Meine Daten sind diese Woche umgezogen. Vom supergünstigen und einstmals einwandfreien Server4You Root-Server zu einem Host-Europe vServer. (more…)
November 6, 2011
June 7, 2011
Nginx configuration with includes
If you’re setting up a server with both HTTP and HTTPS access you will have to define 2 server directives in your nginx configuration. Then you will define pretty much the same in both, and just add the SSL options like cert and port in your HTTPS-server. However, there is a better way. In this blog post I will explain how to efficiently use include statements in your nginx configuration to use a better configuration file structure.
A second feasible way of using includes it for redirects. Did you change (some) of your URI-structure? Did you move a file resulting in a new URI? Put them in a separate file and include it in your hosts configuration file to keep it clean. (more…)
May 21, 2011
Munin Documentation on how to install plugins
Used Munin for monitoring yet? Tried to install a plugin?
I do think there were introductions previously (or maybe not?), but I can’t find documentation on how to install plugins on the website or plugins database. If you’re ever looking for info on that, check this informative documentation.
May 19, 2011
How to disable P3P in Joomla
P3P is a protocol to publish your intent of your websites privacy policy. Now, letting the websites themselves provide the information and users trusting, or not trusting, into that brings the entire thing ad-absurdum. If you set the tool up to not accept cookies from a “bad”-policied website and it just does not provide P3P, or the wrong or incomplete P3P tags your tool will not help anything.
Anyway, Joomla implemented it and by default provides contradicting P3P tags (which may even be dangerous and put you at risk, as you publish wrong (summary) policy information – people, and lawyers, may actually take you by your word/P3P tags) [as discussed here]. (more…)
April 27, 2011
Nginx Einrichtung
Nachdem ich den Webserver-Wechsel zunächst auf Cherokee vollziehen wollte gab es für diesen zunächst einmal kein aktuelles deb-Paket / Repo und außerdem schien er (in der älteren Version die verfügbar war) auf dem Server massive Probleme zu bereiten, die nach dem Beenden nicht mehr auftraten. Die zweite Wahl war Nginx, welches kürzlich erst in der Version 1.0 veröffentlicht wurde und nach Apache httpd und Lighttpd jener Webserver mit dem größten Marktanteil ist, und vor allem auch sehr große Webseiten hostet. Für Debian und Ubuntu-versionierte Systeme gibt es auch aktuelle Pakete von Nginx, etwa GetDeb für Debian. Der Umstieg ist nun jedenfalls vollzogen. (more…)
February 20, 2011
Fixing libapache2-svn ERROR: Module dav_svn does not exist!
Do you have a problem with libapache2-svn?
Does it tell you it’s partly configured, and that ERROR: Module dav_svn does not exist!?
Well, just create the folders
- /etc/apache2/mods-available/dav_svn.conf
- /etc/apache2/mods-available/dav_svn.load
and you can remove it.
And you can do a purge to completely remove it, including the config files you just created:
aptitude purge libapache2-svn
Solution via
August 19, 2010
Running Apache with multiple PHP fcgis
I now set up my local windows dev system with apache httpd and php to use fcgi and allow multiple PHP versions; especially so I can run PHP 5.2 with Ice 3.3 as well as PHP 5.3 with Ice 3.4 at the same time, without reconfiguration and restart.
April 26, 2010
Securing Apache 2.2 with suEXEC and fcgid
Ever thought about switching from native Apache Httpd 2.2 module for php5 to fastcgi (or fcgid as a fastcgi alternative)?
Here you can find some data on that fcgid is faster, a good alternative to php5_module/libphp5.
So, here’s a quick info on how I set it up.
First of all, what’s suEXEC?
suEXEC allows you to run php scripts as a specific user. This is useful when you’re creating ftp accounts for ppl, hopefully disallow them bash/shell access, and of course want to set permissions so the ftp user may still edit all his files but keep permissions for other users to a minimum. As Apache Httpd runs as a different user by default, www-data, you have a problem, and may have to set permissions up to 777, read+write for all.
Then someone with shell access and knowing the path to the web space may change files.
With suEXEC you won’t have to add permissions. Those for the owner (ftp user) are enough.
suExec requires PHP to run as fastcgi. But as that one will also save some resources and hopefully speed up your site, well, that’s good as well, right?
Setup is complexer than php5-module though.
Install libapache2-mod-fcgid and php5-cgi, then enable fcgid (apache module, so from /etc/apache2/modules-available/ to /etc/apache2/modules-enabled/).
/etc/apache2/mods-enabled/fcgid.conf:
<IfModule mod_fcgid.c>
AddHandler fcgid-script .fcgi .php
IPCConnectTimeout 20
</IfModule>
/etc/apache2/conf.d/php-fcgid.conf:
# Where to look for the php.ini file?
# DefaultInitEnv PHPRC “/etc/php5/cgi”
# Maximum requests a process handles before it is terminated
MaxRequestsPerProcess 1000
# Maximum number of PHP processes
MaxProcessCount 5
# Number of seconds of idle time before a process is terminated
IPCCommTimeout 240
IdleTimeout 240
#FCGIWrapper /usr/bin/php-cgi .php
FCGIWrapper /var/www/cgi-bin/php-cgi .phpServerLimit 512
StartServers 3
# MinSpareThreads 3
# MaxSpareThreads 10
# ThreadsPerChild 10
MaxClients 300
MaxRequestsPerChild 1000
The last 3 commented out settings were not accepted for me, but were in the article linked above. You may want to check them, they may have been in fcgid in older or newer versions or sth.
suEXEC requires the files to be under /var/www by compiled code-setting. So unless you compile it yourself, you’ll have to have your webspaces and ftp users under that folder.
/usr/bin/php-cgi is your FCGIWrapper, php files being passed to it. suEXEC requires it to be executed as the same user as well though, resulting in it having to be under /var/www.
Thus you may do a folder structure like this:
/var/www/web1/cgi-bin/php-cgi
/var/www/web1/htdocs
/var/www/web2/cgi-bin/php-cgi
/var/www/web2/htdocs
Where web1/2 would be the ftp accounts, the htdocs folder your virtual-host target, and php-cgi being owned by the user web1/2 and executable for him.
Also make sure the folders and files in a users dir are only writeable for that user.
Now on to the virtual hosts:
<VirtualHost *:80>
<Directory />
Options +ExecCGI
AllowOverride All
</Directory>
SuexecUserGroup web1 ftponly
FCGIWrapper /var/www/web1/cgi-bin/php-cgi .php
You’ll have to add Options +ExecCGI for the cgi to be executed if you don’t have it already, eg by default/global config.
With SuexecUserGroup you will then set the user and group the php files are to be executed as.
With the FCGIWrapper line you set the cgi script to be used for .php files.
In the end, may sure your /etc/php5/cgi/php.ini file is to your wishes.
—
An alternative to the Wrapper script is the action module.
As that one caused even more trouble and settings I didn’t continue trying it out. See here for example, note however you should not use that folder like that. Make your own with only the script you need inside it, as seen above.
February 14, 2010
Teamspeak 3 fails again – unique virtual server ID across servers?
lol, ts3 rocks… (NOT ofc)
I moved a ts3 server for a community and the old server was still online to refer users to the new IP.
The community has a free license, so you can have x slots over y (virtual) servers (which may be hosted on different IPs).
Now the new server exited after running 2hours with the error “virtual server id 1 is running elsewhere, shutting down!”.
The only reason I can imagine is the license was checked and the virtual server id has to be unique, even across servers.
Wow, what else can you do wrong?
While we’re at it,
yes it’s a public beta, but users with a new client version were not able to send text messages on an older server.
That’s when I had to update it.
Mumble is better! 
October 17, 2009
nginx – Webserver
So, Apache HTTPD for Web-Server and Lighttpd as a smaller, better performing one.
I now, after someone told me about it I checked it out, took a first look on nginx (wikip), a Web-Server and Load-Balancer in one.
What I read about it just as well as what I tried, it looks really promising.
You can even easily redirect for example php script calls to an already running Apache webserver, or of course use fastCGI to run them directly.
Its modular structure is also pretty cool.
I’ll further check into it.
And if you need to decide on a webserver, check this one out too!