Crypt_blowfish, Any Risk In Installing

Sep 11, 2007

A customer has requested we install a pear package called crypt_blowfish for there website which sells items.

What exactly is it? Is there any risk in installing the extension?

Ive not heard of it myself before

View 4 Replies


ADVERTISEMENT

Is My Domain Name At Risk

May 28, 2007

my domain name expires in July (within 90 days).

It is currently with company A who charge quite a lot to keep it there. I want to move it to company B who are my hosts and with whom I get 1 free domain name.

One added complication is that the domain is in a friends name, but I have logon and can change name to my own any time I want.

Company B said "After it is on our registrar, you will be the only one that can renew it as long as it doesn't expire for longer than 90 days."

This has me worried that because I haven't renewed it withing 90 days that it can be stolen from me. Have I misunderstood or is this a risk?

If so would I be better advised to renew it in my friends name wth company A?

View 10 Replies View Related

How Big Risk Do I Take If I Don't Update The Kernel?

May 2, 2008

I'm a Windows guy and can little or nothing about Linux. How big risk do I take if I'm using a Linux VPS and never update/patch the kernel?

I'm using CentOS 5 and LxAdmin. I can update the control panel, but I can not update/patch the kernel since I have no knowledge how I do that.

I'm using a unmanaged plan, so no help there.

Some of my sites are running Wordpress, but I'm always using the lates WP installation. I not using any other plugins that WG2, Gallery2, and remove max width.

Nobody except me have access to the VPS, and I have no other FTP accounts or something like that on the VPS.

I have no other scripts or any kind of dynamic pages on my VPS.

What kind of risk do I have here?

I'm currently having plans to cancel my second VPS that's using Win2003, and only use Linux in the future. I can cut my monthly expensive with 50% that way, but do I take a big risk doing it that way?

View 9 Replies View Related

Hosting A High Risk Site

Mar 25, 2009

What sort of redundancy that is recommended for a high risk site?

My definition of high risk is it will attract more hackers than usual, more DDOS, chances of blocked by ISP and etc.

View 4 Replies View Related

Moving SSH Back To Port 22 But Will Root Be At Risk

Apr 26, 2008

At present I run SSH on a different port then normal to protect root. This has worked for two years, but with discovering that cPanel finally support SFTP without shell access needed, I want to finally turn off FTP and require SFTP. The problem is the port I am using. Since it's a random port I have been secured against root attacks (well nothing has shown up). I am with LiquidWeb which is fully managed. So I guess they take care of allot of prevention.

This is what I am thinking of doing. move SSH back to port 22 (I only host a few friends sites and want to be hosting 20 accounts by end of year to cover my costs). Then disabled root password and require SSH keys. Would this be strong as secure as running SSH on a high #port or am I fooling myself.

I could also add in for good measure restricting root SSH/SFTP (yes I prefer SFTP for file management as I am legally blind and using Transmit+BBEdit is allot easier for me for editing files). The problem with restricting to certain IP's, is that Shaw charges $30/month more for a static IP and I also am at my moms 25% of the time (and she is also with Shaw). I think the XXXX.vs.shawcable.net is static but I am not 100% sure.

I really do want to kill FTP so that only port 80 is the only non SSL port open.

View 14 Replies View Related

Security Risk To Share Phpinfo File

Mar 10, 2007

There are always people who would like to know what the php settings are on the server. Is it a security risk to share the phpinfo.php file on a website, with anybody who visits that website, able to view it?

View 4 Replies View Related

Security Risk Having Mbstring And Mysqli Installed On Your Server

Mar 20, 2008

A friend of mine owns a hosting company and a client of his asked to have mbstring and mysqli installed. What he wants to know is , is there any security risks if he does install that on his server?

Also, he wants to know, if there is not, what how does he go about installing that on the server?

View 4 Replies View Related

Writing Large Files - Risk Of Damaging Filesystem

Jan 19, 2008

Does writing large files (ie, 10GB backups in one archive) cause any risk of damaging a linux filesystem?

View 1 Replies View Related

Mysql Delayed Writes Performance Boost, Worth The Risk

Jul 19, 2007

During my poking around performance tips I found the DELAY_KEY_WRITE option (and innodb_flush_log_at_trx_commit = 0 for innodb)

which supposedly for mysql will disable the immediate disk flush for every transaction written and instead update only once every second at most?

One thing I've never had to restart on my vps is mysql, it's been great. So is this safe to turn on? Am I risking corruption? Will the performance gain be worth it with only a 16M cache?

View 4 Replies View Related

PC World Article: Reduce Fire Risk - Remove Oxygen [merged]

Mar 19, 2007

I did a quick search on this and could not see it as already being posted

It seems quite a clever but simple idea - remove a lot of the oxygen from the air to help reduce the risk of fire. What do those of you operating your own facilities make of this? Is anyone already doing this?
[url]

View 14 Replies View Related

Plesk Automation :: Postfix CA Bundle File Under PPA - How To Edit Without Risk Of It Being Overwritten

Aug 19, 2013

I see in the maillogs a number of errors lots of different Certificate Authorities - and some I really did NOT expect to see here:

[root@web48002 admin]# grep ' certificate verification failed for' /usr/local/psa/var/log/maillog | wc -l
998
[root@web48002 admin]# grep ' certificate verification failed for' /usr/local/psa/var/log/maillog | head
Aug 19 00:04:45 web48002 postfix/smtp[28115]: certificate verification failed for inbound.hsaforamerica.com.netsolmail.net[206.188.198.64]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority

[Code] ....

How/where do we edit our CA file under Postfix - and why is the standard one installed by PPA not including some of these VERY MAJOR CAs?!?

I would like instructions on how to edit this in a manner that it will not get overwritten by some PPA update or yum update.

View 3 Replies View Related

"owner" ID In Ftp Client -- Security Risk

Mar 25, 2008

I just started using FileZilla Client, as a way of allowing business clients to upload to an ftp account at my website (the ftp account is a subdirectory of my public_html directory, and has its own username and password).

I noticed that, along with other information for each file listed at that subdirectory, FileZilla also posts info on "owner" and "group". It turns out that, for each of these fields, FileZilla displays the username of my entire site -- not the username specifically associated with the particular ftp account to which FileZilla had connected. Thankfully, it doesn't also display the password that goes along with it!

I'm wondering if anyone would know:

- does this constitute a significant security risk?
- is this because of actions on the part of my web host, or because of FileZilla's programming? (ie, would the same thing occur in all ftp clients?)
- if this is a significant security risk, would there be any workaround?

View 14 Replies View Related

Installing GD?

Jun 23, 2008

To install the GD graphics library for PHP, is recompiling the only method? And would recompiling PHP break things?

View 12 Replies View Related

Installing RoR. Please!

Feb 27, 2008

just recently upgraded from a fully managed VPS to a Dedicated Server. Everything seemed to be going fine, until I tried installing RoR. I have RubyGems installed and all that, but whenever I try to install Rails, the following happens.

[root@server1 ~]# gem install rails --include-dependencies
Libsafe version 2.0.16
Detected an attempt to write across stack boundary.
Terminating /usr/bin/ruby-bin.
uid=0 euid=0 pid=9614
Call stack:
0x519df871 /lib/libsafe.so.2.0.16
0x519dfc5d /lib/libsafe.so.2.0.16
0x80549b8 /usr/bin/ruby-bin
0x8054a52 /usr/bin/ruby-bin
0x80556af /usr/bin/ruby-bin
0x806132f /usr/bin/ruby-bin
0x8061de6 /usr/bin/ruby-bin
0x809eb06 /usr/bin/ruby-bin
0x8055681 /usr/bin/ruby-bin
0x805de6d /usr/bin/ruby-bin
0x805ea6c /usr/bin/ruby-bin
0x805c5e6 /usr/bin/ruby-bin
0x8059c53 /usr/bin/ruby-bin
0x8064680 /usr/bin/ruby-bin
0x805de6d /usr/bin/ruby-bin
0x805ea6c /usr/bin/ruby-bin
0x805c4df /usr/bin/ruby-bin
0x805d776 /usr/bin/ruby-bin
0x805ae8a /usr/bin/ruby-bin
0x805d2ad /usr/bin/ruby-bin
0x805e66a /usr/bin/ruby-bin
0x805ea6c /usr/bin/ruby-bin
0x805c4df /usr/bin/ruby-bin
0x8062e68 /usr/bin/ruby-bin
0x805b9b2 /usr/bin/ruby-bin
0x805e66a /usr/bin/ruby-bin
0x805ea6c /usr/bin/ruby-bin
0x805c5e6 /usr/bin/ruby-bin
0x805d776 /usr/bin/ruby-bin

Overflow caused by memcpy()
Killed

View 9 Replies View Related

Installing GD Via WHM

Nov 12, 2008

Main >> Software >> Apache Update

I've read through a number of threads regarding installing GD. So sorry for yet another, but I just want to make sure that I'm doing this correctly.

As seen in the attachment below I'm presented with a few options:

Previously Saved Config (** DEFAULT **)
Basic (If your previous build has failed, please use this option)
No PHP
PHP Encryption / E-commerce
PHP Encryption and Image Manipulation
PHP Image Manipulation
PHP Security

Should I start by selecting the option "Previously Saved Config (** DEFAULT **)" and then "Start Customizing Based On Profile"?
I've walked through the steps doing the above and have a question about the last section. Viewing the Exhaustive Options List shows GD as already checked yet towards the bottom I see a checkbox with the following (second attachment below):
Quote:

Save my profile with appropriate PHP 5 options set so that it is compatible with cpphp

This option will make the following changes to your profile prior to the build:
Enables:

CurlSSL
FTP
GD
Gettext
Iconv
Imap
Mbregex
Mbstring
Mysql
Mysql of the system
PGsql
Sockets
Zlib

Should I check to save and then click "Save and Build" to get GD installed?

Some additional information: I have downloaded my default profile. (lol Let's hope I don't have to use it because I wouldn't know where to begin!)

My php.ini file shows that GD is not installed or at least not compiled (if that's the right word to use). To clarify, GD is not in the list.

I have tried yum install pgp-gd and get the following:

root@server [~]# yum install php-gd
Loading "fastestmirror" plugin
Loading mirror speeds from cached hostfile
* base: styx.biochem.wfubmc.edu
* updates: mirror.raystedman.net
* addons: dist1.800hosting.com
* extras: mirrors.easynews.com
base 100% |=========================| 1.1 kB 00:00
updates 100% |=========================| 951 B 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Excluding Packages in global exclude list
Finished
Setting up Install Process
Parsing package install arguments
No package php-gd available.
Nothing to do
root@server [~]# No package php-gd available.

root@server [~]# rpm -q php-gd
package php-gd is not installed

root@server [~]# php -m
[PHP Modules]
bcmath
calendar
ctype
date
dom
eAccelerator
filter
ftp
hash
iconv
imap
json
libxml
memcache
mysql
pcre
posix
Reflection
session
SimpleXML
sockets
SPL
SQLite
standard
tokenizer
xml
xmlreader
xmlwriter
zlib
[Zend Modules]
eAccelerator

root@server [~]# yum list | grep -i gd
gd.i386 2.0.33-9.4.el5_1.1 installed
gd-devel.i386 2.0.33-9.4.el5_1.1 installed
gd-progs.i386 2.0.33-9.4.el5_1.1 installed
gdb.i386 6.5-37.el5_2.2 installed
gdbm.i386 1.8.0-26.2.1 installed
gdbm-devel.i386 1.8.0-26.2.1 installed
sysklogd.i386 1.4.1-44.el5 installed
aspell-gd.i386 50:0.50-4.2.2 base
gdk-pixbuf.i386 1:0.22.0-25.el5 base
gdk-pixbuf-devel.i386 1:0.22.0-25.el5 base
gdm.i386 1:2.16.0-46.el5.centos base
libgdiplus.i386 1.2.5-1.el5.centos extras
libgdiplus-devel.i386 1.2.5-1.el5.centos extras
root@server [~]#

View 7 Replies View Related

Installing VPN On FC6

Jan 30, 2008

to install VPN on my dedicated server with fedora core 6.

I search on the internet and I found some article.

now I have this question,
I found the rpm in WHM>Software>Install a RPM named openvpn.i386 .

Can I install this rpm from this section?

View 1 Replies View Related

Installing Php 5 Together With Php 4

Mar 30, 2007

my server running freebsd 6.2

i want to installing PHP 5 so my server can run 2 version of PHP (4 and 5)

im following the step here [url]

installing was successful

[root@s1 /usr/local/apache/logs]# /usr/local/cpanel/cgi-sys/php5 -v
PHP 5.2.1 (cgi) (built: Mar 30 2007 17:07:11)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies

but when i try to running phpinfo for it, its show me an error

i grep the error from error.log and got this

[Fri Mar 30 17:42:47 2007] [error] [client 202.65.236.10] Premature end of script headers: /home/uletbulu/public_html/info.php
[Fri Mar 30 17:42:47 2007] [error] [client 202.65.236.10] File does not exist: /home/uletbulu/public_html/500.shtml
[Fri Mar 30 17:44:07 2007] [error] [client 202.65.236.10] Premature end of script headers: /usr/local/cpanel/cgi-sys/php5
[Fri Mar 30 17:44:07 2007] [error] [client 202.65.236.10] File does not exist: /home/uletbulu/public_html/500.shtml

but for php 4 there is no problem at all
or the syntax for php 5 not using phpinfo(); anymore?

[url]
[url]

View 0 Replies View Related

Installing PHP

Jan 25, 2007

I've installed PHP, MySQL and Apache on my XP.

I've uncommented some extensions in php.ini and among them:

extension=php_pdf.dll and extension=php_mysqli.dll, but when I start Apache I got the message:

PHP Startup: Unable to load dynamic library 'c:phpextphp_mysqli.dll' - The specified module could not be found

But I have that module in c:phpextphp_mysqli.dll.

View 5 Replies View Related

Installing Yum

Jun 13, 2007

Anyone have tried yum with suse 10.x ? and what its rpm download link?

View 1 Replies View Related

Installing PHP

Apr 29, 2007

Ive just installed PHP on my virtual server and am getting this error message:

PHP Warning: PHP Startup: (null): Unable to initialize module
Module compiled with module API=20041030, debug=0, thread-safety=0
PHP compiled with module API=20060613, debug=0, thread-safety=0
These options need to match
in Unknown on line 0
PHP Warning: PHP Startup: (null): Unable to initialize module
Module compiled with module API=20041030, debug=0, thread-safety=0
PHP compiled with module API=20060613, debug=0, thread-safety=0
These options need to match
in Unknown on line 0
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/dom.so' - /usr/lib/php/modules/dom.so: undefined symbol: empty_string in Unknown on line 0
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/gd.so' - /usr/lib/php/modules/gd.so: undefined symbol: empty_string in Unknown on line 0
PHP Warning: PHP Startup: ?Mq?gpp?: Unable to initialize module
Module compiled with module API=20041030, debug=0, thread-safety=0
PHP compiled with module API=20060613, debug=0, thread-safety=0
These options need to match
in Unknown on line 0
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/mbstring.so' - /usr/lib/php/modules/mbstring.so: undefined symbol: empty_string in Unknown on line 0
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/mysql.so' - /usr/lib/php/modules/mysql.so: undefined symbol: empty_string in Unknown on line 0
PHP Warning: PHP Startup: D1q?`?p?: Unable to initialize module
Module compiled with module API=20041030, debug=0, thread-safety=0
PHP compiled with module API=20060613, debug=0, thread-safety=0
These options need to match
in Unknown on line 0
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php/modules/xsl.so' - /usr/lib/php/modules/xsl.so: undefined symbol: dom_node_class_entry in Unknown on line 0

Does anyone have any ideas what this could be/how it could be fixed? Full phpinfo can be found here: jlwalsh.net/phpinfo.php - if theres any other info I can send let me know.

View 2 Replies View Related

Installing Gd

Oct 14, 2007

Trying to install gd library but not able to..

When i do yum install php-gd it says nothing to do..

Kindly help me.. Its a week i am trying to make it work.. Looks like i have searched the whole net..

View 14 Replies View Related

Installing Php

Apr 1, 2007

I have Kevin Yank's book, and have followed the instructions (I thought) absolutely correctly.

most of it seems to be fine, but when I open up the very first page created (the "today.php" project!).. it says "module not found"..

take out the <%php bit... and rename it as an asp file (just to be sure my /localhost settings etc were ok) and it works fine. It's clearly a php install error.. Where do I start looking?

I did search on the forum but failed to find any related thread...

View 4 Replies View Related

Ffmpeg-php - Need Help Installing Under Win

Aug 25, 2005

Hi there, I was wondering if anyone have installed ffmpeg-php under windows successfully or you might understand how to do it?

By default it's for linux, but there is a version for win made by some guy/guys to be found here: ffmpeg google groups

Problem is, I don't understand how to install? Could anyone explain, thanks!

Edit: Got it to work!

avcodec.dll (copy to WindowsSystem32)
avformat.dll (copy to WindowsSystem32)
php_ffmpeg.dll (php dir)
Add: extension=php_ffmpeg.dll <- to php.ini

All the other files confused me

View 0 Replies View Related

Installing FFMPEG On VPS

Sep 25, 2006

We have a managed VPS, and have never needed on our own dedicated servers in teh past to have FFMPEG due to the line of data we host. So, I asked our provider to please install FFMPEG onto our server.

This is the response I have received:

FFMpeg requires PHP to be compiled as CGI (PHPsuexec) that is only officially supported by cPanel. So in order to install FFMpeg modules we have to resetup your VPS with cPanel.

Now our VPS is running Direct Admin on CentOS.

I am not trying to poke holes at our provider, just trying to find out if this is the truth, or if there is a work around that can accomplish this.

I do not want CPANEL on our account. We have two unix techs here at work, however unfortunately they are both off for two weeks as of middle of last week, so i'm caught with who to look for to gain a second opinion.

View 1 Replies View Related

Installing Mod_rewrite?

Sep 8, 2005

I have installed a Apache server version 1.3.33 on windows XP and would like to enable mod_rewrite so i can rewrite my ugly url´s. How do I install this great feature in Apache so i can test it locally?

Do i just remove # from

#LoadModule rewrite_module modules/mod_rewrite.so
#AddModule mod_rewrite.c

View 2 Replies View Related

Installing Circumventor

Jan 5, 2008

Are there any circumventors you can install on your website to bypass censorship on public computers?

View 0 Replies View Related

Installing Imagemagick

Mar 29, 2005

How does one install imagemagick?

I have read instructions on imagemagicks site, but don't see how I can upload files, and how to execute the commands that instuctions say to do.

View 2 Replies View Related

Installing GPAC

May 4, 2009

I have tried installing GPAC on my centos which has ffmpeg installed allready

l
/usr/bin/ld: cannot find -lGL
collect2: ld returned 1 exit status
make[1]: *** [libgpac.so] Error 1
make[1]: Leaving directory `/usr/src/gpac/src'
make: *** [lib] Error 2
-bash-3.2# cat /etc/redhat-release
CentOS release 5.2 (Final)
-bash-3.2#

View 2 Replies View Related

Installing Hacked VPS

Jun 24, 2009

I had to reload my VPS cause I got hit with the LX admin exploit (Shocked cause the copy was over a year old)

But I'm not really server savvy, could someone possibly teach me the following.

How to install
apache
ftp
mysql
php

and how to secure the vps so it doesn't get hacked? Also is there any other free control panel to use? I'm really bad in shell, I can do basic stuff and if it's written in plain site I can easily do it. I've seen people here post these two,

ispCP
sysCP

Both look pretty nice, which one would be better do you think?
So if anyone could help me out with this that would be very nice and awesome of you. If I posted in the wrong thread mods please move it.

(I read the secure the VPS thread here already but my IP changes alot, the last 2 sets of numbers change daily)

View 14 Replies View Related

Installing LXAdmin On My VPS

May 20, 2009

I am new with VPS, i was trying to install LXA on my new VPS after rebuilding it

This is what i typed in SSH

wget [url]

sh kloxo-install-master.sh

It worked out fine initially. It went on installing, updating, downloading and so on..
But finally got stuck at this point

11:02:43 (379 KB/s) - `lxawstats4400.tar.gz' saved [1143518/1143518]

Downloading Installappdata

error reading information on service gpm: No such file or directory

rm -rf /var/lib/mysql

View 3 Replies View Related

Installing MySQL On VPS

Jul 23, 2009

I am currently using CentOS 5. I installed php-mysql, mysql-server, mysql and mysql-devl through yum install.

WhenI try to start mysqld I get this error

Code:
090722 20:17:32 mysqld started
090722 20:17:32 InnoDB: Database was not shut down normally!
InnoDB: Starting crash recovery.
InnoDB: Reading tablespace information from the .ibd files...
InnoDB: Restoring possible half-written data pages from the doublewrite
InnoDB: buffer...
090722 20:17:32 InnoDB: Starting log scan based on checkpoint at
InnoDB: log sequence number 0 36808.
InnoDB: Doing recovery: scanned up to log sequence number 0 43655
090722 20:17:32 InnoDB: Starting an apply batch of log records to the database...
InnoDB: Progress in percents: 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
InnoDB: Apply batch completed
InnoDB: Error: pthread_create returned 12
090722 20:17:33 mysqld ended

I obviously havn't done something correctly.

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved