Author Archives: al3x

Apache, PHP, SuEXEC: added security and control

suhosin
As we know from original article using Apache, PHP in CGI mode along with suExec gives us 2 important security advantages:
– suExec allows to run PHP process with (only) the file owner user privileges, enforcing proper permissions on PHP scripts and thus allowing to avoid cross-site exploits on the server that is running multiple dynamic web sites;
– per site php.ini.
That gives some unique opportunities for securing separate web sites on the server.
Read more »

Share Button

Apache, PHP, SuEXEC: when it just wouldn’t work out.

Looks like I will have a lot to say on this topic still. By now I’ve collected some cases when you can not use PHP in FastCGI mode and to keep the sites running you will need to abandon suEXEC nice and clean privilege separation mechanism in favor of mod_php/ASAPI.
Read more »

Share Button

Trimming down LibreOffice Portable

LibreOffice Portable was published on Jan 27 2011. In many ways it is better then previous OpenOffice portable 3.2 but still leaves some room for improvement. Like removing unused language resources.
Read more »

Share Button

Centos5: OCFS2 cluster FS on dual primary DRBD: part 3 – setup OCFS2 cluster filesystem

Now for the final part – configuring OCFS2 on our dual primary DRBD.
Read more »

Share Button

Centos5: OCFS2 cluster FS on dual primary DRBD: part 2 – setup dual primary DRBD

This is part 2 where we actually install and configure DRBD devices on top of LVM logical volume
Read more »

Share Button

Centos5: OCFS2 cluster FS on dual primary DRBD: part 1 – prepare LVM on RAID1

A while ago I promised to you ( and myself) to publish the instruction on how to setup OCFS2 cluster fs for 2 nodes over DRBD dual primary configuration. Now it’s time.
I am going to split it over multiple posts to cover as many details as possible.
This is part 1 – laying the foundation – LVM over RAID1 setup.
Read more »

Share Button

How to revert Mac OSX Leopard to “Welcome” screen: quick recap

Mac-OS-X-welcome-screen-animationSometimes you just need to “start from the the clean slate”. Or pass your old trusted Macbook to your little brother, or even sell it. But you are really not in the mood for reinstalling the OS and don’t even remember where are these OSX DVDs that came with the Macbook about couple of lifetimes ago.
There is a way to reset OSX back to “Welcome” screen wiping out your user account and everything that was in it (not sure about installed application – I think only your personal preferences will go).
The majority information is taken from here – I just summarized it so somebody else or I can find it again when needed.
Read more »

Share Button

Mysql weekly/monthly backup: reliability in simplicity

mysqlI’ve been asked many times to put together mysql database backup with weekly/monthly rotation.
I’m pretty sure there are plenty of such scripts out there on the web.
I am going to add mine so that somebody can compare and choose.
Read more »

Share Button

Linux: booted into GRUB shell – now what?

grub_shellYou’ve decided to reboot your Linux Desktop (or remote server) and instead of getting to running system you were greeted by something like this

Why did it happen and where to go from here?
Read more »

Share Button

Apache, PHP, SuEXEC: lessons learned

I’ve been running PHP in fastcgi mode with suExec for some time on about 50+ servers with different workload and various content. There are some tips and tricks that can improve the performance and increase the stability of such configuration.
Read more »

Share Button