[user@logs]# cat error_log | cut -d " " -f 11,13,14 | sort -n | uniq -c | sort -r
728 script not found
101 AH01276: serve directory
57 AH02811: not found
25 PHP Undefined
3 server does NOT
3 PHP session_start():
1 slotmem mod_heartmonitor
1 mpm (prefork.c) is
1 line: -D FOREGROUND'
1 () PHP/7.3.11 configured
---
So most often error message is "script not found". A concrete example of error that needs to be addressed is the below:
[client 173.212.201.253:34544] script '/var/www/html/sitedomain/prod/wp-login.php' not found or unable to stat, referer: http://sitedomain.com/wp-login.php
This is to be tackled in another article :)
Saturday, April 25, 2020
Tuesday, April 21, 2020
Fix PHP Notice: Undefined index: HTTP_HOST in php on line
It might be that $_SERVER['HTTP_HOST'] is undefined.
To check this, better to verify using isset before instantiating it:
$link .= "http://";
if (isset($_SERVER['HTTP_HOST'])) {
$link .= $_SERVER['HTTP_HOST'];
}
To check this, better to verify using isset before instantiating it:
$link .= "http://";
if (isset($_SERVER['HTTP_HOST'])) {
$link .= $_SERVER['HTTP_HOST'];
}
Saturday, April 18, 2020
Script to check when specific SSL website certificate is to expire
#!/bin/bash
expire=$(echo | openssl s_client -servername easybiny.com -connect easybiny.com:443 2>/dev/null | openssl x509 -noout -dates | awk 'BEGIN{FS="After="} {print $2}')
date_today=$(date -d "now" +%s)
date_expire=$(date -d "$expire" +%s)
result=$(( (date_expire - date_today) / 86400 ))-days
echo $result
Running the above will prodice the desired output:
[root@x.x.x.x monitoring]# ./check-easybiny-certificate.sh
75-days
expire=$(echo | openssl s_client -servername easybiny.com -connect easybiny.com:443 2>/dev/null | openssl x509 -noout -dates | awk 'BEGIN{FS="After="} {print $2}')
date_today=$(date -d "now" +%s)
date_expire=$(date -d "$expire" +%s)
result=$(( (date_expire - date_today) / 86400 ))-days
echo $result
Running the above will prodice the desired output:
[root@x.x.x.x monitoring]# ./check-easybiny-certificate.sh
75-days
SSL Certificate - Get expiration date from shell with openssl
Very simple, just run the following command:
[root@ip-172-31-39-55 monitoring]# echo | openssl s_client -servername www.easybiny.com -connect www.easybiny.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=Mar 28 13:43:20 2020 GMT
notAfter=Jun 26 13:43:20 2020 GMT
[root@ip-172-31-39-55 monitoring]# echo | openssl s_client -servername www.easybiny.com -connect www.easybiny.com:443 2>/dev/null | openssl x509 -noout -dates
notBefore=Mar 28 13:43:20 2020 GMT
notAfter=Jun 26 13:43:20 2020 GMT
Fixed: Where PHP sessions are stored?
This is setup using the following parameter:
session.save_path
By default, at least in PHP 7.3, this is commented in php.ini:
;session.save_path = "/tmp"
It means default location is the following one:
/var/lib/php/session
In there you'll get files like the below:
[root@ip-172-31-39-55 session]# ls -l
-rw------- 1 apache apache 71 Apr 18 18:31 sess_0a2bbj0u9nsf9gh5vbddte855e
-rw------- 1 apache apache 0 Apr 18 11:13 sess_0uttil3jnenoos2kcf6t45gqj5
-rw------- 1 apache apache 0 Apr 17 15:30 sess_1f57jnsc28gj06km301b4von1a
-rw------- 1 apache apache 0 Apr 18 10:39 sess_2ips2j6djo8fst8lm4lq9q7l6n
-rw------- 1 apache apache 0 Apr 18 09:23 sess_32ta8talaki4a7umbuq6ivfqdi
If you also have have session parameters ($_SESSION['parameter']), you shall see those in file:
cat sess_vssets4hr5b1h89ad7k93q3rhl
loggedin|b:1;name|s:1:"D";id|i:6;
session.save_path
By default, at least in PHP 7.3, this is commented in php.ini:
;session.save_path = "/tmp"
It means default location is the following one:
/var/lib/php/session
In there you'll get files like the below:
[root@ip-172-31-39-55 session]# ls -l
-rw------- 1 apache apache 71 Apr 18 18:31 sess_0a2bbj0u9nsf9gh5vbddte855e
-rw------- 1 apache apache 0 Apr 18 11:13 sess_0uttil3jnenoos2kcf6t45gqj5
-rw------- 1 apache apache 0 Apr 17 15:30 sess_1f57jnsc28gj06km301b4von1a
-rw------- 1 apache apache 0 Apr 18 10:39 sess_2ips2j6djo8fst8lm4lq9q7l6n
-rw------- 1 apache apache 0 Apr 18 09:23 sess_32ta8talaki4a7umbuq6ivfqdi
If you also have have session parameters ($_SESSION['parameter']), you shall see those in file:
cat sess_vssets4hr5b1h89ad7k93q3rhl
loggedin|b:1;name|s:1:"D";id|i:6;
PHP 7.3 - Find php.ini file
Simply run this command:
php -i | grep "Loaded Configuration File"
In my case it found the file here:
[root@x.x.x.x etc]# php -i | grep "Loaded Configuration File"
Loaded Configuration File => /etc/php.ini
php -i | grep "Loaded Configuration File"
In my case it found the file here:
[root@x.x.x.x etc]# php -i | grep "Loaded Configuration File"
Loaded Configuration File => /etc/php.ini
Friday, April 17, 2020
Crontab -e log history on Amazon Linux 2
This is located here:
/var/log/cron
Example of usage:
tail -500f /var/log/cron
You shall find your scripts from crontab -e being run:
Apr 17 22:43:01 ip-172-31-39-55 CROND[1407]: (root) CMD (sh /home/dtech/monitoring/check-daily-requests.sh)
Apr 17 22:43:01 ip-172-31-39-55 CROND[1408]: (root) CMD (sh /home/dtech/monitoring/check-cpu)
/var/log/cron
Example of usage:
tail -500f /var/log/cron
You shall find your scripts from crontab -e being run:
Apr 17 22:43:01 ip-172-31-39-55 CROND[1407]: (root) CMD (sh /home/dtech/monitoring/check-daily-requests.sh)
Apr 17 22:43:01 ip-172-31-39-55 CROND[1408]: (root) CMD (sh /home/dtech/monitoring/check-cpu)
Thursday, April 16, 2020
Splunk: Split URL Path by removing query parameters
If you have something like the below:
/easybiny.stockprice.json?dt=123213
and want only to get the path without query string:
/easybiny.stockprice.json
Then easy way is to do this in the Splunk search statement:
eval url=mvindex(split(request, "?"), 0) | table request,url
/easybiny.stockprice.json?dt=123213
and want only to get the path without query string:
/easybiny.stockprice.json
Then easy way is to do this in the Splunk search statement:
eval url=mvindex(split(request, "?"), 0) | table request,url
Saturday, April 4, 2020
MariaDB/MySQL show privilegies for DB User
MariaDB [xxxx]> show grants for 'xxxx'@"localhost";
+------------------------------------------------------------------------+
|Grants for xxxx@localhost |
+------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'xxxx'@'localhost' IDENTIFIED BY PASSWORD '*xxx'
| GRANT SELECT, INSERT ON `dtech`.`bins` TO 'xxxx'@'localhost'
+------------------------------------------------------------------------+
Fix "PHP Fatal error: Uncaught Error: Call to a member function bind_param() on bool in"
First of all, please make sure you have proper verbose error to identify root cause:
if ($stmt = $conn->prepare("SELECT id, password FROM accounts WHERE email = ?")) {
$stmt->bind_param("s", $_POST['username']);
$stmt->execute();
$stmt->store_result();
....
else{
$error = $conn->errno . ' ' . $conn->error;
echo $error;
}
Once this in place, I can get the exact error message in browser:
1142 SELECT command denied to user 'xxxx'@'localhost' for table 'accounts'DB error
So my xxxx user does not have proper access.
This is easily to be fixed by running the following command:
GRANT SELECT ON db.accounts TO xxxx@'localhost';
if ($stmt = $conn->prepare("SELECT id, password FROM accounts WHERE email = ?")) {
$stmt->bind_param("s", $_POST['username']);
$stmt->execute();
$stmt->store_result();
....
else{
$error = $conn->errno . ' ' . $conn->error;
echo $error;
}
Once this in place, I can get the exact error message in browser:
1142 SELECT command denied to user 'xxxx'@'localhost' for table 'accounts'DB error
So my xxxx user does not have proper access.
This is easily to be fixed by running the following command:
GRANT SELECT ON db.accounts TO xxxx@'localhost';
Redirect www subdomain to "apex" like subdomain
First, please always use https and proper certificate.
Secondly, add the following rule to your virtual host:
...
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.stage.easybiny.com
RewriteRule ^ https://stage.easybiny.com%{REQUEST_URI} [END,NE,R=permanent]
...
Note: In this example, stage.easybiny.com is the "apex" like subdomain.
Secondly, add the following rule to your virtual host:
...
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.stage.easybiny.com
RewriteRule ^ https://stage.easybiny.com%{REQUEST_URI} [END,NE,R=permanent]
...
Note: In this example, stage.easybiny.com is the "apex" like subdomain.
Subscribe to:
Posts (Atom)