I have a link on a site as follows: destinationsite.com/index.php?kw=test
This url is obviously going to appear in the browser window's Address bar, when the person reaches the destination page.
Is there any way to have it change the url so that the kw=test does not appear? Please bear in mind that I will not be able to change the link that the person clicks since it is with an advertising company.
my whole site is secure and inside a secure folder and I am going to be moving the majority of the site over to a non-secure folder. but I need to find all the absolute links and change the https to http. I hope I dont have to check each page one by one.
so I was wondering if there was a way to search everypage on my server for any file containing "https"?
I have had multiple websites hacked and need to do a cleanup. I need to run a command that will log all files (including path to that file) that contain <!-- ~ --> to a text file from the /home/* directory.
So far I have recieved 2 different ways to do it but none of them have worked
My old VPS was hacked and an iframe html string was added to just about all the files on the server.
I've since then identified the vulnerability and moved to a new host and want to copy the accounts over but wanted to know if there was an easy way to search all the files for this html code and delete it?
For example, search all files for <iframe etc etc> and delete it?
I know this is probably rather simple...but I have no idea how to do it.
I've been meaning to get around to this for quite some time now, and since I've got some free time I figured I'd review NearlyFreeSpeech.net
Length of time with host: 4+ years Sites hosted: 5 (+/-)
Basically, I couldn't be happier. They're pretty much everything that shared hosting should be. They don't oversell. They don't sell your information to advertisers. And they've got several "killer features" that few (if any) other hosts offer.
Pros
Performance
Unlike some (most?) shared hosts, they don't cram a bunch of sites onto the same server. In fact, they don't even assign you a server per se. All sites are hosted on clusters, so the most active sites will be handled by several servers working in tandem. The load balancing is automatic transparent -- if your site starts getting a load of traffic, their servers will shift your site around as necessary to ensure that it remains responsive. This process isn't noticable at all; every aspect of their service feels like a traditional shared hosting setup, the sole exception being that performance doesn't suck. Wordpress and phpBB (notorious for bringing most shared hosting plans to their knees) feel snappy and responsive, even when faced with large amounts of traffic.
Reliability
They're not perfect, but they're close. I've used several other shared hosts over the years, and I can safely say that NFSN is the most reliable of all of the ones that I've used. Again, I think this has to do with their clustering setup. I've never been told "sorry, but someone on your server crashed Apache". They do get hit with DDoS attacks from time to time (as do all hosts), but it's exceptionally rare for said attacks to cause a disruption of service. When large scale attacks do occur, they handle them quickly and professionally. There have been a handful of large-scale failures over the time I've been with them, but disruptions of service are few and far between.
Language Support
Pretty damn good. I'd say they're best at hosting PHP/MySQL sites, but they're very, very good with all of their officially supported CGI languages [url] too. They'll also install libraries, PEAR modules, etc. upon request, even if it's something that nobody other than you will ever use.
Support
Support is second-to-none. Support is conducted via their administrative control panel. Although they do have official hours, it's not unusual to have your question answered quickly even at some ungodly hour of the morning. All the support staff are top-notch, and they all *definitely* know their stuff. They don't hand-hold as much as most hosts, but if you're reasonably competent and/or not afraid to learn you won't have any trouble. They've also got a panic button feature that I quite like -- from their write-up about the feature:
After you hit the panic button, a ticket will be opened at "Panic" priority including the text of your message. The on-call admin will also be immediately paged with the text of your message. Then, one of three things will happen:
-If you hit the panic button for a legitimate, previously-unreported system or network outage that needs our immediate attention, we will change your issue to "High" priority, refund your panic message charge, and cut the cost of your next panic message in half.
-If your message does not pertain to a legitimate problem or outage that needs our immediate attention, we will change your issue to "Standard" priority, you will not receive a panic message refund, and the cost of your next panic message will be doubled.
-If your message is clearly spurious ("Haha lolz I paged u!") it will be ignored and your ability to send panic messages will be revoked. You will not receive a panic message refund.
Free speech / censorship
Hands down, they make other hosts look like jokes. I've managed several controversial sites over the last four years, and NearlyFreeSpeech.net is the ONLY host who hasn't hassled me.
The best thing I can do to promote their service is to point you to their beliefs ([url] page. Yep. No mission statements... just three simple quotes. And they really do believe in those values.
They even go as far as to say this in their FAQ:
You must obey all applicable local laws unless you get our prior express consent in writing. We do provide anonymous hosting of content that violates local government censorship laws at our sole discretion in cases outside the United States where we feel government censorship is contrary to the cause of freedom.
Quite a departure from most shared hosts. Even more (and yes, I speak from experiene when I say that they really do hold to this):
A NearlyFreeSpeech.NET member site is defaming me or otherwise injuring me civilly.
Please forward a copy of your legal finding from a court of competent jurisdiction to our contact address. If you have not yet obtained such a finding, a preliminary injunction or court order is also sufficient.
If you are not able to obtain the above, you will need to work directly with the site operator to resolve your differences. We will have to fall back on our members' contractual assertion that the content they upload is legitimate and therefore we will not be able to get involved.
This quote really sums up their stance:
A NearlyFreeSpeech.NET member site contains offensive content.
At NearlyFreeSpeech.NET we firmly believe that censorship is a dangerous and misguided approach to the problems of society. We believe that the price we pay for the huge number of fantastic sites we host are a few sites that we feel are significantly less fantastic.
We believe that the price you pay for living in what we hope is a free society is that when you encounter something offensive, you must resist the urge to censor it and instead research, investigate, and speak out passionately in opposition to it. That is the essence of free speech.
Please do not send us abuse complaints of this nature. We will discard them. DMCA
Ah yes. Everyone's favorite. Fortunately, NFS is sane about this (far more sane than some uh... "dreamy" hosts I've used...). Again, another excerpt from their FAQ (which I can also attest is true):
We adhere to the entire law very closely. We do not generally pull the plug on an entire site if, for example, someone claims that a single graphic is infringing. We do our best to remove only the content that the copyright owner specifically identifies as allegedly infringing. We allow and encourage the use of the "putback notification" process when material is incorrectly identified as infringing. But we do not automatically terminate a member's service merely for receiving a complaint alleging infringement. (However, actually infringing someone's copyright does violate our TACOS and will generally result in immediate termination.)
Keep in mind that while we aren't lawyers, neither are we idiots. We can tell the difference between people harassing our members via the DMCA and cases where our service is genuinely being misused, and we can adjust our attitude accordingly. Fortunately, both of these cases are very rare. Cost.
This one's a big issue for folks on shared hosting, so it's worth going over. Basically, NFSN uses a pay-per-use model. Simply put, you pay for the resources you use. This does mean that you won't be able to "game the system" and hope to get away with a high-traffic site on an oversold server for a couple bucks a month. This also means that the system won't game you, and put your high traffic site on an oversold server. Most importantly, it means that you don't pay for what you don't use. Those 1000GB for $10 plans seem like a great idea until you realize that if you only use 1GB you're getting royally screwed.
Pricing is a little unconventional, so it's worth going over in a bit of depth:
Bandwidth
Bandwidth starts at the price of $1/GB. This may seem steep if you compare them to the prices promised in the ads of various heavily-oversold shared hosts. Fortunately, it's not a flat rate. In fact, the more bandwidth you use, the lower your per-GB charge is --and the discount is permanent. They've got a bandwidth calculator [url] if you're curious about pricing.
Storage
$1/100MB, flat fee.
MySQL
$0.01/day IIRC. Their MySQL servers are top notch FreeBSD 7 boxes, and I definitely think they're worth the price.
E-mail forwarding
$0.01/day. You can obviously use your own e-mail servers instead, or use something like Google Apps -- but if you want them to do e-mail forwarding it costs $0.01/day with no usage cap. (And yes, I do mean no usage cap. Bugmenot.com uses NFS's e-mail servers for their "disposable mailbox" service, and they have a heck of a lot of inbound mail.) Privacy
Wow. Short of bribing an off-shore host, I don't think you'll find a more private arrangement. Unless they've got a court order demanding your details, you can safely assume that they won't be divulged. Again, I speak from experience.
Also interesting to note is this excerpt from their FAQs:
At NearlyFreeSpeech.NET, we believe that with great power comes great responsibility, so we take a dim view of such behavior. For that reason, our TACOS require our members to provide complete and correct contact information, and requests for anonymous hosting are typically denied.
However, we do make one important exception. If you live outside the United States and can demonstrate that the site you wish to host would put you at significant, legitimate risk of retaliation from a government with a documented track record of reprisal against people who speak out against it, we may be able to help. Anonymous hosting is serious business; it can be one component of a coordinated plan to protect you and your family from torture and murder. It's absolutely not an option you can use to dodge lawsuits or unpopularity arising from hosted material.
I haven't (thankfully) had to depend on that level of privacy protection -- but if I did, I wouldn't hesitate to work with them.
SFTP/SSH access
Name says it all.
Scalability
To quote 'jdw', one of the founders of the service, in response to a user's questions re: scalability:
It depends. If all you need is bandwidth, it should be pretty well unlimited. There have been a couple of cases where we have asked people to move on based on CPU usage, but those involved specific situations where they had a poorly-tuned application and couldnât or wouldnât optimize it for the load they were getting. Those were also before the days of 8-core cluster nodes.
A VPS or single dedicated server would definitely not be able to serve more bandwidth. Most of them are capped to 10 or 100Mbps; our load-sharing architecture can serve a single site into multiple Gbps if the site is fast enough (i.e. static content) and you can pay for it.
When they mention CPU usage, it's worth noting that it's nothing like Dreamhost and other shared hosts. You just won't hit it unless you've got a bug or you're trying to do something like calculate pi to a billion places. The limits that are in place are solely to prevent runaway/buggy apps from screwing things up -- you won't hit them, even with heavy usage, provided your site's software is functioning correctly.
Cons:
To be honest, there aren't many. There are some though, so in the interest of completeness, here they are:
No SSL
The reasons for this are varied, and they're actively working to implement a solution. The short story is that, due to the architecture of their service, it's not quite as simple as "drop in a cert and tweak the httpd config". Essentially, since they don't assign static IPs for individual sites, they can't support SSL until all mainstream browsers support the SNI extension.
No overselling
Some people may think the lack of "unlimited bandwidth for $7.99/mo" is a con. Others think "unlimited bandwidth for $7.99/mo" is a con. Depends on your perspective and usage I guess.
No Ruby on Rails
Doesn't bother me, but it might be a deal-breaker for someone I suppose.
Not your bog-standard cPanel + Linux box setup Some folks would say that this is a con, due to the lack of familiarity. Their control panel is different than a lot of hosts, but it's flexible, clean, and responsive, so it's fine for me.
Perks
One thing I've come to notice over 4+ years with NFS is that there are lots and lots of nice little features that aren't advertised, but that make life just a little easier.
Examples:
E-mail to POST
Their mail forwarding can be configured to POST incoming messages (complete with attachments) to a specified URL. The format of this submission is documented on the member wiki.
Member wiki
Contains member-submitted documentation of NFSN's quirks, some of its special features, and how to best get different apps working on NFSN.
Management API
I haven't played around with it, so I can't provide too many details, but NearlyFreeSpeech offers a public API to allow for the programmatic management of user memberships, sites, DNS records, etc. Pretty cool, and not something I've seen elsewhere.
Domain registration
Cheap domains, simple registration process, and (unlike GoDaddy) they don't screw around with your registration just because you said something that they didn't like. Haskell support
If you know what this is, you know why this is sweet ;-)
Member forums
Not terribly unique, but a great resource. Pretty much everyone there is quite friendly and happy to help new users.
Free trial
You can create a trial membership. This membership comes with $0.02 (IIRC) credit, and is a great way to tinker with their platform before depositing money. You can get a refund
Sweet. Never had to use it though, but good to know I could if I had to.
Humor
A little thing, yes -- but it's good to see a host that actually seems like it's staffed by real people rather than bash scripts and stock photos.
Member/staff interaction
This is something I haven't seen with any other hosts. The staff interact with the users on the discussion forums. When a user asks "why do you do/say X", they get a response. They have discussions on why they decided to do/say X. Members ask for Y to be available through the web control panel, and some time later a staff member bumps the thread to point out that Y has been implemented. --- Verdict If you need shared hosting, you'd be doing yourself a disservice by not trying NearlyFreeSpeech.net
I was able to login from IPMI View just fine, and everything works as expected except "Text Console ". I was able to hit the start button and get the black screen on IPMI View, but that was just about it.
Only a cursor blinking without texts.
Is there something else that I should do in order to get text console working? I've tried all baud rates.
how I might be able to execute a Linux command by sending a text message to some email address? Where if that email address gets a message (either any message, or perhaps only messages containing some password), a Linux command is executed, e.g.
I'm working on some PHP intranet tools. I'm still somewhat new to PHP, having come from an ASP background; been doing PHP for about a year now.
The tools used to be located on a Solaris box, which is running PHP 4.2. One of the tools checks text files in a particular location on the same box that are generated by another process. The text files are found and parsed by locating a particular directory and looking through the entries for filenames matching a particular pattern; they may or may not be present depending on the success of the other process. The text files and directory are not in a web-servable location (i.e. they can't be reached via HTTP or FTP).
I am now able to migrate to a new Windows 2k3 server running IIS 6. I've configured it with PHP 5.2.5 and it is successfully serving web pages. I need to migrate these tools over to the new server but they still need to reach the text files on the old server. The old server has a Samba share hooked to the directory I need and I can successfully map it as a mapped drive from the Win2k3 box.
It's my understanding (after hours of googling and testing) that mapped drives are specific to the logged-in user and not to the machine in general, so IIS can't see them (which seems to be validated by my tests). I've pulled in the mapped drive to the Samba share as a virtual directory under IIS but PHP scripts still can't see it. The share is not available under FTP or HTTP, so cURL doesn't seem to be an appropriate solution, as far as I can tell. It's also my understanding that mapped drives aren't dependably re-mapped after a server reboot until the user logs in, and of course there won't necessarily be users logging into the server to create the mapped drives after a reboot. So mapped drives seem to not be a solution either.
One person from another forum (not SitePoint) suggested running the IIS process under the domain login credentials used to get to the Samba share, and find a way to map the drive automatically after a reboot (some sort of Windows service that would call a batch file or something). I'm not comfortable using a domain login to run my IIS under (although I tried it and it didn't seem to work for a previously-mapped drive).
So my question is: is there a way from PHP to connect to a remote Samba share, provide inline credentials, and use functions like is_dir and file_get_contents on files in that share? I'm not a PHP guru yet, but I've successfully set up the server, create and use remote MySQL databases, write my own JavaScript and Ajax, and don't consider myself to be a newbie - and I simply can't find a good solution for this problem. I come from an all-Microsoft background where integrated authentication was the intranet standard and issues like this simply didn't come up.
I hope this is the appropriate forum to ask...the server forum was the second runner-up but after looking at threads there they didn't seem to address issues like this.
Why does the WHM panel send me my private key and passphrase for my SSL certificate to my inbox when I generate a CSR? Um... isn't that a bit insecure?
I purchased a Rapid SSL cert from NameCheap who then needed a Certificate Signature Request(CSR) which is generated from WHM.
After generating the CSR, WHM sent me an email that is literally titled 'SSL RSA PRIVATE KEY for *.<domain_removed>.com'
The email not only contains the ----- RSA PRIVATE KEY----- but also my 'challenge password' .
is this supposed to happen? and why on earth would my private key and passphrase be sent via unencrypted email? The only think I can think of is that the WHM panel feature is being used to generate the CSR and is sending me a self-signed cert private key , which I'm not going to use (i'm only going to use the CSR) Even if thats the case, I think it still shouldn't happen, its too confusing for newbies like me and I could just end up using the same passphrase for my actual certificate.
Here are the steps I followed: 1. purchased a RapidSSL from namecheap 2. Clicked 'Activate' in namecheap's SSL dashboard which then asks me for a CSR.
To get the CSR, per Site5's wiki: 1.logged into WHM 2. clicked 'Generate a SSL Certificate and Signing Request' 3. completed the 'create a new cert' form which among other things, asks me for the 'Email address the cert will be sent to'. For all the fields, see the site5 wiki 4. click Create
I am a beginner in Apache Web server, whether it is possible to make some rewrite function ( or something similar ) to add some text on url from access ?
For example URL....
I need some function in httpd.conf where in SetHandler server-status ( URL... ) can see users who are connected like /testurl username=someusername:somepassword ?
I did link http://someusername:somepassword@domen.com/testurl?username=someusername:somepassword but some users delete from ?username=someusername:somepassword from link and I have a problem to monitoring that lines !
I am currently installing lxadmin in my webserver, but during the intallation i received a alert message from my "settroubleshootebrowser" saying:
SummarySELinux is preventing /usr/local/lxlabs/ext/php/php from loading /usr/local/lxlabs/ext/php/lib/mysql.so which requires text relocation.
Allowing AccessIf you trust:
/usr/local/lxlabs/ext/php/lib/mysql.so to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t /usr/local/lxlabs/ext/php/lib/mysql.so"The following command will allow this access:chcon -t textrel_shlib_t /usr/local/lxlabs/ext/php/lib/mysql.so
This message was for thwe SQL and Zend optimizer.
My Question is, where do i find the "chcon -t textrel_shlib_t" file allow access?
I've upgraded from WS2008R2 & IIS to CentOS and Plesk 12.Now, I wanted to change the webmail link for all domains to mail.domain instead of webmail.domain. I've followd 2 guides to do that: URLs....Everything went smooth, but now Horde and Roundcube look like this (even when I restarted the whole server):
I need to be able to access email passwords in plain text (not encrypted). I'm running with updates so as to not force encryption, which I'm told is a one-way deal. I'm going to have to go to new hardware soon, as I'm finding the hardware starting to fail.
I understand the "mail_auth_view" utility shows the passwords, and was wondering if it will decrypt them for you?
If not, how can I keep the behavior of non-encrypted email passwords so that the customer administrators still have access to them for their users? I know a new install forces encryption, which is why I can't do that. How can I preserve the non-encrypted passwords and move to new hardware? This seems to be a deal breaker for my customers.
Attached is a (badly) drawn diagram of two sites, connected by a vpn.
The site to the left, is network 10.0.0.0/24 which runs a linux server as the router for the network.
The site to the right, is network 10.1.0.0/24 which runs a windows 2003 server as the router for the network.
Now, my problem is, the clients behind the windows 2003 server can ping any machine on the first network because i setup a static route to route all traffic to 10.0.0.0/24 over the vpn interface.
now, my problem is, only the linux server can ping any machine on the windows 2003 network, any client behind the linux server cant seem to route over the interface.
I have the following route on the linux server: .....
Starting point: a working site using a shared IPv4, dedicated IPv6, and SSL. HTTP and HTTPS work, the latter only using SNI of course.
The good news: If I simply allocate an IP resource of 1 to a subscription it is pulled from the pool, assigned to the service node, assigned to the web site, DNS is updated, and the site is automatically changed to using a Dedicated IPv4 and Dedicated IPv6.
The bad news: visitors land on the default web site of the service node, with the default SSL certificate.
Other info: I can't ping the new IP, even though it shows in "ip a l" and /etc/sysconfig/network-scripts/ifcfg-eth0:0. [edited]
After the IP assignment, it is still installed, and /etc/httpd/conf/plesk.conf.d/ip_default/domainname.conf shows the new certificate is being used.
However, a second set of VirtualHost entries is created in server.conf for this IP for ports 80 and 443, with NameVirtualHost enabled on the new IP. The port 443 entry uses the default certificate. Apache's setup this default VirtualHost entry will override the web site configuration because Apache is listening on port 443 with the wrong cert.
If I go to "Change webspace settings" and toggle to Shared IPv4, Dedicated IPv6 the site works again via HTTPS, and Dedicated IPv4 and Dedicated IPv6 breaks it again. Setting the SSL cert to None and back again does not work.
Setting the SSL cert to None, changing to a dedicated IP, and enabling SSL results in the server being inexplicably inaccessible...browsers no longer connect to either the default site or the correct site, and I don't see any entries in the vhosts's logs.
Was browsing a few websites (as you do) and noticed something unusual on a competitor site. They had used the same text as another website I had viewed not long ago.
OUR MISSION
It may sound unbelievable but the majority of the big companies in the web hosting business usually do not invest much in the development of new technologies. Instead they rely on 3rd party solutions and software. Unlike theirs, our hosting software was created, developed and designed in-house by us. Moreover, our business approach is human-oriented in that our client support is a centre factor in the quality hosting service that we offer.
Read that before...?
I just did a google search for the first part of it (including the quotes, so it will only find sites that contain the whole string word for word)...
"It may sound unbelievable but the majority of the big companies in the web hosting business usually do not invest much in the development of new technologies."
Result?
Quote:
Results 1 - 10 of about 9,170 for ... (0.10 seconds)
Isn't it ridiculous when you have 10,000 companies using identical "About Us" text?
I'm on a short assignment to inventory and manage the fixed assets of a small company, and we've just bought a web-based database for this purpose. While I'm pretty good at administering/running local databases, the web part has me stymied. Our company is between IT people, and there's no one on site with any more idea than I have about what's going on!!
Here's what I have so far:
--The company has a website which I'll call "ourwebsite.org" -- which I think, from searching the IP address the website points to, is hosted by HostMySite.com.
--There's also a record in DNS Management with the same name (ourwebsite.org), but pointing to our little server's local IP address.
--I need to find a way to get my database -- which I can access on the network at (server's IP address)/database (ie 0.0.00.0/database) -- online. I tried creating records in DNS Management (for ex., assets.ourwebsite.org) that point to our server's IP (the one that, if I type it in on the network, I can get to the site I'm looking for), but get generic "can't find the page" or "can't connect to the server" errors, even after 72 hours, when trying to access it from off the network.
--If I browse to assets.ourwebsite.org/database on the server itself, I get to the website! But if I go to that page from any other computer, on or off the network, it doesn't work.
--The Server is running Windows Server 2003
So, what are my options? Do I have to talk to the HostMySite.com people to add this page? Shouldn't I just be able to use my server's name (ourcompanyadc.ourcompany.org) and have that route to the server? What's going on here! Is there a simple way to get a tiny local-server-hosted website online outside of the network?