ServerBuddies Support Blog

PHP as a CGI script with suexec

For hosts running PHP as a CGI script with suexec you may be able to put these directives in a php.ini file in your website root directory.

Add the below to your .htaccess file in your web root directory.

The PHP documentation states that the memory_limit setting also affects file uploading.
Generally speaking, memory_limit should be larger than post_max_size.

Depending on your host, this can be done in a number of places with the most likely being php.ini or .htaccess depending on your hosting situation.

Add for example:

With root access, you can use the sed util in Linux/Unix based systems, in order to increace the memory for 64M. Don’t forget to properly locate you php.ini file!

How to downgrade from apache 2 back to apache 1.3

If you need to go back to apache 1.3 after installing apache 2, you’ll need to do the following:

1) Restore the old httpd.conf file:

2) Get DirectAdmin to use the old httpd.conf files for the users. Edit the /usr/local/directadmin/conf/directadmin.conf file and change apache_ver=2.0 to apache_ver=1.3. Also, if you were using custombuild, and are going back to customapache, the apache_conf value needs to be reset to:

Then type

3) Now you can recompile apache 1.3

4) Fix the modules link:

5) Restore the old boot script:

Source : http://directadmin.com/

.htaccess Hotlink protection for files on your server.

You can stop others from hotlinking your site’s files by placing a file called .htaccess in your Apache site root (main) directory. The period before the name means the file is hidden.

Example: Your site url is www.mysite.com. To stop hotlinking of your images from other sites and display a replacement image called nohotlink.jpe placed in your images directory, place this code in your .htaccess file:

The first line of the above code begins the rewrite. The second line matches any requests from your own mysite.com url. The [NC] code means “No Case”, meaning match the url regardless of being in upper or lower case letters. The third line means allow empty referrals. The last line matches any files ending with the extension jpeg, jpg, gif, bmp, or png. This is then replaced by the blockhotlink.jpe file in your images directory. This JPEG image is using the extension jpe instead of jpg to prevent blocking your own replacement image.

mount your /tmp partition with the noexec,nosuid options, and mount the /home partition with the nosuid option.

t install time, the easiest thing to do is to mount your /tmp partition with the noexec,nosuid options, and mount the /home partition with the nosuid option. This is done in your /etc/fstab and requires those paths to exist as partitions, and not just as subdirectories of /. If you’re unsure, type:

To get a listing of your partitions and their current mounting options. Use google for more information on these mounting options. Be very careful when editing your /etc/fstab, as any errors could prevent your system from starting up. Note that you must not have “nosuid,noexec” for / or /usr, as those partitions have suid binaries normally (su, passwd, etc).

Edit the fstab file vi /etc/fstab and change it depending on your needs. For example:

To read:

nosuid, Meaning do not allow set-user-identifier or set-group-identifier bits to take effect, nodev, do not interpret character or block special devices on this file system partition, noexec, do not allow execution of any binaries on the mounted file system.

Control mounting a file system

You can have more control on mounting a file system like /home and /tmp partitions with some nifty options like noexec, nodev, and nosuid. This can be setup in the /etc/fstab text file. The fstab file contains descriptive information about the various file systems mount options; each line addresses one file system.

Details regarding to security options in the fstab text are:

More information can be found in the mount(8) man pages