Monthly Archives: September 2012

PHP Security – disabled the exec, etc.

In /etc/php5/apache2/php.ini

as someone already can upload phpshell it will not do too much…

disable_functions = exec, shell_exec, system, popen, passthru, escapeshellarg, escapeshellcmd, proc_close, proc_open, ini_alter, dl, popen, show_source, set_time_limit, php_uname, phpinfo, diskfreespace, disk_total_space, disk_free_space, get_current_user, posix_uname

 

Own XMPP/Jabber Server on Debian

  1. Installing ejab­berd:

    aptitude install ejabberd
  2. Configuration:

    nano /etc/ejabberd/ejabberd.cfg
  3. Find and change the line:

    {acl, admin, {user, "YOURNAME", "YOURDOMAIN"}}.
  4. Append a little below your domain:

    {hosts, ["YOURDOMAIN"]}.
  5. Restart ejabberd:

    ejabberdctl restart
  6. Register an account for yourself:

    ejabberdctl register YOURNAME YOURDOMAIN YOURPASSWORD
  7. If the ejabberd is on a different server set SRV records:

    jid.YOURDOMAIN.TLD. A IPSERVEREJABBERD
    _xmpp-client._tcp.YOURDOMAIN.TLD. SRV 10 0 5222 jid.YOURDOMAIN.TLD.
    _xmpp-server._tcp.YOURDOMAIN.TLD. SRV 10 0 5269 jid.YOURDOMAIN.TLD.

Linux commands to help me work

Search for files and directories given text, a very useful feature when you want to find the text and does not know where the file or directory is.

grep -i -n -r 'Search string' /var/www/path/

shows how many times is the search text in the text and returns the result in numbers.

cat access.log|grep 'Search string' | wc -l

while

while true; do COMMEND; done