php -q ai-bolit.php
Segmentation fault
Fix to disable opcache:
php -n -d extension=/usr/lib64/php/modules/opcache.so -q /root/ai-bolit/ai-bolit.php /some/path/to/scan
ai-bolit segmentation fault
Leave a reply
Author Archives: Vitalijus Ryzakovas
Invalid command ‘SetEnv’ cPanel
yum install ea-apache24-mod_env
enable php selector set to inherit
for i in $(cut -d: -f1 /etc/userdatadomains );do whmapi1 php_set_vhost_versions version=inherit vhost-0=$i;done
remi repo centos 8
dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
dnf install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
dnf module install php:remi-7.2
ssh-keygen secure
Curve cryptography with ed25519:
ssh-keygen -t ed25519 -a 100 -f ~/.ssh/id_ed25519 -q
or old way:
ssh-keygen -t rsa -b 4096 -o -a 100
openssl self signed certificate without passphrase
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 10000 -nodes
litespeed WebP support for GD prestashop
Assuming you are using PHP 7.2 version standalone or with cyberpanel and you need add WebP support:
yum install -y lsphp72-devel gcc libjpeg-turbo-devel libpng-devel libXpm-devel freetype-devel libwebp-devel
wget https://www.php.net/distributions/php-7.2.24.tar.gz
tar xzvf php-7.2.24.tar.gz
cd php-7.2.24
cd ext/gd
/usr/local/lsws/lsphp72/bin/phpize
/usr/local/lsws/lsphp72/bin/php-config
./configure --with-php-config=/usr/local/lsws/lsphp72/bin/php-config --with-webp-dir=/usr/include/webp --with-freetype-dir=/usr/include/freetype2/freetype --with-jpeg-dir=/usr/include --with-png-dir=/usr/include --with-xpm-dir=/usr/include
make
make install
pkill lsphp
This works for Google webP Image Converter Module
fsck progress
e2fsck -v -C 0 /dev/sdc
e2fsck 1.41.12 (17-May-2010)
/dev/sdc has gone 215 days without being checked, check forced.
Pass 1: Checking inodes, blocks, and sizes
/dev/sdc: |==== – 7.8%
Restarting network (via systemctl): Job for network.service canceled
service network restart
Restarting network (via systemctl): Job for network.service canceled.
[FAILED]
systemctl restart network
Job for network.service canceled.
If cyberpanel server network is down (venet0:
vi /etc/fstab
#/usr/.tempdisk /tmp ext4 loop,rw,noexec,nosuid,nodev,nofail 0 0
#/tmp /var/tmp none bind 0 0
service network restart
Restarting network (via systemctl):
[ OK ]
monitor and block syn flood
Can help prevent SYN flood DDoS attack
[Mon Nov 4 17:35:53 2019] possible SYN flooding on ctid 0, port 465. Sending cookies.
[Mon Nov 4 19:23:41 2019] possible SYN flooding on ctid 0, port 25. Sending cookies
cat > SYN_RECV.sh << "END"
#!/bin/bash
netstat -natp | grep SYN_RECV | sort | awk '{ print $5 }' | sort | cut -d ":" -f1 | uniq -c | awk '{if ($1>100) system("iptables -I INPUT -s "$2" -j REJECT")}'
END
#ANsible copy and add to cron:
ansible -i inv.txt cpa -m copy -a "src=SYN_RECV.sh dest=/root/bin/SYN_RECV.sh mode=755 owner=root group=root"
ansible -i inv cpa -m cron -a "name=SYN_BLOCK job=/root/bin/SYN_RECV.sh user=root"
remove image details linux
Remove EXIF info in you don’t want share it:
mogrify -strip ./some_image.jpg
docker file stdout
cd /var/log/apache2
lrwxrwxrwx 1 root root 11 Feb 17 2018 access.log -> /dev/stdout
lrwxrwxrwx 1 root root 11 Feb 17 2018 error.log -> /dev/stderr
It means you can get logs records from host node:
tailf /var/log/messages
docker prestashop install
docker run -ti --name some-mysql2 --network prestashop-net -e MYSQL_ROOT_PASSWORD=admin -e MYSQL_DATABASE=prestashop -e MYSQL_ROOT_HOST=% -p 3308:3306 -d mysql:5.7
docker run -ti --name presta1 --network prestashop-net -e DB_SERVER=172.18.0.3 -e PS_DEV_MODE=true -e PS_INSTALL_AUTO=1 -p 8080:80 -d prestashop/prestashop:1.7-7.0
That will run auto install on presta1:
/bin/sh /tmp/docker_run.sh
php /var/www/html/install/index_cli.php –domain=172.18.0.4 –db_server=172.18.0.3:3306 –db_name=prestashop –db_user=root –db_password=admin –prefix=ps_ –firstname=John –lastname=Doe –password=prestashop_demo –email=demo@prestashop.com –language=en –country=gb –newsletter=0 –send_email=0
parts of page are not secure
Finf url without SSL:
wget -q https://www.srv24x7.com -O - | tr "\t\r\n'" ' "' | grep -i -o '
dynamic SSH port forwarding
ssh -f -N -D 1080 user@some.remote.server
curl -x socks5h://localhost:1080 http://www.srv24x7.com/