Category Archives: Sysadmin - Page 3

sysadmin: cPanel installation script detected MySQL and failed

While trying to install cPanel control panel on just reimaged server I’ve got an interesting error, I’ve never seen before:

Read more »

sysadmin: Apache, FastCGI and PHP-FPM working config

apache-php-fpm
I was looking for working config for the combination of apache mod_fastcgi and PHP-FPM and could not find any. I mean there were plenty of examples and discussions but none of them were operational. The closest was the article on server-world.info site.
Based on that information I was able to put together working configuration for multiple virtual hosts.
Read more »

Windows: Set lightweight web browser as MS windows default web browser application.

qtwebI was thinking the other day – it’s not really safe to have MS windows default browser set to MS Internet Explorer, so any URL you accidentally click will be open with it. For the work related activity I user portable browsers. But what about everything else – this is not really safe no matter how many MS security updates are published every week.
So, I decided to find something really small and “feature-poor” to assign it to the default browser.
Read more »

Sysadmin: How to see the name of PHP script that sent that e-mail

phplogo SPAM e-mail is the common problem these days and in most cases the cause of this problem is the lack of security on the hosted web sites. Various badly designed PHP scripts expose the hosting server MTA to be used as SPAM e-mails source. First and foremost step in resolving this problem would be to determine the originating PHP script that was used to send e-mails.
Read more »

OSX: PPTP VPN networking problem solved with custom MTU

osx0
I had an interesting complain the other day – customer experienced connectivity problems trying to access some web sites while on PPTP VPN connection. The VPN server was running on Linux and also under our control so troubleshooting the situation was pretty easy. All MS Windows based clients didn’t have this problem, only OSX based clients.
Read more »

Sysadmin: How to install latest ffmpeg on Centos

Ffmpeg_new_logo
I had a request to install latest ffmpeg on one of our Cnetos 5 servers the other day. Since I’m trying to stick the the proper package management I’ve had to look for the most recent ffmpeg RPM package on the pkgs.org site. As in most cases the search pointed me towards atrpms.net repository. Pkgs.org contains pretty detailed instruction on how to add the repository that contains the package you require but unfortunately it was not all that straightforward with atrpms.net
Read more »

Sysadmin: “[warn-phpd] mmap cache can’t open file … ” mystery solved


Yesterday I was asked by one of our old customers to help solving very interesting problem – he put some php files outside of apache DocumentRoot on his server and the apache could not access the files, producing very interesting lines into apache default error_log

Read more »

Sysadmin: How to make use of apache web server mod_expires to improve performance

apache_banner
Most of modern Linux distributions contain Apache 2.x web server with the set of standard modules. One of these modules is mod_expires that allows to configure content expiration in local browser cache or caching proxies. Proper configuration for it can significantly improve overall server performance and reduce bandwidth consumption.
Read more »

Sysadmin: How to force fsck on reboot on single filesystem on Linux

fsck
Recently I’ve faced a problem with some server where /usr filesystem ot an error and was switched to read-only. Otherwise server was fine and I wanted to force fsck just on this filesystem, avoiding the rest ( 500gb /home filesystem would keep server down for a loong time which is completely opposite of my goal)
Read more »

How to use BFD tool to block WordPress brute force attacks

I have written about the excellent and lightweight (unlike fail2ban which is more popular but too resource consuming and 3rd party tools dependent) tool BFD earlier. This tool is actually the set of bash scripts that looks for known pattern in the logs and executes actions against offending IPs based on the configuration. Little is known that it’s also modular and allows to extend it’s behavior by writing custom rules to assist with more uncommon situations.

I’ve also written about widespread WordPress brute force attacks that targets wp-logon.php script. The solution I’ve offered there takes care of single WordPress site. It’s getting more difficult to mitigate the attack in case you have multiple servers with multiple WordPress sites. So I decided to come up with more general approach.

Read more »