Conversation

Notices

1. Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Sunday, 11-Dec-2022 16:18:45 EST Clarissa Walker
   Reorganized the custom Apache conf structure of this server into their own confs, leaving the main httpd.conf clean. Did have to update the main one due to a change in 2.4 that wasn't present in 2.3 (trunk).
   
   I should probably move the custom ones into their own subdirectory.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Sunday, 11-Dec-2022 18:06:32 EST Clarissa Walker

     in reply to
     Made further cosmetic changes to the custom confs. Also enabled Server Pool Management (MPM specific) to the server.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Sunday, 11-Dec-2022 18:07:40 EST Clarissa Walker

     in reply to
     Was trying to move PHP from CGI to FastCGI, and... realized that PHP was not built for FastCGI. So I will have to recompile it once again.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Sunday, 11-Dec-2022 20:09:17 EST Clarissa Walker

     in reply to
     Apache HTTPd is updated. Next is wrangling the setup to compile PHP, as it is yet another newer install of the compile box.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Monday, 12-Dec-2022 00:55:58 EST Clarissa Walker

     in reply to
     PHP7 is now running in FastCGI mode. Still have to recompile PHP so it can use the libraries to match the server.
     
     Also, looks like the deployment notes needs a very important update re: FastCGI implentation and Apache HTTPd.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Monday, 12-Dec-2022 02:06:24 EST Clarissa Walker

     in reply to
     Oof, some stuff broke all because I didn't use a + in ExecCGI. Now stuff works as intended.
     
     I also didn't use + in a few other places since 2008, so I got bit by that eventually. FastCGI seems to abide by that properly and not CGI with this setup (so config can be a bit loose), so... interesting.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Monday, 12-Dec-2022 23:54:53 EST Clarissa Walker

     in reply to
     More cleaning up the global httpd.conf file. Didn't know that Apache Foundation officially added the HTTPoxy mitigation to that file some time ago.
     
     Also cleaned up the custom httpd-php config and split those between the CGI part and FastCGI part.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Tuesday, 13-Dec-2022 02:45:44 EST Clarissa Walker

     in reply to
     Went back to PHP in CGI mode as a test for the CGI socket. Going to go back to PHP in FastCGI mode.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Tuesday, 13-Dec-2022 14:29:20 EST Clarissa Walker

     in reply to
     Changed bandwidth limit setup from a modified mod_bw module to the official mod_ratelimit module. Seems fine, but I need more tests to make sure.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Tuesday, 13-Dec-2022 14:45:38 EST Clarissa Walker

     in reply to
     Nope, ratelimit contemplates with bw, so both are enabled, and mod_bw limits are upped. Now each client downloads at the speed of what the old mod_bw settings are, and mod_bw limits are double that.
     
     256KB each client -> 512KB bw limit
     384KB each client -> 768KB bw limit
     512KB each client -> 1024KB (1MB) bw limit
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Tuesday, 13-Dec-2022 16:19:33 EST Clarissa Walker

     in reply to
     So, I can read the entire /etc/passwd file on my server through PHP. Obviously this will be fixed.
   • Clarissa Walker (amisapphire@cwcyrix.nsupdate.info)'s status on Tuesday, 13-Dec-2022 17:00:32 EST Clarissa Walker

     in reply to
     ...Partially fixed. I have phpsysinfo on the main server and using open_basedir breaks that (and possibly a few things). shell_exec() is disabled for now, however.