windows APPS you can't just do without
You can also try Wine https://winehq.org/, which lets some Windows applications run on unix-like systems, including Linux. However this may not work for your particular needs, you'll need to test it to see. There is a compatibility list here https://appdb.winehq.org/. It's also possible to "virtualize" your Windows install, using software such as VirtualBox, and run it in a window under Linux. https://www.virtualbox.org/
Running OLD DOS Apps/games
If you have DOS apps, try DOSbox http://www.dosbox.com/ or DOSEMU http://www.dosemu.org/ . There are many other emulators that will run on linux from old ARCADE MAME games to Sony playstation.
Repositories
Above we mention repositories. What are they? Well with windows you can search for software on the web and download a file and extract and install it. It Linux all the software is in one place called a repository. There are many repos. Major repositories are designed to be malware free. Some with stable old stogy software that won't crash your system. Some are testing and might breakthings, and others are bleeding edge aka "unstable" and likely to break things. By break things we mean things like dependancies. One version of software might need another small piece of software to work say program called Wallpaper uses a small program called SillyScreenColours(SCC) V1, but SSC might be up to V3 already but V3 won't work for Wallpaper because it needs V1. Well in a testing repo another new program say ExtremeWallpaper might need V3 of SCC and if you install it, it will remove V1 to install V3 and now the other program Wallpaper doesn't work. That's the kind of thing we mean by break. So to keep that kind of thing from happening Linux pulls from repositories that are labelled/staged for stability. So when you want more software you open your distro's "software manager". An application that connects to the repository where you select and install software from there and it warns you of any possible problems. You can still get software from websites with Linux but installing may involve copy and pasting commands to do it or to "compile from source" to make sure all the program dependencies are met. You can sometime break things doing it that way however, or what you are trying to install won't run on your distros kernel or unique collection of software.
Software manager.
Each distro has chosen a repository and can have different software programs to install from them. Debian systems use APT where others like Fedora use RPM, or YUM on Redhat, or Pacman on Arch. These are a collection of text based commands that can be run from terminal. Most desktop distros have GUI sofware managers like Synaptic or their own custom GUI software. Mint's is called Mintinstall. Each distro has their own names for their repositories. Ubuntu has 4 repositories Main, Universe, restricted, and Multiverse as well as PPA's. Personal Package Archives.Packages in PPAs do not undergo the same process of validation as packages in the main repositories
  • Main - Canonical-supported free and open-source software. (??stable, testing, unstable??)
  • Universe - Community-maintained free and open-source software. (??stable, testing, unstable??)
  • Restricted - Proprietary drivers for devices.
  • Multiverse - Software restricted by copyright or legal issues.
You can change your system to go from Debian stable to only use testing or you can even run a mixed system pulling from stable and testing but this is more complex. Each distro will have a way to add repositories (or PPA's if ubuntu based) or change sources. On Debian based Mint to install software you would launch the software managerinput your password then either do a word search like desktop publishing, or drawing and see the matches or you can navigate categories like Games, Office, Internet. For instance Graphics then breaks down to 3D, Drawing, Photography, Publishing, Scanning, and viewers. When you find software you want to install you click on it to read it's details. For instance Scribus, a desktop page layout program, and you get more details "Scribus is an open source desktop page layout program with the aim of producing commercial grade output in PDF and Postscript. Scribus supports professional DTP features, such as CMYK color" and here you can simply click a button "Install" to install software. It's the same process to remove software. There is a toggle in menu "view" for "installed" and "Available". The same software can be installed or removed via synaptec but it's a little less graphical and more texted based but still GUI based point and click. It's a similar process in other distributions.
Actually installing
There are Two more hurdles to running linux.
UEFI & Secure boot: newer machines have a feature which can prevent non-Windows operating systems from booting. You may need to disable Secure Boot in your BIOS / UEFI if your hardware has this feature. http://www.howtogeek.com/175649/what-you-need-to-know-about-using-uefi-instead-of-the-bios/
Drivers: This can get tricky, especially for newer, consumer-grade hardware. If you find a problem here, please make a post about it so we can assist. Using a live CD can show up problems here before you spend time on a full install. Some hardware is so new or rare there just aren't open drivers available for it and you may have to use a non open proprietary driver or change some hardware. This is mostly going to affect wifi cards and graphics cards. A lot of older hardware that won't run on win7 and up will run fine on Linux because the drivers are available and supported. There is a graphical program for adding and removing drivers, but it's best to look up the text commands when changing a graphics card driver because you may lose graphics and be reduced to a command line to enter text on to revert the change to get your graphics back if the driver you tried failed.
Partitioning
This is where things can get SCARY. Not really, but it can be challenging for some. What is a partition? It is simply a division of your hard drive. Think of Stark in Farscape "Your side my side, your side my side". Basically you are labeling a chunk of a hard drive space to be used for a specific purpose. A section to hold boot info, a section to use for swapping memory to hard drive, a section for windows, a section for Linux, a section for holding docs pics etcetera called HOME in linux. Home is where your user account folder will be created. You can do this partitioning in windows with it's own partitioning tool if you prefer. This is best for shrinking the windows partition because windows can have a RAID set up of can be spanning multiple hard drives and sometime windows needs to be shut down holding the shift key to make it completely release a lock on the hard drive. Or you can use a tool on the live distro called Gparted to do this. Gparted takes a little getting used to visually but does the same thing the windows tool does. The one thing it can't do is force windows to let go of the hard drive and keep the partition intact, it can forcibly wipe the partition however. You can use gparted to label partitions as "/home" where your docs go(home if not specifically designated is inside the Linux OS space), or "/" the linux OS, or "boot" where grub2 will go, or "swap", and there are multiple file system types available fat32, ntfs ext2,3,4 and more. There are dozens of videos on youtube on how to use.
Why use Gparted? Doesn't the installer re-partition? Yes it does but it may not have the options you want, there is a manual option that is gparted but sometimes it is a different GUI of gparted with fewer options or some other partition software altogether. The manual options vary from distro to distro. Some will let you share space with windows by using a slider but it gives you no options to make home a separate partition or put it on a separate drive. Others only have "take over whole disc" or "manual". It varies distro to distro. If there is a hard drive in the machine you absolutely don't want touched you should shut down and unplug the power from it. If a partition has menu items grayed out it means it is mounted and must be unmounted before operations can be performed on it. Often SWAP will have to be unmounted. The labeling of hard drives in windows is IDE0, IDE1 or HD0,1 ; HD0,2 ; HD1 etc.. In linux the nomenclature is SDA, SDB and partitions are numbered SDA1, SDA2, SDB1,SDB2,SDB3, SDC1, SDD1 etc.. So after you have decided on how to partition then decide if to use the windows tool or the liveCD automatic tool or the manual tool(or gparted). Yes as the install is running you can use the livecd software to browse the internet.
Also be aware of FAKE RAID. https://help.ubuntu.com/community/FakeRaidHowto
Printers
Using a printer on a home network attached to and shared from a windows machine for a linux machine is fairly straight forward, but if your entire network is now all linux machines you need to know to do so(share the printer) by opening a web browser on and typing 127.0.0.1:631 . Then clicking on the printers tab. On most linux distros this is already all set up but if it isn't https://www.blackmoreops.com/2013/11/15/install-configure-printers-linux-cups-foomatic-db/ or look at https://help.ubuntu.com/lts/serverguide/cups.html
Troubleshooting
This is a huge topic and really needs to be narrowed down to what you are troubleshooting.
Recommended reading:
Contributors to this doc: u/Pi31415926, PaperPlaneFlyer123, Pi31415926, provocatio, spammeaccount
submitted by spammeaccount to linux4noobs [link] [comments]

GOD OF INDICATORS - 99,99% work - binary option strategy ... Best Binary Options Strategy 2020 - 2 Min Strategy Live ... BOSBS #2 - Binary Options Trading Strategy - How to trade ... How to Convert Excel to PDF - YouTube Export to PDF with images in PowerApps and Flow - YouTube how to convert excel to pdf without losing formatting ... How To Change Excel File Extension xls, xlsx, xlsm, xlsb ... Forex Trading VS Binary Options Trading Philippines Excel Tutorial: Excel file extension xls, xlsx, xlsm, xlsb ... Money Management Binary Options - Excel - YouTube

Relational databases filetype xls binary option database are designed to work with fixed-size data; that's where their performance strength is: remember Joel's old article on why databases are so fast? There is no MIME option for PDF, so it seems my options are limited. Database files store data in a structured format, organized into tables and fields. Upper left cell column to dump data frame ... Binary options pdf Why one must use professional binary alternatives broker? Strategy is a key element of long term successful binary options trading. The trading offers one of the binary options strategy 2019 pdf most successful strategies of trading available. No, Agimat FX® is a non-repaint Forex trading MT4 and MT5 Market Maker Method indicator, excellent for scalping and swing trade ... Model.in finance, the binomial options pricing model bopm provides a generalizable numerical method for the valuation of options.details on pricing models.managed binary binary options trading at night hack excel software tscaltzero keywords for sale options options bullet, binary.secrets you never knew binary option valuation model,this indicator that.understanding the excel.xls. Demo contest binary option 2018; Binary options strategy book download pdf; התחבר ; עגלת קניות / 0.00 ₪ 0. אין מוצרים בעגלת הקניות. 0. עגלת קניות. אין מוצרים בעגלת הקניות. Opções binárias pdf download grátis Filetype xlxs binary option database. פורסם ב 18 בספטמבר 2020 על ידי . Filetype Xlxs Binary Option ... The file types supported are.xls,.doc,.xlsx,.docx,.jpg,.png,.pdf RealTimeToExcel loads one page to get the data for all options of the month. After you install the program you must create a trading account and deposit money in it Trading binary options, CFDs, and Forex involves a high degree of risk Jul 02, 2020 · Unlike XLS files, which store spreadsheet data in a single binary file, XLSX ... Most Binary options are European-style; these are priced with closed-form equations derived from a Black-Scholes analysis, with the payoff determined at expiry. The equations used in the following spreadsheets are sourced from “The Complete Guide to Option Pricing Formulas” by Espen Gaarder Haug. Cash or Nothing & Asset or Nothing Options . Binary options can either be Cash or Nothing, or ... I would first of all try it with giving absolute paths to the command. I suspect that the libreoffice binary does not work -- you have to locate the soffice binary and see if that works.. Then, your --convert-to pdf is not sufficient. It needs to be:--convert-to pdf:writer_pdf_Export La presentazione del Viagra originale al mondo fu nel 1998, e da allora è stata venduta in oltre 120 paesi. Anche se la storia del This trading binary options for dummies PDF features the in and outs of BO as well as strategies needed to achieve success in trading binaries. Here are some of the topics you'll discover while reading the book: The single most critical factor to binary options strategy success - ignore it at your own perils. How to prevent falling prey to a dishonest broker. Simple, easy to copy ideas that ... Convert any PDF files to XLS for free with usage of OnlineConvertFree. ⭐ ️Convert PDF to Excel online in a few seconds. ️ . Convert files online free and fast! File format. Convert to. Documents converter; Images converter; Audio converter; Books converter; Archive converter; Video converter; OCR. Support. Pricing. Login. Sign Up. Convert files online free and fast! Sign Up. Login. File

[index] [20779] [17462] [13934] [23339] [4929] [12888] [26919] [13495] [24321] [6998]

GOD OF INDICATORS - 99,99% work - binary option strategy ...

binary options excel spreadsheet binary options education binary options expert advisor binary options demo account binary options download binary options definition binary options daily binary ... In this episode, Chino revisits exporting to PDF from PowerApps and Flow and shows you how to include images in your PDF export. This is the second part in a... Watch this video to learn how to start trading binary options profitably with my Price Action Trading Strategy! Make sure to start inside a Demo Account: htt... In this video, PDF Tutorial: How to Lock and Protect Print and Editing in PDF file using adobe Acrobat Live Cycle. Go to the File Menu and Click Save as and ... Download the Excel here: https://goo.gl/3WtnXG Check the plan here: http://www.callputsolutions.com/money-management-plan/ This video shows you how to use th... Don't forget to check out our main channel https://www.youtube.com/c/HowTech for more free how-to videos! Join us on Facebook http://www.Facebook.com/howtech... Best Binary Options Brokers for this Strategy: 1. 💲💹IQ Option FREE DEMO: http://www.cryptobinarylivingway.com/IQOption1 2. 💲💹Pocket Option FREE DEMO: http How To Change Excel File Extension xls, xlsx, xlsm, xlsb, xps, pdf. Most of the time, you’ll probably want to save your workbooks in the current file format ... In this video lesson you'll learn about the different Excel 2013 File formats. At http://ExcelCentral.com you can view over 850 free Excel video lessons just... get trading bots contact with telegram https://bit.ly/3aR8baT get pro or free signals https://bit.ly/2N5PLrp get strategy trading, visit my twitter https://b...

http://binary-optiontrade.privlindtranseovas.tk