[HOWTO] Install pecl_http into PHP

Posted on August 26, 2010 by Zach

This is a quick guide on how to compile pecl_http, as sometimes it has a little trouble compiling with the system’s cURL libraries.

Start by SSHing into your server as root

CD into your compile directory:

cd /usr/local/src/

Download the library:

pecl download pecl_http

Bundle it in the current directory:

pecl bundle pecl_http

CD into the pecl_http source directory:

cd pecl_http*

Prepare the build environment:

phpize

Configure the build with cPanel’s cURL SSL library:

 ./configure --with-http-curl-requests=/opt/curlssl

* Note: You must have cURLSSL already built by EasyApache

Compile it:

make && make install

Add the extension to PHP:

echo "extension=http.so" >> /usr/local/lib/php.ini

Restart Apache:

/etc/init.d/httpd restart

And you’re done!

Posted in General, Howtos, cPanel | Tagged , , , , , | 7 Comments

How to create a Facebook for Businesses

Posted on August 15, 2010 by Zach

Got a business?  Want to promote it on Facebook?  Here’s how!

Follow this link to create an “official page” for your business on Facebook:

http://www.facebook.com/pages/create.php?campaign_id=372931622610&placement=pghm&extra_1=0

Then, select Local Business for a Business account, and you can also create Groups here.

You can also bind this to an existing personal Facebook account, to make management easier.

Posted in General, Howtos | Tagged , , , , | 9 Comments

Mounting a device with an alternative superblock

Posted on August 5, 2010 by Zach

Ever tried to mount a device you know to be working, but get this error?

[root@host] ~ >> mount /dev/sdc1 /backup
/dev/sdc1: Input/output error
mount: /dev/sdc1: can't read superblock

The first thing we need to do is determine whether the device has any alternative superblock locations:

[root@host] ~ >> mke2fs -n /dev/sdc1
mke2fs 1.35 (28-Feb-2004)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
19546112 inodes, 39072080 blocks
1953604 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=41943040
1193 block groups
32768 blocks per group, 32768 fragments per group
16384 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208
4096000, 7962624, 11239424, 20480000, 23887872

Pay special attention to the Block Size and Superblock block locations.

* For filesystems with 1k blocksizes, a backup superblock can be found at block 8193
* For filesystems with 2k blocksizes, at block 16384
* For 4k blocksizes, at block 32768.

Our mke2fs output indicated that we had 4096 block size (4K), and that there was indeed a backup superblock at block 32768. So, here’s the next part:

umount -l /dev/sdc1
sleep 15
e2fsck -f -b 32768 /dev/sdc1

This will run an EXT2 filesystem check using 32768 as the superblock location. Make sure the affected filesystem is UNMOUNTED first, or you WILL lose data.

You should now be able to mount /dev/sdc1 (or whatever device you’re working with) to your mount point.

[root@host] ~ >> mount /dev/sdc1 /backup
[root@host] ~ >>
Posted in Daily Fixes, General, Howtos | Tagged , , , , | 7 Comments

How to configure APF firewall on a cPanel server

Posted on August 5, 2010 by Zach

Here’s one for the LiquidWeb customers!

Here’s a simple config file for APF, you can save this in /etc/apf/conf.apf

#!/bin/sh
# Turn off development mode
DEVEL_MODE="0"
INSTALL_PATH="/etc/apf"
 
# Primary NIC (eth0)
IFACE_IN="eth0"
IFACE_OUT="eth0"
IFACE_TRUSTED=""
 
# APF Features
# Verbose execution
SET_VERBOSE="1"
# Use iptables-save
SET_FASTLOAD="1"
# Do not enable per interface rules
SET_VNET="0"
# Untrust undefined NICs
SET_ADDIFACE="1"
# If you have a custom kernel, set this to 1
SET_MONOKERN="0"
# Refresh rules every 10 minutes
SET_REFRESH="10"
# Max denys
SET_TRIM="100"
 
# Verify routing on each interface
VF_ROUTE="1"
# Continuously..
VF_CROND="1"
# If you know the mac of your gateway, put it here
VF_LGATE=""
 
# Reactive address blocking
RAB="1"
RAB_SANITY="1"
RAB_PSCAN_LEVEL="3"
RAB_HITCOUNT="1"
RAB_TIMER="300"
RAB_TRIP="1"
RAB_LOG_HIT="1"
RAB_LOG_TRIP="0"
 
# Default action for unsolicited packets
TCP_STOP="DROP"
UDP_STOP="DROP"
ALL_STOP="DROP"
 
# Packet Filtering
PKT_SANITY="1"
PKT_SANITY_INV="0"
PKT_SANITY_FUDP="1"
PKT_SANITY_PZERO="1"
PKT_SANITY_STUFFED="0"
 
# Type of Service (ToS)
TOS_DEF="0"
TOS_DEF_RANGE="512:65535"
TOS_0=""
TOS_2=""
TOS_4="443" # Minimize Delay - Maximize Reliability
TOS_8=""
TOS_16="80" # No Delay - Moderate Throughput - High Reliability
 
# Traceroute
TCR_PASS="1"
TCR_PORTS="33434:33534"
 
ICMP_LIM="20/s"
 
RESV_DNS="0"
RESV_DNS_DROP="1"
 
BLK_P2P_PORTS="1214,2323,4660_4678,6257,6699,6346,6347,6881_6889,6346,7778"
BLK_PORTS="135_139,111,513,520,445,1433,1434,1234,1524,3127"
BLK_MCATNET="0"
BLK_PRVNET="0"
BLK_RESNET="0"
BLK_IDENT="1"
 
# Sysctl Settings
SYSCTL_CONNTRACK="34576"
SYSCTL_TCP="1"
SYSCTL_SYN="1"
SYSCTL_ROUTE="1"
SYSCTL_LOGMARTIANS="1"
SYSCTL_ECN="0"
SYSCTL_SYNCOOKIES="1"
SYSCTL_OVERFLOW="0"
 
HELPER_SSH="1"
HELPER_SSH_PORT="22"
HELPER_FTP="1"
HELPER_FTP_PORT="21"
HELPER_FTP_DATA="20"
 
# Port access list
IG_TCP_CPORTS="20,21,25,53,80,110,143,443,465,993,995,2082,2083,2086,2087,2095,2096"
IG_UDP_CPORTS="20,21,53"
IG_ICMP_TYPES="all"
 
# Block lists
USE_DS="1"
DS_URL="feeds.dshield.org/top10-2.txt"          # block.txt url (no *://)
DS_URL_PROT="http"                           # protocol to use for wget
USE_DROP="1"
DROP_URL="www.spamhaus.org/drop/drop.lasso"     # drop.lasso url (no *://)
DROP_URL_PROT="http"                            # protocol to use for wget
USE_ECNSHAME="1"
ECNSHAME_URL="r-fx.ca/downloads/ecnshame.lst"   # url (no *://)
ECNSHAME_URL_PROT="http"                        # protocol to use for wget
USE_RD="1"
RD_URL="r-fx.ca/downloads/reserved.networks" # reserved.networks url
RD_URL_PROT="http"                 # protocol to use for wget
 
# Logging settings
LOG_DROP="1"
LOG_LEVEL="crit"
LOG_TARGET="LOG"
LOG_IA="1"
LOG_LGATE="0"
LOG_EXT="1"
LOG_RATE="90"
LOG_APF="/var/log/apf_log"
CNFINT="$INSTALL_PATH/internals/internals.conf"
. $CNFINT

After you save this to the file, execute the following command in SSH to restart your firewall:

/etc/init.d/apf restart

Since I don’t feel like creating tickets for no reason, I have excluded the egress portion of the firewall. If you’d like the egress configuration, please contact me and let me know you want it.

Posted in General, Howtos, Security | Tagged , , , , , | 4 Comments

5 *Must have* social networking plugins for WordPress

Posted on August 1, 2010 by Zach

It’s that time again.  I’ve compiled a list of the most immensely helpful Social networking plugins for WordPress.  They’re compatible all the way up to 3.0.1!

  1. IntenseDebate
  2. TweetMeme Retweet Button
  3. Twitoaster
  4. SexyBookmarks
  5. Network Publisher

All of these are quality plugins, #4 and #5 will really boost your social network visibility!

Please comment, RT, share, and suggest any other addons that should be added to this list!

Posted in General, Wordpress | Tagged , , , , , , , , | 8 Comments

Setting up Configserver Firewall in Webhost Manager

Posted on July 25, 2010 by Zach

Here’s a simple guide to setting up ConfigServer Firewall, also known as CSF.  This firewall features a built-in brute-force and flood protection option, with a web-based interface only available in WHM.  It’s pretty slick if you ask me.  Anyhow, here’s how to set it up.

SSH into your server as root

Paste the following code into your shell:

wget http://configserver.com/free/csf.tgz
tar -xzvf csf.tgz
cd csf*
sh ./install.cpanel.sh

You’re done!

You should now see Configserver Firewall & Security under WHM > Plugins.

Click on that, then you’ll see this on the right side:

Click the Enable button.

Then, goto the Upgrade box, and click Remove APF/BFD

This will ensure that you don’t have conflicting firewalls and security software running on your server.  APF is a standalone, command-line firewall for Linux.  BFD is Bruteforce Daemon which protects the servers against bruteforce attacks.  However, CSF has a built-in version of that called LFD or Login Failure Daemon.  A daemon can be defined as any service that runs in the background as a non-interactive process.

Next, we’ll set the Security Level of CSF to Medium.  Find this button under the Upgrade box.

Click on the button, and it will take you to another screen.

Find the column that matches this, then click on the Medium button.  I find that High is a little too sensitive, and Medium is strong enough to deter most script kiddies away.

Don’t forget to add your IP ( www.whatismyip.com ) to the Green Box!

After you’re done, it will tell you to restart CSF, do so and you’re done with Part 1 of CSF setup.  My next blog post will be a continuance of this, to setup all the options CSF gives you.

Posted in General, Howtos, Security | Tagged , , , , , , | 16 Comments

A few SEO and Site Optimization resources

Posted on July 24, 2010 by Zach

Here’s a few links I use to grade websites on their content, SEO optimization, and general performance.

  1. Grader
  2. Grade my SEO
  3. SEOZIO
  4. Nibbler
  5. DNScoop
  6. SEOHosting Tools

May these tools help you on your way up to the top!

Posted in General | Tagged , , , , , | 8 Comments

How to use auditd to track file changes

Posted on July 14, 2010 by Zach

Alright, here’s a post for the advanced Linux users that don’t have time to mess around. Ever wanted to track what accesses a file on your server? Using the auditd daemon, you can do just that.

Is auditctl installed?

[root@eclipse ] ~ # which auditctl
/sbin/auditctl

How to install auditctl

If your output is blank, or shows an error message, you may need to install the audit package.

[root@eclipse ] ~ # yum -y install audit

Running auditd on boot

[root@eclipse ] ~ # chkconfig auditd on
[root@eclipse ] ~ # ntsysv

You’ll see a screen like this:

ntsysv

ntsysv

Just make sure auditd has a star, then hit <TAB> once to go to the “Ok” button, and hit Enter to save.

After you save, be sure to start the auditd daemon by executing:

[root@eclipse] ~ # /etc/init.d/auditd start
Starting auditd:                                           [  OK  ]

Setting up a file watch

To setup a file watch, you’ll need 3 things:

  1. The filename to watch
  2. A shadow file to record the changes
  3. A permission filter with at least one of these flags: a -> append, r -> read, w -> write, x -> execute

Once you have all of that, then go ahead and create your audit rule using the  auditctl command like so:

[root@eclipse] ~ # auditctl -w /path/to/my/file -k /path/to/my/shadow-file -p rwxa

For example i’m going to use a file called /root/notouchie:

[root@eclipse] ~ # auditctl -w /root/notouchie -k /root/notouchie-shadow -p rwxa

You should then list your auditctl rules to verify that rule is in place.

[root@eclipse] ~ # auditctl -l
LIST_RULES: exit,always watch=/root/notouchie perm=rwxa key=/root/notouchie-shadow

Then, against better judgement, we’re going to touch /root/notouchie like so:

[root@eclipse] ~ # touch /root/notouchie

This should set off auditd, so now we search our audit database with ausearch and give it a few arguments.

[root@eclipse] ~ # ausearch -i -f /root/notouchie
----
type=PATH msg=audit(07/14/2010 00:53:12.844:94) :
item=0 name=/root/notouchie inode=131757 dev=08:02 mode=file,644 ouid=root ogid=root rdev=00:00
type=CWD msg=audit(07/14/2010 00:53:12.844:94) :
cwd=/root
type=SYSCALL msg=audit(07/14/2010 00:53:12.844:94) :
arch=x86_64 syscall=open success=yes exit=0 a0=7fffcec7fa71 a1=941 a2=1b6 a3=0 items=1 ppid=27044 pid=18781 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=pts0 ses=4294967295 comm=touch exe=/bin/touch key=/root/notouchie-shadow

Now we see that uid=root executed /bin/touch and modified the file.

This is just the beginning of the possibilities of auditd, check out more options at the manpage:

aureport(8)

Posted in General, Howtos, Security | Tagged , , , , , | 3 Comments

What is RSS?

Posted on July 8, 2010 by Zach

I am posting this to clear up some confusion on what RSS is, what it does, and what it can do for you.

What is RSS?

Wikipedia defines RSS as:

a family of web feed formats used to publish frequently updated works—such as blog entries, news headlines, audio, and video—in a standardized format.[2] An RSS document (which is called a “feed”, “web feed”,[3] or “channel”) includes full or summarized text, plus metadata such as publishing dates and authorship. Web feeds benefit publishers by letting them syndicate content automatically. They benefit readers who want to subscribe to timely updates from favored websites or to aggregate feeds from many sites into one place. RSS feeds can be read using software called an “RSS reader”, “feed reader”, or “aggregator“, which can be web-based, desktop-based, or mobile-device-based. A standardized XML file format allows the information to be published once and viewed by many different programs. The user subscribes to a feed by entering into the reader the feed’s URI or by clicking an RSS icon in a web browser that initiates the subscription process. The RSS reader checks the user’s subscribed feeds regularly for new work, downloads any updates that it finds, and provides a user interface to monitor and read the feeds.

How do I implement this on my blog?

Your theme, if you’ve chosen wisely, should already contain a link to an RSS feed on your site.  If you’re using Firefox, you’ll see this on the right side of your Address Bar:

RSS Enabled Website

RSS Enabled Website

If not, then you’ll need to edit your template, in header.php:

<link rel="alternate"
  type="application/rss+xml"
  title="<?php bloginfo('site_name'); ?>"
  href="<?php bloginfo('url'); ?>/wp-feed.php"
/>

Stick that anywhere below the <head> tag, but above the </head> tag.

Once you’ve done that, refresh your site, and your should have a nice shiny RSS feed for your readers and Google to use.

If you’re having problems enabling RSS syndication on your website, click the Contact Me link at the top, and I will help set it up.

Posted in General, Howtos, Wordpress | Tagged , , , | 10 Comments

ThePirateBay hacked!

Posted on July 8, 2010 by Zach

OH NOES.

http://thepiratebay.org

Contents:

“Upgrading some stuff, database is in use for backups, soon back again.. Btw, it’s nice weather outside I think.”

UPDATE: It appears they are back up and running, hooray!

Posted in General, Security, Tech News | Tagged , , | 9 Comments