How To Force SVG To Use the Correct Content-Type

Author: erics, April 22nd, 2016

If when trying to use SVG as an image <img src=”image.svg”> or as a CSS background-image, the browser doesn’t display it, your web host is probably serving the SVG with the wrong content-type. Add this to your web server config or .htaccess file: AddType image/svg+xml .svg .svgz

Categories: How-To's, Technology Tags: .htaccess, apache, Background, Content, Content-Type, CSS, howto, html, Image, img, SVG, tips, Type, Web, Web server, XML | No comments

How To Restart Apache Using cron If the Load Gets Too High

Author: erics, February 3rd, 2016

There are times when the hackers slam my servers and the load gets too high. I use a very simple bash script as a cron job to monitor the load and take action when it gets too high. The script will stop httpd, sleep for a configurable period of time (currently 3 minutes), then start […]

Categories: How-To's, Technology Tags: apache, apachectl, bash, Cron, howto, httpd, Restart, tips | No comments

How To Allow Cross-Site Javascript Using Apache

Author: erics, September 24th, 2015

The key is to send a response header like this: Access-Control-Allow-Origin: * In the Apache web server, one enables this via the following directive: Header set Access-Control-Allow-Origin * This requires the use of mod_headers, which is enabled by default in Apache. For example:

LoadModule headers_module modules/mod_headers.so
...
<VirtualHost *:80>
    ServerName www.your.domain
    ServerAlias *your.domain
    DocumentRoot /var/www/yourdomain
    DirectoryIndex index.php index.html
    Header set Access-Control-Allow-Origin *
</VirtualHost>

1

2

3

4

5

6

7

8

9

LoadModule headers_module modules/mod_headers.so

...

ServerName www.your.domain

ServerAlias *your.domain

DocumentRoot /var/www/yourdomain

DirectoryIndex index.php index.html

Header set Access-Control-Allow-Origin *

</VirtualHost>

Categories: How-To's, Technology Tags: Access-Control-Allow-Origin, ajax, apache, cross, cross-site, cross-site javascript, headers, howto, http, javascript, Load, mod_headers, tips, xsite | No comments

How To Auto-Restart Apache If the Load Gets Too High

Author: erics, September 15th, 2015

The script to check and restart apache…works on CentOS – YMMV!

#!/bin/bash
MAXLOAD=6
check=$(uptime | awk -F'average: ' '{print $2}' | awk '{print $1}' | tr -d ',')
if [[ $check > $MAXLOAD ]]; then
	/sbin/service httpd stop
	HOST=`hostname`
	echo $HOST | mailx -s "$HOST load alert - apache STOPPED by cron script" load.alert@your.domain
	sleep 300
	/sbin/service httpd start
	echo $HOST | mailx -s "$HOST load alert - apache STARTED by cron script" load.alert@your.domain
fi

1

2

3

4

5

6

7

8

9

10

11

#!/bin/bash

MAXLOAD=6

check=$(uptime | awk -F'average: ' '{print $2}' | awk '{print $1}' | tr -d ',')

if [[ $check > $MAXLOAD ]]; then

/sbin/service httpd stop

HOST=`hostname`

echo $HOST | mailx -s "$HOST load alert - apache STOPPED by cron script" load.alert@your.domain

sleep 300

/sbin/service httpd start

echo $HOST | mailx -s "$HOST load alert - apache STARTED by cron script" load.alert@your.domain

fi

Add to cron * * * * * /root/restart_apache_if_load_hits_threshold.sh >> /var/log/restart_apache_if_load_hits_threshold.log 2>&1

Categories: How-To's, Technology Tags: apache, AWK, bash, CentOS, howto, httpd, Load, load average, Restart, Stop, tips, Uptime | No comments

How To Use Apache Scalp Log Analyzer to Catch Website Attacks

Author: erics, August 31st, 2015

Requires Python! Scalp Home https://code.google.com/p/apache-scalp/ Download Scalp: https://code.google.com/p/apache-scalp/downloads/detail?name=scalp-0.4.py Backup Link: http://www.wyzaerd.com/scalp/scalp-0.4.py Original (Broken) XML Rules File: https://dev.itratos.de/projects/php-ids/repository/raw/trunk/lib/IDS/default_filter.xml Fixed XML Rules File: http://www.wyzaerd.com/scalp/default_filter.xml To Fix the XML file: Replace: (?:all|distinct|[(!@]*)? with (?:all|distinct|[(!@]+)? and: (?i:(\%SYSTEMROOT\%)) with (?:(\%[sS][yY][sS][tT][eE][mM][rR][oO][oO][tT]\%)) Examples:

./scalp-0.4.py -f ./default_filter.xml -o ./scalp-output -l /var/log/httpd_log --html
./scalp-0.4.py -f ./default_filter.xml -o . -l /var/www/cust1/logs/access.log.1440892800

1 2	./scalp-0.4.py -f ./default_filter.xml -o ./scalp-output -l /var/log/httpd_log --html ./scalp-0.4.py -f ./default_filter.xml -o . -l /var/www/cust1/logs/access.log.1440892800

Current options: exhaustive: Won’t stop at the first pattern matched, but will test all the patterns tough: Will […]

Categories: How-To's, Technology Tags: Analyze, apache, Attack, Detection, hack, Hackers, howto, IDS, Intrusion, Intrusion Detection, Log, Logs, Python, Scalp, tips | No comments

How to Install Apache mod_evasive on AWS Linux/CentOS

Author: erics, July 26th, 2014

I was getting tired of using iptables to block the various hackers and bots constantly slamming my servers (the Chinese are the worst offenders by far – curse them!). I found the Apache module mod_evasive and installed it. Here are links to various articles about mod_evasive: http://www.zdziarski.com/blog/?page_id=442 https://coderwall.com/p/eouy3g http://www.crucialp.com/resources/tutorials/server-administration/flood-protection-dos-ddos-protection-apache-1.3-2.0-mod_dosevasive-avoiding-denial-of-service-attacks.php Add the Module to Apache I […]

Categories: How-To's, Technology Tags: apache, Attack, AWS, AWS Linux, CentOS, DDOS, Defend, dos, evasive, http, mod_evasive, Web | No comments

How To Protect a Single File in Apache

Author: erics, June 30th, 2013

In order to protect a file, just replace the Directory directive with Files:

<Files wp-login.php>
    AuthType Basic
    AuthName "Protected Access"
    AuthUserFile /var/www/yourname/.htpasswd
    Require valid-user
</Files>

1

2

3

4

5

6

AuthType Basic

AuthName "Protected Access"

AuthUserFile /var/www/yourname/.htpasswd

Require valid-user

</Files>

Categories: How-To's, Technology Tags: apache, Auth, Authentication, AuthType, Basic, File, Files, howto, htpasswd, Protect, tips | No comments

How To Find the Complete Page URL in PHP

Author: erics, October 25th, 2012

$URL   = 'http';
if ($_SERVER["HTTPS"] == "on") {
    $URL   .= "s";
}   
$URL   .= '://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];

1

2

3

4

5

$URL = 'http';

if ($_SERVER["HTTPS"] == "on") {

$URL .= "s";

}

$URL .= '://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];

Categories: How-To's, Technology Tags: $_SERVER, apache, howto, HTTP_HOST, php, REQUEST_URI, Server, tips, URL | No comments

How To Fix SUEXEC Warnings After Yum Update On AWS Linux

Author: erics, March 3rd, 2012

After a recent yum update I started getting the following errors when starting Apache: Warning: SuexecUserGroup directive requires SUEXEC wrapper. It turns out that the permissions for suexec need to be reset: chmod 4111 /usr/sbin/suexec

Categories: How-To's, Technology Tags: Amazon, apache, Apache2, AWS, chmod, howto, Linux, SuExec, SuexecUserGroup, tips, Warning, wrapper | No comments

How To Make SEO-Friendly URLs Using Apache mod_rewrite And PHP

Author: erics, December 15th, 2011

Below information copied without permission from Josh Sharp’s site because it is too valuable to lose – great work Josh, and THANKS!

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]

1

2

3

4

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-d

RewriteCond %{REQUEST_FILENAME} !-f

RewriteRule ^(.*)$ index.php?url=$1 [QSA,L]

Note: Only rewrite if the requested file is not an existing directory (-d) or a file (-f)

	include('app/classes.php');
	include('app/app.php');
	
	//init our app
	$App = new App;
	
	//grab the mod_rewrite url
	$url = $_REQUEST['url'];
	
	//if the url is empty then the user has navigated just to root
	if ($url == ''){

		//start with default controller
		$App->setController('home');

	} else {
		//grab each part of our URL - controller, action, and identifier
		$path = explode('/',$url,3);
		
		//pass these onto the app to handle
		$App->setController($path[0],$path[1],$path[2]);
	}

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

include('app/classes.php');

include('app/app.php');

//init our app

$App = new App;

//grab the mod_rewrite url

$url = $_REQUEST['url'];

//if the url is empty then the user has navigated just to root

if ($url == ''){

//start with default controller

$App->setController('home');

} else {

//grab each part of our URL - controller, action, and identifier

$path = explode('/',$url,3);

//pass these onto the app to handle

$App->setController($path[0],$path[1],$path[2]);

}

Categories: How-To's, Technology Tags: apache, mod_rewrite, module, Path, php, Rewrite, SEO, URL | No comments

How To Force SVG To Use the Correct Content-Type

How To Restart Apache Using cron If the Load Gets Too High

How To Allow Cross-Site Javascript Using Apache

How To Auto-Restart Apache If the Load Gets Too High

How To Use Apache Scalp Log Analyzer to Catch Website Attacks

How to Install Apache mod_evasive on AWS Linux/CentOS

How To Protect a Single File in Apache

How To Find the Complete Page URL in PHP

How To Fix SUEXEC Warnings After Yum Update On AWS Linux

How To Make SEO-Friendly URLs Using Apache mod_rewrite And PHP

Our Link Network

Business

Client Websites

Fine Dining

Friends & Family

Galleries

Health

Resources

Technology

Travel

The Archives

Latest Ramblings…

Various Topics of No Interest