Payments for programming skills such as Java (Java) and PHP (PHP) are on the rise. The salary announced in the field of technology for the third consecutive year in 2018 has increased to 7.1%.

Also, with the continued increase in demand for Java developers, PHP and NET (.NET.), Payments to technology experts have been increasing significantly.

During this three-year period, Java developers’ wages have experienced the greatest jump, up 41 percent, and their wages have risen by 6 percent since the start of the year.

The average Java developer has a budget of 63, 700 pounds, which can be increased to 70, 700 pounds depending on the employment data published in Reed.

The second-highest-paid, full-stack developer business (this title is in the field of software development and development, refers to a programmer who has full knowledge of a particular field and tools).

The average payment for this job is 53, 500, 60, 300 pounds. The wage growth of these programmers in the past year and 2016 was 6.6% and 18.8%, respectively.

PHP developers experienced the most wage increase last year. The average wage increase for the last three years was about 20.6%.

The developers also experienced widespread wage increases over the course of the course. The wages of these programmers reached £ 39,900 in 2016, up 18.8% to £ 47,400 this year.

In most directories, JavaScript, Java, and Python programming languages ​​are considered to be the most popular programming languages, respectively.

Data scientists, data analysts, industrial architects (digital technical architects) and network engineers and DBAs have also experienced a two-digit increase in their wages over the last three years.

Payments for business-related jobs, such as business analysis and project management, have also increased, but this increase has been lower than that of developers.

In fact, according to data released by Reed, IT specialist, is one of the few jobs that have been falling in wages over the past three years.

On average, AIT specialists’ wages fell from 89, 200 to 83, 600 pounds.

These data, derived from jobs and wages advertised between 2015 and 2017, are redeemed at Reed.

According to Reed’s website, these salary increases are associated with an increase in demand for employees dominant in these skills.

While demand for technology-related jobs in general in the year 2018 has increased by 10%, demand for statistical scientist, 20%, developer of 13%, and developer of Business (Business Intelligence) has increased by 13%, much higher than This is the average amount of this field.

 The demand for full-stack developer has also increased by 41% since the beginning of 2018, given the many skills that these developers should have.

“There are plenty of jobs for experienced mobile applications and front-end developers,” says Andrew Gardner, Reed Technology manager. In addition, companies have experienced cloud computing and storage related skills. have.

As a result of legislation such as the GDPR (European Union Privacy Policy), many requests are created; for example, data-driven jobs are growing; however, companies are sure that they have the right skills, systems and processes. ”

Do the reviews of the most popular programming languages provide the right results

Are the most popular programming languages ​​selected based on indicators and components? Are the most trusted programming languages ​​the most popular?

Usually, software professionals go to valid TIOBE charts to learn about the most popular programming languages.

Through these charts, they can find out which of the most popular programming languages ​​in the world are.

The valid TIOBE charts and the information provided on the popularity of programming languages ​​in these charts show that Java programming languages ​​and programming languages ​​C, programming languages ​​have become the most popular languages ​​over time, and from time to time.

But wait a moment and do not conclude too fast. The graphs and indicators provided by PYPL, as a competitor to TIOBE charts, show other results.

Based on PYPL charts, Python and Java programming languages ​​are among the most popular programming languages ​​and are essentially the kings of programming languages.

Based on the PYPL charts, the C language, which is incredibly developed with the C ++ programming language, is less popular, and is located in the lower sections of the ranking list of popularity of programming languages.

The question may well be for you: which are the correct results and which charts give you the right information?

One of the important things to keep in mind is that each of the graphs takes different indexes and components to select the most popular programming languages.

Of course, one common point in the methodology of both graphs is that the performance of both is controversial in measuring the plurality of programming languages.

TIOBE considers search engine quantification as a measure of measurement.

While PYPL is important, the importance of the frequency of searches, and how often they are searched, and takes it into consideration.

We must say that both measurement indicators do not consider good components for measurement. Of course, given the availability of online resources, the amount of searches in search engines can not be considered as one of the important indicators and is considered an old way.

Many millions of web pages may still provide information about a popular but old, perhaps dead, site, as there are many zombie sites (sites that fail to update their content for some reason) or blog posts that have not been read for many years. .

The extent to which content search is considered to be an important indicator of the popularity of a programming language is not a valid criterion.

Programming languages ​​are taught to students in educational environments, and therefore the frequency of searches for educational files is not a valid indicator for evaluation, and can provide very contradictory information.

This measure of scale, in principle, is not a significant indicator of what really can be, the degree of popularity of programming languages ​​out there.

Ultimately, it can not be determined with this information which programming languages ​​are really used by learners of programming languages ​​in practice.

When you pay more attention to numbers, you will also encounter more strange issues. According to the TIOBE charts, the programming language C, in its 5 minutes, has been ranked the “Programming Language Of The Year.”

It seems that the C language has reappeared in latency systems. However, the reason for such results in measurements can be related to incomplete and artificial methods of measurement.

The most controversial statistics are related to the Objective-C and Swift programming languages ​​used to write local applications on iOS.

Overall, the recent popularity of programming languages ​​for cross-platform platforms, such as Xamarin and React Native, seems to have declined.

Apple has been leaning towards the use of Swift programming language for about four years, and it seems to be a great programming language.

However, the Objective-C language is still much more popular and used extensively.

When looking at people who deal with iOS / tvOS / watchOS apps or talking to many iOS developers,

we find it unlikely that programming has changed the Objective-C language Swift language.

But all these stories and stories can not be replaced by statistics and data. If we see that popularity indexes have different outcomes with the personal experiences of programmers,

we can conclude that individual biases and individual bias can lead to incorrect results.

Of course, there is another measure of measurement to measure the popularity of programming languages. If you notice the GitHub’s annual report on the 15 popular programming languages ​​on the platform,

you’ll find that the results of this report are very close to the results presented

by the individual experience of market developers,

and it differs from the results from the TIOBE and PYPL charts.

According to GitHub, in 2016 and 2017,

the most popular programming language in the world, with a significant gap from the rest of the languages,

has been Javascript.

Python ranked second,

Java ranked third and Ruby ranked fourth. These results show a dramatic difference compared to the TIOBE chart.

On the TIOBE chart, Java and C are the most popular languages ​​first,

and then with a large gap between Python and C ++, javascript stands at eighth place.

Also, according to the PYPL charts,

the popularity of programming languages ​​has been reported as follows: Python,

java at the beginning of the chart, with a lot of distances, javascript and PHP.

Obviously, the Gitache figures do not represent the whole of this area; the sample size is very large and only applies to open source projects.

But GitHub seems to be the only system that makes Swift more popular than Objective-C.

This makes the results look convincing, but again because of its openness,

the results presented through this system can not be considered definitive.

The statistics provided are very important. Beyond curiosity and entertaining, they provide important information.

While the theme of the popularity of programming languages ​​is not,

in general, a very important topic, but it is not trivial. The study of the popularity of programming languages ​​determines which languages ​​are more relevant.

This is important for those who are willing to follow the programming language,

and as a result, people entering the field of programming language learning can teach a language

that is more popular and can provide a job opportunity for them.

 So when the three different methods offer different results,

the conditions are not very interesting and it looks a bit uncomfortable.

am a new CentOS / RHEL / Red Hat / Fedora Linux server user. I need to provide tidy library support using php. How do I install php-tidy on RHEL or CentOS Linux for Apache server?

You need to install the following module using the yum command on RHEL/CentOS/Fedora/Scientific Linux server:

php-tidy – The php-tidy package contains a dynamic shared object that will add support for using the tidy library to PHP.

Install php-tidy module on RHEL/CentOS

Open the Terminal and type the following yum command:

# yum install php-tidy

Sample outputs:

Loaded plugins: auto-update-debuginfo, protectbase, rhnplugin, security

This system is receiving updates from RHN Classic or RHN Satellite.

0 packages excluded due to repository protections

Setting up Install Process

Resolving Dependencies

–> Running transaction check

—> Package php-tidy.x86_64 0:5.3.3-27.el6_5 will be installed

–> Processing Dependency: libtidy-0.99.so.0()(64bit) for package: php-tidy-5.3.3-27.el6_5.x86_64

–> Running transaction check

—> Package libtidy.x86_64 0:0.99.0-19.20070615.1.el6 will be installed

–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================

Package     Arch      Version                        Repository                        Size

=============================================================================================

Installing:

php-tidy    x86_64    5.3.3-27.el6_5                 rhel-x86_64-server-optional-6     36 k

Installing for dependencies:

libtidy     x86_64    0.99.0-19.20070615.1.el6       rhel-x86_64-server-6             127 k

Transaction Summary

=============================================================================================

Install       2 Package(s)

Total download size: 164 k

Installed size: 0

Is this ok [y/N]: y

Downloading Packages:

(1/2): libtidy-0.99.0-19.20070615.1.el6.x86_64.rpm                    | 127 kB     00:00

(2/2): php-tidy-5.3.3-27.el6_5.x86_64.rpm                             |  36 kB     00:00

Total                                                        654 kB/s | 164 kB     00:00

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : libtidy-0.99.0-19.20070615.1.el6.x86_64                                   1/2

Installing : php-tidy-5.3.3-27.el6_5.x86_64                                            2/2

Verifying  : php-tidy-5.3.3-27.el6_5.x86_64                                            1/2

Verifying  : libtidy-0.99.0-19.20070615.1.el6.x86_64                                   2/2

Installed:

php-tidy.x86_64 0:5.3.3-27.el6_5

Dependency Installed:

libtidy.x86_64 0:0.99.0-19.20070615.1.el6

Complete!

Restart / reload web-server

Type the following command to restart / reload Apache server:

# service httpd restart

Verify new settings

# php -i | grep -color tidy

am new Red Hat Enterprise Linux version 7 user/sysadmin/developer. This version made the big number change for RHEL 7/CentOS 7. How can I install LAMP (Linux, Apache, MariaDB, PHP) stack on a RHEL version 7 or CentOS Linux version 7 using CLI or over ssh based session?

RHEL 7 has been released and CentOS Linux 7 is on its way with many notable changes. This guide explains how to install LAMP server.

More about LAMP

LAMP is nothing but a software bundle or a platform consisting of Linux operating system, Apache web-server, MySQL database server and PHP (or Perl/Python)scripting language. The LAMP stack is used for building heavy-duty dynamic web sites entirely out of free and open-source software. In this tutorial, I’m going to explain how to Linux, Apache, MySQL/MariaDB (drop in replacement for MySQL), PHP (LAMP) stack On CentOS 7 or RHEL 7.

Assumptions

I’m assuming that you’ve installed basic RHEL 7 or CentOS 7 server. Open the Terminal app and type the following command as root user.

You must be familiar with the yum command

You must know your Server’s IP address. Use the following command to find your server’s ip address for eth0 interface:

ifconfig eth0

OR

ip a show eth0

OR

ip addr list eth0 | awk  /inet /{sub(/\/[0-9]+/,  ,$2); print $2}

OR

ifconfig eth0 | awk  /inet /{print $2}

10.41.143.156

I’m going to use IP address 10.41.143.156 for testing purpose. Feel free to replace this IP address with your actual private or public IP address.

Enough talk, let’s set up LAMP stack.

Step #1: Install Apache on a CentOS 7 / RHEL 7 server

Type the following yum command to install Apache web-server:

sudo yum install httpd

Sample outputs:

Loaded plugins: amazon-id, rhui-lb

Resolving Dependencies

–> Running transaction check

—> Package httpd.x86_64 0:2.4.6-17.el7 will be installed

–> Processing Dependency: httpd-tools = 2.4.6-17.el7 for package: httpd-2.4.6-17.el7.x86_64

–> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-17.el7.x86_64

–> Running transaction check

—> Package httpd-tools.x86_64 0:2.4.6-17.el7 will be installed

—> Package mailcap.noarch 0:2.1.41-2.el7 will be installed

–> Finished Dependency Resolution

Dependencies Resolved

======================================================================================================

Package            Arch          Version               Repository                               Size

======================================================================================================

Installing:

httpd              x86_64        2.4.6-17.el7          rhui-REGION-rhel-server-releases        1.2 M

Installing for dependencies:

httpd-tools        x86_64        2.4.6-17.el7          rhui-REGION-rhel-server-releases         77 k

mailcap            noarch        2.1.41-2.el7          rhui-REGION-rhel-server-releases         31 k

Transaction Summary

======================================================================================================

Install  1 Package (+2 Dependent packages)

Total download size: 1.3 M

Installed size: 3.9 M

Is this ok [y/d/N]: y

Downloading packages:

(1/3): httpd-tools-2.4.6-17.el7.x86_64.rpm                                     |  77 kB  00:00:00

(2/3): httpd-2.4.6-17.el7.x86_64.rpm                                           | 1.2 MB  00:00:00

(3/3): mailcap-2.1.41-2.el7.noarch.rpm                                         |  31 kB  00:00:00

Total                                                                 2.0 MB/s | 1.3 MB  00:00:00

Running transaction check

Running transaction test

Transaction test succeeded

Running transaction

Installing : httpd-tools-2.4.6-17.el7.x86_64                                                    1/3

Installing : mailcap-2.1.41-2.el7.noarch                                                        2/3

Installing : httpd-2.4.6-17.el7.x86_64                                                          3/3

Verifying  : mailcap-2.1.41-2.el7.noarch                                                        1/3

Verifying  : httpd-tools-2.4.6-17.el7.x86_64                                                    2/3

Verifying  : httpd-2.4.6-17.el7.x86_64                                                          3/3

Installed:

httpd.x86_64 0:2.4.6-17.el7

Dependency Installed:

httpd-tools.x86_64 0:2.4.6-17.el7                   mailcap.noarch 0:2.1.41-2.el7

Complete!

Enable the httpd service at boot time

To make sure the httpd service start automatically at the boot time, enter:

sudo systemctl enable httpd.service

Sample outputs:

ln -s  /usr/lib/systemd/system/httpd.service   /etc/systemd/system/multi-user.target.wants/httpd.service

The following command will disable the httpd service at the boot time:

sudo systemctl disable httpd.service

Sample outputs:

rm  /etc/systemd/system/multi-user.target.wants/httpd.service

Start the httpd service on a CentOS/RHEL v7.x

sudo systemctl start httpd.service

At this stage, you can point your web-browser to your server’s IP address such as http://10.41.143.156). The following page should display on screen:

Fig.01: Check if Apache is Running on CentOS/RHEL 7 server

Stop the httpd service on a CentOS/RHEL v7.x

sudo systemctl stop httpd.service

Restart the httpd service on a CentOS/RHEL v7.x

sudo systemctl restart httpd.service

Finding the httpd service status on a CentOS/RHEL v7.x

To verify that the httpd service is running, enter:

systemctl is-active httpd.service

Sample outputs:

active

Gracefully restart the httpd service on a CentOS/RHEL v7.x

sudo apachectl graceful

Test httpd/Apache configuration file for errors on a CentOS/RHEL v7.x

sudo apachectl configtest

Sample outputs:

Syntax OK

httpd service default configuration

Default config file: /etc/httpd/conf/httpd.conf

Configuration files which load modules : /etc/httpd/conf.modules.d/ directory (e.g. PHP)

Select MPMs (Processing Model) as loadable modules [worker, prefork (default)] and event: /etc/httpd/conf.modules.d/00-mpm.conf

Default ports: 80 and 443 (SSL)

Default log files: /var/log/httpd/{access_log,error_log}

Step #2: Install MariaDB on a CentOS 7 / RHEL 7 server

MariaDB An enhanced, drop-in replacement for MySQL server. RHEL/CentOS v7.x shifts from MySQL to MariaDB for its database management system needs. Type the following yum command to install MariaDB server:

sudo yum install mariadb-server mariadb

To start mariadb, type:

sudo systemctl start mariadb.service

To make sure the mariadb service start automatically at the boot time, enter:

sudo systemctl enable mariadb.service

Sample outputs:

ln -s  /usr/lib/systemd/system/mariadb.service   /etc/systemd/system/multi-user.target.wants/mariadb.service

To stop/restart and disable mariadb service use the following commands:

sudo systemctl stop mariadb.service #<– Stop mariadb server

sudo systemctl restart mariadb.service #<– Restart mariadb server

sudo systemctl disable mariadb.service #<– Disable mariadb server

sudo systemctl is-active mariadb.service   #<– Is mariadb server running?

Securing MariaDB

Type the following command:

sudo /usr/bin/mysql_secure_installation

Sample outputs:

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we ll need the current

password for the root user.  If you ve just installed MariaDB, and

you haven t set the root password yet, the password will be blank,

so you should just press enter here.

Enter current password for root (enter for none): PRESS-ENTER-KEY

OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB

root user without the proper authorisation.

Set root password? [Y/n] Y

New password: YOUR-NEW-PASSWORD-HERE

Re-enter new password: YOUR-NEW-PASSWORD-HERE

Password updated successfully!

Reloading privilege tables..

… Success!

By default, a MariaDB installation has an anonymous user, allowing anyone

to log into MariaDB without having to have a user account created for

them.  This is intended only for testing, and to make the installation

go a bit smoother.  You should remove them before moving into a

production environment.

Remove anonymous users? [Y/n] Y

… Success!

Normally, root should only be allowed to connect from  localhost .  This

ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y

… Success!

By default, MariaDB comes with a database named  test  that anyone can

access.  This is also intended only for testing, and should be removed

before moving into a production environment.

Remove test database and access to it? [Y/n] Y

– Dropping test database…

… Success!

– Removing privileges on test database…

… Success!

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

Reload privilege tables now? [Y/n] Y

… Success!

Cleaning up…

All done!  If you ve completed all of the above steps, your MariaDB

installation should now be secure.

Thanks for using MariaDB!

Test MariaDB installation

Type the following command

mysql -u root -p

Sample outputs:

Fig.02: Mariadb test connection on a CentOS / RHEL Linux v7.x

Step #3: Install PHP on a CentOS/RHEL v7.x

To install PHP and modules such as gd/msyql type the following yum command:

sudo yum install php php-mysql php-gd php-pear

You must restart the httpd (Apache) service, enter:

sudo systemctl restart httpd.service

To search all other php modules, type:

sudo yum search php-

Sample outputs:

php-cli.x86_64 : Command-line interface for PHP

php-common.x86_64 : Common files for PHP

php-gd.x86_64 : A module for PHP applications for using the gd graphics library

php-ldap.x86_64 : A module for PHP applications that use LDAP

php-mysql.x86_64 : A module for PHP applications that use MySQL databases

php-odbc.x86_64 : A module for PHP applications that use ODBC databases

php-pdo.x86_64 : A database access abstraction module for PHP applications

php-pear.noarch : PHP Extension and Application Repository framework

php-pecl-memcache.x86_64 : Extension to work with the Memcached caching daemon

php-pgsql.x86_64 : A PostgreSQL database module for PHP

php-process.x86_64 : Modules for PHP script using system process interfaces

php-recode.x86_64 : A module for PHP applications for using the recode library

php-soap.x86_64 : A module for PHP applications that use the SOAP protocol

php-xml.x86_64 : A module for PHP applications which use XML

php-xmlrpc.x86_64 : A module for PHP applications which use the XML-RPC protocol

To find more info about a module type:

sudo yum info php-pgsql

To install php module called php-pgsql type:

sudo yum install php-pgsql

Test PHP on your server

Create a file called /var/www/html/test.php as follows:

sudo vi /var/www/html/test.php

Append the following code:

<?php

phpinfo(INFO_GENERAL);

?>

Save and close the file. Point your web-browser to your server’s IP address such as http://10.41.143.156/test.php (feel free to replace the 10.41.143.156 with your actual IP address):

http://10.41.143.156/test.php

Sample outputs:

Fig.03: Test Apache+PHP with phpinfo() On a CentOS/RHEL v7.x server

In next part, I will cover the following topics (rss feed for RHEL7 or rss for CentOS7 tutorials):

Apache configuration

Virtual hosting

Apache security

mod_ssl

Perl

Firewall configuration

‘m a new Ubuntu Linux user. How do I install the LEMP stack on an Ubuntu Linux 14.04 LTS server using command line options to serve dynamic web apps?

As one of the most popular Linux distribution in the world, Ubuntu has released the latest version on April 17, 2014. The latest version is 14.04 with code name Trusty Tahr. Ubunt 14.04 is a LTS (Long Term Support) version. This means that Ubuntu 14.04 will be supported for the next 5 years from the release date. In this tutorial we will cover Nginx, MySQL and PHP installation on Ubuntu Linux v14.04.

What is new in Ubuntu 14.04 (Trusty Tahr) version?

You may see it on cyberciti.biz or visit the Ubuntu home page at ubuntu.com.

Nginx Installation

Nginx is one of the robust web server in Linux world. Nginx is a free, open source, high performance HTTP server and reverse proxy, as weell as an IMAP/POP3 proxy server. Now, we are going to install Nginx web server.

First, make sure system is upto date:

$ sudo apt-get update

$ sudo apt-get upgrade

#1 – Download and Install Nginx

The easiest way to download and install Nginx is using apt-get command. Here is the command:

$ sudo apt-get install nginx

Fig.01: Download and Install Nginx on Ubuntu Linux

Just wait until installation is get done on the system.

#2 – Test Nginx

Once it get done, you can open your browser and type url http://localhost or http://your_ip_address to test it. If everything goes normal, you will see Nginx welcome page:

Fig.02: Welcome nginx page on Ubuntu Linux

MySQL Installation On Ubuntu

MySQL is one of the most powerful database management system in Linux world. Next, we are going to install it with PHP support.

#1 – Install MySQL and PHP support

Type the following command:

$ sudo apt-get install mysql-server php5-mysql

Fig.03: Ubuntu Linux Install MySQL to Manage Site Data with PHP

During the installation, MySQL will ask you to enter MySQL root password, other wise the installation will not continue. Type the password you want, then press OK to continue the installation.

#2 – Test MySQL

Once mysql installation finished, we can test it. Open your console and type the following command:

$ mysql -u root -p

Fig.04: Ubuntu test Mysql installation

If you type your password correctly, the you will see the mysql prompt.

#3 – Securing access to MySQL

If we are going to use MySQL as a production database, we may want to secure it. MySQL provides a shell script to help us securing it. Just type the following command on your console:

$ sudo mysql_secure_installation

Here are the steps to do it.

1. ENTER YOUR ROOT PASSWORD
2. Enter your current root password to continue to the next step.
3. Fig.05: MySQL enter your root db password
4. 2.CHANGE THE ROOT PASSWORD
5. If you want to change it, press Y. Otherwise, press N.
6. Fig.06: MySQL security
7. 3.REMOVE ANONYMOUS USER
8. It is recommended to remove anonymous user to mitigate risk who can log in into your database.
9. Fig.07: MySQL security
10. 4.DISALLOW ROOT LOGIN REMOTELY
11. To make sure that no one remote your database as root from another machines, we need to disallow root login remotely.
12. Fig.08: MySQL security
13. 5.REMOVE TEST DATABASE
14. Sometimes some MySQL installation will create a database named ëtestí for testing purpose. We can remove it if we donít use it.
15. Fig.09: MySQL security
16. 6.RELOAD PRIVILEGE TABLES
17. Then we need to reloading the privilege tables to ensure all changes made so far will take effect immediately.
18. Fig.10: MySQL security
19. 7.DONE
20. Fig.11: MySQL security
21. PHP Installation For Server Side Scripting
22. Since PHP is popular, a lot of websites is built using PHP language. As of January 2013, PHP was installed on more than 240 millions websites. Now we are going to install PHP on Ubuntu 14.04
23. #1 – Download and install PHP
24. As usual, we can download and install PHP using apt-get command. Just type the following command on your Ubuntu console or over the ssh based session:
25. $ sudo apt-get install php5-fpm

Fig.12: Install PHP for Server Side Processing on Ubuntu

And wait for the installation to complete.

Configure Nginx to work with PHP and MySQL Server on Ubuntu

Now we have all components installed. The next step is we need to configure Nginx with PHP and MySQL. Let’s start to configure them.

#1 – Configure PHP5-FPM

PHP5-FPM configuration file is located at /etc/php5/fpm/php.ini. Open it with your text editor

$ sudo vi /etc/php5/fpm/php.ini

Change this parameter, from:

cgi.fix_pathinfo=1

to:

cgi.fix_pathinfo=0

Save and close the file and then restart php5-fpm service, type:

$ sudo service php5-fpm restart

#2 – Configure Nginx

Nginx configuration file is located at /etc/nginx/nginx.conf. But basically, we don’t need to touch it. The configuration of nginx website is located in /etc/nginx/sites-available/default file.

Open it, and uncomment lines:

location ~ \.php$ {

fastcgi_split_path_info ^(.+\.php)(/.+)$;

#       # NOTE: You should have  cgi.fix_pathinfo = 0;  in php.ini

#

#       # With php5-cgi alone:

#        fastcgi_pass 127.0.0.1:9000;

#       # With php5-fpm:

fastcgi_pass unix:/var/run/php5-fpm.sock;

fastcgi_index index.php;

include fastcgi_params;

}

Then restart the services.

$ sudo service nginx restart

Please make sure, on Ubuntu 14.04, we cannot use fastcgi_pass 127.0.0.1:9000. So make sure that the line is commented. Otherwise, on my machine, I got this error :

$ tail /var/log/nginx/error.log

2014/11/04 16:57:04 [emerg] 3216#0:  fastcgi_pass  directive is not allowed here in /etc/nginx/sites-enabled/default:59

2014/11/04 16:58:21 [emerg] 3256#0:  fastcgi_pass  directive is not allowed here in /etc/nginx/sites-enabled/default:59

On Ubuntu 14.04, I use the following line:

fastcgi_pass unix:/var/run/php5-fpm.sock

When I restart the Nginx and I still got the following error message:

2014/11/04 17:02:05 [emerg] 3295#0:  fastcgi_pass  directive is not allowed here in /etc/nginx/sites-enabled/default:61

2014/11/04 17:04:58 [emerg] 3410#0:  fastcgi_pass  directive is not allowed here in /etc/nginx/sites-enabled/default:61

Please make sure that you already uncomment this line:

location ~ \.php$ {

#3 – Configure MySQL

After the configuration section is done, now we need to test them to make sure that our configuration is working as required. On Ubuntu 14.04 the root document folder is located in /usr/share/nginx/html. So create a file called /usr/share/nginx/html/phpinfo.php with the following code:

<? phpinfo(); ?>

After restarting PHP-FPM and Nginx, open the browser and browse to the php file, we got only a blank screen. No error message on the screen. No error message on PHP-FPM and Nginx log file.

Then we changed /usr/share/nginx/html/phpinfo.php file code on the root document of Nginx, as follows:

<?php phpinfo(); ?>

And then open the browser again and type url http://your_ip_address/phpinfo.php

It seem that by default, we can not use short php-tag like this:

<? … your code … ?>

To enable short php tag, we need to change the value of short_open_tag parameter on php.ini file:

Change the value from Off to On. Then restart your php5-fpm :

sudo service php5-fpm restart

Then try again to test your phpinfo file. Next, we will see if the MySQL support is enabled or not. Scroll down the php configuration screen on your browser, if you see MySQL block there, then MySQL support already enabled.

You are now ready to use Nginx, PHP5 and MySQL on Ubuntu server. I hope this quick article help anyone who wish to install Linux, Nginx, PHP and MySQL on Ubuntu 14.04.

This quick tutorial was contributed by Pungki Arianto. You can too contribute to nixCraft.

‘m a new FreeBSD Unix system users. How can I setup and install Apache, MySQL, PHP stack on a FreeBSD 10 based Unix server?

FAMP stack is nothing but group of source software to run php based apps. Our sample setup includes:

FreeBSD 10.1-RELEASE amd64

Apache v2.4

PHP v5.6

MySQL v5.6

This tutorial explains how to install and configure FAMP stack.

Update your ports

Like always make sure everything is up to date before starting. I like to do:

# portsnap fetch update && portupgrade -a

Sample outputs:

Looking up portsnap.FreeBSD.org mirrors… 7 mirrors found.

Fetching public key from your-org.portsnap.freebsd.org… done.

Fetching snapshot tag from your-org.portsnap.freebsd.org… done.

Fetching snapshot metadata… done.

Fetching snapshot generated at Fri Jan  2 00:09:16 UTC 2015:

4955cbbaee76bcad21123666d1c7eee0d55bc059e2ea04100% of   70 MB 5735 kBps 00m13s

Extracting snapshot… done.

Verifying snapshot integrity… done.

Fetching snapshot tag from your-org.portsnap.freebsd.org… done.

Fetching snapshot metadata… done.

Updating from Fri Jan  2 00:09:16 UTC 2015 to Fri Jan  2 11:42:26 UTC 2015.

Fetching 4 metadata patches… done.

Applying metadata patches… done.

Fetching 0 metadata files… done.

Fetching 8 patches.

….

..

See FreeBSD Update All Installed Ports / Applications tutorial for more information.

Install Apache server

To install the port:

# cd /usr/ports/www/apache24/ && make install clean

Or, to add the package:

# pkg install www/apache24

Sample outputs:

Fig. 01: Install apache

Starting up Apache service on boot

Add following to the end of “/etc/rc.conf” file to launch Apache at start up:

echo  apache24_enable= YES   >> /etc/rc.conf

STARTING / STOPPING / RESTARTING APACHE SERVER

To start Apache to make sure it works:

# /usr/local/etc/rc.d/apache24 start

To restart Apache server:

# /usr/local/etc/rc.d/apache24 restart

To stop Apache server:

# /usr/local/etc/rc.d/apache24 stop

You can also use the service command for starting/stoping/restarting Apache server on FreeBSD:

service command to control Apache server ##

service apache24 start

service apache24 restart

service apache24 stop

service apache24 status

Sample outputs:

Fig.02: Starting/Stopping Apache

Note: If you are getting this error “Could not reliably determine the server s fully qualified domain name, using 127.0.0.1.” Set the ‘ServerName’ directive globally to suppress this message:

Add next line to /usr/local/ect/apache24/httpd.conf file:

ServerName localhost

Replace localhost with the server’s domain name which can be obtained with:

# hostname -f

Setting up MySQL server

The package or port to be installed will depend on available MySQL version. As of this writing, the maximum available version is 5.6.

Install MySQL server

To install the port:

# cd /usr/ports/databases/mysql56-server/ && make install clean

or, to add the package:

# pkg install databases/mysql56-server

Fig.03: Installing mysql database server

Install MySQL client

To install the port:

# cd /usr/ports/databases/mysql56-client/ && make install clean

or, to add the package:

# pkg install databases/mysql56-client

Starting up Mysql server service on boot

Finally, /etc/rc.conf must contain the following line to allow the MySQL server to start:

echo  mysql_enable= YES   >> /etc/rc.conf

Starting / stopping / restarting Mysql server

To start the Mysql server type:

# /usr/local/etc/rc.d/mysql-server start

To restart the Mysql server type:

# /usr/local/etc/rc.d/mysql-server restart

To stop the Mysql server type:

# /usr/local/etc/rc.d/mysql-server stop

You can also use the service command for starting/stoping/restarting mysql server on FreeBSD:

command to start/stop mysql servers on a FreeBSD 10 ##

service mysql-server start

service mysql-server restart

service mysql-server stop

service mysql-server status

Sample outputs:

Fig.04: Starting/Stopping mysql server

Setting up Mysql server passwords

The default is set to allow anyone to have full access. It’s very important that you set up passwords. To set a password on the anonymous accounts use:

# mysql -u root

Run the following sql queries at mysql> prompt (replace host_name with actual system host name which can be obtained with hostname -f command:

mysql> SET PASSWORD FOR   @ localhost  = PASSWORD( newpwd-here );

mysql> SET PASSWORD FOR   @ host_name  = PASSWORD( newpwd-here );

mysql> quit

Bye

To set a password for the root account use:

# mysql -u root

Run the following sql queries at mysql> prompt:

mysql> SET PASSWORD FOR  root @ localhost  = PASSWORD( newpwd-here );

mysql> SET PASSWORD FOR  root @ host_name  = PASSWORD( newpwd-here );

mysql>  quit

Bye

NOTE: An alternative method to set a password for the MySQL root user is to run the following command:

/usr/local/bin/mysqladmin -u root password  PASSWORD-HERE

See “MySQL Change root Password” tutorial for more information.

After setting the password, here is how you shutdown mysqld server:

# mysqladmin -u root -p shutdown

Sample outputs:

Enter password:

TIP: IF YOU “FORGET” THE ROOT PASSWORD, HERE IS HOW YOU CAN RESET IT

Stop mysqld with this command:

# /usr/local/etc/rc.d/mysql-server.sh stop

Modify the start command to add this option to the command line. Do not leave this option on for long. Only for when you need it. It bypasses all usual mysql security:

-Sg|–skip-grant-tables

This option causes the server not to use the privilege system at all. This gives everyone full access to all databases! (You can tell a running server to start using the grant tables again by executing mysqladmin flush-privileges or mysqladmin reload.)

Modify it in /usr/local/etc/rc.d/mysql-server.sh:

/usr/local/bin/safe_mysqld –user=mysql –skip-grant-tables > /dev/null & && echo -n   mysqld

Start mysqld:

# /usr/local/etc/rc.d/mysql-server.sh start

Connect to mysql:

# mysql

Look out because this next step will reset the passwords for all root users. Make sure that’s what you want to do. You may wish to restrict this SQL by including an “and host = ‘something ” clause. Inspect existing users with “SELECT host, user from user;“. Select the mysql database and reset the password:

mysql> use mysql

mysql> update user set password = PASSWORD( secret ) where user =  root ;

mysql> quit

=> Do not forget to undo that mysql bypass i.e. Stop mysqld with: /usr/local/etc/rc.d/mysql-server.sh stop

=> Remove the option from the vi /usr/local/etc/rc.d/mysql-server.sh and remove –skip-grant-tables options.

=> Restart mysqld with: /usr/local/etc/rc.d/mysql-server.sh start

=> See “Recover MySQL root Password” tutorial for more information.

Install PHP

When you build PHP, you need to add the configuration option so that PHP build includes support for the Apache server. Type the following commands:

# cd /usr/ports/lang/php56

# make config

When the menu comes up to select/deselect various build options. You should select:

Fig.05: Build PHP using ports collection

Now you will do the make clean command. I normally do these commands all in one but to get the configuration menu, I do them apart.

# make install clean

Install mod_php for Apache

Type the following commands to build mod_php for Apache:

# cd /usr/ports/www/mod_php56

# make install clean

Sample outputs:

Fig.06: Install mod_php for Apache

Install php extensions

If you aren’t sure if it’s or you didn’t check it with your MySQL install, you will do it the commands the same way so you get the menus to configure to add support for both MySQL and MySQLi to communicate with the MySQL server.

# cd /usr/ports/lang/php56-extensions/

# make config

Fig.07: Install popular extensions for Apache

You may also select other extensions as per your PHP apps requirements. Then finish up with:

# make install clean

Configure mod_php

To configure it you will type the following command that just makes a copy of a file:

# cp /usr/local/etc/php.ini-development /usr/local/etc/php.ini

To configure Apache and open the file:

# ee /usr/local/etc/apache24/httpd.conf

I use ee (feel free to use vi or Emacs) text editor for simple edits, look for this line:

DirectoryIndex index.html

And change it so it reads as follows:

DirectoryIndex index.html index.htm index.php

Find and set the following values as per your domain, IP, and port number:

ServerAdmin webmaster@cyberciti.biz

ServerName www.cyberciti.biz:80

Listen :80

Save and close the file. Create a file called /usr/local/etc/apache24/modules.d/001_mod_php.conf as follows:

# cat /usr/local/etc/apache24/modules.d/001_mod_php.conf

<FilesMatch  \.php$ >

SetHandler application/x-httpd-php

</FilesMatch>

<FilesMatch  \.phps$ >

SetHandler application/x-httpd-php-source

</FilesMatch>

Now restart Apache server:

# /usr/local/etc/rc.d/apache24 restart

OR

# service apache24 restart

Test your setup

Create a file called /usr/local/www/apache24/data/test.php:

# vi /usr/local/www/apache24/data/test.php

Append the following code:

<?php

phpinfo();

?>

Save and close the file. Fire a web-browser and type the url:

http://your-domain-name/test.php

http://your-ip-address/test.php

Sample outputs:

Fig.08: Apache + PHP server ready on FreeBSD

How do I secure PHP?

See our 25 PHP Security Best Practices For Sys Admins for more info.

Recommended readings

Apache HTTP Server Version 2.4 Documentation

man pages – httpd(8), service(8)

This quick tutorial was contributed by Wendy Michele. Editing by admin. You can too contribute to nixCraft.

uhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. How can I install suhosin extension on a Debian v8.x or Ubuntu Linux 14.04 LTS server?

Suhosin (Korean ìˆ˜í˜¸ì‹ , meaning guardian-angel) is used to securing PHP web applications such as WordPress and others. Suhosin comes as the extension and the patch. Both parts can be installed separately and have no dependencies to each other.

How To Installing Suhosin on Debian and Ubuntu [Binary Method]

Type the following command on a Ubuntu Linux 14.04 LTS server:

sudo -s

echo  deb http://repo.suhosin.org/ ubuntu-trusty main  >> /etc/apt/sources.list

apt-get update

Debian Linux 8.x user type the following command:

sudo -s

echo  deb http://repo.suhosin.org/ debian-jessie main  >> /etc/apt/sources.list

apt-get update

Sample outputs:

Ign http://security.ubuntu.com trusty-security InRelease

Get:1 http://security.ubuntu.com trusty-security Release.gpg [933 B]

Get:2 http://security.ubuntu.com trusty-security Release [63.5 kB]

Ign http://archive.ubuntu.com trusty InRelease

Ign http://archive.ubuntu.com trusty-updates InRelease

Get:3 http://security.ubuntu.com trusty-security/main amd64 Packages [319 kB]

Hit http://archive.ubuntu.com trusty Release.gpg

Ign http://repo.suhosin.org ubuntu-trusty InRelease

Get:4 http://security.ubuntu.com trusty-security/restricted amd64 Packages [8,875 B]

Get:5 http://security.ubuntu.com trusty-security/universe amd64 Packages [111 kB]

Get:6 http://archive.ubuntu.com trusty-updates Release.gpg [933 B]

Get:7 http://security.ubuntu.com trusty-security/multiverse amd64 Packages [3,683 B]

Get:8 http://repo.suhosin.org ubuntu-trusty Release.gpg [816 B]

Get:9 http://security.ubuntu.com trusty-security/main Translation-en [172 kB]

Hit http://archive.ubuntu.com trusty Release

Get:10 http://repo.suhosin.org ubuntu-trusty Release [1,074 B]

Get:11 http://archive.ubuntu.com trusty-updates Release [63.5 kB]

Get:12 http://repo.suhosin.org ubuntu-trusty/main amd64 Packages [722 B]

Hit http://security.ubuntu.com trusty-security/multiverse Translation-en

Hit http://archive.ubuntu.com trusty/main amd64 Packages

Hit http://security.ubuntu.com trusty-security/restricted Translation-en

Hit http://security.ubuntu.com trusty-security/universe Translation-en

Hit http://archive.ubuntu.com trusty/restricted amd64 Packages

Hit http://archive.ubuntu.com trusty/universe amd64 Packages

Hit http://archive.ubuntu.com trusty/multiverse amd64 Packages

Hit http://archive.ubuntu.com trusty/main Translation-en

Hit http://archive.ubuntu.com trusty/multiverse Translation-en

Ign http://repo.suhosin.org ubuntu-trusty/main Translation-en_US

Hit http://archive.ubuntu.com trusty/restricted Translation-en

Ign http://repo.suhosin.org ubuntu-trusty/main Translation-en

Hit http://archive.ubuntu.com trusty/universe Translation-en

Get:13 http://archive.ubuntu.com trusty-updates/main amd64 Packages [584 kB]

Get:14 http://archive.ubuntu.com trusty-updates/restricted amd64 Packages [11.8 kB]

Get:15 http://archive.ubuntu.com trusty-updates/universe amd64 Packages [297 kB]

Get:16 http://archive.ubuntu.com trusty-updates/multiverse amd64 Packages [12.0 kB]

Hit http://archive.ubuntu.com trusty-updates/main Translation-en

Hit http://archive.ubuntu.com trusty-updates/multiverse Translation-en

Hit http://archive.ubuntu.com trusty-updates/restricted Translation-en

Hit http://archive.ubuntu.com trusty-updates/universe Translation-en

Ign http://archive.ubuntu.com trusty/main Translation-en_US

Ign http://archive.ubuntu.com trusty/multiverse Translation-en_US

Ign http://archive.ubuntu.com trusty/restricted Translation-en_US

Ign http://archive.ubuntu.com trusty/universe Translation-en_US

Fetched 1,651 kB in 6s (250 kB/s)

Reading package lists… Done

The repository suhosin.org is signed with key, so install it with wget command:

Run as root user ##

wget https://sektioneins.de/files/repository.asc

sudo apt-key add repository.asc

Sample outputs:

Fig.01: Installing key

Next, type the following apt-get command to install the php5-suhosin-extension package, run:

sudo apt-get install php5-suhosin-extension

Sample outputs:

Fig.02: Installing php5-suhosin-extension package

Enable the php5-suhosin-extension

sudo php5enmod php5-suhosin

Restart php5-fpm on a Ubuntu LTS 14.04

sudo /sbin/restart php5-fpm

Restart php5-fpm on a Debian Linux 8.0

sudo systemctl restart php5-fpm

Test it

Create a file called test.php:

sudo vi /var/www/test.php

Append the following code:

<?php

phpinfo();

?>

Save and close the file. You can open the Browser and type the following url:

http://server-ip-here/test.php

OR

http://1.2.3.4/test.php

Sample outputs:

Fig.03: Suhosin enabled on server

Configuration

You need to edit the file /etc/php5/mods-available/suhosin.ini, enter:

# vi /etc/php5/mods-available/suhosin.ini

You can see comma separated whitelist of functions are not allowed to be called:

suhosin.executor.func.blacklist = assert,unserialize,exec,popen,proc_open,passthru,shell_exec,system,hail,parse_str,mt_srand

suhosin.executor.eval.whitelist = assert,unserialize,exec,popen,proc_open,passthru,shell_exec,system,hail,parse_str,mt_srand

Save and close the file. You need to restart php5-fpm. I suggest you see the configuration page for a complete list of possible configuration options.

Error: your composer.lock file is not up to date, run “composer update” to install newer dependencies

How do I install composer command for my PHP installation on Debian or Ubuntu Linux running LAMP or LEMP stack?

How do I Install and use Composer on running Ubuntu Linux server and fix this problem for mediawiki installation and/or manage and install PHP packages and dependencies for my project?

Composer is a dependency manager tool for PHP. It installs and updates the libraries for your project. It is not a package manager like yum command or apt-get command.

It is desgined to use with each individual project like Mediawiki or your own custom app written in PHP.

There are many open source projects and frameworks written in php use Composer to manage and install their packages and dependencies.

In this tutorial you will learn how to install composer globally on Debian or Ubuntu Linux server. The following instructions should also work with RHEL/CentOS Linux 7.x or any other modern Linux distro.

The problem

When you try to update mediawiki to v1.26.0 using the following command:

[wwwuser@server1.cyberciti.biz:~/wiki]$ php update.php

You will will get the following error:

MediaWiki 1.26.0 Updater

composer/semver: not installed, 1.0.0 required.

liuggio/statsd-php-client: 1.0.12 installed, 1.0.16 required.

oyejorge/less.php: not installed, 1.7.0.9 required.

mediawiki/at-ease: not installed, 1.1.0 required.

oojs/oojs-ui: 0.11.3 installed, 0.12.12 required.

wikimedia/assert: not installed, 0.2.2 required.

wikimedia/cdb: 1.0.1 installed, 1.3.0 required.

wikimedia/composer-merge-plugin: 1.0.0 installed, 1.3.0 required.

wikimedia/ip-set: not installed, 1.0.1 required.

wikimedia/utfnormal: 1.0.2 installed, 1.0.3 required.

wikimedia/wrappedstring: not installed, 2.0.0 required.

zordius/lightncandy: 0.18 installed, 0.21 required.

Error: your composer.lock file is not up to date, run  composer update  to install newer dependencies

To fix this problem you need to install the composer tool.

Installation

Make sure curl and php-cli, curl and related tools are installed on your Debian or Ubuntu server (14.04 LTS or older):

$ sudo apt-get install curl php5-cli git

Sample outputs:

Reading package lists… Done

Building dependency tree

Reading state information… Done

php5-cli is already the newest version.

The following extra packages will be installed:

git-man libcurl3 liberror-perl patch rsync

Suggested packages:

gettext-base git-daemon-run git-daemon-sysvinit git-doc git-el git-email

git-gui gitk gitweb git-arch git-bzr git-cvs git-mediawiki git-svn ed

diffutils-doc openssh-server

The following NEW packages will be installed:

curl git git-man libcurl3 liberror-perl patch rsync

0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded.

Need to get 4,011 kB of archives.

After this operation, 23.4 MB of additional disk space will be used.

Do you want to continue? [Y/n] y

Get:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libcurl3 amd64 7.35.0-1ubuntu2.5 [173 kB]

Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main rsync amd64 3.1.0-2ubuntu0.1 [283 kB]

Get:3 http://archive.ubuntu.com/ubuntu/ trusty-updates/main curl amd64 7.35.0-1ubuntu2.5 [123 kB]

Get:4 http://archive.ubuntu.com/ubuntu/ trusty/main liberror-perl all 0.17-1.1 [21.1 kB]

Get:5 http://archive.ubuntu.com/ubuntu/ trusty-updates/main git-man all 1:1.9.1-1ubuntu0.1 [698 kB]

Get:6 http://archive.ubuntu.com/ubuntu/ trusty-updates/main git amd64 1:1.9.1-1ubuntu0.1 [2,627 kB]

Get:7 http://archive.ubuntu.com/ubuntu/ trusty-updates/main patch amd64 2.7.1-4ubuntu2.3 [86.4 kB]

Fetched 4,011 kB in 1s (2,181 kB/s)

Selecting previously unselected package libcurl3:amd64.

(Reading database … 16719 files and directories currently installed.)

Preparing to unpack …/libcurl3_7.35.0-1ubuntu2.5_amd64.deb …

Unpacking libcurl3:amd64 (7.35.0-1ubuntu2.5) …

Selecting previously unselected package rsync.

Preparing to unpack …/rsync_3.1.0-2ubuntu0.1_amd64.deb …

Unpacking rsync (3.1.0-2ubuntu0.1) …

Selecting previously unselected package curl.

Preparing to unpack …/curl_7.35.0-1ubuntu2.5_amd64.deb …

Unpacking curl (7.35.0-1ubuntu2.5) …

Selecting previously unselected package liberror-perl.

Preparing to unpack …/liberror-perl_0.17-1.1_all.deb …

Unpacking liberror-perl (0.17-1.1) …

Selecting previously unselected package git-man.

Preparing to unpack …/git-man_1%3a1.9.1-1ubuntu0.1_all.deb …

Unpacking git-man (1:1.9.1-1ubuntu0.1) …

Selecting previously unselected package git.

Preparing to unpack …/git_1%3a1.9.1-1ubuntu0.1_amd64.deb …

Unpacking git (1:1.9.1-1ubuntu0.1) …

Selecting previously unselected package patch.

Preparing to unpack …/patch_2.7.1-4ubuntu2.3_amd64.deb …

Unpacking patch (2.7.1-4ubuntu2.3) …

Processing triggers for ureadahead (0.100.0-16) …

Setting up libcurl3:amd64 (7.35.0-1ubuntu2.5) …

Setting up rsync (3.1.0-2ubuntu0.1) …

Removing any system startup links for /etc/init.d/rsync …

update-rc.d: warning: default stop runlevel arguments (0 1 6) do not match rsync Default-Stop values (none)

Adding system startup for /etc/init.d/rsync …

/etc/rc0.d/K20rsync -> ../init.d/rsync

/etc/rc1.d/K20rsync -> ../init.d/rsync

/etc/rc6.d/K20rsync -> ../init.d/rsync

/etc/rc2.d/S20rsync -> ../init.d/rsync

/etc/rc3.d/S20rsync -> ../init.d/rsync

/etc/rc4.d/S20rsync -> ../init.d/rsync

/etc/rc5.d/S20rsync -> ../init.d/rsync

Setting up curl (7.35.0-1ubuntu2.5) …

Setting up liberror-perl (0.17-1.1) …

Setting up git-man (1:1.9.1-1ubuntu0.1) …

Setting up git (1:1.9.1-1ubuntu0.1) …

Setting up patch (2.7.1-4ubuntu2.3) …

Processing triggers for libc-bin (2.19-0ubuntu6.6) …

Processing triggers for ureadahead (0.100.0-16) …

If you are using Ubuntu Linux 16.04 LTS or newer and want to use PHP 7.x, run:

$ sudo apt install curl php7.0-cli git

Install composer tool

Next install composer on Debian or Ubuntu Linux in /usr/local/bin/ directory as follows:

$ curl -sS https://getcomposer.org/installer | sudo php — –install-dir=/usr/local/bin –filename=composer

Sample outputs:

Fig.01: Installing composer on your server running Ubuntu Linux

Verify composer

To verify installation type:

$ composer

OR

$ /usr/local/bin/composer

The Sample outputs:

______

/ ____/___  ____ ___  ____  ____  ________  _____

/ /   / __ \/ __ `__ \/ __ \/ __ \/ ___/ _ \/ ___/

/ /___/ /_/ / / / / / / /_/ / /_/ (__  )  __/ /

\____/\____/_/ /_/ /_/ .___/\____/____/\___/_/

/_/

Composer version 1.0-dev (1c525b76f81123af180743d31c208c29351cf931) 2015-12-09 15:47:26

Usage:

command [options] [arguments]

Options:

-h, –help                     Display this help message

-q, –quiet                    Do not output any message

-V, –version                  Display this application version

–ansi                     Force ANSI output

–no-ansi                  Disable ANSI output

-n, –no-interaction           Do not ask any interactive question

–profile                  Display timing and memory usage information

-d, –working-dir=WORKING-DIR  If specified, use the given directory as working directory.

-v|vv|vvv, –verbose           Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug

Available commands:

about           Short information about Composer

archive         Create an archive of this composer package

browse          Opens the package s repository URL or homepage in your browser.

clear-cache     Clears composer s internal package cache.

clearcache      Clears composer s internal package cache.

config          Set config options

create-project  Create new project from a package into given directory.

depends         Shows which packages depend on the given package

diagnose        Diagnoses the system to identify common errors.

dump-autoload   Dumps the autoloader

dumpautoload    Dumps the autoloader

global          Allows running commands in the global composer dir ($COMPOSER_HOME).

help            Displays help for a command

home            Opens the package s repository URL or homepage in your browser.

info            Show information about packages

init            Creates a basic composer.json file in current directory.

install         Installs the project dependencies from the composer.lock file if present, or falls back on the composer.json.

licenses        Show information about licenses of dependencies

lint            Run the lint script as defined in composer.json.

list            Lists commands

phpcs           Run the phpcs script as defined in composer.json.

remove          Removes a package from the require or require-dev

require         Adds required packages to your composer.json and installs them

run-script      Run the scripts defined in composer.json.

search          Search for packages

self-update     Updates composer.phar to the latest version.

selfupdate      Updates composer.phar to the latest version.

show            Show information about packages

status          Show a list of locally modified packages

suggests        Show package suggestions

test            Run the test script as defined in composer.json.

update          Updates your dependencies to the latest version according to composer.json, and updates the composer.lock file.

validate        Validates a composer.json and composer.lock

How does composer work?

To use Composer you need to create or use composer.json file supplied by your vendor such as mediawiki. This file defines the dependencies of php app or project. Here is sample file from mediawiki project:

{

name :  mediawiki/core ,

description :  Free software wiki application developed by the Wikimedia Foundation and others ,

keywords : [ mediawiki ,  wiki ],

homepage :  https://www.mediawiki.org/ ,

authors : [

{

name :  MediaWiki Community ,

homepage :  https://www.mediawiki.org/wiki/Special:Version/Credits

}

],

license :  GPL-2.0+ ,

support : {

issues :  https://bugs.mediawiki.org/ ,

irc :  irc://irc.freenode.net/mediawiki ,

wiki :  https://www.mediawiki.org/

},

require : {

composer/semver :  1.0.0 ,

cssjanus/cssjanus :  1.1.1 ,

ext-iconv :  * ,

liuggio/statsd-php-client :  1.0.16 ,

oyejorge/less.php :  1.7.0.9 ,

mediawiki/at-ease :  1.1.0 ,

oojs/oojs-ui :  0.12.12 ,

php :  >=5.3.3 ,

psr/log :  1.0.0 ,

wikimedia/assert :  0.2.2 ,

wikimedia/cdb :  1.3.0 ,

wikimedia/composer-merge-plugin :  1.3.0 ,

wikimedia/ip-set :  1.0.1 ,

wikimedia/utfnormal :  1.0.3 ,

wikimedia/wrappedstring :  2.0.0 ,

zordius/lightncandy :  0.21

}

}

How do I install dependencies defined in composer.json file?

Simply type the following command to download and install all dependencies for your app/project:

$ composer install

OR switch to core project directory such as /var/www/html/wiki and run:

$ cd /var/www/html/wiki && composer install –no-dev

Sample outputs:

Loading composer repositories with package information

Installing dependencies from lock file

Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. Run update to update them.

– Removing composer/semver (1.0.0)

– Removing oyejorge/less.php (v1.7.0.9)

– Removing mediawiki/at-ease (v1.1.0)

– Removing wikimedia/avro (v1.7.7)

– Removing nmred/kafka-php (v0.1.4)

– Removing wikimedia/ip-set (1.0.1)

– Removing firebase/php-jwt (v2.1.0)

– Removing symfony/process (v2.7.3)

– Removing ruflin/elastica (2.2.0)

– Removing wikimedia/wrappedstring (v2.0.0)

– Removing monolog/monolog (1.14.0)

– Removing kzykhys/pygments (v1.0.0)

– Removing wikimedia/assert (v0.2.2)

– Removing wikimedia/composer-merge-plugin (v1.3.0)

– Installing wikimedia/composer-merge-plugin (v1.0.0)

Downloading: 100%

– Removing liuggio/statsd-php-client (v1.0.16)

– Installing liuggio/statsd-php-client (v1.0.12)

Downloading: 100%

– Removing oojs/oojs-ui (v0.12.12)

– Installing oojs/oojs-ui (v0.11.3)

Downloading: 100%

– Removing wikimedia/cdb (1.3.0)

– Installing wikimedia/cdb (1.0.1)

Downloading: 100%

– Removing wikimedia/utfnormal (v1.0.3)

– Installing wikimedia/utfnormal (v1.0.2)

Downloading: 100%

– Removing zordius/lightncandy (v0.21)

– Installing zordius/lightncandy (v0.18)

Downloading: 100%

– Installing leafo/lessphp (v0.5.0)

Downloading: 100%

Generating optimized autoload files

The above will also create composer.lock file which can be used to update the dependencies later on to the latest version.

How do I update composer.lock file?

If there is no .lock file, this tool will create one based on the dependencies from the .json file. To fetch the dependent libraries to newer versions, run the following command i.e. if you have an existing composer.lock file you will need to run it as follows:

$ composer update

OR switch to core project directory such as /var/www/html/wiki and run:

$ cd /var/www/html/wiki/ && composer update –no-dev

Sample outputs:

ComposerHookHandler::onPreUpdate

Deprecation Notice: The Composer\Package\LinkConstraint\VersionConstraint class is deprecated, use Composer\Semver\Constraint\Constraint instead. in phar:///usr/local/bin/composer/src/Composer/Package/LinkConstraint/VersionConstraint.php:17

Deprecation Notice: The Composer\Package\LinkConstraint\LinkConstraintInterface interface is deprecated, use Composer\Semver\Constraint\ConstraintInterface instead. in phar:///usr/local/bin/composer/src/Composer/Package/LinkConstraint/LinkConstraintInterface.php:17

Updating dependencies

– Removing leafo/lessphp (v0.5.0)

– Removing wikimedia/composer-merge-plugin (v1.0.0)

– Installing wikimedia/composer-merge-plugin (v1.3.0)

Downloading: Connecting…

Downloading: 100%

– Removing liuggio/statsd-php-client (v1.0.12)

– Installing liuggio/statsd-php-client (v1.0.16)

Downloading: Connecting…

Downloading: 100%

– Installing mediawiki/at-ease (v1.1.0)

Downloading: 100%

– Removing oojs/oojs-ui (v0.11.3)

– Installing oojs/oojs-ui (v0.12.12)

Downloading: 100%

– Removing wikimedia/cdb (1.0.1)

– Installing wikimedia/cdb (1.3.0)

Downloading: 100%

– Removing wikimedia/utfnormal (v1.0.2)

– Installing wikimedia/utfnormal (v1.0.3)

Downloading: 100%

– Removing zordius/lightncandy (v0.18)

– Installing zordius/lightncandy (v0.21)

Downloading: 100%

– Installing composer/semver (1.0.0)

Downloading: 100%

– Installing oyejorge/less.php (v1.7.0.9)

Downloading: 100%

– Installing wikimedia/assert (v0.2.2)

Downloading: 100%

– Installing wikimedia/ip-set (1.0.1)

Downloading: 100%

– Installing wikimedia/wrappedstring (v2.0.0)

Downloading: 100%

Writing lock file

Generating optimized autoload files

Finally updating mediawiki to version 1.26.0

Now mediawiki will be updated without any problem as composer already fetched required libs for your php app:

$ cd /var/www/html/wiki/

$ php update.php

Command summary

This tutorial described how to install the composer and update mediawiki. But, if you just need the composer tool for your own project, just run the following commands:

$ sudo apt-get install curl php5-cli git

$ sudo curl -sS https://getcomposer.org/installer | sudo php — –install-dir=/usr/local/bin –filename=composer

$ composer

Now create your own .json file:

$ cd /my/cool/project/

$ vi composer.json

Install the dependencies for your project from composer.json, enter:

$ composer install

To update the dependencies for your project:

$ composer update

And, there you have it composer installed and working for your LAMP project. For further information please see the official composer project documentation here.

HP 7 provides 2x faster performance and 50% better memory consumption than PHP version 5.6. How do I install PHP 7 on Ubuntu Linux version 14.04 LTS server? How do I install PHP 7 with PHP-FPM in along with Nginx web server?

You need to install a PPA called ondrej/php. This allows you to co-install PHP versions 5.6 and 7.0. The latest version of PHP 7 is 7.0.5 and you will learn how to install the same on Ubuntu 14.04 LTS server.

Configure a PPA for co-installable PHP 5.6 + 7.0

Type the following command:

$ sudo apt-get install -y language-pack-en-base

$ sudo LC_ALL=en_US.UTF-8 add-apt-repository ppa:ondrej/php

OR

$ sudo add-apt-repository ppa:ondrej/php

Sample outputs:

Fig.01: Configure a PPA for PHP 7.0 packages

Update the package index

To resynchronize the package index files from their sources, enter:

$ sudo apt-get update

Sample outputs:

Ign http://archive.ubuntu.com trusty InRelease

Get:1 http://archive.ubuntu.com trusty-updates InRelease [64.4 kB]

Get:2 http://ppa.launchpad.net trusty InRelease [15.5 kB]

Hit http://security.ubuntu.com trusty-security InRelease

Hit http://archive.ubuntu.com trusty Release.gpg

Hit http://archive.ubuntu.com trusty Release

Get:3 http://archive.ubuntu.com trusty-updates/main amd64 Packages [696 kB]

Hit http://security.ubuntu.com trusty-security/main amd64 Packages

Get:4 http://ppa.launchpad.net trusty/main amd64 Packages [23.2 kB]

Hit http://security.ubuntu.com trusty-security/restricted amd64 Packages

Hit http://security.ubuntu.com trusty-security/universe amd64 Packages

Get:5 http://ppa.launchpad.net trusty/main Translation-en [12.2 kB]

Hit http://security.ubuntu.com trusty-security/multiverse amd64 Packages

Get:6 http://archive.ubuntu.com trusty-updates/restricted amd64 Packages [15.9 kB]

Hit http://security.ubuntu.com trusty-security/main Translation-en

Get:7 http://archive.ubuntu.com trusty-updates/universe amd64 Packages [336 kB]

Hit http://security.ubuntu.com trusty-security/multiverse Translation-en

Get:8 http://archive.ubuntu.com trusty-updates/multiverse amd64 Packages [13.0 kB]

Hit http://archive.ubuntu.com trusty-updates/main Translation-en

Hit http://security.ubuntu.com trusty-security/restricted Translation-en

Hit http://archive.ubuntu.com trusty-updates/multiverse Translation-en

Hit http://archive.ubuntu.com trusty-updates/restricted Translation-en

Hit http://archive.ubuntu.com trusty-updates/universe Translation-en

Hit http://security.ubuntu.com trusty-security/universe Translation-en

Hit http://archive.ubuntu.com trusty/main amd64 Packages

Hit http://archive.ubuntu.com trusty/restricted amd64 Packages

Hit http://archive.ubuntu.com trusty/universe amd64 Packages

Hit http://archive.ubuntu.com trusty/multiverse amd64 Packages

Hit http://archive.ubuntu.com trusty/main Translation-en

Hit http://archive.ubuntu.com trusty/multiverse Translation-en

Hit http://archive.ubuntu.com trusty/restricted Translation-en

Hit http://archive.ubuntu.com trusty/universe Translation-en

Ign http://archive.ubuntu.com trusty/main Translation-en_US

Ign http://archive.ubuntu.com trusty/multiverse Translation-en_US

Ign http://archive.ubuntu.com trusty/restricted Translation-en_US

Ign http://archive.ubuntu.com trusty/universe Translation-en_US

Fetched 1,176 kB in 3s (326 kB/s)

Reading package lists… Done

List all PHP 7 packages

Type the following apt-cache command:

$ apt-cache search php7

Sample outputs:

php7.0-common – Common files for packages built from the PHP source

libapache2-mod-php7.0 – server-side, HTML-embedded scripting language (Apache 2 module)

php7.0-cgi – server-side, HTML-embedded scripting language (CGI binary)

php7.0-cli – command-line interpreter for the PHP scripting language

php7.0-phpdbg – server-side, HTML-embedded scripting language (PHPDBG binary)

php7.0-fpm – server-side, HTML-embedded scripting language (FPM-CGI binary)

libphp7.0-embed – HTML-embedded scripting language (Embedded SAPI library)

php7.0-dev – Files for PHP7.0 module development

php7.0-dbg – Debug symbols for PHP7.0

php7.0-curl – CURL module for PHP

php7.0-enchant – Enchant module for PHP

php7.0-gd – GD module for PHP

php7.0-gmp – GMP module for PHP

php7.0-imap – IMAP module for PHP

php7.0-interbase – Interbase module for PHP

php7.0-intl – Internationalisation module for PHP

php7.0-ldap – LDAP module for PHP

php7.0-mcrypt – libmcrypt module for PHP

php7.0-readline – readline module for PHP

php7.0-odbc – ODBC module for PHP

php7.0-pgsql – PostgreSQL module for PHP

php7.0-pspell – pspell module for PHP

php7.0-recode – recode module for PHP

php7.0-snmp – SNMP module for PHP

php7.0-tidy – tidy module for PHP

php7.0-xmlrpc – XMLRPC-EPI module for PHP

php7.0-xsl – XSL module for PHP

php7.0 – server-side, HTML-embedded scripting language (metapackage)

php7.0-json – JSON module for PHP

php-all-dev – package depending on all supported PHP development packages

php7.0-sybase – Sybase module for PHP

php7.0-modules-source – PHP 7.0 modules source package

php7.0-sqlite3 – SQLite3 module for PHP

php7.0-mysql – MySQL module for PHP

php7.0-opcache – Zend OpCache module for PHP

php7.0-bz2 – bzip2 module for PHP

Install PHP 7

Type the following command to install PHP 7 along with useful php modules such as MySQL, GD, curl and so on:

$ sudo apt-get install php7.0

OR

$ sudo apt-get install php7.0 php7.0-cli php7.0-fpm php7.0-gd php7.0-json php7.0-mysql php7.0-readline

Sample outputs:

Fig.02: Installing PHP 7.0

Configure Nginx and PHP 7

Edit your nginx.conf file:

$ sudo vi nginx.conf

OR

$ sudo vi /etc/nginx/sites-enabled/default

Modify or append as follows:

# Pass all .php files onto a php-fpm/php-fcgi server.

location ~ [^/]\.php(/|$) {

fastcgi_split_path_info ^(.+?\.php)(/.*)$;

if (!-f $document_root$fastcgi_script_name) {

return 404;

}

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

fastcgi_pass unix:/run/php/php7.0-fpm.sock;

fastcgi_index index.php;

include fastcgi_params;

}

Save and close the file. Reload the nginx server:

$ sudo service nginx reload

Test new PHP 7 installation

Create a file called test.php in /var/www/html/ directory:

<?php

phpinfo();

?>

Save and close the file. Run it as follows:

http://your-domain/test.php

Sample outputs:

Fig.03: PHP 7 in action

How do I upgrade or patch my php 7.x version?

Type the following two commands:

$ sudo apt-get update

$ sudo apt-get upgrade

Sample outputs:

Calculating upgrade… Done

The following packages will be upgraded:

libapache2-mod-php7.0 libpcre3 php7.0 php7.0-cli php7.0-common php7.0-curl

php7.0-fpm php7.0-gd php7.0-json php7.0-mysql php7.0-opcache php7.0-readline

12 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

Need to get 4,628 kB of archives.

After this operation, 13.3 kB of additional disk space will be used.

Do you want to continue? [Y/n] y

Get:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libpcre3 amd64 1:8.31-2ubuntu2.2 [144 kB]

Get:2 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-json amd64 7.0.5-2+deb.sury.org~trusty+1 [17.1 kB]

Get:3 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-opcache amd64 7.0.5-2+deb.sury.org~trusty+1 [76.0 kB]

Get:4 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-fpm amd64 7.0.5-2+deb.sury.org~trusty+1 [1,254 kB]

Get:5 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main libapache2-mod-php7.0 amd64 7.0.5-2+deb.sury.org~trusty+1 [1,191 kB]

Get:6 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-cli amd64 7.0.5-2+deb.sury.org~trusty+1 [1,248 kB]

Get:7 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-common amd64 7.0.5-2+deb.sury.org~trusty+1 [507 kB]

Get:8 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-readline amd64 7.0.5-2+deb.sury.org~trusty+1 [12.2 kB]

Get:9 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0 all 7.0.5-2+deb.sury.org~trusty+1 [1,248 B]

Get:10 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-curl amd64 7.0.5-2+deb.sury.org~trusty+1 [26.9 kB]

Get:11 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-gd amd64 7.0.5-2+deb.sury.org~trusty+1 [27.0 kB]

Get:12 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main php7.0-mysql amd64 7.0.5-2+deb.sury.org~trusty+1 [122 kB]

Fetched 4,628 kB in 5s (900 kB/s)

(Reading database … 18668 files and directories currently installed.)

Preparing to unpack …/libpcre3_1%3a8.31-2ubuntu2.2_amd64.deb …

Unpacking libpcre3:amd64 (1:8.31-2ubuntu2.2) over (1:8.31-2ubuntu2.1) …

Setting up libpcre3:amd64 (1:8.31-2ubuntu2.2) …

Processing triggers for libc-bin (2.19-0ubuntu6.7) …

(Reading database … 18668 files and directories currently installed.)

Preparing to unpack …/php7.0-json_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-json (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-opcache_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-opcache (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-fpm_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

php7.0-fpm stop/waiting

Unpacking php7.0-fpm (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/libapache2-mod-php7.0_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking libapache2-mod-php7.0 (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-cli_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-cli (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-common_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-common (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-readline_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-readline (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0_7.0.5-2+deb.sury.org~trusty+1_all.deb …

Unpacking php7.0 (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-curl_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-curl (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-gd_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-gd (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Preparing to unpack …/php7.0-mysql_7.0.5-2+deb.sury.org~trusty+1_amd64.deb …

Unpacking php7.0-mysql (7.0.5-2+deb.sury.org~trusty+1) over (7.0.4-7+deb.sury.org~trusty+2) …

Processing triggers for ureadahead (0.100.0-16) …

Setting up php7.0-common (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-json (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-opcache (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-readline (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-cli (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-fpm (7.0.5-2+deb.sury.org~trusty+1) …

php7.0-fpm start/running, process 9573

Setting up libapache2-mod-php7.0 (7.0.5-2+deb.sury.org~trusty+1) …

Warning: Could not load Apache 2.4 maintainer script helper.

Setting up php7.0 (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-curl (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-gd (7.0.5-2+deb.sury.org~trusty+1) …

Setting up php7.0-mysql (7.0.5-2+deb.sury.org~trusty+1) …

Processing triggers for libapache2-mod-php7.0 (7.0.5-2+deb.sury.org~trusty+1) …

Warning: Could not load Apache 2.4 maintainer script helper.

Processing triggers for php7.0-fpm (7.0.5-2+deb.sury.org~trusty+1) …

php7.0-fpm stop/waiting

php7.0-fpm start/running, process 11732

serious vulnerability was discovered in how CGI scripts are used by Linux or Unix that use PHP, Go, Python, and other scripting languages. How do I fix Httpoxy a CGI application vulnerability on Linux or Unix for HAProxy, Varnish, Nginx, PHP, Go, Python, Tomcat and others?

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict:

RFC 3875 (CGI) puts the HTTP Proxy header from a request into the environment variables as HTTP_PROXY

HTTP_PROXY is a popular environment variable used to configure an outgoing proxy

This leads to a remotely exploitable vulnerability. If youâ€re running PHP or CGI, you should block the Proxy header. This attack use HTTP_PROXY for Man-in-the-Middle” attack. The following web servers, web frameworks and programming languages are affected:

Go lang (CVE-2016-5386)

PHP lang (CVE-2016-5385)

HHVM (CVE-2016-1000109)

Python (CVE-2016-1000110)

Apache Tomcat (CVE-2016-5388)

Servers Apache (CVE-2016-5387)/Nginx/Varnish/Httpoxy.

Disro – RHEL and CentOS and others.

Patch your OS and Apps

First install all available updates for your operating system and application software such as Apache, PHP, Nginx and more:

$ sudo apt-get update && sudo apt-get upgrade

OR

$ sudo dnf update

OR

$ sudo yum update

Httpoxy mitigation for Nginx proxy server

Edit your nginx.conf or fastcgi_params file:

# vi /etc/nginx/ fastcgi_params

Add the following directives:

fastcgi_param  HTTP_PROXY    ;

When proxying HTTP requests to an upstream application, itâ€s wise to set any Proxy header to the empty string, in case the upstream application is running on a vulnerable platform (added in your nginx.conf’s when load balancing and proxying HTTP traffic):

proxy_set_header Proxy   ;

Save and close the file. Reload/restart the nginx server:

# systemctl reload nginx

Httpoxy mitigation for Apache server

You can use mod_headers. Edit /etc/httpd/conf.d/site.conf or httpd.conf :

# vi /etc/httpd/conf.d/site.conf

Add the following directives:

RequestHeader unset Proxy

Save and close the file. Restart the apache server:

# systemctl restart httpd

http-request del-header Proxy

Httpoxy mitigation using HAProxy

Edit /etc/haproxy/haproxy.cfg and edit/append as follows to remove Proxy header:

http-request del-header Proxy

Restart the Httpoxy:

# systemctl restart haproxy

Httpoxy mitigation using Varnish

Edit the /etc/varnish/default.vcl and edit/append as follows to remove Proxy header (find and add in sub vcl_recv { … } section):

unset req.http.proxy;

Save and close the file. Restart the varnish:

# systemctl restart varnish

Httpoxy mitigation for PHP/Go lang cgi apps

You need to configure your web application firewall (such as Nginx) to remove the Proxy header from incoming HTTP requests. See above for Nginx and Apache proxy specific info.

Fixing your php app by editing .php file

Edit your PHP file and make sure he following statement near the top, after <?php:

<?php

/* Warning: Not tested and may not be effective */

putenv( HTTP_PROXY= ); $_SERVER[HTTP_PROXY] =   ;

/* NOTE */

/* If you are running PHP under Apache/mod_php, also add after the above: */

apache_putenv( HTTP_PROXY ,   );

/* rest of your php script */

Save and close the file.

Fixing your php app by editing go program file

Edit the following changes to your program as follows:

import  os

os.Unsetenv( HTTP_PROXY )

Verification

To fix the issue, temporarily install the following as a CGI script on your server and make it executable (say at /var/www/html/cgi-bin/test.cgi):

#!/bin/sh

echo  Content-Type:text/plain

​echo

echo  HTTP_PROXY= $HTTP_PROXY

Save and close the file. Make it executable:

chmod +x test.cgi

Call it as follows:

curl -H  Proxy: AFFECTED  http://your-server-ip-or-name/cgi-bin/test.cgi

If you see the following output, your server is unaffected:

HTTP_PROXY=

If instead you see the following, or any other output, your server may be affected and you should apply one of the mitigations as discussed above:

HTTP_PROXY= AFFECTED

References

For more information see https://httpoxy.org/ and httpoxy flaw info from Red Hat.

Apache HTTP server httpoxy security advisory.

Mitigating the HTTPoxy Vulnerability with NGINX

am getting the following error in my /var/log/php7.0-fpm.log file:

“ERROR: failed to prepare the stderr pipe: Too many open files (24)”

How do I fix this problem?

You need to set open file descriptor rlimit for the PHP master process. The default value is system defined but one can increase it as per needs.

php-fpm too many open files error and solution

Edit php-fpm.conf

# vi /etc/php/7.0/fpm/php-fpm.conf

Find rlimit_files

;rlimit_files = 1024

And update it as follows (or as per your need):

rlimit_files = 4096

Save and close the file. Restart php7-0.fpm, run:

# systemctl restart php7.0-fpm

Increase FD limit at the OS level

Find user/group name:

$ grep ^user /etc/php/7.0/fpm/pool.d/www.conf

$ grep ^group /etc/php/7.0/fpm/pool.d/www.conf

www-data

www-data

Edit /etc/security/limits.conf, enter:

# vi /etc/security/limits.conf

Append as follows (replace user/group name with your actual names):

www-data       soft    nofile  4096

www-data       hard    nofile  4096

Restart required process. Save and close the file. Verify it:

$ su – www-data

To see the hard and soft values, issue the command as follows:

$ ulimit -Hn

$ ulimit -Sn