If you are running php-cgi, there is a major vulnerability that will allow attackers to view and run PHP source code on your site.

Resources on the vulnerability:
http://blog.spiderlabs.com/2012/05/honeypot-alert-active-exploit-attempts-for-php-cgi-vuln.html
http://blog.sucuri.net/2012/05/php-cgi-vulnerability-exploited-in-the-wild.html
http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ 

• Many nginx setups use php-cgi, so it is critical to patch PHP to the latest version or apply the recommended fixes through Apache Rewrite.
• Mod_php and php-fpm systems are not vulnerable to this attack. Most Apache web server setups use the mod_php method for PHP.

Qualsys SSL Labs is a free resource to test your SSL web server configuration. It’ll test for vulnerabilities, certificate validity, supported standards, and more.
https://www.ssllabs.com/ssltest/index.html

The fileserver in Puppet is useful for quickly centralizing configuration files for multiple servers. It works well for serving small text configuration files to clients, but not recommended for large files since it places them into memory before sending them out. For larger files, I recommend using git or rsync instead since it doesn’t affect the performance of the puppetmaster server.

After installing it on Scientific Linux 6.1, I had to go through some extra steps because of the SELINUX restrictions. Here’s the steps I went through to get the Puppet fileserver working.

Free Local Install

• gitlabhq.com - this project looks really good, with new releases every month.
• gitorious - solid, free alternative to GitHub.

Free Hosted

• gitorious.org -  open source projects are free, like github.
• bitbucket - unlimited free private repositories for up to 5 users. The pricing model is similar to the other Atlassian products.

Special thanks to Aaron …

I recently had to remove the gnome GUI from a server running Scientific Linux (6.2) and had to go through a few steps to make it boot up properly.

1. To remove Gnome from Scientific Linux, run the following command (while running outside of the GUI). This will remove all related applications related to the Gnome including Mozilla/etc.
   yum groupremove "GNOME Desktop Environment"
2. Next, you will need to make sure your runlevel is set to 3. Otherwise, you won’t be able to boot up into text mode. The run level in RedHat/CentOS/Fedora/Scientific Linux is set to 5 for Gnome/KDE. You’ll need to change the …
   → Read More...

GotAPI has one of the best list of web API resources. It has a searchable list of HTML, JavaScript DOM objects, and CSS tags. Its a good quick reference for tags and objects. There is also a list of web technologies including web frameworks, databases, and testing tools.
http://www.gotapi.com/html 

As a Content Management System developer, having a good tree plugin is key to organizing files in directories. With a small number of folders, any jQuery tree plugin will suffice. But, I’ve encountered some limitations with 1000+ folders and Internet Explorer compatibility.

Dynatree is my current favorite jQuery plugin. The code is maintained with very good browser compatibility (IE 8 works without any problems), excellent documentation, and lots of features. Supports checkboxes, drag and drop, persistence, and HTML/JSON/or Javascript data loads. If you have a large number of folders, it is best to use JSON as the data object since you can use AJAX to dynamically load the lists. Even without the “lazy load” option, the script runs fast with a single load of the JSON data.

Amazon offers new AWS users one year of free usage to their cloud platform.

This includes:

• 750 hours of Amazon Elastic Compute Cloud (Amazon EC2) Linux Micro Instances;
• 750 hours of Amazon Elastic Compute Cloud (Amazon EC2) Microsoft Windows Server Micro Instances;
• 750 hours of Elastic Load Balancing and 15 Gigabytes (GB) of data processing using Elastic Load Balancing;
• 30 GB of storage in Amazon Elastic Block Storage plus 2 million input/output requests and 1 GB snapshot storage;
• 5 GB of storage in Amazon Simple Storage Solution (Amazon S3) plus 20,000 “get” requests and 2,000 “put” …
  → Read More...

If you are setting up SSH public key authentication in a new Fedora/CentOS install, you must make sure the SELINX configuration is setup correctly for the /root/.ssh folder on the server.

The ~.ssh/ folder is not created on a new install. If you manually create the folder, set the SELINUX permissions with this command:

restorecon -R -v /root/.ssh

Another tip: If you are using the PuTTY Key generator to generate the public key, make sure you copy and paste the text into a single line in the /root/.ssh/authorized_keys file. Each line of the authorized_keys file should have the following: ssh-rsa (key contents) imported-openssh-key

If you encounter the following error while installing vmware-tools in Fedora:

Searching for a valid kernel header path…

The path “” is not valid.

You will need the following packages installed:

gcc make kernel-headers kernel-devel

The trick is that you will need to perform at least two reboots before the vmware installer will actually find the kernel header package. You can verify the kernel install using “rpm -qa kernel*”

1. yum install gcc make kernel-headers kernel-devel
2. yum update
3. Reboot (shutdown -r now)
4. Run vmware-install.pl (Ex. /tmp/vmware-tools-distrib)
5. It will probably not find the kernel header path this time around. Cancel the installer if its unable to find it again.
6. Reboot (shutdown -r now)
7. Run …
   → Read More...