How to , and other stuff about linux, photo, php … Another blog just like others on internet

January 16, 2019

How to deny execution of php on some directory

Filed under: Linux — Tags: , , , — admin @ 1:12 pm
Just add this on your .htaccess in that directory and php will not be executed.
# Kill PHP Execution
<Files ~ "\.ph(?:p[345]?|t|tml)$">
deny from all
</Files>

December 10, 2018

Your browser sent a request that this server could not understand

Filed under: Linux — Tags: , , , — admin @ 4:51 pm

Well today I am facing another problem.

Got this answer on a apache behind a proxy .

400 Bad Request
Bad Request
Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit.

So .. it appear the header that is received by webserver is bigger then normal .

Solution is to increase it .

LimitRequestFieldSize 32760
LimitRequestLine 32760

Please note that is loaded from first VirtualHost.

One solution is to tested with this

curl -v -H “CustomHeader: `printf ‘1%.0s’ {1..n}`” localhost

Where n can be replace with a value of for example 20000

 

November 22, 2018

Letsencrypt UnicodeDecodeError: ‘utf-8’ codec can’t decode byte 0xfc in positio

Filed under: Linux — Tags: , , , — admin @ 12:16 pm

Well today I was trying to issue a ssl on a old server and find this

File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/augeas.py”, line 147, in get
return dec(value.value)
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/augeas.py”, line 65, in dec
return st.decode(AUGENC)
UnicodeDecodeError: ‘utf-8’ codec can’t decode byte 0xfc in position 15: invalid start byte
Please see the logfiles in /var/log/letsencrypt for more details.

A short workaround was to modify the

“/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/augeas.py”

the 65 line was something

return st.encode(AUGENC)

with

return st.decode(AUGENC, ‘ignore’)

It worked to get a new certificate .

February 6, 2018

Prevent SSL redirect loop using WordPress and HAProxy

Filed under: Linux — Tags: , , , , — admin @ 11:21 am

I do have a haproxy that is serving the ssl frontend and the apache is on 80 port.  But the wordpress see the 80 port and is not forcing to use the ssl as links for css/js

So to force wordpress to generate ssl internal links you need to add this into wp-config.php

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
  $_SERVER['HTTPS']='on';


Offcourse on the haproxy you need to have

reqadd X-Forwarded-Proto:\ https

 

December 11, 2017

Redis can’t save in background

Filed under: Linux — Tags: , , — admin @ 10:53 am

Well I see something in log

[3765] 30 Jan 11:31:10 * 1 changes in 900 seconds. Saving…
[3765] 30 Jan 11:31:10 # Can’t save in background: fork: Cannot allocate memory

To fix this redis error you need to

echo 1 > /proc/sys/vm/overcommit_memory sysctl vm.overcommit_memory=1

 

« Newer PostsOlder Posts »

Powered by WordPress