How to install Webhosting Guide

Customizing PHP Safe Mode

We’ll guide you through using PHP safe_mode and how-to enable it and to customize it for certain sites on your server. When using PHP as an Apache module, you can also change the configuration settings using directives in Apache configuration files (e.g. httpd.conf) and .htaccess files. PHP safe_mode is very important to in terms of server security because it restricts and disables the dangerous functions in PHP from the scripts like PHP Shell that can otherwise cause damages to your server and client sites.

Using PHP Safe_Mode

First of all we’ll take care of the files that you will edit, and make sure to have copy or backup .

Activate Safe Mode Globally

It is very simple to active safe mode on the entire server. All you need to do is just edit the php.ini file. If you can’t find where php.ini is or have multiple copies on your server the best thing to do is run phpinfo() to find it. Open up Notepad or your favorite HTML editor and paste in the following from this file.

http://www.webhostgear.com/phpinfo.phps

Save it as phpinfo.php and upload it to a website that you want to test on your server. Type in the URL and you’ll get a PHP configuration page telling you exactly where php.ini is located and all kinds of other useful information about the sites and servers configuration settings.

A few lines down you’ll see this:
Configuration File (php.ini) Path: /usr/local/Zend/etc/php.ini
Now that we know the location of php.ini we can proceed to edit it.

1) Open up php.ini in your shell with your favorite editing program.
pico /path to php/php.ini (replace with the path to your php.ini file)

2) Find the following line: safe_mode
Ctrl + W and type in: safe_mode

3) Turning safe mode on or off.
safe_mode = Off

You may active it by or turn it off by changing it to either On OR Off.
safe_mode = On

Good! Now save the file by ctrl + x  then y

4) Restart the Apache web server by
/etc/init.d/httpd restart

Now safe_mode is active on all your server accounts.

Activate Safe Mode Using Per Site Basis

Now if you have scripts that require safe mode off like Modernbill or any script doesn’t work well with safe_mode on what you will do? Disable safe_mode on the entire server just for these scripts? This isn’t very practical when you can disable php safe mode per user account/site basis.

Let’s do it!
1) SSH to your server and login as root.

2) Then find the httpd.conf, normally it’s in /etc/httpd/conf/  or  /usr/local/apache/conf/
If it’s not in either of those places try search for it: locate httpd.conf

3) Then find the site you wish to edit.
Ctrl+W and type in the domain name

You should see something like this

ServerAlias www.domain.net domain.net
ServerAdmin webmaster@domain.net
DocumentRoot /home/domain/public_html
BytesLog domlogs/domain.net-bytes_log
ServerName www.domain.net
User domain
Group domain
CustomLog domlogs/domain.net combined
ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/

4) Now add this line:

php_admin_flag safe_mode Off

We have also found that the following works as well if the above does not but DO NOT USE BOTH, pick one!

php_admin_value safe_mode 0

to be like this :

ServerAlias www.domain.net domain.net
ServerAdmin webmaster@domain.net
DocumentRoot /home/domain/public_html
php_admin_flag safe_mode Off
BytesLog domlogs/domain.net-bytes_log
ServerName www.domain.net
User domain
Group domain
CustomLog domlogs/domain.net combined
ScriptAlias /cgi-bin/ /home/domain/public_html/cgi-bin/

5) Good Now save the changes.
Ctrl + X then Y

6) Restart the Apache web server by
/etc/init.d/httpd restart

Final Words

PHP Safe mode should be on by default on all your servers for added security. However there are some scripts that are not compatible with it on so you have to make an exception to some client sites. Make sure you know why they’re requesting to have it turned off because it is much more secure for everyone to have it on.

If you run into trouble after editing httpd.conf you can run the apachectl configtest
in shell. This will test the Apache configuration for errors and report them back to you if you can’t start it, very handy indeed!
More PHP customizing commands here: http://php.us.themoes.org/manual/en/configuration.changes.php

Article from: http://webhostgear.com/166.html

No comments

Linux Distributions
Who among us hasn’t heard of Linux yet? You know, that freely distributable ‘flavor’ of the Unix class of operating systems? Not a lot, probably. But do you all know that Linux comes in many distributions or ‘distros’ as the natives call it? Or, that, there are over a hundred of these ‘distros’ available online or otherwise?

That’s what I thought.

Well, if you’re a novice, like me, or not-so-new to the field but would like a memory jog, herein then is a quick tour of six of the most commonly used (at least, in my own humble opinion) in web hosting servers that are available under GNU-GPL, listed in alphabetical order.

Debian GNU/Linux is a free OS that uses the Linux kernel although most of its basic tools come from the GNU project. There are three releases in active maintenance as of this writing are: Version 3.0r2, codename: woody, (stable); codename: sarge (testing) and codename: sid (unstable).

Mandrake Linux was created in 1998 by MandrakeSoft, and takes a graphical approach to both installation and system administration. Mandrakelinux™ 10.0 is the latest release.

Red Hat Linux is probably the most popular, although not necessarily the best, of the lot. It was created in 1994 by Marc Ewing, developed by Red Hat Software (now Red Hat Inc.), and has evolved into two main product lines. The Red Hat Enterprise Linux was created in 2002 to become (according to their site anyway) the corporate Linux standard, and its latest release is version 3.0. The Fedora Project, introduced in 2003, for developers and enthusiasts using Linux in non-critical computing environments.

SuSE Linux is the distribution produced by SuSE GmbH. The main selling point emphasized by the company for its latest release, the SuSE Linux 9.0, is the inclusion of of innovative technologies to facilitate system migration for Linux newcomers. This, aside from all Internet, office, images, audio, video and network applications you could possibly want (or so their site says).

Slackware Linux was originally developed by Patrick Volkerding and first released in April 1993. It is a complete 32-bit multitasking UNIX-like system based currently around the 2.4 Linux kernel series and the GNU C Library version 2.3.2 (libc6). Its latest release is Slackware 9.1.

TurboLinux is the leading Linux distribution in the Asia-Pacific. Its unique clustering solution allows the construction of highly available and scalable networks based on low-cost commodity components. Its latest releases are the Turbolinux 10 Desktop, Turbolinux 8 Server and Turbolinux Enterprise Server 8.

CentOS is one of the free versions of the popular Red Hat Enterprise Linux, arguably just as functional, and the major benifit of being completely free.

White Box Linux is also another free clone of Red Hat Enterprise Linux

Parts from http://www.hostingvoice.com/

No comments

UNIX Flavors (Distributions)

Which operating system is best for web hosting?

It seemed a simple enough topic, or so this web hosting novice thought. So I went through countless of sites in search of the answer and came up with a list of Web Hosting Operating Systems to choose from. Whereupon I concluded that there really wasn’t a system that would prove ‘best’ for all. It was, for the most part, simply a matter of needs, and of course, of preference, both from the web host’s and the web master’s points of view.

That takes care of that! Right? Well, not quite. I realized, in the course of my research, that from this list, another ‘list’ begged to be made. A list, that seemed necessary if one were to make an informed choice when it comes to operating systems.

This list, of course, is that of the many Unix ‘flavors’ available in the market. Unless you’re an expert, or simply a fanatic, chances are the concept of Unix having ‘flavors’ came as a surprise. Who knew flavors could apply to things other than ice cream, or food for that matter?

So what exactly is a Unix flavor?

About.com defines it as an implementation of Unix, with each flavor, designed to work with different types of hardware, and having its own unique commands or features. The UGU site provides one of the more comprehensive lists of Unix flavors, but for those who don’t feel like going though all those links, below is an overview of the more popular ones.

Flavors that are available commercially (read: sold) include:

Solaris – Sun Microsystems’ implementation, of which there are different kinds available: these are Solaris OS for SPARC platforms, Solaris OS for x86 platforms, and Trusted Solaris for both SPARC & x86 platforms; the latest version is Solaris 10 OS

AIX – short for Advanced Interactive eXecutive; IBM’s implementation, the latest release of which, is the AIX 5L version 5.2.

SCO UnixWare and OpenServer – are implementations derived from the original AT&T Unix® source code acquired by the Santa Cruz Operation Inc. from Novell, and later on bought by Caldera Systems; the latest versions are UnixWare 7.1.3 and OpenServer 5.0.7

BSD/OS – the Berkeley Software Distribution (BSD) Unix implementation from Wind River; its latest version is the BSD/OS 5.1 Internet Server Edition

IRIX – the proprietary version of Unix from Silicon Graphics Inc.; the latest release of which is IRIX 6.5

HP-UX – short for Hewlett-Packard UniX; the latest version is the HP-UX 11i

Tru64 UNIX – the Unix operating environment for HP AlphaServer systems; Tru64 UNIX v5.1B-1 is the latest version

Mac OS – Mac operating system from Apple Computer Inc. having a Unix core; the latest version is the Mac OS X Panther

Flavors that are available for free, include:

FreeBSD – derived from BSD, it is an advanced OS for x86 compatible AMD64, Alpha, IA-64, PC-98 and UltraSPARC® architectures; the latest versions are FreeBSD 5.2.1 (New Technology Release) and the FreeBSD 4.9 (Production Release)

NetBSD – Unix-like OS derived from BSD and developed by The NetBSD Project; it is shipped under a BSD license and the latest release is NetBSD 1.6.2

OpenBSD – multi-platform 4.4BSD-based Unix-like OS from The OpenBSD project; its latest release is OpenBSD 3.4

Linux — a Unix-type OS originally created by Linus Torvalds, the source code of which is available freely and open for development under GNU General Public License; there are numerous Linux distributions available

A more detailed discussion of these flavors will be provided in future postings, so do come back soon.

NOTES:

Free in this case means that the software is free (to use), but does not necessarily mean that users won’t shell out money to get their own copy(ies). Suppliers may charge a nominal fee for materials used to copy/distribute these (i.e. CDs) and for shipping (if applicable).

BSD license simply put means that users are allowed to develop products based on NetBSD without the changes having to be made public

Although Linux has traditionally been freely available, the ongoing case by SCO against IBM and the rest of the Linux community might change this. A more detailed posting will be made on this topic in the coming days.

 

From http://www.hostingvoice.com/

No comments

Fantastico Error: enc_restrictions.inc.php is protected by SourceGuardian and requires file ixed.lin.4.X.X.pxp, 4.3.7.pxp, 4.3.8.pxp, 4.3.9.pxp error

/usr/local/cpanel/base/3rdparty/fantastico/includes/enc_restrictions.inc.php is protected by SourceGuardian and requires file ixed.lin.4.3.9.pxp.
Please read SourceGuardian protected scripts manual.

Unfortunately many server administrators get this error ever now and then on their server, netenberg has failed to address the problem and has only provided the following temporary fix everytime the problem arises. This tutorial provides the steps needed to fix the problem on your server. This is a very simple tutorial and throughout most of it you can simply copy and paste via your SSH terminal.

Simple way: (Please note that if this does not work try the complex way):

Linux Code:
cd /tmp
chattr -i ixed
rm -Rf ixed*
wget -N http://netenberg.com/files/ixed.tgz
tar xzpf ixed.tgz
rm -f ixed.tgz
chattr +i ixed
FreeBSD Code:
cd /tmp
chflags noschg ixed
rm -Rf ixed*
wget -N http://netenberg.com/files/ixed.tgz
tar xzpf ixed.tgz
rm -f ixed.tgz
chflags schg ixed

PLEASE NOTE: If you’ve already done this in the past, but you start receiving errors again, check to see if PHP has been upgraded to a newer version. If so, you may need to fetch newer ixed files to cover your version of PHP. SourceGuardian updates ixed files fairly quickly, but if you can’t find an ixed file for your version of PHP, then try renaming the latest version of the ixed file prior to your version to match your version:

FreeBSD and Linux Code:
cd /tmp/ixed
cp ixed.lin.4.3.8.pxp ixed.lin.4.3.9.pxp

This fix may or may not work, on each version of PHP a new ixed file is released, so by doing this you are creating a fake version. As soon as the real ixed files gets released for your version of PHP then replace your fake version with the real version (by following the first set on instructions).

Complex Fix: (Adds ixed decoder files as a Dynamic Extentions to the php.ini file. However CPanel may modify php.ini on a daily basis and you may have to fix over and over again)

Code:
cd /usr/local/cpanel/3rdparty/etc/
rm -f ixed.tgz
wget http://netenberg.com/files/ixed.tgz
tar xzpf ixed.tgz
rm -f ixed.tgz

Linux
chattr -i /usr/local/cpanel/3rdparty/etc/php.ini

FreeBSD
chflags noschg /usr/local/cpanel/3rdparty/etc/php/ini

Last Step
/usr/local/cpanel/bin/checkphpini

Retry to load Fantastico. If you still get the errors, do this:

Code:
/scripts/upcp –force

If you still get errors:

Linux Code:
chattr -i /usr/local/cpanel/3rdparty/etc/php.ini
pico -w /usr/local/cpanel/3rdparty/etc/php.ini

FreeBSD Code:
chflags noschg /usr/local/cpanel/3rdparty/etc/php.ini
pico -w /usr/local/cpanel/3rdparty/etc/php.ini

and edit the following line:
extension_dir = ./ ; directory in which …

and remove the ./ if it appears (just those two characters, so it is set like this:
extension_dir = ; directory in which …

instead.

Note: Some users find that changing the extension_dir to “/” (no period) works better for them.

Scroll down to the Dynamic Extentions area of the file and add the following line at the end of this section (before Module Settings):
extension=”/usr/local/cpanel/3rdparty/etc/ixed/ixed.lin.4.3.8.pxp”

Change the number in ixed.lin.4.X.X.pxp to match whatever version of PHP you have installed.

If you get no more errors enter this:

Linux Code:
chattr +i /usr/local/cpanel/3rdparty/etc/php.ini

FreeBSD Code:
chflags schg /usr/local/cpanel/3rdparty/etc/php.ini

Last of all if you are still having problems, make sure you ixed directories are all chmoded to 0755:

Code:
chmod -Rf 0755 ixed

This may need to be done in either the /tmp dir or the /usr/local/cpanel/3rdparty/etc/ dir.

 

Credits: parts of this tutorial from the http://www.netenberg.com website.

No comments

How to Copy Files Across a Network/Internet in UNIX/LINUX (Redhat, Debian, FreeBSD, etc) - scp tar rsync

One of the many advantages of Linux/UNIX is how many ways you can do one thing. This tuturial is going to show you some of the many ways you can ttransfer files over a network connection.

In this article/tutorial we will cover rsync, scp, and tar. Please note that there are many other ways these are just some of the more common ones. The methods covered assume that SSH is used in all sessions. These methods are all much more secure and reliable than using rcp or ftp. This tutorial is a great alternative for those looking for an FTP alterative to transfering files over a network.

 

scp

scp or secure copy is probably the easiest of all the methods, its is designed as a replacement for rcp, which was a quick copy of cp with network funcationability.

scp syntax

scp [-Cr] /some/file [ more … ] host.name:/destination/file

-or-

scp [-Cr] [[user@]host1:]file1 [ more … ] [[user@]host2:]file2

Before scp does any copying it first connects via ssh. Unless proper keys are in place, then you will be asked for usernames. You can test if this is working by using ssh -v hostname

The -r switch is used when you want to recursively go through directories. Please note you must specify the source file as a directory for this to work.

scp encrypts data over your network connection, but by using the -C switch you can compress the data before it goes over the network. This can significantly decrease the time it takes to copy large files.

Tip: By default scp uses 3DES encryption algorithm, all encryption algorithms are slow, but some are faster than others. Using -c blowfish can speed things up.

What scp shouldn’t be used for:
1. When you are copying more than a few files, as scp spawns a new process for each file and can be quite slow and resource intensive when copying a large number of files.
2. When using the -r switch, scp does not know about symbolic links and will blindly follow them, even if it has already made a copy of the file. The can lead to scp copying an infinite amount of data and can easily fill up your hard disk, so be careful.

 

rsync

rsync has very similar syntax to scp:

rsync -e ssh [-avz] /some/file [ more … ] host.name:/destination/file

-or-

rsync -ave ssh source.server:/path/to/source /destination/dir

rsync’s speciality lies in its ability to analyse files and only copy the changes made to files rather than all files. This can lead to enormous improvements when copying a directory tree a second time.

Switches:

-a Archive mode, most likely you should always keep this on. Preserves file permissions and does not follow symlinks.

-v Verbose, lists files being copied

-z Enable compression, this will compress each file as it gets sent over the pipe. This can greatly decrease time depending on what sort files you are copying.

-e ssh Uses ssh as the transport, this should always be specified.

Disadvantages of using rsync:
1. Picky syntax, use of trailing slashes can be confusing.
2. Have to remember that you are using ssh.
3. rsync is not installed on all computers.

 

tar

tar is usually used for achiving applications, but what we are going to do in this case is tar it then pipe it over an ssh connection. tar handles large file trees quite well and preserves all file permissions, etc, including those UNIX systems which use ACLs, and works quite well with symlinks.

the syntax is slightly different as we are piping it to ssh:

tar -cf - /some/file | ssh host.name tar -xf - -C /destination

-or with compression-

tar -czf - /some/file | ssh host.name tar -xzf - -C /destination

Switch -c for tar creates an archive and -f which tells tar to send the new archive to stdout.

The second tar command uses the -C switch which changes directory on the target host. It takes the input from stdin. The -x switch extracts the archive.

The second way of doing the transfer over a network is with the -z option, which compresses the stream, decreasing time it will take to transfer over the network.

Some people may ask why tar is used, this is great for large file trees, as it is just streaming the data from one host to another and not having to do intense operations with file trees.

If using the -v (verbose) switch, be sure only to include it on the second tar command, otherwise you will see double output.

Using tar and piping can also be a great way to transfer files locally to be sure that file permissions are kept correctly:

tar cf - /some/file | (cd /some/file; tar xf -)

This may seem like a long command, but it is great for making sure all file permissions are kept in tact. What it is doing is streaming the files in a sub-shell and then untarring them in the target directory. Please note that the -z command should not be used for local files and no perfomance increase will be visible as overhead processing (CPU) will be evident, and will slow down the copy.

Why tar shouldn’t be used:
1. The syntax can be hard to remember
2. It’s not as quick as to type scp for a small number of files
3. rsync will beat it hands down for a tree of files that already exist in the destination.

There are several other ways of copying over a network, such as FTP, NAS, and NFS but these all requre specialised software installed on either the receiving or sending end, and hence are not as useful as the above commands.

No comments