WordPress redirect loop with CloudFlare Flexible SSL

If you have ever ran into this issue you’ll find that you are not alone. There are a number of plugins available that supposedly fix the problem but if you’re like me you hate to install to many plugins. If you are using Nginx/PHP-FPM you can forgo the plugin route and fix this issue before  … Read more

GlusterFS and rpcbind / portmap – DDoS Reflection Attacks

If you use GlusterFS then you are also using rpcbind. The linux man page provides the following description for rpcbind: DESCRIPTION The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine.  … Read more

View fail2ban ban entries with iptables -L -v

Not sure why but the Edward Snowden address made me chuckle. (especially as it’s tied to a Tor server address???) iptables -L -v Chain INPUT (policy ACCEPT 16471 packets, 4561K bytes) pkts bytes target prot opt in out source destination 216 12760 DROP all — any any anywhere 21 1260 DROP all — any  … Read more

Rate Limiting With Nginx – Slow Down Website Scans

If you have ever tailed your access logs (eg. tail -f /var/log/nginx/access.log) you may have seen some bad bot signs such as rapid requests for exploitable WordPress plugins or brute forcing logins on your site. The first obvious defence of course is having strong passwords and up to date WordPress files. (from the base install  … Read more

Nginx Static File Cache Control

You can boost your site’s performance by letting visitors browsers know it should cache your static files. Nginx can be configured to set the “Expires” and the “max-age“ directive of the “Cache-Control” HTTP response headers for static files (eg. images, style sheets, javascript) it serves up to a date in the future. This allows browsers  … Read more

List installed PHP packages on Ubuntu and Debian

If you have ever found yourself wondering what PHP packages are installed on a Debian or Ubuntu server you can run the following from the command line. dpkg –get-selections [email protected]:~$ dpkg –get-selections | grep php libapache2-mod-php5 install php-pear install php5-cli install php5-common install php5-curl install php5-dev install php5-gd install php5-mcrypt install php5-memcached install php5-mysql install  … Read more

vsftpd, GnuTLS error -12 and Filezilla

I recently had an issue with a user not being able to log into their FTP account. I have vsftpd set up to use TLS encryption. When using Filezilla to connect to vsftpd with explicit TLS you may see something similar to the following output: Status: Resolving address of www.example.com Status: Connecting to… Status:  … Read more

Create a MySQL Database from the Command Line

Every now and then I find myself needing to create a MySQL database while on the command line. Often it is just as fast or faster than loading up another program or accessing phpMyAdmin in a browser. So, first things first, we need to connect to the database: mysql -u root -p MySQL will prompt  … Read more

Getting Started With Zend Framework

The Zend Framework library is based around the MVC (Model, View, Controller) and Front Controller design patterns. The Front Controller is the point of entry for all requests that are NOT being served up directly by your web server. Such requests include style sheets, javascript, images and other static files. Zend Framework implements the front  … Read more

Coding Mistakes PHP Newbies Make

1. Never trust user input! Doing so can lead to security issues such a hijacked sessions, SQL injection and your entire site being compromised. This goes for all of the PHP superglobals such as $_SERVER and not just $_GET, $_POST and $_REQUEST arrays. The only exception would be the $_SESSION superglobal as this persists on  … Read more