Topics

Devops And Release Engineering

Devops and Release Engineering's Topics

Aleks Blumentals

Aleks Blumentals

December 29 2011

Suhosin

I added Suhosin to my stack and made a fresh install of Anahita - wget from server worked fine, and site installed perfectly. But the n i got the message that i have Suhosin and need to apply a fix.

I followed the instructions ( http://www.assembla.com/wiki/show/nooku-framework/Known_Issues) and added the line to php.ini. I wasn't sure how - my php.ini is in ../php5/etc not in the root (/var/www)...

It is isn't clear to me ;-) should I merely create a php.ini with that one line (suhosin.executor.include.whitelist = tmpl://, file://) in /var/www and /var/www/administrator?

This didn't change the result - I only see the first page 9front end and backend - but still shows the suhosin notice)

thanks

Arash Sanieyan
Arash Sanieyan
December 29 2011 Permalink
Hi Aleks,

Whos is your hosting ? Is it your own server ?
Aleks Blumentals
Aleks Blumentals
December 29 2011 Permalink
Worked fine - just needed rebooting the server !! my personally installe a-to-z Anahita site on rackspace is humming ;-D before the year is over
Arash Sanieyan
Arash Sanieyan
December 29 2011 Permalink
Oh nice. Did you enable APC on your server ? What's your server configuration ? Just curious to know.

Cheers
Aleks Blumentals
Aleks Blumentals
December 29 2011 Permalink
Hi
the distro is Ubuntu 10.04 and the stack is made of

NginX 1.1.11
PHP 5.3.8
APC 3.1.9
Suhosin Extension 0.9.32.1

Everything on the surface is working - blazing fast too - but I am still trying to figure out the file/vhost/ftp story - I must admit i am a bit lost on that side

Bazhar - will not work - it seems to recognise me - says hello and shows the profile image from Anahita site - but if I try to upload/renew packages - I get

Install path does not exist

If I try to upload from the install/uninstal I also get

Warning! Failed to move file. 
I am trying to install Navicat to manage the files from my Windows worksation - but I haven't managed to connect 
SSH tunnel error on connecting WSAGetLastError return 10060($274C) 
Filezilla connects on simple FTP but not on  FTP over TLS

I would appreciate some hints ;-)

But really happy that I spent the week delving into this ... really cool

APC - apc.ini

extension = apc.so
apc.enabled = 1
apc.shm_size = 128M
apc.shm_segments=1
apc.write_lock = 1
apc.rfc1867 = On
apc.ttl=7200
apc.user_ttl=7200
apc.num_files_hint=1024
apc.mmap_file_mask=/tmp/apc.XXXXXX
apc.enable_cli=1


I worked some more on this... added don't ask me why a few more things and changed settings in NGINX sites-available/default (is this where one should play with the virtual host, access etc?)... I managed to connect Filezilla FTP over TLS ... but in the process managed to disconnect the web site ;-)...

I'll PM passwords... maybe you can take a quick look
Hi Alex, did you manage to white list Anahita in suhosin so it is working even if suhosin is installed?
Aleks Blumentals liked this
Yes, I followed the instructions in the link, and eventually I sorted it. Probably was needing to restart nginx, php5-fpm
Thanks Aleks :)

Powered by Anahita