Category: Server Administration / cPanel / WHM

What is Configuration Management in Software Development?

What is Configuration Management?

Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product’s performance, functional, and physical attributes with its requirements, design, and operational information throughout its life.

Configuration Management Process – where does it fit?

Configuration management fits within an organizational hierarchy and connects the entire business life cycle, not just Software Development and Delivery.  

 What problems do Configuration Management solutions solve?

  • Problems with standardization. (Check & report on configurations & issues across an enterprise.

How to redirect all urls and traffic from one domain to another using .htaccess.

Global Redirect of all urls from one domain to another in .htaccess

Often we find ourselves needing to redirect all traffic from one domain, no matter what page is hit, to a completely different domain.

E.g. 

www.olddomain.com/whatever.html

www.olddomain.com/somethingelse.php

www.olddomain.com/anotherthing.htm

Would all need to redirect to:

www.some-other-domain.com

To do this, you can add the following to your .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^olddomain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.olddomain.com$
RewriteRule (.*)$ http://www.some-other-domain.com/$1 [R=301,L]
</IfModule>

If processed correctly, you should now have a global direct from one domain to the other now in place.…

How to fix CVE-2016-6662 on cPanel / WHM

CVE-2016-6662 – Remote Root Code Execution / Privilege Escalation (0day exploit)

A new 0-day exploit has been announced for MySQL that can result in remote code execution or privilege escalation.

Apparently, this exploit was announced to Oracle, the owners of MySQL more than 40 days ago and a fix has not yet been released.

You can read about it in greater detail from these sources:

This affects the following MySQL and MySQL “clones”: (excerpted from “LegalHackers.com”)

This exploit / bug works because if the malloc-lib configuration variable is set, the wrapper script mysqld_safe (which runs as root) will preload a user designated shared library before starting the server.…

How to restrict zone transfers for PCI compliance in WHM – CVE-1999-0532

Recently we had to assist a client with a server that needed to become PCI compliant. One of the issues was: DNS Zone Transfer Allowed, CVE-1999-0532 and the server was running Centos 6 and WHM / cPanel.

Scanning vendors fail this because “unrestricted zone transfers” violate PCI DSS and are considered automatic failing conditions.

Now, there is not a control for this inside of WHM / cPanel so you will need to edit the named.conf file directly.

Here is how to do it:

Adding the following…

allow-transfer {“none”;};
version “”;

to the following section…

options {
allow-recursion { none; };
allow-transfer {“none”;};
version “”;
};

…within the /etc/named.conf file and then restart the named service.…

How to find large files on a server via SSH

Continuing our series on handy commands to know os one that helps you find large files on your server via SSH.

SSH command for finding files larger than a certain file size

The command for this is quite easy, for our example we will assume you want to find all files that are larger than 1 GB in size and geta list you can use.

Step one: Go into your SSH session and type:

find / -type f -size +1048576k -exec ls -lh {} \; 2> /dev/null | awk ‘{ print $NF “: ” $5 }’  | sort -nrk 2,2

Done!…

How to white list an IP address in Mod Security

Often you will have a ruleset in Mod_Security that you want to override for a specific IP address or within a certain path in a website or an application.

To do this you need to locate or create your Mod_Security white list file, then add this line:

…where

is the ID of the rule you want to override.…

How to increase PHP timeout values in Apache and NGNIX

There comes a time when you really need to increase the amount of time it takes before your server stops a particular PHP process from continuing. This is called PHP session “timeout”.

Under normal conditions you want to keep these values low so your connections are as efficient as possible. These limits are also in place to prevent poorly written scripts from monopolizing too many resources on your server.

However, there’s plenty of reasons you would want to increase these values – usually temporarily.…

How to exclude a sub directory from .htaccess 301 redirects

So, here’s something that comes up all the time – you have a sub-directory you want to exclude from a global .htaccess redirect. Often this is due to installing another application within the document-relative paths of an existing website or web application.

e.g.

  • You want to install a copy of WordPress within an existing Drupal website.
  • or maybe you have an application framework like Cake PHP and you need to exclude a directory from the error handling that occurs across all 404s.

CS-Cart upgrade settings for your server.

One of the problems that you may have while upgrading CS-Cart is that the upgrade inexplicably fails during the upgrade process. If you are lucky, you will get a error trace umped to a file or the screen. If not, it may just silently fail in the background or freeze up.

This is certainly no fun. There’s a number of different carts that experience this, so it is not limited to just CS-Cart by any means.

Before you attempt any upgrade of your system, it is best to create a development (beta) area for you to test out the upgrade in first.…