VooServers Blog

Disabling Dangerous PHP Functions

Matt Parkinson — Tue, 17 Aug 2010 09:41:38 +0000

PHP contains a lot of different functions that are used in various scripts however some of these functions are deemed insecure and could leave your dedicated server vulnerable to attacks from malicious users. Luckily PHP includes an option to disable some of it’s functions so it is possible to disable some of the dangerous functions that should never be used in a standard public facing website.

Find the current PHP configuration file

php -i |grep php.ini
Configuration File (php.ini) Path /usr/lib
Loaded Configuration File /usr/local/lib/php.ini

Edit the configuration file
```
nano /usr/local/lib/php.ini
```

Search for “disable_functions” and add in the dangerous functions

disable_functions = "symlink,shell_exec,exec,system,popen,proc_close"

Restart apache
```
service httpd restart
```

If you now attempt to use one of the functions that have been disabled you should get a PHP error. Please note that this function list is not complete and you should add in the functions that you wish to disable based on your scripts and what they require to operate properly.

Installing Xen on CentOS

Matt Parkinson — Tue, 17 Aug 2010 09:13:31 +0000

If you wish to install Xen on your dedicated server to support server virtualisation it is very simple with CentOS and only takes a matter of minutes.

Disable SELinux

nano /etc/sysconfig/selinux
Change the SELINUX line to SELINUX=disabled

Install Xen and the Xen Kernel
```
yum install xen kernel-xen
```
Reboot your dedicated server
```
shutdown -r now
```
Check the Xen kernel is now running
```
uname -a
```
Check Xen is running
```
xm list
```

If the last 2 commands return correctly your dedicated server should now be running Xen and you are ready to start creating your virtual machines. If you have any problems with the installation or are unsure on some of the commands please contact our support department who will be happy to help.

Installing CHKROOTKIT on a Linux Server

Matt Parkinson — Tue, 03 Aug 2010 14:26:35 +0000

Chkrootkit or Check Rootkit is a common Linux security tool which will scan your server for any signs of rootkits or worms which could severely impact the security of your server if they are not removed. In this blog post we are going to cover installing chkrootkit on a dedicated server and configure it to run daily and e-mail the results to a system administrator.

Login to SSH as a privileged user and change to our source directory
```
cd /usr/local/src
```
Create the install directory
```
mkdir /usr/local/chkrootkit
```

Download the latest version of chkrootkit

wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

Extract the download
```
tar -xvzf chkrootkit.tar.gz
```

Copy the contents to the install directory

mv /usr/local/src/chkrootkit*/* /usr/local/chkrootkit

Clear up the source files
```
rm -rf /usr/local/src/chkrootkit*
```
Change directory to the install
```
cd /usr/local/chkrootkit
```
Compile chkrootkit
```
make sense
```
Perform a test run
```
./chkrootkit
```
Add a cron job to run chkrootkit daily
```
nano /etc/cron.daily/chkrootkit
```

Insert the following text into the file

#!/bin/sh
(
/usr/local/chkrootkit/chkrootkit
) | /bin/mail -s 'CHROOTKIT Daily Run (ServerNameHere)' email@domain.com

Make the cronjob executable and secure
```
chmod 700 /etc/cron.daily/chkrootkit
```

Chkrootkit should now be installed on your server and you should get an e-mail report on the next daily cronjob run. If you do not receive anything then you may have configured something incorrectly.

ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz

The server principal is not able to access the database under the current security context

Matt Parkinson — Mon, 26 Jul 2010 13:53:51 +0000

When using Microsoft SQL Management studio to connect to a MSSQL 2008 database it is possible you may encounter the error above. This is a fairly common error and can stop you from seeing your own databases in a shared hosting environment. To get around this error please follow the steps below:

Login to SQL Management Stuidio as you normally would and press ok when the error message comes up.
Press F7 to open up the object explorer pane.
Right click the column header and you will be given a list of options.
Untick “collation.”
In the left hand common right click databases and press refresh
You should now have a list of all of the databases on the server and you should be able to access your own databases.

Performing a full server backup in Plesk for Windows from command line

Matt Parkinson — Fri, 23 Jul 2010 13:37:08 +0000

Performing a full backup of a Plesk server is relatively easy from the GUI however if you use the command line backup utility there are a lot more options available to allow you to tailor the backup to your specific requirements. Below we are going to demonstrate a typical backup command which is in use on some of our servers. To run the command you should first of all open command prompt.

C:\Program Files\Parallels\Plesk\bin\pleskbackup –server –prefix=”Thursday” –output-file=D:\DailyBackup\Thursday-Server.zip –split=2G –verbose

–server – Tells the utility to perform a whole server backup
–prefix – The prefix to append to the name of the backup. Here we use the day we are generating the backup on.
–output-file – Where you would like the backup to be saved to. This is not necessary but we like to keep backups on a separate disk outside of plesk.
–split – Split the backup into 2GB files to get around the 2GB file size limit in Windows.
–verbose – Show the backup details in the command prompt

For a full list of the backup utility commands and options we recommend taking a look at the official backup and restore documentation available on the Plesk website which goes into more detail on what each switch does.

E-Mail Alert on Root SSH Login

Matt Parkinson — Wed, 21 Jul 2010 20:19:10 +0000

If you wish to keep an eye on your server admin’s logging into your server either to ensure admin’s are not performing task’s without permission or even to detect possible break in’s you can make the server alert you every time someone log’s into the root account using SSH. You can do this by following the instructions below:

Log in to the server as root
Open /root/.bash_profile with your favorite text editor (e.g ‘nano /root/.bash_profile’)
Scroll to the end of the file and add “echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d"(" -f2 | cut -d")" -f1`" user@example.com"
Replace user@example.com with your e-mail. It is best to use an e-mail address outside of the server just in case someone broke in to the server as they could delete it before you managed to read it.
Close SSH and re-login to test the alert.

Restoring a single table using mysqldump

Matt Parkinson — Wed, 21 Jul 2010 16:16:12 +0000

Backing up and restoring a single table can be quite a useful thing to know for the many websites that now run on content management systems or with scripted back ends. For example you may have a table that has crashed and a repair has not fixed it so you want to restore the table but you do not want to overwrite data in the rest of the database. What we would do in this instance is take the whole database backup and restore it as a separate temporary database and then use the following commands to export the table from the temporary database and then import it into the production database.

Export the table from the temporary database:
mysqldump -u -p temp_database_name table_name > /home/username/export.sql

Restore the table into the production database
mysql -u -p production_database_name < /home/username/export.sql

SEO Tips from Matt Cutt’s at Google I/O 2010

Matt Parkinson — Tue, 20 Jul 2010 11:35:26 +0000

At Google I/O 2010 Matt Cutt’s performed an SEO site review session which looked at real world website’s that had been submitted by their users. This site review session offered some very good insight’s into the basic’s of search engine optimization and some common mistakes that can be made.

For those who have not heard of Matt Cutt’s before he is the head of Google’s Webspam team and was also responsible for developing the first version of Google Safe Search. The video of this review session can be watched below and is about an hour long. If you enjoy this video and want to find out more please check out Matt Cutt’s Blog.