When I previously installed Composer on my dev server, I made the mistake of doing so while logged in as root. This caused all sorts of permissions-related problems.
I recently decided it was time to sort this out by re-installing Composer properly. Although this should be a no-brainer, I decided to research best practices all the same. I’m glad that I did.
The best tutorial I could find was from DigitalOcean: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-composer-on-ubuntu-16-04. What I like most about their approach, is that it includes instructions for a security check on the installer file.
I also found a lot of very good guidance on the Sitepoint website:
Due to some security upgrades over at Stripe, the CentOS servers need to be updated so they can handle SHA-2 and TLS1.2. This turns out to be quite simple.
First, log in to the server and run:
This will list the updates that are available. It’s possible to select some or all of these for updating. For the sake of simplicity, I decided to update everything at once.
Before running the update, power down the droplet via putty:
sudo shutdown -h now
Now go to DigitalOcean and use their console to create a snapshot of the server. (FYI, it might take a moment for DO to register that the server is actually powered down.) This snapshot will be used for recovery in case anything goes sideways. Creating a snapshot can take from 15 to 30 minutes or more.
When the snapshot is completed, power up the server using the DO console. Now log in via Putty and run the following:
sudo yum -v update
This will take a few moments to finish. Note that I’ve added the ‘verbose’ option, so this will echo a lot of info about the process.
Once the update is completed, the server will need to be restarted. Follow the instructions in this post: http://220.127.116.11/tutorials/?p=86
Now load up the app in a browser and make sure things are working properly.
In my case, I was doing this at the behest of Stripe: next I ran the script they provided to confirm the server is now capable of handling SHA-2 and TLS1.2. All is now good:-)