Creating virtual host aliases under Apache

Sometimes you want to create folder alias for your website like this: /images to be mapped to /home/your_account/public_html/images.

To do this, you need to edit Apache httpd.conf file which is located at /etc/httpd/conf

It is clever to put all aliases in one file in the same directory and name them aliases.conf and then only to reference this file from httpd.conf.

You will include aliases.conf in httpd.conf like this:

<IfModule mod_alias.c>
    Include /Applications/MAMP/conf/apache/alias
</IfModule>

You define alias in aliases.conf file like this:

Alias /images /home/your_account/public_html/images
<Directory "/home/your_account/public_html/images">
    Options Indexes FollowSymLinks ExecCGI Includes
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>
Continue Reading

Protecting your Linux server from Heartbleed bug

I have got at least 20 emails from different sources about OpenSSL vulnerability, known as Heartbleed bug

It allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. More details about this (how to reproduce and fix) can be found here.

To check if your server is vulnerable use this online tool.

heartbleed

At the end, in order to protect your server’s Linux OS you need to do this few steps:

  1. Login through SSL (you can use Putty from Windows) as root administrator
  2. Run “yum update” – this will update your OpenSSL
  3. You need now to restart restart all SSL-enabled services and the easiest way is to restart your server. Use “shutdown -r now
  4. After your server reboots itself, check if all is OK typing (use Putty again): “rpm -q –changelog openssl-1.0.1e | grep -B 1 CVE-2014-0160” and you should get something like this “Mon Apr 12 2014 Tomaž Mraz <tmraz@redhat.com> 1.0.1e-16.7

I would like to thank Michael Photakis, Eric Delorme and Stephen Chaffins from the CPanel team for their excellent support.

Happy sleeping.

Continue Reading