Search Results

Subversion on Plesk

Installing Subversion on Plesk Servers with http authentication ————————————— yum install subversion mod_dav_svn service httpd restart cd /var/www/vhosts/mydomain.com/conf/ vi vhost.conf : <Location /repos> DAV svn SVNPath /var/www/vhosts/mydomain.com/svn/repos AuthType Basic AuthName “mydomain.com repository” AuthUserFile /var/www/vhosts/mydomain.com/svn/htpasswd Require valid-user </Location> cd .. mkdir svn cd svn svnadmin create repos htpasswd -c htpasswd ftpuser cd .. chown -R ftpuser:apache […]

Load Balanced Linux Web Cluster

Another example of a load balanced apache cluster, this time active-active using Pacemaker/Corosync/ldirectord. This example is using CentOS. 10.11.1.40 – fixed IP of server1 10.11.1.41 – fixed IP of server 2 10.11.1.80 – apache site 1 (virtual IP) 10.11.1.50 – apache site 1 server 1 10.11.1.51 – apache site 1 server 2 10.11.1.90 – apache […]

Configuring MySQL over SSL for client connections

Useful for setting up encrypted connections between client and server.  Parts of this can be substituted if you wished to get a certificate issued from a trusted CA. 1. Check that SSL has been compiled in MySQL on the server: SHOW VARIABLES LIKE ‘have_openssl’; or mysql –ssl –help If it says disabled or yes then […]

PHP sends mail as anonymous@servername

The from address is not enforced.  This can cause some PHP formmail script emails to be treated as spam.  Fix: 1) add a -f(sender address) parameter: mail($to, $subject, $message, $headers, ‘-fsomeone@somewhere.com’); 2) add a Return-Path header: mail($to, $subject, $message, ‘Return-Path: someone@somewhere.com\r\nFrom: someone@somewhere.com’); Qmail is *meant* to check for the from address field in Sender, From, […]

Plesk for Linux – PCI Compliance

Courier Weak SSL Ciphers and SSLv2 The most common flaw uncovered by a PCI compliance scan is that a service is allowing SSL connections using weak SSL ciphers. Disable SSLv2 in Courier by adding the following line to both /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl: TLS_CIPHER_LIST=”HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH” After restarting Courier, test with openssl to confirm SSLv2 has been disabled […]