Unable to save changes to menu in Drupal 6

[dfads params=’groups=-1′]

On the menu-customize page, after

1) dragging a menu item, or

2) checking/unchecking an enable checkbox,

and clicking “Save configuration”, changes to menu were not saved in Drupal 6. Hence, I started to debug the issue at the Application level. After long head bang, I raised my hand and took some rest. Finally, I googled and found that the problem was not at the Application Level but at System Level. I came to know that while posting the form (i.e. when Save Configuration is clicked) the data sent was of large amount and the system was not able to accept since maximum input size was not defined. Following were the changes made in php.ini file.

; How many GET/POST/COOKIE input variables may be accepted
max_input_vars = 2048

After making above changes I restarted the Apache server. Thus, the problem was resolved and Save Configuration in Menu started working.

[dfads params=’groups=-1′]

Starting web server: apache2(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80

download

$service apache2 restart
[....] Starting web server: apache2(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
failed!

In order to solve the above issue, type following on your console

fuser -k -n tcp 80

[dfads params=’groups=-1′]

Http Error 0 in Drupal

[dfads params=’groups=-1′]

Http Error 0  is a very common error that occurs in Drupal. There are many reasons behind this error.

htttp-error-0

One of the way to resolve this error is to append the following line in this file : /etc/apache2/mods-available/fcgi.conf

[code]

MaxRequestLen 536870912

[/code]

Increase the number value of the MaxRequestLen until the error stops to continue.

[dfads params=’groups=-1′]

Load Testing on Web Servers using Apache Benchmark

ab

After working on many websites, I found one of my site getting too many traffic bringing down the site. I contacted the technical support who fixed the problem. I had never tested load on any of my site. So, I started studying load testing on web servers. This helped me to understand how many users can be handled by my website so that it can run smoothly.

I found a very light and strong linux tool called Apache Benchmark Tool that can test load on Web Servers. This can benchmark Apache, IIS and other web server with apache benchmarking tool called ab. There are also other open source tools that helps to test load on web servers.

[dfads params=’groups=-1′]

I executed following command on my linux terminal:

[code]

ab -c 1000 -n 1000 -t 60 -k http://ignou.ac.in

[/code]

Option -c : This option says there are 1000 concurrent users logged in on the Web Server.

Option -n : This option sends 1000 requests to the Web Server.

Option -t : This option says users will be logged in for 60 seconds.

Option -k : For Keep Alive On

I logged in to the web server and executed the following command to test the actual load.

[code]

top

[/code]

This command helped to track down the load average, CPU and Memory Utilization of the web server.

[dfads params=’groups=-1′]

How to redirect http requests to https on Debian Linux with Apache Web Server?

securing-apache5-590x277

[dfads params=’groups=-1′]

Do the following to redirect http requests to https running on Debian Linux with Apache Web Server.

File : /etc/apache2/ports.conf

[code]
NameVirtualHost *:80
Listen 80
[/code]

File : /etc/apache2/sites-availabe/default

[code]
<VirtualHost *:80>
ServerName www.example.com
Redirect / https://www.example.com/
</VirtualHost>

<VirtualHost *:443>
ServerName www.example.com
# … SSL configuration goes here
</VirtualHost>
[/code]

Restart Apache Webserver

[code]
/etc/init.d/apache2 restart
[/code]

[dfads params=’groups=-1′]

Installing and Configuring Commercial SSL on Debian Linux

SSL-Certificate-Secrity-H01CB360EBAB420000000000000004713

[dfads params=’groups=-1′]

Note: Please note that commercial SSL certificates require a unique IP address for SSL-enabled sites.

a. Enable SSL for Apache and make a directory named “ssl” inside “/etc/apache2/”

[code]
a2enmod ssl
mkdir /etc/apache2/ssl
[/code]

b. Create a Certificate Signing Request

[code]
cd /etc/apache2/ssl
openssl req -new -days 365 -nodes -keyout www.mydomain.com.key -out www.mydomain.com.csr
[/code]

The above command will create a certificate signing request (CSR) for the site which you’d like to use with SSL. Leave the challenge password blank.
Execute the following command to protect the key:

[code]
chmod 400 /etc/apache2/ssl/www.mydomain.com.key
[/code]

Files for your domain will be created in /etc/apache2/ssl. You may now submit the file ending in .csr to a commercial SSL provider for signing. You will receive a signed file after the CA signs the request. Save this file as /etc/apache2/ssl/www.mydomain.com.crt.
Execute the following command to protect the signed certificate:

[code]
chmod 400 /etc/apache2/ssl/www.mydomain.com.crt
[/code]

[dfads params=’groups=-1′]

c. Get the CA Root Certificate
You’ll need to get the root certificate for the CA that you paid to sign your certificate. You may obtain the root certs for various providers from these sites:
Verisign
Thawte
Globalsign
Comodo
For example, if we downloaded a root cert for Verisign, we would save it to /etc/apache2/ssl/verisign.cer.
d. Configure Apache to use the Signed SSL Certificate.
We’ll add an entry to /etc/apache2/ports.conf for the IP address you’ll be using to host your SSL-enabled site.
File excerpt:/etc/apache2/ports.conf

[code]
NameVirtualHost 12.34.56.78:443
Listen 443
[/code]

Replace the above IP address with your dedicated IP Address. Next, we edit the VirtualHost Configuration file i.e. /etc/apache2/sites-available/default in our case.

[code]
<Virtualhost 10.10.10.109:443>
SSLEngine On SSLCertificateFile /etc/apache2/ssl/www.mydomain.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www.mydomain.com.key
SSLCACertificateFile /etc/apache2/ssl/verisign.cer

ServerAdmin info@mydomain.com
ServerName www.mydomain.com
DocumentRoot /var/www/
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
</Vritaulhost>
[/code]

NOTE: You can edit your existing Virtualhost Configuration file (Virtualhost *:80) by adding the above attributes within the Virtualhost tag.

e. Restart Apache:

[code]
/etc/init.d/apache2 restart
[/code]

f. Congratulations, you’ve installed a commercial SSL certificate! You can visit your site with SSL enabled. i.e. https://mydomain.com OR https://localhost/your_website/

[Source: https://library.linode.com/web-servers/apache/ssl-guides/debian-5-lenny]

[dfads params=’groups=-1′]

Solution to Url Encoded Slashes (%2F) Problem in Apache

[dfads params=’groups=-1′]

I was working on Drupal 6. I had to troubleshoot a site that has a problem in its link. The ugly URL looks like this: http://rcportblair.ignou.ac.in/admin/build/employee/search/result/none/0/none/%252F1

The last argument in the link i.e. %252F is a forward slash automatically added by the Drupal engine which was creating problem while generating result. There are many ways to handle these urls. One way is listed below:

<VirtualHost *:80>
    AllowEncodedSlashes On
</VirtualHost>

This directive may be set in server config file (e.g. httpd.conf OR /etc/apache2/sites-available/default) and may appear inside <VirtualHost> containers to affect certain websites. Using it in .htaccess files is not allowed.

[dfads params=’groups=-1′]

Apache is running a threaded MPM, but your PHP Module is not compiled to be threadsafe. You need to recompile PHP.

[dfads params=’groups=-1′]

After installing Apache2, MySQL & PHP on Debian wheezy 7.1, I tried to reboot the apache server. It showed me the following error.
Starting web server: apache2[Fri Dec 27 11:29:16 2013] [crit] Apache is running a threaded MPM, but your PHP Module
is not compiled to be threadsafe. You need to recompile PHP.
Pre-configuration failed
Action 'start' failed.
The Apache error log may have more information.
failed!

So I searched through the internet to recomplie the PHP Source. But none of the tutorials were best and feasible.

Finally, after long try I found the command below that helped me to run the apache and PHP along.
apt-get install apache2-mpm-prefork

[dfads params=’groups=-1′]

How to detect a DOS / DDOS Attack on your Linux Server?

[dfads params=’groups=-1′]

While researching through website traffic problems, the first thing that came in my mind is DoS / DDoS attacks. So, I started to study about it.

What is DoS / DDoS attack? 

(Wiki Answer) : In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of efforts to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.

How to check if your Linux server is under DDOS Attack?

Login to your Linux Server and type the following command:

netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort –n

This command will show you the list of IP’s which have logged in is maximum number of connections to your server. It becomes more complex if the attacker use fewer connections with more number of attacking IP’s.

[dfads params=’groups=-1′]

We can check active connections to the server using the following command:

netstat -n | grep :80 |wc –l

The above command will show the active connections that are open to your server. The result may vary but if it shows connections more than 500, then you will be definitely having problems.

netstat -n | grep :80 | grep SYN |wc –l

If the result of the above command is 100 or above then you are having problems with sync attack.

Once you get an idea of the ip attacking your server, you can easily block it. Fire the following command to block specific IP:

route add ipaddress reject

Fire the following command to check whether that IP is blocked or not:

route -n |grep IPaddress

You can also block a IP with iptables on the server by using the following command.

iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT

service iptables restart

service iptables save

After firing the above command, KILL all httpd connection and than restart httpd service by using  following command:

killall -KILL httpd/apache2

[dfads params=’groups=-1′]

[Updated 12-12-2013]

In order to delete the route entry, fire the following command.

ip route delete ipaddress

[Source : https://kb.hivelocity.net/how-to-check-if-your-linux-server-is-under-ddos-attack/]