Tag: Apache

Permission denied /home/.htaccess pcfg_openfile unable to check htaccess file

While migrating my server data to anther server, Permission denied /home/.htaccess pcfg_openfile unable, I got this error. while restarting apache server I got following error.

[Mon Apr 25 12:15:41 2016] [crit] [client 115.117.45.10] (13)Permission denied: /home/purab/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable

Background, I am using centos (Linux) for hosting my sites and I am using user defined directory and apache 2.4 version for server.

I was not using .htaccess file in that location, still I was getting this error. Easy solution will be disable .htaccess setting httpd.conf file If we are planning not to use the htaccess file in our project. I found many solutions but that didn’t solved my issue. above issue is specific to file permission.

Permission denied /home/.htaccess pcfg_openfile unable

If it isn’t obvious that .htaccess cannot be read by the server (either 0755 or .htacess and the rest of the tree is in www-data group), search for a higher directory root only onwer:group which does *not* have world execute access.
In order for apache to find a file, it has to search down the tree. It cannot do this if a directory which is root:root does not have global execute access.

I executed following command to change ownership of public_html folder.

chown apache -R /home/purab
usermod -a -G /home/purab apache

After this I restarted my apache server using following command.

/etc/init.d/httpd restart

Using above command, it solved my issue. But purab user cannot edit the files in purab folder. So I used setfacl command.

What is setfacl command?

This utility sets Access Control Lists (ACLs) of files and directories. On the command line, a sequence of commands is followed by a sequence of files (which in turn can be followed by another sequence of commands, …).

The options -m, and -x expect an ACL on the command line. Multiple ACL entries are separated by comma characters (‘,’). The options -M, and -X read an ACL from a file or from standard input. The ACL entry format is described in Section ACL ENTRIES.

Finally I executed following command which solved my issue.

chown purab: /home/purab -R
setfacl -R -m apache:rwx /home/purab

Using above command I kept purab directory permission to purab user again so purab user has all permission of directory. Using setfacl command I given permission to apache user for read, write and execute permission. It worked for me and solved my issue.

install php mysql apache on centos 7

In this tutorial we are going to tell you how to install php mysql apache on centos 7 with very easy and simple steps and guide.
LAMP is becoming more popular these day. Many people are using LAMP for server solutions.

Add EPEL-7 to your linux os with latest phpMyadmin.

rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
Now install mysql-server and client. first became root user and execute following command
yum install mysql-server mysql
mysql_secure_installation

Install Apache2

CentOS 7.0 ships with apache 2.4. Apache2 is directly available as a CentOS 7.0 package, therefore we can install it like this:

yum -y install httpd

By default apache will be installed, but it is not installed then install apache using above command

Start apache and start apache at boot time using following command

systemctl start httpd.service
systemctl enable httpd.service

In CentOS 7.0 uses Firewall-cmd command, so I will customize it to allow external access to port 80 (http) and 443 (https).

firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload

Now direct your browser to http://192.168.0.109.

Install PHP5

yum -y install php php-common phpmyadmin

We must restart Apache afterwards:

systemctl restart httpd.service

Now time to test php and apache version.
The document root of the default website is /var/www/html. We can create info.php file and put in document root folder

vi /var/www/html/info.php

put following code in that file

<?php echo phpinfo(); ?>

Now we call that file in a browser (e.g. http://192.168.0.109/info.php):

Now we can install some useful PHP moduels which can be required for CMS Systems like WordPress, Joomla and Drupal:

yum -y install php-gd php-ldap php-odbc php-pear php-xml php-xmlrpc php-mbstring php-snmp php-soap curl curl-devel

Now restart Apache2:

systemctl restart httpd.service

congrats! now you installed apache, php and mysql on your system. Now you are able to execute any php application on your server.

install apache 2.4, php 5.5 and mysql on centos 6/7

In the article we will tell you to install apache 2.4, php 5.5 and mysql on centos 6/7 with this we will guide you about installing phpmyadmin and related php and mysql modules.

LMAP is becoming more and more popular these days. People are using more vps and dedicated servers for their sites and applications. PHP backend is became more popular so here in this post we will tell you about installation on linux system’s.

Here I am using centos 6 for installation. From sept 2015 php 5.4 is no longer supported by PHP team so people are trying to install PHP 5.5+ version for good security and performance purpose on their linux servers.

install apache 2.4, php 5.5 and mysql on centos 6/7

Install Remi Repository

Remi is a repository where you can find the latest versions of the PHP  in this repository we can find latest programs and dependencies.

# yum update && yum install epel-release
# rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

Enable Remi Repository

Open following remi.repo file and change enabled=0 to 1 for php55 tag. Here we want to install PHP 5.5 version on centos machine.

# vim /etc/yum.repos.d/remi.repo

After opening this file just edit this file and change enabled flag to 1 for php55 section
[remi]
name=Remi's RPM repository for Enterprise Linux 6 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/6/remi/$basearch/
mirrorlist=http://rpms.remirepo.net/enterprise/6/remi/mirror
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi

[remi-php55]
name=Remi's PHP 5.5 RPM repository for Enterprise Linux 6 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/6/php55/$basearch/
mirrorlist=http://rpms.remirepo.net/enterprise/6/php55/mirror
# NOTICE: common dependencies are in "remi-safe"
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
 

Afer enabling remi repository. Now it is time to install PHP and apche and mysql

# yum --enablerepo=remi install httpd mysql mysql-server php php-common mod_php phpmyadmin

Step 4: Installing PHP Modules

Do not forget to accept installation and type Y when you asked while installation.     After installation run following command which will be useful while rebooting server(linux). After rebooting server following service will automatically started.   —— Enable Apache and MySQL on Boot ——

# chkconfig --levels 235 httpd on
# chkconfig --levels 235 mysqld on

—— Start Apache and MySQL ——

# /etc/init.d/httpd start
# /etc/init.d/mysqld start

Verify PHP 5.5

Go to /var/www/html directoy and create file called phpinfo.php using following command.

#vi phpinfo.php

put following code in that file.

<?php echo phpinfo(); ?>

Execute php.info file on your web browser

You can check your installation on command prompt also. For checking php modules use following command.

#Php -m

above command will list all php modules which are installed on your centos machine

Congratulations! Just now you completed your php 5.5, apache and mysql installation on your linux box.

 

How to wordpress secure file upload using apache rules

WordPress tutorial, How to wordpress secure file upload using apache rules, Here we given apache rule for secure your wordpress file upload functionality.

How to wordpress secure file upload using apache rules

Website security is most important point of any website. In wordpress we need to give 777 permission to wp-content/uploads folder. Some time we don’t want to give the 777 (read, write and execute) permission to folder due to security reason but wordpress do not allow you to upload images or media files to uploads folder.

Tip: Do not give 777 permission to wp-content/uploads folder. In stead change user ownership to apache folder.

Security

What you can do is. You can restrict other file types to upload in uploads folder using simple apache rule. following code you can use in .htaccess file.


	Order Allow,Deny
	Deny from all

<FilesMatch ".(jpg|jpeg|jpe|gif|png|tif|tiff)$">
	Order Deny,Allow
	Allow from all

Using above code you can secure your uploads folder and only selected files can be pushed into uploads folder.

How to wordpress secure file upload using apache rules
How to wordpress secure file upload using apache rules

If wordpress site is hacked then how to fix issue

Recently one of my wordpress site is hacked which is on wordpress. There is something wrong happening on server. We fixed issue with some steps, we given full steps for fixing issue. Due to disk I/O notification and CPU usages notification email I got to know.

If wordpress site is hacked then how to fix issue

There is something wrong happening on server.

First thing I did which is checking the apache access logs and error logs. I was getting per second 100 request from some IP addresses.

I stoped apache server and I took my database and filesystem backup. Deleted my admin username and added new administrator with new username.

You should use the Better WP Security wordpress plugin. This is very useful plugin.

iThemes Security (formerly Better WP Security)

I added following code in my .htaccess file

 # BLOCK BAD IPS
 <limit GET POST PUT>
 Order Allow,Deny
 Allow from all
 # uncomment/edit/repeat next line to block IPs
 # Deny from 123.456.789
 Deny from 192.111.152.122
 Deny from 192.111.144.233
 Deny from 110.85.90.123
 </limit>
If wordpress site is hacked then how to fix issue
If wordpress site is hacked then how to fix issue

But above code was still not helpful to me because disk I/O and apache process was taking time to sending the request to 403.

Then I blocked the IP Address on My Linux server using following commands.

 iptables -A INPUT -s 192.111.144.789 -j DROP
 iptables -A INPUT -s 192.111.152.122 -j DROP
 iptables -A INPUT -s 192.119.144.123 -j DROP

This solved my issue.

how to protect your images on wordpress

Question is, how to protect your images on wordpress. Some time back our server got so much load and bandwidth of server is taken by other websites. preventing images from used by other site is important.

how to protect your images on wordpress

we checked the access to log of my site. we saw the request for my site images through other site. I decided to stop that. Earlier I written good article about this.

https://purabtech.in/protect-images-accessing-server-apache/

I written simple rewrite rule with mod_redirection.

Just open your .htaccess file from your root folder and following code in that.

#Replace ?wordpressapi\.com/ with your blog url
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?wordpressapi\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
#Replace /images/nohotlink.jpg with your "don't hotlink" image url
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpg [L]

dont forget to replace your blog name.

 

block spam bot wordpress sites using apache

WordPress tip for security, block spam bot wordpress sites using apache. I faced a lot of issue with spam comments in my blog. Spam-bot sites will just hit. Spam-bot sites will just hit the wp-comments-post.php file and put the comments. Due to this our lot of time get wasted.

block spam bot wordpress sites using apache

Using apache setting you can protect your blog and restrict the spam bot. You need to made changes in your Virtualhost entry or you can change the .htaccess file also.

When a spam-bot comes in, it hits the file directly and usually does not leave a referrer. This allows for some nifty detection and action direct from the server. If you are not familiar with Apache directives, then write the following in your root directory .htaccess file:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
block spam bot wordpress sites using apache
block spam bot wordpress sites using apache

This will:

  1. Detect when a POST is being made
  2. Check to see if the post is on wp-comments-post.php
  3. Check if the referrer is in your domain or if no referrer
  4. Send the spam-bot BACK to its originating server’s IP address.

You just need to change the youdomain.com to your domain address.

This tutorial is written by purabtech.in. If you are having any issue then please write to me on support@purabtech.in

How to remove the AuthType Basic

For putting the web authentication we always use the .htaccess or apache configuration file. For removing the web auth from folder you need put following code in .htaccess file.

 

How to remove the AuthType Basic

<Directory /var/www/html/>
#AuthType Basic
#AuthName "By Invitation Only"
#AuthUserFile /etc/httpd/passwd/passwords
#Require user wpapi
#Require valid-user
</Directory>

<Directory /var/www/html/>
AuthType None
Require all granted
Satisfy Any
</Directory>

without directory use the following code.

#AuthType Basic
#AuthName “By Invitation Only”
#AuthUserFile /etc/httpd/passwd/passwords
#Require user wpapi
#Require valid-user

AuthType None
Require all granted
Satisfy Any

apache redirect one domain to another site

Sometimes we need the redirection rule for your website. When you want to divert your website traffic to another site.

That is very easy to writing or putting the one site to another site redirection rule through apache.

apache redirect one domain to another site

You need to put entry in your virtual host section or if you are having shared hosting then open your .htaccess file and put following entry in that file

Options +FollowSymLinks
RewriteEngine on
RewriteRule (.*) http://www.newdomain.com/$1 [R=301,L]

You just change newdomain.com to your new website name.

apache redirect one domain to another site
apache redirect one domain to another site

How to remove www from URL with nginx server

Nginx web server is becoming most popular in these year. Best server response time and minimum execution time is the advantages of Nginx server. wordpress.com itself using the nginx server for hosting these sites and blogs.

How to remove www from URL with nginx server

How to remove www from URL with nginx server
How to remove www from URL with nginx server

How to remove www from URL with nginx server

Many people want to remove the www from URL. I will tell you the tip how to remove the www from URL with nginx server.

Open your Ngnix configuration file (nginx.conf). Just use following code in server block.

if ($host ~* ^www\.(.*)) {
    set $remove_www $1;
    rewrite ^(.*)$ http://$remove_www$1 permanent;
}

This code will remove the www from the URL.

Here are some useful article about nginx

How to use hosts file on Mac, Windows and Linux
Solved:trailing slash issue with Nginx server