I currently have a script with code below that works great when the permissions on the dbconnect.php file are 755. The problem with this is that anyone on the web can see this config file which contains passwords DOH! If I change it to 751, then it tells me "cannot connect". The user and group on both the page and this script are the same.
With apache, i use the setting to store http and https files in the same directory.
Any ideas how to make this a little more secure? Changing the permission to 751 would do the trick but then it breaks the script. I don't understand why the script would be running taking "other" permissions into account...it should be running with "user" permissions instead. it might even have something to do with who the apache executable is running as...
<?php
include("../../../cgi-bin/dbconnect.php");
// Connect to server and select database.
mysql_connect("$databasehost", "$dbuser", "$dbpword")or die("cannot connect");
mysql_select_db("$dbname")or die("cannot select DB");
I'm a Unix newbie so please forgive me if this is a really dumb question but I haven't quite been able to figure it out...
I'm trying to set up a form script to replace formmail on the server. I've set it up in the cgi-sys bin. I chmod the script 755, but when I try to call it I get 500 error messages.
I was looking at the permissions and I noticed that all the other scripts have the "wheel" setting.. such as:
197633 -rwxr-xr-x 4 root wheel 3479620 Dec 22 03:04 _formmail.cgi*
The new form I added as "root" instead of "wheel":
1280150 -rwxr-xr-x 1 root root 12342 Mar 1 21:46 mycontactform.pl*
How do I change it so that "mycontactform.pl" is in the "wheel" group so that it works? Anything else I should know/do to make this secure? I don't know enough about the permissions to change this. I want all the customers on the server to be able to use the new form.
On IIS6 many of thesite are under cross scripting attack I tried by remove the the code but it affects again after some time I reset the ftp password and passowrd is a combination of complex alpna numeric character.I have cheked the permission it is ok.
I've used Servage for about 18 months. For most of that time there have been no problems. Then they decided to upgrade the cluster. This happened 3 weeks ago. Since then, there has been a catalogue of problems, mostly centred around a Perl script my site uses to implement a wiki.
The first problem was that they had removed four of the supporting Perl modules used by my Perl script. All of the missing modules are ones you would expect to find on any server that claims to support Perl. They had warned that this might happen (obviously too difficult for them to make sure that the upgraded server has all the Perl modules) so I notified them with a list of missing modules expecting the modules to be restored quickly. It actually took 1 week, during which time their support team tried their best to annoy me by giving responses related to PHP (apparently they'd managed to kill PHP scripting completely) and a non-working link to a list of installed modules (I knew what was installed already).
Having now got the script running, I hit a further problem. Prior to the upgrade the script had run under the "webserver" account. It was now running under the "you" account. This meant it couldn't write to its own data files. I had real trouble getting Servage to understand this one, let alone fix it. Most of their answers were about how to change the ownership of my script, which makes absolutely no difference to the problem. Eventually, after 4 days, they tried to fix the problem. The result was that my website became completely inaccessible. Even the static content was giving a 403 error. Again, it took support a while to understand the problem and about 1.5 days to fix it.
At this point Servage claimed to have fixed all outstanding issues. However, my script was still running under the wrong account. In frustration, I changed the ownership of all the script's data files to "you", which at least got my wiki running again.
However, I now find that people can't upload images to the site. Any attempt to do so produces an error "CGI open of tmpfile: Permission denied".
I've given up. I think my chances of getting Servage to even understand the problem are minimal. I'm not even going to try. I will be moving to another host as soon as possible - probably a VPS. That way I should be able to fix most problems myself.
I am currently trying to create a bash script which I will run off a loop with a sleep interval that will query tcpdump (udp packets only) on a network interface, and is looking for length 10 packets.
So far so good, not that hard to code I know (Already made it / coded it this far perfectly). Now here is the tricky part, I only want the bash script to identify IP's that have sent over 15 packets with the length of 10. (This is the part that I can't seem to find a way to code).
I was thinking, from the output maybe to calculate the number of lines with the same equal IP's.
Once this script identifies that, it will automatically run a command which I have set. (Quite easy, and I can do this).
I am looking for someone to help me with this. It is a fairly simple and quick job (editing the script I have at the moment). I am willing to also pay (if needed) an amount for this to be completed too. Obvieusly not that much, but still something I am sure we can work out.
I have my site in asp scripting but it was suspended yesterday because of high resource usage on shared server. Thats why am looking for VPS, though it is difficult to find a good windows VPS, so i have decided to get a Linux VPS. But am confused that whether a linux vps will meet my requirement.
My site is using asp scripting with access databases on backend. I can host my access databases on a windows server and can provide the link in connection string. So, will webserver on a linux server be able to execute my asp scripting fine as IIS do on windows server.
Also i have music section that plays file in .wma format using windows media player, as i have used embedded object for windows media player. So there must be windows media player installed on linux server.
whether it is good decision to host site on linux server and will my objective be met in this case.
I'm writing an inode and directory size counter, but hit a snag with directories that contain a space.
Simple code, finds all directories within a folder, sets the current directory:
for i in `find . -type d`; do ls $i; done
Looks correct? It works great, until you hit directories with spaces. So I try the following methods:
for i in `find . -type d|sed 's/ / /g'`; do ls $i; done for i in `find . -type d|sed 's/ / /g'`; do ls "$i"; done
What is happening is, at the ( for i in ), it treats each item at the first break, if its or a ' '. Is there a flag I can set to make it only use ? When I pipe the data, it sends each chunk of the directory through.
[root@home /home/mindbend/dev_html]# for i in `find . -type d|sed 's/ / /g'`; do ls $i; done
ls: ./test: No such file or directory ls: ing: No such file or directory ls: 12: No such file or directory ls: 3: No such file or directory ls: ./test: No such file or directory ls: ing: No such file or directory ls: 12: No such file or directory ls: 3/test: No such file or directory ls: 2: No such file or directory
# ls -d test ing 12 3/ test ing 12 3/
#ls -d test ing 12 3/test 2/ test ing 12 3/test 2/
GNU bash, version 3.2.39(1)-release (i386-portbld-freebsd7.1) Copyright (C) 2007 Free Software Foundation, Inc.
Ive recently switched from PC to OSX, i now own '2' Macs, a laptop and a G4 Quicksilver, although its CPU speed is slower and the Ram is lesser then my old PC, it performs much much quicker and more efficient.
The question is, i'm a web developer, i know very little about the back end goings on, such as System Administration, but i've got a few books on the subject which are aimed at Unix system administrators. Does UNIX cover both OSX and Linux (Debian mainly).
Eventually i want to be able to run my own server, i own a debian dedicated server, but its not my own, its the datacenter's and i dont really know enough to get down and dirty in the back end. Id like to be able to set up servers from scratch in the long run.
So would learning UNIX cover both OSX and Linux, im not bothered about Windows, i don't plant to use a Windows machine again.
Is there a way where i can view which IP connected to my server the most? I need to find out if there is certain IP keep hitting my mail server until it crashed.
Preferably the software could sort out the highest hit IP then to the lowest.
I`ve been playing with Debian and FreeBSD for couple weeks so far. As a noobie I`d like to ask you what distribution you prefer for web server? I know that it is said "the best is the one you know better" but in my situation it is hard to say that I really know either Debian or FreeBSD.
So what would you recommend in my situation (new to *unix topic) if I have to set web server for a company site?
I`m mostly interested in security, relatively easy to configure/secure/find info how-to, easy to update soft apache/php/mysql.
I have a VPS with Plesk8.1 on Unix, All my customers are complaining becaouse of daily 100-200 spam mails per acccount. What is the best software or add on for this problem you can reccomnend.
I want to :
-see the junk mails for all accounts in somewhere so i can train if there are normal mails considered as spam. (Not Spam Option)
I wonder which virus scanner software is useful for Unix server(Centos 4.5). One of my client install SMF forum and when visitors access the forum,their virus scanner warn that site is affected by trojan. I used Clamav to scan entire home directory but seem nothing found.
I'm hosting x2 Joomla 1.5 sites using PHP v5 with the following extensions: Sobe2 OpenX Community Builder Fireboard Virtumart
The problem is that both sites have several sizable databases, each in excess of 100k records. After uploading the first 90k records to mySQL it became apparent that performance was going to be an issue. I'm therefore considering a dedicated server, tuned for returning fast DB results.
Firstly, would a dedicated server solve my performance issues?
Secondly, what are the critical components, spec wise, that would ensure superfast DB calls?
Like everyone, I'm looking for the best value, meaning solid support, uptime and a low monthly cost. I have been recommended the following hosting partners, but would like everyones input:
Can someone tell me how to clear the history of a UNIX user? For example, when logged in as a certain user I can press UP to see the last commands that were used. How can I get rid of them?
I have directory1, directory2, directory3 etc and each has directories inside them. Is it possible to zip them all (directory1, directory2, directory3 and their contents) into one .zip file? If so, what is it?
I'm transcoding videos on a web server using ffmpeg and can successfully transcode some video formats but am having a few issues.
One of them is that I get a "Segmentation Fault" when trying to transcode a video in h.264 codec. I can't find much by searching and am wondering if that's a codec issue, or something else.