ServerOk, Author at ServerOK

inotifywait

inotifywait monitor changes in Linux file system. It can be used to track file changes.

Here is inotifywait command used by bitninja to detect uploaded files.

/bin/inotifywait --daemon --recursive --outfile /var/log/bitninja/inotify/inotify.log --fromfile /var/lib/bitninja/monitor.txt --exclude (^/var/cache/buagent/md0.cache.data$|\.MYD$|\.MYI$|\.MAD$|\.MAI$|\.yara$|^/tmp/lshttpd/*\.sock*|^/tmp/lshttpd/\.rtreport\.*|^/var/tmp/clamav-.*|^/tmp/clamav-.*|^/var/lib/bitninja|^/var/log/bitninja|^/var/cache/awstats|^/usr/local/maldetect/quarantine|\.sock$|\.log$|^.*_log$|^.*_log\.processed$|^.*_ssl_log\.webstat$|^/home/accesslog|^/home/virtfs|^/home/cagefs-skeleton/|^/usr/share/cagefs-skeleton/|^/home/.*?/mail/|^/home/cpeasyapache/src/) --timefmt %F %T --format %w%f %e %T --monitor --event create,move,modify

/bin/inotifywait --daemon --recursive --outfile /var/log/bitninja/inotify/inotify.log --fromfile /var/lib/bitninja/monitor.txt --exclude (^/var/cache/buagent/md0.cache.data$|\.MYD$|\.MYI$|\.MAD$|\.MAI$|\.yara$|^/tmp/lshttpd/*\.sock*|^/tmp/lshttpd/\.rtreport\.*|^/var/tmp/clamav-.*|^/tmp/clamav-.*|^/var/lib/bitninja|^/var/log/bitninja|^/var/cache/awstats|^/usr/local/maldetect/quarantine|\.sock$|\.log$|^.*_log$|^.*_log\.processed$|^.*_ssl_log\.webstat$|^/home/accesslog|^/home/virtfs|^/home/cagefs-skeleton/|^/usr/share/cagefs-skeleton/|^/home/.*?/mail/|^/home/cpeasyapache/src/) --timefmt %F %T --format %w%f %e %T --monitor --event create,move,modify

robots.txt

When you make a copy of your site for development/testing purpose, you don’t need search engines index your site as it will cuase duplicate content.

To disable indexing of a website by search engines, create a file with name robots.txt with following content.

User-agent: *
Disallow: /

1 2	User-agent: * Disallow: /

VLC

VLC using custom HTTP User-Agent

VLC using custom HTTP User-Agent

To change User-Agent in VLC player, go to

Media -> Stream -> Network tab

1	Media -> Stream -> Network tab

Click on “Show more options” check box. In “Edit Options” text box, you can specify your User-Agent like

:http-user-agent="MM_Player (Linux;Android 5.1.1) SOKPlayer/3.1.1"

1	:http-user-agent="MM_Player (Linux;Android 5.1.1) SOKPlayer/3.1.1"

VLC Custom User Agent

MySQL cannot connect via localhost

On an Apache server, MySQL can’t connect when you use localhost, but it work when you chane to IP address 127.0.0.1

When you use “localhost”, it use socket for connecting to MySQL server, this is faster than using TCP/IP connection, that is used when you use IP address to connect to MySQL server.

First find out socket path. To do this login to MySQL server, run

show variables like "socket";

1	show variables like "socket";

See if you can connect using this socket with command

mysql -S /var/lib/mysql/mysql.sock -u root -p

1	mysql -S /var/lib/mysql/mysql.sock -u root -p

In this cause, login to MySQL using socket worked.

I created a simple test PHP script to verify MySQL connection, it was able to connect to MySQL server using “localhost”.

<?php

$link = mysql_connect('localhost', 'root', 'MYSQL_ROOT_PW_HERE');

if (!$link) {
    die('Not connected : ' . mysql_error());
}

$db_selected = mysql_select_db('mysql', $link);

if (!$db_selected) {
    die ('Can\'t use foo : ' . mysql_error());
}

echo "Connected to MySQL";

<?php

$link = mysql_connect('localhost', 'root', 'MYSQL_ROOT_PW_HERE');

if (!$link) {

die('Not connected : ' . mysql_error());

}

$db_selected = mysql_select_db('mysql', $link);

if (!$db_selected) {

die ('Can\'t use foo : ' . mysql_error());

}

echo "Connected to MySQL";

Same script did not work when i try access it using web server. So the problem is web server user not able to connect to MySQL socket. You need to check permission for socket and parrent folders. In this case problem is fixed by running

chmod 755 /var/lib/mysql/

1	chmod 755 /var/lib/mysql/

You can verify enabling SSH access for web server user, then connect to MySQL using command line or try access socket file as apache user.

MySQL Socket Path in php.ini

When a PHP application use localhost to connect, PHP find location of socket from php.ini, you need to verify this path set in php.ini is same as the socket path used by MySQL server.

# cat /etc/php.ini  | grep socket
; Default timeout for socket based streams (seconds)
; http://php.net/default-socket-timeout
default_socket_timeout = 60
;extension=php_sockets.dll
; Default socket name for local MySQL connects.  If empty, uses the built-in
; http://php.net/pdo_mysql.default-socket
pdo_mysql.default_socket= /var/lib/mysql/mysql.sock
; Default socket name for local MySQL connects.  If empty, uses the built-in
; http://php.net/mysql.default-socket
mysql.default_socket = /var/lib/mysql/mysql.sock
; Default socket name for local MySQL connects.  If empty, uses the built-in
; http://php.net/mysqli.default-socket
mysqli.default_socket = /var/lib/mysql/mysql.sock
#

# cat /etc/php.ini | grep socket

; Default timeout for socket based streams (seconds)

; http://php.net/default-socket-timeout

default_socket_timeout = 60

;extension=php_sockets.dll

; Default socket name for local MySQL connects. If empty, uses the built-in

; http://php.net/pdo_mysql.default-socket

pdo_mysql.default_socket= /var/lib/mysql/mysql.sock

; Default socket name for local MySQL connects. If empty, uses the built-in

; http://php.net/mysql.default-socket

mysql.default_socket = /var/lib/mysql/mysql.sock

; Default socket name for local MySQL connects. If empty, uses the built-in

; http://php.net/mysqli.default-socket

mysqli.default_socket = /var/lib/mysql/mysql.sock

If path is differnt, you need to make it same. You can either modify php.ini or MySQL server config file.

redis commander

redis-commander is a GUI for redis. To install, run

npm install -g redis-commander
redis-commander

1 2	npm install -g redis-commander redis-commander

redis commander

Install LiteSpeed Web Server

LiteSpeed is a high performance web server. Unlike most other web servers, this is a paid software, so you will need to purchase a license or get trail key before you can use it.

To install LiteSpeed, download latest version of the software from

https://www.litespeedtech.com/products/litespeed-web-server/download

At this time of writing this post, latest version of LiteSpeed is 5.4.7

cd /usr/local/src
wget https://www.litespeedtech.com/packages/5.0/lsws-5.4.7-ent-x86_64-linux.tar.gz
tar -xvf lsws-5.4.7-ent-x86_64-linux.tar.gz
cd lsws-5.4.7
./install.sh

cd /usr/local/src

wget https://www.litespeedtech.com/packages/5.0/lsws-5.4.7-ent-x86_64-linux.tar.gz

tar -xvf lsws-5.4.7-ent-x86_64-linux.tar.gz

cd lsws-5.4.7

./install.sh

Before you can run the install.sh script, you need to copy your license key to this folder. It will ask you few questions. Once installed, admin interface will be available on URL

http://your-server-ip-here:7080

Disable ModSecurity for a specific URL

On a web site that is protected with ModSecurity, when admin edit HTML pages in admin area, ModSecurity falsely detect it as XSS attack.

ModSecurity

What we can do is disable specific rules that create this false positive. But in this case, it is bceause HTML is submitted. This application normally done need HTML submitted on any other part of the site. So it is better just disable ModSecurity for the specific URL that cause this error.

To do this, add following code to Apache VirtualHost entry for this web site.

<If "%{REQUEST_URI} =~ m#/admin_area/manage_pages.php#">
    SecRuleEngine Off
</If>

<If "%{REQUEST_URI} =~ m#/admin_area/edit_announcement.php#">
    SecRuleEngine Off
</If>

SecRuleEngine Off

</If>

SecRuleEngine Off

</If>

This will disable ModSecurity for URLs /admin_area/manage_pages.php and /admin_area/edit_announcement.php

Cache

Install Zend OpCache on OpenLiteSpeed Server

To install Zend OpCache on OpenLiteSpeed Server, run

apt install -y lsphp73-opcache

1	apt install -y lsphp73-opcache

Now restart PHP with command

killall -9 lsphp

1	killall -9 lsphp

Zend OpCache GUI

Zend OpCache GUI shows stats for OpCache. This is for monitoring purpose only.

You can download it from

https://github.com/amnuts/opcache-gui

All you need to do is download the files, exact it, upload it to your web site. It will show nice graphs with cache statistics.