Using Webgrind to analyze Xdebug2

Grab Xdebug that matches your PHP installation.  Make sure Webgrind is not publicly accessible.  It allows anyone with access to it to get access to your local file system.

Webgrind Legend

The basic output lists all the different functions, methods, and included/required files.

  • Invocation Count: The number of times the function has been called
  • Total Self Cost: The total time it took to execute the raw php in this function (time taken to execute your other custom functions is excluded.)
  • Total Inclusive Cost: Total time, including any other functions called (PHP internal, or your functions)
  • What the different colours mean?
    • Blue are PHP internal functions
    • Green are your class methods
    • Orange are procedural functions
    • Grey is time taken to include, or require .php files.
  • What the coloured bar means? Graphical display of breakdown of time for each type as above.
  • For the last ones, I assume you’ve clicked the arrow to open a particular function?
    • Calls: The functions/methods called in executing this function
    • Total Call Cost: The total time executing this function, when called from the parent function
    • Count: Number of times the parent calls the child.

WordPress on IIS

These are my notes for getting WordPress on IIS 10 (1809) on Windows Server 2019 Core working.  I ran into a problem with MySQL 8.0 so I reverted back to MySQL 5.6 until I can spend a little more time troubleshooting and document my experience.

[This is a running draft currently]

  1. Install and Configure: IIS 10 (1809)
    1. IIS Role
      1. Features > CGI, Dynamic Compression
    2. Configure IIS FastCGI parameters – can be done with Administration pack, but I’m running Core and did from commandline.
      1. %windir%\system32\inetsrv\appcmd set config -section:system.webServer/fastCgi /[fullPath='c:\{php_folder}\php-cgi.exe'].instanceMaxRequests:10000
      2. %windir%\system32\inetsrv\appcmd.exe set config -section:system.webServer/fastCgi /+"[fullPath='C:\{php_folder}\php-cgi.exe'].environmentVariables.[name='PHP_FCGI_MAX_REQUESTS',value='10000']"
    3. GZIP (static/dynamic compression)
  2. Install and Configure: PHP 7.3
    1. Non-thread safe PHP 7.3 x64 installed to C:\PHP
    2. Needs VC15 redistributable (x64)
    3. Configure date.timezone, upload_tmp_dir, etc.
      1. Set permissions for tmp file location using icacls
        1. icacls tmppath /grant "IIS_IUSRS":(OI)(CI)F
  3. Install and Configure: MySQL Community Server 5.6.42
    1. Needs VC13 redistributable
    2. Configure bind-address for 127.0.0.1 in C:\ProgramData\MySQL\my.cnf
  4. Install and Configure WordPress
    1. Folder permissions required (IIS_IUSR) using icacls
      1. icacls websiteroot /grant "IIS_IUSRS":(OI)(CI)F
    2. Download latest ZIP
      1. Tip: PowerShell Extract-Archive latest.zip works great – seemed slow, but it worked.
    3. IIS Rewrites (2.1 is required – I used x64 download)
      1. Permissions
        1. Note:  example.com is the name of  a website I created in IIS, so permissions use the App Pool Identity.
        2.   icacls "C:\inetpub\example.com" /grant:r "IIS APPPOOL\example.com:(OI)(CI)(RX,W)" /T
        3. Some notes I need to revise:
          1. iis permissions setup
            
            icacls PATH /remove "UserOrGroup" /t (removes recursively)
            
            i use:
            icacls httproot /inheritance:d
            icacls httproot /remove "BUILTIN\Users" /t
            icacls httproot /grant "IIS APPPOOL\domain.com" (this will propagate via inheritance to httproot\*)
            
            
            icacls httproot /grant "IIS APPPOOL\domain.com:(OI)(CI)F" /t
            
            PS C:\inetpub\domain.com> icacls httproot
            httproot IIS APPPOOL\domain.com:(F)
            NT SERVICE\TrustedInstaller:(F)
            NT SERVICE\TrustedInstaller:(OI)(CI)(IO)(F)
            NT AUTHORITY\SYSTEM:(F)
            NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(F)
            BUILTIN\Administrators:(F)
            BUILTIN\Administrators:(OI)(CI)(IO)(F)
            CREATOR OWNER:(OI)(CI)(IO)(F)
            
            
            create site
            authentication > anonymouse authentication > edit > change to Application Pool Identity > OK
            
            right click on site > manage > advanced > ensure application pool is selected for correct application pool (domain.com)
            
            application pools > right click domain.com pool > ensure Process Model section > Identity is set to ApplicationPoolIdentity
      2.         
                    
                        
                            
                                
                                
                            
                        
                    
                
        
  5. LetsEncrypt SSL
  6. benchmark
  7. Php 5.7 on old iis 7.5 (2008R2) vs new server (2019 core) with php 7.3

 

From Linux Install to WordPress

A typical installation of Debian 8.x (Jessie) precedes this where I only select base system and ssh server options during operating system installation.  After installation, this is a typical configuration to get me up and running. These are my notes.

Debian Customization

These are customizations to suit my taste.

apt-get update && apt-get upgrade
dpkg-reconfigure dash
echo UseDNS no >>/etc/ssh/sshd_config && /etc/init.d/ssh restart
apt-get install fail2ban vim-nox unzip

Webserver Installation: nginx

wget http://nginx.org/keys/nginx_signing.key
apt-key add nginx_signing.key
echo 'deb http://nginx.org/packages/debian/ jessie nginx' >> /etc/apt/sources.list
echo 'deb-src http://nginx.org/packages/debian/ jessie nginx' >> /etc/apt/sources.list
apt-get update && apt-get install nginx

nginx Configuration

There are a few customizations I make and I have scripted most of this since it’s repetitive.

In the first line below, worker_processes 2; is derived from grep 'cpu cores' /proc/cpuinfo | head -1
sed -i 's/user[ ]*nginx/user www-data/g; s/worker_processes[ ]*1/worker_processes 2/g' /etc/nginx/nginx.conf
sed -i 's/access_log.*;/access_log off;/g' /etc/nginx/nginx.conf
sed -i '/access_log off;/a client_max_body_size 12m;' /etc/nginx/nginx.conf
/etc/init.d/nginx restart

With basic configuration changes made to nginx.conf, I now focus on creating the site configuration.

rm /etc/nginx/conf.d/*

cat <<EOF >>/etc/nginx/conf.d/`hostname`.conf
server {
        listen 80;
        root /var/www;
        index index.php index.html index.htm;

        server_name techish.net www.techish.net;

        location / {
                try_files $uri $uri/ /index.php;
        }

        location ~ .php$ {
                try_files $uri =404;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name
;
                include fastcgi_params;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        }

    location ~ /.well-known {
                allow all;
        }
}
EOF

That concludes nginx installation and configuration to THIS point. I’ll revisit toward the end when I implement SSL.

PHP 7 Installation

I use dotdeb to install PHP 7.0 via apt-get.

echo 'deb http://packages.dotdeb.org jessie all' >> /etc/apt/sources.list
echo 'deb-src http://packages.dotdeb.org jessie all' >> /etc/apt/sources.list
wget https://www.dotdeb.org/dotdeb.gpg
apt-key add dotdeb.gpg
apt-get update
apt-get install php7.0-fpm php7.0-mysql php7.0-gd php7.0-mcrypt

PHP 7 Configuration

With PHP7 installation completed, I make a few changes.

sed -i 's/^upload_max_filesize.*/upload_max_filesize = 10m/g; s/^allow_url_fopen.*/allow_url_fopen = Off/g; s/^post_max_size.*/post_max_size = 12m/g' /etc/php/7.0/fpm/php.ini

MySQL (MariaDB) Installation

Installing MariaDB is pretty straight forward with only a minor tweak in the configuration at the end.

apt-get install mariadb-server

MariaDB Configuration

sed -i 's/^bind-address/#bind-address/g; /^#bind-address/a skip-networking' /etc/mysql/my.cnf
mysql_secure_installation

Restart Services & Test

Restart the services and test out things to make sure everything works.

systemctl restart nginx.service
systemctl restart php7-fpm.service
systemctl restart mysql.service

WordPress Installation

WordPress installation is straight forward.

Database Preparation

Make sure to substitute wordpress, wpuser and ... below to reflect your database, database username and database user password.
cd /var/www
mysql -uroot -p -e create database wordpress; grant all on wordpress.* to 'wpuser'@'%' identified by '...'; flush privileges

WordPress Download & Extract

wget https://wordpress.org/latest.zip
unzip latest.zip
mv wordpress/* .
rm -rf wordpress/; rm latest.zip
chown www-data.www-data -R .

WordPress Configuration

At this point, the database is ready to go and I just visit my website to finish the WordPress installation via Web interface.

Let’s Encrypt SSL Certificate

Installation

openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

Add Jessie backports repo and install.

echo 'deb http://ftp.debian.org/debian jessie-backports main' >>/etc/apt/sources.list
apt-get update
apt-get install certbot -t jessie-backports

Certificate Generation

I generate a certificate for my top level domain and subdomain.

certbot certonly --webroot -w /var/www -d techish.net
certbot certonly --webroot -w /var/www -d www.techish.net

nginx SSL Configuration

Create a directory in /etc/nginx to store a few snippets of nginx configuration.

mkdir /etc/nginx/ssl

Create SSL parameters configuration file, ssl-params.conf, that we’ll call in our site configuration file.

cat <<EOF >>/etc/nginx/ssl/ssl-params.conf
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
    ssl_ecdh_curve secp384r1;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    add_header Strict-Transport-Security max-age=63072000; includeSubdomains; preload;
    add_header Strict-Transport-Security max-age=63072000; includeSubdomains;
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
EOF

Create a configuration file, ssl-kreider.conf, that will reference where my top level domain SSL certificate is stored. I call this file from main nginx site configuration file later.

cat <<EOF >>/etc/nginx/ssl/ssl-kreider.conf
ssl_certificate /etc/letsencrypt/live/techish.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/techish.net/privkey.pem;
EOF

Create a configuration file, ssl-www-kreider.conf, that will reference where my www subdomain SSL certificate is stored. I call this file from main nginx site configuration file later.

cat <<EOF >>/etc/nginx/ssl/ssl-www-kreider.conf
ssl_certificate /etc/letsencrypt/live/www.techish.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.techish.net/privkey.pem;
EOF

I update my main site’s nginx configuration.

Note that `hostname` will expand the system hostname automatically. Replace `hostname`.conf (including backticks) with your configuration file name as applicable.
vim /etc/nginx/conf.d/`hostname`.conf

My finalized site configuration file.

server {
        listen 80;
        server_name techish.net www.techish.net;
        return 307 https://techish.net$request_uri;
}

server {
        listen 443 ssl;
        include ssl/ssl-kreider.conf;
        include ssl/ssl-params.conf;
        root /var/www;
        index index.php index.html index.htm;

        server_name techish.net;

        location / {
                try_files $uri $uri/ /index.php;
        }

        location ~ .php$ {
                try_files $uri =404;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name                                                                                                                               ;
                include fastcgi_params;
                fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
        }
}

Part 1: Analysis of a WordPress Malware

I had some time at lunch to kill, so I decided to see how Malware techniques were improving in the land of WordPress and free premium theme download sites.

Enter the Darknet.

A simple Google search got me a theme ZIP file pretty quickly.  Now, it was time to see what malicious happenings this thing would cause.

Unpacked, here’s the structure of the ZIP file.

.
├── functions.php
├── home.php
├── images
│   ├── arrow.png
│   ├── bg-pattern.png
│   ├── bg.png
│   ├── blockquote.png
│   ├── blue
│   │   ├── gradient.png
│   │   ├── logo.png
│   │   ├── logo-texture.png
│   │   ├── logo-vert-left.png
│   │   └── logo-vert-right.png
│   ├── favicon.ico
│   ├── footer-twitter.png
│   ├── footer-widgets.png
│   ├── gradient.png
│   ├── green
│   │   ├── gradient.png
│   │   ├── logo.png
│   │   ├── logo-texture.png
│   │   ├── logo-vert-left.png
│   │   └── logo-vert-right.png
│   ├── icon-dot.png
│   ├── list-after-post.png
│   ├── list.png
│   ├── logo.png
│   ├── logo-texture.png
│   ├── logo-vert-left.png
│   ├── logo-vert-right.png
│   ├── red
│   │   ├── gradient.png
│   │   ├── logo.png
│   │   ├── logo-texture.png
│   │   ├── logo-vert-left.png
│   │   └── logo-vert-right.png
│   ├── rss.png
│   ├── social-icons.png
│   └── twitter-nav.png
├── page_landing.php
├── page_landing2.php
├── README.txt
├── screenshot.png
└── style.css

Right off the bat, page_landing2.php sticks out to me. Let’s take a look.

Oh. Would you look at that fun. Time to see what this is doing.

First, I don’t like trying to read the garbled code, so I “prettify” it.

Ok, so let’s decode the above to make it readable.

There are a few interesting pieces here.

These interest me because they are making a call to a website to get additional payload/scripts. Let’s see what they are. =)

The first one, pastebin link, shows me this garbled shit. What I really care about is the compressed base64 at the end.

So, now I look to deobfuscating the compressed/base64 garbage… Here’s part of the file, my screencapture died when my computer automatically locked; [FIXME]

NOTE: Click on the image for a higher resolution. It’s like 62k pixels tall, lol.

 

What I’m interested in is the top of this file.

So again, uncompressing the base64 encoding of that gives me the following file.

Going back for a minute the the previous garbled shit $plsym variable which contains the compressed/base64 is decompressed and unencoded and saved as a perl file.

At this point, I have everything I need to begin to follow this even deeper into the dark underworld. There are a few domains (which I didn’t highlight in this article, but you can find them in the screenshots) and some passwords.

Stay tuned… in the next update, I show you what happens when I infiltrate their command servers. Much fun!

PHP Easter Eggs

To honor Easter, I’ve decided to put this little tidbit of information up. These are PHP easter eggs.  I had no idea these existed until I was running a security scan using Detectify.  This information can be considered to be a vulnerability since it could be used to obtain specific server information/versions and use that version as a reference to look up exploits against PHP, the server, etc.

You can use these by visiting your site, or another site, and using them in the URI:

http://www.example.com/?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

PHP Credits (phpinfo):
PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000

PHP Logo:
PHPE9568F34-D428-11d2-A769-00AA001ACF42

Zend Logo:
PHPE9568F35-D428-11d2-A769-00AA001ACF42

Easter Egg (animals and a guy):
PHPE9568F36-D428-11d2-A769-00AA001ACF42

Add a Login/Logout Menu Item to WordPress Navigation Menu

This will add a Login or Logout (depending on state) to your WordPress navigation menu. I have one on mine now; makes it easy to quickly log in/out to test things.

Put the following in your child theme’s custom functions PHP file.

add_filter( 'wp_nav_menu_items', 'add_loginout_link', 10, 2 );
function add_loginout_link( $items, $args ) {
     if (is_user_logged_in()) {
$items .= '<li><a href="'. wp_logout_url() .'">Log Out</a></li>';
}
elseif (!is_user_logged_in()) {
$items .= '<li><a href="'. site_url('wp-login.php') .'">Log In</a></li>';
}
return $items;
} 

LEMP + Cacti 0.8.7i

This is my setup of LEMP with Cacti 0.8.7i.

LEMP stands for Linux nginx (prounounced Engine x) MySQL and PHP.  Most notably, LEMP is just replacing Apache (LAMP) with nginx.

My base linux distribution is Debian 6 AMD64.

Software Required:

Debian 6 AMD64 (6.0.3) Business Card:  http://cdimage.debian.org/debian-cd/6.0.3/amd64/iso-cd/debian-6.0.3-amd64-businesscard.iso
PHP 5.3
Nginx 1.0.11
MySQL 5

I boot my system from the ISO and go through the basic install.  On the software installation screen, I chose only SSH Server and Standard System Utilities as noted in the screenshot below.

width=800

Software

After install finishes up and a fresh reboot, I log in as root and add the following to my apt repository at the bottom:

# vim.tiny/etc/apt/sources.list

deb http://nginx.org/packages/debian/ squeeze nginx
deb-src http://nginx.org/packages/debian/ squeeze nginx

Add the key for nginx.org:

root@cacti-087i:~# wget http://nginx.org/packages/keys/nginx_signing.key
--2012-01-16 11:45:38--  http://nginx.org/packages/keys/nginx_signing.key
Resolving nginx.org... 206.251.255.63
Connecting to nginx.org|206.251.255.63|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1561 (1.5K) [text/plain]
Saving to: nginx_signing.key

100%[======================================>] 1,561       --.-K/s   in 0s

2012-01-16 11:45:38 (156 MB/s) - nginx_signing.key

root@cacti-087i:~# cat nginx_signing.key | apt-key add -
OK

Then run apt-get update

Now we’ll be downloading the latest version 1.0.11-1. You can verify this went as expected with apt-cache show nginx and look at the package’s version.

Install nginx

apt-get install nginx

Verify it is installed and running by visiting http://127.0.0.1/ or whatever the IP address of your server is configured as. You should see a “Welcome to nginx!” page displayed.

Install MySQL Server

root@cacti-087i:/var/www# apt-get install mysql-server
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  libdbd-mysql-perl libdbi-perl libhtml-template-perl libnet-daemon-perl
  libplrpc-perl mysql-client-5.1 mysql-server-5.1 mysql-server-core-5.1
Suggested packages:
  libipc-sharedcache-perl libterm-readkey-perl tinyca
The following NEW packages will be installed:
  libdbd-mysql-perl libdbi-perl libhtml-template-perl libnet-daemon-perl
  libplrpc-perl mysql-client-5.1 mysql-server mysql-server-5.1
  mysql-server-core-5.1
0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded.
Need to get 22.0 MB of archives.
After this operation, 56.3 MB of additional disk space will be used.
Do you want to continue [Y/n]?

Note:  You will need to provide a root password for MySQL during installation.

Install PHP CGI

The version I’m installing as of this writing is from the stable repository for Squeeze (Version: 5.3.3-7+squeeze3).

root@cacti-087i:~# apt-get install php5-cgi
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  libonig2 libqdbm14 php5-common php5-suhosin
Suggested packages:
  php-pear
The following NEW packages will be installed:
  libonig2 libqdbm14 php5-cgi php5-common php5-suhosin
0 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
Need to get 6,827 kB of archives.
After this operation, 17.7 MB of additional disk space will be used.
Do you want to continue [Y/n]?

Install PHP5 MySQL module

root@cacti-087i:/var/www# apt-get install php5-mysql
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  libmysqlclient16 mysql-common
The following NEW packages will be installed:
  libmysqlclient16 mysql-common php5-mysql
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 2,132 kB of archives.
After this operation, 5,050 kB of additional disk space will be used.
Do you want to continue [Y/n]? y

Now I need to setup spawn fast cgi since this will be the PHP backend for nginx.

Install spawn-fcgi

root@cacti-087i:~# apt-get install spawn-fcgi

Install Daemontools service manager

I will use daemontools as my service manager for fastcgi process.

root@cacti-087i:~# aptitude install daemontools daemontools-run

Now to configure the service…

root@cacti-087i:~# mkdir -p /etc/sv/spawn-fcgi
root@cacti-087i:~# cd /etc/sv/spawn-fcgi

Create a file called ‘run’ in this directory. Use your favorite editor, like VIM!?

root@cacti-087i:/etc/sv/spawn-fcgi# vim.tiny run

Use the following content (tweaked to your environment) in the run file.

root@cacti-087i:/etc/sv/spawn-fcgi# cat run
#!/bin/sh
exec /usr/bin/spawn-fcgi -n -a 127.0.0.1 -p 9000 -u www-data -g www-data -C 5 /usr/bin/php5-cgi

Give the file executable permissions and add it to the services.

root@cacti-087i:/etc/sv/spawn-fcgi# chmod +x run

root@cacti-087i:/etc/sv/spawn-fcgi# update-service –add /etc/sv/spawn-fcgi spawn-fcgi
Service spawn-fcgi added.

Check to see if it is now running…

root@cacti-087i:/etc/sv/spawn-fcgi# ps -edf | grep cgi
root      1943  1931  0 11:59 ?        00:00:00 supervise spawn-fcgi
www-data  1944  1943  0 11:59 ?        00:00:00 /usr/bin/php5-cgi
www-data  1945  1944  0 11:59 ?        00:00:00 /usr/bin/php5-cgi
www-data  1946  1944  0 11:59 ?        00:00:00 /usr/bin/php5-cgi
www-data  1947  1944  0 11:59 ?        00:00:00 /usr/bin/php5-cgi
www-data  1948  1944  0 11:59 ?        00:00:00 /usr/bin/php5-cgi
www-data  1949  1944  0 11:59 ?        00:00:00 /usr/bin/php5-cgi

Sweet, looks good so far!

Configure Nginx

Modify nginx’s default configuration file in /etc/ngxin/conf.d/default.conf

Change the following to reflect where your web content will be stored. I use /var/www and had to make the directory first.

root@cacti-087i:~#  mkdir /var/www

Modify /etc/nginx/conf.d/default.conf:

server {
    listen       80;
    server_name  localhost;
    root /var/www;
    include /etc/nginx/fastcgi_php;

    location / {
        index  index.php;
        if (!-e $request_filename) {
                rewrite ^(.*)$ /index.php last;
        }
    }
}

Create /etc/nginx/fastcgi_php file now with the following:

location ~ .php$ {
    include /etc/nginx/fastcgi_params;

    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    if (-f $request_filename) {
        fastcgi_pass 127.0.0.1:9000;
    }
}

Once these files are saved, restart nginx.

root@cacti-0871i:~# /etc/init.d/nginx/restart

I created a test file in /var/www/ named index.php:

root@cacti-0871i:~# echo <?php phpinfo(); ?> >/var/www/index.php

Test Nginx + PHP

Then I browsed to the site http://127.0.0.1/phptest.php.

Install rrdtool

apt-get install rrdtool

Install PHP5 needed modules

root@cacti-087i:~# apt-get install php5-snmp php5-ldap php5-xmlrpc
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  fancontrol libperl5.10 libsensors4 libsnmp-base libsnmp15 lm-sensors
Suggested packages:
  snmp-mibs-downloader sensord read-edid i2c-tools
The following NEW packages will be installed:
  fancontrol libperl5.10 libsensors4 libsnmp-base libsnmp15 lm-sensors
  php5-ldap php5-snmp php5-xmlrpc
0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded.
Need to get 3,612 kB of archives.
After this operation, 7,008 kB of additional disk space will be used.
Do you want to continue [Y/n]?

Install Cacti Pre-requisites

PHP5-CLI

apt-get install php5-cli

SNMP tools

apt-get install snmp

Install Cacti 0.8.7i

I’m going to download 0.8.7i with PIA (plugin architecture):  http://www.cacti.net/downloads/cacti-0.8.7i-PIA-3.1.tar.gz

wget http://www.cacti.net/downloads/cacti-0.8.7i-PIA-3.1.tar.gz
tar zxvf cacti-0.8.7i-PIA-3.1.tar.gz
cd cacti-0.8.7i-PIA-3.1/

Follow install instructions per Cacti: http://docs.cacti.net/manual:087:1_installation.1_install_unix.5_install_and_configure_cacti

After following the instructions you should be able to get to the Cacti logon screen now.

This is for my own documentation notes.

nginx error – 413 Request Entity Too Large

I was getting an error when trying to upload and attach images larger than 2MB via WordPress.

I discovered that nginx has a configuration setting called client_max_body_size that is default set to 1M.

To change this, I altered my nginx vhost configuration and added the following line:

server {
    server_name techish.net www.techish.net;
    root /var/www/techish.net;
    include /etc/nginx/fastcgi_php;
    client_max_body_size 5M;
    location / {
        index index.php;
        if (!-e $request_filename) {
            rewrite ^(.*)$  /index.php last;
        }
    }
}

This should suffice for most of my image uploading needs.  However, if you have large uploads you perform to your server through nginx, you may need to increase that!

Reload nginx

/etc/init.d/nginx reload

Here’s nginx configuration’s HttpCoreModule documentation on this configuration value:

client_max_body_size

syntax: client_max_body_size size
default: client_max_body_size 1m
context: http, server, location

Directive assigns the maximum accepted body size of client request, indicated by the line Content-Length in the header of request.

If size is greater the given one, then the client gets the error “Request Entity Too Large” (413).

It is necessary to keep in mind that the browsers do not know how to correctly show this error.

Note: You’ll need to match your PHP value also.

/etc/php5/cgi/php.ini

upload_max_filesize = 5M

Restart php-cgi

/etc/init.d/php-cgi restart

 

Gallery3 + Nginx

I have Gallery3 working with Nginx. Here’s my setup and some configuration for http://gallery.techish.net/   I no longer am using Gallery3 or nginx.  (7/21/2012)

  • Nginx 1.0.11
  • PHP 5.3.3-7
  • PHP5 GD Graphics Library
  • Gallery 3.0.2

Nginx virtual host configuration:

server {
    server_name gallery.techish.net;
    root /var/www/gallery.techish.net;
    include /etc/nginx/fastcgi_php;

    location / {
    fastcgi_index  index.php;
    fastcgi_split_path_info ^(.+.php)(.*)$;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    fastcgi_param  PATH_INFO        $fastcgi_path_info;
    include fastcgi_params;

        index index.php;
        if (-f $request_filename) {
                expires max;
                break;
        }
        if (!-e $request_filename) {
                rewrite ^/(.+)$ /index.php?kohana_uri=$1 last;
        }
    }
}

I also had to modify Gallery3’s configuration (/application/config/config.php):

$config["index_page"] = "";

Much of the tips came from:  http://codex.gallery2.org/Gallery3:Using_NGINX