Ubuntu Server e versioni multiple di PHP

Dopo qualche ricerca, pur non apprezzando affatto il codice non in chiaro, ho utilizzato questo progetto per la gestione di molteplici versioni di PHP in un server virtualizzato dedicato all’hosting e gestito tramite Virtualmin .

https://github.com/phpbrew/phpbrew
[code]
Scarico ed installo lo script:
[code]
wget https://raw.github.com/c9s/phpbrew/master/phpbrew
chmod +x phpbrew
mv phpbrew /usr/local/sbin/phpbrew

Si inizializza il sistema:

phpbrew init
export PHPBREW_ROOT=/opt/phpbrew
source ~/.phpbrew/bashrc

E si installa la versione desiderata:

apt-get install libmcrypt-dev
phpbrew install php-5.4.13 +default +mysql +gettext +mcrypt +intl +iconv +ftp +exif +dba +openssl +soap +apxs2=/usr/bin/apxs2 -- --with-libdir=lib/x86_64-linux-gnu --with-gd=shared --enable-gd-native-ttf --with-jpeg-dir=/usr --with-png-dir=/usr --enable-wddx --with-mysql-sock=/var/run/mysqld/mysqld.sock

Tutto quanto necessario viene salvato in /opt/phpbrew e per renderlo visibile a webmin basta creare una directory e fare un link simbolico:

mkdir /opt/rh/
ln -s /opt/phpbrew/php/php-5.4.14 /opt/rh/php54

A questo punto andando nella console di Webmin in System Settings -> Re-Check Configuration il sistema ricerca le versioni di php presenti e le rende accessibili per virtualhost in Server Configuration -> PHP Versions.

andrea

Read more
No Comments

Reverse Proxy

Configurazione tipo per un reverse proxy SSL basato su Gentoo Linux e apache2

TimeOut 30
SetOutputFilter DEFLATE
AddOutputFilterByType INCLUDES application/pdf
AddEncoding x-gzip .gz
AddType application/x-javascript .gz
AddType application/javascript .gz
BrowserMatch Firefox/1\.0\.[0-9] no-gzip
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
BrowserMatch "MSIE 6" no-gzip gzip-only-text/html
SetEnvIfNoCase Request_URI \.(gif|jpg|jpeg|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(htm|html|js|jsp|asp|php|do)$ !no-gzip
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(gif|jpg|jpeg|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(htm|html|js|jsp|asp|php|do)$ !no-gzip
SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|bz2|sit|rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary
#SetEnvIfNoCase Request_URI \.* no-gzip dont-vary
#SetEnvIfNoCase Request_URI \.jsp$ !no-gzip !dont-vary
#SetEnvIfNoCase Request_URI \.htm$ !no-gzip !dont-vary
#SetEnvIfNoCase Request_URI \.html$ !no-gzip !dont-vary
#SetEnvIfNoCase Request_URI \.asp$ !no-gzip !dont-vary
DeflateFilterNote Input instream
DeflateFilterNote Output outstream
DeflateFilterNote Ratio ratio
DeflateWindowSize 15
DeflateMemLevel 9
DeflateCompressionLevel 9
ServerName nome_server
LoadModule proxy_module modules/mod_proxy.so
LoadModule ssl_module modules/mod_ssl.so
SetEnvIf User-Agent ".*MSIE.*" ssl-unclean-shutdown
SSLSessionCache shm:/var/cache/apache2/ssl_scache(4096000)
SSLSessionCacheTimeout 600
LogLevel error
ErrorLog /var/log/apache2/ssl_error_log
Listen 80
Options -All -Multiviews
AllowOverride None
Order allow,deny
Allow from all
DocumentRoot /home/domini-web/locale/www
# ServerName nome_server
# ServerAlias alias_server
DirectoryIndex index.shtml index.php index.php3 index.html
ScriptAlias /cgi-bin/ /home/domini-web/locale/cgi-bin/
CustomLog /var/log/apache2/access_log combined
AddHandler server-parsed shtml
Options +Includes
Options -Indexes -All -Multiviews +Includes
AllowOverride None
Order allow,deny
Allow from all
Include /etc/apache2/conf/*.conf

/etc/apache2/conf/server_A.conf

Listen 400
#
RewriteEngine on
#RewriteCond %{REQUEST_URI} !^/galileo/public/
#RewriteCond %{REQUEST_URI} !^/galileo/
#RewriteRule / /galileo/public/menu.faces [R,L]
# direttive proxypass ------------------------------------------
ProxyPass / http://X.X.X.X:8888/ retry=0 ttl=120 timeout=120
ProxyPassReverse / http://X.X.X.X:8888/
# autenticazione server ------------------------------------------
SSLEngine On
#128bit
SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES
SSLHonorCipherOrder on
# 40 bit
#SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:!SSLv2:!LOW
SSLCertificateFile /etc/apache2/ssl/server.crt
#SSLCertificateChainFile /etc/apache2/ssl/cert-new.verisign.pem
#SSLCertificateChainFile /etc/apache2/ssl/cert.verisign.pem
SSLCertificateChainFile /etc/apache2/ssl/intermediate_good.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.nopassword.key
# autenticazione client ------------------------------------------
# accesso permesso solo in presenza di comunicazione almeno a 128bit
ErrorDocument 403 http://www.tuo_sito.it/
ErrorDocument 404 http://www.tuo_sito.it/
#SSLCACertificateFile /etc/apache2/ssl/client/CAcert.chain
#SSLCARevocationFile /etc/apache2/ssl/crl.pem
#SSLVerifyClient none
#SSLVerifyDepth 10
#SSLOptions +StdEnvVars
 
ServerName www.tuo_sito.it
#ServerAlias Y.Y.Y.Y
ProxyRequests on
ProxyVia on
AddOutputFilterByType SUBSTITUTE text/html
#Eventuale sostituzione del testo proxato
#Substitute "s|test_da_sostituire|vuoto|i"
# eventuale log verso syslog esterno
#CustomLog "|/usr/bin/logger -t reverseproxy -n syslog " combined
 

 

Ulteriori personalizzazioni possono essere inserite riguardi a questi tre moduli:

mod_evasive

mod_cband

mod_security

Read more
No Comments