Error during session start; please check your PHP and/or webserver log file and configure your PHP installation properly. Also ensure that cookies are enabled in your browser.
SOLUTION: CHMOD 777 /var/lib/php/session
- Apache creates a thread for every request.
- Nginx have workers single thread. Can handle more request.
It is also worth mentioning that sometimes both web servers are used at the same time – Nginx as a reverse proxy for Apache. In this combination, Nginx will take off most of the load from Apache. This can be an acceptable solution, if the system is already running with Apache and the costs of a full transfer to Nginx are greater, than using both in a combo.
Solution: Change the owner of /etc/phpMyAdmin to admin
Tested on Centos 6.9 + VestaCP
AWS (EC2, Lightsail)
[http-get-dos] enabled = true port = http,https filter = http-get-dos logpath = /var/log/apache2/YOUR_WEB_SERVER_ACCESS_LOG # maxretry is how many GETs we can have in the findtime period before getting narky maxretry = 300 # findtime is the time period in seconds in which we're counting "retries" (300 seconds = 5 mins) findtime = 300 # bantime is how long we should drop incoming GET requests for a given IP for, in this case it's 5 minutes bantime = 300 action = iptables[name=HTTP, port=http, protocol=tcp]
Create new file /etc/fail2ban/filters.d/http-get-dos.conf
[Definition] # Option: failregex # Note: This regex will match any GET entry in your logs, so basically all valid and not valid entries are a match. # You should set up in the jail.conf file, the maxretry and findtime carefully in order to avoid false positives. failregex = ^ -.*"(GET|POST).* # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =
Create private and public SSH keys:
ssh-keygen -t rsa For a more secure 4096-bit key, run:
ssh-keygen -t rsa -b 4096
chmod 700 ~/.ssh chmod 600 ~/.ssh/id_rsa
cat id_rsa.pub >> ~/.ssh/authorized_keys
Note: once you’ve imported the public key, you can delete it from the server.
and finally set file permissions on the server:
$ chmod 700 ~/.ssh $ chmod 600 ~/.ssh/authorized_keys
# Disable password authentication forcing use of keys PasswordAuthentication no
Create ppk file using PuttyGen
Conversionsfrom the PuTTY Key Generator menu and select
- Navigate to the OpenSSH private key and click
Save the generated key, select
Save private key.
- Choose an optional passphrase to protect the private key.
- Save the private key to the desktop as
Connect to server using Putty and Private Key
- Enter the remote server Host Name or IP address under
- Navigate to
Private key file for authentication.
- Locate the
id_rsa.ppkprivate key and click
- Finally, click
Openagain to log into the remote server with key pair authentication.
Tested on CentOS6 i386
- Right now
- Works Quickly
- C (chained with next rule)
- CO=cookie (set specified cookie)
- E=var:value (set environment variable var to value)
- F (forbidden – sends a 403 header to the user)
- G (gone – no longer exists)
- H=handler (set handler)
- L (last – stop processing rules)
- N (next – continue processing rules)
- NC (case insensitive)
- NE (do not escape special URL characters in output)
- NS (ignore this rule if the request is a subrequest)
- P (proxy – i.e., apache should grab the remote content specified in the substitution section and return it)
- PT (pass through – use when processing URLs with additional handlers, e.g., mod_alias)
- R (temporary redirect to new URL)
- R=301 (permanent redirect to new URL)
- QSA (append query string from request to substituted URL)
- S=x (skip next x rules)
- T=mime-type (force specified mime type)