How to , and other stuff about linux, photo, php … Another blog just like others on internet

July 5, 2017

Adding trusted root certificates to the server

Filed under: Linux — admin @ 2:11 pm

Linux (Ubuntu, Debian)

Function Method
Add
Copy your CA to dir /usr/local/share/ca-certificates/
Use command: sudo cp foo.crt /usr/local/share/ca-certificates/foo.crt
Update the CA store: sudo update-ca-certificates
Remove
Remove your CA.
Update the CA store: sudo update-ca-certificates –fresh

 

Linux (CentOs 6)

Function Method
Add
Install the ca-certificates package: yum install ca-certificates
Enable the dynamic CA configuration feature: update-ca-trust force-enable
Add it as a new file to /etc/pki/ca-trust/source/anchors/: cp foo.crt /etc/pki/ca-trust/source/anchors/
Use command: update-ca-trust extract

 

Linux (Centos 5)

Add
Append your trusted certificate to file /etc/pki/tls/certs/ca-bundle.crt
cat foo.crt >>/etc/pki/tls/certs/ca-bundle.crt

June 27, 2017

change root password for mysql 5.7 fresh installed

Filed under: Linux — Tags: , , — admin @ 11:35 am

In order to find out actual password you need to grep log file

grep password /var/log/mysqld.log

This will provide you with root password .

After login on your mysql server with

mysql -u root -p

Then you must change root password with

ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘newpassword’;

 

June 14, 2017

apache 2.2 run php as username with fcgid

Filed under: Linux — Tags: , , , — admin @ 12:25 pm

One of my problem is to secure a little websites at least to run as their user and not as apache . In this way if one wordpress is hacked not all website to be modify by that script .

On internet you will find something like this

<IfModule mod_fcgid.c>
MaxRequestLen 15728640
FcgidConnectTimeout 20
SuexecUserGroup username groupname
<Directory /var/www/vhosts/site.com>

Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/wraper/site.com/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>

All is fine in some situation works . However I notice that if you have the php 5.6 installed this won’t work . I try all loglevel debug and other stuff but it simply didn’t start that wraper with that user in process list.

After some more dig I found out that /etc/httpd/conf.d/php.conf is different then on other php version and in this 5.6 that file have a SetHandler .

So the solution is to overwrite again that SetHandler

So in your vhost before add this IfModule you need to add also

<FilesMatch \.php$>
SetHandler None
</FilesMatch>

 

June 13, 2017

How to fix upstream timed out (110: Connection timed out) error in Nginx

Filed under: Linux — Tags: , , , — admin @ 1:36 pm

In order to fix that you need to add

proxy_read_timeout 300;

 

May 29, 2017

How to install git composer globally

Filed under: Linux,Php — Tags: , , — admin @ 10:28 am

Hello

The easy way to install composer globally is to run bellow commands


curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
« Newer PostsOlder Posts »

Powered by WordPress