Category Archives: Server

Sửa lỗi facebook api: Problem with the SSL CA cert (path? access rights?)

Download file pem
curl.haxx.se/ca/cacert.pem
Và đặt ở đâu đó trên server.
Sửa file php.ini đoạn:
curl.cainfo = PATH_TO_PEM/cacert.pem;
Run:
service httpd restart

Connect với firebase

Để chạy được firebase ta cần tạo 1 acc trên firebase website. Sau khi tạo xong, thì My First App là project của chúng ta, ta sẽ test dựa trên project này. Mỗi app có 1 unique host-name riêng, ta chỉ việc dùng nó và gán vào url project chúng ta.

<!DOCTYPE html>
<html>
<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <title>Firebase Chat Application</title>
    <link rel="stylesheet" href="http://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css">
	<style>
        .container {
            max-width: 700px;
        }
        #comments-container {
            border: 1px solid #d0d0d0;
            height: 400px;
            overflow-y: scroll;
        }
        .comment-container {
            padding: 10px;
            margin:6px;
            background: #f5f5f5;
            font-size: 13px;
            -moz-border-radius: 5px;
            -webkit-border-radius: 5px;
            border-radius: 5px;
        }
        .comment-container .label {
            margin-right: 20px;
        }
        .comment-container:last-of-type {
            border-bottom: none;
        }
    </style>
</head>
<body>
    <div class="container">
		<h1>Firebase Chat Application</h1>
		<div class="panel panel-default">
			<div class="panel-body">
				<div id="comments-container"></div>
			</div>
			<div class="panel-footer">
				<form role="form">
					<div class="form-group">
						<label for="comments">Please enter your comments here</label>
						<input class="form-control" id="comments" name="comments">
					</div>
					<button type="submit" id="submit-btn" name="submit-btn" class="btn btn-primary">Send Comments</button>
					<button type="reset" class="btn btn-default">Clear Comments</button>
				</form>
	 
			</div>
		</div>
	</div>
    <script src="https://cdn.firebase.com/js/client/1.0.6/firebase.js"></script>
    <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
    <script src="http://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js"></script>
	<script>
	var fireBaseRef = new Firebase("https://blinding-fire-###.firebaseio.com/"); /* firebase url */
	$("#submit-btn").bind("click", function(event) {
		event.preventDefault();
		event.stopPropagation();
		var comment = $("#comments"),
			commentValue = $.trim(comment.val());
		if (commentValue.length === 0) {
			alert('Comments are required to continue!');
		} else {
			fireBaseRef.push({comment: commentValue}, function(error) {
				if (error !== null) {
					alert('Unable to push comments to Firebase!');
				}
			});
			comment.val("");
		}
	});
	fireBaseRef.on('child_added', function(snapshot) {
		var uniqName = snapshot.name();
		var comment = snapshot.val().comment;
		var commentsContainer = $('#comments-container');
		$('<div/>', {class: 'comment-container'})
			.html('<span class="label label-info">Comment ' + uniqName + '</span>' + comment)
			.appendTo(commentsContainer);
		commentsContainer.scrollTop(commentsContainer.prop('scrollHeight'));
	});
	</script>
</body>
</html>

Từ: code.tutsplus.com

Install Config Server Firewall (CSF)

Introduction

Config Server Firewall (or CSF) is a free and advanced firewall for most Linux distributions and Linux based VPS. In addition to the basic functionality of a firewall – filtering packets – CSF includes other security features, such as login/intrusion/flood detections. CSF includes UI integration for cPanel, DirectAdmin and Webmin, but this tutorial only covers the command line usage. CSF is able to recognize many attacks, such as port scans, SYN floods, and login brute force attacks on many services. It is configured to temporarily block clients who are detected to be attacking the cloud server.

The full list of supported operating systems and features can be found on ConfigServer’s website.

This tutorial is written for Debian based VPS, such as Debian and Ubuntu. The commands should be executed with root permissions, by logging in as root, or initiating a root shell with the following command if sudo is installed:

sudo su

Continue reading Install Config Server Firewall (CSF)

Nginx Redirect Mobile to Mobile Version Of the Web Site

Nginx configurations:

set $mobile_rewrite do_not_perform;
## chi http_user_agent for mobile / smart phones ##
if ($http_user_agent ~* "(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|iris|kindle|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino") {
  set $mobile_rewrite perform;
}
if ($http_user_agent ~* "^(1207|6310|6590|3gso|4thp|50[1-6]i|770s|802s|a wa|abac|ac(er|oo|s\-)|ai(ko|rn)|al(av|ca|co)|amoi|an(ex|ny|yw)|aptu|ar(ch|go)|as(te|us)|attw|au(di|\-m|r |s )|avan|be(ck|ll|nq)|bi(lb|rd)|bl(ac|az)|br(e|v)w|bumb|bw\-(n|u)|c55\/|capi|ccwa|cdm\-|cell|chtm|cldc|cmd\-|co(mp|nd)|craw|da(it|ll|ng)|dbte|dc\-s|devi|dica|dmob|do(c|p)o|ds(12|\-d)|el(49|ai)|em(l2|ul)|er(ic|k0)|esl8|ez([4-7]0|os|wa|ze)|fetc|fly(\-|_)|g1 u|g560|gene|gf\-5|g\-mo|go(\.w|od)|gr(ad|un)|haie|hcit|hd\-(m|p|t)|hei\-|hi(pt|ta)|hp( i|ip)|hs\-c|ht(c(\-| |_|a|g|p|s|t)|tp)|hu(aw|tc)|i\-(20|go|ma)|i230|iac( |\-|\/)|ibro|idea|ig01|ikom|im1k|inno|ipaq|iris|ja(t|v)a|jbro|jemu|jigs|kddi|keji|kgt( |\/)|klon|kpt |kwc\-|kyo(c|k)|le(no|xi)|lg( g|\/(k|l|u)|50|54|\-[a-w])|libw|lynx|m1\-w|m3ga|m50\/|ma(te|ui|xo)|mc(01|21|ca)|m\-cr|me(rc|ri)|mi(o8|oa|ts)|mmef|mo(01|02|bi|de|do|t(\-| |o|v)|zz)|mt(50|p1|v )|mwbp|mywa|n10[0-2]|n20[2-3]|n30(0|2)|n50(0|2|5)|n7(0(0|1)|10)|ne((c|m)\-|on|tf|wf|wg|wt)|nok(6|i)|nzph|o2im|op(ti|wv)|oran|owg1|p800|pan(a|d|t)|pdxg|pg(13|\-([1-8]|c))|phil|pire|pl(ay|uc)|pn\-2|po(ck|rt|se)|prox|psio|pt\-g|qa\-a|qc(07|12|21|32|60|\-[2-7]|i\-)|qtek|r380|r600|raks|rim9|ro(ve|zo)|s55\/|sa(ge|ma|mm|ms|ny|va)|sc(01|h\-|oo|p\-)|sdk\/|se(c(\-|0|1)|47|mc|nd|ri)|sgh\-|shar|sie(\-|m)|sk\-0|sl(45|id)|sm(al|ar|b3|it|t5)|so(ft|ny)|sp(01|h\-|v\-|v )|sy(01|mb)|t2(18|50)|t6(00|10|18)|ta(gt|lk)|tcl\-|tdg\-|tel(i|m)|tim\-|t\-mo|to(pl|sh)|ts(70|m\-|m3|m5)|tx\-9|up(\.b|g1|si)|utst|v400|v750|veri|vi(rg|te)|vk(40|5[0-3]|\-v)|vm40|voda|vulc|vx(52|53|60|61|70|80|81|83|85|98)|w3c(\-| )|webc|whit|wi(g |nc|nw)|wmlb|wonu|x700|yas\-|your|zeto|zte\-)") {
  set $mobile_rewrite perform;
}
## redirect to m.example.com ##
if ($mobile_rewrite = perform) {
  rewrite ^ http://m.example.com$request_uri? redirect;
  break;
}

Continue reading Nginx Redirect Mobile to Mobile Version Of the Web Site

Sửa lỗi VMware Workstation 9 cứ cấp IP động là 192.168.255.xxx

Vào 1 ngày đẹp trời nào đó, ta không thể connect được vmware từ client(ssh, ping) vì vmware của ta cấp phát IP động theo dòng 192.168.255.xxx. Mà theo kiến thức ta được học thì không connect được với subnet 255, vậy vấn đề có thể là IP đẹp đã bị chiếm hết, để giải quyết vấn đề trên, ta làm như sau: Continue reading Sửa lỗi VMware Workstation 9 cứ cấp IP động là 192.168.255.xxx

Quản lý Build Tasks với Gulp.js

Dùng cái này để minify tự động các images, js, css thì rất hợp, đây là config của mình:
Requirement: Node Js
Continue reading Quản lý Build Tasks với Gulp.js

Understanding and using htop to monitor system resources

Every so often there will be something that slows a system down. There are a few tools that can help to identify which process is the cause of this slow down. One such tool is htop. Htop is an interactive and real time process monitoring application for Linux which will show you your usage per cpu/core, as well as a meaningful text graph of your memory and swap usage.

Let start by installing htop. To install htop for Ubuntu execute the following command in a terminal

sudo apt-get install htop
Continue reading Understanding and using htop to monitor system resources

Code check is website has too many connection from IP

/**
 * this cronjob is checking the ip which is ddos our website
 * return a list of ip has more than 10 connection: "27 125.253.121.52"
 * except 127.0.0.1, 0.0.0.0 and 125.253.121.52 (database)
 */
/* start configs */
$exceptIp = array('127.0.0.1', '0.0.0.0');
$maxConnection = 100;
$emailTracker = 'abc@mail.com';
/* end configs */
$output = explode("\n", shell_exec("netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n"));
$blockIpFile = 'data/blockIP-' . date('Y-m-d-H-i-s') . '.txt';
$result = array();
if (empty($output) === FALSE) {
    foreach ($output as $k => $v) {
        $tmp = explode(' ', trim($v));
        if ($tmp[0] > $maxConnection && in_array($tmp[1], $exceptIp) === FALSE) {
            $result[] = trim($v);
        }
    }
}
if (empty($result) === FALSE) {
    file_put_contents($blockIpFile, implode("\n", $result));
    /**
     * send email to $emailTracker
     */
    ...
}

Config VirutalHost cho Apache

NameVirtualHost *:8080
# allow access localhost
<VirtualHost *:8080>
    DocumentRoot "E:/User Data/htdocs"
    ServerName localhost
    <Directory "E:/User Data/htdocs">
        Options Indexes FollowSymLinks Includes ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>
# allow access cali.com
<VirtualHost *:8080>
    DocumentRoot "E:/User Data/htdocs"
    ServerName cali.com
    <Directory "E:/User Data/htdocs">
        Options Indexes FollowSymLinks Includes ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>
# allow access cfyc.cali.com
<VirtualHost *:8080>
    DocumentRoot "E:/User Data/htdocs/cfyc"
    ServerName  cfyc.cali.com
    <Directory "E:/User Data/htdocs/cfyc">
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Continue reading Config VirutalHost cho Apache

Install Apc cache on Window & CentOs

A] On window:
1) Download apc: http://downloads.php.net/pierre/ (Down về lấy bảng ns)
2) Chép vào thư mục ext: /xampp/php/ext/php_apc.dll
3) Bật php ini:

[APC]
extension = php_apc.dll
apc.enabled = 1
apc.stat = 1
apc.shm_segments = 1
apc.shm_size = 128M
apc.max_file_size = 10M

4) Coi phpinfo xem có work chưa.
5) Check apc cache có hoạt động chưa bằng cách download file apc.php (tại http://pecl.php.net/package/APC) vào root vào xem http://localhost/apc.php
Nếu số lượng Hits (dùng cache) > Số lượng Misses thì cache đã được chạy ổn.
jan201052
6) Hủy cache thì chạy: apc_clear_cache();
7) Function check cache:

function is_file_cached($file) {
    $info = apc_cache_info();
    foreach ($info['cache_list'] as $cache) {
        if ($cache['filename'] == $file) return true;
    }
    return false;
}

Continue reading Install Apc cache on Window & CentOs