Category: Server Administration / cPanel / WHM

Genesis & StudioPress Image

WP ENGINE (WPENGINE) Discount Coupon codes

Get the best WordPress hosting for your website – Special offer for FDG Web customers!

Use this WPEngine coupon code for 3 free months of hosting on three of their most popular plans.

WP Engine Coupon Code Details:

  • Get 3 months free on annual Startup, Growth, and Scale plans by clicking this link (scroll for WP Engine promotion code)

WP Engine Mobile optimized image

Bonus – Get Genesis Framework & StudioPress Themes free.

 

When you sign up for a WP Engine plan, you receive the Genesis Framework and 36 StudioPress Themes free.

System Administrator & SysAdmin Interview Questions – Sample question and answer.

As outsourced CTO’s we often get called on to interview System Administrators on behalf of our clients. The following is a series of questions & potential answers you may find helpful if you are planning to interview someone or in turn be interviewed for such a position.

Keep in mind that many of these questions do not have an exact answer – so to help you we’ve also tried to explain the methodology & rationale behind the types of answers you should be looking for.…

What is Configuration Management in Software Development?

What is Configuration Management?

Configuration management (CM) is a systems engineering process for establishing and maintaining consistency of a product’s performance, functional, and physical attributes with its requirements, design, and operational information throughout its life.

Configuration Management Process – where does it fit?

Configuration management fits within an organizational hierarchy and connects the entire business life cycle, not just Software Development and Delivery.  

 What problems do Configuration Management solutions solve?

  • Problems with standardization. (Check & report on configurations & issues across an enterprise.

How to redirect all urls and traffic from one domain to another using .htaccess.

Global Redirect of all urls from one domain to another in .htaccess

Often we find ourselves needing to redirect all traffic from one domain, no matter what page is hit, to a completely different domain.

E.g. 

www.olddomain.com/whatever.html

www.olddomain.com/somethingelse.php

www.olddomain.com/anotherthing.htm

Would all need to redirect to:

www.some-other-domain.com

To do this, you can add the following to your .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTP_HOST} ^olddomain.com$ [OR]
RewriteCond %{HTTP_HOST} ^www.olddomain.com$
RewriteRule (.*)$ http://www.some-other-domain.com/$1 [R=301,L]
</IfModule>

If processed correctly, you should now have a global direct from one domain to the other now in place.…

How to fix CVE-2016-6662 on cPanel / WHM

CVE-2016-6662 – Remote Root Code Execution / Privilege Escalation (0day exploit)

A new 0-day exploit has been announced for MySQL that can result in remote code execution or privilege escalation.

Apparently, this exploit was announced to Oracle, the owners of MySQL more than 40 days ago and a fix has not yet been released.

You can read about it in greater detail from these sources:

This affects the following MySQL and MySQL “clones”: (excerpted from “LegalHackers.com”)

This exploit / bug works because if the malloc-lib configuration variable is set, the wrapper script mysqld_safe (which runs as root) will preload a user designated shared library before starting the server.…

How to restrict zone transfers for PCI compliance in WHM – CVE-1999-0532

Recently we had to assist a client with a server that needed to become PCI compliant. One of the issues was: DNS Zone Transfer Allowed, CVE-1999-0532 and the server was running Centos 6 and WHM / cPanel.

Scanning vendors fail this because “unrestricted zone transfers” violate PCI DSS and are considered automatic failing conditions.

Now, there is not a control for this inside of WHM / cPanel so you will need to edit the named.conf file directly.

Here is how to do it:

Adding the following…

allow-transfer {“none”;};
version “”;

to the following section…

options {
allow-recursion { none; };
allow-transfer {“none”;};
version “”;
};

…within the /etc/named.conf file and then restart the named service.…

How to find large files on a server via SSH

Continuing our series on handy commands to know os one that helps you find large files on your server via SSH.

SSH command for finding files larger than a certain file size

The command for this is quite easy, for our example we will assume you want to find all files that are larger than 1 GB in size and geta list you can use.

Step one: Go into your SSH session and type:

find / -type f -size +1048576k -exec ls -lh {} \; 2> /dev/null | awk ‘{ print $NF “: ” $5 }’  | sort -nrk 2,2

Done!…

How to white list an IP address in Mod Security

Often you will have a ruleset in Mod_Security that you want to override for a specific IP address or within a certain path in a website or an application.

To do this you need to locate or create your Mod_Security white list file, then add this line:

…where

is the ID of the rule you want to override.…

How to increase PHP timeout values in Apache and NGNIX

There comes a time when you really need to increase the amount of time it takes before your server stops a particular PHP process from continuing. This is called PHP session “timeout”.

Under normal conditions you want to keep these values low so your connections are as efficient as possible. These limits are also in place to prevent poorly written scripts from monopolizing too many resources on your server.

However, there’s plenty of reasons you would want to increase these values – usually temporarily.…