Tuesday, September 23, 2014

// // Leave a Comment

Sanitize Inputs in PHP

1) Function for stripping out malicious bits

<?php
function cleanInput($input) {
 
  $search = array(
    '@@si',   // Strip out javascript
    '@<[\/\!]*?[^<>]*?>@si',            // Strip out HTML tags
    '@@siU',    // Strip style tags properly
    '@<![\s\S]*?--[ \t\n\r]*>@'         // Strip multi-line comments
  );
 
    $output = preg_replace($search, '', $input);
    return $output;
  }
?>

2) Sanitization function

Uses the function above, as well as adds slashes as to not screw up database functions.
<?php
function sanitize($input) {
    if (is_array($input)) {
        foreach($input as $var=>$val) {
            $output[$var] = sanitize($val);
        }
    }
    else {
        if (get_magic_quotes_gpc()) {
            $input = stripslashes($input);
        }
        $input  = cleanInput($input);
        $output = mysql_real_escape_string($input);
    }
    return $output;
}
?>

Usage

<?php
  $bad_string = "Hi! <script src='http://www.evilsite.com/bad_script.js'>< /script> It's a good day!";
  $good_string = sanitize($bad_string);

  $_POST = sanitize($_POST);
  $_GET  = sanitize($_GET);
?>

Reference URL
Read More
// // Leave a Comment

Auto-FFmpeg-cPanel :: Auto FFMpeg Installer for cPanel

Auto FFMpeg Installer for cPanel

Auto FFMpeg Installer for cPanel w/CentOS 6+

Requirements:

  • CentOS 6+
  • PuTTY
  • cPanel
That's all! Did you expected more?

Why use this ?

Installation of FFMPEG is treated as the toughest installations as it has many dependencies. So I made this script, to simply the issues. Check with the below steps for easy installation.

Installation:

$> yum update -y
$> yum install wget -y
$> wget --no-check-certificate "https://raw.githubusercontent.com/itseasy21/auto-ffmpeg-cpanel/master/install-ffmpeg.sh" -O /root/install-ffmpeg.sh
$> cd /root
$> chmod +x install-ffmpeg.sh
$> ./install-ffmpeg.sh

Read More
// // 1 comment

Auto-FFmpeg :: Auto FFMpeg Installer for CentOS 6+

auto-ffmpeg






Build Status
Auto FFMpeg Installer for CentOS 6+ and other Control Panel that support CentOS 6+ (eg Kloxo, ZPanel etc)

Requirements:

  • CentOS 6+
  • PuTTY
That's all! Did you expected more?

Why use this ?

Installation of FFMPEG is treated as the toughest installations as it has many dependencies. So I made this script, to simply the issues. Check with the below steps for easy installation.

Installation:

$> yum update -y
$> yum install wget -y
$> wget --no-check-certificate "https://raw.githubusercontent.com/itseasy21/auto-ffmpeg/master/install-ffmpeg.sh" -O /root/install-ffmpeg.sh
$> cd /root
$> chmod +x install-ffmpeg.sh
$> ./install-ffmpeg.sh

Read More
// // Leave a Comment

W3tools-Varnish : Varnish Cache Inegration in cPanel

w3tools-varnish

Varnish Cache Integration in cPanel

Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents.

Installation:

$> yum update -y
$> yum install wget -y
$> wget "https://raw.githubusercontent.com/itseasy21/w3tools-varnish/master/install.sh" -O /root/varnish-install.sh
$> cd /root
$> chmod +x varnish-install.sh
$> ./varnish-install.sh

Read More

Monday, September 22, 2014

// // 1 comment

ApacheBooster v2.3

ApacheBooster

NOTE: This is the only working version of ApacheBooster found on GitHub :D
Current Release: V2.3
Nginx Version : 1.6.2
Varnish Version : 3.0.5
ApacheBooster is a integration of nginx and varnish, this Plugin will reduce the server load spike and memory usage. Also the plugin will provide the maximum performance of your websites.

Varnish

Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Varnish Cache is really, really fast. It typically speeds up delivery with a factor of 300 – 1000x, depending on your architecture. A high level overview of what Varnish does can be seen in the video attached to this web. Varnish performs really, really well. It is usually bound by the speed of the network, effectivly turning performance into a non-issue. We’ve seen Varnish delivering 20 Gbps on regular off-the-shelf hardware.

Nginx

Nginx is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption.
Unlike traditional servers, Nginx doesn’t rely on threads to handle requests. Instead it uses a much more scalable event-driven (asynchronous) architecture. This architecture uses small, but more importantly, predictable amounts of memory under load.

Installation/Upgrade instructions

  1. Clone the installation folder onto your CPanel server:
$> git clone https://github.com/itseasy21/ApacheBooster.git
              OR
$> wget https://github.com/itseasy21/ApacheBooster/archive/master.zip -O ApacheBooster.zip
$> unzip ApacheBooster.zip
  1. Change the working directory to cloned or extracted folder:
$> cd ApacheBooster/apachebooster
              OR
$> cd ApacheBooster-master/apachebooster
  1. Execute installation script and wait for it to finish:
$> sh install.sh

Uninstallation instructions:

1. Clone the ApacheBooster files onto your server.
2. Change the working directory to cloned folder.
3  execute uninstall script.
 $> sh uninstall
Read More

Wednesday, September 10, 2014

// // Leave a Comment

Enable ffmpeg-php in linux

The ffmpeg-php is a php extension used for accessing and retrieving information from media files both audio and vedio. Now ffmpeg-php which is Rarely used in web applications. This php extension is used for creating thumbnail images from movie files.  If you want to enable “ffmpeg-php” in the server, you have to manually download “ffmpeg-php” source files and compile it.  For enabling “ffmpeg-php” the server needs to have “ffmpeg“, “GD” enabled and php version needs to be grater than 4.3.
The “ffmpeg-php” source files can be downloaded from the link http://sourceforge.net/projects/ffmpeg-php/files/ffmpeg-php/
You have to make sure your server is enabled with “ffmpeg” and “gd”  before proceeding with below steps.
wget http://downloads.sourceforge.net/project/ffmpeg-php/ffmpeg-php/0.6.0/ffmpeg-php-0.6.0.tbz2?use_mirror=biznetnetworks
tar -jxvf ffmpeg-php-0.6.0.tbz2
cd ffmpeg-php-0.6.0
yum install php-devel gcc gcc-c++
/usr/bin/phpize
Replace every instance of PIX_FMT_RGBA32 with PIX_FMT_RGB32 in ffmpeg_frame.c file in order to prevent compilation error like “ffmpeg_frame.c:421: error”.  Follow the below steps.
perl -pi -e “s/PIX_FMT_RGBA32/PIX_FMT_RGB32/” ffmpeg_frame.c
./configure
make
make install
echo “extension=ffmpeg.so” >> /etc/php.ini
service httpd restart
php -i | grep -i ffmpeg
Sometimes you can also met with the error “make: *** [ffmpeg_movie.lo] Error 1″ while proceeding with compilation as below, you have to make changes accordingly in “ffmpeg_movie.c” file as described below.
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘_php_open_movie_file’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:258: warning: ‘av_open_input_file’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:1170)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie___construct’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:311: error: ‘list_entry’ undeclared (first use in this function)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:311: error: (Each undeclared identifier is reported only once
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:311: error: for each function it appears in.)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:311: error: ‘le’ undeclared (first use in this function)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:346: error: expected ‘;’ before ‘new_le’
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:356: error: ‘new_le’ undeclared (first use in this function)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getComment’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:531: warning: ‘comment’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:745)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:531: warning: ‘comment’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:745)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getTitle’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:546: warning: ‘title’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:742)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:546: warning: ‘title’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:742)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getAuthor’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:561: warning: ‘author’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:743)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:561: warning: ‘author’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:743)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getCopyright’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:575: warning: ‘copyright’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:744)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:575: warning: ‘copyright’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:744)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getAlbum’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:590: warning: ‘album’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:746)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:590: warning: ‘album’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:746)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getGenre’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:604: warning: ‘genre’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:749)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:604: warning: ‘genre’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:749)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getTrackNumber’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:619: warning: ‘track’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:748)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getYear’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:632: warning: ‘year’ is deprecated (declared at /usr/local/include/libavformat/avformat.h:747)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘zim_ffmpeg_movie_getPixelFormat’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:868: warning: ‘avcodec_get_pix_fmt_name’ is deprecated (declared at /usr/local/include/libavcodec/avcodec.h:3467)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘_php_read_av_frame’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:1215: warning: ‘avcodec_decode_video’ is deprecated (declared at /usr/local/include/libavcodec/avcodec.h:3930)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c: In function ‘_php_get_av_frame’:
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:1282: warning: ‘hurry_up’ is deprecated (declared at /usr/local/include/libavcodec/avcodec.h:1389)
/usr/local/src/ffmpeg-php-0.6.0/ffmpeg_movie.c:1284: warning: ‘hurry_up’ is deprecated (declared at /usr/local/include/libavcodec/avcodec.h:1389)
make: *** [ffmpeg_movie.lo] Error 1
Make changes in ffmpeg_movie.c file as below and try again:
row 311:  list_entry *le;    TO      zend_rsrc_list_entry *le;
row 346:  list_entry new_le;  TO    zend_rsrc_list_entry new_le;
row 360:  hashkey_length+1, (void *)&new_le, sizeof(list_entry),   TO      hashkey_length+1, (void *)&new_le,sizeof(zend_rsrc_list_entry),
Verify if “ffmpeg” extension for php is enabled in the server.
$ php -i | grep -i ffmpeg
You will get the below result if everything is fine.
ffmpeg
ffmpeg-php version => 0.6.0-svn
ffmpeg-php built on => Mar 24 2014 19:02:49
ffmpeg-php gd support  => enabled
ffmpeg libavcodec version => Lavc52.123.0
ffmpeg libavformat version => Lavf52.111.0
ffmpeg swscaler version => SwS0.14.1
ffmpeg.allow_persistent => 0 => 0
ffmpeg.show_warnings => 0 => 0
PWD => /usr/local/src/ffmpeg-php-0.6.0
_SERVER["PWD"] => /usr/local/src/ffmpeg-php-0.6.0
_ENV["PWD"] => /usr/local/src/ffmpeg-php-0.6.0

Read More

Sunday, August 24, 2014

// // Leave a Comment

How to install Varnish Cache [CPANEL]

Varnish Cache is a web accelerator, sometimes referred to as a HTTP accelerator or a reverse HTTP proxy, that will significantly enhance your web performance.
Varnish speeds up a website by storing a copy of the page served by the web server the first time a user visits that page. The next time a user requests the same page, Varnish will serve the copy instead of requesting the page from the web server.
This means that your web server needs to handle less traffic and your website’s performance and scalability go through the roof. In fact Varnish Cache is often the single most critical piece of software in a web based business.

How to install varnish cache on cpanel

First, you need to change Apache listening port to another port 82 or anything else.
vi /etc/httpd/conf/httpd.conf
or you can change via WHM -> Tweak Settings -> set value of field Apache non-SSL IP/port to 82.
You can install varnish through YUM or manually download varnish RPM.
yum install varnish
or
for EL6
wget http://repo.varnish-cache.org/redhat/varnish-3.0/el6/noarch/varnish-release-3.0-1.el6.noarch.rpm
rpm ivh varnish-release-3.0-1.el6.noarch.rpm
Once installation completed, Edit configuration file and change listening port to 80
vi /etc/sysconfig/varnish
VARNISH_LISTEN_PORT=80
Edit proxy settings in varnish
vi /etc/varnish/default.vcl or check with /usr/local/varnish/etc/varnish/vhost.vcl
backend default {
.host = "184.82.165.4";
.port = "82";
}

sub vcl_recv {
if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
return(lookup);
}
}

# strip the cookie before the image is inserted into cache.

sub vcl_fetch {
if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
unset beresp.http.set-cookie;
}
}
Enable chkconfig  and restart varnish service
chkconfig varnish on
service varnish start
Thats all… You can monitor varnish cache through this monitoring tool.
varnishstat
Read More
// // Leave a Comment

Auto fix for file permissions and ownership [CPANEL]

suPHP and FastCGI require files and folders to have a specific set of permissions/ownership from other handlers. Without these permissions set you will see a lot of errors such as: “403 Forbidden”, “500 Internal Server Error”, or simply generic errors that commonly have the word ‘permission’ in them.
It can be very time consuming to track down and check file permissions across a whole server. Luckily, fixing this on a cPanel box can be scripted. This gives us a quick and very easy script you can wget to any cPanel server. Simply run the ‘fixperms’ script, specifying the user (or all users), sit back and watch the errors just disappear. I use this script daily in my administrative work and it never fails! It is simply a good generic fix if you cannot find your permission problem, or if you have just switched your handler and need a quick way to change every user account on the server.
Credit does not go to me though. A good buddy of mine, Colin R., wrote this for ServInt. Thanks Colin for making lives easier!
***WARNING!!! The following scripts are intended for suPHP or FastCGI. If you are not running either of these two handlers, be aware of how the script works and the changes it makes. The code is posted at the end of this article; please take a moment to review it. For example, when running DSO, some files/folders may need to be owned by ‘nobody’ in order to function properly (such as in certain WordPress functions or PHP based file uploads). Running this fixperms will set everything to USER:USER. Under DSO, this is potentially not a problem for most sites, except a few core functions may not work. You can always change specific files later if any errors pop up.
Furthermore, it is highly recommended that you run a full backup of your server before running fixperms or any other script that makes changes to multiple files.
This ‘fixperms’ script is intended for cPanel servers only. It is dependent on cPanel’s internal scripts and file structure. If you’re on anything else (such as Plesk), it will simply fail to run. It won’t be able to do anything.
I know that criteria sounds very specific, but those two conditions cover a large number of the reseller/multi-user hosting servers out there. And that’s really the crowd that would benefit most from an automated script such as this.
That all being said, if you are running suPHP or FastCGI, press on; for this script will work flawlessly for you and potentially save you a TON of time & hassle.

Fixperms – for one single user

To use the fixperms script, simply log into your server as root, wget the file from our server, then run it. Type in the cPanel username and it will run only for that particular account.
It does not matter which directory you are in when you run fixperms. You can be in the user’s home directory, the server root, etc. The script will not affect anything outside of the particular user’s folder.

Fixperms – for all of the users

If you would like fix the permissions for every user on your cPanel server, simply use the ‘-all’ option:

Verbosity of Fixperms

By default, the script runs in a ‘quiet’ mode with minimal display. However, if you’re like me, you may want to see everything that is happening. You can turn on verbosity and have the script print to the screen everything that is being changed. I find this extremely useful when fixing large accounts that have many files. You can watch the changes as a sort of ‘progress bar’ of completion. The ‘-v’ option can be used per account or with all accounts.
For one single account:
For all accounts:

The code itself, what’s in it?

I understand that it can be a big security concern to simply ‘wget’ a file from a website you found, and then blindly run it on a production server. I understand your fear; I’m right there with you and would likewise be leery and very hesitant. However, I promise you that there is no malicious intent in this or anything you will ever get from my site. I have pasted the content of the file below for your examination.
 
So there you have it. An effective permissions fix for your cPanel account. When you run this, people will think you’re a hero! So, go forth and save your users from the evils of site errors!
Read More