Posts Tagged ‘website’

Briefly unavailable for scheduled maintenance. Fix WordPress after interrupted upgrade

Thursday, March 2nd, 2017

briefly-unavaiable-for-a-scheduled-maintenance-wordpress-website-fix-howto_1

I've recenty tried Update my WordPress blog sites and being unattentive I've selected all the plugins possitble for Upgrade by checking the "Select All" check box on the Update dialogs and almost automatically int he hurry pressing Update button however out of a sudden I've realized I could screw up my websites brutally as some of the plugins to upgraded might be lacking 100% compitability with their prior versions.

I've made a messes out of my blog many times during upgrades because of choosing to upgrade the wrong not 100% compatible plugins and I know well how painful and hard to track it could be a misbehaving incompatible plugin or how ot could cause a severe sluggishness to blog which automatically reflects on how well the website search engine ranked in Google / Yahoo / Bing indexed etc.

Thus as an almost unconcsious reaction to prevent myself the future troubles I've tried to cancel the update request in Firefox browser and trying to reload the Update page with a hope that I might be quick enough for the Apache / WP / MySQLbackend Update Update queries request to be delaying for processing but I was too slow and bang! I ended up with the following unpleasent message in my browser:

briefly-unavaiable-for-a-scheduled-maintenance-wordpress-website-fix-howto
Briefly unavailable for scheduled maintenance.
 

As you could guess that message caused me quite a lot of worries at hand especially since I've already break up my sites many times by doing quick unmindful reactions and the fact that there is Google Adsense ads appearing which does give me some Return on Investment cents every now and then …

It took me few minutes of research online to find what really happened and how to fix / resolve the WebSites normal operations.
 


So what causes the Briefly unavailable for scheduled maintenance. appears ?

When WordPress does some of its integrated maintenance jobs a plugin enable / disable or any task that has to modify crucial configurations inside the database WordPress does disable access to all end clients to itself in order to protect its sensitive data to appear to browser requestors as showing some unexpected information to end client browser could be later used by crackers / hackers or a possibly open a security hole for an attacker.

The message is wordpress generated notice and it is pretty normal for the end user to see it during the WP site installation update depending on how many plugins are installed and loaded to the site and how long it will take for the backend Linux / Windows server to fetch the archived .zips of plugins and substitute with the new ones and update the files extracting them to wp-content/plugins and updating the respective required SQL database / tables it could be showing for end users from few secs to few minutes.

However under some circumstances on Browser request timeout to remote wordpress site due to a network connectivity issue or just a bad configuration of Apache for requests timeout (or a slow remote server Apache responce time due to server Hardware / Mem overload) or a stupid browser "Stop" / cancel request like in my case you end up with the Briefly unavailable for scheduled maintenance and you can can longer access the your https://siteurl.com/wp-admin Admin Panel.

The message is triggered by a WP craeted file .maintenance inside /var/www/blog-site/ e.g. WordPress PHP scripts does check for /var/www/blog-site/.maintenance
existence and if it is matched the WP scripts does generate the Briefly unavailble … message.


How to resolve the "Briefly unavailable for scheduled maintenance. Check back in a minute" WordPress error ?

As you might guess removing the maintenance "coming soon" like message in most of the cases comes to just deleting the .maintenance file, to do so:

1. Login to remote server via FTP or SFTP
2. Locate your WP website root folder that should be something like /var/www/blog-site/.maintenance and issue:
issue something like:
 

$ rm -rf /var/www/bog-site/.maintenance


Assuming that some plugin Update .zip extraction or SQL update query did not ended being half installed / executed that should solve the error.
To check whether all is back to normal just refresh your browser pointing to the "broken" site. If it appears well you can thank God for that 🙂
If not check the apache error logs and php error logs and see which of the php scripts is failing and then try to manually fetch and unzip the WP .zip package to wp-content/plugins folder and give it another try and if God bless so it will work as before 🙂

How to prevent your WP based business in future from such nasty errors using A Staging site (test) version of your blog ?

Just run a duplicate of your website under a separate folder on your hosting and do enable the same plugins as on the primary website and copy over the MySQL / PostgreSQL Database from your Live site to the Staging, then once it is enabled before doing any crucial WordPress version updates or Plugins Update always do try the Upgrade first on your Test Staging site. If it does execute fine there in most of the cases the result should be the same on the Production host and that could solve you effors and nerves of debugging a hard to get failure errors or faulty plugins without affecting what your End users see.

If you're not hosting the WordPress install under your own hosting like me you can always use some of the public available hostings like  BlueHost or WPEngine

 

Howto to Unlock Mtel locked Mobile Phone ZTE Blade 3 IMEI 866643012872768 to connect to Telenor and Vivacom mobile networks in Bulgaria

Friday, January 20th, 2017

howto-unlock-zte-from-mtel-encoded-to-work-with-telenor-mobile-imei-866643012872768

How to unlock Unlock Mtel locked Mobile Phone ZTE Blade 3 IMEI 866643012872768


Thanks to this little forum after a very thoroughful research on the topic howto unlock my ZTE Blade 3
in Russian Google.ru / United Stated Google.US and UK Google.Co.Uk I've figured out a number of ways recommended

I've lost some time watching also few videos illustrating howto unlock the phone for other non MTEL mobile operators with

some third party cracker software  which seemed like a good way to infect your PC with spyware for example
videos:
Direct Unlock ZTE BLADE 3 & ZTE RACER 3 – YouTube
Unlock ZTE Blade 3, Blade V & Blade Q Mini – YouTube

there are a number of ways and paid software that could do various non-conventional things like unlock the phone for example:
GB Key

gbstream-gbkey-fast-unlocker-zte-blackberry-huawei-apple-motorola-alcatel-lg-unlock

Here is description of GB Key

You can Call it UNLIMITED – Direct Unlocker, Code Calculator, Code Reader, is fast, easy to use, encrypted, more than 200 models supported and most of it is it's UNLIMITED use. Updates come on regular basis with addition to new models and features.

Supported Models

More than 500 supported models from mobile phones to modems and growing.

Currently supports around 260 MEPs & more than 9500 PRDs (and growing..) .

FREE & UNLIMITED: Huawei, Huawei Modem, BlackBerry, Alcatel MTK, Alcatel U7, Alcatel Modem, LG, Samsung Swift, Samsung 3G, ZTE Qcom-Android, ZTE MTK, and many many more..

There is also a number of services online that offer remote paid services to Unlock any smart phone remotely by paying with a card and providing the IMEI.
I guess this services either use Android Emulator with manually setting the respective IMEI of the phone and then uses some software (box) as they call it to generate the code using the respective algorithm. etc.

 

However as I didn't wanted to spend money on something on such non-sense I digged a little bit more and I found out that according to Bulgarian Legislation encoding a sold mobile phone by the mobile operator is already illegal and all mobile operators in Bulgaria (that used some kind of encoding software to prevent a bought phone from them to be used with another mobile operator should provide openly the mobile phone codes freely).

As MTEL had to fit the new wall they made a small online generator Database with Unlock codes for all prior sold mobiles encoded.

I've used the URL (using my website access previosuly freely registered on website in order to track and send free SMS-es in MTEL and check out my mobile phone money balance spent in inbound and inbound calls etc.)

https://www.mtel.bg/unlock-phone

and found out my mobile ZTE according to the imey:

5803701350365278 ZTE Blade III Поставете карта на друг оператор в телефона и директно ще Ви бъде изискан отключващият код.

Just switched on my ZTE Blade 3 phone and inserted the code and got a message it is wrong but immediately I phone able to connect to Telenor (the ex Globul Mobile operator ) Mobile network Voila! 🙂 Hope this helps small article helps someone else too. Enjoy !

I

wordpress & awstats

Wednesday, July 29th, 2009

awstats-logo and wordpress awstats

I'm planning to bring up a website for remote system administration for quite some time 'till now.A couple of days before I've installed wordpress and used the monochrome theme in combination with a couple of plugins.I've used the WordPress, "Contact Form 7" plugin. I struggled around for a day before I realize the way it's beeingembeded into the Page post. Amri (Marto) a friend of mine helped me up with the whole deal, it came to be as simple assimply adding [contact-form 1 "My feedback" to one of the pages I've created in wordpress. There were a bunch of things on my newlycreated wordpress blog that looked more like a blog than a page which was not my initial goal and therefore I had to remove some chunksof code from some of the php files that came with the monochrome theme. I've partially used a guide called
"How to create Websites using WordPress" which probably would be of an interest to you if you're trying to make wordpress look more like a website than a blog, check it out here . Amri suggested few plugins that would add up to my current wordpress installation.
This are:
Cyr2Lat Slugs
Google XML Sitemaps Generates sitemap.xml. Gives an option to setup Google WebMaster Tools and in that manner of thoughts ads up for faster indexing of the blog
All In One SEO pack – SEO instrument that optimizes your wordpress
Belavir – Tracks the changes in files in wordpress.
In my case I couldn't make the Google XML Sitemap work correctly. Probably because I've removed bits of php code from some main php pages.Anyways I was able to make my wordpress look like a normal website and in general it might be said that it looks quite decent now if I have to compare it with my previous websites I've built like let's say my home page www.pc-freak.net . I've plans to deliver remote system administration services to the masses via my Yet Another Cheap System Administration Services.
I've also installed awstats on the pcfreak box currently running on
a nice foxy IBM machine. To properly install and run the Awstats I've used fractions from the article Install Awstats on FreeBSD . What was different in my case was:
1. I had to cd /usr/ports/www/awstats/work/awstats-6.9/tools/; run ./awstats_configure.pl. Answer a couple of questions. I've initially installed awstats configurations to /etc/awstats after which I've moved it to /usr/local/etc/awstats .
2. I had to create /var/lib/awstats where awstats stores it's database files: mkdir /var/lib/awstats
3. I had to link awstats to the location where my cgi-bin dir was set up by httpd.conf: ln -sf /usr/local/www/awstats/cgi-bin/ /usr/local/www/cgi-bin/awstats
4. I had to create a link to make the awstats icons visualize: ln -sf /usr/local/www/awstats/icons /usr/local/www/data/awstatsicons
5. I had to edit my conf file and align it with my desires, most important to note is the requirement to change the location to my Apache log file in my case that was /var/log/httpd-access.log: Change LogFile value in /usr/local/etc/awstats/awstats.www.pc-freak.net.conf I've changed it to LogFile="/var/log/httpd-access.log"
6. Next I had to execute the following to generate statistics for my domain www.pc-freak.net: /usr/local/www/awstats/cgi-bin/awstats.pl -update -config=www.pc-freak.net
7. Edit the root user crontab (crontab -u root -e) and paste the following : 01 0 * * * /usr/local/www/awstats/cgi-bin/awstats.pl -update -config=www.pc-freak.net 2>&1 >/dev/null8. Change the default Directory settings for /usr/local/www/cgi-bin. Had to changed them to the following AllowOverride FileInfo AuthConfig Limit Indexes Options FollowSymLinks ExecCGI Order allow,deny Allow from all
9. After that I've protected my awstats with a pass putting /usr/local/awstats/cgi-bin/.htaccess file containing the followingAuthType BasicAuthName "Restricted Access"AuthUserFile /usr/local/etc/apache2/myawstats.passwdRequire user admin
10. And last but not least, had to create the myawstats.passwd with the following command: htpasswd -c /usr/local/etc/apache2/myawstats.passwd admin

Right after I happily accessed my newly installed awstats via my domain https://www.pc-freak.net//cgi-bin/awstats/awstats.pl END—–

Change website .JS .PHP Python Perl CSS etc. file permissions recursively for Better Tightened Security on Linux Webhosting Servers

Friday, October 30th, 2015

change-permissions-recursively-on-linux-to-protect-website-against-security-breaches-hacks

It is a common security (breach) mistake that developers or a web design studio make with dedicated or shared hosted websites do to forget to set a nice restrictive file permissions.

This is so because most people (and especially nowdays) developers are not a security freaks and the important think for a programmer is to make the result running in shortest time without much caring on how secure that is.
Permissions issues are common among sites written in PHP / Perl / Python with some CSS and Javascript, but my observations are that JavaScript websites especially that are using some frameworks such as Zend / Smarty etc. and are using JQuery are the most susceptible to suffer from permission security holes such as the classic 777 file permissions, because of developers who’re overworking and pushed up for a deadlines to include new functionality on websites and thus often publish their experimental code on a Production systems without a serious testing by directly uploading the experimental code via FTP / WinSCP on Production system.

Such scenarios are very common for small and middle sized companies websites as well as many of the hobbyist developers websites running on ready CMS system platforms such as Joomla and WordPress.
I know pretty well from experience this is so. Often a lot of the servers where websites are hosted are just share-servers without a dedicated sysadmin and thus there are no routine security audits made on the server and the security permissions issue might lead to a serious website compromise by a cracker and make your website quickly be banned from Google / Yahoo / Ask Jeeves / Yandex and virtually most of Search Engines because of being marked as a spammer or hacked webiste inside some of the multiple website blacklists available nowdays.

Thus it is always a good idea to keep your server files (especially if you’re sysadmin) with restrictive permissions by making the files be owned by superuser (root) in order to prevent some XSS or vulnerable PHP / Python / Perl script to allow you to easily (inject) and overwrite code on your website.

1. Checking whether you have a all users read, write, executable permissions with find command

The first thing to do on your server to assure you don’t have a low security permissioend files is:

find /home/user/website -type f -perm 777 -print

You will get some file as an output like:

./www/tpl/images/js/ajax-dynamic-list/js/ajax-dynamic-list.js
./www/tpl/images/js/ajax-dynamic-list/js/ajax_admin.js
./www/tpl/images/js/ajax-dynamic-list/js/ajax_teams.js
./www/tpl/images/js/ajax-dynamic-list/js/ajax.js
./www/tpl/images/js/ajax-dynamic-list/js/ajax-dynamic-list_admin.js
./www/tpl/images/js/ajax-dynamic-list/lgpl.txt

2. Change permissions recursively to read, write and exec for root and read for everybody and set all files to be owned by (root) superuser

Then to fix the messy permissions files a common recommended permissions is 744 (e.g. Read / Write and Execute permissions for everyone and only read permissions for All Users and All groups).
Lets say you want to make files permissions to 744 just for all JavaScript (JQuery) files for a website, here is how:

find . -iname ‘*.js’ -type f -print -exec chown root:root ‘{}’ \;
find . -iname ‘*.js’ -type f -print -exec chmod 744 ‘{}’ \;

First find makes all Javascript files be owned by root user / group and second one sets all files permissions to 744.

To make 744 all files on server (including JPEG / PNG Pictures) etc.:

find . -iname /home/users/website -type f -print -exec chown root:root ‘{}’ \;
find . -iname /home/users/website -type f -print -exec chmod 744 ‘{}’ \;

Adding another level of security to your shared Debian Linux webhosting server with SuPHP

Tuesday, April 7th, 2015

suphp_improve-apache-security-protect-against-virus-internal-server-infections-suphp-webserver-logo

There are plenty of security schemes and strategies you can implement if you're a Shared Web Hosting company sysadmin however probably the most vital one is to install on Apache + PHP Webserver SuPHP module.

# apt-cache show suphp-common|grep -i descrip -A 4

Description: Common files for mod suphp Suphp consists of an Apache module (mod_suphp for either Apache 1.3.x or Apache 2.x) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter to the owner of the php script.

So what SuPHP actuall  does is to run separate CPanel / Kloxo etc. Users with separate username and groupid permissions coinciding with the user present in /etc/passwd , /etc/shadow files existing users, thus in case if someone hacks some of the many customer sites he would be able to only write files and directories under the user with which the security breach occured.

On servers where SuPHP is not installed, all  systemusers are using the same UserID / GuID to run PHP executable scripts under separate domains Virtualhost which are coinciding with Apache (on Debian / Ubuntu  uid, gid – www-data) or on (CentOS / RHEL / Fedora etc. – user apache) so once one site is defaced  exploited by a worm all or most server websites might end up infected with a Web Virus / Worm which will be trying to exploit even more sites of a type running silently in the background.  This is very common scenarios as currently there are donezs of PHP / CSS / Javasripts / XSS vulnerability exploited on VPS and Shared hosting servers due to failure of a customer to update his own CMS  scripts / Website  (Joomla, Wordpress, Drupal etc.) and the lack of resource to regularly monitor all customer activities / websites.

Therefore installing SuPHP Apache module is essential one to install on new serverslarge hosting providers as it saves the admin a lot of headache from spreading malware across all hosted servers sites ..
Some VPS admins that are security freaks tend to also install SuPHP module together with many chrooted Apache / LiteSpeed / Nginx webservers each of which running in a separate Jailed environment.

Of course using SuPHP besides giving a improved security layer to the webserver has its downsides such as increased load for the server and making Apache PHP scripts being interpretted a little bit slower than with plain Apache + PHP but performance difference while running a site on top of SuPHP is often not so drastic so you can live it up ..

Installing SuPHP on a Debian / Ubuntu servers is a piece of cake, just run the as root superuser, usual:
 

# apt-get install libapache2-mod-suphp


Once installed only thing to make is to turn off default installed Apache PHP module (without SuPHP compiled support and restart Apache webserver):
 

# a2dismod php5 …

# /etc/init.d/apache2 restart


To test the SuPHP is properly working on the Apache Webserver go into some of many hosted server websites DocumentRoot

And create new file called test_suphp.php with below content:

# vim test_suphp.php
<?php
system('id');
?>

Then open in browser http://whatever-website/test_suphp.php assuming that system(); function is not disabled for security reasons in php.ini you should get an User ID, GroupID bigger than reserved system IDs on GNU / Linux e.g. ID > UID / GID 99

Its also a good idea to take a look into SuPHP configuration file /etc/suphp/suphp.conf and tailor options according to your liking 

If different hosted client users home directories are into /home directory, set in suphp.conf

;Path all scripts have to be in

docroot=/home/


Also usually it is a good idea to set 

umask=0022 

Some of the most important Symbols for Orthodox Christians in The Eastern Orthodox Church – Symbols in the Eastern Orthodox Christian Faith (Eastern Orthodox Symbolism) and Christian Symbolism in the Roman Catholic Church (Symbolism in Western Catholicism)

Tuesday, April 13th, 2010

Some-of-the-most-important-symbols-for-orthodox-christiains-in-the-eastern-orthodox-church-symbols-in-eastern-orthodox-faith.

Yesterday, while browsing randomly I came across an interesting Roman Catholic webpage.
The website is created by Catholics with the idea to better explain the Catholic religion and Symbolism.
Though as an Orthodox Christian, my interest towards Roman Catholicism is only scientific, it's really interesting to see the common symbolism surrounding Roman Catholicism and compare with the Orthodox Christian symbolism. Many of the Roman Catholic Symbols are equal symbol with the one we nowadays used in the orthodox church.
I presume this common symbolism between Orthodox and Roman Catholic church,has stayed the same from the time before Roman Catholics split from the Only Holy Apostolic Church  to become the Church of the West Roman Empire, that's how the naming Roman Catholic came forward.

To find out more about Roman Catholic symbolism please see the following links I've mirrored the information from Fisheater's website which is btw is a great website targeting Roman Catholic layman. Everything on the website is explained in a simple everyday language without too much terminology which makes it a great resource for Roman Catholic Christians and people like me who who like to take a look in Roman Catholicism.

It's really a strange and intriguing fact let's call it a "co-incidence" that the inverted cross (upside-down) cross,also called "Peter's cross" on which saint Peter was crucified is also a symbol of Papacy .
It's a popular fact that nowadays Satanist use a similar inverted cross to the one said to be symbol of papacy for their "Black Masses" (Satanic Masses). Maybe some Roman Catholic priest or Cardinal has to explain, how comes that the Roman Catholics ended with such a significant symbol used nowdays in anti-christian satanic religion to be also a symbol of their beloved Pope??

I will skip forward to the heart of this article, which is to explain the Christian Symbolism which is important for us the Eastern Orthodox Christians. Many of the symbols might have in common, also with other Christian early Churches like the Coptic Oriental Orthodox Church, the Armenian Apostolic Orthodox Churches and other Chruches which somehow are closer to the One Holy and Apostolic Church – the Orthodox Church but officially are not in communion with us the Orthodox Christians.

Here I'll share only the most notable Christian Symbolism which is also used in the Eastern Orthodox Church.

Many of this symbolism was always bothering me while in Churches or Monasteries and was always pushing me to more and more questions without answers, thus I finally did some research on this symbols in get a better understanding on my Orthodox Christian faith.

Since I don't have a Theologian education and many of us the ordinary layman's in the church doesn't have such education I hope this orthodox Christian symbolism shared here and it's meanings will be of interest and will help you fortify your good faith in God and our Orthodox Christian faith.

Lamb of God Christian Symbol
Lamb

Lamb: symbol of Christ as the Paschal Lamb and also a symbol for Christians (as Christ is our Shepherd and Peter was told to feed His sheep).

This symbol is also presented in Bulgaria on the little yellow book they sell in our Bulgarian Orthodox Churches.
This tiny book contains the Divine Liturgy compiled by God's inspiration by st. John Chrysostom
If you're coming from an Catholic Background and you hold interest for Orthodox Christianity, as historically East Orthodox Christianity Symbol of Faith as well as basic doctrines were kept untouched, you might consider reading online here The Divine Liturgy by St. John Chrysostom
It's really important to say that the Divine Liturgy by St. John Chrysostom is the "backbone" of the church life, since it's the main and most served Liturgy in the eastern Orthodox Churches around the world.

Dove and Russian Patriarch
Dove: symbol of the The Holy Spirit and used especially in representations of our Lord's Baptism and the Pentecost. It is also used to recall Noe's dove, a harbinger of hope.

Chirchoao, Chi-Rho Sigla
"Chi-Rho" or "sigla": the letters "X" and "P," representing the first letters of the title "Christos," were eventually put together to form this symbol for Christ ("Chi" is pronounced "Kie"). It is this form of the Cross that the Emperor of Byzantia Constantine saw in his vision along with the Greek words, TOUTO NIKA, and which mean "in this sign thou shalt conquer.

Orthodox Tau Cross
"thau" or "tau": the T-shaped cross is mentioned in the Old Testament and is seen as a foreshadowing of the Cross of Christ.
Ezechiel 9:4:
"And the Lord said to him: Go through the midst of the city, through the midst of Jerusalem: and mark Thau upon the foreheads of the men that sigh, and
mourn for all the abominations that are committed in the midst thereof."
I've noticed that the tau_cross is often worn by Orthodox Monks as "a badge" on their clothes somewhere in the right of their chest

Greek Orthodox Cross
The Greek Orthodox Cross This symbol is one of the earliest Christian symbols which emerged right after Christ's resurrection.
The Greek Cross has all fours members the same shape and form (crux quadrata) and usually suggests the Christian church rather than a symbol of Christ's suffering.

Jerusalem Cross
Jerusalem Cross: also called the "Crusaders' Cross," it is made up of 5 Greek Crosses which are said to symbolize a) the 5 Wounds of Christ; and/or b) the 4 Gospels and the 4 corners of the earth (the 4 smaller crosses) and Christ Himself (the large Cross). This Cross was a common symbol used during the wars against Islamic aggression. (see less stylized version at right)

Baptismal Cross
Baptismal Cross: consisting of the Greek Cross with the Greek letter "X", the first initial of the title "Christ," this Cross is a symbol of regeneration, hence, its association with Baptism. Usually the Orthodox priest dress is decorated with a sign like this.

Red Orthodox Egg
The Scarlet red Egg:
Church tradition has it that St. Mary Magdalen went to Rome and met with the Emperor Tiberius to tell him about the Resurrection of Jesus. She held out an egg to him as a symbol of this, and he scoffed, saying that a man could no more rise from the dead than that egg that she held could turn scarlet. The egg turned deep red in her hands, and this is the origin of Easter eggs, and the reason why Mary Magdalen is often portrayed holding a scarlet egg.

Ichthus an early Christian Symbol
Ichtus (Ichthys) – The Fish:
Fish: the fish — ever-watchful with its unblinking eyes — was one of the most important symbols of Christ to the early Christians. In Greek, the phrase, "Jesus Christ, Son of God Savior," is "Iesous Christos Theou Yios Soter." The first letters of each of these Greek words, when put together, spell "ichthys," the Greek word for "fish" (ICQUS ). This symbol can be seen in the Sacraments Chapel of the Catacombs of St. Callistus. Because of the story of the miracle of the loaves and fishes, the fish symbolized, too, the Eucharist (see stylized fish symbol at right). Important note to make, here is that nowdays this sign's variations is not too often to be seen in Orthodox Churches. It's highly adopted by protestant Christians, seeing this sign on somebody's car or inside his home is a sure sign that probably he adhere's to Christian teachings different from orthodoxy.

Alpha Omega orthodox symbol
The Alpha-Omega symbol
Alpha, the first letter of the Greek alphabet, and Omega, the last letter of the Greek alphabet, became a symbol for Christ due to His being called "the First and the Last." The roots of symbolizing these attributes of God go back further, all the way to the Old Testament where, in Exodus 34:6, God is said to be "full of Goodness and Truth." The Hebrew spelling of the word "Truth" consists of the 3 letters "Aleph," "Mem," and "Thaw" — and because "Aleph" and "Thaw" are the first and last letters of the Hebrew alphabet, the ancients saw mystical relevance in God's being referred to as "Truth." At any rate, the Greek Alpha and Omega as a symbol for Christ has been found in the Catacombs, Christian signet rings, post-Constantine coins, and the frescoes and mosaics of ancient churches.

IC XC Nika Orthodox Symbol
The "IC XC Nika":
comes from Ancient Greek and was a widespread ancient Christian Symbol which is nowadays still present in the Eastern Orthodox Churches. IC XC Nika literally translated to english means "IC XC = Jesus Christ, NIKA = Glory to". In other words translated to modern english IC XC NIKA means Glory be to Jesus Christ!

Many Protestant Christians, nowdays falsely believe and claims this fish Christian symbol preceded the Crucifix as a symbol of veneration of Jesus and his Cross sufferings in the Church. This kind of belief is a falsely spread along many Protestant or "Evangelical" Christian denominations and Methodists. to be seen in many ancient Christian Church buildings is a Christian symbol. Today, some ancient Orthodox Churches still contain the "Christian fish" symbol. The reason why this symbol was used by early Christians is as a remembrance of the great miracle of Jesus to feed 5000 with 2 fishes and seven breads.

Holy Eucharist Cup, Bread and Wine

The Holy Eucharist vessels used by Orthodox Priests This is the cup of salvation as also called during the Divine Liturgy each time, the Wine and the Blood that the priest prepares in that Holy Cup is transformed by The Holy Spirit into a veracious flesh and blood of our Lord Jesus Christ.

Orthodox Byzantine Coat of Arms
The byzantine coat of arms
is an ancient Christian symbol used in the early Byzantine Church, nowadays it can be observed only in the Orthodox Churches.
It symbolizes the power of the Byzantian empire under the guidance of the the Holy Lord and the Gospel Truths.

Orthodox Bishop Crown
The Orthodox Bishop Crown is only worn by Bishops in the Orthodox Church. This crown indicates the Bishop's Church and spiritual (rank) and dignity.

Byzantine Orthodox Cross
Byzantine Orthodox or Russian Orthodox Cross
Is used most often by Eastern Catholics and Russian Orthodox, this Cross is the Byzantine Cross with the footrest at a diagonal. This slant is said to represent one of a few things:
– the footrest wrenched loose from the Christ's writhing in intense physical suffering; lower side representing "down," the fate of sinners, while the elevated side represents Heaven;
– the lower side represents the bad thief (known to us as Gestas through the apocryphal "Acts of Pilate" ("Gospel of Nicodemus") while the elevated side to Christ's right represents the thief who would be with Him in Paradise (St. Dismas);
– the "X" shape of the slanted "footrest" against the post symbolizes the cross on which St. Andrew was crucified.

Megaloschema a dress of a schimonk
The Megaloschema is a dress worn by schimonks. This monk rank is actually the highest possible rank an orthodox Christian monk can achieve. The symbolism on the dress is a brief form of:

  • IC XC (IECOYC XPICTOC) "Jesus Christ"
  • IC XC NIKA ("IECOYC XPICTOC NIKA") meaning: "Jesus Christ is Victorious"

The letters below IC XC Nika has a meaning – The Light of Christ shines on all.

  • XX. X.X letters. – means "Christ bestows grace on Christians"
  • The 4 Thitha (called) signs are a symbol for: Vision of God Divine wonder

Then the

  • T. K. P. G – Means "The Place of the Skull becomes Paradise"
  • The text placed in the lowest translated to English is "AdamThe First Man" and also is a symbol for the Place of the Skull (Golgotha).
  • In the Orthodox Church and the Church fathers teaches us that Golgotha or the Place of the Skull is the Place where the first man (Adam) was buried, and by God's divine providence coincides with the place where our Saviour Jesus Christ was crucified.

Orthodox Bishop Dress
Orthodox Priest dress / robe
This dress is only worn by Orthodox Christian Bishops.

Bulgarian Orthodox cross with 4 lights
The Cross with four lights emitating near the center of the cross This cross is actually used in more modern times as a Christian Orthodox symbol, The four lights coming out of the cross are added,
as the gospels speak that Christ is the Sun of righteousness
I've had quite a long time trying to figure out why exactly this cross is made with this 4 lights. It was a real joy when one time a priesttold me the meaning.
It's interesting fact that most of the Roman Catholic's crosses nowdays have the four lights radiating from Christ's Crucifix or the Cross symbolizing the Crucifix.

This is all I will say for symbolism for now. I hope this Christian symbolism will shed some light on the matters of Symbolism in both the Orthodox and the Catholoic eastern Church. I'll be glad if somebody out there more literate on the subject comment on my post and correct me if I'm wrong with smething.

How to remove the meta generator Content (Joomla! – Copyright) in Joomla 1.5

Thursday, December 30th, 2010

Joomla-remove-meta-generator-content-to-hide-joomla-site-install
Do you wonder How to change <meta name="Generator" content="Joomla! – Copyright (C) 2005 – 2007 Open Source Matters. All rights reserved." /> in Joomla 1.5

If yes, Here is how I've just found to remove the:

 

in my Joomla installation.

I need to remove that as a part of making my website not to leak out that it runs on top of Joomla.

So here is how:

1. Go to your Joomla website main root directory
2. Edit /libraries/joomla/document/html/renderer/head.php
Look for line: 83 in the /libraries/joomla/document/html/renderer/head.php
There you will notice the code:

$strHtml .= $tab.'<meta name="generator" content="'.$document->getGenerator().'" />'.$lnEnd;

In order to remove the <meta name="generator" content="Joomla …." /> change the above code to something like:

$strHtml .= $tab.'<meta name="generator" content="My Custom Web site Generator name" />'.$lnEnd;

That's all now next time you refresh your website the content="Joomla! – Copyright (C) 2005 – 2009 Open Source Matters. All rights reserved." will be no more.
Cheers! 🙂

Tightening PHP Security on Apache 2.2 with ModSecurity2 on Debian Lenny Linux

Monday, April 26th, 2010

Tightening-PHP-Security-on-Apache-2.2-2.4-with-Apache-ModSecurity2
In this article you'll learn how I easily installed and configured the ModSecurity 2 on a Debian Lenny system.
First let me give you a few introductionary words to modsecurity, what is it and why it's a good idea to install and use it on your Apache Webserver.

ModSecurity is an Apache module that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.

As you can see from ModSecurity’s description it’s a priceless module add on to Apache that is able to protect your PHP Applications and Apache server from a huge number of hacker attacks undertook against your Online Web Application or Webserver.
The only thing I don’t like about this module is that it is actually a 3rd party module (e.g. not officially part of Apache). Some time ago I remember there was even an exploit for one of the versions of the module.
So in some cases the ModSecurity could also pose a security risk, so beware!
However if you know what you'rre doing and you keep a regular track of security news on some major security websites, that shouldn’t be a concern for you.
Now let'ss proceed to the install of the ModSecurity module itself.
The install is a piece of cake on Debian though you'll be required to use the Debian Lenny backports

Here is the install of the module step by step:

1. First add the gpg key of the backports repository to your install

debian-server:~# gpg --keyserver pgp.mit.edu --recv-keys C514AF8E4BA401C3
# another possible way to add the repository as the website describes is through the command
debian-server:~# wget -O - http://backports.org/debian/archive.key | apt-key add -

2. Install the libapache-mod-security package from the backports Debian Lenny repository

debian-server~:~# apt-get -t lenny-backports install libapache2-mod-security2

Now as a last step of the install ModSeccurity install procedure you have to add some configuration directives to Apache and restart the server afterwards.

– Open your /etc/apache2/apache2.conf and place in it the following configurations


<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off

# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off

# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 0

# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log

# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072

# Store up to 128 KB in memory SecRequestBodyInMemoryLimit 131072
# Buffer response bodies of up to # 512 KB in length SecResponseBodyLimit 524288
</IfModule>

The ModSecurity2 module would be properly installed and configured as an Apache module.
3.All left is to restart Apache in order the new module and configurations to take effect.

debian-server:~# /etc/init.d/apache restart

Don’t forget to check the apache conf file for errors before restarting the Apache with the above command for that to happen issue the command:
debian-server:~# apache2ctl -t

If all is fine you should get as an output:

Syntax OK

4. Next to find out if the Apache ModSecurity2 module is enabled and already used by Apache as a mean of protection you,
you might want to check if the log files modsec_audit.log and modsec_debug.log files has grown and doesfeed a new content.
If they’re growing and you see messages concerning the operation of the ModSecurity2 Apache module that’s a sure sign all is fine.
5. As we have the Mod Security Apache module configured on our Debian Server, now we will need to apply some ModSecurity Core Rules .
In short ModSecurity Core Rules are some critical protection rules against attacks across almost every web architecture.
Another really neat thing about Core Rules (CRS) for ModSecurity is that they are written with a performance in mind.
So enabling this filter rules won’t be a too heavy load for your Apache server.

Here is how to install the core rules:

6. Download latest ModSecurity Code Rules

Download them from the following Code Rule url
At the time of writting this article the latest code rules are version modsecurity-crs_2.0.6.tar.gz

To download and install this rules issue some commands like:

debian-server:~# wget http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/modsecurity-crs_2.0.6.tar.gz/download
debian-server:~# cp -rpf ~/modsecurity-crs_2.0.6.tar.gz /etc/apache2/
debian-server:~# cd /etc/apache2/; tar -zxvvf modsecurity-crs_2.0.6.tar.gz

Besides physically storing the unarchived modsecirity-crs in your /etc/apache2 it’s also necessery to add to your Apache Ifmodule mod_security.c block of code the following two lines:

Include /etc/apache2/modsecurity-crs_2.0.6/*.conf
Include /etc/apache2/modsecurity-crs_2.0.6/base_rules/*.conf

Thus ultimately the configuration concerning ModSecurity in your Apache Server configuration should look like the following:

<IfModule mod_security2.c>
# Basic configuration options
SecRuleEngine On
SecRequestBodyAccess On
SecResponseBodyAccess Off

# Handling of file uploads
# TODO Choose a folder private to Apache.
# SecUploadDir /opt/apache-frontend/tmp/
SecUploadKeepFiles Off

# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 0

# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log

# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072

# Store up to 128 KB in memory
SecRequestBodyInMemoryLimit 131072
SecRequestBodyInMemoryLimit 131072

# Buffer response bodies of up to
# 512 KB in length
SecResponseBodyLimit 524288
Include /etc/apache2/modsecurity-crs_2.0.6/*.conf
Include /etc/apache2/modsecurity-crs_2.0.6/base_rules/*.conf
</Ifmodule>

Once again you have to check if everything is fine with Apache configurations with:

debian-server:~# apache2ctl -t

If it’s showing once again an OK status. Then you’re ready to restart the Webserver.
debian-server:~# /etc/init.d/apache2 restart

One example goodness of setting up the ModSecurity + the Core rule sets are that after the above described installationis fully functional.

ModSecurity will be able to track if somebody tries to execute PHP Shell on your server .
ModSecurity will catch, log and block (forbid) requests to r99.txt, r59, safe0ver and possibly other hacked modifications of the php shell script

That’s it! Now Enjoy your tightened Apache Security and Hopefully catch the script kiddie trying to h4x0r yoU 🙂

A short but awesome song

Monday, August 3rd, 2009

Some time ago I’ve stumbled upon a rocking song by a demoscene artist named with the loud and a bit funny name NINJA! 🙂 Anyways you can download the song here Industrial Bushido . By the way the guy has plenty of awesome music. All this is stored on the great modarchive website be sure to visit it! I guarantee you’ll never sorry that.END—–

Prism on Linux a way to turn any Web site location into a Desktop application

Wednesday, September 23rd, 2009

I was googling for some cool features to enrich my Google desktop while I found an applicaiton whichis said to be helpful.
It’s called Prism and is a Mozilla Lab experiment project. Actually it’s nothing special.
It creates a simple window in which it can visualize a website making it look exactly like your desktopapplications.
It has a couple of possiblities like creating a desktop icon for your website, enablesome kind of navigation keys, show status messages on what’s happening on the desktop embeded application andshow navigation bars.
The project is said to be a revolutionary next step towards integrating the webwith your desktop
. You can check out Prism’s website further on On mozilla’s prism website . It might be interesting for you to check out Prism in action before you might go for a try on Youtube here .
Prism is both available via Firefox extension or a desktop application both of which provides you with the describedabove prism functionality. As a Debian user you might wonder if prism is available as a debian package, well there is one
, even though it’s not a release part of the offician debian package distribution. If you’d like to test prismvia it’s debian package use the following prism deb package
,anyways the downside of using the 0.9 debian package is that you won’t be running prism’s latest release.
If you’d like to be running the latest prism version please download it from mozilla’s website.
Well enough talk let me tell you my personal view on Prism. It’s a COMPLETE BULLSHIT! 🙂 I don’t see how any geek wouldhave benefit of the app neither, how does it bridge in the web with the desktop.
It’s simply a crap that could takeof your daily lifetime to install and review 🙂
END—–