How To Backup and Restore your Inventory Management System

There are two important sections of The Inventory Management System that need to be backup and/or restore. The system stores images that are uploaded in a directory within the source-code. Backup this directory or the entire application to a folder on your file system.

Example:

sudo cp -R /var/www/html/warehouse-inventory-system /home/pi/Downloads/

Backup and Restore Your Database

Export A Database

To Export a database, open up terminal, making sure that you are not logged into MySQL and type,

mysqldump -u [username] -p [database name] > [database name].sql

Backup your Inventory Management System

mysqldump -u'root' -p'password' oswa_inv > /path/to/oswa_inv.sql

The database that selected in the command will now be exported to a file.

Import

Log into mysql command-line interface:

mysql -u'username' -p'password'

If you are having difficulty logging into mysql please see the section below, How to Reset Your Password

WARNING! You are about to permanently delete ALL of your data.

DROP DATABASE oswa_inv;
CREATE DATABASE oswa_inv;
source oswa_inv < /path/to/oswa_inv.sql

Exit mysql.

How to Reset Your Password

When you first install MySQL, you have to set up your root password. However, should you forget it at any point, you can still recover it.

Step One—Shut Down MySQL

In terminal, stop the MySQL process

 /etc/init.d/mysql stop

Step Two—Access MySQL Safe Mode

In safe mode, you will be able to make changes within the MySQL system with a root password alone, without the need for MySQL root password.

sudo mysqld_safe --skip-grant-tables &

Once safe mode has started up, log into MySQL and when prompted, use your standard root password.

mysql -u root mysql

Step Three—Set Up a New Password

Finally, set up the new MySQL root password by typing the command below. Replace “newpassword” with the password of your choice.

update user set password=PASSWORD("newpassword") where User='root';

Be sure to reload everything:

 FLUSH PRIVILEGES;

and you now have a new root password.

More About Electronics:

More About hydroMazing:

More About Indoor Gardening:

Setup hydroMazing Smart Garden System

cropped-hydromazing_smart_garden_system

Setup and Use hydroMazing

  • The Controller ( Arduino Nano ) uses 433MHz Transmitter to send codes to remote-controlled AC Outlets or can connect directly via a transistor, MOSFET, or relay.
  • Web Services Module ( Raspberry Pi ).
    • Optional Web-Camera ( USB Web-Camera ).
  • Optional  ( connect directly via a transistor, MOSFET, or relay.  Supports additional sensors: E.C., pH, Light Intensity, more floats and flow-rate sensors.

I liked the simple inventory management system application so much, I borrowed its web interface to improve hydroMazing:

hydroMazing snapshot

What are the steps needed to use hydroMazing?

  • Connect the Raspberry Pi to your local router using an Ethernet cable.
  • Plug in the hydroMazing Controller unit’s USB to the Raspberry Pi.
  • Optionally, plug in the USB webcam.
  • Power the Raspberry Pi.
  • Use a Power Squid ( Multiple Plugs ) to attach the Remote Controlled AC Outlet Modules to their corresponding appliance assignment according to the hydroMazing Smart Garden System’s settings.

Plug-in appliances to their corresponding remote controlled AC switch units.  Most growing environments can be configured as follows:

  1. Light
  2. Intake Ventilation Fan
  3. Exhaust Ventilation Fan
  4. Humidifier / Heater / Additional Lighting
  5. Pump(s)

Also see Controlling Appliances.

How to Access the Web Interface:

  • Use a wormhole service such as Dataplicity.io
  • Or, Discover the IP address that your router has assigned to the Raspberry Pi, running hydroMazing Services.
  • Or, use a DDNS service to update the dynamic address assigned to your router and directly access the web interface

 

  • Login to the web interface using the admin credentials provided.  Example URL of web interface http//[your-device].dataplicity.io/hydroMazing/
  • Click ~ Settings → Automatic Timezone → Update
  • Click ~ Settings → Email Notifications → [ enter your email address ] → Save
  • If your growing environment is not within an Ethernet cable distance away from the router then you will need to configure the WiFi.
  • Click ~ WiFi Settings → SSID → [ enter your router’s SSID ]

Passkey → [ enter your router’s WiFi password ] → Save

 

hydroMazing chart

 

More About Electronics:

More About hydroMazing:

More About Indoor Gardening:

 

 

Using a Raspberry Pi for your own Inventory Management System

Using a Raspberry Pi for your own inventory management system.

An open-source, inventory management system written in PHP with a MySQL database has no problem operating on a Raspberry Pi. Initially, you’ll only have local network access, but if you want to allow remote web access, you can.

In order to setup a web interface to access, view, and manage the content of your inventory management system you’ll need to set up a LAMP (Linux, Apache, MySQL, PHP) stack on your Raspberry Pi and configure it to work as a web server and set up a basic website which you can access on any device on the same network as your Pi. This is a link to a nice tutorial for setting-up a L.A.M.P. server on your Pi, the WordPress portion is optional, you can stop after installing PHP.

If you plan on having access to your Raspberry Pi through the Internet, you’ll need to configure your router and DDNS settings, or use a service such as dataplicity.io to wormhole to your pi through the web.

Next step is to use an open-source project found on GitHub to start your basic inventory management system.

“OSWA-Inv is a web based Inventory System, that will allow you to keep tracking of the quantity buying and selling price of the products existing in your warehouse or business. When creating a new products, you can set a quantity, buying and selling price.”

Included Features:

  • User Management: Groups, Basic Profile, and Change Password
  • Categories: For organizing products
  • Products: Basic product information, title, quantity, pricing.
  • Sales: Sales transactions are individual by product.
  • Reports: Daily, Monthly, and Ranged Dates Sales/Profit Report

InventoryProducts

Install the Basic Inventory Management System Web Application

After updating the Raspberry Pi and setting up the LAMP stack, installation of the inventory application is relatively painless.

Download the source-code package and then you’ll need to extract the contents to the folder. Either rename the folder to the base name now or after you move it to the web root for Apache Web Server found at /var/www/html/

Use the MySQL command line to import the database schema. Create a database named oswa_inv and import the schema included in the project directory oswa_inv.sql If you haven’t done so, installation is as easy as:

sudo mysql -uroot

mysql> CREATE DATABASE oswa_inv;
mysql> USE oswa_inv;
mysql> source /var/www/html/inventory/oswa_inv.sql

The directory containing the project, especially, the uploads directory, must have write permissions on the system and let the web application be run using the www-data account by executing the following commands from the project directory:

sudo chmod -R 775 uploads/
sudo chown -R www-data:www-data *

Edit the header.php file to suit the needs of your organization. e.g. change to logo
[project folder on server]/layouts/header.php
Same folder also contains the various menus used by the system.

Edit the CSS to reflect the needs of your organization. e.g. change background colors
[project folder on server]/libs/css/main.css

InventoryAdmin

Using the Inventory Management System

  • Secure the default accounts with a change password.
  • Create a user account for each person using the system, including yourself.
    Optionally upload a photo for the user.
  • Add Categories – you’ll need to add at least one category before you can add products.
  • Add Media before you Add Product if you want to associate a photo when you Add Product. Otherwise, you can elect to have no image and updated later.
  • Add Order – before you try to Add Sales.

Improvements

These are the improvements I’ve added for my own system

  • Delete confirmation popup before delete actions
  • Description column for products
  • Location column for products
  • View products by category
  • Add sales from list of products – remove selected from list.
  • Add/Edit/Delete Sales also updates product’s quantity available
  • Order Management for all sales – All sales must be associated with an order number
  • View Sales by Order calculate total
  • Delete Order: deletes all sales associated with order AND restores quantity/stock
  • Add/Edit/Delete Order also updates product’s quantity available
  • Stock: Inventory Management for all products – Log of increase/decrease stock
  • Add/Edit/Delete Inventory also updates product’s quantity available

Improved Version Source-Code

mmexport1472732631987

Support and More!

Basic Inventory Management System Web Application

I’ve spent a great deal of time searching for the right inventory management system for my work. I want the system to be relatively simple, straightforward, with only the necessary bells and whistles. Perhaps, even more important to me is the ability to modify the system to suit my needs. It’s rare to find an off-the-shelf product that can be modified or enhanced to suit needs. Fortunately, there are several open-source projects on GitHub related to Inventory Management System projects. I need to be able to customize the project to suit my needs. Similar to WordPress, the project I have selected is written in PHP and uses a MySQL database.

https://github.com/siamon123/warehouse-inventory-system

“OSWA-Inv is a web based Inventory System, that will allow you to keep tracking of the quantity buying and selling price of the products existing in your warehouse or business. When creating a new products, you can set a quantity, buying and selling price.”

Want more? Check-out the improvements I’ve made:

InventoryAdmin

Using a Raspberry Pi for your own Inventory Management System

Configure Your Own Internet Router

Hook Up Your Raspberry Pi

Connecting all your devices to the Raspberry Pi is very easy, but you want to do it in a specific order so it can recognize all your devices when it boots up. First, connect your HDMI cable to your Raspberry Pi and your monitor, then connect your USB devices. If you’re using an Ethernet cable to connect to your router, go ahead and connect that as well.  Finally, once everything is connected, go ahead and plug in your power adapter. The Raspberry Pi does not have a power switch, so once you connect the power adapter, it’ll turn on all by itself.

Connect to Your Wi-Fi Network

Connecting to your Wi-Fi network works the same in Raspbian as it does it any modern operating system.

  • Click the network icon (it’s the one with two computers) in the top right corner.
  • Select your Wi-Fi network name, and enter your password.

That’s it, you’re now connected to Wi-Fi. This will work in both the command line and in the graphical interface, so you only need to set it once. If you have an older Pi and you’re using a Wi-Fi adapter like this, the process is the same.

You have several devices connected to your WiFi router, so how can you tell the outside where you are serving-up Raspberry Pi?

Getting Online

The following section assumes you have an updated and upgraded Raspberry Pi 3 or equivalent, and installed L.A.M.P. (Linux.Apache.MySQL.PHP.)  Excellent article for getting started and RaspberryPi.org’s installing LAMP.

You have several devices connected to your WiFi router, so how can you tell the outside where you are serving-up Raspberry Pi?

Use a service like dataplicity OR DIY:  Let’s get familiar with our router’s advanced settings in your router manufacturer’s configuration tool.  Most home networks use one of these common IP addresses for their gateway to the Internet:

place-wifi-router

You will need to login to your router’s configuration tool.  The username and password should have been assigned at the time of setup.  First, we need to reserve an IP address for our Raspberry Pi to use on a regular basis.  Typically, the router will have a DHCP (Dynamic Host Configuration Protocol) Settings section, List and Bindings, etc.  The Raspberry Pi and all other devices on your LAN should be listed here.  Hopefully, your router will have a somewhat intuitive interface that will make sense as to how to assign an IP address to a device or MAC address.  If all else fails, consult your manufacturer’s instructions.

decapi-slider-raspberry-pi-casenetwork-782707_1280-980x637

The default port for web requests is 80.  You can leave the default unless your Internet Service Provider doesn’t allow port 80.  Next step in your router’s configuration is to have the router forward all incoming requests on port 80 to the Raspberry Pi.  Typically referred to as, Port Forwarding or Port Range Forwarding.  You will want to associate the Raspberry Pi’s IP address so that it will receive all incoming requests on port 80 or whatever port you find most appropriate.  (The most secure web server is one that is not connected to the Internet 😉  The default port for SSL is port 443.  Next step in your router’s configuration is to have the router forward all incoming requests on port 443 to the Raspberry Pi.  Motion Web-Cam Streaming:  The default port for motion is port 8081.  Next step in your router’s configuration is to have the router forward all incoming requests on port 8081 to the Raspberry Pi.

You could also allow Telnet, FTP, SSH, VNC, etc but I do not recommend unless you are familiar with the security risks associated with such services.

Get Yourself A Domain Name

http://www.YOUR_CUSTOM_DOMAIN.ddns.net

Check for the DDNS ( Dynamic Domain Name Service ) Setting in your Router’s advanced configuration settings.  Most routers will support one or more of the following, http://www.dyn.comhttp://www.noip.com, many others search Google for “Dynamic DNS”.  The service will offer the ability to register a domain name to associate with the Dynamic IP address that is assigned to you by your Internet Service Provider.  Typically, your router or a software plugin that you download and install will update the Dynamic DNS service’s database when your assigned IP address changes.

Secure Socket Layer

https://letsencrypt.org/

Let’s Encrypt our connection with the Raspberry Pi.

Install

Rather than apt-get Cerbot, I download the latest version directly from its repo:

sudo git clone https://github.com/certbot/certbot /etc/letsencrypt

Easy SSL through Automation

Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates both obtaining and installing certs:

sudo /etc/letsencrypt/certbot-auto

 

Your domain name for your hydroMazing should now be secure.

Wired or Wireless?

Electricity replaces the sun, wind, and some natural processes as the dependency for plants to grow indoors.  

Starting a Smart Indoor Garden

The first glaring problem with the typical indoor garden is that extension wires are annoying and a potential safety hazard.  On the other hand, wireless communications can lack the reliability of the wired variant.  Going further, should the system be available to the local network or should it be connected to the Internet?

Since plants do not need Internet access in order to grow then we are potentially creating an additional dependency that the plant doesn’t want. The Internet is useful for providing access to your system, but security is questionable, how much control or data should be available?  A connection to the Internet can become another dependency if the system cannot operate without communication to a cloud-based or otherwise remote server. If something can fail; we should plan for the eventual occurrence of that possibility as best as possible. If a long electrical outage were to occur it would be prudent to have a backup generator, or solar rechargeable battery storage system.  If we can have better reliability with a wired connection, then it makes sense to use a combination of wired and wireless.

Next:  Getting Wired and Wireless

Communication options such as i2c, which is great for communicating with another microcontroller or Raspberry Pi and the many wireless options: WiFi, bluetooth, etc.

  • Remote Control using a RF 315MHz / 433MHz
  • Lightweight Bluetooth ( nRF24L01 )
  • Bluetooth ( HC-05 )
  • WiFi Module ( ESP8266 / CC3000 ) etc.

More Info:

Please share with friends and follow to receive a notification when I publish a new article.

 

Why Arduino when you can Pi?

Arduino
Arduino ProMini, Uno, and Nano on expansion board.

Why Arduino?

The greatest advantage to using the Arduino family of microcontrollers for DIY electronics projects, is that they are ubiquitous.  Since they are so available, they are inexpensive and you can find open-source software to get started.

If you’ve ever had the opportunity to work with an Arduino Uno microcontroller board, then you’ve probably executed the flashing LED example.  Going further, you might attach a button, or switch, to trigger the LED or to turn it off making the project interactive.  There are many sensors that could be connected to the Arduino Uno and setup to trigger events, such as the LED flashing, using threshold values that we would need to experiment with in order to figure out what settings work best for creating the effect we want.

While the examples that come with the Arduino software and the examples included with libraries are an excellent start to a project; the Arduino family of microcontrollers is often grossly underutilized in many projects.  Sure microcontrollers are limited in how many instructions they can run; hitting the program size limit doesn’t take very long when you want to control more than a few blinking LEDs.  Even with creative variable handling and custom libraries, eventually, there is a need for another microcontroller or to move to a larger one, even a Raspberry Pi.

In my Alien Invasion Slot Machine project, I tried to push the Arduino closer to its limits.

Time Management and state and trigger flagsf0zk2etiagml1az-medium

At its most basic, a microcontroller loops through a set of instructions handling each action with the focus of The Red Eye of Sauron from Lord of the Rings.  There are a few interrupts that can be configured should an event be so important to receive the full attention of the microcontroller.  Using some form of time management creates a state machine. If x amount of time has passed since x event, then do something and so on…

“The behavior of state machines can be observed in many devices in modern society that perform a predetermined sequence of actions depending on a sequence of events with which they are presented. Simple examples are vending machines, which dispense products when the proper combination of coins is deposited, elevators, whose sequence of stops is determined by the floors requested by riders, traffic lights, which change sequence when cars are waiting, and combination locks, which require the input of combination numbers in the proper order.” https://en.wikipedia.org/wiki/Finite-state_machine

There are rare instances where: RTOS, AI, neural networks exist on microcontrollers, but that’s best left to software-oriented systems such as a Raspberry Pi.

After trying many different timer and time management libraries I felt they were either too much or not enough of what I was wanting in my timers.  A set of timers that are easy to set, keep track of their own state, and each have their own trigger flags.

Button assumptions

buttons

Interacting with an electronics device such as a microcontroller or computer system is relatively easy and typically provided as an example for developers looking to use the device in their project.  Press a button and an LED illuminates. A button or switch may seem like a simple sensor input, but it’s not.

The device’s system resources are consumed waiting and watching for a button press. When we use a button in a project we typically think of it being activated when pressed.  Then what? What should happen if the user holds the button in the active position? Will the button be counted as pressed once, or is the program going to count each second, or x amount of time, as another button press?  Does the program need to know that the button has been released?

Hardware and wiring

wiring harness

Rather than using the Arduino Uno and a protoboard or breadboard for this project, I’m using the Arduino Nano on an expansion board.  Keep it simple using common wiring colors, keep it modular so connections can be made with ease, keep your project sustainable; a part can be replaced rather than the entire system.  The DuPont wire connectors that come with prototyping starter kits makes it easy to create your own custom wiring connections. The wires are easy to solder when a more permanent connection is needed.  I make custom wiring harnesses for neater, cleaner, and more easily connectable modules.

 

Raspberry Pipi3

The latest version of the Raspberry Pi v3 uses a Linux OS and is a computer that can do so much more than an Arduino Uno, why not just use it for everything?  While it is possible to do many of the same tasks as you would do with the Arduino Uno or variant, it’s not always best.  The Arduino Uno and variant microcontrollers are best for doing the same actions, over and over again, such as reading a sensor and doing something with the value.

As I mentioned previously, you can do a lot with a Raspberry Pi, and depending on how much you are doing, it won’t take too long before you discover it has limits.  When the Pi overheats, it will either freeze or shutdown, hopefully, the processor has a heatsink.

More Info:

Please share with friends and follow to receive a notification when I publish a new article.

Using a Raspberry Pi and USB Camera

You have a Raspberry Pi, or are comfortable with the idea of using one, and you want to use it to capture video or images using a USB camera.  Even though the Raspberry Pi has a port designed specifically for using a camera, it’s not as low-cost, nor as convenient as the USB corded camera.

CanaKit Raspberry Pi 3 B+ (B Plus) Starter Kit (32 GB EVO+ Edition, Premium Black Case)

It would be a lot nicer if you had a web interface to access, view, and manage the content you’ve capture using the USB camera.  Learn to set up a LAMP (Linux, Apache, MySQL, PHP) stack on your Raspberry Pi and configure it to work as a web server and set up a basic website which you can access on any device on the same network as your Pi.  This is a link to a nice tutorial for setting-up a L.A.M.P. server on your Pi, the WordPress portion is optional, you can stop after installing PHP. 

Motion

Motion is the tool that you will want to use if you want to live stream, record video, capture motion, and grab a lot of snapshots.  More options means a lot more configuration options making setup more complex.

download and install:

  • sudo apt-get update
  • sudo apt-get upgrade
  • sudo apt-get install motion

usage:  See /etc/motion/ for configuration file(s).  The documentation for Motion is contained within the file motion_guide.html.

The offline version of this file is available in the doc/motion directory. The online version of the motion_guide.html file can be viewed here

growrm2

fswebcam

fswebcam is a simple tool for grabbing snapshots using a USB connected camera and  can be configured to execute routinely using the operating system’s cron job scheduler.

download and install:

  • sudo apt-get update
  • sudo apt-get upgrade
  • sudo apt-get install fswebcam

usage:  https://www.raspberrypi.org/documentation/usage/webcams/

More:

 

Make a Touch Screen Kiosk

touch screen

Raspberry Pi 7″ Touchscreen Display

AND

SmartiPi Touch case for The Official Raspberry Pi 7″ Touchscreen Display – Adjustable Angle

Keep Fingers Out of your Pi

In my previous article , I explain how to setup the Raspberry Pi to be a web server.   I also demonstrate searching log files for “footprints” from the IP requests that have been made to your web server.  Now, I would like to discuss protecting your web server from becoming a victim to a potentially malicious attack.

Keep your Pi updated!

sudo rpi-update

The command will automatically update the Raspberry Pi’s firmware and then ask for a reboot.  If your Pi is already up-to-date, then you can continue with:

sudo apt-get update
sudo apt-get upgrade

Now, you’ve got the latest and greatest firmware and software!!

2016-11-04-092217_1920x1080_scrot

Pi Passwords

Ideally, we would disable the default pi account,  at the very least, set the default password for your pi account.  Another major in-security is that most users have SSH (Secure Socket sHell) and VNC (Virtual Networking Computer) enabled so that they can remote into their machines.  I don’t recommend allowing access outside of your network when running a publicly exposed web server.

Apache Web Server

If you are serving web content world-wide then you’ll eventually want to adopt some sort of blacklist, or exclusion list, where you can keep specific IP addresses from accessing your server.  However, if you want to tighten-down your security and only allow a select few access then you’ll need to make some changes.

cd /etc/apache2
sudo cp apache2.conf apache2.conf.bak
sudo vi apache2.conf OR sudo nano apache2.conf

Travel down the file until you reach this section that allows everyone access to your web server from the outside:

<Directory /var/www/>
 Options Indexes FollowSymLinks
 AllowOverride None
 Require all granted
</Directory>

The AllowOverride directive is set to None meaning we will not be using an .htaccess file to override these settings.  The next directive, Require is set to all granted, meaning allow anyone access.

UPDATE:  I have found a significant number of bot requests in my log files, snooping for those of Us using phpmyadmin, be sure to limit access:

<Directory /usr/share/phpmyadmin/>
Order Deny, Allow
Deny from All
# localhost
Allow from 127.0.0.1
# Local-Area Network
Allow from 192.168.x.x
</Directory>

Next, we can add a directory that we want to protect:

<Directory /var/www/html/hydroMazing/>
 Options Indexes FollowSymLinks
 AllowOverride All
</Directory>

The AllowOverride directive is set to All meaning we will be using an .htaccess file to override these settings.  We will provide the Require directive in our .htaccess file inside the directory we specified, in this case, “/var/www/html/hydroMazing/”   One last setting of importance before we save:

# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess

You could change the name of the .htaccess file here to something harder to guess.  Keep the dot at the beginning because it means hidden file.   Use your imagination 😉  Now you can use an .htaccess file as your whitelist, or inclusion list:

To create a .htaccess ( or whatever you’ve named it ) file:

cd /var/www/html/mydirectory/

sudo vi .htaccess OR sudo nano .htaccess
# Allow access to localhost 
Require ip 127.0.0.1

# Allow access to my cell phone
Require ip 98.97.34.23

Second entry is an example, change it to your IP address, or the IP address that your web server logged.  See my previous article for instructions on checking your log files.  Save and close the file.  You can add additional access as desired.

 

Build a Wallimg_20160814_195916221

Install the open-source firewall builder

Pop open a terminal from your Raspberry Pi’s desktop and type the following:

sudo apt-get install fwbuilder

After the installation has completed, you will have a new option under the Menu/Internet option from your desktop for the firewall builder GUI.

Add a new firewall and name it the same as your server.

 2016-11-04-090801_1920x1080_scrot

Select the “web server” template to load default rules.

Note that the default rules restrict your server from accessing the outside Internet.  In order to allow access, you’ll need to add a rule.  The easiest way to add a rule is to copy an existing rule that is similar to your needs.

2016-11-04-090900_1920x1080_scrot

Compile and Install

We can build our firewall through this interface, but we won’t be able to install it because we won’t have sufficient permissions to write to the file system.  Enter the following at a terminal window’s command line assuming you named your server the same as your DDNS name:

sudo mkdir /etc/fw
sudo touch /etc/fw/servername.ddns.net.fw
sudo chmod 777 /etc/fw/servername.ddns.net.fw

Now, you should be able to use the firewall builder program to compile and install the firewall.   You can either restart the apache web server or simply reboot.

Anything incorrect, missing, or not working?  Please let me know.

Security through Obscurity

 

Security and Obscurity

“In security engineering, security through obscurity (or security by obscu58688968_1920_1080rity) is the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system. A system or component relying on obscurity may have theoretical or actual security vulnerabilities, but its owners or designers believe that if the flaws are not known, that will be sufficient to prevent a successful attack. Security experts have rejected this view as far back as 1851, and advise that obscurity should never be the only security mechanism.”  https://en.wikipedia.org/wiki/Security_through_obscurity

We often rely on our security being through some sort of obscurity.  “If they don’t know about it, they can’t use it to get in.”  Common household door locks only have so many combinations, yet we can rely on the lock of our front doors because we know that a thief would have to try every combination or break-the-door-down.  However, on the Internet, who is watching your front door, so a thief cannot try every combination?  Fortunately, our web-server has an access.log file that is automatically updated and archived for us.  Let’s start there and see if anyone has left their “footprints” on your web server.

Is anyone trying to gain access?

wget-shellshock-johnIf you are running a LAMP setup on a Raspberry Pi , open-up a terminal window and type in the following:

cd /var/log/apache2/
zcat access.log* | awk '{print $1}' | sort -n | uniq -c | sort -nr | head -20

 

The output should be a list with two columns, one containing the number of entries counted, and the second column is the IP address associated with each web request made.  The easiest way to get the most information from a reverse IP lookup is by using the following command:

curl ipinfo.io/REPLACE.WITH.IP.ADDRESS.TO.LOOKUP

13117907603_3cce4123de_z

Rather than rely on an external web service, you can do some digging after you install some tools that are not included by default with the Pi:

sudo apt-get install geoip-bin
geoiplookup IP.ADDRESS

Here is a good article on using geoiplookup.  Even more advanced digging not included by default with the Pi:

sudo apt-get install dnsutils
dig -x IP.ADDRESS

Does the location seem suspicious?  Try grepping for the activity, the zgrep command includes the compressed files:

zgrep 'IP.ADDRESS' access.log* -1

By looking at the web requests that were made from the IP address, you can determine whether the activity is suspicious.  Typically, you will find that these IP addresses are from bots looking for vulnerabilities in your security.  You can manually block IP addresses to your blacklist or you can just deny all and allow select IP addresses.  If you haven’t already, you’ll want to install and setup a firewall.