php | Geek Tank

Live Blog – 07-27-2022 – Docker, PHP Package Oneliner

byJordan
July 27, 2022
1 minute read

Docker + Speedtest Tracker

I love that I have a Synology since I can run my own Speedtest Tracker! I was having issues on Zoom and knew it was me as I have notifications set up when my ping or up/download speed drops. You can run this on pretty much anything, a raspberry pi or a spare mac. Just install docker, and you’re off to the races!

https://github.com/henrywhitaker3/Speedtest-Tracker

Install Multiple PHP packages based on Version

Want to install a bunch of PHP packages easily via CLI for a different PHP version.? Just run the following snippet. It works in bash and zsh, and can be used with apt and yum 🙂

apt-get install php74-{mbstring,mysql}

Ubuntu apt Don’t install recommended software.

I required smartctl command from the smartmontools package under Ubuntu, and simply running apt-get install smartmontools resulted in some recommended packages to be installed suck as mail-utils and postfix of which I required neither.

There is an option with apt, which will not install recommended packages, its --no-install-recommends as you can see in the below example.

apt-get install --no-install-recommends smartmontools

UUncategorized

Fix the “The package could not be installed. PCLZIP_ERR_BAD_FORMAT” WordPress Error

byJordan
May 30, 2019
1 minute read

This is pretty straightforward, you’ll see this error when updating or installing a plugin.

[enlighter linenumbers=”true”]The package could not be installed. PCLZIP_ERR_BAD_FORMAT[/enlighter]

Basically the file WordPress is trying to download is either corrupt or you don’t have the PHP curl module installed. So simply install it, for Ubuntu this is:

[enlighter linenumbers=”true”]apt-get install php-curl[/enlighter]

[enlighter linenumbers=”true”]apt-get install php7.3-curl[/enlighter]

UUncategorized

Active Directory Authentication with NConf

byJordan
January 5, 2015
1 minute read

So I had to help someone else with getting NConf working with Active Directory LDAP on a Windows Domain, If you don’t understand the difference between DistinguishedName and sAMAccountName, then you will have some issues.

Currently NConf will only use a DN for successful authentication and authorization (2 steps to getting access to NConf). This means you can’t use your Active Directory username, but instead your DistinguishedName.

If you review the NConf Auth by Active Directory instructions and correctly configure all the options. Using an DistinguishedName of a valid Active Directory account for the username will result in a successful login. Versus using the Active Directory sAMAccountName which is typical the “username” we have all come accustomed to using.

Please note, when specifying the “AD_BASE_DN” as DOMAIN\<username>. You may find success in authenticating, but you won’t have authorization to access NConf. This is due to the memberof logic used in NConf, which fails due to an incorrect Bind DN being provided. It looks like NConf needs to build on the Active Directory integration.

UUncategorized

Remove iThemes Security Lockouts Script

byJordan
December 9, 2014
2 minute read

I decided to create a command line PHP script that would list the current iThemes Security Logs and also allow you to remove them based on IP Address. Here is the script which I’ve called “ithemes-clearip.php” and it’s Github link, its dirty and really was made in like 15 minutes.

https://github.com/jordantrizz/wordpress-scripts

<?
// List and remove iThemes Security Log entries based on IP Address
// Options
$shortopts ="d:";
$shortopts .="l";
$options = getopt($shortopts);
//Database Connect
require_once("wp-config.php");
$link = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$database_name = DB_NAME;
if ($conn->connect_error) {
  die("Cant connect to database using wp-config.php details - Connection failed: " . $conn->connect_error);
}
if(!$options) {
  print "There was a problem reading in the options.\n\n";
  exit(1);
}
if(array_key_exists("d",$options)) {
  $ip = $options["d"];
  if(filter_var($ip, FILTER_VALIDATE_IP)){
    echo "Deleting all entries for IP Address ". $options["d"] ." in $database_name\n\n";
    $sql="delete from ".$database_name.".wp_itsec_log where log_host = \"".$ip."\"\n\n";
    echo $sql;
    if($link->query($sql) === TRUE) {
      echo "Deleted ". mysqli_affected_rows($link)." rows\n\n";
    } else {
      echo "Error deleting record: " . $conn->error;
    }
  } else {
    print "You didn't specify a correct IP Address.\n\n";
    exit(1);
  }
} elseif(empty($options["l"])) {
  $sql = 'SELECT log_host,log_date from wp_itsec_log';
  $result = $link->query($sql) or die(mysql_error());
  if (!$result) {
    print 'Could not run query: ' . mysql_error();
    exit;
  }
  print "\nLog Host\tLog Date";
  print "\n-----------------------------------";
  while($row = mysqli_fetch_row($result)) {
    print "\n".$row['0']."\t".$row['1'];
  }
  print "\n";
  mysqli_close($link);
}
?>

UUncategorized

Apache Error Log mod_fcgid: can’t apply process slot for /usr/local/cpanel/cgi-sys/php5 (cPanel/CloudLinux)

byJordan
April 4, 2013
2 minute read

I was getting the following error message in apaches error log on a cPanel machine with CloudLinux

mod_fcgid: can't apply process slot for /usr/local/cpanel/cgi-sys/php5

Looking into the issue, it seemed that a couple of sites were reaching the max EP (Entry PRocess). If you read the ClouldLinux documentation it states the following. http://docs.cloudlinux.com/index.html?limits.html

Entry processes limit control the number of entries into LVE. Each time a process ‘enters’ into LVE, we increment the counter. Each time process exits LVE, we decrement the counter. We don’t count processes that are created inside LVE itself. It is also know as ‘Apache concurrent connections’ limit. The process enter’s into LVE when there is a new HTTP request for CGI/PHP, when new SSH session is created, or when new cron job is started. This limit was created to prevent DoS attacks against web server. One of the fairly popular attacks is to tie up all the Apache connections by hitting some slow page on a server. Once all Apache slots are used up, no one else will be able to connect to the web server, causing it to appear to be down. The issue is worsened by CPU limits, as once site starts to get slow due to CPU limit — it will respond to requests slower and slower, causing more and more connections to be tied up. To solve that, we have created entry processes (often called concurrent connections) limit. It will limit the number of concurrent connections to Apache, causing web server to serve error 508 page (Resource Limit Reached), once there number of concurrent requests for the site goes above the limit.

UUncategorized

Get RackTables working with php-cgi or fastcgi

byJordan
March 5, 2013
1 minute read

If you’ve tried to google “racktables authentication not working after install” you won’t find much, but there is a couple of articles about fastcgi and the PHP_AUTH_PW and PHP_AUTH_USER not being passed correctly. But no real solution to the problem.

I was able to get RackTables working using the following work around posted on http://www.rosmir.org/Index/Docs/archive/LabsFolder/FastCGI which has nothing to do with RackTables.

You will need to add the following to your .htaccess file.

RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]

Next you will need to modify the inc/auth.php file and add the following before the function authenticate.

if(preg_match('/Basic+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
}

It should look like following below when completed.

function authenticate ()
{
if(preg_match('/Basic+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches)) {
list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':' , base64_decode(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)));
}
global
$remote_username,
$remote_displayname,
$auto_tags,
$user_given_tags,
$user_auth_src,
$script_mode,
$require_local_account;
if (!isset ($user_auth_src) or !isset ($require_local_account))
throw new RackTablesError ('secret.php: either user_auth_src or require_local_account are missing', RackTablesError::MISCONFIGURED);
if (isset ($_REQUEST['logout']))

UUncategorized

Looking at Cassandra (DB) and Hiphop (Compiling PHP to Native C)

byJordan
December 22, 2010
1 minute read

I was all over the internet one day and ran into a project called Cassandra. Which was opensourced by Facebook and is being developed by Apache committers as well as other major companies.

http://cassandra.apache.org/

I also dug up another Facebook related project called Hiphop, which compiles PHP into native C to boost performance. Also used by Facebook.

https://github.com/facebook/hiphop-php/wiki/

UUncategorized

Adding APC to MediaTemple Grid Service

byJordan
November 29, 2010
4 minute read

I have a client that wanted to start his own personal blog. He’s in the IT industry and wanted to use WordPress, he didn’t know what Shared Hosting Provider to go with. I suggested two, dreamhost.com and mediatemple.com

I don’t like shared hosting, why? It’s either slow at time for hours or always slow, so instead I just grab a VPS and pay the $30 or $50 month so my sites load fast. You could even ditch your Grid Service and go with a Dedicated Virtual, and achieve lighting fast page loads on your WordPress/PHP site.

Anyways, lets talk more about how to setup APC properly on the Grid Service. I mean lets really talk about it, because I always forget the steps.

You will need to first download the latest stable version of APC, I’ve had issues with the beta version and the stable version. But far less with the stable version. If you want to pick and choose which version to run visit the APC PECL Website directly at http://pecl.php.net/package/APC

I almost forgot, if you want to follow the instructions in this guide. You will need to have SSH access enabled on your Grid Service account. This guide will assist you.

http://kb.mediatemple.net/questions/16/Connecting+via+SSH+to+your+(gs)+Grid-Service

Once you have access and the URL to the latest stable release of APC (3.0.19 as of this writing). You will want to wget the file to the root of your account.

wget http://pecl.php.net/get/APC-3.0.19.tgz

Decompress and untar the archive, change directory to the extracted contents and phpize the module.

tar -zxvf APC-3.0.19.tgz
cd APC-3.0.19

Next you will want to run phpize. The phpize command prepares the PECL modules build environment. Once you run phpize you will see something similar to the following:

server@n10:~/APC-3.0.19$ phpize
Configuring for:
PHP Api Version:         20020918
Zend Module Api No:      20020429
Zend Extension Api No:   20050606

Now we want to set the configuration options for the module. You will need to find out what version of PHP your Grid Service is running, you need to know the Major and Minor numbers. You can get this information from phpinfo, you will need to create a new file inside your sites html directory and enter the following:

Make sure the file has a .php extension and then open up a browser and view the file. You should be presented with something like the following.

You can see that we’re running PHP 5.2.14-2, the “-2” is more or less for MediaTemples reference.

Next you want to type out the following command and run it, pay special attention to the “-with-php-config” portion as this is important, make sure you find the right location of this file then run the command.

./configure -enable-apc -enable-apc-mmap -with-apxs2=/usr/sbin/apxs -with-php-config=/usr/local/php-5.2.14-2/bin/php-config

A bunch of text should scroll, hopefully no errors. Now we want to make the module so just type “make”.

xxxxxxx.com@n10:~/APC-3.0.19$ make
/bin/sh /home/xxxxx/users/.home/APC-3.0.19/libtool --mode=compile gcc -I. -I/home/xxxxx/users/.home/APC-3.0.19 -DPHP_ATOM_INC -I/home/xxxxxx/users/.home/APC-3.0.19/include -I/home/113041/users/.home/APC-3.0.19/main -I/home/xxxxxx/users/.home/APC-3.0.19 -I/usr/local/php-5.2.14-2/include/php -I/usr/local/php-5.2.14-2/include/php/main -I/usr/local/php-5.2.14-2/include/php/TSRM -I/usr/local/php-5.2.14-2/include/php/Zend -I/usr/local/php-5.2.14-2/include/php/ext -I/usr/local/php-5.2.14-2/include/php/ext/date/lib -DHAVE_CONFIG_H -g -O2 -c /home/xxxxxx/users/.home/APC-3.0.19/apc.c -o apc.lo

-------------CUT TO SAVE SPACE--------------

----------------------------------------------------------------------
Libraries have been installed in:
/home/xxxxx/users/.home/APC-3.0.19/modules

If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the `-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the `LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the `LD_RUN_PATH' environment variable
during linking
- use the `-Wl,--rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to `/etc/ld.so.conf'

See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------

Build complete.
(It is safe to ignore warnings about tempnam and tmpnam).

Now we just need to make the appropriate directories for the module to reside. The directory you need to find is called “data”, if you follow these steps below you can navigate to the directory. Then make the proper directories, and then copy the module.

cd ~/
cd ../..
cd data
mkdir -p lib/php
cp ~/APC-3.0.19/modules/apc.so

The last step is to modify the php.ini and have PHP load the newly created apc.so module. (Note: in the second example, the ‘xxxx’ stands for your user number, you can find this by running “pwd”)

nano ~/../../etc/php.ini
or
nano /home/xxxx/etc/php.ini

Then just add the following lines:

extension_dir = /home/113041/data/lib/php
extension = apc.so

You should now have APC loaded into PHP, double check by going to the phpinfo page you made and search for APC. It should give you some information and configuration variables. Furthermore, if APC is not being loaded and shown on the phpinfo page, enable the error log (http://wiki.mediatemple.net/w/GS:Read_access_logs_and_error_logs) and see if any error messages are being generated.

Hope you enjoy!