Posts Tagged ‘config’
Tuesday, October 25th, 2011
After a recent new Debian Squeeze Apache+PHP server install and moving a website from another server host running on CentOS 5.7 Linux server, some of the PHP scripts running via crontab started displaying the following annoying PHP Warnings :
debian:~# php /home/website/www/cron/update.php
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626/suhosin.so' – /usr/lib/php5/20090626/suhosin.so: cannot open shared object file: No such file or directory in Unknown on line 0
Obviously the error revealed that PHP cli is not happy that, I've previously removes the suhosin php5-suhosin module from the system.
I wouldn't have removed php5-suhosin if sometimes it doesn't produced some odd experiences with the Apache webserver.
To fix the PHP Warning, I used first grep to see, where exactly the suhosin module gets included in debian's php.ini config files.
debian:~# cd /etc/php5
debian:/etc/php5# grep -rli suhosin *
apache2/conf.d/suhosin.ini
cgi/conf.d/suhosin.ini
cli/conf.d/suhosin.ini
conf.d/suhosin.ini
Yeah that's right Debian has three php.ini php config files. One for the php cli – /usr/bin/php, another for the Apache webserver loaded php library – /usr/lib/apache2/modules/libphp5.so and one for Apache's cgi module – /usr/lib/apache2/modules/mod_fcgid.so .
I was too lazy to edit all the above found declarations trying to include the suhosin module in PHP, hence I remembered that probably all this obsolete suhosin module declaration are still present because probably the php5-suhosin package is still not purged from the system.
A quick check with dpkg , further strenthened my assumption as the php5-suhosin module was still hanging around as an (rc – remove candidate);
debian:~# dpkg -l |grep -i suhosin
rc php5-suhosin 0.9.32.1-1 advanced protection module for php5
Hence to remove the obsolete package config and directories completely out of the system and hence solve the PHP Warning I used dpkg –purge, like so:
debian:~# dpkg --purge php5-suhosin
(Reading database ... 76048 files and directories currently installed.)
Removing php5-suhosin ...
Purging configuration files for php5-suhosin ...
Processing triggers for libapache2-mod-php5 ...
Reloading web server config: apache2.
Further on to make sure the PHP Warning is solved I did the cron php script another go and it produced no longer errors:
debian:~# php /home/website/www/cron/update.php
debian:~#
Tags: apache, apache php, assumption, candidate, CentOS, cgi, cgi module, cli, config, cron, debian gnu, declaration, declarations, doesn, dpkg, file, gnu linux, host, ini, inicgi, iniconf, lib, libapache, Linux, mod, odd experiences, package, php scripts, php server, protection, right, rli, server host, shared object, squeeze, suhosin, unable to load dynamic library, Warnings
Posted in Linux, System Administration, Various, Web and CMS | 8 Comments »
Saturday, March 1st, 2014
Dune II: The Building of a Dynasty (known also as Dune II: Battle for Arrakis in Europe is a game that my generation will never forget. Dune 2 is the "first" computer Real Time Strategy (RTE) game of the genre of the Warcraft I and Warcraft II / III and later Command and Conquer – Red Aleart, Age of Empires I / II and Starcraft …
I've grown up with Dune2 and the little computer geek community in my school was absolutely crazy about playing it. Though not historically being the first Real Time Strategy game, this Lucas Inc.
game give standards that for the whole RTE genre for years and will stay in history of Computer Games as one of best games of all times.
I've spend big part of my teenager years with my best friends playing Dune2 and the possibility nowadays to resurrect the memories of these young careless years is a blessing. Younger computer enthusiasts and gamers probably never heard of Dune 2 and this is why I decided to place a little post here about this legendary game.
Its worthy out of curiosity or for fun to play Dune 2 on modern OS be it Windows or Linux. Since Dune is DOS game, it is necessary to play it via DOS emulator i.e. – (DosBox).
Here is how I run dune2 on my Debian Linux:
1. Install dosbox DOS emulator
apt-get install --yes dosbox
2. Download Dune2 game executable
You can download my mirror of dune2 here
Note that you will need unzip to uanrchive it, if you don't have it installed do so:
apt-get install --yes unzip
cd ~/Downloads/
wget https://www.pc-freak.net/files/dune-2.zip
3. Unzip archive and create directory to mount it emulating 'C:\' drive
mkdir -p ~/.dos/Dune2
cd ~/.dos/Dune2
unzip ~/Downloads/dune-2.zip
4. Start dosbox and create permanent config for C: drive auto mount
dosbox
To make C:\ virtual drive automatically mounted you have to write a dosbox config from inside dbox console
config -writeconf /home/hipo/.dosbox.conf
My home dir is in /home/hipo, change this with your username /home/username
Then exit dosbox console with 'exit' command
To make dune2 game automatically mapped on Virtual C: drive:
echo "mount c /home/hipo/.dos" >> ~/.dosbox.conf
Further to make dosbox start each time with ~/.dosbox.conf add alias to your ~/.bashrc
vim ~/.bashrc
echo "alias dosbox='dosbox -conf /home/hipo/.dosbox.conf'" >> ~/.bashrc
source ~/.bashrc
Then to run DUNE2 launch dosbox:
dosbox
and inside console type:
c:
cd Dune2
Dune2.exe
For the lazy ones who would like to test dune you can play dune 2 online on this website
Tags: alias, bashrc, best games, Computer Games, computer geek, config, debian linux, directory, DoS, dosbox, Download Dune2, drive, echo, exit, game, games, history, home, Install, Linux, Lucas Inc, OS, Play, Real Time Strategy, RTE, Start, sudo, unzip, Windows, zip
Posted in Entertainment, Everyday Life, Games Linux, Various | No Comments »
Friday, April 8th, 2011 I have recently installed and configured a Debian Linux server with nginx
. Since then I’ve been testing around different ways to optimize the nginx performance.
In my nginx quest, one of the most crucial settings which dramatically improved the end client performance was enabling the so called output compression which in Apache based servers is also known as content gzip compression .
In Apache webservers the content gzip compression is provided by a server module called mod_deflate .
The output compression nginx settings saves a lot of bandwidth and though it adds up a bit more load to the server, the plain text files like html, xml, js and css’s download time reduces drasticly as they’re streamed to the browser in gzip compressed format.
This little improvement in download speed also does impact the overall end user browser experience and therefore improves the browsing speed experience with websites.
If you have already had experience nginx you already know it is a bit fastidious and you have to be very careful with it’s configuration, however thanksfully enabling the gzip compression was actually rather easier than I thought.
Here is what I added in my nginx config to enable output compression:
## Compression
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 9;
gzip_http_version 1.1;
gzip_min_length 0;
gzip_vary on;
Important note here is that need to add this code in the nginx configuration block starting with:
http {
....
## Compression
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 9;
gzip_http_version 1.1;
gzip_min_length 0;
gzip_vary on;
In order to load the gzip output compression as a next step you need to restart the nginx server, either by it’s init script if you use one or by killing the old nginx server instances and starting up the nginx server binary again:
I personally use an init script, so restarting nginx for me is done via the cmd:
debian:~# /etc/init.d/nginx restart
Restarting nginx: nginx.
Now to test if the output gzip compression is enabled for nginx, you can simply use telnet
hipo@linux:~$ telnet your-nginx-webserver-domain.com 80
Escape character is '^]'.
After the Escape character is set ‘^]’ appears on your screen type in the blank space:
HEAD / HTTP/1.0
and press enter twice.
The output which should follow should look like:
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Apr 2011 12:04:43 GMT
Content-Type: text/html
Content-Length: 13
Last-Modified: Tue, 22 Mar 2011 15:04:26 GMT
Connection: close
Vary: Accept-Encoding
Expires: Fri, 15 Apr 2011 12:04:43 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
The whole transaction with telnet command issued and the nginx webserver output should look like so:
hipo@linux:~$ telnet your-nginx-webserver-domain.com 80
Trying xxx.xxx.xxx.xxx...
Connected to your-nginx-webserver-domain.com
.Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Apr 2011 12:04:43 GMT
Content-Type: text/html
Content-Length: 13
Last-Modified: Tue, 22 Mar 2011 15:04:26 GMT
Connection: close
Vary: Accept-Encoding
Expires: Fri, 15 Apr 2011 12:04:43 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
The important message in the returned output which confirms your nginx output compression is properly configured is:
Vary: Accept-Encoding
If this message is returned by your nginx server, this means your nginx now will distribute it’s content to it’s clients in compressed format and apart from the browsing boost a lot of server and client bandwitdth will be saved.
Tags: apache webservers, bandwidth, client, client performance, com, compression, compression gzip, config, configuration block, content, different ways, download, EncodingExpires, experience, Fri, GMTConnection, gzip, gzip compression, gzipfile, HEAD, How to, html xml, HTTP, init, init script, js, level, Linux, linux server, Mar, mod, Modified, nginx, OKServer, output compression, plain text files, server instances, servers, text, time, use, xml
Posted in Linux, System Administration, Web and CMS | 3 Comments »
Tuesday, May 3rd, 2011 In short I’ll explain here what is Grsecurity http://www.grsecurity.net/ for all those who have not used it yet and what kind of capabilities concerning enhanced kernel security it has.
Grsecurity is a combination of patches for the Linux kernel accenting at the improving kernel security.
The typical application of GrSecurity is in the field of Linux systems which are administered through SSH/Shell, e.g. (remote hosts), though you can also configure grsecurity on a normal Linux desktop system if you want a super secured Linux desktop ;).
GrSecurity is used heavily to protect server system which require a multiple users to have access to the shell.
On systems where multiple user access is required it’s a well known fact that (malicious users, crackers or dumb script kiddies) get administrator (root) privileges with a some just poped in 0 day root kernel exploit.
If you’re an administrator of a system (let’s say a web hosting) server with multiple users having access to the shell it’s also common that exploits aiming at hanging in certain daemon service is executed by some of the users.
In other occasions you have users which are trying to DoS the server with some 0 day Denial of Service exploit.
In all this cases GrSecurity having a kernel with grsecurity is priceless.
Installing grsecurity patched kernel is an easy task for Debian and Ubuntu and is explained in one of my previous articles.
This article aims to explain in short some configuration options for a GrSecurity tightened kernel, when one have to compile a new kernel from source.
I would skip the details on how to compile the kernel and simply show you some picture screens with GrSecurity configuration options which are working well and needs to be set-up before a make command is issued to compile the new kernel.
After preparing the kernel source for compilation and issuing:
linux:/usr/src/kernel-source$ make menuconfig
You will have to select options like the ones you see in the pictures below:
[nggallery id=”8″]
After completing and saving your kernel config file, continue as usual with an ordinary kernel compilation, e.g.:
linux:/usr/src/kernel-source$ make
linux:/usr/src/kernel-source$ make modules
linux:/usr/src/kernel-source$ su root
linux:/usr/src/kernel-source# make modules_install
linux:/usr/src/kernel-source# make install
linux:/usr/src/kernel-source# mkinitrd -o initrd.img-2.6.xx 2.6.xx
Also make sure the grub is properly configured to load the newly compiled and installed kernel.
After a system reboot, if all is fine you should be able to boot up the grsecurity tightened newly compiled kernel, but be careful and make sure you have a backup solution before you reboot, don’t blame me if your new grsecurity patched kernel fails to boot! You’re on your own boy 😉
This article is written thanks to based originally on his article in Bulgarian. If you’re a Bulgarian you might also checkout static’s blog
Tags: administrator, combination, compilation, config, configuration options, configure, crackers, day, Denial, denial of service, Desktop, desktop system, exploits, file, grsecurity, hosting server, How to, img, installlinux, kernel source, Linux, linux desktop, linux kernel, linux systems, make, malicious users, Maximum, maximum linux, menuconfigYou, multiple users, picture, root, root privileges, say, script, script kiddies, server system, Shell, src, system, typical application, Ubuntu, usr
Posted in Linux, Linux and FreeBSD Desktop, System Administration | No Comments »
Friday, June 20th, 2014
I recently migrated MySQL database server from host A to host B (remotesystemadministration.com), because I wanted to have the mysql database server on a separate machine (have separation of server running services and have a dedicated mysql server).
MySQL server host (running on localhost previously was set from my mysql config – my.cnf to listen and serve connections on localhost with
bind-address = 127.0.0.1
). MySQL is used by a Tomcat running Java application on localhost and my task was to set the Tomcat to use the MySQL database remotely to MySQL host B (new remote hostname where MySQL is moved is remotesystemadminsitration.com and is running on IP 83.228.93.76).
Migration from MySQL Db server 1 (host A) to MySQL Db server 2 (host B) is done by binary copying the mysql database directory which in this case is (as it is a Debian server installed MySQL), the standard directory where mysql stores its database data is /var/lib/mysql ( datadir = /var/lib/mysql in /etc/mysql/my.cnf)
Binary copying of data from MySQL db (host A) to MySQL Db (host B) is done with rsync
After migrating and trying to login on migrated mysql database on remotesystemadministration.net with mysql cli client:
remotesysadmin:~$ mysql -u root -p
I got following error:
ERROR 1045 (28000): Access denied for user 'root'@'remotesystemadministration.com' (using password: YES)
To fix the issue I had to login remotely from old migration server mysql (host A) cli:
mysql:~$ mysql -u root -p -h remotesystemadministration.com
and run SQL commands:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'remotesystemadministration.com' WITH GRANT OPTION;
GRANT USAGE ON *.* TO 'root'@'remotesystemadministration.com' IDENTIFIED BY 'secret-mysql-pass';
FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.03 sec)
Query OK, 0 rows affected (0.00 sec)
Query OK, 0 rows affected (0.00 sec)
Another way to solve the problem is to add the root user to be able to connect from any host (Enable MySQL root access from all host), to do so issue:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
Note: In newer version of MySQL, flush privileges could be omitted.
Another approach if you want to substitute access from localhost for all users and enable all users to be able to authenticate to mysql remotely is to execute SQL Query:
UPDATE USER SET host='%' WHERE host='localhost';
Allowing all users to be able to connect from anywhere on the internet is a very bad security practice anyways, if you already have a tight firewall setup and you can only access the server via specific remote IP addresses allowing MySQL access from all hosts / ips should be ok.
Tags: com, config, copying, ERROR, issue, Java, lib, localhost, migration, mysql database, mysql database server, net, remotesystemadministration, root, running, task, var
Posted in MySQL, Programming, System Administration | No Comments »
Wednesday, July 2nd, 2014
If you get a MySQL error like:
Host '' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
This most likely means your PHP / Java whatever programming language application connecting to MySQL is failing to authenticate with the application created (existing) or that the application is trying too many connections to MySQL in a rate where MySQL server can't serve all the requests.
Some common errors for Too many Connection errors are:
- Networking Problem
- Server itself could be down
- Authentication Problems
- Maximum Connection Errors allowed.
The value of the max_connection_errors system variable determines how many successive interrupted connection requests are permitted to myqsl server.
Well anyways if you get the:
Host '' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
You can consider this a sure sign application connections to MySQLis logging a lot of error connections, for some reason.
This error could also appear on very busy websites where high amount of separete connections are used – I've seen the error occur on PHP websites whether mysql_pconnect(); is selected in favour of the prooved working mysql_connect();
The first thing to do before changing / increasing default set of max connection errors is to check how many max connection errors are set within MySQL?
For that connect with MySQL CLI and issue:
mysql> SHOW VARIABLES LIKE '%error%';
+——————–+————————————————————-+
| Variable_name | Value |
+——————–+————————————————————-+
| error_count | 0 |
| log_error | /var/log/mysql//mysqld.log |
| max_connect_errors | 10000 |
| max_error_count | 64 |
| slave_skip_errors | OFF |
+——————–+————————————————————-+
A very useful mysql cli command in debugging max connection errors reached problem is
mysql> SHOW PROCESSLIST;
To solve the error, try to tune in /etc/my.cnf, /etc/mysql/my.cnf or wherever my.cnf is located:
[mysqld]
max_connect_errors variable
and
wait_timeout var. Some reasonable variable size would be:
max_connect_errors = 100000
wait_timeout = 60
If such (anyways) high values is still not high enough you can raise mysql config connection timeout
to
max_connect_errors = 100000000
Also if you want to try raise max_connect_errors var without making it permanenty (i.e. remember var setting after MySQL service restart), set it from MySQL cli with:
SET GLOBAL max_connect_errors
If you want to keep the set default max_connection_errors and fix it temporary, you can try to follow the error
Host '' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
suggestion and issue in root console:
mysqladmin flush-hosts
Same could also be done from MySQL Cli with cmd:
FLUSH HOSTS;
Tags: application, cnf, config, connection, connection timeout, default, fix, issue, lot, mysqladmin, programming language, reason, setting, size, suggestion, system
Posted in Everyday Life, MySQL, System Administration, Various | 3 Comments »
Wednesday, July 16th, 2014
On most if not all modern GNU / Linux distributions, Apache webserver comes preinstalled with mod_speling.
What mod_speling does is it tries to find and serve files and directories for non-existing (404 return code) urls with a similar name to passed URL. Other thing mod_speling does is it serves files case-insensitive, even though the UNIX / Linux filesystems are built to understand files case-sensitive.
mod_speling is a very useful module especially when files are being pushed (synchronized) to Apache visible from web document folder from operating systems like Windows whose filesystem doesn't store files case sensitive.
Let me give you a small example on M$ Windows a create file NewFile.html, NEWFILE.HTML, NeWfIlE.Html etc. are one and the same file newfile.html and not 3 different files like it is usually on UNIX / Linux filesystems.
If you happen to migrate old static Websites from Microsoft Internet Information Services (IIS) to UNIX / Linux based hosting. Often Html coders which create websites on Windows platform doesn't respect in website hyperlinks case-sensitive, because anyways Windows FS is case-insetive, thus moving the website to Linux host with Apache the website/s will end up with many 404 error pages, whose fixing for big static websites will be a real pain in the ass.
Also there might be need for mod_speling module enabled, for PHP / Python / Perl websites developed on MS Windows platform and tested on Windows host and then officially to be deployed on Linux.
Note that mod_speling name as a funny thing as actually the module is also converting mis-pelled / mis-typed Apache URLs:
If for example, someone tried to link to your website from a forum mistyping the URL address with mod_speling the mistyped URL could still be handled to open the real existing URL:
Lets say you have URL:
http://your-domain.com/files/what-Ever-fle.php
and the actual URL is:
http://your-domain.com/files/what-Ever-file.php
mod_speling will make Apache scan in /files/ for any files with similar name to what-Ever-fle.php and will open any similar matched file name, preventing you from the normal 404 error and therefore often serving exactly what it has to. Of course such a behavior could be unwanted in same cases for CMSes, which depend on 404 error code for proper operating, so be very sure when configuring mod_speling that this is exactly what you need.
mod_speling can be also useful sometimes for Search Engine Optimization – SEO, as it will show less 404 pages to Crawler search engine bots.
1. Enable mod_speling module on Debian GNU / Linux and Ubuntu
Enabling mod_speling in Apache in Debian / Ubuntu etc. debian based Linuxes is done with either creating symlink from /etc/apache2/mods-available/speling.load to /etc/apache2/mods-enabled/speling.load :
ln -sf /etc/apache2/mods-available/speling.load /etc/apache2/mods-enabled/speling.load
Or by using a2enmod – Debian apache module enabling script:
a2ensite sitename
To enable mod_speling mis-speling resolve feature config directive is:
CheckSpelling on
To disable case sensitivity – as I said earlier helpful for migrations from Microsoft Windows hosts to Linux, use directive:
CheckCaseOnly on
To enable both use:
<IfModule mod_speling.c>
CheckCaseOnly on
CheckSpelling on
</IfModule>
Enabling mod_speling case-insensitivity and fixing mistypes in URL could be done from .htaccess, for any <Directory> (vhost) with enabled .htaccess with
AllowOverride All
To enable it for default set host in new Apache install place it in /etc/apache2/apache2.conf and /etc/apache2/sites-enabled/000-default
Then as usual to make the configuration changes take affect, restart Apache:
/etc/init.d/apache2 restart
2. Enablig mod_speling on CentOS, RHEL and Fedora Linux
Most of RPM based Linux distributions have already mod_speling by default in Apache, so there will be no need to explicitly enable the module within HTTPD.
To check whether mod_speling is already enabled in httpd issue:
/usr/sbin/httpd -M |grep -i mod_speling
If you don't get no output from command this means the module is not enabled. This is the case with CentOS Linux 6.5 for example …
To enable mod_speling on Apache level add in /etc/httpd/conf/httpd.conf
LoadModule speling_module modules/mod_speling.so
and restart webserver
/etc/init.d/httpd restart
If you get instead
/usr/sbin/httpd -M |grep -i mod_speling
speling_module (shared)
Then it is already loaded in HTTPD to enable the module for default domain add to /etc/httpd/conf/httpd.conf – within (<Directory "/var/www/html">),
<IfModule mod_speling.c>
CheckCaseOnly on
CheckSpelling on
</IfModule>
Or if you want to make it active for specific directories within /var/www/html/whatever-dir use either new <Directory ..> directive within Apache config, or enable .htaccess processing with AllowOverride All and place them in .htaccess . For complete mod_speling reference check on Apache's official website
Tags: apache2, config, Debian Ubuntu, doesn, filesystem, fix, httpd, Make Apache, NEWFILE, Often Html, operating systems, pain in the ass, php, script, url, website, Windows
Posted in PHP, Web and CMS | No Comments »
Friday, October 5th, 2012 Debian GNU / Linux's Apache default behavior is to report Apache server name, version and Linux distribution version and codename.
This is shown as a minor security leak in many Security Scanner (audit) software like Nessus. It reveals a vital information which could help malicious attacker later to use exploit if the version number in question is vulnerable.
The quickest way to check, either Apache versioning and distro info is disabled is with telnet:
hipo@noah:~/Desktop$ telnet www.pc-freak.net 80
Trying 83.228.93.76…
Connected to www.pc-freak.net.
Escape character is '^]'.
HEAD / HTTP/1.0
Connection closed by foreign host.
hipo@noah:~/Desktop$ telnet www.pc-freak.net 80
Trying 83.228.93.76…
Connected to www.pc-freak.net.
Escape character is '^]'.
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Date: Fri, 05 Oct 2012 10:48:36 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze14
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Disabling this Distro version codename and version number reporting on Debian is done by changing in file /etc/apache2/conf.d/security directives:
ServerTokens OS
ServerSignature On
to
ServerSignature Off
ServerTokens ProductOnly
Here important note to make is if you try adding:
ServerSignature Off and ServerTokens Prod straight in Debian general config /etc/apache2/apache2.conf, but did not change the settings set for the vars through /etc/apache2/conf.d/security; settings from /etc/apache2/conf.d/security will overwrite ServerSignature / ServerTokens settings set in /etc/apache2/apache2.conf
I tried this myself (forgotting about /etc/apache2/conf.d/security) and adding both variables straight in apache2.conf. After Apache restart Apache version number and type of distribution continued be returned by the WebServer.
I thought something specific changed in Debian Squeeze – Apache/2.2.16 so this two variables are probably not working so I did a quick research online seing other people complaining also unable to disable Apache ver and Linux distro version and looking for a reason why. Well anyways if you happen to also ponder, why ServerSignature Off and ServerTokens ProductOnly does not take effect keep in mind it is due to overwritten settings via /etc/apache2/conf.d/security, changing the values there and restarting Apache and you're done 🙂
To make sure 100% Apache is no longer returning exact version number and host installed distro type, use telnet again:
hipo@noah:~/Desktop$ telnet www.pc-freak.net 80
Trying 83.228.93.76…
Connected to www.pc-freak.net.
Escape character is '^]'.
HEAD / HTTP/1.0
Connection closed by foreign host.
Tags: apache2, character, config, Desktop, hipo, host, How to, net, number, version
Posted in System Administration, Web and CMS | 1 Comment »
Monday, February 24th, 2014 I just learned about cool VIM option from a collegue:
:colorscheme evening
What it does it makes configurations in vim edit look brighter like you seen in below screenshots.
– Before :colorscheme evening vim command
– After :colorscheme evening
The option is really useful as often editing a config in vim on a random server is too dark and in order to read the config you have to strain your eyes in long term leading to eye damage.
Any other useful vim options, you use daily?
Tags: command, config, damage, editing, eye, look, option, order, read, server, tip, use, vim
Posted in Everyday Life, System Administration, Various | No Comments »
Friday, July 5th, 2013
I had some complains from Web Developers who constantly was working on a Testing Web Development server. That their opened PhpMyadmin in browser is often closing opened session (auto logging out) with an error:
No activity within 1440 seconds; please log in again
This message was driving crazy people, as often they code something in PHP and design a new table or something and refreshing in browser blocked their work flow process with this annoying error …
Thanksfully there is an easy fix to that, just raise the time limit via /etc/phpmyadmin/config.inc.php
First its necessary to enable cookies authentication (by default it is commented):
Line:
//$cfg['Servers'][$i]['auth_type'] = 'cookie';
should be:
$cfg['Servers'][$i]['auth_type'] = 'cookie';
PHPMyAdmin 1140 seconds (24 minutes) timeout behavior behavior is controlled through variable:
cfg['LoginCookieValidity']
Also it is necessary to increase timeout from server php.ini (in Debian and Ubuntu via /etc/php5/apache2/php.ini or in CentOS / RHEL / Fedora Linux by editting /etc/php.ini and changing 1h session expiry setting:
session.gc_maxlifetime = 3600
to
(60*60*8 = 28800 – 8 hrs)
session.gc_maxlifetime = 28800
By default cfg['LoginCookieValidity'] is omitted from config.inc.php so you have to insert it at end of file.
A reasonable timeout value is 8 hours. To change PhPMyadmin Login TimeOut to 8 hours:
$cfg['LoginCookieValidity'] = 60 * 60 * 8; // in seconds (8 hours)
If you want to make Timeout Expire almost never (and you don't care about security) set it to some extra high timeout like 1 year 🙂
$cfg['LoginCookieValidity'] = 3600 * 24 * 365; // 1 year
Tags: annoying error, authentication, config, crazy people, fedora linux, Linux, phpmyadmin, time limit, timeout value, web developers, web development server, work flow
Posted in Everyday Life, Various, Web and CMS | No Comments »