nixCraft » php

Create Custom URL Shortener For WordPress Based Blog In a Five Minutes

nixCraft — Thu, 03 May 2012 16:43:14 +0000

You can create URL redirection service for your blog within five minutes using nothing but web server's mod_redirect module. For example, when you type or share a url io9.in/t/5159 you will be automatically redirected to http://www.cyberciti.biz/tips/my-10-unix-command-line-mistakes.html. In this quick post I will explain how to create url shortener and integrate your wordpress based blog without installing any new scripts.

Linux: 25 PHP Security Best Practices For Sys Admins

nixCraft — Wed, 23 Nov 2011 05:48:07 +0000

PHP is an open-source server-side scripting language and it is a widely used. The Apache web server provides access to files and content via the HTTP OR HTTPS protocol. A misconfigured server-side scripting language can create all sorts of problems. So, PHP should be used with caution. Here are twenty-five php security best practices for sysadmins for configuring PHP securely.

Poll: Your Favorite Scripting Language?

nixCraft — Tue, 17 Mar 2009 18:40:23 +0000

Like most sys admin, I'm lazy. I try to automate almost all things in order to save time. Inexperienced sys admin and help desk staff working under me finds all these tools useful. It saves their time and avoids security issues. Automation allows help desk staff to do things that they don't have enough direct system knowledge to do themselves. However, selecting correct tool and applying correct methodology is very important.

Note: There is a poll embedded within this post, please visit the site to participate in this post's poll.

Apache2 mod_fastcgi: Connect to External PHP via UNIX Socket or TCP/IP Port

nixCraft — Tue, 30 Dec 2008 12:49:34 +0000

Now, mod_fastcgi is configured and running. FastCGI supports connection via UNIX sockets or TCP/IP networking. This is useful to spread load among various backends. For example, php will be severed from 192.168.1.10 and python / ruby on rails will be severed from 192.168.1.11. This is only possible with mod_fastcgi.

Red Hat / CentOS Apache 2 FastCGI PHP Configuration

nixCraft — Tue, 30 Dec 2008 10:31:32 +0000

FastCGI is a protocol for interfacing interactive programs with a web server. FastCGI's main aim is to reduce the overhead associated with interfacing the web server and CGI programs, allowing a server to handle more web page requests at once.

Also, PHP is not recommended with multithreaded Apache2 (worker MPM) because of performance and some 3rd party PHP extensions are not not guaranteed thread-safe.

nginx and lighttpd has inbuilt support for FastCGI. For Apache web server you need to use either mod_fastcgi or mod_fcgid.

mod_fastcgi allows server and application processes to be restarted independently -- an important consideration for busy web sites. It also facilitates per-application security policies -- important for ISPs and web hosting companies.

In this quick tutorial, you will learn about Apache 2 + mod_fastcgi + PHP installation and configuration under Red Hat Enterprise Linux / CentOS Linux version 5.x+.

Download of the day: WordPress 2.7

nixCraft — Thu, 11 Dec 2008 04:32:57 +0000

Wordpress version 2.7 has been released and available for download. From the announcement page:

The first thing you'll notice about 2.7 is its new interface. From the top down, we've listened to your feedback and thought deeply about the design and the result is a WordPress that's just plain faster. Nearly every task you do on your blog will take fewer clicks and be faster in 2.7 than it did in a previous version.

What is new in Wordpress 2.7

For a visual introduction to what 2.7 is, check out this video (available in HD, and full screen):

Download the latest release of WordPress version 2.7, released on 10 December 2008.

Debian PHP 5 Security Issues

nixCraft — Thu, 27 Nov 2008 04:49:16 +0000

Debian 5 php5 package has serious security issues as follows: To prevent Denial of Service attacks by exhausting the number of available temporary file names, the max_file_uploads option introduced in PHP 5.3.1 has been backported.

WordPress: Redirecting Old Tag URL to New Tag Location

nixCraft — Wed, 08 Oct 2008 20:24:52 +0000

Recently, I had noticed lots of 404 error generated by my wordpress software. My old wordpress tag structure changed from:
/tips/tag/linux_software
/tips/tag/one_two_foo

To:
/tips/tag/linux-software
/tips/tag/one-two-foo

As a result lots of error 404 was dumped into my log file. I wrote a small php code to get rid of the problem.

Troubleshooting Lighttpd Chrooted RedHat PHP Version 5.1.6-20.el5_2.1

nixCraft — Wed, 01 Oct 2008 08:14:35 +0000

It appears that latest php version 5.1.6-20.el5_2.1 under RHEL / CentOS Linux v5.2 has made some major changes. As a result choort jail setup using previous instructions no longer works. PHP is crashing with segmentation fault errors. So I had to trace php errors using strace command.

Download of The Day: WordPress 2.6

nixCraft — Tue, 15 Jul 2008 09:48:36 +0000

Wordpress 2.6 has been released and available for download almost a month ahead schedule.

How To Find Out If ISP Is Throttling BitTorrent Traffic

nixCraft — Thu, 08 May 2008 06:34:57 +0000

This test suite creates a BitTorrent-like transfer between your machine and our server, and determines whether or not your ISP is limiting such traffic. This is a first step towards making traffic manipulation by ISPs more transparent to their customers.

mod_compress: Lighttpd Gzip Compression To Improve Download and Browsing Speed

nixCraft — Sat, 26 Apr 2008 10:18:36 +0000

Gzip compression reduces response times by reducing the size of the HTTP response. This document describes gzipping http traffic which can reduces the response size by about 70%. Approximately 90% of today's Internet traffic travels through browsers that claim to support compression.

PHP Programming Tutorial: Merge and Filter RSS / Atom Feed With XQuery

nixCraft — Thu, 07 Feb 2008 10:48:22 +0000

I've already written about merging two feeds using MagpieRSS and FeedCreator php classes. However, I wasn't aware of XQuery query language that is designed to query collections of XML data. It seems similar to SQL. You can use XQuery to speed your merging and filtering of RSS / atom information (feed) easily. In this tutorial: [...]

Coverity Scan: Security Holes Found in Open Source Projects

nixCraft — Wed, 09 Jan 2008 14:12:39 +0000

Coverity is a company that creates tools for software development. Its premiere product is Prevent, a static-analysis code inspection tool. Coverity offers the results of Prevent's analysis for free to open source developers. From the project home page: In collaboration with Stanford University, Coverity is establishing a new baseline for software quality and security in [...]

Download of the day: phpBB version 3 ( phpBB Gold )

nixCraft — Thu, 13 Dec 2007 19:56:21 +0000

phpBB final version 3 has been released and available for download. phpBB is a popular Internet forum package written in the PHP programming language.

PHP Secure Password Hashing

nixCraft — Wed, 05 Dec 2007 02:17:24 +0000

This blog post provides good information about password hashing. The main point of this article is to use strong encryption and make attackers life hard. So if someone gains access to database, attacker could figure out your password using a brute force or rainbow tables.

Lighttpd / Apache : Run Xcache in Chrooted Jail

nixCraft — Mon, 26 Nov 2007 06:41:56 +0000

Recently I wrote about installing and running Xcache under Red hat enterprise Linux and CentOS Linux. By default Xcache use /dev/zero for caching. All you have to do is create /dev/zero in chrooted jail. Type the following command (assuming that your jail is located at /lighttpd.jail directory): # mkdir -p /lighttpd.jail/dev # mknod -m 666 [...]

CentOS / Redhat Enterprise Linux Setup Lighttpd in Chroot Jail

nixCraft — Fri, 02 Nov 2007 10:40:53 +0000

Many people asked me to write about setting up Lighttpd under CentOS or RHEL 5 Linux using chroot() call. The instructions are almost same but you need to make little modification as compare to Debian / Ubuntu Linux instructions.

Install PHP Pear Mail / SMTP package on CentOS / Red Hat Enterprise Linux

nixCraft — Sat, 20 Oct 2007 12:52:50 +0000

Recently I've noticed that Redhat removed support for following php pear packages: a) NET/SMTP : An implementation of the SMTP protocol b) Mail : Class that provides multiple interfaces for sending emails c) Net/Socke : Network Socket Interface The simplest solution is downloading and installs these files from php pear repo. Step # 1: Download [...]

How to: Run and install PHP FastCGI on Microsoft IIS Server

nixCraft — Wed, 10 Oct 2007 21:32:00 +0000

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs. I'm very big fan of FastCGI. Almost all my Apache / Lighttpd servers are powered by php FastCGI. Today Microsoft announced the official release of their FastCGI extension for IIS server version 5.1 and [...]