my whole site is secure and inside a secure folder and I am going to be moving the majority of the site over to a non-secure folder. but I need to find all the absolute links and change the https to http. I hope I dont have to check each page one by one.
so I was wondering if there was a way to search everypage on my server for any file containing "https"?
I have had multiple websites hacked and need to do a cleanup. I need to run a command that will log all files (including path to that file) that contain <!-- ~ --> to a text file from the /home/* directory.
So far I have recieved 2 different ways to do it but none of them have worked
I'm working on some PHP intranet tools. I'm still somewhat new to PHP, having come from an ASP background; been doing PHP for about a year now.
The tools used to be located on a Solaris box, which is running PHP 4.2. One of the tools checks text files in a particular location on the same box that are generated by another process. The text files are found and parsed by locating a particular directory and looking through the entries for filenames matching a particular pattern; they may or may not be present depending on the success of the other process. The text files and directory are not in a web-servable location (i.e. they can't be reached via HTTP or FTP).
I am now able to migrate to a new Windows 2k3 server running IIS 6. I've configured it with PHP 5.2.5 and it is successfully serving web pages. I need to migrate these tools over to the new server but they still need to reach the text files on the old server. The old server has a Samba share hooked to the directory I need and I can successfully map it as a mapped drive from the Win2k3 box.
It's my understanding (after hours of googling and testing) that mapped drives are specific to the logged-in user and not to the machine in general, so IIS can't see them (which seems to be validated by my tests). I've pulled in the mapped drive to the Samba share as a virtual directory under IIS but PHP scripts still can't see it. The share is not available under FTP or HTTP, so cURL doesn't seem to be an appropriate solution, as far as I can tell. It's also my understanding that mapped drives aren't dependably re-mapped after a server reboot until the user logs in, and of course there won't necessarily be users logging into the server to create the mapped drives after a reboot. So mapped drives seem to not be a solution either.
One person from another forum (not SitePoint) suggested running the IIS process under the domain login credentials used to get to the Samba share, and find a way to map the drive automatically after a reboot (some sort of Windows service that would call a batch file or something). I'm not comfortable using a domain login to run my IIS under (although I tried it and it didn't seem to work for a previously-mapped drive).
So my question is: is there a way from PHP to connect to a remote Samba share, provide inline credentials, and use functions like is_dir and file_get_contents on files in that share? I'm not a PHP guru yet, but I've successfully set up the server, create and use remote MySQL databases, write my own JavaScript and Ajax, and don't consider myself to be a newbie - and I simply can't find a good solution for this problem. I come from an all-Microsoft background where integrated authentication was the intranet standard and issues like this simply didn't come up.
I hope this is the appropriate forum to ask...the server forum was the second runner-up but after looking at threads there they didn't seem to address issues like this.
Say, I have a page:
say in the website of index.html there are things like
<img src="somepics.jpg">
Is there a way to set in .htaccess that we can ensure that only index.html is called?
So I do not want the client to call every image and every css file there?
How to do so?
I have a link on a site as follows: destinationsite.com/index.php?kw=test
This url is obviously going to appear in the browser window's Address bar, when the person reaches the destination page.
Is there any way to have it change the url so that the kw=test does not appear? Please bear in mind that I will not be able to change the link that the person clicks since it is with an advertising company.
way to convert and add some text(watermark) to videos in Linux.
I know ffmpeg can be used to convert video but i does not add text or water mark to video.
So what are my options?
I have a large text file (its a log file actually) and I need to truncate each line to abou 16 characters.
how I can do this in linux?
My old VPS was hacked and an iframe html string was added to just about all the files on the server.
I've since then identified the vulnerability and moved to a new host and want to copy the accounts over but wanted to know if there was an easy way to search all the files for this html code and delete it?
For example, search all files for <iframe etc etc> and delete it?
I know this is probably rather simple...but I have no idea how to do it.
I've been meaning to get around to this for quite some time now, and since I've got some free time I figured I'd review NearlyFreeSpeech.net
Length of time with host: 4+ years
Sites hosted: 5 (+/-)
Basically, I couldn't be happier. They're pretty much everything that shared hosting should be. They don't oversell. They don't sell your information to advertisers. And they've got several "killer features" that few (if any) other hosts offer.
Pros
Performance
Unlike some (most?) shared hosts, they don't cram a bunch of sites onto the same server. In fact, they don't even assign you a server per se. All sites are hosted on clusters, so the most active sites will be handled by several servers working in tandem. The load balancing is automatic transparent -- if your site starts getting a load of traffic, their servers will shift your site around as necessary to ensure that it remains responsive. This process isn't noticable at all; every aspect of their service feels like a traditional shared hosting setup, the sole exception being that performance doesn't suck. Wordpress and phpBB (notorious for bringing most shared hosting plans to their knees) feel snappy and responsive, even when faced with large amounts of traffic.
Reliability
They're not perfect, but they're close. I've used several other shared hosts over the years, and I can safely say that NFSN is the most reliable of all of the ones that I've used. Again, I think this has to do with their clustering setup. I've never been told "sorry, but someone on your server crashed Apache". They do get hit with DDoS attacks from time to time (as do all hosts), but it's exceptionally rare for said attacks to cause a disruption of service. When large scale attacks do occur, they handle them quickly and professionally. There have been a handful of large-scale failures over the time I've been with them, but disruptions of service are few and far between.
Language Support
Pretty damn good. I'd say they're best at hosting PHP/MySQL sites, but they're very, very good with all of their officially supported CGI languages [url] too.
They'll also install libraries, PEAR modules, etc. upon request, even if it's something that nobody other than you will ever use.
Support
Support is second-to-none. Support is conducted via their administrative control panel. Although they do have official hours, it's not unusual to have your question answered quickly even at some ungodly hour of the morning. All the support staff are top-notch, and they all *definitely* know their stuff. They don't hand-hold as much as most hosts, but if you're reasonably competent and/or not afraid to learn you won't have any trouble. They've also got a panic button feature that I quite like -- from their write-up about the feature:
After you hit the panic button, a ticket will be opened at "Panic" priority including the text of your message. The on-call admin will also be immediately paged with the text of your message. Then, one of three things will happen:
-If you hit the panic button for a legitimate, previously-unreported system or network outage that needs our immediate attention, we will change your issue to "High" priority, refund your panic message charge, and cut the cost of your next panic message in half.
-If your message does not pertain to a legitimate problem or outage that needs our immediate attention, we will change your issue to "Standard" priority, you will not receive a panic message refund, and the cost of your next panic message will be doubled.
-If your message is clearly spurious ("Haha lolz I paged u!") it will be ignored and your ability to send panic messages will be revoked. You will not receive a panic message refund.
Free speech / censorship
Hands down, they make other hosts look like jokes. I've managed several controversial sites over the last four years, and NearlyFreeSpeech.net is the ONLY host who hasn't hassled me.
The best thing I can do to promote their service is to point you to their beliefs ([url] page. Yep. No mission statements... just three simple quotes. And they really do believe in those values.
They even go as far as to say this in their FAQ:
You must obey all applicable local laws unless you get our prior express consent in writing. We do provide anonymous hosting of content that violates local government censorship laws at our sole discretion in cases outside the United States where we feel government censorship is contrary to the cause of freedom.
Quite a departure from most shared hosts. Even more (and yes, I speak from experiene when I say that they really do hold to this):
A NearlyFreeSpeech.NET member site is defaming me or otherwise injuring me civilly.
Please forward a copy of your legal finding from a court of competent jurisdiction to our contact address. If you have not yet obtained such a finding, a preliminary injunction or court order is also sufficient.
If you are not able to obtain the above, you will need to work directly with the site operator to resolve your differences. We will have to fall back on our members' contractual assertion that the content they upload is legitimate and therefore we will not be able to get involved.
This quote really sums up their stance:
A NearlyFreeSpeech.NET member site contains offensive content.
At NearlyFreeSpeech.NET we firmly believe that censorship is a dangerous and misguided approach to the problems of society. We believe that the price we pay for the huge number of fantastic sites we host are a few sites that we feel are significantly less fantastic.
We believe that the price you pay for living in what we hope is a free society is that when you encounter something offensive, you must resist the urge to censor it and instead research, investigate, and speak out passionately in opposition to it. That is the essence of free speech.
Please do not send us abuse complaints of this nature. We will discard them.
DMCA
Ah yes. Everyone's favorite. Fortunately, NFS is sane about this (far more sane than some uh... "dreamy" hosts I've used...). Again, another excerpt from their FAQ (which I can also attest is true):
We adhere to the entire law very closely. We do not generally pull the plug on an entire site if, for example, someone claims that a single graphic is infringing. We do our best to remove only the content that the copyright owner specifically identifies as allegedly infringing. We allow and encourage the use of the "putback notification" process when material is incorrectly identified as infringing. But we do not automatically terminate a member's service merely for receiving a complaint alleging infringement. (However, actually infringing someone's copyright does violate our TACOS and will generally result in immediate termination.)
Keep in mind that while we aren't lawyers, neither are we idiots. We can tell the difference between people harassing our members via the DMCA and cases where our service is genuinely being misused, and we can adjust our attitude accordingly. Fortunately, both of these cases are very rare.
Cost.
This one's a big issue for folks on shared hosting, so it's worth going over. Basically, NFSN uses a pay-per-use model. Simply put, you pay for the resources you use. This does mean that you won't be able to "game the system" and hope to get away with a high-traffic site on an oversold server for a couple bucks a month. This also means that the system won't game you, and put your high traffic site on an oversold server. Most importantly, it means that you don't pay for what you don't use. Those 1000GB for $10 plans seem like a great idea until you realize that if you only use 1GB you're getting royally screwed.
Pricing is a little unconventional, so it's worth going over in a bit of depth:
Bandwidth
Bandwidth starts at the price of $1/GB. This may seem steep if you compare them to the prices promised in the ads of various heavily-oversold shared hosts. Fortunately, it's not a flat rate. In fact, the more bandwidth you use, the lower your per-GB charge is --and the discount is permanent. They've got a bandwidth calculator [url] if you're curious about pricing.
Storage
$1/100MB, flat fee.
MySQL
$0.01/day IIRC. Their MySQL servers are top notch FreeBSD 7 boxes, and I definitely think they're worth the price.
E-mail forwarding
$0.01/day. You can obviously use your own e-mail servers instead, or use something like Google Apps -- but if you want them to do e-mail forwarding it costs $0.01/day with no usage cap. (And yes, I do mean no usage cap. Bugmenot.com uses NFS's e-mail servers for their "disposable mailbox" service, and they have a heck of a lot of inbound mail.)
Privacy
Wow. Short of bribing an off-shore host, I don't think you'll find a more private arrangement. Unless they've got a court order demanding your details, you can safely assume that they won't be divulged. Again, I speak from experience.
Also interesting to note is this excerpt from their FAQs:
At NearlyFreeSpeech.NET, we believe that with great power comes great responsibility, so we take a dim view of such behavior. For that reason, our TACOS require our members to provide complete and correct contact information, and requests for anonymous hosting are typically denied.
However, we do make one important exception. If you live outside the United States and can demonstrate that the site you wish to host would put you at significant, legitimate risk of retaliation from a government with a documented track record of reprisal against people who speak out against it, we may be able to help. Anonymous hosting is serious business; it can be one component of a coordinated plan to protect you and your family from torture and murder. It's absolutely not an option you can use to dodge lawsuits or unpopularity arising from hosted material.
I haven't (thankfully) had to depend on that level of privacy protection -- but if I did, I wouldn't hesitate to work with them.
SFTP/SSH access
Name says it all.
Scalability
To quote 'jdw', one of the founders of the service, in response to a user's questions re: scalability:
It depends. If all you need is bandwidth, it should be pretty well unlimited. There have been a couple of cases where we have asked people to move on based on CPU usage, but those involved specific situations where they had a poorly-tuned application and couldnât or wouldnât optimize it for the load they were getting. Those were also before the days of 8-core cluster nodes.
A VPS or single dedicated server would definitely not be able to serve more bandwidth. Most of them are capped to 10 or 100Mbps; our load-sharing architecture can serve a single site into multiple Gbps if the site is fast enough (i.e. static content) and you can pay for it.
When they mention CPU usage, it's worth noting that it's nothing like Dreamhost and other shared hosts. You just won't hit it unless you've got a bug or you're trying to do something like calculate pi to a billion places. The limits that are in place are solely to prevent runaway/buggy apps from screwing things up -- you won't hit them, even with heavy usage, provided your site's software is functioning correctly.
Cons:
To be honest, there aren't many. There are some though, so in the interest of completeness, here they are:
No SSL
The reasons for this are varied, and they're actively working to implement a solution. The short story is that, due to the architecture of their service, it's not quite as simple as "drop in a cert and tweak the httpd config". Essentially, since they don't assign static IPs for individual sites, they can't support SSL until all mainstream browsers support the SNI extension.
No overselling
Some people may think the lack of "unlimited bandwidth for $7.99/mo" is a con. Others think "unlimited bandwidth for $7.99/mo" is a con. Depends on your perspective and usage I guess.
No Ruby on Rails
Doesn't bother me, but it might be a deal-breaker for someone I suppose.
Not your bog-standard cPanel + Linux box setup
Some folks would say that this is a con, due to the lack of familiarity. Their control panel is different than a lot of hosts, but it's flexible, clean, and responsive, so it's fine for me.
Perks
One thing I've come to notice over 4+ years with NFS is that there are lots and lots of nice little features that aren't advertised, but that make life just a little easier.
Examples:
E-mail to POST
Their mail forwarding can be configured to POST incoming messages (complete with attachments) to a specified URL. The format of this submission is documented on the member wiki.
Member wiki
Contains member-submitted documentation of NFSN's quirks, some of its special features, and how to best get different apps working on NFSN.
Management API
I haven't played around with it, so I can't provide too many details, but NearlyFreeSpeech offers a public API to allow for the programmatic management of user memberships, sites, DNS records, etc. Pretty cool, and not something I've seen elsewhere.
Domain registration
Cheap domains, simple registration process, and (unlike GoDaddy) they don't screw around with your registration just because you said something that they didn't like.
Haskell support
If you know what this is, you know why this is sweet ;-)
Member forums
Not terribly unique, but a great resource. Pretty much everyone there is quite friendly and happy to help new users.
Free trial
You can create a trial membership. This membership comes with $0.02 (IIRC) credit, and is a great way to tinker with their platform before depositing money.
You can get a refund
Sweet. Never had to use it though, but good to know I could if I had to.
Humor
A little thing, yes -- but it's good to see a host that actually seems like it's staffed by real people rather than bash scripts and stock photos.
Member/staff interaction
This is something I haven't seen with any other hosts. The staff interact with the users on the discussion forums. When a user asks "why do you do/say X", they get a response. They have discussions on why they decided to do/say X. Members ask for Y to be available through the web control panel, and some time later a staff member bumps the thread to point out that Y has been implemented.
---
Verdict
If you need shared hosting, you'd be doing yourself a disservice by not trying NearlyFreeSpeech.net
How can config LVM with RAID1 in text mode centos 5.3 installation?
I need to do it for xen installation.
Anyone know a good cheap host that allows text based rpgs? I run a text based mmorpg that is somewhat busy, about 400,000 pageviews a month.
View 5 Replies View RelatedI have a SuperMicro server with AOC-SIM1U.
I was able to login from IPMI View just fine, and everything works as expected except
"Text Console ". I was able to hit the start button and get the black screen on IPMI View, but that was just about it.
Only a cursor blinking without texts.
Is there something else that I should do in order to get text console working? I've tried all baud rates.
how I might be able to execute a Linux command by sending a text message to some email address? Where if that email address gets a message (either any message, or perhaps only messages containing some password), a Linux command is executed, e.g.
named -u named
Perhaps via bash script.
Why does the WHM panel send me my private key and passphrase for my SSL certificate to my inbox when I generate a CSR? Um... isn't that a bit insecure?
I purchased a Rapid SSL cert from NameCheap who then needed a Certificate Signature Request(CSR) which is generated from WHM.
After generating the CSR, WHM sent me an email that is literally titled 'SSL RSA PRIVATE KEY for *.<domain_removed>.com'
The email not only contains the ----- RSA PRIVATE KEY----- but also my 'challenge password' .
is this supposed to happen? and why on earth would my private key and passphrase be sent via unencrypted email? The only think I can think of is that the WHM panel feature is being used to generate the CSR and is sending me a self-signed cert private key , which I'm not going to use (i'm only going to use the CSR) Even if thats the case, I think it still shouldn't happen, its too confusing for newbies like me and I could just end up using the same passphrase for my actual certificate.
Here are the steps I followed:
1. purchased a RapidSSL from namecheap
2. Clicked 'Activate' in namecheap's SSL dashboard which then asks me for a CSR.
To get the CSR, per Site5's wiki:
1.logged into WHM
2. clicked 'Generate a SSL Certificate and Signing Request'
3. completed the 'create a new cert' form which among other things, asks me for the 'Email address the cert will be sent to'. For all the fields, see the site5 wiki
4. click Create
I am a beginner in Apache Web server, whether it is possible to make some rewrite function ( or something similar ) to add some text on url from access ?
For example URL....
I need some function in httpd.conf where in SetHandler server-status ( URL... ) can see users who are connected like /testurl username=someusername:somepassword ?
I did link http://someusername:somepassword@domen.com/testurl?username=someusername:somepassword but some users delete from ?username=someusername:somepassword from link and I have a problem to monitoring that lines !
I am currently installing lxadmin in my webserver, but during the intallation i received a alert message from my "settroubleshootebrowser" saying:
SummarySELinux is preventing /usr/local/lxlabs/ext/php/php from loading /usr/local/lxlabs/ext/php/lib/mysql.so which requires text relocation.
Allowing AccessIf you trust:
/usr/local/lxlabs/ext/php/lib/mysql.so to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t /usr/local/lxlabs/ext/php/lib/mysql.so"The following command will allow this access:chcon -t textrel_shlib_t /usr/local/lxlabs/ext/php/lib/mysql.so
This message was for thwe SQL and Zend optimizer.
My Question is, where do i find the "chcon -t textrel_shlib_t" file allow access?
I've upgraded from WS2008R2 & IIS to CentOS and Plesk 12.Now, I wanted to change the webmail link for all domains to mail.domain instead of webmail.domain. I've followd 2 guides to do that: URLs....Everything went smooth, but now Horde and Roundcube look like this (even when I restarted the whole server):
View 12 Replies View RelatedI need to be able to access email passwords in plain text (not encrypted). I'm running with updates so as to not force encryption, which I'm told is a one-way deal. I'm going to have to go to new hardware soon, as I'm finding the hardware starting to fail.
I understand the "mail_auth_view" utility shows the passwords, and was wondering if it will decrypt them for you?
If not, how can I keep the behavior of non-encrypted email passwords so that the customer administrators still have access to them for their users? I know a new install forces encryption, which is why I can't do that. How can I preserve the non-encrypted passwords and move to new hardware? This seems to be a deal breaker for my customers.
if you go to www.home.ecarindo.com, you can see that it displays the text file, the Default.aspx, the ACTUAL text file,
I've added the line DirectoryIndex Default.aspx to the .htcaccess in my home directory in cPanel, btw.
Update: nevermind, my idiotic team member registered a Linux plan instead of a Windows plan, sorry for the disturbance.
what is the fast and best way?
View 4 Replies View RelatedI am being hacked & I don't know how they are getting files on my server. They are doing it on two of my domains, I suspended one and then they got it on the other. My FTP access log does not show anything suspicious..
How can I find their doorway?
In reference to my previous post, i want to tranfer accross 7GB of data, approximatly 80,000 files i believe it is (due to a gallery script).
It's currently on another host (on a webhosting account) which uses their own control panel which has no options but to manage databases, the only way i can see to do this is via FTP but it'll take me days. I've tried using compressing and backup scripts, but the damn execution time on the hosts server is too low to allow the files to be zipped. Are there any ways? Can i login to my VPS via SSH and anyhow pull off the files from the other hosts server?
Why is it that you can upload large file size when you are using FTP, but you cant upload large file size beyond the max when you are using browser to upload?
View 3 Replies View RelatedI have about 1.80GB of flash games and I want to copy this flash games to another server, I only want to copy the flash games not the entire account.
FYI I have shell access on both server.
I have a dedicated server, on this server I have only 2 website.
I created an account before and that account work correctly.
now I created a new account and when I trying to run a simple php file show me "Internal Server Error".
I can view html files and I haven't .htaccess file .
Server Inofrmation:
CentOS , cPanel , Apache 2, PHP 5