Monday, January 18th 2010


Confusing SSL with mixed IP addresses
posted @ 8:21 am in [ Apache -Fixing Things -Hosting -PHP -Technology ]

SSL throws a weird error in that if you have http (port 80) bound to one IP address [say an internal one] and you bind https (port 443) to a different IP address [say an external one] then SSL throws the following very undescriptive error:

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

To fix, edit your Apace configuration file in /etc/httpd/conf/httpd.conf (or similar) and make sure that both virtual hosts have the same IP address – job done 🙂

references: here and here




Friday, December 11th 2009


UKFast – Installing cPanel on fresh CentOS x_64
posted @ 10:28 am in [ Apache -Hosting -osCommerce -PHP -Technology -Web2.0 ]

We’re just starting to move one of our clients Merc (http://www.merc.com/) onto a new webserver as their site has been doing so well that it need a faster, more optimised server to cope with the traffic and went with a new Cloud CentOS x_64 server from UK Fast for a very reasonable £70.00 odd per month.

The server seems lightening quick which is great, but didn’t come with a nice install of Plesk or cPanel or similar so we decided to install cPanel.

It’s actually really easy to do – just follow this really helpful guide here from Network Data Center in the US and you are up and running with a full blown cPanel in a couple of hours.

Job done! 🙂

References:
https://helpdesk.ndchost.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=25




Thursday, October 29th 2009


Fixing cross-site scripting attacks in PHP for PCI Compliance
posted @ 9:49 am in [ Fixing Things -Technology -Web Design -Web2.0 ]

More PCI compliance checks meant that we found a number of scripts in some of the simpler pages on our sites (email register for example) were subject to possible cross-site scripting attacks

(see the Wikipedia entry for a pretty good explanation of what they are and why you need to fix them http://en.wikipedia.org/wiki/Cross-site_scripting)

Anyway – here’s the quick code to fix pretty much any form using htmlspecialchars to encode the input.

Original: (note the weakness in using REQUEST_URI here)

<form method=”post” action=”<?php echo $_SERVER[‘REQUEST_URI’]; ?>” id=”registerTop” class=”smallForm”>

Fixed: (note the replacement of PHP_SELF for REQUEST_URI to stop injection of different pages)

<form method=”post” action=”<?php echo htmlspecialchars($_SERVER[‘PHP_SELF’],ENT_QUOTES); ?>” id=”registerTop” class=”smallForm”>

Happy days – PCI test passed 🙂




Thursday, October 29th 2009


Just in case you wondered who was responsible for all of IE6’s bugs…
posted @ 6:49 am in [ Technology -Web Design -Web2.0 ]

I found this last night while scanning for another document, the thankyou note from Microsoft sent to me for being one of the beta testers on Microsoft Internet Explorer 4 (IE4)!

Obviously I didn’t do a very good job as IE5 and IE6 both turned out to be horribly buggy browsers, but then again they didn’t pay me for the pleasure so it can’t be all bad 🙂


MicrosoftIE4BetaTestersLetter




Tuesday, October 20th 2009


Plesk error 500 and [apc-error] apc_mmap: mmap failed: No space left on device
posted @ 10:55 am in [ Media Temple -PHP -Technology -Web Design ]

Upgrade Plesk 8.0.3 to Plesk 9.0.x on a Media Temple DV server and it dies 🙁

Error 500, nothing in the log files, no where to turn.

Anyways… after a chunk of digging around the problem is to do with running out of memory on the container that Mediatemple allocate for the DV server.

So… you can fix it by lowering the PHP memory requirements in the Plesk 9 PHP.ini file


cd /usr/local/psa/admin/conf/
vi php.ini

Then the setting you want to change is apc.shm_size from the default setting of 40 (Mb?) to 10


apc.shm_size = 10

And then check Plesk to see if it is working


/usr/bin/sw-engine-cgi -c /usr/local/psa/admin/conf/php.ini -d auto_prepend_file=auth.php3 -u psaadm

..and with a bit of luck you should be away! More details in a good discussion on the Plesk forums here




Monday, October 19th 2009


How To Virtualize Any OS For Free
posted @ 6:53 am in [ Technology -Web Design ]

Boot IE6 or IE7 virtual machines on your Mac like our team do without needing to pay Parallels a penny!

http://gizmodo.com/5383982/how-to-virtualize-any-os-for-free

Awesome 🙂




Friday, October 16th 2009


Upgrading Plesk 8.3 for PCI compliance to 9.x
posted @ 3:53 am in [ Fixing Things -Media Temple -Web Design ]

PCI compliance … grrrr… understand why it needs to be done but crikey is it a boring process to do.

Anyway, turns out that Plesk 8.3, the default from our lovely hosting provider at Media Temple, isn’t PCI compliant as it uses an old Apache install

However, never fear, easy fixes at hand 🙂

Upgrade 8.3 to 8.6
/usr/local/psa/admin/sbin/autoinstaller --select-release-id PLESK_9_2_2 --upgrade-installed-components

Upgrade 8.3 to 9.0 (latest)

/usr/local/psa/admin/sbin/autoinstaller --select-release-latest --upgrade-installed-components

or you can run the upgrade interactively using just

/usr/local/psa/admin/sbin/autoinstaller




Thursday, October 15th 2009


More YUM and how to fix
posted @ 5:32 am in [ Technology ]

Yum is great – it really is a blessing when it is installed as you can upgrade a whole Linux system really easily.

The problem is that most shared hosting providers use CentOS so that they can provide ‘virtual’ servers to customers, and as it is basically a very good free copy of RedHat Linux.

CentOS however doesn’t come with Yum so you need to install it, and here’s the common errors when installing and how to fix

1. No module named yum

Error:
There was a problem importing one of the Python modules
required to run yum. The error leading to this problem was:

No module named yum

Please install a package which provides this module, or
verify that the module is installed correctly.

It's possible that the above module doesn't match the
current version of Python, which is:
2.4.3 (#1, May 24 2008, 13:47:28)
[GCC 4.1.2 20070626 (Red Hat 4.1.2-14)]

If you cannot solve this problem yourself, please go to
the yum faq at:
http://wiki.linux.duke.edu/YumFaq

This is actually Python complaining that it can’t find the Yum library to install when it runs. You can try installing it into Python (run python, type ‘import yum’) however this never seems to work for me, so alternatives are to add the directory the Yum source is in to the python path, or to run Yum directly with python using ‘python yummain.py ‘. This works quite well 🙂

2. AttributeError: CHECKSUM_VALUE

This seems to be a mismatch in versions between the Yum package you are installing and the version of the Yum Metadata Parser you have installed. Best trick is to remove the one you have, and install a new one from fresh

rpm -qa | grep yum-metadata-parser
rpm -ev --nodeps yum-metadata-parser-VERSIONFROMABOVECMD

Download the version you want from the Yum homepage – http://yum.baseurl.org/download/yum-metadata-parser/

and install this – should fix it nicely 🙂

Also – found this list of requirements for Phthon etc. based on the version of Yum installing

* yum 3.0.1 – Stable Release, Python 2.4+ and rpm 4.3+ systems only. Requires repomd repositories. Works under FC5, FC6 and rawhide.
* yum-metadata-parser 1.0.2 – C-based metadata parser to quickly parse xml metadata into sqlite databases.
* yum 2.6.X – Stable Release, Python 2.3+ and rpm 4.1.1+ systems requires repomd repositories: 2.6.1 latest known to work with some FC3, FC4, FC5, RHEL4 and compatible distributions
* yum 2.4.X – Stable Release, Python 2.3+ and rpm 4.1.1+ systems requires repomd repositories: 2.4.2 latest known to work with: FC3, FC4, RHEL4 and compatible distributions
* yum 2.0.X – for python 2.1+ and rpm 4.1.1-4.3.1 systems: 2.0.8 latest
* yum 1.0.X – for python 1.5.2+ and rpm 4.0.4 systems: 1.0.3 latest – considered obsolete

references:
http://docs.python.org/install/index.html
http://wiki.centos.org/HowTos/PackageManagement/YumOnRHEL
http://yum.baseurl.org/download/2.9/




Tuesday, August 25th 2009


Blanking out Credit Card numbers in a database with XXXX
posted @ 6:01 am in [ Uncategorized ]

If you have a database table of Credit Cards that a customer has forgotten to mask or blank out, this simple SQL statement will nuke the first 12 digits so that only the last 4 remain as a reference for what card was used = safe 🙂

UPDATE orders SET cc_number = CONCAT(‘XXXXXXXXXXXX’, SUBSTRING(cc_number, 12, 4));

[Change orders to be your table]




Friday, July 10th 2009


Reading Raw POST Data in PHP
posted @ 3:46 am in [ Apache -PHP -Web Design ]

We’ve been having fun trying to proxy array inputs such as radio fields in PHP, and it turns out that their is a great way to access the POST fields data that PHP receives _before_ PHP does any manipulations to it.

What this means is that if you need to pass data from one server to another, totally unaltered, then using the file_get_contents("php://input"); is the answer.

Here’s the original post I was pointed to about this by the very helpful team on the PHP/Curl Mailing List [curl-and-php at cool.haxx.se]

“Sometimes, albeit rarely, I’ve needed to get at the raw POST data in a PHP file. You can of course get the POST data using $_POST, however, this is after PHP has processed it (i.e. magic quotes may have been applied, thus escaping the data). You can access the raw POST information using the following:

$data = file_get_contents("php://input");

You can access the php://input wrapper as if it were a file, and use the Filesystem functions. More information on the PHP wrappers can be found in the PHP Manual.”

From JellyAndCustard.com