Search Results

Subversion on Plesk

Installing Subversion on Plesk Servers with http authentication ————————————— yum install subversion mod_dav_svn service httpd restart cd /var/www/vhosts/ vi vhost.conf : <Location /repos> DAV svn SVNPath /var/www/vhosts/ AuthType Basic AuthName “ repository” AuthUserFile /var/www/vhosts/ Require valid-user </Location> cd .. mkdir svn cd svn svnadmin create repos htpasswd -c htpasswd ftpuser cd .. chown -R ftpuser:apache […]

Load Balanced Linux Web Cluster

Another example of a load balanced apache cluster, this time active-active using Pacemaker/Corosync/ldirectord. This example is using CentOS. – fixed IP of server1 – fixed IP of server 2 – apache site 1 (virtual IP) – apache site 1 server 1 – apache site 1 server 2 – apache […]

Configuring MySQL over SSL for client connections

Useful for setting up encrypted connections between client and server.  Parts of this can be substituted if you wished to get a certificate issued from a trusted CA. 1. Check that SSL has been compiled in MySQL on the server: SHOW VARIABLES LIKE ‘have_openssl’; or mysql –ssl –help If it says disabled or yes then […]

PHP sends mail as anonymous@servername

The from address is not enforced.  This can cause some PHP formmail script emails to be treated as spam.  Fix: 1) add a -f(sender address) parameter: mail($to, $subject, $message, $headers, ‘’); 2) add a Return-Path header: mail($to, $subject, $message, ‘Return-Path:\r\nFrom:’); Qmail is *meant* to check for the from address field in Sender, From, […]

Plesk for Linux – PCI Compliance

Courier Weak SSL Ciphers and SSLv2 The most common flaw uncovered by a PCI compliance scan is that a service is allowing SSL connections using weak SSL ciphers. Disable SSLv2 in Courier by adding the following line to both /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl: TLS_CIPHER_LIST=”HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH” After restarting Courier, test with openssl to confirm SSLv2 has been disabled […]