Monday, October 22, 2012

How To: LAMP (Linux, Apache, MySQL, PHP) server on Amazon EC2

There are several articles out there outlining the process of getting a LAMP server up and running on Amazon's Elastic Cloud (EC2) service, but most of them seem to be missing some small caveats as well as a couple additional features I wanted my instance to have like FTP access, and VNC access to a GUI as well. Lets get started!

Table of Contents
1. What is this?
2. Prerequisites
3. Create a new server instance
4. Install & Configure Apache, PHP, & MySQL
5. Install & Configure VSFTP
6. Configure Putty to authenticate to your server (optional)
7. Install & Configure VNC
8. Install & Configure Dropbox
9. Resources

1. What is this?
Amazon's EC2 service allows you to host a virtual machine to configure any way you like. You are charged based on your resource consumption at very low rates making this a great way to set up a free hosting account for a small personal site, or even host sites for small business clients if you develop websites professionally. You can choose what operating system you would like to put on your server instance.

2. Amazon EC2 Prerequisites
- If you don't have an Amazon Web Services account you will of course need one. Head over to Amazon Web Services and sign up.
- You'll need java installed to use the web based ssh client to communicate with your instance after it is installed.
- You will probably want a good ftp client to make transferring files to your new web server nice and easy.

3. Create a New Server Instance
There are many ready made LAMP instances available that may reduce your setup time, but this guide is about setting this up exactly how we want it, so we will go with a plain old Ubuntu server and do each step ourselves. Once you've created your instance you will need to find your public DNS address. This will be used several times throughout this process so keep it handy. 

The public DNS address may change under certain circumstances, so it is best to associate an elastic IP address to your instance.

Before going any further you need to know about Amazon's security groups or you will not be able to connect to your server via the web. The EC2 service has an external firewall that will block incoming and outgoing traffic by default unless those ports are opened up. This is done using security groups. Create a new security group and open up the following ports:

20, 21, 22, 80, 9000, 50000 - 51000

This is what my security group looks like:

You will also need to create a Key Pair. This will be used for authentication and is required. From the EC2 management console, click key pairs on the left, and click 'create key pair'. You will need to save the generated .pem file on your computer in a place you will not lose it. This same file will be used for every instance you create (If you lose it you can always generate a new key pair).

Now that we have the security groups and the key pair taken care of, go back to 'instances', right click on your instance and choose 'connect'. Make sure your username is set to 'ubuntu' and click 'Launch SSH Client. Once we have a shell prompt, the first thing we want to do is update the packages installed that may be outdated. To do this, simply type:

sudo aptitude update && sudo aptitude dist-upgrade
Now we need to reboot the server before moving forward with installing our web server components:

sudo reboot
4. Install & Configure Apache, PHP, & MySQL

To Install, execute the following command from the shell:

sudo aptitude install apache2 php5-mysql libapache2-mod-php5 mysql-server
Note: During the install, you will be asked for a mysql password. KEEP TRACK of this password, you will need it later when we install PHPMyAdmin for easy mysql administration.

Once these packages are installed, open a browser and go to your instance address (you can use either the public DNS address, or an IP address if you have assigned one)
Ex: -OR-

If all is right in the world you will see "It Works!" in your browser indicating our web server is now up and running. 

If you'd like to test PHP, using your favorite text editor, create a new file called test.php. I'm using nano.

sudo nano /var/www/test.php
Type this into the file:

<?php phpinfo(); ?>
Press control+x, press Y when prompted to save and click press enter.

Note: If you receive an error saying you cannot save the file you will need to set the permissions on the var/www/ directory which is explained a bit later in this tutorial (FTP section).

Once you have your test.php file saved, just navigate to the php test page in your browser. Ex: . You should see a php info page detailing the PHP configuration.

Now we're ready to install PHPMyAdmin which we will use to easily administer MySQL databases.

sudo apt-get install phpmyadmin
At this point it's a good idea to turn on the firewall to harden security a bit. Ubuntu comes with an 'uncomplicated firewall' that can be toggled on and off very easily. Lets turn it on:

sudo ufw enable
Now that firewall is on open up ports 22 and 80. If you want to install FTP you'll also need exceptions for 20, 21, 51000, and 5000. If you're going to enable VNC then you should also allow port 9000. The last two ports can actually be in anything you want so long as it isn't interfering with any other services. These ports are used for passive FTP configuration which we will be using in this tutorial). execute these commands to make your firewall exceptions:

sudo ufw allow 22
sudo ufw allow 80
sudo ufw allow 20
sudo ufw allow 21
sudo ufw allow 9000
sudo ufw allow proto tcp to any port 50000:51000
If you'd like more details on the uncomplicated firewall see the Ubuntu guide on the matter:

5. Install & Configure VSFTP
You can do this with other ftp servers but the commands below will differ of course. I chose to use vsftpd (or the Very Secure FTP Daemon).

First, we install the package:

sudo apt-get install vsftpd
Now there are several changes we need to make to the configuration file to get this working correctly with amazon's EC2.

First, we need to edit /etc/vsftpd.conf and set some variables.

sudo nano etc/vsftpd.conf
 You'll be looking at a list of configuration settings for vsftpd. We need to turn on a couple that exist and add some others that do now. Find the local_enable and write_enable settings and turn them on by uncommenting them (remove the # at the beginning of the line).

Add these settings to the bottom of the file. (Again if you don't know your server's IP address you can find it by right clicking your instance in EC2 and choosing connect):

Now restart vsftpd:

sudo /etc/init.d/vsftpd restart 
You can also use (or just "sudo service vsftpd restart" if you have it configured to run as a service already)

Now we need to create a user to use for logging in via ftp:

sudo adduser YOUR_USER_NAME
Follow the prompts and that's it for creating a new user. But now we need to give the new user permissions to write to the www directory:

sudo chown -R USERNAME /var/www
sudo chmod -R 777 /var/www
From here I went ahead and rebooted for good measure although it may not be necessary. Now launch up your FTP client (I'm using FileZilla) and make sure you can connect, upload files, and overwrite files.

6. Configure Putty to Authenticate on EC2
This process entails using puttygen to import your .pem file from your keypair we set up earlies, and converting to a putty key file. There are also a couple settings you want to change such as the username to use (ubuntu). This is pretty well covered elsewhere so I'll just provide the link here. Just keep in mind I was unable to use Amazon's DNS name for my server, but it worked for me using the elastic IP instead:
Putty connect instructions (must use elastic ip not host name!).

One other helpful tip I found was to make sure and set a root password. After setting up putty I was able to log in as my new user automatically with no problem, however I couldn't run any privileged commands because it would prompt me for a password. The simple fix is to go back to the web based client where you already have proper privileges and run this command to set your root user password:

sudo passwd root
7. Install & Configure VNC
As with most cloud hosts, Amazon's Elastic Compute Cloud (Amazon EC2) offers only Secure Shell (SSH) access by default to Linux cloud servers. But if you aren't a command-line fan or your application requires a GUI, you can set up remote desktop access to most Linux cloud servers.

First Install the gnome desktop manager:

sudo apt-get install gnome-core
Next install the VNC server itself:

sudo apt-get install vnc4server
Now we set a password by simply typing:

The password cannot be longer than 8 characters. Once the password is set, we want to stop the server:

 vncserver -kill:1
Next, configure the VNC xstartup file so you'll see the desktop when connecting via VNC. Enter nano .vnc/xstartup.

Edit the file until it looks like this:

# Uncomment the following two lines for normal desktop:
#exec /etc/X11/xinit/xinitrc
gnome-session --session=gnome-classic &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
#x-terminal-emulator -geometry 1280x1024+10+10 -ls -title "$VNCDESKTOP Desktop" & 
#x-window-manager &
 Save the file and exit. Start the VNC server back up:

 vncserver -geometry 1024x600
Now go ahead and try to connect using you favorite VNC client such as Tight VNC. In the remote host field you will need to add a :1 like this:

Now we need to configure vncserver to start every time the EC2 instance boots up. We need to add an entry in the init.d folder. If you're unfamiliar, the etc/init.d directory is where Linux stores various start / stop scripts for services. We will be adding one to start the vncserver and use the .conf file we just created.

sudo touch /etc/init.d/vncserver
sudo chmod +x /etc/init.d/vncserver
sudo nano /etc/init.d/vncserver
Paste the following code into our new the init.d script. Notice on line 8 our default username 'ubuntu' is there. If you're using a different username this will need to be changed.

# Provides: vncserver Required-Start: networking Default-Start: S 
# Default-Stop: 0 6
# The Username:Group that will run VNC
export USER="ubuntu"
# The display that VNC will use
# Color depth (between 8 and 32)
# The Desktop geometry to use. GEOMETRY="x" 
# The name that the VNC Desktop will have.

OPTIONS="-name ${NAME} -depth ${DEPTH} -geometry ${GEOMETRY} :${DISPLAY}" 

. /lib/lsb/init-functions 

case "$1" in 
log_action_begin_msg "Starting vncserver for user '${USER}' on localhost:${DISPLAY}" 
su ${USER} -c "/usr/bin/vncserver ${OPTIONS}" 

log_action_begin_msg "Stoping vncserver for user '${USER}' on localhost:${DISPLAY}" 
su ${USER} -c "/usr/bin/vncserver -kill :${DISPLAY}"

$0 stop 
$0 start 
exit 0
Run the vncserver command once more.


And finally, we need to run this command to add our init.d script to system startup:

sudo update-rc.d vncserver defaults 99
Now restart the service:

sudo service vncserver restart
8. Install & Configure Dropbox
The goal here is to allow me to edit files right in my dropbox from my home PC or mobile phone and have those changes automatically sync to my server's var/www directory making the changes live without the need for manually transferring files via FTP. This has also been pretty well documented so I'll simply share a link if you're interested in taking this additional step.
Set up DropBox Selective Sync on Ubuntu EC2

9. Resources
Putty connect instructions (must use elastic ip not host name!):

Thursday, May 3, 2012

Mayan Calendar Predicts Renewal of 100 Year Federal Reserve Charter?

There is a rumor traversing the echo chamber claiming the Federal Reserve's charter with the US government is set to expire on Dec 23, 2012... just as the final pages are ripped from the Mayan calendar. I can appreciate the wishful thinking... but unfortunately, this belongs in the non-fact category.  The original Federal Reserve Act of 1913 was bound by a 20 year expiration date on the authority of member reserve banks 1. So where did the 100 year rumor come from? It was the Act of July 1, 1922 which changed the expiration to 99 years from the date of organization 2.  This myth would have held true had it not been for the Act of Feb. 25, 1927 which made the Federal Reserve's power over our monetary policy perpetual 3. Today, only an act of congress can dissolve the Fed.

If it hadn't been for that last amendment, we might have been full swing into a global discussion about renewing the most ambitious wealth siphoning system in history. Unfortunately, the amendment exists and the power of the fed has no such expiration date.

Is this really so bad?

To answer that question, lets take a look at the last 100 years of fractional reserve banking and you can judge for yourself. For those of you who would rather watch a cartoon instead of reading boring posts about our country's economic foundation... I've got you covered:

For the rest of you... lets dig a bit deeper...

How it started...
The push for a centralized banking system began well before our nation was founded. Prior to the establishment of the United States, the big bankers were much more up front about their deceptive banking practices. Take for example the quote often attributed to Mayer Amschel Rothschild... "Let us control the money of a country and we care not who makes its laws." 4

Many of our greatest national leaders opposed the banking institutions and feverishly condemned their involvement with monetary policy and specifically the issuance of currency for fear of the abuse that would accompany it. Among these men were Thomas Jefferson, Abraham Lincoln, Andrew Jackson, and many others.

Our story, for the purposes of brevity, begins with the first time our currency was devalued under the banner of financial stability. The Federal Reserve Act was signed into law in 1913 by Woodrow Wilson, and it was about as "Federal" as Federal Express. A cartel of 12 privately owned banks were to take control of the nation's monetary policy. Most notably, this act allowed for the expansion of money supply beyond our nation's holdings in physical reserves. Although it was a pivotal moment in our country's history, it was not nearly as powerful as the Fed we tolerate today. The Fed of 1913 was severely limited, not only by the 20 year expiration date mentioned earlier, but by physical gold reserves. Even at a time when we first began to dabble in the abandonment of hard currency, we still had the good sense restrict the dangerous power of artificially inflating the money supply. To prevent over-inflation, the Fed was only allowed to expand money supply to a percentage above the nation's holdings of physical gold. This act, like the Aldrich-Vreeland Act before it, and the many revisions to the National Currency Act before that, was a mere stepping stone toward the modern monetary monster we know today. If the banks were to have the power they sought, they would have to bastardize hard currency and pry it from the dollar at every opportunity. This is exactly what they did.

As people were slowly introduced to the new financial system, they began to hold gold in events of financial uncertainty. This was exactly what people had done for centuries in order to shield themselves from the devaluation that occurs as the money supply is expanded. The banks knew they needed to eliminate the culture of gold holdings. It wasn't long before the attack on gold and silver based currency continued.

Executive Order 6102
On April 5th, 1933, President F. D. Roosevelt signed Executive Order 6102 "forbidding the hoarding of gold coin, gold bullion, or gold certificates within the continental United States". This order literally criminalized the possession of monetary gold by any individual, forcing everyone into the new system regardless of their position on monetary policy.

Although by this point the bankers had made great strides toward controlling the US monetary system, there was still a faction of opposition within our government.

Executive Order 11110
Fast forward to June 4th, 1963. JFK authorized the US Treasure to begin printing a new form of silver certificate. $4 billion worth (roughly $30 billion in today's dollars), free of debt, free of interest, redeemable for hard silver reserves. These certificates would not involve the fed at all and would compete with the traditional federal reserve note. 5 Months later, on November 22, 1963 Kennedy was assassinated. Less than 3 months after Kennady was buried the executive order was derailed in March of 1964 when Secretary of the Treasury C. Douglas Dillon halted redemption of silver certificates for silver dollars. The new reserve notes were removed from circulation and destroyed with the exception of the few remaining samples held by collectors.

JFK was an opponent of institutional secrecy, an ingredient fundamental to the survival of the Fed by their own admission (more on this later). He was in clear and direct opposition to secret organizations, and made that abundantly clear in a well known speech made two years before his assassination.

We're All Keynesians Now
Unfortunately, Richard Nixon was not among the list of the few courageous men who publicly denounced the abusive monetary system. In a famous speech by Nixon in 1971, it was declared to the world that we had completed our transition from a responsible currency to a system comprised of mythology, theft, and secrecy. Ironically, Nixon's stated intent was to "defend the dollar".

..."the overwhelming majority of Americans who buy American made products in America, your dollar will be worth just as much tomorrow as it is today."

So was Nixon right? According to the published consumer price index figures over time, one dollar in 1971 has the purchasing power of only $0.18 in today's world 5. This was the result of only 40 years of completely decoupling gold from our dollar.

I Must be a Conspiracy-loving Paulbot Moron
Many will argue that wages have increased at the same rate, and so the devaluation is non existent in real terms... but is that really true? In short, maybe the Mayans were onto something after all...

Chart Source: TPM

As you can see, something occurred in the early 70s that changed the direct relationship between productivity and compensation. We began to develop a gap that seems to under-compensate workers, and the gap is growing very rapidly. Could it have been Nixon's abandonment of gold backed currency combined with the Fed's persistant expansion of our money supply? 

Many will tell you the flexibility provided by the Federal reserve's ability to introduce new money into the system has saved us from imminent financial disaster. Others, including myself, will look at the world around them and call bullshit.

To defend the fractional reserve banking system, you must make several leaps of faith that I am not prepared to assume. The most important of which comes down to the secrecy of the fed (although the politically accepted term has become "the independence of the Fed").

In order to defend this system, you must accept that the individuals granted such massive financial power do not need to be completely transparent or accountable in order to operate in the best interests of the people. You must simply trust that they are behaving responsibly. This is because no government official has the authority to peak behind the curtain and completely Audit the Federal Reserve. In fact, the fed is owned by a group of shareholders whose identities are not publicly known. The Fed of course claims all of this keeps you safe from the meddling of your pesky elected representatives, but how can we ever come to any proper conclusion without all of the information? I'm starting to understand what Kennedy was talking about.

And now, for the grand finally. I have uncovered a massive plan to replace the dollar. In fact, the notes have been drafted and kept secret from the public... until now. It looks as though they have decided to stay with the lovely color scheme we have all come to know so well, but have reduced the size of the bills by about 40% to save paper and ink. Introducing the world's new reserve currency:

So, which of the two fathers of economic theory do you believe?

1Federal Reserve Act of 1913 (P.L. 63-43, 38 STAT. 251, 12 USC 221)
2Standard Catalog of United States Paper Money 30th Edition, ,George S. Cuhaj, William Brandimore, p. 279
3Standard Catalog of United States Paper Money 30th Edition, ,George S. Cuhaj, William Brandimore, p. 279
4 - Rural Credits - Joint Hearings Before the Subcommittees on Banking and Currency of the Senate and of the House of Representatives Sixty-third Congress, Second Session, Washington Government Printing Office, 1914
5 - Inflation Calculator - Dollar Times -

Tuesday, February 14, 2012

Large Scale Election Fraud in Maine Caucuses

The other day, I woke up and checked the final results from the Maine Caucus that went on the night (and entire week) before. I'm afraid what I found was what looks like the most blatant case of election fraud I have ever witnessed. I'm going to summarize what happened as best as I understand it at this point, who is responsible, who was cheated out of their vote and what they can do about it.

Big story: 140 Towns Unaccounted For? Maine GOP Chair Charlie Webster Calls the Win Anyway. When he receives push-back from the media and local officials, he sticks to his guns saying they will discuss it in March (after Super Tuesday of course) to decide if they will include the neglected votes.

Side story: Totals reported found to be incorrect on multiple occasions as reported by Caucus leaders, either due to addition errors, or just plain wrong information. See breakdown below.

Side side story: Some officials in Maine are speaking up. Washington County commissioner Chris Gardner is pushing the GOP to count the votes there. State Senate President Raye is demanding the votes be counted. Charlie Webster is insisting they will not count toward the official total.

Update: 2/18/2012
The GOP in Maine has released a new set of results. I've compiled a spreadsheet to more easily compare the results:

County by County Problems List
  • Androscoggin
    • No problems I'm aware of
  • Aroostook
    • Results not broken down by town so we have no way of knowing if some towns were not counted like in the other counties. Aroostook was the only county Ron Paul won in 2008. He won again this year but we cannot verify that there were not towns missing without the results broken down as they should be.
  • Cumberland
  • Franklin
    • Avon (2 votes in '08), Carthage (2 votes in '08), Coplin, Dallas, Eustis, Madrid, Phillips (2 votes in '08), Rangeley, Sandy River, Wilton (10 votes in '08) - zero votes reported by GOP
  • Hancock
    • Amherst, Aurora (6 votes in '08), Castine, Cranberry Isles, Eastbrook (2 votes in '08), Franklin, Frenchboro, Gouldsboro, Great Pond, Hancock (19 votes in '08), Lamoine, Mariaville, Osborn, Sorrento (5 votes in '08), Stonington (3 votes in '08), Sullivan, "T3 ND Part of"?, Waltham, Winter Harbor - zero votes reported by GOP
    • Apparently 10 towns in Hancock were also postponed just like they were in Washington County. Hancock county as a whole received 263 votes in 2008. There are already 315 votes in Hancock being reported indicating a much higher turnout in the county this year.
  • Kennebec
    • Clinton, Rome (3 votes in '08), Vienna (1 vote in '08), Waterville (53 votes in '08), Wayne - zero votes reported by GOP
    • Waterville - +16 votes for Paul? - From a facebook comment on a Bangor Daily News article: " We were robbed of votes in waterville also! Doctor won the place by 16 votes but maine resiults shows 0! Now you guys be the judge and decide whether there was proven voter fraud in GOP Maine!"
    • China - Official vote total was Romney - 6, Paul - 11, 1 - Santorum, 0 - Gingrich, 0 - Other. totals had a different result:  Romney - 3, Paul - 13, Santorum - 1, Gingrich - 1, TOTAL: 18 (Source)
  • Knox
    • Isle Au Haut, Matinicus Isle, North Haven - zero votes reported by GOP
    • Was this the town with a delayed caucus or was that hancock?
  • Loncoln
    • Boothbay (18 votes in '08) - two line items on GOP sheet, one is all zeros. Were there two caucuses in boothbay or was this just a typo?
    • South Bristol (14 votes in '08), Whitefield (6 votes in '08) - zero  votes reported by GOP
  • Oxford
    • Albany (7 votes in '08), Byron, Gilead (2 votes in '08), Lincoln, Magalloway, Milton (2 votes in '08), Newry (3 votes in '08), Otisfield (15 votes in '08), Stoneham, Stow, Sumner, Sweden, Upton - zero votes reported by GOP
  • Penobscot
    • Alton (2 votes in '08) - Total is wrong. Two votes for paul, one vote for 'other' but a big fat zero in the total column.
    • Bangor - Again Paul bests romney by 10 votes, but the totals column is zero.
    • Burlington, Carroll, Corinth, Drew Plantation, Edinburg, Enfield, Kenduskeag, Kingman, Lakeville, Mattawamkeag, Maxfield, Mount Chase, Passadumkeag, Patten, Penobscot, Plymouth (10 votes in '08), Prentiss, Seboeis, Springfield, Stacyville, Stetson (2 votes in '08), Veazie (10 votes in '08), Webster, Winn, Woodville - zero votes reported by GOP
  • Piscataquis
    • Abbot (4 votes in '08), Greenville (3 votes in '08), Kingsbury, Lake View, Shirley, Wellington (1 in '08), Willimantic (2 in '08) - zero votes reported by GOP
  • Sagadahoc
    • No problems I've heard of
  • Somerset
    • Anson (4 votes in '08), Brighton, Caratunk, Cornville (2 votes in '08), Dennistown (3 in '08), Detroit (1 in '08), Highland (1 in '08), Jackman (1 in '08), Mercer (2 in '08 both for RP), Moscow (1 in '08), New Portland (2 in '08 both for RP), Moose River (1 in '08), Pleasant Ridge (1 in '08), Rockwood Strip, Starks (4 in '08, 3 for RP), The Forks, West Forks
  • Waldo
    • Belfast - +7, +9 or +21 votes for Paul (I've seen this in 3 places with different numbers) - votes from Belfast (largest caucus including 22 towns) . Ron Paul won with 71 votes according to Matt McDonald, the Chairman of the Belfast Caucus. He called the State office and their numbers had Romney winning. By the way, the votes in the Belfast caucus were read publicly.
    • Belfast (37 in '08), Belmont (3 in '08), Brooks (5 in '08), Burnham, Freedom, Islesboro, Jackson (2 in '08), Knox (11 in '08), Liberty (11 in '08), Lincolnville (7 in '08), Monroe (6 in '08), Morrill (4 in '08), Prospect (2 in 08), Searsmont, Searsport (8 in '08, 5 for RP), Swanville (4 in '08), Thorndike, Troy (5 in '08 3 for RP), Waldo (3 in '08), Winterport (14 in '08) - zero votes reported by GOP
  • Washington
    • Washington was postponed due to imminent snow. Turns out the snow storm was miniscule, dropping only a dusting on Washington county, but nevertheless the Caucus totals should still be counted toward the winner right? Wrong. Charlie Webster refuses to allow the final tally in Washington county to count toward the official "winner" of the nonbinding straw vote that has been already been called for Mitt Romney.
  • York
    • Acton (14 in '08) - zero votes reported by GOP

I will be updating this article as more info comes in. Feel free to point me in the direction of any additional info you may have on discrepancies in the figures.

Official Vote Breakdown from Maine GOP -
Vote Breakdown from 2008 -