Hide Apache ServerSignature / ServerTokens / PHP X-Powered-By

By default almost all Apache installation shows sensitive server information with Apache version number, server operating system details, installed Apache modules, PHP-version and so on. Attackers can use this information when performing attacks. Some examples howto check server information that Apache sends Error page Use lynx $ lynx -head -mime_header http://www.ubuntu.com HTTP/1.0 200 OK Date: Fri, 20 Nov 2009 09:25:46 GMT Server: Apache/2.2.8 (Ubuntu) mod_python/3.3.1 Python/2.5.2 PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch mod_ssl/2.
Read more →

Fedora 13 nVidia Drivers Install Guide (disable the nouveau driver)

Looking Fedora 22/21 nVidia Drivers Install Guide? I’ve tried this method in few Fedora 12 and Fedora 13 machine, and looks like it is working. Nouveau has been enabled by default starting from Fedora 11 and looks like nouveau cause some problems on Fedora 12 and Fedora 13, when try to use nVidia proprietary driver. Note: nVidia proprietary drivers on Fedora 12 and Fedora 13 does not support older cards than GeForce 6 cards (except for some exceptions, check this comment).
Read more →

Partitioning PostgreSQL Tables - Handle Millions of Rows Efficiently

PostgreSQL table partitioning means splitting one large database table into smaller logical pieces. PostgreSQL table partitioning will be worthwhile only when a table would be very large. Here are a few benefits of what can be achieved with partitioning: Large tables query performance can be improved dramatically Reducing index size and making it more likely that the heavily-used parts of the indexes fit in memory Rarely used data can be moved to slower and cheaper storage media This topic is divided into three parts, which are as follows and published in the following order: Part 1.
Read more →

Create PostgreSQL Table Partitioning (Part 1)

PostgreSQL supports partitioning via table inheritance. So the partitioning is made in such a way that every child table inherits single parent table. Parent table is empty and it exists just to describe the whole data set. PostgreSQL partitioning can be implemented in range partitioning or list partitioning. Range partitioning can be done for example by ID ranges (like 0-100 000, 100 001-200 000, 200 001-300 000…) or Date ranges (like 2009-11-01 – 2009-11-30, 2009-12-01 – 2009-12-31…).
Read more →

PHP Script to Generate PostgreSQL Table Partitioning (Part 2)

As Part 1 (Howto create PostgreSQL table partitioning) shows, making of PostgreSQL partitioning needs a lot of SQL commands. So this Part 2 explains how SQL commands for PostgreSQL partitioning can be made with a simple PHP script. This example script make SQL for child tables, indexes, trigger function and parent table trigger. This example script can make PostgreSQL table partitioning with using Date ranges. Script can be configured with following configuration section:
Read more →

PHP: Loop through dates (from date to date) with strtotime() function

This is very easy way loop through dates (from date to date) with PHP strtotime() function. This example only echo dates, but of course this model can be used more complicated situations. <?php // Set timezone date_default_timezone_set('UTC'); // Start date $date = '2009-12-06'; // End date $end_date = '2020-12-31'; while (strtotime($date) <= strtotime($end_date)) { echo "$date\n"; $date = date ("Y-m-d", strtotime("+1 day", strtotime($date))); } Note: All different PHP strtotime() function syntaxes can be used.
Read more →

PostgreSQL: Partitioned Table vs Non Partitioned Table (Part 3)

This article compares the speed and performance of queries between partitioned and non partitioned PostgreSQL tables. However, it is important to remember that the PostgreSQL tables partitioning has also another benefits, than the better performance on queries. More information about other benefits from the first part ‘Howto create PostgreSQL table partitioning (Part 1)‘. This is comparision between partitioned and non partitioned PostgreSQL tables. The same tests were carried out with and without indices, because using the indices, it is no longer very meaningful example on table, which has one billion rows of data (if the table is not partitioned).
Read more →

Format bytes with PHP – B, KB, MB, GB, TB, PB, EB, ZB, YB converter

Simple PHP function that formats the bytes to the desired form. Possible unit options are: Byte (B) Kilobyte (KB) Megabyte (MB) Gigabyte (GB) Terabyte (TB) Petabyte (PB) Exabyte (EB) Zettabyte (ZB) Yottabyte (YB) PHP byteFormat function for formatting bytes Function takes three parameter: (bytes mandatory, unit optional, decimals optional) <?php function byteFormat($bytes, $unit = "", $decimals = 2) { $units = array('B' => 0, 'KB' => 1, 'MB' => 2, 'GB' => 3, 'TB' => 4, 'PB' => 5, 'EB' => 6, 'ZB' => 7, 'YB' => 8); $value = 0; if ($bytes > 0) { // Generate automatic prefix by bytes // If wrong prefix given if (!
Read more →

Delete files permanently with shred command in Linux – Remove absolutely

Sometimes we need to delete files which content should disappear absolutely, completely and safely. Linux command rm just remove file and it’s still possible to dig out from the disk. Fortunately for Linux can be found in shred program that removes the files permanently. Shred command is easy and quickly to use cases when files need to deleted forever. Shred command usage Create test file: echo "testing testing" > /tmp/test.
Read more →

Twitter Hacked by Iranian Cyber Army

Twitter site is hacked by Iranian Cyber Army. Here is some screenshots and full info about page. Screenshots Server info and full html content lynx -mime_header http://twitter.com HTTP/1.1 200 OK Date: Fri, 18 Dec 2009 06:42:08 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635 Last-Modified: Fri, 18 Dec 2009 06:21:13 GMT ETag: "90c06a-717-47afabf13c840" Accept-Ranges: bytes Content-Length: 1815 Connection: close Content-Type: text/html <meta content="en-us" http-equiv="Content-Language"></meta> <meta content="text/html; charset=windows-1252" http-equiv="Content-Type"></meta> <title>..:: This Web Site Has Been Hacked By Iranian Cyber Army ::.
Read more →

Twitter hacked? Not really, only Twitter DNS records compromised

I before post ‘Twitter Hacked by Iranian Cyber Army’, but actually just Twitter DNS records was hacked. I think even twitter.com server headers and tracepath to servers simply prove this, because they are completely different normally when hacked. Hacked twitter.com headers: HTTP/1.1 200 OK Date: Fri, 18 Dec 2009 06:42:08 GMT Server: Apache/2.2.14 (Unix) mod_ssl/2.2.14 OpenSSL/0.9.8l DAV/2 mod_auth_passthrough/2.1 FrontPage/5.0.2.2635 Last-Modified: Fri, 18 Dec 2009 06:21:13 GMT ETag: "90c06a-717-47afabf13c840" Accept-Ranges: bytes Content-Length: 1815 Connection: close Content-Type: text/html Original twitter.
Read more →

Delete files securely on Linux – Journaled file systems

Few days ago I write about shred, which work fine for old systems, like EXT2, but not so nice with journaled file systems. Modern file systems need something more robust, like dd and srm (a secure replacement for rm). Unlike the standard rm, srm overwrites and rename the files before unlinking them. This makes it very hard to recovery of the data. Create test file: echo "secure content" > /tmp/secure.
Read more →

BitLy (bit.ly) PHP Class – Shorten and Expand URLs (and Hashes) with BitLy API

BitLy (bit.ly) is a service which allows users to shorten, expand, share and track URLs (links). bit.ly can be accessed through bit.ly website and a robust and open API. Example: Shorten http://www.if-not-true-then-false.com/ url -> http://bit.ly/8cZ1fb Expand http://bit.ly/8cZ1fb url -> http://www.if-not-true-then-false.com/ This post deals with bit.ly API usage with a simple PHP Class. This PHP class allows to shorten normal urls, expand bit.ly urls and expand bit.ly hashes. BitLy PHP Class <?
Read more →

nginx, PHP 5.3 and FastCGI on CentOS 5.5, Fedora 13, Red Hat RHEL 5.5/6

This is guide howto install nginx, PHP 5.3 and FastCGI webserver with MySQL and/or PostgreSQL and Memcache support on Fedora 12 and Fedora 13, CentOS 5.5, Red Hat (RHEL) 5.5/6. nginx (engine x) is a robust, small and high performance http server, reverse proxy server and also mail proxy server.

  1. Add and enable needed repositories: Updated 19.3.2010 Use following repositories to install nginx 0.8.xx version (currently 0.8.36 version) rpm -Uvh http://download.
Read more →

PHP stdClass to Array and Array to stdClass – stdClass Object

I think every PHP coders have come accross Arrays and stdClass Objects (belongs to PHP Predefined Classes). Sometimes it’s very useful convert Objects to Arrays and Arrays to Objects. This is easy if arrays and objects are one-dimensional, but might be little tricky if using multidimensional arrays and objects. This post defines two ultra simple recursive function to convert multidimensional Objects to Arrays and multidimensional Arrays to Objects. Function to Convert stdClass Objects to Multidimensional Arrays <?
Read more →

PHP - Measure Scripts Execution Time and Page Generation Time

In many cases, it is really useful to know the exact time for how long a PHP script is running or how long will take PHP web page load. On the other hand it is also useful to know that how long a particular script operation or part of page load will take. Following PHP Timing class is very simple to use, only create class and start timing and stop timing.
Read more →

PHP CLI Colors – PHP Class Command Line Colors (bash)

PHP Command Line Interface (CLI) has not built-in coloring for script output, like example Perl language has (perldoc.perl.org/Term/ANSIColor.html). So I decided to make own class for adding colors on PHP CLI output. This class works only Bash shells. This class is easy to use. Just create new instance of class and call getColoredString function with string and foreground color and/or background color. PHP Class for Coloring PHP Command Line (CLI) Scripts Output <?
Read more →

Add Hostname, Date, Time, Uptime, Load Average to Linux Terminal Title

This tip is really useful if you need/want to monitor multiple servers at the same time. This Tip works, as the tip, by which you can add the date and time the title of the Linux terminal, but it adds more usefull info to terminal title. Following bash one liner add hostname, date, time, uptime, users and load Average to Linux Terminal Title and updates it every second. This trick works at least following terminals: Gnome Terminal, xterm, urxvt, rxvt.
Read more →

YUM History (list, info, summary, repeat, redo, undo, new)

Yum (Yellowdog Update Modified) is RPM Packet Management system for Fedora, CentOS, Red Hat, OpenSuse etc. Yum history (list, info, summary, repeat, redo, undo, new) commands is added on 3.2.25 version. So this works every Linux Distros, which uses yum 3.2.25 or newer. Yum history command is a really useful in situations where the need to example rollback latest yum activity or undelete some deletes or just see what is updated lately.
Read more →

Install PostgreSQL 8.4 Database Server on CentOS, Fedora, Red Hat

This is quick guide howto install PostgreSQL 8.4 (current stable 8.4.7) database server on CentOS, Fedora and Red Hat. Fedora 14, Fedora 13, CentOS 5.5 and Red Hat (RHEL) 5.5 has PostgreSQL 8.4 database server as default so extra repositories is not needed. Personally, I like to use Postgres own repositories, because the latest version of PostgreSQL may be quickly and easily installed. The following commands run as root and postgres user, so “su -” or “sudo -i” first.
Read more →
Subscribe and follow: