Browsing all articles tagged with apache
Feb
27

Strict Standards: date() [function.date] Error

I was installing NagVis when I came across this weird message:

Strict Standards: date() [function.date]: It is not safe to rely on the system’s timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘UTC’ for ‘GMT/0.0/no DST’ instead in /usr/local/nagios/nagvis/nagvis/includes/classes/objects/NagVisStatefulObject.php on line 360

It clearly says that I should check the timezone, which I did. But there’s nothing wrong with time or date. ntpd is running and it set the correct timezone so what could be wrong?

If you are reading this then probably you are seeing this error too. To fix this, open your php.ini using your favourite text editor (like vi) and add this line:

date.timezone=UTC

Take note that depending on how you installed php, it could be in /etc/php.ini (RedHat) or /etc/php5/apache2/php.ini (SLES) or if compiled, /usr/local/php5/php.ini.

You need to restart Apache for changes to take effect.

May
25

Tip: No Space Left on Device Error

If you have an Apache web server and for some weird reason, you cannot start the service, then you might be encountering the “No space left on device” error.

At first you will notice that no matter how many times you restart the http daemon, it just won’t start. Looking at the logs, you will see these errors:

[crit] (28)No space left on device: mod_rewrite: could not create rewrite_log_lock Configuration failed.

Of course, seeing that the errors are about the disk being full, you might want to check the disk space of your machine: read more

May
12

Tip: Simple SSL Certificate Scanner

If ever you need to write a script that needs you to scan the details of an SSL Certificate of a particular website, you can use this nifty one-liner to get the information that you need.

Security Certificates identify your site as a legit site and offers more secure connection by encrypting the data as it passes along the Internet highway. If the data is encrypted, chances are, the data being transmitted is less likely to be sniffed by malicious hackers.

If you manage hundreds of websites, each with its own SSL certificate that expires on different dates, you will need to create a script that will scan the certificates and capture the expiration dates and there is a nifty Linux command that can do this. read more

Apr
21

Tip: Testing Your PHP/MySQL Connection

How to test if PHP connects to MySQL database?

There are numerous times when I have to setup Apache and PHP on a freshly installed Linux server. Considering that not only that Apache service should work, I also have to make sure that PHP and MySQL are working properly together.

Forgetful that I am, I always tend to forget what components should I have to make PHP and MySQL talk to each other. You need something like a ‘special glue’ to connect the two together and I will discuss here how to make PHP and MySQL work together for both RPM and source installation.
read more

Mar
6

How To Create Self Signed Certificate

This is a mini guide on how to create a self signed SSL certificate for your secure website on Apache server. Self signed certificates are commonly used for site testing but is not honored for public websites since the certificate is signed only by you, hence the term self signed.

Step 1: Generating a server key needed to create the .ca and .crt files

[root@home test]# openssl genrsa -des3 -out server.key 4096
Generating RSA private key, 4096 bit long modulus
…………………………………………..++
……………………………………++
e is 65537 (0×10001)
Enter pass phrase for server.key:
Verifying – Enter pass phrase for server.key:
[root@home test]# ls
server.key

Step 2: Remove the passphrase from the key file. This is done so you do not have to type in the passphrase everytime the Apache is started. This especially useful in the event of server reboot when there is no one to manually type the passphrase. (Note: Once the passphrase is removed from the key, make sure that the file is readable only by root.)

[root@home test]# mv server.key server.key.secure
`server.key’ -> `server.key.secure’
[root@home test]# openssl rsa -in server.key.secure -out server.key
Enter pass phrase for server.key.secure:
writing RSA key
[root@home test]# ls
server.key server.key.secure

Step 3: Generate the CA file. The Certificate Authority file identifies the body that signed the certificate. The certificate validity in this example is 365 days after which, you will have to generate a new CA and CRT files again.

[root@home test]# openssl req -new -x509 -days 365 -key server.key -out server.ca
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]: PH
State or Province Name (full name) [Berkshire]:Manila
Locality Name (eg, city) [Newbury]:Manila
Organization Name (eg, company) [My Company Ltd]:ZXY Corp
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server’s hostname) []:myhomies.com.ph
Email Address []:admin@myhomies.com.ph
[root@home test]# ls
server.ca server.key server.key.secure

Step 4: Generate the CSR file. The Certificate Signing Request is the file that contains the information of the certificate file itself. Note that in the Common Name field, you will have the use the fully qualified domain name (FQDN) of the actual site where the certificate is going to be used. For example, if your secure site is https://mywork.here.com, put mywork.here.com in the Common Name field. If you don’t have FQDN, use the server’s ip address instead. If the site url and Common Name are different, users will see a pop-up box whenever they visit your site.

[root@home test]# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]: PH
State or Province Name (full name) [Berkshire]:Manila
Locality Name (eg, city) [Newbury]:Manila
Organization Name (eg, company) [My Company Ltd]:ZXY Corp
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server’s hostname) []:myhomies.com.ph
Email Address []:admin@myhomies.com.ph

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@home test]# ls
server.ca server.csr server.key server.key.secure

Step 5: Generate the CRT file.

[root@home test]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=PH/ST=Manila/L=Manila/O=ZXY Corp/OU=IT/CN=myhomies.com.ph/emailAddress=admin@myhomies.com.ph
Getting Private key
[root@home test]# ls
server.ca server.crt server.csr server.key server.key.secure

There you have it. You have the files that you need to create a secure http site with a self-signed certificate. All you have to do now is to install there certificates to your Apache server. Your server needs to have mod_ssl enabled to use the secure http port (443).

Step 6: Install the certificates. Just copy the files to where you want your SSL certificate to be, like /etc/httpd/conf.d/ssl.crt. The setup your ssl.conf file to point the directives to the location of your SSL files.

:)

Powered by 1and1.comDomain Registrations starting at $9.98* Earn with Your BlogAdvertise @ PinoyTux

Search PinoyTux

Subscribe to Email Feeds

Enter Email Address:

Blog Lounge

Popular Posts

Recent Posts

Recent Comments

Site Stats