Archive for March, 2011

Enabling and disabling the Administrator account in Windows 7

Windows 7, like Windows XP and Vista, has a built-in administrator account. This can be used for system recovery, resolving permissions issues, and logging in when a user’s profile is corrupt, among other things.

However, in Windows 7 the administrator account is disabled by default. This is actually a good thing, as XP had it enabled by default with no password — not very secure.

So how do you enable the administrator account?

Via command line:

At an administrator-level command prompt, enter the following command:

net user administrator /active:yes

This enables the administrator account. To disable it, simply do:

net user administrator /active:no

You can also set the administrator password by typing:

net user administrator __password__

substituting your desired password for __password__.

That’s it.

Comments are welcome, as always.

Leave a comment

Opening an Administrator-level command prompt in Windows Vista and 7

In order to open an Administrator-level command prompt in Vista and 7, do the following:

Click Start

In the Search Programs and Files box, type cmd

While holding ctrl and shift, press enter.

Windows UAC prompt may appear, depending on your settings. Click yes.

Comments are welcome, as always.

Leave a comment

How to get your Facebook follower count in PHP

If you’re looking for a way to fetch and display your Facebook follower count in PHP, here is your code. In the below, substitute __ID__ for your numeric ID for your app or page, and __TOKEN__ for your access token.

Please consult the Facebook Graph API documentation for more information.

This method uses file_get_contents() rather than the preferrable cURL() call. Also, don’t forget to cache your queries, or you may experience API throttling. See the Rest & Graph API Best Practices for reference on this.

Here is the code:

function GetFacebookFollowerCount(){
  $json = file_get_contents('https://graph.facebook.com/__ID__/insights/page_fans/lifetime?access_token=__TOKEN__');
  $obj = json_decode($json);
  $new_facebook_followers= $obj->data[0]->values[0]->value;
  return $new_facebook_followers;
}

Comments and feedback are welcome.

, ,

Leave a comment

Transferring fonts from one Windows PC to another

If you have collected up some fonts on one Windows PC and want to transfer them to another one, it’s actually very simple.

First, open the Fonts folder.

Go to Start > Control Panel

If you’re in category view, switch to classic or icons view, depending on your Windows version.

Double-click on Fonts

Now that you have the Fonts folder open, you can drag-and-drop to install new fonts or copy fonts out.

That’s it! You may have to reboot for any newly installed fonts to show up in your applications, such as Office.

Leave a comment

Problems installing PECL libraries when you have noexec /tmp and /var/tmp

At first I had all sorts of issues installing software on my VPS until I realized that my /tmp and /var/tmp were both mounted noexec. It’s a great security precaution, but if you’re not aware of it, it can cause all sorts of headaches, especially when trying to install using pecl. This is usually the case when your VPS is a Parallels Virtuozzo container. /tmp and /var/tmp are set noexec by Virtuozzo and even if you do mount they will not show that way.

Here’s a few of the example output errors indicating that you have a silently-mounted noexec /tmp or /var/tmp

#pecl install zip
.
.
.
checking whether the C compiler works… configure: error: cannot run C compiled programs.
If you meant to cross compile, use `–host’.
See `config.log’ for more details.
ERROR: `/tmp/tmpqZc37R/zip-1.8.0/configure’ failed

Another:

#pecl install zip
.
.
.
/usr/local/bin/phpize: /tmp/tmpnkcW3i/zip-1.8.0/build/shtool: /bin/sh: bad interpreter: Permission denied
Cannot find autoconf. Please check your autoconf installation and the $PHP_AUTOCONF
environment variable is set correctly and then rerun this script.

ERROR: `phpize’ failed

Here’s the solution: Rebinding mount points. As root, execute the following commands.

cd ~
mkdir tmp
mkdir vartmp
mount --bind ~/tmp /tmp
mount --bind ~/vartmp /var/tmp

This binds /tmp to /root/tmp and /var/tmp to /root/vartmp. This overcomes the noexec permission issues. Now you can run your pecl install. When you’re done, make sure you unmount your mountpoints.

umount /tmp
umount /var/tmp

All done.

Questions, comments, and feedback on this are welcome and appreciated!

Leave a comment

WordPress, suPHP, and Ubuntu Server 10.04

If you have WordPress running under an unprivileged user account, you may have noticed that when trying to install or delete a plugin that it prompts you for FTP information. This is due to a rather unintuitive way that WordPress checks for file access:

The following code is from the get_filesystem_method() method in the wp-admin/includes/file.php file:

if( function_exists('getmyuid') && function_exists('fileowner') ){
    $temp_file = wp_tempnam();
    if ( getmyuid() == fileowner($temp_file) )
        $method = 'direct';
    unlink($temp_file);
}

This code creates a temporary file and confirms that the file just created is owned by the same user that owns the script currently being run. In the case of installing plugins, the script being run is wp-admin/plugin-install.php.

This may seem a little counter-intuitive, since the only thing WordPress really needs to be able to do is write to the wp-content/plugins directory.

If you’re on your own server (i.e. your own box or a VPS) and not worried about security implications, you can simply make the files owned by your web server process (usually www-data or nobody). This will have WordPress’ check succeed and no longer ask for your information.

If you’re on your own server and running a shared hosting environment, or just care about the security implications, you should install suPHP.

What are the security implications? If all web files are owned by the web server process, it’s extremely easy for someone to introduce malicious php code which can affect other sites on the server. Since the web server process has access to all of the web server files across the server, malicious code would have no problem gaining access to other files and directories on the server.

suPHP, configured correctly, causes all php scripts under a defined directory (usually /home) to run as the user account they are owned by. It also enforces other security measures, such as requiring that directories and files do not have write permissions for anyone other than the user.

I could go on and on about what it does, but my biggest struggle has been getting it to work. Installation is easy, but it’s painfully clear it does not work out of the box. After dozens of searches I found varying different ways of making it work, but sometimes drastic and not clean nor easy, few didn’t require recompiling something (which I wasn’t going to do), and none of them seemed to work.

After more than a day of searching and testing, I finally came up with a simple, elegant, working solution. Note that this was written and based on Ubuntu Server 10.04 64-bit, and libapache2-mod-suphp 0.7.1-1 and may or may not work for other platforms.

Install suPHP:

apt-get install suphp-common libapache2-mod-suphp

Edit the sites-enabled/xxxx.conf file for your VirtualHost

Inside your directive, add:

php_admin_flag engine off
AddHandler application/x-httpd-php .php .php3 .php4 .php5 .phtml
suPHP_AddHandler application/x-httpd-php
suPHP_Engine on

Lastly, edit /etc/suphp/suphp.conf and under ;Handler for php-scripts (at the bottom) change:

application/x-httpd-suphp="php:/usr/bin/php-cgi"

to

application/x-httpd-php="php:/usr/bin/php-cgi"

Restart apache and all should be well.

/etc/init.d/apache2 restart

Note: You might get an error message like the following:

Syntax error on line 7 of /etc/apache2/sites-enabled/example.com.conf:
Invalid command 'php_admin_flag', perhaps misspelled or defined by a module not included in the server configuration

In this case, check that you actually have the Apache PHP mod installed and enabled. In can get uninstalled or disabled on occasion when upgrading Apache. Here’s how to reinstall/reenable:

sudo apt-get install libapache2-mod-php5
sudo a2enmod php5

Checking that it’s working

Create a phpinfo.php file with the follow contents:

<?php phpinfo(); ?>

Call it via your browser and check the Server API line near the top: CGI / FastCGI means suphp is working. Anything else means it’s not.

Suphp is slow!

Yes, unfortunately suphp is slow. Suphp runs PHP scripts in CGI mode, which reportedly causes them to run slower. I would argue that the security advantages outweigh the need for fast scripts, but each situation is unique. You have to decide for yourself.

500 Internal Server Error

If you’re getting the 500 Internal Server Error, it means that suphp is probably working, but for some reason it won’t allow the script to run.

Check that you don’t have any PHP opcode caching (APC, etc) running. If you are running any type of PHP opcode cache suphp will never work. You must disable your opcode caching. If you’re using APC, you can disable it system-wide by simply editing /etc/php5/conf.d/apc.ini and commenting the line out with a semicolon as follows:

;extension=apc.so

Another element of importance is file permissions. SuPHP will fail (with a 500 Internal Server Error) any file that has permissions which are not allowed, as defined in /etc/suphp/suphp.conf. For example:

; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false

Any file or directory with the attributes defined as allow=false will fail. Based on the configuration above, any file that is group- or world-writable will automatically fail. Same with directories. It’s best to leave these options alone (instead of changing them), and change the permissions on your scripts instead.

However, it is supposedly possible to disable it on a per-VirtualHost basis. I haven’t tested this.

Also check that your /var/log/suphp/suphp.log file isn’t over 2GB. If it is, rotate it or delete it.

If all else fails, check /var/log/suphp/suphp.log and /var/log/apache2/error.log for hints.

Many thanks to all of the blogs and articles that each held a piece of this puzzle. :)

, , , , , , , , ,

Leave a comment

How to migrate website files using SCP

If you’re a web developer looking for a quick way to move files from one *nix server to another, SCP is your answer.

SCP quickly moves files from one server to another using an SSH tunnel.

Simply log on to your existing host and use the following command as example syntax:

scp -r * login@domain:/target/folder/to/webroot/html/

login: your SSH login at the new host
domain: the hostname of your new host
/target/folder/to/webroot/html: the path to where you want your files stored

You’ll be prompted for your password after you hit enter.
This should transfer all of the files directly to your new host, but will NOT transfer hidden (dot) files.

If you use a dot ( . ) instead of the star ( * ), it will transfer the current directory WITH hidden files:

scp -r . login@domain:/target/folder/to/webroot/html/

Comments are welcome, as always.

, ,

Leave a comment

Increasing the size of a VirtualBox hard drive

If you’re a VM user like I am, one of the most frustrating tasks is that of trying to increase the size of a VBox hard drive.

Google searches come up with a myriad of solutions, some of them unnecessarily complex and unhelpful. Fortunately, there’s a fairly simple process to get it done right and quickly.

Step 1: Increase the size of the hard drive in VirtualBox

Using the VBoxManage program, increase the size of the vdi image using the following command. Modify it slightly based on your OS’s path deliminators. Example:

VBoxManage modifyhd "/home/mike/VirtualBox VMs/Windows XP/Windows XP.vdi" --resize 25000

The parameter of the ‘resize’ argument is the new size in MB. The above will resize to 25GB.

Now the new size will show up in VBox Media Manager, but your OS will only use the previous size (because of disk partitioning).

Step 2: Resize the partitions

This can be the tricky part. Think of your VM as a physical machine. What you’ll want to do is boot the VM from a bootable CD with a tool that can resize partitions. The disk utility on a  Ubuntu Live CD makes a good choice. Once you’re in the tool, resize your VM’s partitions and reboot it.

 

,

Leave a comment