systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system.
The key commands or arguments you will use with systemctl are the following:
list-units [PATTERN...] List loaded units
I have a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).
Here's what I did:
[root@compevo8001 dllnow]# ls -alh
drwxrwxr-x 2 someuser software 4.0K Oct 19 2017 ExpireYMD-2017-11-20
drwxrwxr-x 2 someuser software 4.0K Nov 19 2017 ExpireYMD-20........
Almost always the reason will be that the php.so file is missing but also that php.conf is misconfigured.
In the problem machine it is actually PHP 7 installed so if you reference PHP 5 of course things wil be broken!
Take for example here:
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamica........
PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/geoip.so' - /usr/lib64/php/modules/geoip.so: undefined symbol: GeoIP_country_code_by_name_v6 in Unknown on line 0
Comment out the .so like so:
service httpd restart........
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/httpd/modules/libphp5.so: cannot open shared object file: No such file or directory
This is basically caused by the PHP module specified in php.conf being non existent. The error tells us it couldn't fnd /etc/httpd/modules/libphp5.so........
The solution is just to install libmicrohttpd-dev
./xmr-stak: error while loading shared libraries: libmicrohttpd.so.10: cannot open shared object file: No such file or directory
libmicrohttpd10 - library embedding HTTP server functionality
libmicrohttpd-dbg - library embedding HTTP server functionality (debug)
libmicrohttpd-dev - library embedding HTTP server functionality (development)
$ sudo apt-get i........
sudo apt-get install libcurl4-openssl-dev git build-essential autotools-dev autoconf libcurl3
sudo apt-get install libcurl4-gnutls-dev
git clone https://github.com/wolf9466/cpuminer-multi
sudo apt-get install cmake libpthread-* libmicrohttpd-dev libssl-dev libhwloc-dev
git clone https://github.com/fireice-uk/xmr-stak-cpu.git
chmod +x xmr-stak-cpu
./xmr-stak -O xmr........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
First of all download the raw .so file from zend:
Copy the one relevant to your PHP version to /usr/lib64/php/modules/
eg.: cp ioncube_loader_lin_5.3.so /usr/lib64/php/modules/
Then in your /etc/php.d/ directory create the file:
zend_extension = /usr/lib64/php/modules/ioncube_loader_lin_5.3.so
After that restart apache/httpd and you'll be good to go!........
This is one thing that has me wondering about SMF. It is apparently a known issue but in the latest version and new install nothing looked right because it was using http://127.0.0.1 to find everything! How on earth would it ever do this or think it is normal?
Excerpt of crazy html code it produces that causes the issue:
<link rel="stylesheet" type="text/css&qu........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
Normally when I've seen this it's when you are using a variable like a normal string when in fact it's actually an array such as this example:
[Tue Mar 13 04:22:35 2018] [error] PHP Catchable fatal error: Object of class WP_Term could not be converted to string in /vhost/httpdocs/wp-content/plugins/wp-instagram-post/classes/class-woo-igp.php on line 578
Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).
In the Apache vhost conf for the domain here is what you add:
Here is a full example of an SSL Vhost config in Apache using a CA Certificate file
Stopping httpd: [ OK ]
Starting httpd: httpd: Syntax error on line 221 of /etc/httpd/conf/httpd.conf: Syntax error on line 6 of /etc/httpd/conf.d/php.conf: Cannot load /etc/httpd/modules/libphp5.so into server: /etc/h........
Compiled in modules:
It is "prefork.c" so in httpd.conf these settings are what you would use (if you use worker.c it won't have any impact):
Add this to the .htaccess file
AddType application/x-httpd-php .html .htm
#wrong (won't work in many cases):
AddHandler application/x-httpd-php5 .html .htm........
[Thu Jan 26 14:13:31 2017] [notice] caught SIGTERM, shutting down
[Thu Jan 26 14:14:00 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:00 2017] [error] Server certificate is expired: 'Server-Cert'
[Thu Jan 26 14:14:00 2017] [notice] SSL FIPS mode disabled
[Thu Jan 26 14:14:07 2017] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jan 26 14:14:07 2017] [error] Server certificate is expired: 'Server-Ce........
Many users still are not aware but simply patching OpenSSL does not secure you against many known and easy to exploit attacks that will render your encryption useless by an attacker.
Use the following setings in /etc/httpd/conf.d/ssl.conf
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !........
PHP Fatal error: PHP Startup: apc_shm_create: shmget(0, 67108864, 914) failed: Invalid argument. It is possible that the chosen SHM segment size is higher than the operation system allows. Linux has usually a default limit of 32MB per segment. in Unknown on line 0
PHP Fatal error: PHP Startup: apc_shm_attach: shmat failed: in Unknown on line 0
This error is not at all fun because it actually prevents Apache/httpd from starting or working at all. It will........
Stopping httpd: [ OK ]
Starting httpd: [Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
[Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on........
There was only one solution here and it was the following:
Comment the lines for the Mime Magic Module:
# MIMEMagicFile /usr/share/magic.mime
# MIMEMagicFile conf/magic
*Don't forget to restart Apache and clear your browser cache twice
I was using DefaultType and ForceType a........
When you start uploading larger images in Wordpress you have to make sure your maximum attachment size is large enough and that the execution time is not too short:
[Thu May 12 16:32:25 2016] [error] [client 10.10.5.2] PHP Fatal error: Maximum execution time of 30 seconds exceeded in /httpdocs/blog/wp-includes/class-wp-image-editor-gd.php on line 182
Solution Edit p........
Stopping httpd: [FAILED]
Starting httpd: httpd: Syntax error on line 73 of /etc/httpd/conf/httpd.conf: Cannot load /etc/httpd/modules/mod_file_cache.so into server: /etc/httpd/modules/mod_file_cache.so: cannot open shared obje........
This is a simple fix but not a simple problem and it still doesn't make sense to me.
But in a nutshell if your target proxy server works fast when accessing directly over SSL then this may be your issue.
It seems SSL does not play nicely when the target proxy destination/host has a riduculously long key (such as 8192 bits long). Now this is normally not a problem, in fact the target server could be accessed with hardly any delay directly despite such a long key.........
There are a few ways of doing this and all basically involve using the reverse proxy or "ProxyPass" feature of Apache to accomplish it.
1.) Create a normal vhost and simply symlink the root directory of the site you want to mirror.
Eg. originalsite.com and newsite.com
You would symlink like this:
ln -s /vhosts/originalsite.com/httpdocs vhosts/originalsite.com/........
sudo apt-get install zoneminder
[sudo] password for one:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
libuser-perl python-evince kdebase-apps kwrite unixodbc
libgnomeprint2.2-data python-soappy vgabios python-metacity hddtemp
root@hkhosting [/]# service httpd start
Starting httpd: Syntax error on line 2 of /etc/httpd/conf/httpd.conf:
Invalid command 'Alias', perhaps misspelled or defined by a module not included in the server configuration
It's not as simple as "yum install" as you can see below and it doesn't stop there.
yum install php53
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* rpmforge: mirror.us.leaseweb.net
* extras: centos.mirror.rafal.ca
* updates: centos.mirror.nexicom.net
* base: centos.mirror.nexicom.net
* addons: centos.mirror.nexicom.net
Setting up Install Process........
[Wed Jan 08 18:50:07 2014] [emerg] (28)No space left on device: Couldn't create accept lock (/etc/httpd/logs/accept.lock.15449) (5)
This may happen when trying to restart Apache and you find it dies right after starting and check /var/log/httpd/error_logs.
What is the cause of this?
You could be out of disk space (if you're not then see #2 and below)
You're out of Semaphores, you need to kill all the old ones.........
Add this to a new ".htaccess" file inside the directory where the .html resides:
AddType application/x-httpd-php .php .html........
Linux box13. 2.6.32-042stab076.5 #1 SMP Mon Mar 18 20:41:34 MSK 2013 x86_64 x86_64 x86_64 GNU/Linux
even setting privvmpages to a specific setting DOES not affect "free -m" in containers.
This is probably a kernel issue
23:36:29 up 159 days, 7:12, 4 users, load average: 0.42, 0.44, 0.33
[root@box13 ~]# free -m
Add this to htaccess:
After that people will be able to browse files and directories of your site.........
I read this article and still don't understand the issue.
If I understand correctly the client negotiates after the first SSL connection and then gets the correct hostname and thus correct certificate.
To their credit I know I'm not using SNI becuase I get this message in the Apache log :)
[warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
Change the following from "Listen 443" to something like below
Then find the SSL Virtual Host Context and edit like below (to your new listening port)
## SSL Virtual Host Context
This is a handy link and list of all the relevant Directadmin log files and related servers.
Step #1 - Create Wrapper Script
//changed by realtechtalk.com to make the log readable
This script is a sendmail wrapper for php to log calls of the php mail() function.
Author: Till Brehm, www.ispconfig.org
(Hopefully) secured by David Goodwin <david @ _palepurple_.co.uk>
* All parts have been installed *
(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
This will even trip you up if you have a service like monit to save you if httpd crashes. The only way to fix this is to either wait (it's not an option for production situations) or to kill the ghost httpd processes that wouldn't gracefully close:
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Deny from all
I was getting frustrated with trying to write a simple URL like this:
I used the htaccess code like this:
Rewriterule ^example-withdash$ / [R=301]
I also tried escaping the dash which I thought should have treated it as a literal but that didn't work either:
Rewriterule ^example-withdash$ / [R=301]
But it wouldn't work, apparently the "-" dash means don't substitute,........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is the ONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
find what MPM Apache is using, it will either be using "worker" or "prefork"
Compiled in modules:
In my case it is "prefork"
Find the section that looks like this (by default one will normally exist for prefork and for worker, but in my case I only care a........
You don't have permission to access / on this server.
[Sun Jan 23 15:28:12 2011] [crit] [client 184.108.40.206] (13)Permission denied: /www/vhosts/domain.com/httpdocs/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
I've done a chmod 755 .htaccess and index.php and restarted Apache
That wasn't the only issue, the issue was the httpdocs direc........
php won't work with absolute links
Warning: imagecreatefromgif(/images/header.gif): failed to open stream: No such file or directory in /vhostsdir/httpdocs/images.php on line 15
That is how my path is structured and ONLY likes the true full path as /vhostsdir/httpdocs/images/header.gif
Why can't it work relative to the vhost directory with absolute links just like say an html link would.........
Failed to save enabled features : The Suexec command on your system is configured to only run scripts under /var/www, but the Virtualmin base directory is /home. CGI and PHP scripts run as domain owners will not be executed.
This is because I never edited the Apache Config and Virtualmin config to reflect my new/current updated structure.........
Always make a backup of the original file before trying this, I find this kind of thing when updating IPs etc.. to use a script.
Where the old IP is "192.168.5.8" and the new IP is "10.10.5.8"
sed -i s/192.168.5.8/10.10.5.8/g testdomain.org.db
The -i with sed means "inline" meaning we edit the file directly, but without the -i we could just use > and output the results to another file or do whatever else we wanted.........
I wasted a lot of time wondering why I could never find those packages.
Check the /etc/yum.conf file and at the bottom look for the "exclude=" line.
Below is what I found in mine
exclude=apache* httpd* mod_* mysql* MySQL* da_* *ftp* exim* sendmail* php* bind-chroot*
Just remove those entries or uncomment that line and you'll get access to the missing applications.........
RemoveHandler .html .htmAddType application/x-httpd-php .php .htm .html Just add the above into the .htaccess file for your website. Also remember that you need to be allowed to override the Apache and this should go into the vhost for your site as shown below:
# you need the AllowOverride otherwise .htaccess directives will be ignored<Directory "/www/vhosts/complaintdb.com/httpdocs">Options FollowSymLinksAllowO........
There is actually by default a "Default SSL" vhost that can mess things up for you and can cause surprising and unexpected results.
Default Apache SSL Cert
in /etc/httpd/conf.d/ssl.conf there is a default SSL Virtual Host which screws things up by offering itself instead of the SSL cert I specify in my own vhosts........
Shortcut/Easiest Way To Create A Self-Signed Key:
openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key
Using the above, you instantly create a self-signed certificate valid for 1530 days and you can simply skip to step #5.) below.
If You Need a Real SSL Certificate (eg. Equifax/Openssl) then you need to create a CSR request (you'll need to follow Steps 1.) and 2.) in order to create the CSR. You then upload the CSR Certi........
Have you ever seen this dreaded message in your Apache/HTTPD /var/log/httpd/error_log?
[error] server reached MaxClients setting, consider raising the MaxClients setting
The error itself is slightly misleading. I believe this happened to one of my servers, I found Apache was running still, and that you could telnet to port 80 but no respnose would be given.
For some reason my error log initially did not have the above error, but after a restart I saw........
I was getting very frustrated one day wondering why it appeared my .htaccess file was being ignored and not processed by Apache. No matter what I did it was obvious that Apache didn't care about my .htaccess file. Then I realized that the default settings must be in effect, which is that my vhost didn't explicitly allow me to override the default settings.
This usually comes down to your vhost settings. Make sure you have an entry like this in your Apache vhost settings in........