RSSAll Entries in the "Web servers" Category

Can not include OpenSSL headers files.

Today I had question about “..why since I have OpenSSL installed and working fine with other services, I receive such message(the bellow one) when I am trying to compile something..”

The answer is because the application you are trying to compile manually requires “openssl-devel.x” package installed. It includes files for development of applications which will use OpenSSL.
So according to your OS you should use either yum, apt-get or gpg to install it.
In my example I am trying to compile on CentOS 32 bit, so I will use yum like that:

So the next time when I try to compile my application, Openssl headers files will be there:

Tags

Generate SSL key and CSR with OpenSSL

It is really easy to generate SSL key and CSR using OpenSSL, and the next several steps will guide you trough the process.

If you are on Linux server, OpenSSL can be downloaded from here: OpenSSL source – or you can use your package management software like YUM install or apt-get. For Windows users, you can use: Win32OpenSSL.

Once you have OpenSSL installed, we can generate SSL certificate key

The following will appear:

The above command will generate SSL key using ‘-rand’ option with few big files for sources and 2048 encryption. The reason of using some big files with ‘-rand’ option is because there are no absolute random generation with computers – but that is different story. Recently the minimum allowed encryption by the SSL issuers is 2048 bits so make sure you will generate your key with this number or with 4096 bit SSL key.

There is another command which can be used :

After executing it, the output will be:

When you generate SSL key with this command will require password, which is good when the key is transported, but once set on a Web Server it will ask for a password every time it is restarted. If you have chosen this method, the next command will remove the SSL key password.

If you open the SSL key file it should be similar to this one:

Now to generate CSR from a key use OpenSSL with this options:

You will be asked few questions for the certificate:

When you are ready with the CSR information, and you open the CSR file, it should look similar to this:

Now provide the CSR to a certificate issuer and wait for the SSL approval message.

Most SSL issuers have service that relies upon the Subscriber or the Subscriber’s authorized administrator to approve all certificate requests for all hosts in the domain. It is important that you will select a correct authorized administrator email. By selecting an authorized administrator, you warrant to the certificate issuer that the individual is authorized to approve the request. The request for SSL server certificate will not be processed beyond this point if you select an incorrect email address.
This part is important and it is a part of the SSL certificate issue process. Its purpose is to avoid someone else to have a certificate issued for your domain.

Be peppered with the following allowed e-mails:
Registered Domain Contacts – This is when the SSL issuer has successfully obtained domain contacts for this domain from the domain registrar. This will be the

Alternate Approval Email Addresses can be used, but you must make sure that such e-mail account has been set up and is available before you provide the CSR, or the approval email will not be delivered.

Level 2 Domain Addresses as bellow are allowed:

Level 3 Domain Addresses as bellow are allowed:

Once you have received and approve the SSL certificate, it will be sent to you and you can install it on your web server.

Tags

PHP relocation error

This will be quick tutorial about how to fix PHP relocation error like this one: php: symbol zlibVersion , version libmysqlclient_16 not defined in in file libmysqlclient.so.16 with link time reference. Instead php: relocation error: php: symbol zlibVersion the error could be php: relocation error: php: symbol crc32.

This is an example and the issue could happen with any shared library not only with libmysqlclient.so .

As per the error message the library version is not matching so we have to check the shared library dependencies. This can be done with tool called ‘ldd’ which prints the shared library dependencies. In this case we will check PHP for “libmysqlclient” so the command should be like this:

Or if for some reason the PHP binary is located elsewhere:

The output should be similar to this one:

Let’s check the file:

In my case this is a symbolic link to the library in the same folder:

Now let’s check if this file exist in another place.

My output is:

So there are two libraries, and now we have to check where is the missing symbol – for example zlibVersion. For that will use ‘nm’ command lists symbols from object files. Let’s try the current linked file:

The output is:

So it seams there are no symbols in this library.

With the other file:

The output is:

Which seams better.

Now I will just remote the current link:

And will create a new one with the library that contains the symbol:

This should resolve the case, and the php: symbol zlibVersion , version libmysqlclient_16 not defined in in file libmysqlclient.so.16 with link time reference error was solved.

Tags

Extract certificates from P7B

P7B extract to certificatesThis will be quick tutorial about how to convert P7B to certificate. Actually we will extract certificates from PKCS #7 file using OpenSSL.
Here I have to mention one issue which is really often met and it is with the beginning and the end of the certificate provided. It depends on the OpenSSL version, but for now if the beginning and the end of the certificate are like:
—–BEGIN PKCS #7 SIGNED DATA—-
and
—–END PKCS #7 SIGNED DATA—–
will lead to the following error when you try to extract the SSL certificates:
error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: PKCS7 .
Let’s examine P7B certificate to see how to avoid such error.

 

Your certificate could be much longer as digits, but I put […] to shorten the listing on mine. Anyway if your certificate has the same beginning and end, you should change it to:

I have changed:
—–BEGIN PKCS #7 SIGNED DATA—-
and
—–END PKCS #7 SIGNED DATA—–
to
—–BEGIN PKCS7—–
and
—–END PKCS7—–
in order to accommodate the OpenSSL “Expecting: PKCS7

Now we can run the OpenSSL command which will extract PKCS7 certificates from the P7B file .
Note: this command works for both Linux and Windows machines with installed OpenSSL.

The output which prints the stored in the p7b file certificates will be similar to this one:

All this certificates will be stored into the pem.cer file as per the example. The first one is the certificate itself and the following two are CAs signing the certificate.

Another useful option is if you want to merge SSL certificate and key into PFX file

Tags

Host multiple domains on one hosting – cheating the hosting companies.

I barely remember my first site and how it was created, but I still remember the filling when I saw the price for the webhosting I was searching for. Then I was a student and if I wanted to see my website live, I had to pay one third of my monthly budget. That was before more than ten years and the webhosting was pretty expensive than now.

Nowadays the hosting prices are way to low, but if you are familiar with webhosting and understand the services that some hosting companies provide – you probably know that even price of couple of bugs is too much for what you actually get. I am not going to fail into detailed discussion about hosting companies, plans etc.- so if you are at the point where you do not have much to spend on webhosting, and in the same time you want to start building websites and host them cheep you may use the method described bellow.

Lets consider the following case:
You have bought webhosting which include something like this:
One domain hosted, 160GB drive space, MySQL database, PHP, any-other-marketing-bla-bla . (For Windows hosting users, please read Redirect domain alias to a particular folder in Windows)

Certainly the main point here is that you have pretty much space, PHP and MySQL which allows you to do almost everything, and .. just one domain hosted. Here I have to say that the whole freetutorialssubmit.com website is not more than 600MB and if I decide to host it on such hosting, the rest of the 160GB space will remain unused. You may decide to use the rest of the space as a storage, but in most cases it just remain like that.

With the PHP script bellow you can host multiple domains on one hosting even it the hosting company allows only one domain to be hosted, which will allow you to use the rest of the hosting space for different websites.

Before that I have to mention that all domain you want hosted in this hosting should be set like CNAME for the main domain. The reason is that when a domain is set as a A CNAME record or Canonical Name record in the Domain Name System (DNS) – this specifies that the domain name is an alias of the other domain. This is rather simple and can be done in with the company where the domain is registered for free. (If not try GoDaddy ;)

Once a domain is set as CNAME it will do exactly the same as the first domain. Here comes my script which basically check as which domain the browser request is done and redirects to a particular folder where the according domain files are set. The script should be in the main index.php file, otherwise it will not be opened and will not redirect accordingly.

Ok, it may looks confusing, but what is actually happening is when someone lands on your hosting, his browser opens the main index file. The script checks ‘HTTP_HOST’ global PHP variable which contains actually via which domain the server was reached and then redirects to its index (you can see it in the example as index2.php and index1.php ), or to a particular folder. If there is no match the visitor’s browser will stay in the same file and will continue with the main domain code.

Well that’s it … and yes, it is legal to host multiple domains on one hosting using this way!

301 redirect checker script

This tutorial contains 301 redirect checker script which I have created after spending more than half an hour searching the Internet for something suitable I can use for my needs. While I was searching I found only separate web pages with fields where you can check one – two URLs or heavy applications that can be installed, and yet not covering my needs. Certainly, there were paid 301 redirect checker solutions which can be used to check 301 Permanent Redirect, but I am not sure whether it does worth to buy such. The purpose of this checker in most cases is only to see if a particular pages redirect permanent covering the SEO (Search Engine Optimization) requirements.

In my case part of the OnlineHowTo.net is moving over Free Tutorials Submit dot com, and from SEO perspective, the tutorials moved have to be with 301 redirect to their new URLs.

I decided to write it as Linux bash 301 redirect checker script because it can be run on almost any Linux machine with curl installed and easily added to the Crontab. I believe the script is rather easy to be understood and used, even by not so experienced administrators.

What the redirect script is doing is to gather the URLs you want to check from an external file (in my case: /opt/scripts/301URLs.txt ), where every URL is placed on a separate line like this:

I chose this way as most of the get-all-urls-from-domain applications provide the listing like this, but certainly you can choose (and then modify a little bit my script) different format.
Then using simple bash loop it reads every line one by one, processing it with CURL extracting the headers (curl -I option).
Every header contains information similar to:

Once we have this information we can easily egrep for the 301 Moved Permanently part and if it exist, the 301 redirect checker script continues with the next URL. If the redirect is something different it writes down the URL into the /tmp/301report.txt file.

Finally the script checks whether the /tmp/301report.txt file exist – it will be created only if there is even one different from 301 Moved Permanently redirect – and will send it via e-mail to the address you have set in the EMAIL variable. If there are no such file, the script will end with no report.

Here is the whole script which you can freely use and modify as per your needs:

 

To be honest, I am using a little bit modified 301 redirect checker script, which is also checking whether the redirected URL is the one I need, but it is more complicated and may confuse you if you have to modify it.
Also, more elegant solution will be if you decide to use array, but this redirect checker script fits my needs perfect.
Also I have put sleep command as if the number of the URLs is too big, it may lead to server abuse and blocking the IP you are checking the redirect from. If you do not need the script to wait 5 seconds for every URL, just remove that line.

Hope this scrip will cover your needs as well. Your comments and suggestions are welcome.

Tags

Apache server status

In this tutorial I will show you how to enable Apache Server Status (server-status).

As probably you know this will provide a lot of valuable information , but since you are reading this page you are aware of this.

In general to enable the apache server status option you must edit the apache configuration file (httpd.conf)

There look for this section:

Tags

How to install Zend Optimizer

This tutorial will show you how to install Zend Optimizer on a server with RedHat like Linux operation systems.
Zend Optimizer is required by many scripts to run on your server decrypting and running them while increasing runtime performance.
This tutorial can be used when you run a server with CPanel or Plesk control panel with Apache server .

First download appropriate version of Zend Optimizer according to your server set from http://zend.com. Upload it to the server where will be installed using FTP client like Filezilla.
Unfortunately Zend does not provide a direct download so ”wget” cannot be used in this case.

Connect to your server via SSH using your favorite SSH client (for example Putty) and switch to super user. Go to the folder where the the file was uploaded and unpack it.
This can be done with the following command:

Check your PHP version.

This tutorial will show you how to verify PHP version on a server with Unix /Linux operating system. This will be helpful in case when you are installing an application and it requires a specific PHP version.
Login to the server were you want to check and then type:

 

 

Then you should see the listing with the PHP version similar to this one:

 

Check php version

 

There is another way to check PHP version whit FTP file upload of a simple PHP file with function which will display PHP info .

Tags