Updates from October, 2011 Toggle Comment Threads | Keyboard Shortcuts

  • richieri 11:28 on 26/10/2011 Permalink | Reply
    Tags: 10.04 lts, apache2-mpm-itk, hosting, openpanel, ubuntu server, virtual hosts   

    A small Web Hosting with OpenPanel + Ubuntu Server 10.04 LTS + some tricks 

    Hi,

    I’m trying Openpanel, a great new opensource tool that helps developers make a complex server tasks with some mouse clicks.

    http://www.openpanel.com/

    You can create domains, mail accounts, DNS and other stuff in a “Panel” way. You can create user accounts and allow them to create their own domains, emails and vhosts.

    I’m trying it on linode

    http://www.linode.com

    With Ubuntu Server 10.04 LTS (You can deploy this image from linode dashboard. You have a virtual machine running after 5 min max)

    After a successful OpenPanel install, I need to make my users vhosts run as Apache process of their own user. This way, their php and other apps could write under their directories and make some personal stuff, as also it gets better to my administration tasks.

    Unfortunately, this feature is not yet implemented (but it’s on the roadmap), so I need to create the followin “hack”:

    • Install a new MPM apache module:
      sudo apt-get install apache2-mpm-itk
    • Write a script that’s create the directives which makes every vhost runs under it’s owner account and put ir under crontab to run every 10 minutes
      sudo pico /opt/apacheexec.sh
      Put the following content on it:
    #!/bin/bash
for sites in /home/*/sites/*
do
    user=`echo "${sites}"|cut -d'/' -f 3`
    site=`echo "${sites}"|cut -d'/' -f 5`
    arquivo=`echo "/etc/apache2/openpanel.d/${site}.inc/mpmitkUser"`
    if [ -f $arquivo ]; then
        true
    else
        echo "<IfModule mpm_itk_module>" > $arquivo
        echo "AssignUserId ${user} ${user}" >> $arquivo
        echo "</IfModule>" >> $arquivo
        exec `/usr/sbin/apache2ctl graceful`
    fi
done
    • Then, make it executable
      chmod a+x /opt/apacheexec.sh
    • Finally, put it to run on crontab
      sudo crontab -e -u root
    • Write it:
      */10 * * * * /opt/apacheexec.sh

    And we are done!

     

    • Reinaldo Silva 10:00 on 09/11/2011 Permalink | Reply

      Ronaldo, bom dia.

      Temos um OTRS instalado que usamos para chamados e ITSM changes, estamos precisando de alguas personalizacoes no sistema, voce faz consultoria ? Estamos em Alphaville-SP

      Att

      Reinaldo

      • richieri 9:37 on 02/12/2011 Permalink | Reply

        Reinaldo! Desculpe pela demora em te responder!

        O meu de notificação do teu comentário no meu blog ficou no spam. Só vi hoje!

        Se precisar ainda, faço modificações sim! Hoje inclusive estou em um cliente em Porto Alegre fazendo isso.

        Mas moro aí do ladinho de Alphaville, em Sorocaba.

        Se ainda precisarem de ajuda, podem entrar em contato comigo, ainda hoje. Meus telefones estão abaixo.

        Abraço!

  • richieri 21:25 on 01/09/2011 Permalink | Reply
    Tags: antivirus, badware, cleaning, malware, virus, , wordpress-counter   

    Removing virus (badware) from WordPress e protecting your blog 

    Note: I’m not responsible for damage to your installation. Use these tips at your own risk:)

    These days I have two wordpress sites infected with malware! I suffered a bit to clean the site and decided to share the tips here that I was joining the road.

    Basically, viruses create a “backdoor” taking advantage of some security flaw or bug in your installation. With this backdoor created, the virus has direct access to your site even after the bug fix or upgrade the system. It is like as if the virus had established an ssh account on your server and could perform almost any command in there.

    In one case, the bug that allowed the installation of the virus was a theme that uses a library called timthumb.php. I Found the failure in this link and follow the steps there to solve the problem. This virus is installed through the timthumb.php and creates a backdoor. Through the backdoor, other viruses have settled on the site. I’ve fixed the file timthumb.php to remove the possibility of a new invasion.

    This virus inserted an iframe on the home page of the site, causing the visitor to be redirected to a site with malicious code. In my case it was an iframe to a site called wordpress-counter.com

    Then I had to remove the backdoor before removing the iframe code generator, because when removing the iframe itself, it was introduced again after 15 minutes through the backdoor.

    Follow the tips this post and discovered the backdoor in the file wp-config.php. After the end of the traditional code of WordPress, it has about 100 blank lines and then the malicious code.

    Then follow the tips this other post to eliminate the iframe generators.

    Finally, I froze the files of my WordPress instalation. I accessed the site root via SSH and perform the steps below (note that this will block you from WordPress to automatically update the latest versions of the Dashboard):

    To protect folders:

     find. -type d -exec chmod 755 {} \;

    To protect files:

     find. -type f -exec chmod 644 {} \;

    To prevent other users to view data from your database, which is possible in some shared hosting:

     chmod 750 wp-config.php

    To prevent further attacks modify any file on your system (files less plugins and themes):

     chmod u-w -R *
chmod u+w -R wp-content

    References

    http://blog.sucuri.net/2011/08/timthumb-php-security-vulnerability-just-the-tip-of-the-iceberg.html
    http://markmaunder.com/2011/08/01/zero-day-vulnerability-in-many-wordpress-themes/
    http://cantonbecker.com/work/musings/2009/how-to-search-for-backdoors-in-a-hacked-wordpress-site/
    http://blog.unmaskparasites.com/2011/03/02/versatile-cc-attacks/
    http://codex.wordpress.org/Hardening_WordPress

     

  • richieri 16:35 on 17/08/2011 Permalink | Reply
    Tags: Database, geographic locatlization, geolocalization, ip, maxmind   

    Your own database with geo located ip information 

     

    For those who wants to serve content based on viewers location, one good alternative is IP geolocalization, when the viewer or the aplication ins’t integrated with GPS.

    There are some libs that we can use to geo locate viewers with IP information:

    http://www.geoplugin.com
    http://www.maxmind.com

    Those applications doens’t offer 100% accurated information but they are a good start point. Let’s create our own Geo Database using MaxMind CityLite free Database.

    First, download the CSV file from MaxMind Web Site:

    http://www.maxmind.com/app/geolitecity

    Then, we need to create 2 tables:

    CREATE TABLE `geo_blocks` (
`id` INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`location_id` INT(10) UNSIGNED NOT NULL,
`ip_start` INT(10) UNSIGNED NOT NULL,
`ip_end` INT(10) UNSIGNED NOT NULL,
`index_geo` INT(10) UNSIGNED NOT NULL,
PRIMARY KEY (`id`),
INDEX `idx_start` (`ip_start`),
INDEX `idx_end` (`ip_end`),
INDEX `idx_geo` (`index_geo`)
);

CREATE TABLE `geoip`.`location` (
`locId` INT NOT NULL ,
`country` VARCHAR( 100 ) NOT NULL ,
`region` VARCHAR( 100 ) NOT NULL ,
`city` VARCHAR( 150 ) NOT NULL ,
`postalCode` VARCHAR( 20 ) NOT NULL ,
`latitude` VARCHAR( 10 ) NOT NULL ,
`longitude` VARCHAR( 10 ) NOT NULL ,
`metroCode` VARCHAR( 100 ) NOT NULL ,
`areaCode` VARCHAR( 100 ) NOT NULL ,
PRIMARY KEY ( `locId` )
) ENGINE = MYISAM ;

    After that, you need to import the CSV files to the mysql:

    load data local infile '/pathe/to/the/file/GeoLiteCity_20110802/GeoLiteCity-Blocks.csv'
into table geo_blocks
fields terminated by ',' enclosed by '"'
lines terminated by '\n' ignore 2 lines (ip_start, ip_end, location_id);

load data local infile '/pathe/to/the/file/GeoLiteCity_20110802/GeoLiteCity-Location.csv'
into table location
fields terminated by ',' enclosed by '"'
 lines terminated by '\n' ignore 2 lines (locId,country,region,city,postalCode,latitude,longitude,metroCode,areaCode) ;

    That’s all, use it as you want :)

    MaxMind has a small tutorial teaching how to use the CSV file also:
    http://www.maxmind.com/app/csv

     

c
compose new post
j
next post/next comment
k
previous post/previous comment
r
reply
e
edit
o
show/hide comments
t
go to top
l
go to login
h
show/hide help
shift + esc
cancel
Powered by Google Talk Widget