Sysadmins of the North is just another technical blog, like so many others out there. Most posts are written in English, some in Dutch. For the most part, I write as it comes; posts may seem incoherently written sometimes (my apologies). Here on Saotn.org you’ll find all kinds of computer, server, web, sysadmin, database and security related stuff. Browse the latest posts per category here, search for posts, or make a selection from the categories menu.
Exploit PHP’s mail() function to perform remote code execution, under rare circumstances.
E-Book Gallery for Microsoft Technologies, free content for Azure, ASP.NET, Office, SQL Server, SharePoint Server and other Microsoft technologies in e-book formats. Reference, guide, and step-by-step information are all available. All the e-books are free. New books will be posted as they become available.
More quality sysadmin & DevOps IT books selected for you. Categories include:
- DNS, DNSSEC and BIND
- Drupal, Node.js, Umbraco, WordPress (website and web applications)
- MySQL: installing, configuring, securing, optimizing and databases
- Security, hacking and forensics
- Windows Server 2012 (and R2) and IIS
A vulnerability in PHP’s phpinfo() function allows PHP scripts to read arbitrary strings from memory.
How to install custom PHP 5.5 with OPCache in IIS Express for WebMatrix 3. Or PHP 5.4, or PHP 6.0. Create your own PHP development environment easily with WebMatrix and IIS Express.
Increased SQL injection activity: Since a week or so, I notice a huge increase in SQL injection attacks on various websites. Anyone else seeing the same SQL injection attacks lately? On various websites/databases, for example (some information redacted) …
WordPress 3.9.2 is now available as a security release for all previous versions. We strongly encourage you to update your sites immediately. This release fixes a possible denial of service issue in PHP’s XML processing, reported by Nir Goldshlager of the Salesforce.com Product Security Team. It was fixed by Michael Adams and Andrew Nacin of the WordPress security team and David Rothstein of the Drupal security team. This is the first time our two projects have coordinated on joint security releases.
How not validating your PHP input can lead to Denial of Service attacks against websites and back-end database servers. Simply by putting
AND sleep(3) in the address bar… Happy SQL injection.
Send authenticated SMTP email in WordPress over TLS, by overriding the function
wp-mail() and utilizing the PHPMailer class.
I was suprised WordPress is not able to send email using an SMTP server out-of-the-box. Not to mention using TLS transport for security. A quick Google search showed me multiple plugins to handle this. Hence, everything is handled through plugins in WordPress… Need to optimize your website? Use plugin x. Want a more secure WordPress? Use plugin y.
Clear Magento cache and MySQL log tables, perform regular Magento maintenance on IIS web servers for better performance
Now for Windows IIS web servers too: optimize the speed and performance of your Magento ecommerce webshop by carrying out important maintenance; remove old MySQL database log files and Magento cache data on a regular basis.
Website DDoS protection with .htaccess and mod_evasive on Windows IIS.
Mod_evasive is a module for Apache and Windows/IIS (with Helicon Ape), to provide protection and evasive action in the event of an HTTP DoS-, DDoS or bruteforce attack. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denies an IP address access to a website if it’s requesting the same page more than 10 times a second. This is configurable. Properly configured and tested, mod_evasive can provide great security and protection against Denial of Service (DoS)- or Distributed Denial of Service (DDoS), and bruteforce attacks.
Redirect Umbraco website to www subdomain
Umbraco listens to both http://example.com and http://www.example.com. This is not good for your Google ranking and SEO, since this will be seen as duplicate content. Fortunately, it is pretty easy to redirect your website to it’s www variant. Here you’ll learn how to accomplish this.
WordPress xmlrpc.php DDoS and user enumeration attacks: huge increase in HTTP POST requests on WordPress xmlrpc.php, how to identify and leverage these WordPress xmlrpc.php brute-force and user enumeration attacks.
Since today, I notice a huge increase in HTTP POST requests on WordPress
xmlrpc.php, on multiple websites. This could be related to WordPress’ xmlrpc.php pingback DDoS vulnerability discoverd last March and reported by Sucuri, or it may be related to the WordPress pingback vulnerability reported by Acunetix. But it might be something new as well…
How to remove unnecessary HTTP response headers in IIS 7, 7.5, 8.0 and ASP.NET.
Windows IIS loves to tell the world that a website runs on IIS, it does so with the
Server HTTP response header, as shown below. In this post I’ll show you how to rewrite and remove unwanted response headers in IIS, because we don’t want to give hackers too much information about our servers.
Joomla! performance tuning on Windows Server IIS
In this article, I’ll show you how to optimize Joomla! on Windows Server IIS with just
three six (6) important, but basic, performance tips. Everyone wants a fast loading website, whether it’s based on WordPress, Drupal, Joomla, or something else. For WordPress, a lot of posts are available here to optimize WordPress performance, and Drupal can easily be improved with the BOOST module.
But what about Joomla? How can we optimize and improve Joomla!’s performance and speed easily? Here are
three six (6) simple tips…
Jason Deacon, from Australia’s design and development company Wiliam , writes about how to use a back-end instance of Umbraco 7, which is completely decoupled from the front-end (an ASP.NET MVC 5 site).
Our approach leverages a file called “Umbraco.config” which is really just a XML file which Umbraco publishes all its public content to whenever a node is published in the interface. This XML structure mirrors the document types and properties of the site structure populated in Umbraco and therefore offers the perfect snapshot of the content the site can serve, without having to query a database for it.
Why MySQL indices are so important
At Vevida, we like to help our customers as much as possible. Even with optimizing a MySQL database when they don’t ask for it (when they don’t know performance can be improved), for example by adding an index because we spotted a slow query in our slow-query log. Indexes are used by MySQL to help find rows quickly. We want to make it as easy as possible for MySQL to find the relevant rows, the more precise or specific we are the less the number of rows MySQL has to fetch.
The other day I spotted the following in MySQL slow-query log:
MySQL storage engine, MyISAM versus InnoDB: if you want to convert a MyISAM table to InnoDB, the process is fairly easy.
In the earlier days of MySQL, the default storage engine for your database was MyISAM. This is why you still encounter a lot of examples with
engine=MyISAM online. Nowadays, the InnoDB storage engine is MySQL’s default. MyISAM is no longer actively developed, InnoDB is. Therefor, all/most MySQL performance optimizations are for the InnoDB engine and it’s wise to choose this as your table storage engine.
As you know, more and more web hosting providers require SMTP authentication (often abbrevated as SMTP AUTH) and a TLS encrypted connection to send email. Here you’ll find some script examples to send SMTP AUTH email over TLS with ASP, ASP.NET and PHP. Can we do the same with Ghost and Node.js?
import posts from wordPress in Ghost
A little while ago I installed Ghost on IIS, along with the required Node.js and iisnode module. All in an isolated test environment, in which Ghost runs as a production site only. Now I wanted to import a WordPress blog into Ghost, but failed.
Here’s how I resolved this particular Ghost import error.
From time to time you need to flush MySQL’s query_cache to prevent fragmentation of free query cache memory space. Whether we need to flush the query cache is provided to us by MySQL’s
Qcache_free_blocks status information. The higher the value, the more fragmented free space is. Note: Flushing the query cache does not delete it. Use
reset query cache for that.
InnoDB Buffer Pool Instances, tune MySQL for a heavy InnoDB workload
InnoDB 1.1 for MySQL 5.5 – How to tune MySQL server performance and optimize MySQL’s InnoDB storage engine. It is important to tune and optimize your MySQL server’s InnoDB configuration, to run your website, or application, efficiently. And here is a little help …