Howto: XCache in a Lighttpd Chroot on Debian

Posted 1132 days ago - Debian, Development · Leave a Comment

PHP Logo Whether you're pressed for resources on a virtual/dedicated server, or simply looking for ways to improve web application performance, XCache is guaranteed to produce the desired result. Within minutes of installing XCache: page load times were cut in half, PHP/MySQL RAM consumption was under control, and overall PHP rendering/output performance dramatically improved. In this post I'll go over the process of installing, configuring, and enabling XCache in a php5-cgi+Lighttpd chroot jail on a Debian Lenny web server.

Continue reading Howto: XCache in a Lighttpd Chroot on Debian

Solution: chown: invalid user: www-data:www-data

Posted 1224 days ago - Debian · Leave a Comment

light_logo_170px Ran into this issue after getting rid of the www-data user and group. The solution is simple and doesn't involve adding the account/group, assuming the objective is to run Lighttpd as a different user (not www-data). If the intention is to run Lighttpd with the www-data account, simply add the account. Otherwise, keep reading...

Continue reading Solution: chown: invalid user: www-data:www-data

New Tool: Daily [Mod] Security Reports

Posted 1240 days ago - Development, Security · Leave a Comment

After the Lighttpd mod security post and the DDoS attack that followed, I began working on a script that parses the Lighttpd server-error.log and inserts matched records into MySQL. The result? Check it out here: security.nullamatix.com Daily Security Reports. With the abundance of ideas I have for the project, it's far from complete, but definitely worth a beta release. Plans for the future include, but aren't limited to:

Continue reading New Tool: Daily [Mod] Security Reports

529 Attacks in 9 Days: id1.txt, RFI, & More

Posted 1255 days ago - Development, Security · Leave a Comment

Long time Nullamatix readers know how much I love reviewing log files. Logs can provide detailed incite into not only the overall health of a system, but information one can use to mitigate the risks of automated attacks. In this post, I'll go over a couple ways to harden a PHP enabled web server and hopefully prevent: fx29id1.txt, id23.txt, id.txt, id1.txt, fxid.txt, one.txt, fx1.txt, and several other automated attacks from successfully exploiting common weaknesses.

Continue reading 529 Attacks in 9 Days: id1.txt, RFI, & More

Howto: Tail Lighttpd Logs with Style using Sed

Posted 1373 days ago - Development, Security · 3 Comments

Although extremely useful, http server access logs are a mess in their raw form. If you're interested in watching your http server logs in real time with formatting rules and pretty colors, this post is for you.

Continue reading Howto: Tail Lighttpd Logs with Style using Sed

New Page: Interesting Server Logs

Posted 1485 days ago - Security · Leave a Comment

This is a short post. A status update more than anything.

Before posting Madlib Site PHP code examples demonstrating how to use the content you've obtained from: Free Data Sources for Blue Hat SEO's Madlib Technique, I thought of a potentially interesting idea. Grep httpd server logs looking for Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), Blind SQL Injection, Remote Code Inclusion, and Remote Code Execution attempts, just for fun.

Continue reading New Page: Interesting Server Logs

Howto: Run Multiple Poor Mans BANS Sites Using 1 Wordpress Installation

Posted 1911 days ago - Productivity, Wordpress · Leave a Comment

Note: This is a follow up to the original Make Money With a Poor Mans BANS (Build A Niche Store) post. If you haven't read that post, please do so before continuing with this one.

Continue reading Howto: Run Multiple Poor Mans BANS Sites Using 1 Wordpress Installation

Howto: Setup cron Jobs to Restart Lighttpd & MySQL

Posted 1923 days ago - Debian · Leave a Comment

Over the past couple weeks MySQL crashed when spiked with large amounts of traffic. To remedy this, a cron job has been implemented to simply restart mysql and lighttpd every other day. Here's how it's done.

Continue reading Howto: Setup cron Jobs to Restart Lighttpd & MySQL

2 Pages: 1 2 ยป