Dev {Tricks}

You are here: Home / Archives for Server and Hosting / Providers

by

Apache Server Status for 127.0.0.1 (via 127.0.0.1) Requests List

Apache Server Status Requests

  • done, streams: 0/1/1/0/0 (open/recv/resp/push/rst)
  • idle, streams: 0/1/1/0/0 (open/recv/resp/push/rst)
  • GET /xmlrpc.php HTTP/1.1
  • GET /robots.txt HTTP/1.1
  • POST /wp-login.php HTTP/1.1
  • HEAD / HTTP/1.1
  • GET / HTTP/1.0
  • GET / HTTP/1.1

by

How to Stop XML-RPC Attack in WordPress

WordPress utilizes XML-RPC to remotely execute functions for example JetPack, WordPress mobile application etc.  But XMLRPC Attack made web server jam. In HTTP access log, we saw a lot of requests like this:

61.135.232.103 - - [11/Sep/2020:10:27:20 -0500] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
91.132.142.57 - - [11/Sep/2020:10:39:03 -0500] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
5.33.187.36 - - [11/Sep/2020:10:43:28 -0500] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

You will also get “Error connecting to database” message when your WordPress site is down.

Solutions

We can secure server from XMLRPC attacks in several ways

  • We can add a HTTP directive to httpd.conf or .htaccess for denying all requests on /xmlrpc.php. 
    <files xmlrpc.php>
  Order allow,deny
  Deny from all
</files>

    If don’t have httpd.conf or .htaccess, we can simply rename the filename.

    • Where is httpd.conf? 
      /etc/httpd/conf/httpd.conf
    • DirectAdmin: File Editor
    • Webmin: Others > File Manager
  • Installing the Jetpack Plugin can block the XML-RPC requests with its “Protect” function.

 

 

 

 

by

How to Install Webmin on CentOS 8

Webmin is a free, open source and web-based Linux/Unix system administration control panel. Webmin is similar to cPanel, DirectAdmin etc and provides an easy way to manage websites. With Webmin we can set up user accounts, manager Apache web server, DNS Server, samba and File configuration, FTP, email servers, local/remote filesystems, package management, manage database servers e.t.c.

First, install Perl and required dependencies.

sudo yum -y install @perl

Add repository content to CentOS 8 system.

sudo tee  /etc/yum.repos.d/webmin.repo<<EOF
[Webmin]
name=Webmin Distribution Neutral
baseurl=https://download.webmin.com/download/yum
enabled=1
EOF

Then import repository GPG key:

sudo rpm --import http://www.webmin.com/jcameron-key.asc

Then install webmin using yum package manager.

sudo dnf install webmin

Type y to accept installation:

Importing GPG key 0x8483C65D: y

To get the package version and other details, use:

rpm -qi webmin

Configure Webmin on CentOS 8

Install Virtualmin

1. Ensure your server is up to date

sudo yum update -y

2. Download the Virtualmin installer script using wget

sudo wget http://software.virtualmin.com/gpl/scripts/install.sh

3. Execute the install script

sudo sh install.sh

 

 

 

by

How to enable exec()

To enable exec() function, you have to modify php settings using a php.ini file.

  1. Open php.ini file and search for disable_functions exec
  2. Delete “exec” from disable_functions 
    disable_functions = "show_source,system, shell_exec,exec"
  3. Save the changes and reboot server.

That’s it!

Caution:

When a PHP script is hacked, the hacker can use the exec function to cause further issues. However, exec function itself is not dangerous.

Note:

OJS needs exec function for extracting text from PDFs for search indexing etc.