Update all php extensions at once with YUM

With YUM, upgrading php is simple as “yum install php”. This will install latest php version on your machine. But if you have multi different php modules that aren’t part of php package (eg. gd, mysqli …), than you can use this simple one liner and install all those modules at once.

Just run this as root:

php -m | grep -v "Modules" | while read i; do yum install php-$i -y; done

This will check for all currently installed php packages and will try to upgrade them.

Magento – lock administration to specific country

Brute force attacks on Magenta administration are also very common issue, like with WordPress, well maybe a little less :). If you can’t lock your administrations on specific fixed IP addresses, than you can probably lock administration so that is accessible only from your country. Russia and China for example, are countries from which those kind of attacks are very common. So it is good idea to block them.

For this example, I’m doing this on Apache 2.4 with GeoIP module installed. Before you proceed, you should have installed geoip.

To have Magento administration accessible only from Germany (for example), add code bellow to your apache vhost configuration. This geoip was installed on CentOS 7, you should change path to GeoIP.dat accordingly to your installation. You should also change country code to the one that you want access from.

GeoIPEnable On
GeoIPDBFile /usr/share/GeoIP/GeoIP.dat
RewriteEngine on
RewriteCond %{ENV:GEOIP_COUNTRY_CODE} !^DE$
RewriteCond %{REQUEST_URI} ^/(index.php/)?admin/? [NC]
RewriteRule .* - [R=403,L]

Magento – Fatal error: Class Mage not found

Of corse, this can be caused by many different things, but if you’re stuck, without any ideas what could be wrong, than try solution bellow. Compiler stores everything in one file and can cause problems with includes. Just clear compiler and disable it if you don’t need it of corse.

I was getting error like this:

Warning: include(Mage.php): failed to open stream: No such file or directory in /my/web/server/root/public_html/lib/Varien/Autoload.php on line 94 Warning: include(): Failed opening 'Mage.php' for inclusion (include_path='/my/web/server/root/public_html/app/code/local:/my/web/server/root/public_html/app/code/community:/my/web/server/root/public_html/app/code/core:/my/web/server/root/public_html/lib:.:/usr/local/share/pear') in /my/web/server/root/public_html/lib/Varien/Autoload.php on line 94 Fatal error: Class 'Mage' not found in /my/web/server/root/public_html/app/code/core/Mage/Core/functions.php on line 244

Just login into your shell and then execute commands bellow (without comments):

//clear compiler
php compiler.php clear
//disable compiler
php compiler.php disable

It is most likely that this will fix your problem. If not, keep digging 🙂

Hope it helps.

WHMCS – can’t add new tld to domains

I found this odd issue with WHMCS billing platform. I wanted to add new tld to our domain pricing list, but when I clicked on Save Changes I’ll get notice that tld was added, but it wasn’t on domain list.

Just add/edit this in your php configuration – php.ini (default value is 1000):

max_input_vars = 5000

PHP: SSL operation failed with code 1

If you installed PHP 5.6 or grater and your application returns something like this:

SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL...

Then there is a simple fix for that. You can override default OpenSSL’s CA bundle with the one bellow.

  1. Download this cert bundle.
  2. Add this line to your php.ini file
    openssl.cafile=/path/to/your/downloade/cacert.pem
  3. Restart apache/nginx and you should be ok.

Install PHP extension on Directadmin – fast and easy way (without custombuild)

Directadmin is pretty good, lightweight, control panel for providing web hosting service or to host your own websites/projects, managing mail … Through the years, I recompiled PHP with custombuild countless times. Problem is, that every time that you want to install some new PHP extension – exif, in this example – you’ll have to rebuild whole PHP with Directadmin’s custombuild also. That can be very annoying and time-consuming. Expesialy when things go wrong. So, there is simple way on how to quickly install PHP extensions without using custombuild. I used this way many times. In this case, installation was done on CentOS 7.2 server with Directadmin and PHP version 5.6.23.

I hope this was helpful to you in any way.

Continue Reading

Directadmin and wrong JPEG library version – FreeBSD

I came across this error a few times on DirectAdmin installations. I first noticed this error when I installed Nextgen Gallery plugin on some WordPress installation. When I tried to upload some pictures, php should resize them and create thumbnails, but instead of thumbnails I’ll get error about JPEG library (checked in error log). Below is procedure on how to fix that error. At least it worked for me. This Directaadmin was installed on FreeBSD 9.1.

  • Login as root
  • Update ports
[root@lala ~]# portsnap fetch update
  • Delete currently installed JPEG library
[root@lala ~]# pkg_info | grep jpeg
[root@lala ~]# pkg_delete jpeg
  • Install jpeg library with custombuild
  • Edit your configuration script for php in custombuild. Add or edit values as bellow. Notice that path is not /usr/local/lib anymore.
–with-gd \
–with-jpeg-dir=/usr/local \
  • Rebuild PHP with custombuild
[root@lala ~]# cd /usr/local/directadmin/custombuild
[root@lala /usr/local/directadmin/custombuild]# ./build php n
  • When build is complete, restart Apache and try it again. It should work.
[root@lala ~]# /usr/local/etc/rc.d/httpd restart

 

Find CryptoPHP hacks on your server / False php scripts

CryptoPHP is nasty little shit! A while ago I had a problem with spam on one of our hosting servers. When we ended on several RBL lists, one of them stated that there is a possible way that our machine is infected with CryptoPHP. Hacked files can be very hard to find. PHP code was hidden in false .png files! This pngs were then included in some legit php files, like index.php. So every time index.php was loaded, hacked code inside included png file was loaded too.

Here is how you can find if there are false png files on your system. Just scan your directory with this line:

find -L /path/to/dir/ -type f -name "*.png" -exec file {} + | grep PHP

You could also scan your system for other types of files. Just replace *.png with something elese, for example *.jpg.

Output for legit files will look something like this:

./wp-includes/js/tinymce/skins/wordpress/images/more-2x.png:    PNG image data, 3800 x 40, 4-bit colormap, non-interlaced

Output for script that pretends to be regular PNG file – hacks – will look something like this:

./test.png:   PHP script, ASCII text

© 2018 geegkytuts.net
Hosted by Hosterdam


About author