omniomi

While the DigitalOcean guide is really good for specifically setting up Wordpress it's missing a lot of the web server specific stuff. There's an interesting anecdote in security that you're more likely to get malware form a church website than a porn site. The reason is the church website was more likely setup by a well meaning parishioner's tech inclined kid and not a professional thus is likely not hardened sufficiently. Guides like the Digital Ocean guide are precisely the types of guides followed by those well meaning folks that don't go far enough to protect the sites from attack and abuse.
 
Before you even install Apache:
The DO guide touches on this but: Create a new non-root user and never daily drive as root.
- adduser myuser
- adduser myuser sudo or usermod -a -G sudo myuser depending on version.
  Log out of the server and log back in using your new user.
  Disable root login over SSH.
- Edit /etc/ssh/sshd_config
- Change PermitRootLogin to no
- sudo systemctl restart sshd
  Ideally you should also setup Key-Pair authentication and disable PasswordAuthentication but that's up to you.
  Stop sshd from listening over anything other than IPv4 unless you need it to.
- echo 'AddressFamily inet' | sudo tee -a /etc/ssh/sshd_config
- sudo systemctl restart sshd
  Install and configure a firewall like iptables.
- Once installed create a file called /etc/iptables.rules with this content: *filter # Allow all loopback (lo0) traffic and drop traffic to 127/8 that doesn't use lo0 -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT # Accept all established inbound connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow all outbound traffic -A OUTPUT -j ACCEPT # Allow HTTP and HTTPS connections -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -p tcp --dport 443 -j ACCEPT # Allow SSH connections -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT # Allow ping (optional) -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT # Log iptables denied calls (optional) -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 # Reject all other inbound - default deny unless explicitly allowed policy -A INPUT -j REJECT -A FORWARD -j REJECT COMMIT - Activate the rules using sudo iptables-restore < /etc/iptables.rules
- Verify using sudo iptables -L
- Create /etc/network/if-pre-up.d/firewall and add 
#!/bin/sh /sbin/iptables-restore < /etc/iptables.rules - sudo chmod +x /etc/network/if-pre-up.d/firewall
Install fail2ban and configure it in /etc/fail2ban/jail.conf
After installing Wordpress:
Wordpress is the most popular CMS on the internet especially among amateur web masters so it is also the most attacked. Even web servers with no Wordpress installs will see bots probing for wordpress vulnerabilities every hour of every day... It's your job to secure it to the best of your ability:
Enable 2FA for Wordpress https://codex.wordpress.org/Two_Step_Authentication
  Use the recommended permissions for Wordpress (Folders - 755, Files - 644) and never use 777.
- find /path/to/wordpress/ -type d -exec chmod 755 {} \;
- find /path/to/wordpress/ -type f -exec chmod 644 {} \;
  Add BasicAuth to the /wp-admin/ directory (.htpasswd) and/or restrict the /wp-admin/ directory to your IP addresses. Google for guides.
  Deny php execution in the wp-content/Uploads directory.
- Create an .htaccess file at the root of the Uploads directory  and add <Files ~ "\.ph(?:p[345]?|t|tml)$"> deny from all </Files> This can stop some themes from working ... I wouldn't use those themes.
Turn off file editing in wp-config.php by setting define('DISALLOW_FILE_EDIT', true);
Ongoing:
Keep the operating system, Apache, MySQL, etc up to date.
  Keep Wordpress and any addons up to date.
  Do not install addons from untrusted sources. They're the most common source of vulnerabilities.
  Constant monitoring: If you notice weird files in your Wordpress directories, posts/content you didn't add, etc deal with it immediately. 
  Do not install FTP on the server, you don't need it... Use SFTP / SCP over port 22 instead. No extra installs needed... In a client like WinSCP select "SFTP" as the protocol and it will just work.

Off topic; However,
 
The AD Domain Name and the DNS name of the domain are two separate things. Ie, if you are Company Inc. with the website www.company.com you might call your AD domain "CORP" with the DNS name corp.company.com. Users would have the down-level logon name of CORP\Username and a UPN of username@corp.company.com or similar. Typically when binding to Active Directory you will use the full DNS name of the domain as OP showed in their screenshot.
 
Now, it is possible for your domain to be "Company" with the DNS name of "company.com" but that is considered to be against best practices due to issues such as split brain DNS and administrators who configure their domains that way typically end up regretting it. You can also do things like "company.local," "company.dom," etc but that is less common. A sub-domain of the company's public website domain is the most common and within best practices; It is also cleaner in multi-domain setups where you may have corp.company.com, prod.company.com, dev.company.com, etc.
 
As OP is a student and this is for a project he should be following real world configuration. Clients should use the local DNS servers exclusively for DNS they [the DNS servers] should resolve anything for which they're not authoritative. Setting up root hints on the DNS server(s) is ideal but forwarders can be used if absolutely necessary.
 
 
 

Off topic; However,
 
The AD Domain Name and the DNS name of the domain are two separate things. Ie, if you are Company Inc. with the website www.company.com you might call your AD domain "CORP" with the DNS name corp.company.com. Users would have the down-level logon name of CORP\Username and a UPN of username@corp.company.com or similar. Typically when binding to Active Directory you will use the full DNS name of the domain as OP showed in their screenshot.
 
Now, it is possible for your domain to be "Company" with the DNS name of "company.com" but that is considered to be against best practices due to issues such as split brain DNS and administrators who configure their domains that way typically end up regretting it. You can also do things like "company.local," "company.dom," etc but that is less common. A sub-domain of the company's public website domain is the most common and within best practices; It is also cleaner in multi-domain setups where you may have corp.company.com, prod.company.com, dev.company.com, etc.
 
As OP is a student and this is for a project he should be following real world configuration. Clients should use the local DNS servers exclusively for DNS they [the DNS servers] should resolve anything for which they're not authoritative. Setting up root hints on the DNS server(s) is ideal but forwarders can be used if absolutely necessary.
 
 
 

While the DigitalOcean guide is really good for specifically setting up Wordpress it's missing a lot of the web server specific stuff. There's an interesting anecdote in security that you're more likely to get malware form a church website than a porn site. The reason is the church website was more likely setup by a well meaning parishioner's tech inclined kid and not a professional thus is likely not hardened sufficiently. Guides like the Digital Ocean guide are precisely the types of guides followed by those well meaning folks that don't go far enough to protect the sites from attack and abuse.
 
Before you even install Apache:
The DO guide touches on this but: Create a new non-root user and never daily drive as root.
- adduser myuser
- adduser myuser sudo or usermod -a -G sudo myuser depending on version.
  Log out of the server and log back in using your new user.
  Disable root login over SSH.
- Edit /etc/ssh/sshd_config
- Change PermitRootLogin to no
- sudo systemctl restart sshd
  Ideally you should also setup Key-Pair authentication and disable PasswordAuthentication but that's up to you.
  Stop sshd from listening over anything other than IPv4 unless you need it to.
- echo 'AddressFamily inet' | sudo tee -a /etc/ssh/sshd_config
- sudo systemctl restart sshd
  Install and configure a firewall like iptables.
- Once installed create a file called /etc/iptables.rules with this content: *filter # Allow all loopback (lo0) traffic and drop traffic to 127/8 that doesn't use lo0 -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT # Accept all established inbound connections -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow all outbound traffic -A OUTPUT -j ACCEPT # Allow HTTP and HTTPS connections -A INPUT -p tcp --dport 80 -j ACCEPT -A INPUT -p tcp --dport 443 -j ACCEPT # Allow SSH connections -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT # Allow ping (optional) -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT # Log iptables denied calls (optional) -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7 # Reject all other inbound - default deny unless explicitly allowed policy -A INPUT -j REJECT -A FORWARD -j REJECT COMMIT - Activate the rules using sudo iptables-restore < /etc/iptables.rules
- Verify using sudo iptables -L
- Create /etc/network/if-pre-up.d/firewall and add 
#!/bin/sh /sbin/iptables-restore < /etc/iptables.rules - sudo chmod +x /etc/network/if-pre-up.d/firewall
Install fail2ban and configure it in /etc/fail2ban/jail.conf
After installing Wordpress:
Wordpress is the most popular CMS on the internet especially among amateur web masters so it is also the most attacked. Even web servers with no Wordpress installs will see bots probing for wordpress vulnerabilities every hour of every day... It's your job to secure it to the best of your ability:
Enable 2FA for Wordpress https://codex.wordpress.org/Two_Step_Authentication
  Use the recommended permissions for Wordpress (Folders - 755, Files - 644) and never use 777.
- find /path/to/wordpress/ -type d -exec chmod 755 {} \;
- find /path/to/wordpress/ -type f -exec chmod 644 {} \;
  Add BasicAuth to the /wp-admin/ directory (.htpasswd) and/or restrict the /wp-admin/ directory to your IP addresses. Google for guides.
  Deny php execution in the wp-content/Uploads directory.
- Create an .htaccess file at the root of the Uploads directory  and add <Files ~ "\.ph(?:p[345]?|t|tml)$"> deny from all </Files> This can stop some themes from working ... I wouldn't use those themes.
Turn off file editing in wp-config.php by setting define('DISALLOW_FILE_EDIT', true);
Ongoing:
Keep the operating system, Apache, MySQL, etc up to date.
  Keep Wordpress and any addons up to date.
  Do not install addons from untrusted sources. They're the most common source of vulnerabilities.
  Constant monitoring: If you notice weird files in your Wordpress directories, posts/content you didn't add, etc deal with it immediately. 
  Do not install FTP on the server, you don't need it... Use SFTP / SCP over port 22 instead. No extra installs needed... In a client like WinSCP select "SFTP" as the protocol and it will just work.

The real answer is Linux Subsystem for Windows, but ConEmu is pretty nice and can be used to enhance the former.

Flyer presentation (I designed the flyer as well):
 

 
Beer Bottles (there is a cap as well but it's not in this render):
 

 
A few typical wallpapers:
 
 
 
... that's all I have on my imgur profile and I'm not at home atm.

You can take video game development courses if you are serious 
 
BUT - there is NO WAY you can make a game as complicated as you want without spending years, or without tons of staff - just not possible to alone without any experience
 
The most you could hope for would be like a CS;GO style game - or just building your gaming in Unity and buying your asssets - but this has its own problems
 
 
I would never want to discourage you-  but you should start with a SIMPLE game - make like an Unreal Tournament arena shooter - static maps, basic gun models - let people frag each other
 
 
You dont start your first game by making battlefield 4 on your own mate!

You have over 20k posts so I should have to say this, but @tmcclelland455 follow your topics

From what I remember it's the same as standard windows.

A
1: open cmd

2:: type "ipconfig" to get your existing ip address, subnet mask, default gateway etc.


B
1: right click on the networking icon near the far right of the task bar and select "Open Network and Sharing Center"




2: near the top left of the window that opens select "Change adapter settings"



 
 
3: Right click on your Ethernet adapter and select "Properties"




4: In the new window that opens you'll want to select "Internet Protocol Version 4 (TCP/IPv4)" then hit "Properties"

5: In the new window that pops up, enter all the details that you would've seen in command prompt, in my case it's this.
DNS should be the same as the default gateway and you may want to use the google DNS server (8.8.8.8) as the alternate.


Hopefully this is helpful

Robocopy is the way to go:
robocopy "f:\" "g:\f-backup" /mir /Z /r:1 /log+:c:\logs\f-backup.txt Will mirror f:\ to "g:\f-backup" >> "f:\" "g:\f-backup" /mir Will resume large files if connection is lost mid-stream >> /Z Will retry once if it fails after waiting 30 seconds >> /r:1 Will log to c:\logs\f-backup.txt >> /log+:c:\backup\logs\f-backup.txt Put that in a bat file in c:\backup and create a task to run daily and invoke that batch file OR you can invoke robocopy directly:
 

if the SYSTEM is controlling the file i would be carefull. what file is it exactly?

<head> can be ommitted in specific circumstances in HTML5 which was specified in the doc type:
<!DOCTYPE html> A head element's start tag may be omitted if the element is empty, or if the first thing inside the head element is an element. A head element's end tag may be omitted if the head element is not immediately followed by a space character or a comment. His code snipped met the requirement "is empty" as there were no tags in the head.

<head> can be ommitted in specific circumstances in HTML5 which was specified in the doc type:
<!DOCTYPE html> A head element's start tag may be omitted if the element is empty, or if the first thing inside the head element is an element. A head element's end tag may be omitted if the head element is not immediately followed by a space character or a comment. His code snipped met the requirement "is empty" as there were no tags in the head.

CentOS, majority of Linux servers in the industry are RHEL.

Man, U paranoid af...
 
 
If someone wanted to  try and gain admin simply having access to the computer would be enough. (though they would need to have SUPER skills)
 
But if a computer has a guest account that automatically stops them having admin rights without the admin account approving (and to get admin privileges would still be hard if you don't approve)

I use the Google Suite, Google Docs, slides, etc. Works pretty well

Nice, thanks a lot. My teacher literally tells us nothing, so I have to find bits with google searches .
 
 
 
 
Nice, thanks a lot. My teacher literally tells us nothing, so I have to find bits with google searches .

^[0-9]+$ breaks down as such:
 
^ the beginning of the string.
[0-9] matches characters in the numeric range 0-9.
+ allows for between 1 match and unlimited matches (so 1, 12, 111, 114551, etc would all match.)
$ the end of the string.
 
Without the + it would only accept 1, 2, 3, 4, 5, 6, 7, 8, 9, or 0. With the plus it can be any length of number. All of the characters must of course be numbers (11n66 would not match.)
 
If you need to allow decimal places it would be ^[0-9]+([.][0-9]+)?$

Regex... Which is probably the purpose of the assignment. 
https://en.wikipedia.org/wiki/Regular_expression
#!/bin/bashecho Enter value one:read valueOneecho Enter value two:read valueTwoif ! [[ $valueOne =~ ^[0-9]+$ ]]; then echo $valueOne "is not a number"fiif ! [[ $valueTwo =~ ^[0-9]+$ ]]; then echo $valueTwo "is not a number"fi omniomi@bitch:~$ ./test.shEnter value one:aEnter value two:fa is not a numberf is not a numberomniomi@bitch:~$ ./test.shEnter value one:sEnter value two:2s is not a numberomniomi@bitch:~$ ./test.shEnter value one:1Enter value two:2omniomi@bitch:~$ ./test.shEnter value one:12Enter value two:13

You can also install Wordpress in a child directory. Ie, xyz.com/blog/  

Well, rebuilding the whole website is an option but not the most efficient. You could actually create a sub-domain. For example if your website is lcoated at www.xyz.com you could easily create the subdomain www.blog.xyz.com and then build the blog there.
 
The only reason that you may want to avoid using the subdomain solution is that the SEO, has a chance of being affected.
 
 

Nothing he has asked for is responsive. In fact he's basically asked for the opposite.
 
@knows_something Are you sure this is what you want to make? Using fixed content like this rarely works well unless you use real responsive design to enable your website to adapt to fit any screen and any resolution.
 
If this is what you want to do the easiest way is to use the CSS position property. Set it to fixed and then you can use top, bottom, left and right CSS properties to position an element exactly where you want and it wont move. Just make sure you use percentages to ensure it works across different resolutions.

k

You can use a simple if statement in your menu to check if they're logged in, and then display the appropriate menu item.

if (isset($_SESSION['user_email'])) { Echo 'link to logout';} else { Echo 'link to login';}