am a new CentOS / RHEL / Red Hat / Fedora Linux server user. I need to provide tidy library support using php. How do I install php-tidy on RHEL or CentOS Linux for Apache server?

You need to install the following module using the yum command on RHEL/CentOS/Fedora/Scientific Linux server:

php-tidy – The php-tidy package contains a dynamic shared object that will add support for using the tidy library to PHP.

Install php-tidy module on RHEL/CentOS

Open the Terminal and type the following yum command:

# yum install php-tidy

Sample outputs:

Loaded plugins: auto-update-debuginfo, protectbase, rhnplugin, security

This system is receiving updates from RHN Classic or RHN Satellite.

0 packages excluded due to repository protections

Setting up Install Process

Resolving Dependencies

–> Running transaction check

—> Package php-tidy.x86_64 0:5.3.3-27.el6_5 will be installed

–> Processing Dependency: libtidy-0.99.so.0()(64bit) for package: php-tidy-5.3.3-27.el6_5.x86_64

–> Running transaction check

—> Package libtidy.x86_64 0:0.99.0-19.20070615.1.el6 will be installed

–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================

Package     Arch      Version                        Repository                        Size

=============================================================================================

Installing:

php-tidy    x86_64    5.3.3-27.el6_5                 rhel-x86_64-server-optional-6     36 k

Installing for dependencies:

libtidy     x86_64    0.99.0-19.20070615.1.el6       rhel-x86_64-server-6             127 k

Transaction Summary

=============================================================================================

Install       2 Package(s)

Total download size: 164 k

Installed size: 0

Is this ok [y/N]: y

Downloading Packages:

(1/2): libtidy-0.99.0-19.20070615.1.el6.x86_64.rpm                    | 127 kB     00:00

(2/2): php-tidy-5.3.3-27.el6_5.x86_64.rpm                             |  36 kB     00:00

Total                                                        654 kB/s | 164 kB     00:00

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : libtidy-0.99.0-19.20070615.1.el6.x86_64                                   1/2

Installing : php-tidy-5.3.3-27.el6_5.x86_64                                            2/2

Verifying  : php-tidy-5.3.3-27.el6_5.x86_64                                            1/2

Verifying  : libtidy-0.99.0-19.20070615.1.el6.x86_64                                   2/2

Installed:

php-tidy.x86_64 0:5.3.3-27.el6_5

Dependency Installed:

libtidy.x86_64 0:0.99.0-19.20070615.1.el6

Complete!

Restart / reload web-server

Type the following command to restart / reload Apache server:

# service httpd restart

Verify new settings

# php -i | grep -color tidy

am new Red Hat Enterprise Linux version 7 user/sysadmin/developer. This version made the big number change for RHEL 7/CentOS 7. How can I install LAMP (Linux, Apache, MariaDB, PHP) stack on a RHEL version 7 or CentOS Linux version 7 using CLI or over ssh based session?

RHEL 7 has been released and CentOS Linux 7 is on its way with many notable changes. This guide explains how to install LAMP server.

More about LAMP

LAMP is nothing but a software bundle or a platform consisting of Linux operating system, Apache web-server, MySQL database server and PHP (or Perl/Python)scripting language. The LAMP stack is used for building heavy-duty dynamic web sites entirely out of free and open-source software. In this tutorial, I’m going to explain how to Linux, Apache, MySQL/MariaDB (drop in replacement for MySQL), PHP (LAMP) stack On CentOS 7 or RHEL 7.

Assumptions

I’m assuming that you’ve installed basic RHEL 7 or CentOS 7 server. Open the Terminal app and type the following command as root user.

You must be familiar with the yum command

You must know your Server’s IP address. Use the following command to find your server’s ip address for eth0 interface:

ifconfig eth0

OR

ip a show eth0

OR

ip addr list eth0 | awk  /inet /{sub(/\/[0-9]+/,  ,$2); print $2}

OR

ifconfig eth0 | awk  /inet /{print $2}

10.41.143.156

I’m going to use IP address 10.41.143.156 for testing purpose. Feel free to replace this IP address with your actual private or public IP address.

Enough talk, let’s set up LAMP stack.

Step #1: Install Apache on a CentOS 7 / RHEL 7 server

Type the following yum command to install Apache web-server:

sudo yum install httpd

Sample outputs:

Loaded plugins: amazon-id, rhui-lb

Resolving Dependencies

–> Running transaction check

—> Package httpd.x86_64 0:2.4.6-17.el7 will be installed

–> Processing Dependency: httpd-tools = 2.4.6-17.el7 for package: httpd-2.4.6-17.el7.x86_64

–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.x86_64

–> Running transaction check

—> Package httpd-tools.x86_64 0:2.4.6-17.el7 will be installed

—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed

–> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================

Package            Arch          Version               Repository                               Size

======================================================================================================

Installing:

httpd              x86_64        2.4.6-17.el7          rhui-REGION-rhel-server-releases        1.2 M

Installing for dependencies:

httpd-tools        x86_64        2.4.6-17.el7          rhui-REGION-rhel-server-releases         77 k

mailcap            noarch        2.1.41-2.el7          rhui-REGION-rhel-server-releases         31 k

Transaction Summary

======================================================================================================

Install  1 Package (+2 Dependent packages)

Total download size: 1.3 M

Installed size: 3.9 M

Is this ok [y/d/N]: y

Downloading packages:

(1/3): httpd-tools-2.4.6-17.el7.x86_64.rpm                                     |  77 kB  00:00:00

(2/3): httpd-2.4.6-17.el7.x86_64.rpm                                           | 1.2 MB  00:00:00

(3/3): mailcap-2.1.41-2.el7.noarch.rpm                                         |  31 kB  00:00:00

Total                                                                 2.0 MB/s | 1.3 MB  00:00:00

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Installing : httpd-tools-2.4.6-17.el7.x86_64                                                    1/3

Installing : mailcap-2.1.41-2.el7.noarch                                                        2/3

Installing : httpd-2.4.6-17.el7.x86_64                                                          3/3

Verifying  : mailcap-2.1.41-2.el7.noarch                                                        1/3

Verifying  : httpd-tools-2.4.6-17.el7.x86_64                                                    2/3

Verifying  : httpd-2.4.6-17.el7.x86_64                                                          3/3

Installed:

httpd.x86_64 0:2.4.6-17.el7

Dependency Installed:

httpd-tools.x86_64 0:2.4.6-17.el7                   mailcap.noarch 0:2.1.41-2.el7

Complete!

Enable the httpd service at boot time

To make sure the httpd service start automatically at the boot time, enter:

sudo systemctl enable httpd.service

Sample outputs:

ln -s  /usr/lib/systemd/system/httpd.service   /etc/systemd/system/multi-user.target.wants/httpd.service

The following command will disable the httpd service at the boot time:

sudo systemctl disable httpd.service

Sample outputs:

rm  /etc/systemd/system/multi-user.target.wants/httpd.service

Start the httpd service on a CentOS/RHEL v7.x

sudo systemctl start httpd.service

At this stage, you can point your web-browser to your server’s IP address such as http://10.41.143.156). The following page should display on screen:

Fig.01: Check if Apache is Running on CentOS/RHEL 7 server

Stop the httpd service on a CentOS/RHEL v7.x

sudo systemctl stop httpd.service

Restart the httpd service on a CentOS/RHEL v7.x

sudo systemctl restart httpd.service

Finding the httpd service status on a CentOS/RHEL v7.x

To verify that the httpd service is running, enter:

systemctl is-active httpd.service

Sample outputs:

active

Gracefully restart the httpd service on a CentOS/RHEL v7.x

sudo apachectl graceful

Test httpd/Apache configuration file for errors on a CentOS/RHEL v7.x

sudo apachectl configtest

Sample outputs:

Syntax OK

httpd service default configuration

Default config file: /etc/httpd/conf/httpd.conf

Configuration files which load modules : /etc/httpd/conf.modules.d/ directory (e.g. PHP)

Select MPMs (Processing Model) as loadable modules [worker, prefork (default)] and event: /etc/httpd/conf.modules.d/00-mpm.conf

Default ports: 80 and 443 (SSL)

Default log files: /var/log/httpd/{access_log,error_log}

Step #2: Install MariaDB on a CentOS 7 / RHEL 7 server

MariaDB An enhanced, drop-in replacement for MySQL server. RHEL/CentOS v7.x shifts from MySQL to MariaDB for its database management system needs. Type the following yum command to install MariaDB server:

sudo yum install mariadb-server mariadb

To start mariadb, type:

sudo systemctl start mariadb.service

To make sure the mariadb service start automatically at the boot time, enter:

sudo systemctl enable mariadb.service

Sample outputs:

ln -s  /usr/lib/systemd/system/mariadb.service   /etc/systemd/system/multi-user.target.wants/mariadb.service

To stop/restart and disable mariadb service use the following commands:

sudo systemctl stop mariadb.service #<– Stop mariadb server

sudo systemctl restart mariadb.service #<– Restart mariadb server

sudo systemctl disable mariadb.service #<– Disable mariadb server

sudo systemctl is-active mariadb.service   #<– Is mariadb server running?

Securing MariaDB

Type the following command:

sudo /usr/bin/mysql_secure_installation

Sample outputs:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we ll need the current

password for the root user.  If you ve just installed MariaDB, and

you haven t set the root password yet, the password will be blank,

so you should just press enter here.

Enter current password for root (enter for none): PRESS-ENTER-KEY

OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB

root user without the proper authorisation.

Set root password? [Y/n] Y

New password: YOUR-NEW-PASSWORD-HERE

Re-enter new password: YOUR-NEW-PASSWORD-HERE

Password updated successfully!

Reloading privilege tables..

… Success!

By default, a MariaDB installation has an anonymous user, allowing anyone

to log into MariaDB without having to have a user account created for

them.  This is intended only for testing, and to make the installation

go a bit smoother.  You should remove them before moving into a

production environment.

Remove anonymous users? [Y/n] Y

… Success!

Normally, root should only be allowed to connect from  localhost .  This

ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y

… Success!

By default, MariaDB comes with a database named  test  that anyone can

access.  This is also intended only for testing, and should be removed

before moving into a production environment.

Remove test database and access to it? [Y/n] Y

– Dropping test database…

… Success!

– Removing privileges on test database…

… Success!

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

Reload privilege tables now? [Y/n] Y

… Success!

Cleaning up…

All done!  If you ve completed all of the above steps, your MariaDB

installation should now be secure.

Thanks for using MariaDB!

Test MariaDB installation

Type the following command

mysql -u root -p

Sample outputs:

Fig.02: Mariadb test connection on a CentOS / RHEL Linux v7.x

Step #3: Install PHP on a CentOS/RHEL v7.x

To install PHP and modules such as gd/msyql type the following yum command:

sudo yum install php php-mysql php-gd php-pear

You must restart the httpd (Apache) service, enter:

sudo systemctl restart httpd.service

To search all other php modules, type:

sudo yum search php-

Sample outputs:

php-cli.x86_64 : Command-line interface for PHP

php-common.x86_64 : Common files for PHP

php-gd.x86_64 : A module for PHP applications for using the gd graphics library

php-ldap.x86_64 : A module for PHP applications that use LDAP

php-mysql.x86_64 : A module for PHP applications that use MySQL databases

php-odbc.x86_64 : A module for PHP applications that use ODBC databases

php-pdo.x86_64 : A database access abstraction module for PHP applications

php-pear.noarch : PHP Extension and Application Repository framework

php-pecl-memcache.x86_64 : Extension to work with the Memcached caching daemon

php-pgsql.x86_64 : A PostgreSQL database module for PHP

php-process.x86_64 : Modules for PHP script using system process interfaces

php-recode.x86_64 : A module for PHP applications for using the recode library

php-soap.x86_64 : A module for PHP applications that use the SOAP protocol

php-xml.x86_64 : A module for PHP applications which use XML

php-xmlrpc.x86_64 : A module for PHP applications which use the XML-RPC protocol

To find more info about a module type:

sudo yum info php-pgsql

To install php module called php-pgsql type:

sudo yum install php-pgsql

Test PHP on your server

Create a file called /var/www/html/test.php as follows:

sudo vi /var/www/html/test.php

Append the following code:

<?php

phpinfo(INFO_GENERAL);

?>

Save and close the file. Point your web-browser to your server’s IP address such as http://10.41.143.156/test.php (feel free to replace the 10.41.143.156 with your actual IP address):

http://10.41.143.156/test.php

Sample outputs:

Fig.03: Test Apache+PHP with phpinfo() On a CentOS/RHEL v7.x server

In next part, I will cover the following topics (rss feed for RHEL7 or rss for CentOS7 tutorials):

Apache configuration

Virtual hosting

Apache security

mod_ssl

Perl

Firewall configuration

‘m a new FreeBSD Unix system users. How can I setup and install Apache, MySQL, PHP stack on a FreeBSD 10 based Unix server?

FAMP stack is nothing but group of source software to run php based apps. Our sample setup includes:

FreeBSD 10.1-RELEASE amd64

Apache v2.4

PHP v5.6

MySQL v5.6

This tutorial explains how to install and configure FAMP stack.

Update your ports

Like always make sure everything is up to date before starting. I like to do:

# portsnap fetch update && portupgrade -a

Sample outputs:

Looking up portsnap.FreeBSD.org mirrors… 7 mirrors found.

Fetching public key from your-org.portsnap.freebsd.org… done.

Fetching snapshot tag from your-org.portsnap.freebsd.org… done.

Fetching snapshot metadata… done.

Fetching snapshot generated at Fri Jan  2 00:09:16 UTC 2015:

4955cbbaee76bcad21123666d1c7eee0d55bc059e2ea04100% of   70 MB 5735 kBps 00m13s

Extracting snapshot… done.

Verifying snapshot integrity… done.

Fetching snapshot tag from your-org.portsnap.freebsd.org… done.

Fetching snapshot metadata… done.

Updating from Fri Jan  2 00:09:16 UTC 2015 to Fri Jan  2 11:42:26 UTC 2015.

Fetching 4 metadata patches… done.

Applying metadata patches… done.

Fetching 0 metadata files… done.

Fetching 8 patches.

….

..

See FreeBSD Update All Installed Ports / Applications tutorial for more information.

Install Apache server

To install the port:

# cd /usr/ports/www/apache24/ && make install clean

Or, to add the package:

# pkg install www/apache24

Sample outputs:

Fig. 01: Install apache

Starting up Apache service on boot

Add following to the end of “/etc/rc.conf” file to launch Apache at start up:

echo  apache24_enable= YES   >> /etc/rc.conf

STARTING / STOPPING / RESTARTING APACHE SERVER

To start Apache to make sure it works:

# /usr/local/etc/rc.d/apache24 start

To restart Apache server:

# /usr/local/etc/rc.d/apache24 restart

To stop Apache server:

# /usr/local/etc/rc.d/apache24 stop

You can also use the service command for starting/stoping/restarting Apache server on FreeBSD:

service command to control Apache server ##

service apache24 start

service apache24 restart

service apache24 stop

service apache24 status

Sample outputs:

Fig.02: Starting/Stopping Apache

Note: If you are getting this error “Could not reliably determine the server s fully qualified domain name, using 127.0.0.1.” Set the ‘ServerName’ directive globally to suppress this message:

Add next line to /usr/local/ect/apache24/httpd.conf file:

ServerName localhost

Replace localhost with the server’s domain name which can be obtained with:

# hostname -f

Setting up MySQL server

The package or port to be installed will depend on available MySQL version. As of this writing, the maximum available version is 5.6.

Install MySQL server

To install the port:

# cd /usr/ports/databases/mysql56-server/ && make install clean

or, to add the package:

# pkg install databases/mysql56-server

Fig.03: Installing mysql database server

Install MySQL client

To install the port:

# cd /usr/ports/databases/mysql56-client/ && make install clean

or, to add the package:

# pkg install databases/mysql56-client

Starting up Mysql server service on boot

Finally, /etc/rc.conf must contain the following line to allow the MySQL server to start:

echo  mysql_enable= YES   >> /etc/rc.conf

Starting / stopping / restarting Mysql server

To start the Mysql server type:

# /usr/local/etc/rc.d/mysql-server start

To restart the Mysql server type:

# /usr/local/etc/rc.d/mysql-server restart

To stop the Mysql server type:

# /usr/local/etc/rc.d/mysql-server stop

You can also use the service command for starting/stoping/restarting mysql server on FreeBSD:

command to start/stop mysql servers on a FreeBSD 10 ##

service mysql-server start

service mysql-server restart

service mysql-server stop

service mysql-server status

Sample outputs:

Fig.04: Starting/Stopping mysql server

Setting up Mysql server passwords

The default is set to allow anyone to have full access. It’s very important that you set up passwords. To set a password on the anonymous accounts use:

# mysql -u root

Run the following sql queries at mysql> prompt (replace host_name with actual system host name which can be obtained with hostname -f command:

mysql> SET PASSWORD FOR   @ localhost  = PASSWORD( newpwd-here );

mysql> SET PASSWORD FOR   @ host_name  = PASSWORD( newpwd-here );

mysql> quit

Bye

To set a password for the root account use:

# mysql -u root

Run the following sql queries at mysql> prompt:

mysql> SET PASSWORD FOR  root @ localhost  = PASSWORD( newpwd-here );

mysql> SET PASSWORD FOR  root @ host_name  = PASSWORD( newpwd-here );

mysql>  quit

Bye

NOTE: An alternative method to set a password for the MySQL root user is to run the following command:

/usr/local/bin/mysqladmin -u root password  PASSWORD-HERE

See “MySQL Change root Password” tutorial for more information.

After setting the password, here is how you shutdown mysqld server:

# mysqladmin -u root -p shutdown

Sample outputs:

Enter password:

TIP: IF YOU “FORGET” THE ROOT PASSWORD, HERE IS HOW YOU CAN RESET IT

Stop mysqld with this command:

# /usr/local/etc/rc.d/mysql-server.sh stop

Modify the start command to add this option to the command line. Do not leave this option on for long. Only for when you need it. It bypasses all usual mysql security:

-Sg|–skip-grant-tables

This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing mysqladmin flush-privileges or mysqladmin reload.)

Modify it in /usr/local/etc/rc.d/mysql-server.sh:

/usr/local/bin/safe_mysqld –user=mysql –skip-grant-tables > /dev/null & && echo -n   mysqld

Start mysqld:

# /usr/local/etc/rc.d/mysql-server.sh start

Connect to mysql:

# mysql

Look out because this next step will reset the passwords for all root users. Make sure that’s what you want to do. You may wish to restrict this SQL by including an “and host = ‘something ” clause. Inspect existing users with “SELECT host, user from user;“. Select the mysql database and reset the password:

mysql> use mysql

mysql> update user set password = PASSWORD( secret ) where user =  root ;

mysql> quit

=> Do not forget to undo that mysql bypass i.e. Stop mysqld with: /usr/local/etc/rc.d/mysql-server.sh stop

=> Remove the option from the vi /usr/local/etc/rc.d/mysql-server.sh and remove –skip-grant-tables options.

=> Restart mysqld with: /usr/local/etc/rc.d/mysql-server.sh start

=> See “Recover MySQL root Password” tutorial for more information.

Install PHP

When you build PHP, you need to add the configuration option so that PHP build includes support for the Apache server. Type the following commands:

# cd /usr/ports/lang/php56

# make config

When the menu comes up to select/deselect various build options. You should select:

Fig.05: Build PHP using ports collection

Now you will do the make clean command. I normally do these commands all in one but to get the configuration menu, I do them apart.

# make install clean

Install mod_php for Apache

Type the following commands to build mod_php for Apache:

# cd /usr/ports/www/mod_php56

# make install clean

Sample outputs:

Fig.06: Install mod_php for Apache

Install php extensions

If you aren’t sure if it’s or you didn’t check it with your MySQL install, you will do it the commands the same way so you get the menus to configure to add support for both MySQL and MySQLi to communicate with the MySQL server.

# cd /usr/ports/lang/php56-extensions/

# make config

Fig.07: Install popular extensions for Apache

You may also select other extensions as per your PHP apps requirements. Then finish up with:

# make install clean

Configure mod_php

To configure it you will type the following command that just makes a copy of a file:

# cp /usr/local/etc/php.ini-development /usr/local/etc/php.ini

To configure Apache and open the file:

# ee /usr/local/etc/apache24/httpd.conf

I use ee (feel free to use vi or Emacs) text editor for simple edits, look for this line:

DirectoryIndex index.html

And change it so it reads as follows:

DirectoryIndex index.html index.htm index.php

Find and set the following values as per your domain, IP, and port number:

ServerAdmin webmaster@cyberciti.biz

ServerName www.cyberciti.biz:80

Listen :80

Save and close the file. Create a file called /usr/local/etc/apache24/modules.d/001_mod_php.conf as follows:

# cat /usr/local/etc/apache24/modules.d/001_mod_php.conf

<FilesMatch  \.php$ >

SetHandler application/x-httpd-php

</FilesMatch>

<FilesMatch  \.phps$ >

SetHandler application/x-httpd-php-source

</FilesMatch>

Now restart Apache server:

# /usr/local/etc/rc.d/apache24 restart

OR

# service apache24 restart

Test your setup

Create a file called /usr/local/www/apache24/data/test.php:

# vi /usr/local/www/apache24/data/test.php

Append the following code:

<?php

phpinfo();

?>

Save and close the file. Fire a web-browser and type the url:

http://your-domain-name/test.php

http://your-ip-address/test.php

Sample outputs:

Fig.08: Apache + PHP server ready on FreeBSD

How do I secure PHP?

See our 25 PHP Security Best Practices For Sys Admins for more info.

Recommended readings

Apache HTTP Server Version 2.4 Documentation

man pages – httpd(8), service(8)

This quick tutorial was contributed by Wendy Michele. Editing by admin. You can too contribute to nixCraft.

ow can I setup up a LAMP (Linux, Apache, MySql, PHP) stack on Debian Linux version 8 (Jessie) using command line options?

Setting up a LAMP stack on your Debian 8 server will allow for the hosting of websites and web applications written in PHP, Perl, and Python. You need to install the following packages on Debian Linux 8:

apache2 : Apache HTTP Server

mysql-server: MySQL Server

php5 : PHP 5

php-pear: PHP 5 pear package

php5-mysql: PHP 5 mysql support

In this tutorial, you will learn installing LAMP on your Debian 8 server.

Update your system

Type the following command:

# apt-get update

# apt-get upgrade

Install Apache 2 package

Type the following apt-get command to instal Apache httpd server version 2:

# apt-get install apache2

Sample outputs:

Fig. 01: Install Apache 2 on Debian 8

Install MySQL server package

Type the following apt-get command to instal Mysql server version 5.x:

# apt-get install mysql-server

Install PHP package

Type the following apt-get command to instal php5:

# apt-get install php5 php-pear libapache2-mod-php5

Install PHP modules

Type the following apt-get command to instal php modules:

# apt-get install php5-mysql php5-gd

To find out additional PHP5 modules, enter:

# apt-cache search php5-

Sample outputs:

php5-exactimage – fast image manipulation library (PHP bindings)

php5-gdcm – Grassroots DICOM PHP5 bindings

php5-vtkgdcm – Grassroots DICOM VTK PHP bindings

php5-geos – GEOS bindings for PHP

php5-lasso – Library for Liberty Alliance and SAML protocols – PHP 5 bindings

php5-libvirt-php – libvirt bindings for PHP

php5-mapscript – php5-cgi module for MapServer

php5-adodb – Extension optimising the ADOdb database abstraction library

php5-apcu – APC User Cache for PHP 5

php5-gearman – PHP wrapper to libgearman

php5-geoip – GeoIP module for php5

php5-gnupg – wrapper around the gpgme library

php5-igbinary – igbinary extension

php5-imagick – Provides a wrapper to the ImageMagick library

php5-json – JSON module for php5

php5-memcache – memcache extension module for PHP5

php5-memcached – memcached extension module for PHP5, uses libmemcached

php5-mongo – MongoDB database driver

php5-msgpack – PHP extension for interfacing with MessagePack

php5-mysqlnd-ms – MySQL replication and load balancing module for PHP

php5-oauth – OAuth 1.0 consumer and provider extension

php5-pecl-http – pecl_http module for PHP 5 Extended HTTP Support

php5-pecl-http-dev – pecl_http module for PHP 5 Extended HTTP Support development headers

php5-pinba – Pinba module for PHP 5

php5-propro – propro module for PHP 5

php5-propro-dev – propro module for PHP 5 development headers

php5-radius – PECL radius module for PHP 5

php5-raphf – raphf module for PHP 5

php5-raphf-dev – raphf module for PHP 5 development headers

php5-redis – PHP extension for interfacing with Redis

php5-rrd – PHP bindings to rrd tool system

php5-sasl – Cyrus SASL Extension

php5-solr – solr module for PHP 5

libssh2-php – transitional dummy package for php5-ssh2

php5-ssh2 – Bindings for the libssh2 library

php5-stomp – Streaming Text Oriented Messaging Protocol (STOMP) client module for PHP 5

php5-svn – PHP Bindings for the Subversion Revision control system

php5-tokyo-tyrant – PHP interface to Tokyo Cabinet s network interface, Tokyo Tyrant

php5-yac – YAC (Yet Another Cache) for PHP 5

php5-zmq – ZeroMQ messaging

libphp5-embed – HTML-embedded scripting language (Embedded SAPI library)

php5-cgi – server-side, HTML-embedded scripting language (CGI binary)

php5-cli – command-line interpreter for the php5 scripting language

php5-common – Common files for packages built from the php5 source

php5-curl – CURL module for php5

php5-dbg – Debug symbols for PHP5

php5-dev – Files for PHP5 module development

php5-enchant – Enchant module for php5

php5-fpm – server-side, HTML-embedded scripting language (FPM-CGI binary)

php5-gd – GD module for php5

php5-gmp – GMP module for php5

php5-imap – IMAP module for php5

php5-interbase – interbase/firebird module for php5

php5-intl – internationalisation module for php5

php5-ldap – LDAP module for php5

php5-mcrypt – MCrypt module for php5

php5-mysql – MySQL module for php5

php5-mysqlnd – MySQL module for php5 (Native Driver)

php5-odbc – ODBC module for php5

php5-pgsql – PostgreSQL module for php5

php5-phpdbg – server-side, HTML-embedded scripting language (PHPDBG binary)

php5-pspell – pspell module for php5

php5-readline – Readline module for php5

php5-recode – recode module for php5

php5-snmp – SNMP module for php5

php5-sqlite – SQLite module for php5

php5-sybase – Sybase / MS SQL Server module for php5

php5-tidy – tidy module for php5

php5-xmlrpc – XML-RPC module for php5

php5-xsl – XSL module for php5

php5-librdf – PHP5 language bindings for the Redland RDF library

php5-remctl – PECL module for Kerberos-authenticated command execution

php5-twig – Enhance performance of the Twig template engine

php5-uprofiler – hierarchical profiler for PHP (extension)

php5-xcache – Fast, stable PHP opcode cacher

php5-xdebug – Xdebug Module for PHP 5

php5-xhprof – Hierarchical Profiler for PHP5

Optional: Install Perl, for Perl apps

Type the following apt-get command to instal Perl module for Apache 2:

# apt-get install perl libapache2-mod-perl2

Optional: Install Python, for python apps

Type the following apt-get command to instal Python module for Apache 2:

# apt-get install python libapache2-mod-python

LAMP configurations

At this stage required software packages are installed. To find your severs’s IP address, run:

# ifconfig eth0

OR

# ip addr show eth0

Sample outputs:

2: eth0:  mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

link/ether 00:08:9b:c4:30:30 brd ff:ff:ff:ff:ff:ff

inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0

valid_lft forever preferred_lft forever

inet6 fe80::208:9bff:fec4:3030/64 scope link

valid_lft forever preferred_lft forever

Fire a web-browser and test it by typing your server IP address:

http://192.168.1.10/

Sample outputs:

Fig.02: The default Apache 2 page on Debian Linux 8

Configure Apache

Edit /etc/apache2/apache2.conf file, enter:

# vi /etc/apache2/apache2.conf

Make sure you setup port, IP address, and other information as per your needs. Finally, restart the server:

# systemctl restart apache2

HOW DO I CONFIGURE NAME BASED VIRTUAL HOST FOR DOMAIN CALLED CYBERCITI.BIZ?

First, create directories, as follows:

# D= cyberciti.biz

# mkdir -p /var/www/html/$D/html_root

# mkdir -p /var/log/apache2/$D/

Create /etc/apache2/sites-available/$D.conf file:

# vi /etc/apache2/sites-available/$D.conf

Append the following directives:

<VirtualHost *:80>

ServerAdmin webmaster@cyberciti.biz

ServerName cyberciti.biz

ServerAlias www.cyberciti.biz

DocumentRoot /var/www/html/cyberciti.biz/html_root

ErrorLog  /var/log/apache2/cyberciti.biz/logs/error.log

CustomLog  /var/log/apache2/cyberciti.biz/logs/access.log combined

</VirtualHost>

Save and close the file. Turn on configuration:

# a2ensite $D.conf

Again, restart apache server:

# systemctl restart apache2

Configure MySQL server

First, secure your mysql server, type:

# mysql_secure_installation

Create a sample mysql database called wordpress. First, login as follows:

# mysql -u root -p

Type the following sql commands at mysql> prompt:

mysql> create database wordpress;

mysql> grant all on wordpress.* to  vivek  identified by  1SfFAi9$ ;

mysql> quit

The above will create a database called ‘wordpress’ and grant your users permissions on it with username ‘vivek’ and the password ‘1SfFAi9$’. See how to create and use database/users on MySQL for more info.

Configure PHP

Edit /etc/php5/apache2/php.ini, enter:

# vi /etc/php5/apache2/php.ini

Append or modify as follows:

;

; *******************************************************************************************************

; NOTE: These settings are good starting points, but should be adjusted to best suite your requirements.*

; *******************************************************************************************************

; Set error reporting to a log file

display_errors=Off

error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR

error_log = /var/log/apache2/php-error.log

; Again set this as per your needs – Anit DoS settings

max_execution_time =  30

max_input_time = 30

memory_limit = 40M

; No exposing is allowed

expose_php=Off

; Disable file uploads

file_uploads=Off

; Turn off remote execution

allow_url_fopen=Off

allow_url_include=Off

; Block dangerous php functions

disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source

Note: See our php 5 security tips guide and block php functions which are not suppose to use for more information.

Again, restart apache 2 server:

# systemctl restart apache2

Next, create /var/www/html/info.php file to test PHP:

# echo  <?php phpinfo(); ?>  > /var/www/html/info.php

Test url:

http://192.168.1.10/info.php

Sample outputs:

Fig.03 Apache 2 php test page on Debian Linux 8

Security: Firewall settings

You need to open port 80:

/sbin/iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

See our firewall settings guide on Debain for more information.

Security: Permission for /var/www/html/ DocumentRoot directory

Make sure you set files and directories permission as follows:

Must run as root user ##

# Make sure Apache user owns /var/www/html/

chown -R www-data:www-data /var/www/html

# Make sure it is read-only

chmod -R 0444 /var/www/html/

# Make sure Apache can read files in sub-dirs to avoid HTTP/403 status errors

find /var/www/html/ -type d -print0 | xargs -0 -I {} chmod 0445  {}

# Do you need to give write permission to certain directories like $D/blog/wp-cache/?

# Edit as per needs

# chmod -R 0775 /var/www/html/cyberciti.biz/blog/wp-cache/

# echo  Deny from all  >>  /var/www/html/cyberciti.biz/blog/wp-cache/

# EOF

Important commands

To start/stop/restart and to see status of Apache 2, enter:

# systemctl start apache2

# systemctl stop apache2

# systemctl restart apache2

# systemctl status apache2

To start/stop/restart and to see status of MySQL server, enter:

# systemctl start mysql

# systemctl stop mysql

# systemctl restart mysql

# systemctl status mysql

Verify that port # 80 open:

# netstat -tulpn | grep :80

# ss -t -a

# ss -t -a | grep http

# ss -o state established  ( dport = :http or sport = :http )

# iptable -L -n -v | less

Important log files

To see Apache 2 log files, enter:

tail -f /var/log/apache2/access.log

tail -f /var/log/apache2/error.log

grep something /var/log/apache2/error.log

PHP ##

tail -f /var/log/apache2/php-error.log

Vhost cyberciti.biz ##

tail -f /var/log/apache2/cyberciti.biz/logs/error.log

tail -f /var/log/apache2/cyberciti.biz/logs/access.log

grep something /var/log/apache2/cyberciti.biz/logs/error.log

Now, you have installed LAMP stack on your Debian v8.x server.

uhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. How can I install suhosin extension on a Debian v8.x or Ubuntu Linux 14.04 LTS server?

Suhosin (Korean ìˆ˜í˜¸ì‹ , meaning guardian-angel) is used to securing PHP web applications such as WordPress and others. Suhosin comes as the extension and the patch. Both parts can be installed separately and have no dependencies to each other.

How To Installing Suhosin on Debian and Ubuntu [Binary Method]

Type the following command on a Ubuntu Linux 14.04 LTS server:

sudo -s

echo  deb http://repo.suhosin.org/ ubuntu-trusty main  >> /etc/apt/sources.list

apt-get update

Debian Linux 8.x user type the following command:

sudo -s

echo  deb http://repo.suhosin.org/ debian-jessie main  >> /etc/apt/sources.list

apt-get update

Sample outputs:

Ign http://security.ubuntu.com trusty-security InRelease

Get:1 http://security.ubuntu.com trusty-security Release.gpg [933 B]

Get:2 http://security.ubuntu.com trusty-security Release [63.5 kB]

Ign http://archive.ubuntu.com trusty InRelease

Ign http://archive.ubuntu.com trusty-updates InRelease

Get:3 http://security.ubuntu.com trusty-security/main amd64 Packages [319 kB]

Hit http://archive.ubuntu.com trusty Release.gpg

Ign http://repo.suhosin.org ubuntu-trusty InRelease

Get:4 http://security.ubuntu.com trusty-security/restricted amd64 Packages [8,875 B]

Get:5 http://security.ubuntu.com trusty-security/universe amd64 Packages [111 kB]

Get:6 http://archive.ubuntu.com trusty-updates Release.gpg [933 B]

Get:7 http://security.ubuntu.com trusty-security/multiverse amd64 Packages [3,683 B]

Get:8 http://repo.suhosin.org ubuntu-trusty Release.gpg [816 B]

Get:9 http://security.ubuntu.com trusty-security/main Translation-en [172 kB]

Hit http://archive.ubuntu.com trusty Release

Get:10 http://repo.suhosin.org ubuntu-trusty Release [1,074 B]

Get:11 http://archive.ubuntu.com trusty-updates Release [63.5 kB]

Get:12 http://repo.suhosin.org ubuntu-trusty/main amd64 Packages [722 B]

Hit http://security.ubuntu.com trusty-security/multiverse Translation-en

Hit http://archive.ubuntu.com trusty/main amd64 Packages

Hit http://security.ubuntu.com trusty-security/restricted Translation-en

Hit http://security.ubuntu.com trusty-security/universe Translation-en

Hit http://archive.ubuntu.com trusty/restricted amd64 Packages

Hit http://archive.ubuntu.com trusty/universe amd64 Packages

Hit http://archive.ubuntu.com trusty/multiverse amd64 Packages

Hit http://archive.ubuntu.com trusty/main Translation-en

Hit http://archive.ubuntu.com trusty/multiverse Translation-en

Ign http://repo.suhosin.org ubuntu-trusty/main Translation-en_US

Hit http://archive.ubuntu.com trusty/restricted Translation-en

Ign http://repo.suhosin.org ubuntu-trusty/main Translation-en

Hit http://archive.ubuntu.com trusty/universe Translation-en

Get:13 http://archive.ubuntu.com trusty-updates/main amd64 Packages [584 kB]

Get:14 http://archive.ubuntu.com trusty-updates/restricted amd64 Packages [11.8 kB]

Get:15 http://archive.ubuntu.com trusty-updates/universe amd64 Packages [297 kB]

Get:16 http://archive.ubuntu.com trusty-updates/multiverse amd64 Packages [12.0 kB]

Hit http://archive.ubuntu.com trusty-updates/main Translation-en

Hit http://archive.ubuntu.com trusty-updates/multiverse Translation-en

Hit http://archive.ubuntu.com trusty-updates/restricted Translation-en

Hit http://archive.ubuntu.com trusty-updates/universe Translation-en

Ign http://archive.ubuntu.com trusty/main Translation-en_US

Ign http://archive.ubuntu.com trusty/multiverse Translation-en_US

Ign http://archive.ubuntu.com trusty/restricted Translation-en_US

Ign http://archive.ubuntu.com trusty/universe Translation-en_US

Fetched 1,651 kB in 6s (250 kB/s)

Reading package lists… Done

The repository suhosin.org is signed with key, so install it with wget command:

Run as root user ##

wget https://sektioneins.de/files/repository.asc

sudo apt-key add repository.asc

Sample outputs:

Fig.01: Installing key

Next, type the following apt-get command to install the php5-suhosin-extension package, run:

sudo apt-get install php5-suhosin-extension

Sample outputs:

Fig.02: Installing php5-suhosin-extension package

Enable the php5-suhosin-extension

sudo php5enmod php5-suhosin

Restart php5-fpm on a Ubuntu LTS 14.04

sudo /sbin/restart php5-fpm

Restart php5-fpm on a Debian Linux 8.0

sudo systemctl restart php5-fpm

Test it

Create a file called test.php:

sudo vi /var/www/test.php

Append the following code:

<?php

phpinfo();

?>

Save and close the file. You can open the Browser and type the following url:

http://server-ip-here/test.php

OR

http://1.2.3.4/test.php

Sample outputs:

Fig.03: Suhosin enabled on server

Configuration

You need to edit the file /etc/php5/mods-available/suhosin.ini, enter:

# vi /etc/php5/mods-available/suhosin.ini

You can see comma separated whitelist of functions are not allowed to be called:

suhosin.executor.func.blacklist = assert,unserialize,exec,popen,proc_open,passthru,shell_exec,system,hail,parse_str,mt_srand

suhosin.executor.eval.whitelist = assert,unserialize,exec,popen,proc_open,passthru,shell_exec,system,hail,parse_str,mt_srand

Save and close the file. You need to restart php5-fpm. I suggest you see the configuration page for a complete list of possible configuration options.

Error: your composer.lock file is not up to date, run “composer update” to install newer dependencies

How do I install composer command for my PHP installation on Debian or Ubuntu Linux running LAMP or LEMP stack?

How do I Install and use Composer on running Ubuntu Linux server and fix this problem for mediawiki installation and/or manage and install PHP packages and dependencies for my project?

Composer is a dependency manager tool for PHP. It installs and updates the libraries for your project. It is not a package manager like yum command or apt-get command.

It is desgined to use with each individual project like Mediawiki or your own custom app written in PHP.

There are many open source projects and frameworks written in php use Composer to manage and install their packages and dependencies.

In this tutorial you will learn how to install composer globally on Debian or Ubuntu Linux server. The following instructions should also work with RHEL/CentOS Linux 7.x or any other modern Linux distro.

The problem

When you try to update mediawiki to v1.26.0 using the following command:

[wwwuser@server1.cyberciti.biz:~/wiki]$ php update.php

You will will get the following error:

MediaWiki 1.26.0 Updater

composer/semver: not installed, 1.0.0 required.

liuggio/statsd-php-client: 1.0.12 installed, 1.0.16 required.

oyejorge/less.php: not installed, 1.7.0.9 required.

mediawiki/at-ease: not installed, 1.1.0 required.

oojs/oojs-ui: 0.11.3 installed, 0.12.12 required.

wikimedia/assert: not installed, 0.2.2 required.

wikimedia/cdb: 1.0.1 installed, 1.3.0 required.

wikimedia/composer-merge-plugin: 1.0.0 installed, 1.3.0 required.

wikimedia/ip-set: not installed, 1.0.1 required.

wikimedia/utfnormal: 1.0.2 installed, 1.0.3 required.

wikimedia/wrappedstring: not installed, 2.0.0 required.

zordius/lightncandy: 0.18 installed, 0.21 required.

Error: your composer.lock file is not up to date, run  composer update  to install newer dependencies

To fix this problem you need to install the composer tool.

Installation

Make sure curl and php-cli, curl and related tools are installed on your Debian or Ubuntu server (14.04 LTS or older):

$ sudo apt-get install curl php5-cli git

Sample outputs:

Reading package lists… Done

Building dependency tree

Reading state information… Done

php5-cli is already the newest version.

The following extra packages will be installed:

git-man libcurl3 liberror-perl patch rsync

Suggested packages:

gettext-base git-daemon-run git-daemon-sysvinit git-doc git-el git-email

git-gui gitk gitweb git-arch git-bzr git-cvs git-mediawiki git-svn ed

diffutils-doc openssh-server

The following NEW packages will be installed:

curl git git-man libcurl3 liberror-perl patch rsync

0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded.

Need to get 4,011 kB of archives.

After this operation, 23.4 MB of additional disk space will be used.

Do you want to continue? [Y/n] y

Get:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libcurl3 amd64 7.35.0-1ubuntu2.5 [173 kB]

Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main rsync amd64 3.1.0-2ubuntu0.1 [283 kB]

Get:3 http://archive.ubuntu.com/ubuntu/ trusty-updates/main curl amd64 7.35.0-1ubuntu2.5 [123 kB]

Get:4 http://archive.ubuntu.com/ubuntu/ trusty/main liberror-perl all 0.17-1.1 [21.1 kB]

Get:5 http://archive.ubuntu.com/ubuntu/ trusty-updates/main git-man all 1:1.9.1-1ubuntu0.1 [698 kB]

Get:6 http://archive.ubuntu.com/ubuntu/ trusty-updates/main git amd64 1:1.9.1-1ubuntu0.1 [2,627 kB]

Get:7 http://archive.ubuntu.com/ubuntu/ trusty-updates/main patch amd64 2.7.1-4ubuntu2.3 [86.4 kB]

Fetched 4,011 kB in 1s (2,181 kB/s)

Selecting previously unselected package libcurl3:amd64.

(Reading database … 16719 files and directories currently installed.)

Preparing to unpack …/libcurl3_7.35.0-1ubuntu2.5_amd64.deb …

Unpacking libcurl3:amd64 (7.35.0-1ubuntu2.5) …

Selecting previously unselected package rsync.

Preparing to unpack …/rsync_3.1.0-2ubuntu0.1_amd64.deb …

Unpacking rsync (3.1.0-2ubuntu0.1) …

Selecting previously unselected package curl.

Preparing to unpack …/curl_7.35.0-1ubuntu2.5_amd64.deb …

Unpacking curl (7.35.0-1ubuntu2.5) …

Selecting previously unselected package liberror-perl.

Preparing to unpack …/liberror-perl_0.17-1.1_all.deb …

Unpacking liberror-perl (0.17-1.1) …

Selecting previously unselected package git-man.

Preparing to unpack …/git-man_1%3a1.9.1-1ubuntu0.1_all.deb …

Unpacking git-man (1:1.9.1-1ubuntu0.1) …

Selecting previously unselected package git.

Preparing to unpack …/git_1%3a1.9.1-1ubuntu0.1_amd64.deb …

Unpacking git (1:1.9.1-1ubuntu0.1) …

Selecting previously unselected package patch.

Preparing to unpack …/patch_2.7.1-4ubuntu2.3_amd64.deb …

Unpacking patch (2.7.1-4ubuntu2.3) …

Processing triggers for ureadahead (0.100.0-16) …

Setting up libcurl3:amd64 (7.35.0-1ubuntu2.5) …

Setting up rsync (3.1.0-2ubuntu0.1) …

Removing any system startup links for /etc/init.d/rsync …

update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match rsync Default-Stop values (none)

Adding system startup for /etc/init.d/rsync …

/etc/rc0.d/K20rsync -> ../init.d/rsync

/etc/rc1.d/K20rsync -> ../init.d/rsync

/etc/rc6.d/K20rsync -> ../init.d/rsync

/etc/rc2.d/S20rsync -> ../init.d/rsync

/etc/rc3.d/S20rsync -> ../init.d/rsync

/etc/rc4.d/S20rsync -> ../init.d/rsync

/etc/rc5.d/S20rsync -> ../init.d/rsync

Setting up curl (7.35.0-1ubuntu2.5) …

Setting up liberror-perl (0.17-1.1) …

Setting up git-man (1:1.9.1-1ubuntu0.1) …

Setting up git (1:1.9.1-1ubuntu0.1) …

Setting up patch (2.7.1-4ubuntu2.3) …

Processing triggers for libc-bin (2.19-0ubuntu6.6) …

Processing triggers for ureadahead (0.100.0-16) …

If you are using Ubuntu Linux 16.04 LTS or newer and want to use PHP 7.x, run:

$ sudo apt install curl php7.0-cli git

Install composer tool

Next install composer on Debian or Ubuntu Linux in /usr/local/bin/ directory as follows:

$ curl -sS https://getcomposer.org/installer | sudo php — –install-dir=/usr/local/bin –filename=composer

Sample outputs:

Fig.01: Installing composer on your server running Ubuntu Linux

Verify composer

To verify installation type:

$ composer

OR

$ /usr/local/bin/composer

The Sample outputs:

______

/ ____/___  ____ ___  ____  ____  ________  _____

/ /   / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/

/ /___/ /_/ / / / / / / /_/ / /_/ (__  )  __/ /

\____/\____/_/ /_/ /_/ .___/\____/____/\___/_/

/_/

Composer version 1.0-dev (1c525b76f81123af180743d31c208c29351cf931) 2015-12-09 15:47:26

Usage:

command [options] [arguments]

Options:

-h, –help                     Display this help message

-q, –quiet                    Do not output any message

-V, –version                  Display this application version

–ansi                     Force ANSI output

–no-ansi                  Disable ANSI output

-n, –no-interaction           Do not ask any interactive question

–profile                  Display timing and memory usage information

-d, –working-dir=WORKING-DIR  If specified, use the given directory as working directory.

-v|vv|vvv, –verbose           Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug

Available commands:

about           Short information about Composer

archive         Create an archive of this composer package

browse          Opens the package s repository URL or homepage in your browser.

clear-cache     Clears composer s internal package cache.

clearcache      Clears composer s internal package cache.

config          Set config options

create-project  Create new project from a package into given directory.

depends         Shows which packages depend on the given package

diagnose        Diagnoses the system to identify common errors.

dump-autoload   Dumps the autoloader

dumpautoload    Dumps the autoloader

global          Allows running commands in the global composer dir ($COMPOSER_HOME).

help            Displays help for a command

home            Opens the package s repository URL or homepage in your browser.

info            Show information about packages

init            Creates a basic composer.json file in current directory.

install         Installs the project dependencies from the composer.lock file if present, or falls back on the composer.json.

licenses        Show information about licenses of dependencies

lint            Run the lint script as defined in composer.json.

list            Lists commands

phpcs           Run the phpcs script as defined in composer.json.

remove          Removes a package from the require or require-dev

require         Adds required packages to your composer.json and installs them

run-script      Run the scripts defined in composer.json.

search          Search for packages

self-update     Updates composer.phar to the latest version.

selfupdate      Updates composer.phar to the latest version.

show            Show information about packages

status          Show a list of locally modified packages

suggests        Show package suggestions

test            Run the test script as defined in composer.json.

update          Updates your dependencies to the latest version according to composer.json, and updates the composer.lock file.

validate        Validates a composer.json and composer.lock

How does composer work?

To use Composer you need to create or use composer.json file supplied by your vendor such as mediawiki. This file defines the dependencies of php app or project. Here is sample file from mediawiki project:

{

name :  mediawiki/core ,

description :  Free software wiki application developed by the Wikimedia Foundation and others ,

keywords : [ mediawiki ,  wiki ],

homepage :  https://www.mediawiki.org/ ,

authors : [

{

name :  MediaWiki Community ,

homepage :  https://www.mediawiki.org/wiki/Special:Version/Credits

}

],

license :  GPL-2.0+ ,

support : {

issues :  https://bugs.mediawiki.org/ ,

irc :  irc://irc.freenode.net/mediawiki ,

wiki :  https://www.mediawiki.org/

},

require : {

composer/semver :  1.0.0 ,

cssjanus/cssjanus :  1.1.1 ,

ext-iconv :  * ,

liuggio/statsd-php-client :  1.0.16 ,

oyejorge/less.php :  1.7.0.9 ,

mediawiki/at-ease :  1.1.0 ,

oojs/oojs-ui :  0.12.12 ,

php :  >=5.3.3 ,

psr/log :  1.0.0 ,

wikimedia/assert :  0.2.2 ,

wikimedia/cdb :  1.3.0 ,

wikimedia/composer-merge-plugin :  1.3.0 ,

wikimedia/ip-set :  1.0.1 ,

wikimedia/utfnormal :  1.0.3 ,

wikimedia/wrappedstring :  2.0.0 ,

zordius/lightncandy :  0.21

}

}

How do I install dependencies defined in composer.json file?

Simply type the following command to download and install all dependencies for your app/project:

$ composer install

OR switch to core project directory such as /var/www/html/wiki and run:

$ cd /var/www/html/wiki && composer install –no-dev

Sample outputs:

Loading composer repositories with package information

Installing dependencies from lock file

Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. Run update to update them.

– Removing composer/semver (1.0.0)

– Removing oyejorge/less.php (v1.7.0.9)

– Removing mediawiki/at-ease (v1.1.0)

– Removing wikimedia/avro (v1.7.7)

– Removing nmred/kafka-php (v0.1.4)

– Removing wikimedia/ip-set (1.0.1)

– Removing firebase/php-jwt (v2.1.0)

– Removing symfony/process (v2.7.3)

– Removing ruflin/elastica (2.2.0)

– Removing wikimedia/wrappedstring (v2.0.0)

– Removing monolog/monolog (1.14.0)

– Removing kzykhys/pygments (v1.0.0)

– Removing wikimedia/assert (v0.2.2)

– Removing wikimedia/composer-merge-plugin (v1.3.0)

– Installing wikimedia/composer-merge-plugin (v1.0.0)

Downloading: 100%

– Removing liuggio/statsd-php-client (v1.0.16)

– Installing liuggio/statsd-php-client (v1.0.12)

Downloading: 100%

– Removing oojs/oojs-ui (v0.12.12)

– Installing oojs/oojs-ui (v0.11.3)

Downloading: 100%

– Removing wikimedia/cdb (1.3.0)

– Installing wikimedia/cdb (1.0.1)

Downloading: 100%

– Removing wikimedia/utfnormal (v1.0.3)

– Installing wikimedia/utfnormal (v1.0.2)

Downloading: 100%

– Removing zordius/lightncandy (v0.21)

– Installing zordius/lightncandy (v0.18)

Downloading: 100%

– Installing leafo/lessphp (v0.5.0)

Downloading: 100%

Generating optimized autoload files

The above will also create composer.lock file which can be used to update the dependencies later on to the latest version.

How do I update composer.lock file?

If there is no .lock file, this tool will create one based on the dependencies from the .json file. To fetch the dependent libraries to newer versions, run the following command i.e. if you have an existing composer.lock file you will need to run it as follows:

$ composer update

OR switch to core project directory such as /var/www/html/wiki and run:

$ cd /var/www/html/wiki/ && composer update –no-dev

Sample outputs:

ComposerHookHandler::onPreUpdate

Deprecation Notice: The Composer\Package\LinkConstraint\VersionConstraint class is deprecated, use Composer\Semver\Constraint\Constraint instead. in phar:///usr/local/bin/composer/src/Composer/Package/LinkConstraint/VersionConstraint.php:17

Deprecation Notice: The Composer\Package\LinkConstraint\LinkConstraintInterface interface is deprecated, use Composer\Semver\Constraint\ConstraintInterface instead. in phar:///usr/local/bin/composer/src/Composer/Package/LinkConstraint/LinkConstraintInterface.php:17

Updating dependencies

– Removing leafo/lessphp (v0.5.0)

– Removing wikimedia/composer-merge-plugin (v1.0.0)

– Installing wikimedia/composer-merge-plugin (v1.3.0)

Downloading: Connecting…

Downloading: 100%

– Removing liuggio/statsd-php-client (v1.0.12)

– Installing liuggio/statsd-php-client (v1.0.16)

Downloading: Connecting…

Downloading: 100%

– Installing mediawiki/at-ease (v1.1.0)

Downloading: 100%

– Removing oojs/oojs-ui (v0.11.3)

– Installing oojs/oojs-ui (v0.12.12)

Downloading: 100%

– Removing wikimedia/cdb (1.0.1)

– Installing wikimedia/cdb (1.3.0)

Downloading: 100%

– Removing wikimedia/utfnormal (v1.0.2)

– Installing wikimedia/utfnormal (v1.0.3)

Downloading: 100%

– Removing zordius/lightncandy (v0.18)

– Installing zordius/lightncandy (v0.21)

Downloading: 100%

– Installing composer/semver (1.0.0)

Downloading: 100%

– Installing oyejorge/less.php (v1.7.0.9)

Downloading: 100%

– Installing wikimedia/assert (v0.2.2)

Downloading: 100%

– Installing wikimedia/ip-set (1.0.1)

Downloading: 100%

– Installing wikimedia/wrappedstring (v2.0.0)

Downloading: 100%

Writing lock file

Generating optimized autoload files

Finally updating mediawiki to version 1.26.0

Now mediawiki will be updated without any problem as composer already fetched required libs for your php app:

$ cd /var/www/html/wiki/

$ php update.php

Command summary

This tutorial described how to install the composer and update mediawiki. But, if you just need the composer tool for your own project, just run the following commands:

$ sudo apt-get install curl php5-cli git

$ sudo curl -sS https://getcomposer.org/installer | sudo php — –install-dir=/usr/local/bin –filename=composer

$ composer

Now create your own .json file:

$ cd /my/cool/project/

$ vi composer.json

Install the dependencies for your project from composer.json, enter:

$ composer install

To update the dependencies for your project:

$ composer update

And, there you have it composer installed and working for your LAMP project. For further information please see the official composer project documentation here.

removed www.example.com/foo/file.html from my domain. But, it is still being crawled by Google/Yahoo and many other bots. How do I return a HTTP-410 gone error i.e. tell these bots that resource permanently does not exist using Apache HTTPD server on a CentOS/RHEL/Fedora/Ubuntu/Debian and Unix-like operating system?

The http error status code 410 indicates that the resource (images,css,js and all other files) requested is no longer available and will not be available again ever. This 410 status code may be used when a resource has been intentionally deleted or part of unique url generated using some sort of token for given session (for example cached pdf file). Upon receiving a 410 status code, the client or bot should not request the resource again in the future. Bots such as search engines should remove the resource from their index. In this quick tutorial you will learn how to serve HTTP status code 410 from Apache rather than a 404 or 403 error code.

Configuration

The simplest configuration is to add the following line in .htaccess file using mod_alias Redirect directive. Cd to your DocumentRoot such as /var/www/html/:

$ cd /var/www/html/

$ vi .htaccess

Append the following line:

Redirect gone /foo/file.html

OR

Redirect 410 /foo/bar/demo.php

You can also use of regular expressions using RedirectMatch directive as follows:

# Syntax

RedirectMatch gone regex-here

# Match all .png files in /foo/

RedirectMatch gone  /foo/\.png$

# Another example for gif files starting with bar name

RedirectMatch gone  /foo/bar*\.png$

# One more example. We now have resposive site so remove all old mobile friendly html pages

RedirectMatch gone  /mobilesite/*.html$

Adding friendly message page

Although the Apache Server disparages generic error responses in the event of 4xx or 5xx HTTP status codes, these responses are rather stark, uninformative, and can be intimidating to site users. You may wish to provide custom error responses which are either friendlier, or in some language other than English, or perhaps which are styled more in line with your site layout. So append the following code:

ErrorDocument 410 /errorpages/410-mobile.gone.html

Save and close the file. Next create 410-mobile.gone.html in your DocumentRoot directory (for e.g. /var/www/html/errorpage/)

$ mkdir /var/www/html/errorpage/ && cd $_

$ vi 410-mobile.gone.html

Append the error message as per your needs:

<html>

<head>

<title>Page Gone – 410 Error</title>

</head>

<body>

<blockquote>

<h1>Error 410 – Page deleted or gone</h1>

This might be because:

<ul>

<li>You have typed the web address incorrectly, or the page you were looking for may have deleted.</li>

</ul>

Please try the following options instead:

<ul>

<li>Use <a href= /search.html >search option</a> to see if it s available elsewhere. Or visit our home page for the latest info.</li>

</ul>

<hr>

<small>If you feel like it, mail the url, and where you came from to webmaster@example.com</small>

</blockquote>

</body>

</html>

Your visitor will see the page as follows along with HTTP/1.1 410 gone status code:

Fig.01: HTTP/1.1 410 gone HTML page sample

Verify error code

Simply type the following curl command:

$ curl -I www.example.com/foo/page.html

$ curl -I www.example.com/mobilesite/4242.html

Sample outputs:

HTTP/1.1 410 Gone

Server: Apache

Date: Mon, 14 Dec 2015 14:52:28 GMT

Content-Type: text/html

Content-Length: 335

Connection: keep-alive

Please note that you must get ‘HTTP/1.1 410 Gone’ as status code.

How do I generate a HTTP-410 error for complete domain?

Add the following to your VirtualHost or .htaccess. This is done using mod_rewrite:

RewriteEngine On

RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC]

RewriteRule ^(.*)$ – [L,G]

Save and close the file.

References

Apache custom error pages.

Mod_alias documentation.

Mod_rewrite documentation.

serious vulnerability was discovered in how CGI scripts are used by Linux or Unix that use PHP, Go, Python, and other scripting languages. How do I fix Httpoxy a CGI application vulnerability on Linux or Unix for HAProxy, Varnish, Nginx, PHP, Go, Python, Tomcat and others?

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict:

RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY

HTTP_PROXY is a popular environment variable used to configure an outgoing proxy

This leads to a remotely exploitable vulnerability. If youâ€re running PHP or CGI, you should block the Proxy header. This attack use HTTP_PROXY for Man-in-the-Middle” attack. The following web servers, web frameworks and programming languages are affected:

Go lang (CVE-2016-5386)

PHP lang (CVE-2016-5385)

HHVM (CVE-2016-1000109)

Python (CVE-2016-1000110)

Apache Tomcat (CVE-2016-5388)

Servers Apache (CVE-2016-5387)/Nginx/Varnish/Httpoxy.

Disro – RHEL and CentOS and others.

Patch your OS and Apps

First install all available updates for your operating system and application software such as Apache, PHP, Nginx and more:

$ sudo apt-get update && sudo apt-get upgrade

OR

$ sudo dnf update

OR

$ sudo yum update

Httpoxy mitigation for Nginx proxy server

Edit your nginx.conf or fastcgi_params file:

# vi /etc/nginx/ fastcgi_params

Add the following directives:

fastcgi_param  HTTP_PROXY    ;

When proxying HTTP requests to an upstream application, itâ€s wise to set any Proxy header to the empty string, in case the upstream application is running on a vulnerable platform (added in your nginx.conf’s when load balancing and proxying HTTP traffic):

proxy_set_header Proxy   ;

Save and close the file. Reload/restart the nginx server:

# systemctl reload nginx

Httpoxy mitigation for Apache server

You can use mod_headers. Edit /etc/httpd/conf.d/site.conf or httpd.conf :

# vi /etc/httpd/conf.d/site.conf

Add the following directives:

RequestHeader unset Proxy

Save and close the file. Restart the apache server:

# systemctl restart httpd

http-request del-header Proxy

Httpoxy mitigation using HAProxy

Edit /etc/haproxy/haproxy.cfg and edit/append as follows to remove Proxy header:

http-request del-header Proxy

Restart the Httpoxy:

# systemctl restart haproxy

Httpoxy mitigation using Varnish

Edit the /etc/varnish/default.vcl and edit/append as follows to remove Proxy header (find and add in sub vcl_recv { … } section):

unset req.http.proxy;

Save and close the file. Restart the varnish:

# systemctl restart varnish

Httpoxy mitigation for PHP/Go lang cgi apps

You need to configure your web application firewall (such as Nginx) to remove the Proxy header from incoming HTTP requests. See above for Nginx and Apache proxy specific info.

Fixing your php app by editing .php file

Edit your PHP file and make sure he following statement near the top, after <?php:

<?php

/* Warning: Not tested and may not be effective */

putenv( HTTP_PROXY= ); $_SERVER[HTTP_PROXY] =   ;

/* NOTE */

/* If you are running PHP under Apache/mod_php, also add after the above: */

apache_putenv( HTTP_PROXY ,   );

/* rest of your php script */

Save and close the file.

Fixing your php app by editing go program file

Edit the following changes to your program as follows:

import  os

os.Unsetenv( HTTP_PROXY )

Verification

To fix the issue, temporarily install the following as a CGI script on your server and make it executable (say at /var/www/html/cgi-bin/test.cgi):

#!/bin/sh

echo  Content-Type:text/plain

​echo

echo  HTTP_PROXY= $HTTP_PROXY

Save and close the file. Make it executable:

chmod +x test.cgi

Call it as follows:

curl -H  Proxy: AFFECTED  http://your-server-ip-or-name/cgi-bin/test.cgi

If you see the following output, your server is unaffected:

HTTP_PROXY=

If instead you see the following, or any other output, your server may be affected and you should apply one of the mitigations as discussed above:

HTTP_PROXY= AFFECTED

References

For more information see https://httpoxy.org/ and httpoxy flaw info from Red Hat.

Apache HTTP server httpoxy security advisory.

Mitigating the HTTPoxy Vulnerability with NGINX

am getting the following error in my /var/log/php7.0-fpm.log file:

“ERROR: failed to prepare the stderr pipe: Too many open files (24)”

How do I fix this problem?

You need to set open file descriptor rlimit for the PHP master process. The default value is system defined but one can increase it as per needs.

php-fpm too many open files error and solution

Edit php-fpm.conf

# vi /etc/php/7.0/fpm/php-fpm.conf

Find rlimit_files

;rlimit_files = 1024

And update it as follows (or as per your need):

rlimit_files = 4096

Save and close the file. Restart php7-0.fpm, run:

# systemctl restart php7.0-fpm

Increase FD limit at the OS level

Find user/group name:

$ grep ^user /etc/php/7.0/fpm/pool.d/www.conf

$ grep ^group /etc/php/7.0/fpm/pool.d/www.conf

www-data

www-data

Edit /etc/security/limits.conf, enter:

# vi /etc/security/limits.conf

Append as follows (replace user/group name with your actual names):

www-data       soft    nofile  4096

www-data       hard    nofile  4096

Restart required process. Save and close the file. Verify it:

$ su – www-data

To see the hard and soft values, issue the command as follows:

$ ulimit -Hn

$ ulimit -Sn

have a php script and whenever I run it, I get the following error message in my log file:

2017/02/05 23:25:46 [error] 9696#9696: *10 FastCGI sent in stderr: “PHP message: PHP Fatal error: Call to undefined function gzinflate() in /home/xxxx/http/includes/functions.php(1) : eval()’d code on line 1″ while reading response header from upstream, client: 10.218.105.1, server: newsletter.cyberciti.biz, request: “GET /a/ HTTP/1.0”, upstream: “fastcgi://127.0.0.1:9000”, host: “server1.cyberciti.biz”

How do I fix this problem on Alpine Linux or Unix operating systems?

You need to use Zlib. The Zlib support in PHP is not enabled by default. You will need to configure PHP –with-zlib[=DIR]. The Windows version of PHP has built-in support for this extension. You do not need to load any additional extensions in order to use these functions. However, on Linux or Unix you need to install php5-zlib or php7-zlib as per your distro.

Install php5-zlib or php7-zlib on Alpine Linux

# apk add php5-zlib

OR

# apk add php7-zlib

You must restart php-fpm or apache/lighttpd process:

# rc-service php-fpm restart

OR

# /etc/init.d/php-fpm restart

Install php56-zlib on FreeBSD

Type the following command:

# pkg install php56-zlib

OR

# pkg install php70-zlib

Make sure you restart the php-fpm:

# service php-fpm restart