≡ Menu


Download of the day: phpBB version 3 ( phpBB Gold )

phpBB final version 3 has been released and available for download. phpBB is a popular Internet forum package written in the PHP programming language.

New Features in phpBB3

* Modular design for the Admin Control Panel, Moderator Control Panel, and User Control Panel.
* Support for multiple database management systems, including MySQL, Microsoft SQL Server, Oracle, PostgreSQL, SQLite, and Firebird.
* Support for unlimited levels of subforums.
* Ability to create custom-defined BBCode.
* Ability to create custom profile fields.
* Greatly expanded permissions system.

From the announcement email:

The project has changed considerably since work on its second major release began. With a raft of new features requested by users and new ideas introduced by its developers, phpBB3 is more able than ever to support the new "social networking" trend. Security too has been a top priority with particular attention paid to reduce or eliminate the problems of the past. Indeed unusually for a project of this nature an independent security audit was performed to better ensure a safer future for its users.

So with great pride phpBB wishes to thank all of its developers, designers, team members and of course its community - please enjoy phpBB3.

Download phpBB version 3

=> Visit official web site to download phpBB stable version 3 (2.15 MiB)

PHP Secure Password Hashing

This blog post provides good information about password hashing. The main point of this article is to use strong encryption and make attackers life hard. So if someone gains access to database, attacker could figure out your password using a brute force or rainbow tables.

Lighttpd / Apache : Run Xcache in Chrooted Jail

Recently I wrote about installing and running Xcache under Red hat enterprise Linux and CentOS Linux. By default Xcache use /dev/zero for caching. All you have to do is create /dev/zero in chrooted jail. Type the following command (assuming that your jail is located at /lighttpd.jail directory):
# mkdir -p /lighttpd.jail/dev
# mknod -m 666 /lighttpd.jail/dev/zero c 1 5

Just restart your web server and xcache should work under chrooted lighttpd web server.

CentOS / Redhat Enterprise Linux Setup Lighttpd in Chroot Jail

Many people asked me to write about setting up Lighttpd under CentOS or RHEL 5 Linux using chroot() call. The instructions are almost same but you need to make little modification as compare to Debian / Ubuntu Linux instructions.

For example purpose we will build jail at /webroot location.
=> Default document root : /home/lighttpd/default/
=> Port : 80
=> IP: Your Public IP address
=> Virtual domain1: /home/lighttpd/vdomain1.com/
=> Virtual domain1 access log file: /var/log/lighttpd/vomain1.com/
=> Default access log file:/var/log/lighttpd/access.log
=> Default error log file:/var/log/lighttpd/error.log
=> Default php error log file: /var/log/lighttpd/php.log


These installation instructions assume you have:

  • Linux distribution
  • Required RPMs (see below for installation instructions)
    • php, php-pear, php-common, php-pdo, php-ldap, php-gd, php-cli, php-mysql
    • mysql, mysql-server etc
    • lighttpd, lighttpd-fastcgi (rpm available here)
  • Installations were tested on Red Hat Enterprise Linux v4/5 or CentOS v4/5 or Fedora Linux 7

Step # 1: Install required packages

Install php and related packages:
# yum install php php-pear php-common php-pdo php-ldap php-gd php-cli php-mysql
Install mysql and related packages:
# yum install mysql mysql-server
Install lighttpd and mod_fastcgi for lighttpd:
# rpm -ivh http://dag.wieers.com/rpm/packages/lighttpd/lighttpd-1.4.18-1.el5.rf.i386.rpm
# rpm -ivh http://dag.wieers.com/rpm/packages/lighttpd/lighttpd-fastcgi-1.4.18-1.el5.rf.i386.rpm

Step # 2: Create /webroot and related directories

# mkdir /webroot
# cd /webroot
# mkdir etc
# mkdir tmp
# chmod 1777 tmp/
# mkdir -p usr/bin
# mkdir -p home/lighttpd/default
# mkdir -p var/run/lighttpd
# mkdir -p var/log/lighttpd
# chown lighttpd:lighttpd var/run/lighttpd/
# chown lighttpd:lighttpd var/log/lighttpd/
# chown -R lighttpd:lighttpd home/

Step # 3: Install chroot script

You need to download and install my script that will help you to build lighttpd in jail:
# cd /sbin/
# wget http://www.cyberciti.biz/files/lighttpd/l2chroot.txt
# mv l2chroot.txt l2chroot
# chmod +x l2chroot

Step # 4: Install php in jail

Now copy php-cgi binary and related shared libraries using l2chroot script:
# cd /webroot/usr/bin
# cp /usr/bin/php-cgi .
# l2chroot php-cgi

Step # 5: Copy required files to /etc

Now you must copy php.ini and related all files to /etc/
# cd /webroot/etc
# cp /etc/passwd .
# cp /etc/group .
# cp /etc/hosts .
# cp /etc/nsswitch.conf .
# cp /etc/resolv.conf .
# cp /etc/php.ini .
# cp -avr /etc/php.d/ .
# cp -avr /etc/ld* .

Update (Oct-1-2008, 1:52pm) : You need to copy entire /etc/ and /usr/share/zoneinfo files to work with latest php version:
# cd /webroot/etc
# /bin/cp -avr /etc/* .

Copy all files from /usr/share/zoneinfo/:
# mkdir -p /webroot/usr/share/
# cd /webroot/usr/share/
# cp -avr /usr/share/zoneinfo/ .

Open group and passwd file and only keep entries for root and lighttpd user:
# vi /webroot/etc/group
Make sure file look as follows:

Also open passwd file inside jail:
# vi /webroot/etc/passwd
Make sure file look as follows:
lighttpd:x:100:101:lighttpd web server:/srv/www/lighttpd:/sbin/nologin

Step # 5: Copy php modules

Now copy php mysql support, php gd and other all modules:
# cd /webroot/usr/lib/
# cp -avr /usr/lib/php/ .
# cd php/modules
# for l in *.so; do l2chroot $l; done

Step # 6: Configure lighttpd chroot call

Open /etc/lighttpd/lighttpd.conf file:
# vi /etc/lighttpd/lighttpd.conf
Setup default document root and chroot directory:
server.document-root = "/home/lighttpd/default/"

Save and close the file.

Step # 7: Restart lighttpd

Type the following command:
# /etc/init.d/lighttpd restart

Jail size

# du -ch /webroot/

12K     /webroot/var/log/lighttpd
16K     /webroot/var/log
4.0K    /webroot/var/run/lighttpd
8.0K    /webroot/var/run
28K     /webroot/var
8.0K    /webroot/etc/ld.so.conf.d
36K     /webroot/etc/php.d
160K    /webroot/etc
8.0K    /webroot/home/lighttpd/default
12K     /webroot/home/lighttpd
16K     /webroot/home
5.3M    /webroot/lib
4.0K    /webroot/tmp
872K    /webroot/usr/lib/sse2
1.4M    /webroot/usr/lib/mysql
676K    /webroot/usr/lib/php/modules
4.0K    /webroot/usr/lib/php/pear
684K    /webroot/usr/lib/php
9.9M    /webroot/usr/lib
2.9M    /webroot/usr/bin
13M     /webroot/usr
19M     /webroot/
19M     total


Always go thought /var/log/messages and server log files:
# tail -f /var/log/messages

Download mysql testing script

Copy and test php mysql connectivity with this script.

Install PHP Pear Mail / SMTP package on CentOS / Red Hat Enterprise Linux

Recently I've noticed that Redhat removed support for following php pear packages:

a) NET/SMTP : An implementation of the SMTP protocol

b) Mail : Class that provides multiple interfaces for sending emails

c) Net/Socke : Network Socket Interface

The simplest solution is downloading and installs these files from php pear repo.

Step # 1: Download files

Use wget command to download all files:
# cd /tmp
# wget http://download.pear.php.net/package/Mail-1.1.14.tgz
# wget http://download.pear.php.net/package/Net_SMTP-1.2.10.tgz
# http://download.pear.php.net/package/Net_Socket-1.0.8.tgz

Untar all files:
# tar -zxvf Mail-1.1.14.tgz
# tar -zxvf Net_SMTP-1.2.10.tgz
# tar -zxvf Net_Socket-1.0.8.tgz

Step # 2: Install files

Simply copy file to your webroot such as /www/usr/share/pear or standard location such as /usr/share/pear:
# cd /usr/share/pear
# mkdir Net
# cd Net
# cp /tmp/Net_SMTP-1.2.10/SMTP.php .
# cp /tmp/Net_Socket-1.0.8/Socket.php .
# cd ..
# cp -avr /tmp/Mail-1.1.14/Mail/ .
# cp -avr /tmp/Mail-1.1.14/Mail.php .

Step # 3: Test SMTP email

Now you have required files, all you have to do is send email using authenticated smtp server.

How to: Run and install PHP FastCGI on Microsoft IIS Server

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs. I'm very big fan of FastCGI. Almost all my Apache / Lighttpd servers are powered by php FastCGI.

Today Microsoft announced the official release of their FastCGI extension for IIS server version 5.1 and 6.0. New FastCGI module should improves the performance and reliability of PHP on Windows operating system.

Since early 2006, Microsoft and Zend have been working together on a technical collaboration with the PHP community to significantly enhance the reliability and performance of PHP on Windows Server 2003 and Windows Server 2008. As part of this collaboration, the IIS product group has been working on a new component for IIS6 and IIS7 called FastCGI Extension which will enable IIS to much more effectively host PHP applications.

=> Using FastCGI to Host PHP Applications on IIS 6.0 and IIS 5.1

PHP Log All Errors to a Log File to Get Detailed Information

PHP offers simple but effective solution to log all errors to a log fiie.
On all production web server you must turn off displaying error to end users via a web browser. Remember PHP gives out lots of information about path, database schema and all other sort of sensitive information. You are strongly advised to use error logging in place of error displaying on production web sites. The idea is quite simple -only developer should see php error log.

How do I log all php errors to a log fiie?

Just add following line to /etc/php.ini to log errors to specified file – /var/log/php-scripts.log
# vi /etc/php.ini
Modify error_log directive
error_log = /var/log/php-scripts.log

Make sure display_errors set to Off (no errors to end users)
display_errors = Off

Save and close the file. Restart web server:
# /etc/init.d/httpd restart

How do I log errors to syslog or Windows Server Event Log?

Modify error_log as follows :
error_log = syslog

How do I see logs?

Login using ssh or download a log file /var/log/php-scripts.log using sftp:
$ sudo tail -f /var/log/php-scripts.log

Updated for accuracy!