You can create URL redirection service for your blog within five minutes using nothing but web server’s mod_redirect module. For example, when you type or share a url io9.in/t/5159 you will be automatically redirected to http://www.cyberciti.biz/tips/my-10-unix-command-line-mistakes.html. In this quick post I will explain how to create url shortener and integrate your wordpress based blog without installing any new scripts.
PHP is an open-source server-side scripting language, and it is a widely used. The Apache/Nginx/Lighttpd web server provides access to files and content via the HTTP OR HTTPS protocol. A misconfigured server-side scripting language can create all sorts of problems. So, PHP should be used with caution. Here are twenty-five php security best practices for sysadmins for configuring PHP securely.
Like most sys admin, I’m lazy. I try to automate almost all things in order to save time. Inexperienced sys admin and help desk staff working under me finds all these tools useful. It saves their time and avoids security issues. Automation allows help desk staff to do things that they don’t have enough direct system knowledge to do themselves. However, selecting correct tool and applying correct methodology is very important.
Note: There is a poll embedded within this post, please visit the site to participate in this post’s poll.
Now, mod_fastcgi is configured and running. FastCGI supports connection via UNIX sockets or TCP/IP networking. This is useful to spread load among various backends. For example, php will be severed from 192.168.1.10 and python / ruby on rails will be severed from 192.168.1.11. This is only possible with mod_fastcgi.
FastCGI is a protocol for interfacing interactive programs with a web server. FastCGI’s main aim is to reduce the overhead associated with interfacing the web server and CGI programs, allowing a server to handle more web page requests at once.
Also, PHP is not recommended with multithreaded Apache2 (worker MPM) because of performance and some 3rd party PHP extensions are not not guaranteed thread-safe.
mod_fastcgi allows server and application processes to be restarted independently — an important consideration for busy web sites. It also facilitates per-application security policies — important for ISPs and web hosting companies.
In this quick tutorial, you will learn about Apache 2 + mod_fastcgi + PHP installation and configuration under Red Hat Enterprise Linux / CentOS Linux version 5.x+.
Wordpress version 2.7 has been released and available for download. From the announcement page:
The first thing you’ll notice about 2.7 is its new interface. From the top down, we’ve listened to your feedback and thought deeply about the design and the result is a WordPress that’s just plain faster. Nearly every task you do on your blog will take fewer clicks and be faster in 2.7 than it did in a previous version.
What is new in Wordpress 2.7
For a visual introduction to what 2.7 is, check out this video (available in HD, and full screen):
Download the latest release of WordPress version 2.7, released on 10 December 2008.
Debian 5 php5 package has serious security issues as follows:
To prevent Denial of Service attacks by exhausting the number of available temporary file names, the max_file_uploads option introduced in PHP 5.3.1 has been backported.
Recently, I had noticed lots of 404 error generated by my wordpress software. My old wordpress tag structure changed from:
As a result lots of error 404 was dumped into my log file. I wrote a small php code to get rid of the problem.
It appears that latest php version 5.1.6-20.el5_2.1 under RHEL / CentOS Linux v5.2 has made some major changes. As a result choort jail setup using previous instructions no longer works. PHP is crashing with segmentation fault errors. So I had to trace php errors using strace command.
Wordpress 2.6 has been released and available for download almost a month ahead schedule.