Category Archives: Web Server

Enable register_globals in one virtual host

one of my client wanna install prestashops.

They want register globals off and session autostart setting to off.

Those setting only applied to their store only, not affect whole setting.

Because I have setting to httpd.conf I just add two lines :

<VirtualHost 222.124.140.27 >
ServerAdmin webmaster@clientdomain.com
DocumentRoot /home/clientname/public_html/store
ServerName store.clientname.com
php_flag register_globals off
php_value session.auto_start 0
</VirtualHost>

Yes, master value leave intact and this setting only available to store.clientname.com

To verifiy it you can use phpinfo().

Learning .htaccess : 101 way

My friend got suprised when he see login page on phpmyadmin. It’s not usual form for login as he used to login for.

Well, another postfixadmin admin page also show login page. He ask  me to list all tutorial around .htaccess to show for his learning study.

Like I did in Cisco Lab Topology, Cisco Resources or Ipfw Resources , I think I search google too for existing tutorial, Learning On Demand rules :-)

Here’s what I found so far :

  1. .htaccess Tips and Tricks  part I creating this hidden file in the root folder (or any sub folder) of your website, it is possible to set/unset almost all the server directives that can be set in the apache main configuration file. And these changes will take effect only for the root folder in which you created the file and its sub folders. Thus .htaccess file plays an important role in providing fine-grained control to an individual managing a website without giving blanket control of the web server.
  2. .htaccess Tips and Tricks  part II, the arcane mysteries of URL rewriting.
  3. Hotlink test for image, find out if your .htaccess protect your images.
  4. Setting Up .htaccess, htaccess can be used in co-ordination with the Apache web server to password protect certain files and directories on your web server.
  5. .htaccess file generator, create .htaccess file online.
  6. How to Configure Your Website Using Htaccess in Linux with Apache, .htaccess files (or "distributed configuration files") provide a way to make configuration changes on a per-directory basis. A file, containing one or more configuration directives, is placed in a particular document directory, and the directives apply to that directory, and all subdirectories thereof.
  7. HOWTO php.ini overrides with .htaccess,
    in smaller environments where there are only a few developers and a single product there is seldom a need for different values of a php.ini setting. however, depending on how esoteric some of the developers in your group are, or how many projects you have going simultaneously, or how many devs you have working on the same box or you have production and development running on the same box or whatever; you may at some point find a need to have different values for certain php.ini settings for different environments hosted on a single server. the good news is, if youre running apache, php has integrated support for this need.
    .htaccess overrides are especially attractive in shared hosting environments where there is a high likelihood different clients will want different settings for php.ini directives.
  8.  .htaccess Based Authentication On Subdirectories.

 

last update :  November 22 2007

1610 temperature violation detected

New server arrive, HP proliant ML 350 G4 P . With four SCSI HD.

ready to replace our old email server :-)

Just a problem that arise with heatsink that prompt message " 1610 temperature violation detected "

sighhh…

wait more than 5 minutes for cold the machine has no impact.

A few result from google lead me to this post,

After remove "sticker like" stuff  between heatsink and cpu make everything goes normal.

simple thing but make me nuts for  few days :-(

Moral of story : keep fight :-)

 

Modify Server Banner with mod_security

Apache/2.2.4 (Win32) PHP/5.2.1

Microsoft-IIS/6.0

Apache

GWS/2.1

Yes, my friend like to collect what server that run with specific domain.

Such online tools exist in internet like :

Netcraft

Untroubled

Using these tools, server can be "guest" but how accurate this information and whats this information for?

just for fun, nothing else :-)

I just try mod_security within freebsd box to modify it’s banner which result :

"Solaris 10"

for apache 1.37 I run

Steps :

1. Install mod_security

kongja# whereis mod_security
mod_security: /usr/ports/www/mod_security
kongja# cd /usr/ports/www/mod_security
kongja# make install

2. Edit httpd.conf

Make sure this line exist :

LoadModule security_module    libexec/apache/mod_security.so

3. Activate mod_security by adding these lines in httpd.conf to modify the banner

SecFilterEngine On

SecServerSignature "Solaris 10"

4. Restart apache server and finish

Check  again using netcraft or untroubled

Change Solaris 10 to other, like GWS/2.1 ( google engine? hehehehe) or girlfriend name :-)

Untroubled

Netcraft

 

No more 192.168.1.1, avoid it in your network!

Sigh… I hate 192.168.1.1

Since a lot of router or access point built in ip configured for 192.168.1.1 by default

Same ip make ipconflict and make my day ruined

Message for other newbie

don’t use 192.168.1.1 as ip for your server

use other ip like : 192.168.1.112 or 192.168.1.252 it’s safer from 192.168.1.1

get it out from your master plan :-)