Sunday, April 22, 2012

Disable Directory Listing In Apache Webserver/HTTPD

Disabling Directory Listing is one of the important security measure you can take. Consider a config as:
Options Indexes FollowSymLinks MultiViews
Remove "Indexes" from that line so that it looks like:
Options FollowSymLinks MultiViews

Sunday, April 15, 2012

Blogging with Wordpress in Cloud with OpenShift

From Official OpenShift homepage,
OpenShift is Red Hat's Cloud Computing Platform as a Service (PaaS) offering. OpenShift is an application platform in the cloud where application developers and teams can build, test, deploy, and run their applications. OpenShift takes care of all the infrastructure, middleware, and management and allows the developer to focus on what they do best: designing and coding applications.

Running Wordpress on OpenShift is easy. Here are the steps:

Register for an account at: https://openshift.redhat.com/app/account/new
Install Client Tools:
  • For Debian-based systems including Ubuntu, issue the following commands:
    # apt-get install ruby rubygems rhc
    
    If 'rhc' is unavailable, do this:
    # gem install json_pure
    # gem install rhc
    
  • For RPM based systems:
    # wget -O openshift.repo https://openshift.redhat.com/app/repo/openshift.repo
    # mv openshift.repo /etc/yum.repos.d/
    # yum install rhc
    # rm -f openshift.repo
    
Create Domain name (Namespace):
# rhc domain create -n  -l <emailaddress>
This domain is a third level domain. Any new application will inherit this domain name. Use the email address you used to sign up with OpenShift.

Create a new application:
# rhc app create -a wordpress -t php-5.3
Add MySQL Cartridge and PhpMyAdmin to application:
# rhc app cartridge add -a wordpress -c mysql-5.1
# rhc-ctl-app -e add-phpmyadmin-3.4 -a wordpress
You can now access PhpMyAdmin from http://wordpress-<domain>.rhcloud.com/phpmyadmin Note the username, password and host details.

Add Official Wordpress Bundle to Repository:
# cd wordpress/php 
# wget -O latest.tar.gz http://wordpress.org/latest.tar.gz
# tar -xf latest.tar.gz
# rm -f latest.tar.gz
# cd wordpress
# mv * ../
# cd ..
# git add .
# git commit -m "Initial Push"
Now, if you head over to http://wordpress-<domain>.rhcloud.com, you should see Wordpress complaining about 'wp-config.php'. Now, all you have to do is to modify 'wp-config' and add MySQL details from preceding cartridge command. Then,
# git commit -a -m "Edited wp-config.php"
Use your own domain name: To use your own domain name (assuming www.example.com),
# rhc-ctl-app -c add-alias --alias www.example.com -a wordpress
To get this domain working, add a CNAME record for www.example.com to wordpress-<domain>.rhcloud.com . DNS propagation may take some time. Key to win is patience.

Permanent file uploads: By default, all changes are lost when you push a git repository.
The OPENSHIFT_DATA_DIR and OPENSHIFT_TMP_DIR are designed as file system locations for data written/read by the application.
So, to preserve uploads, here is a workaround by adding following lines to wordpress/.openshift/action_hooks/build:
if [ ! -d $OPENSHIFT_DATA_DIR/uploads ]; then
    mkdir $OPENSHIFT_DATA_DIR/uploads
fi
 
ln -sf $OPENSHIFT_DATA_DIR/uploads $OPENSHIFT_REPO_DIR/php/wp-content/
This creates a symbolic link to Wordpress 'wp-content' directory. It's done. You are now blogging on Cloud. Pick up some words and let it flow around in your blog.

Tuesday, April 10, 2012

Viewing Binded Ports On Linux

Do this:
lsof -i :<port>
For example, to view HTTPS bindings,
lsof -i :443

Redirect Non-SSL requests to SSL on Nginx without Redirect Loop

Add these lines to your Nginx server{} block:
if ($scheme = "http") { rewrite ^ https://$server_name$request_uri? permanent; }

There is another way to do the same thing as:
if ($ssl_protocol = "") { rewrite ^ https://$server_name$request_uri? permanent; }

Decrease NSD Memory Consumption

Add the following lines on file /etc/nsd3/nsd.conf:
ip4-only: yes
tcp-count: 10
server-count: 1

Monday, April 2, 2012

Reviewing a Xen PV VPS

This is the first time experience with XEN PV VPS. Looking at it, I found it much more better than openVZ ones. Here are some tests I have performed:
Network Tests
# wget  http://dl.dropbox.com/u/44794654/bench.sh -O - -o /dev/null|bash
System uptime :   15 min,       
Download speed from CacheFly: 11.0MB/s 
Download speed from Linode, Atlanta GA: 11.24MB/s 
Download speed from Linode, Dallas, TX: 16.0MB/s 
Download speed from Linode, Tokyo, JP: 6.11MB/s 
Download speed from Linode, London, UK: 9.16MB/s 
Download speed from Leaseweb, Haarlem, NL: 8.37MB/s 
Disk IO Tests
# dd if=/dev/zero of=test bs=16k count=64k conv=fdatasync;rm -f test
65536+0 records in
65536+0 records out
1073741824 bytes (1.1 GB) copied, 17.7806 s, 60.4 MB/s
Disk IO Latency Test
# wget http://ioping.googlecode.com/files/ioping-0.6.tar.gz
# tar xvf ioping-0.6.tar.gz
# cd ioping-0.6/
# make
# ./ioping .
4096 bytes from . (ext3 /dev/root): request=1 time=21.6 ms
4096 bytes from . (ext3 /dev/root): request=2 time=15.0 ms
4096 bytes from . (ext3 /dev/root): request=3 time=17.5 ms
4096 bytes from . (ext3 /dev/root): request=4 time=32.7 ms
4096 bytes from . (ext3 /dev/root): request=5 time=3.4 ms
4096 bytes from . (ext3 /dev/root): request=6 time=12.9 ms
4096 bytes from . (ext3 /dev/root): request=7 time=47.6 ms
4096 bytes from . (ext3 /dev/root): request=8 time=67.3 ms
4096 bytes from . (ext3 /dev/root): request=9 time=21.5 ms
4096 bytes from . (ext3 /dev/root): request=10 time=1.0 ms
4096 bytes from . (ext3 /dev/root): request=11 time=11.4 ms
4096 bytes from . (ext3 /dev/root): request=12 time=25.1 ms
4096 bytes from . (ext3 /dev/root): request=13 time=32.7 ms
4096 bytes from . (ext3 /dev/root): request=14 time=9.3 ms
4096 bytes from . (ext3 /dev/root): request=15 time=14.0 ms
4096 bytes from . (ext3 /dev/root): request=16 time=20.7 ms
4096 bytes from . (ext3 /dev/root): request=17 time=0.7 ms

--- . (ext3 /dev/root) ioping statistics ---
17 requests completed in 17096.6 ms, 48 iops, 0.2 mb/s
min/avg/max/mdev = 0.7/20.8/67.3/16.5 ms
Links:
VPSNode Homepage