al3x, Author at Server support blog Page 2 of 3

Author Archives: al3x - Page 2

Apache2, PHP, SuEXEC: legacy CGI for ClipShare and the rest of them

In this article we configured apache2 with php as suExec CGI module. The configuration is a little bit more complicated then regular mod_php but offers definite advantage with php running with script owner privileges.
However there could be situations where this creates additional problems.
Read more »

iomega StorCenter 150d NAS: NFS hack improvement

This is repost from iomega forums – approved by iomega somehow.
I had the same problem as many – I have to upgrade customer hard drive and for that I’ve planned to shift his 1.2TB of content to the nas and to have him run from there to minimize downtime while I’ll resize his LVM partition.
All I have for that is iomega StorCener Pro 150d NAS
As many others I’ve discovered that iomega nas exports nfs filesystems with absolutely usless options

– I’m not planning to create appropriate users/groups on the nas itself – it’s going to be colossal waste of time and most likely wouldn’t help me with my problem anyway.
Read more »

CentOS apache conf.d dark mystery: why some virtual hosts are more equal then others

I’ve got a complain the other day: for some reason some virtualhosts on dedicated server was not working properly with suExec PHP as configured.
Read more »

Using lsof to find trojan processes on Linux.

In my previous post I was telling about checking for programs using network on Linux using lsof tool.
Here I have “live” example of such backdoor found on one of our servers.
Read more »

Apache2, PHP, SuEXEC configuration on CentOS

There are plenty of tutorials on the web. Tons and tons.

However when I had to create working configuration and put together Virtualmin template most of these instruction just didn’t work properly. After some time I’ve came up with my own working configuration and proper Virtualmin apache template for CentOS.

As a bonus we’ll have per-user php.ini and apache2 worker MPM which is a little bit faster and less resource hungry then traditional prefork MPM.
Read more »

Sysadmin shell oneliner: update serial in all DNS zones

Sometimes you just need to force updates on slave DNS servers. The easiest way to do it is to increase zone serials on master server. what if there are hundreds of zone files? Here is one way to do it
Read more »

Centos5: OCFS2 cluster FS on dual primary DRBD: why it doesn’t mount OCFS2 on boot?

I have couple of these – how to configure it pretty easy to found (may be later I’ll go over the setup here too). The problem is – with everything else running perfectly fine OCFS2 partitions are never mounted automagically on boot. Just recently I found out why
Read more »

Looking for the backdoors or performance bottlenecks with lsof

When server is compromised via some PHP script security hole intruders are getting relatively low level of access to the server. Although its enough to install PHP shell script or start some backdoor network daemon or proxy server or network scanner.

Lets see if we can find them
Read more »

VPN from Vmware Guest OS on windows 7

I have couple of Vmware VMs that I am carrying with me from computer to computer and using on regular basis. One of these VMs is used for corporate PPTP VPN.
After my last transition to Windows 7 this VPN stopped working. It took me some time to find the solution to this problem. Read more »

Register any browser as Windows7 default (including portable)

As the matter of choice I’m using only portable versions of non-MS browsers – Chromium portable, FireFox Portable, [email protected]

Everything was nice and dandy while I was using WinXP. Not so easy with Windows7 – let me explain how you can control list of default browsers with simple registry files.
Read more »