Web host is adding ?PHPSESSID to the end of all URLs

Today I a customer of mine came to me with a problem with web site that he have just moved from one host to another. And on that new host all his links on his site suddenly had ?PHPSESSID=k234j2knk… in the end. Since that is totally unusable since that site doesn’t even uses sessions and could affect his search engine rankings, he wanted it out of the way. The new host he moved that site to was shared and it doesn’t allow editing of php.ini any way so I had to make some other solution.

After failing with adding one of those on top of php files, as suggested on most pages that I found on Google:

// stop PHP from automatically embedding PHPSESSID on local URLs
ini_set('session.use_trans_sid', false);

// only use cookies (no url based sessions)
ini_set('session.use_only_cookies', true);

I suggested him to just switch hosts again, but he said he already paid up front for the whole year… and that it’s not an option… and that he wants that off his site… So, I’ve Googled some more and finally found a simple solution (that doesn’t require editing of 100’s of files in his case because of poorly programmed site). All I had to do is just put one line of code in .htaccess file and BOOM! All those nasty ?PHPSESSID were gone!

php_flag session.use_trans_sid off

How to setup and use iptables

What’s iptables?

Iptables is the current Linux firewall and routing service. It controls incoming and outgoing network.

 

How to stop/start/restart iptables?

Basically just like any other Linux service:

service iptables start 
service iptables stop 
service iptables restart

 

How to check if iptables is currently running?

Simply call service status

service iptables status

and check the result:

Firewall is stopped.

If the status message is “Firewall is stopped.” that means that iptables are not running and you should start it with sertvice iptables start. If you get some tables with bunch of geek stuff that means that iptables are running.

 

How to automatically start iptables service on Linux boot?

To enable iptables starting on boot run

chkconfig iptables on

or run code below to disable it

chkconfig iptables off

Continue Reading

Tags: service iptables status

Security by obscurity

This simple guide will help you secure your server in indirect way by hiding software versions from possible attackers. This can help you prevent many automated attacks and attacks based on software version number. If a hacker want’s to probe your system for hole he’ll start from collecting all version numbers from your running services. This guide will teach you setup common services not to give away their version numbers. This is called Security by obscurity and it’s not something to rely on but it can lower chances of getting your system hacked.

Apache (Web Server)

Let’s start with Apache first. It’s config file should at path

/etc/httpd/conf/httpd.conf

Open that with an editor of choice. For beginners I always suggest Midnight Commander but if you’re more experienced you can use antother editor like pico or vi. Anyway, in MC open file for editing by pressing F4 while the file is selected.

Locate those two lines and set it as follows. If you cant find them – add them.

ServerSignature Off
ServerTokens Prod

Server Signature will remove the identification of Apache version from error pages, and ServerTokens will identify Apache as “apache” without version number or OS information. Save the file and restart the Apache.

service httpd restart

Continue Reading

How to fix Midnight Commander line drawing in PuTTY

Midnight Commander is an awesome little file management tool. Learn how to install Midnight Commander. Folks that remember Norton Commander from MS DOS times know what I’m talking about.

Often problem with using Midnight Commander in PuTTY is that often it’s lines are messed up and look like this:

Midnight Commander in PuTTY with lines now rendered correctly.

This happens when because of charsets mismatch that uses PuTTY uses and MC. To fix this you’ll need to fix the charset in PuTTY. This guide however works only on sessions saved in PuTTY!

Here’s how to do it:

Continue Reading

Tags: How to fix Midnight Commander line drawing, midnight commander a carachter

How to install Midnight Commander?

Whats Midnight Commander?

Midnight Commander is Shell application (visual file manager) for SSH like Norton Commander, that older geeks may remember from the time of DOS, or like Total Commander, the most advanced Shell application today.

 

Why do I need Midnight Commander?

Midnight Commander will help you move more easily trough server files/folders, edit config files, copy/move/delete files/folders/whole directory trees, pack and unpack archives, search for files, run commands in shell… You can also use MC to connect to other server’s FTP and copy files from/to other servers. (can be useful when migrating from one server to another)

 

How to install Midnight Commander?

The easiest way is using yum or apt-get package menages: all you need to do is execute one command and it will install Midnight Commander and all it’s dependencies

Continue Reading

Tags: yum install mc, install midnight commander, install mc, how to install midnight commander, midnight commander install, midnight commander linux, midnight commander fedora, yum install midnight commander, linux install mc, yum midnight commander, wget mc, how to install mc, wget midnight commander, midnight commander linux install, linux mc install, install midnight commander linux, mc install, midnight commander installieren, linux midnight commander, fedora install mc, how to install midnight commander linux, install mc linux, install mc on linux, fedora midnight commander, midnight commander, yum mc, midnight commander wget, fedora mc install, linux install midnight commander, linux midnight commander install, fedora isntall mc, fedora install midnight commander, redhat install mc, midnight commander installieren linux, midnight commander linux installieren