When I access this file through a browser i can't see any output:
http://my.url/dummy.php results in a blank page that loads in no time! No error messages, neither output by the browser or in the log files (php.log and LightTPD's error.log).
When I use the terminal on the servern it all works fine:
php /path/to/wwwroot/dummy.php gives me the working directory. Doesn't matter from which working directory I execute the command, or which user (I've tried the LightTPD user aswell). It works every time!
safe_mode is off and there are no disabled_functions!
I've asked around in LightTPD forums, but they say it's a PHP problem. So, I've asked around in (other) PHP forums but noone seems to have any ideas how to solve this!
Perhaps there are expert users here that can help me, or at least redirect me to some other expert forum.
I'm having an issue with memcached. Not sure if it's memcached, php, or tcp sockets but everytime I try a benchmark with 50 or more concurrency to a page with memcached, some of those request failed using apache ab. I get the (99) Cannot assign requested address error.
When I do a concurrency test of 5000 to a regular phpinfo() page. Everything is fine. No failed requests.
It seems like memcached cannot support high concurrency or am I missing something? I'm running memcached with the -c 5000 flag.
(Yes, I know that questions pertaining to lighttpd fit better on SF, but I thought it was more apt to be asked here since it's primarily concerned with security policy.)We're planning to set up a small web server in my college, so that people could get some web space to put up web pages and the like. They could also upload PHP pages. The whole setup runs from within a chroot jail.We are thinking about using the same infrastructure to put up some more services, for instance a discussion forum. My problem is, putting the forum in the same document root (or indeed, the same chrooted environment) pretty much allows any user to place small PHP scripts in their directories that can access the forum configuration files (using, say, file_get_contents). This is a massive security risk! Is there any way to solve this issue, short of disabling PHP for the user accounts, and only keeping it enabled for the discussion forum and the like, or serve the forum elsewhere and proxy it using lighttpd?
Well, I'm wondering if theres a way to run both rails and PHP on Lighty, on Ubuntu. I want to run both my PHP projects and Rails projects on the one server/domain.I have little experience with Linux really, so forgive my naivety.
I'm working on setting this up on Mac OS X Leopard. I'm having a devil of a time getting PHP5 working as fastcgi under lighttpd. I've verified that I've compiled php with fastcgi enabled. I've tried configuring lighttpd as I've seen in various documentation. The core bit that I'm not understanding is if php-cgi is supposed to create the socket, or if lighttpd creates it.My lighttpd config looks like this:
Configuring My Lighttpd Server To Support Of Python?
I've set up a few web servers in my day, but I'm not sure how they work internally. I'm setting up a new environment for myself and I'm interested in configuring my lighttpd server to support both PHP and Python. Is this possible?
Apache Proxy To Lighttpd: Changing $_SERVER['HTTP_HOST']
I have a WordPress blog running on lighttpd-1.4.19, listening at www00:81. On the same host, apache-2.2.11 listens on port 80, which creates a proxy connection from [URL] to [URL] (both being the same physical machine). The Apache virtualhost looks as follows:
<VirtualHost *:80> ServerName blog.mydomain.org ProxyRequests Off <Proxy *> Order deny,allow Allow from all </Proxy> [Code]....
My problem: as far as I know, the PHP environment variable $_SERVER['HTTP_HOST'] is set to that Host header variable. Unfortunately, WordPress uses that variable in their system to create URLs to pictures on the blog. These URLs won't be accessible behind a firewall of course. How can I force the host header to be blog.mydomain.org instead of blog.mydomain.org:81, respectively www00:81? I already added set server.name = "blog.mydomain.org" to my lighttpd.conf, but this didn't work.
Serving Downloads With Apache/lighttpd Authentication And Authorization Scheme?
I want to serve some confidential files to authenticated and authorized users. The PHP part is working well, and currently the PHP script outputs the file contents with the appropriate content types. However, some files are really large, thus, I'd like to have the HTTP Daemon to do the serving process and just "ask" PHP first if the user can get the file. How would I do this?
Can't Connect To Local Mysql - Apache Error, Lighttpd Works?
I hope someone here can help me with this. I have spent days, search google, and all the questions about "Can't connection to local MySQL server though socket"I can tell you, that the mysql server is working fine. I'm using jmeter to do a test of 300 users to my server. when I do a test for 150 users, I get no error, above that, then I get errors.
I have logged into mysql while I'm running the testing, to see if i can connect, and I can. I can also confirm that i'm using another machine and accessing the website, and it does show the web pages properly. I also do the same test, but with phpbb3 forum's software, and I get no errors with that... so I believe its the website that isn't done properly.
I have an ensim server which provides me with about 20 scripts in the filesystem that allows you to create sites, edit them, lookup domains, etc... I am running a few of these scripts from a cron I made and that all works fine but I can't seem to find a function (like shell_exec) that allows me to get the text returned from the function. When I run the script from CLI and i run the script using either system(), exec(), passthru(), or shell_exec() it just displays the results, and I didn't tell it to, it just does it on it's own bit. My question is how can i trap the results so I can anylize them.
I'm trying to 'ssh' into another machine, run a small script and fetch it's output, using shell_exec(). The problem is, it takes AGES to run ssh and I don't know what's happening. If I try 'ssh'ing manually on the shell, it takes a microsecond to fetch the result, whereas shell_exec takes very very long and I don't know how to debug the problem. That's problem number one: How do I tell what's happening and why is it taking so long?
Problem two: To be able to establish a password-less ssh connection, I generated a public key/private key pair for the two machines and stored it in my /home/username/.ssh directory. Okay, I know apache/php (by the way I'm running apache with PHP 4.2.3) won't know where to find it so I presumed /opt/apache/.ssh would be the best place to copy the ".ssh" directory (i.e. apache's installed in /opt/apache). Now the problem is, I couldn't get shell_exec to run ssh in a password less mode. After a little while I realized that it was looking for the private key in "/.ssh" (i.e. the root directory)! How come? How do I change it so that it looks for the .ssh directory elsewhere? (I mean, how can I run a command using shell_exec and ask it to use the "home" directory of the "apache" user, which normally is /path/to/apache)? The last time I installed php & apache, I remember it looked for the .ssh directory in the /opt/apache/.ssh directory and now it has changed. also, it was much faster the last time. Now for some reason it's EXTREMELY slow (takes a whole minute to run ssh) and looks for the .ssh directory on the root (and I dont want to place that directory there).
it always lists the contents of the directory where it is placed, rather than the contents of some_directory. In other words, it appears that cd is not working. I have verified that path and permissions are correct. PHP is version 4.3.9.
When I run this on my Apache server, everything works as expected. When I switch to IIS, it's as though the line is skipped entirely: no errors, no output, no logs, no nothing.
Unfortunately, I need to use IIS because I'm going to authenticate my users against active directory.
Here's what I've tried so far:
Issue the command through cmd.exe /c rather than issuing it directly Give Read & Execute permission to SERVICE on "C:WINDOWSsystem32cmd.exe" Give Read & Execute permission to NETWORK SERVICE on "C:WINDOWSsystem32cmd.exe" Give Read & Execute permission to IUSR_MACHINENAME on "C:WINDOWSsystem32cmd.exe" Give Read & Execute permission to Everyone on "C:WINDOWSsystem32cmd.exe" (don't worry, it didn't stay like that for long, haha) Run PHP as an ASAPI module
This is my standard configuration
Run PHP as a CGI extention
This does not work, I get an error: CGI Error The specified CGI application misbehaved by not returning a complete set of HTTP headers.
In IIS Manager, set Execute Permissions to Scripts and Executables on your website Added html markup and other php functions to script to see if that gets processed; it does. It's as if the shell_exec bit just gets skipped.
I really didn't want to do this, but as a stop gap until I find a proper solution I'm running Apache on the web server (which runs shell_exec fine) and I call my apache script via cURL. It's ugly, but it works :).
I'm beginning to think this isn't so much an issue with IIS or permissions as such, but perhaps a result of some policy we have on our network - although I can't imagine what.
I've looked at the php documentation for openSSL, but found that the module seemed insufficient for purposes like checking a certificate's expiration date on another server. That is, I could not find a function to run "openssl s_client -connect", so I decided to instead achieve it through shell_exec. This is a three step process:
1) Check the openssl version via shell_exec('openssl version -v'); just to confirm that openssl is installed and runs properly. This returns "OpenSSL 0.9.7a Feb 19 2003 "
2) Connect to the remote server. As a test, I decided to use www.gna.org, since I know they use a certificate. shell_exec('openssl s_client -connect www.gna.org:4433');
This pauses for about 20 seconds, and then returns FALSE. I've tried various combinations, like removing the -connect argument but leaving the server name in, removing the port, including the https:// part, removing the www, and so on. I have not tried a port other than 4433 yet (I wouldn't know what other part to use). All other methods returned FALSE immediately. This is the only method that delays 20 seconds, which indicates to me that I'm close.
3) Fetch certificate expiration date via shell_exec('openssl x509 -enddate'); although this obviously returns FALSE because I have not been able to connect to the server yet.