Hi guys,
Hope all of you know about Varnish, the http cache server. A very good and stable one.
But last week i had some issues regarding configuration of my phpmyadmin on it.
Phpmyadmin issue where :
Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.
Eveywhere you’ll find this is an issue related to session temp directory configuration. FALSE. THIS IS BULLSHIT.
Here is the solution:
Firt of all you need to setup your varnish for the domain or the phpmyadmin directory not to be cached. I set this on a specific back office subdomain name for all my administration tasks (just restrict this access by ip AND passwd on htaccess btw).
Here is the related rules:
sub vcl_fetch {
if (req.url ~ "XXXX.YYYYYY.TLD") {
return(pass);
}
}
Then you’ll have to configure your phpmyadmin directory. Software is not smart enough to understand it’s run behind varnish, so he’ll try to redirect you to your backend server (which is, I HOPE, not available by public adress/port). So configure this directive « $cfg['PmaAbsoluteUri'] » swith your phpmyadmin public internet URL.
And then setup auth_type with « http ». Problem comes from « cookie » auth. I still didn’t resolv this issue but at least this configuration works !
$i = 0;
$i++;
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'http';
$cfg['Servers'][$i]['host'] = 'localhost';
$cfg['Servers'][$i]['connect_type'] = 'tcp';
$cfg['Servers'][$i]['compress'] = false;
/* Select mysql if your server does not have mysqli */
$cfg['Servers'][$i]['extension'] = 'mysqli';
$cfg['Servers'][$i]['AllowNoPassword'] = false;
$cfg['PmaAbsoluteUri'] = 'http://XXXXXXXXXXX/';
HF dudez.
apache, auth_type, cookie, phpmyadmin, varnish
Introduction
GNU/Linux Debian Lenny security support has been dropped since a few days (since the 6th of February to be exact). All administrators are encouraged to upgrade their system from Lenny (5.0) to Squeeze (6.0) as soon as possible.
In my previous article I explained how I migrated my dom0 to Squeeze, so now it’s time for me to explain how I did the same thing for domUs.
Read the rest of this entry
Introduction
GNU/Linux Debian Lenny security support has been dropped since a few days (since the 6th of February to be exact). All administrators are encouraged to upgrade their system from Lenny (5.0) to Squeeze (6.0) as soon as possible.
I only had one server left running Lenny, so yesterday I decided to upgrade it. Everything went… well, I won’t say smooth but less than 24 hours later, everything is running again. Not so bad for a migration. :)
Read the rest of this entry
Introduction
As www.devquotes.com was suffuring for a huge peak of traffic, I figured I should install some caching server to meet the performance requirements.
I knew that Varnish was a good choice because of the many articles I came into the last few years, so I decided to give it a try.
Read the rest of this entry
You should know about that but extracting windows configuration is something very boring. mspaint.exe, screenshot + crop. HORRIBLE.
A good way to extract some information is to use the WMIC utility.
The wmic is a core feature of all Windows since Windows 2000 and most of the commercial monitoring software are using it to extract, analyze and display system information :
Here is a little list of actions you can perform through WMIC utility :
- launch process,
- stop process,
- reboot computer,
- list of installed programs,
- list of installed security patchs,
- etc…
Read the rest of this entry
audit, conf, configuration, win32, windows, wmic
You may have heard about the new DDOS tools released by THc yesterday exploiting an OLD CVE :
here is how to protect yourlsef from the vulnerability :
Just edit your SSL configuration files ( or all your vhost files, depend your configuration) as follows:
SSLVerifyDepth 4 # max number of depth
SSLVerifyClient none (ou require)
SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES # Ciphers suite used in the renegociation
SSLProtocol all -SSLv2 # Let’s disable sslv2
SSLHonorCipherOrder on #using the order we just set
have fun @patching your apache configuration files !
apache, conf, configuration, ddos, ssl, thc, tools
Introduction
Here are a few notes I took while trying to install Ruby 1.9.2, Rails 3, on a Ubuntu 10.10 Maverick system. The Debian style packaging for Ruby doesn’t sound like a good idea to me in a world where most of the gems are hosted on github and such, so I tried to use only the Ruby interpreter package from Ubuntu (1.9.2-p0).
This should also work on a Debian Squeeze system.
Read the rest of this entry
apt, debian, gem, rails, ruby, rubygems, ubuntu
My initial problem
My previous ISP (Free) provided me with a nice triple-play ADSL set-top box (aka « Freebox »). It has an internal 40GB hard disk drive accessible using FTP and was able to play content streamed through UPnP. I recently switched to a new ISP (Numéricable) because they were offering FTTH (100mbits downstream, 5mbits upstream) in my place, but unfortunately they’re not offering any kind of set-top box. I just got a classic Netgear modem and Netgear DVB device, which is unable to play any video content from the network.
As it turns out, I’m missing the HTPC-kind functionalities a pretty damn lot. Playing my video content on my living room’s TV is important in my eyes. Sadly, my computer is too far from the TV to link both using an HMDI cable. That’s how I decided that I’ll be building an HTPC.
What’s an HTPC?
What is exactly an HTPC (Home Theater Personal Computer or Home Cinéma & Media Center in french):
Read the rest of this entry
Home Cinéma Media Center, Home Theater Personal Computer, htpc, nas, server
