Sysadmins of the North
Share now!





Tag Archives for " PHP "

Don’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configuration

An often heard solution to PHP cURL errors with SSL is to turn off CURLOPT_SSL_VERIFYPEER. Please don’t turn off CURLOPT_SSL_VERIFYPEER, but fix your PHP config instead. This article provides you with two solutions to solve CA certificate validation errors with PHP cURL and OpenSSL. For system administrators and end-users.

Continue reading

How to send authenticated SMTP over a TLS encrypted connection, in PHP, ASP and ASP.NET?

Send authenticated SMTP (auth-SMTP) over a TLS encrypted connection. If you want to send email securely from your website, this post is for you! In this post I’ll provide some script examples for ASP, PHP, and ASP.NET (C# / VB.Net) that you can easily integrate in your website.

Continue reading
PHP logo

Connect to MS SQL Server with PHP 5.3+

Connect to an SQL Server database with PHP 5.3+ using the SQLSRV API and sqlsrv_connect. As of PHP 5.3.2 you have to use the SQLSRV API functions to connect to an MS SQL Server database from PHP. For example, use sqlsrv_connect() to create a connection resource and open a connection. The main difference with the older mssql functions of PHP is that SQLSRV requires an Array() with connection information, instead of strings.

Continue reading

Unauthorized Access: Bypassing PHP strcmp()

The following was posted to the Web Security Mailinglist: Unauthorized Access: Bypassing PHP strcmp(). A way to bypass PHP’s strcmp() binary safe string comparison function.

Create your own PHP based Origin Pull CDN

The advantage of having your website content hosted on a Content Delivery Network (CDN) is having your content distributed and stored across the Globe. Utilizing the network of the Content Delivery Network provider. Hosting your WordPress website on a Content Delivery Network is an important WordPress optimization tip. Here is how to create your own Origin Pull CDN with just a few lines of PHP…

Continue reading

Calculate MySQL database size with PHP (off the old shelf)

Calculate the MySQL database size in PHP. Sometimes you’d be amazed what you find when cleaning out your old script archives. I found an old PHP script to calculate the size of a MySQL database. I post it here just for the fun of it.

Continue reading

PHP with WinCache on IIS

In this article you’ll learn how to install PHP with Windows Cache Extension (WinCache) on Windows Server IIS. WinCache enabled PHP gives a great PHP performance boost for WordPress, Drupal or Joomla websites, and decreases CPU usage. This post will show you it’s not hard to set up a high performing PHP stack on Windows Server (IIS). And as a bonus, we’ll dive a bit into Windows TCP/IP tuning too. Learn how this very blog optimized it’s PHP hosting on Windows!

Continue reading

“htaccess files should not be used for security restrictions”

Acunetix’ Bogdan Calin wrote an article explaining why .htaccess files should not be used to secure sensitive data: htaccess files should not be used for security restrictions.

Continue reading

Multiple IIS 6.0/7.5 Vulnerabilities

Multiple vulnerabilities found in IIS 6.0 and 7.5 web servers. On the Full-Disclosure mailinglist Kingcope posted several IIS 6.0 and 7.5 bugs. Because I am a Windows Server and IIS admin, I took some time to test the various vulnerabilities …

Continue reading

How to filter web traffic with blacklists

Block and filter unwanted web HTTP traffic with blacklists, on both IIS and Apache. Protect your website easily with this PHP blacklist class. Let’s create our own HTTP web blacklist filter.

Continue reading

PHP on IIS: No input file specified.

When you host your PHP website on Windows Server IIS, you may receive an “No input file specified” error message, when a HTTP request is made to non-existing .php files. When this happens you probably have no Request Restrictions configured in IIS’ PHP handler settings. Here is how to resolve the no input file specified error.

Continue reading
Skip to content
Jft nZXDVCiNXZyE I