phpinfo

Posts Tagged ‘phpinfo’

Advanced WordPress wp-config.php Tweaks

Wednesday, March 3rd, 2010

The bottom line for this article is that I want to make WordPress as fast, secure, and easy to install, run, and manage because I am using it more and more for client production sites, I will work for days in order to solve an issue so that I never have to spend time on that issue again. Time is money in this industry and that is ultimately (time) what there is to gain by tweaking WordPress.

Note: I spent no time on readability, this is primarily a read the code and figure it out article.. This is for advanced users looking for a reference or discussion and for those of you looking to advance. Feedback would be great if you make it that far..

Tags: 301 Redirect, admin, Advanced, Ajax, Anti-Spam, Apache, askapache, bash, bash_profile, Cache, caching, cheatsheet, chmod, Cookies, CSS, debugging, Elite, encryption, error log, Examples, feed, File Permissions, File System, filesystem, GET, grep, HowTo, Htaccess, HTTP Headers, HTTPS SSL, Javascript, Linux, Login, Logs, Mod_Rewrite, Mod_Rewrite cheatsheet, mysql, password, PHP, php.ini, phpinfo, Port, post, Rewrite Tricks, rewritecond, rewriterule, Security, server, Sessions, Shell, Socket, SPEED, SSH, SSI, stat, trick, umask, Username, Web Hosting, WordPress, wp-config.php
Posted in CSS, Cache, Featured, Hacking, Htaccess, Javascript, Linux Unix BSD, Mod_Rewrite, PHP, SEO, Security, Server Administration, Shell Scripting, Web Design, Web Hosting, Webmaster, WordPress, WordPress Plugins | 5 Comments »

AskApache Debug Viewer Plugin for WordPress

Sunday, April 5th, 2009

The story behind this plugin is sorta wack, but in a good way :). While doing tons of security research on permissions, authorization, access, etc.. for the Password Protection plugin (still being worked on), I needed to have unheard of debugging capabilities while working on the plugin on the various websites, webhosts, and test servers that I use to test in different environments. So I hacked together a bunch of php code that helped me debug, actually I pretty much went overkill and tried to get as much debugging info as programmatically possible, and it ended up being so much code that I took it out of my Password Protection code and made it its own plugin.

Tags: admin, Ajax, Apache, Apache Modules, askapache, authorization, Cache, chmod, Cookies, debugging, error log, fifo, File Permissions, GET, Htaccess, Login, Nice, password, password protection, PHP, php.ini, phpinfo, Port, post, ram, Rewrite Tricks, Security, server, servers, Socket, SSI, stat, umask, Username, WordPress, WordPress Development
Posted in WordPress, WordPress Plugins | 1 Comment »

The Ultimate Htaccess

Saturday, January 10th, 2009

Skip this – still under edit

I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and “share” the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don’t use .htaccess much, if AT ALL. It’s much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I’ve never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it’s almost as powerful as httpd.conf itself!

Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It’s common to see “computer gurus” on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf – I wonder if these “gurus” know the history of the htaccess file, like it’s use in the earliest versions of the HTTP Server- NCSA’s HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.

Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA’s, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)

Tags: .htaccess examples, 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, admin, Advanced, Apache, Apache Htaccess, apache ssl, askapache, ASP, authorization, Backups, Bandwidth, bash, Blocking, Boot, Cache, Cache-Control, caching, cheatsheet, chmod, code snippets, compression, Cookies, CSS, debugging, DreamHost, Email, error log, errordocument, Etags, Examples, experiments, feed, FeedBurner, File System, FilesMatch, filesystem, Firefox, Flash, Forms, GET, Google, Hacking, hotlinking, HowTo, Htaccess, htaccess files, htaccess guide, htaccess rewrite, htaccess tricks, htaccess tutorial, Htpasswd, HTTP Error, HTTP Headers, HTTP-EQUIV, httpd, httpd.conf, HTTPS SSL, hyper text transfer protocol, If-Modified-Since, Javascript, Last-Modified, Linux, Login, Logs, mad skills, mod_include, mod_python, Mod_Rewrite, Mod_Rewrite examples, Mod_Security, Mod_Setenvif, mysql, Nice, nsa, password, password protection, PDF, Performance, Perl, PHP, php.ini, phpinfo, Port, post, Powweb, Prompt, Python, ram, Redirect, Redirection, Request Method, Rewrite Tricks, rewritecond, rewriterule, Robot, robots, Sample .htaccess, Scripts, Security, SEO, seo secrets, server, server config, servers, SetEnvIf, Shell, Socket, Source Code, SPEED, SSH, SSI, stat, SymLinks, trick, tutorial, ultimate htaccess, Username, Web Hosting, WordPress
Posted in Apache, Apache Modules, Cache, DreamHost, Featured, Google, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, SEO, Security, Web Design, Web Hosting, Web Tools, Webmaster, WordPress | 71 Comments »

Apache Authentication in htaccess

Tuesday, April 10th, 2007

How to password-protect, Allow or Deny a visitor based on a condition. If you are having trouble getting htaccess-based password protection to work see: Troubleshooting htaccess Authentication: Getting it to work

Tags: 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, admin, Analytics, Apache, Apache Htaccess, apache ssl, askapache, Cache, Cache-Control, caching, CSS, errordocument, Examples, feed, FeedBurner, FilesMatch, Flash, GET, Google, Hacking, Htaccess, htaccess guide, htaccess tricks, htaccess tutorial, Htpasswd, HTTP Headers, HTTPS SSL, Login, Mod_Rewrite, Mod_Rewrite examples, Mod_Security, password, password protection, PDF, PHP, phpinfo, Prompt, Redirect, Rewrite Tricks, rewritecond, rewriterule, Security, SEO, server, servers, SetEnvIf, SPEED, stat, trick, tutorial, ultimate htaccess, Wget, Wireshark, WordPress
Posted in Apache, DreamHost, Htaccess, Security | 12 Comments »

Custom PHP.ini tips and tricks

Monday, February 5th, 2007

Describes in exhaustive detail how to change configuration settings and implement a custom php.ini file for use with the Apache Web Server.

View latest official php.ini

Sections:

When php run as Apache Module (mod_php)
When

…

Tags: admin, Apache, askapache, ASP, Cache, caching, chmod, CommandLine, compression, Cookies, curl, debugging, Dig, DreamHost, Email, error log, Examples, File Permissions, filesystem, GET, Htaccess, htaccess files, HTTP Headers, httpd, httpd.conf, HTTPS SSL, Javascript, Linux, Logs, Mod_Rewrite, mysql, Nice, nsa, password, Performance, PHP, php.ini, phpinfo, Port, post, Powweb, Prompt, ram, Redirect, Redirection, Rewrite Tricks, rewritecond, rewriterule, Scripts, Security, server, server config, servers, Sessions, SetEnvIf, Shell, shell script, Shell Scripting, Socket, SPEED, SSI, stat, trick, ultimate htaccess, umask, Username, Web Hosting, xargs
Posted in Apache, Htaccess, Linux Unix BSD, Mod_Rewrite, PHP, Security, Server Administration, Web Hosting, WiredTree | 13 Comments »

Debug apache log files from php

Monday, January 8th, 2007

Secure phpinfo.php with .htaccess, Now instead of getting a 404 error you will see debug information which will help you find out what the problem is.

Tags: 403 Forbidden, 404 Not Found, Apache, debugging, errordocument, GET, Htaccess, Logs, PHP, phpinfo, Redirect, Security, server, SymLinks
Posted in Apache, Htaccess, PHP | 1 Comment »

phpinfo

Posts Tagged ‘phpinfo’

Custom PHP.ini tips and tricks

Sections:

Debug apache log files from php

My Picks

Support Freedom or Die

Newest Posts

htaccess Guide

Website Speed Tips Series