Enabling Extensions - ldap

I am changing some of my PHP settings such as upload size limit etc.
I manage to increase my upload size limit with some modifications to my Loaded Configuration File: php5.ini.
So it is the right file, and changes to php5.ini takes effect.
I want to enable ldap extension too. However, i couldnt do that. I added the following line:
extension=php_ldap.dll
But it did not take any effect.
Can anybody see why?
Thanks!

If you're on Linux, adding a dll extension won't do much good since these are used by Windows.
You'd rather have to enable the .so extension.
But then again just uncommenting or adding this entry in your php.ini doesn't make the extension work automatically, it will work only if the given .so file is really there and is in the right path, resp. the path is configured correctly.
If you're on Linux and you've got a chance, you should install extensions via your package manager (apt, yum, ...) which will compile the extension into your php installation. This way you won't loose your extension after server updates which include php.
If you don't have access to your server, there is always something you can do!
a) Ask the hosting provider to enable the extension for you, good hosting providers do that.
b) Get a VPS. You'll be so much better off!! It's worth it! Check out ServerGrove!

Related

Using Apache VFS Library Get File Size (Symbolic Link)

I utilize the Apache VFS library to access files on a remote server. Some files are symbolic links and when we get the file size of these files, it comes back as 80 bytes. I need to get the actual file size. Any ideas on how to accomplish this?
Using commons-vfs2 version 2.1.
OS is Linux/Unix.
You did not say which protocol/provider you are using. However it most likely also does not matter: none of them implement symlink chasing as far as I know (besides local). You only get the size reported by the server for the actual directory entry.
VFS is a rather high level abstraction, if you want to commandeer a protocol client more specially, using commons-net or httpclient or whatever protocol you want to use gives you much more options.

Apache Security settings - unsure of where to find in Config file

This is my first post under the Apache tag, so not sure if I have posted it in the correct spot. Apologies if it's not.
We recently had an audit done on our Apache server. It's running on a Windows Server 2012 R2, and I installed Apache 2.4.27 through WAMP.
The results from the Audit are fairly specific, but I don't know where to go in the Config file to fix these. My IMIT department has gone through a number of changes and we no longer have someone who can help me, so I'm stuck.
The three areas I need to correct are:
1) MISSING SECURITY HEADERS Recommendation: Implement HTTP security headers in the web applications to prevent exploitation of vulnerabilities.
2) Recommendation: Make sure that browsable directories do not leak confidential informative or give access to sensitive resources. Additionally, use access restrictions or disable directory indexing for any that do.
3) The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. Recommendation: Disable these methods.
I have looked in the config and in various documentation online but the Windows install for Apache seems to be unique, and I don't want to risk screwing up something that breaks the install.
Any ideas would be greatly appreciated.
Chris
Find httpd.conf file. It should be in the conf folder in the localization where Apache is installed like for ex:
C:/Apache/Apache/conf/httpd.conf
If you're not sure where that is - open task manager, find httpd.exe and check it's properties.
Then add required configuration there.
Check out this helpful github:
https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess
You can check your configuration files for syntax errors without starting the server by using apachectl configtest or the -t command line option.

Make cgi-scripts "portable"

I've got a little project that uses perl cgi scripts. At this moment I use Apache to run these scripts. I have an index.html file that redirects to a cgi file.
Now I want to make my project 'portable', which means that I want to be able to move the project to another location without the need to configure apache (so not changing the cgi-bin directory in the configuration). The end product would be a script (or html file) that could be opened so that a browser would pop up, just like it would run as it would be using Apache. I actually don't really know where to start.
It's not completely clear what you're asking. But I suspect you're about to find out why PSGI/Plack is such a good idea.
If you write your application to the PSGI interface then you'll be able to just drop it in to any PSGI-enabled web environment (or set up your own lightweight web server using something like Starman).

HTTP sources with h5ai appear empty in XBMC

I'm having some trouble adding a custom source to my XBMC set up. I've got an Apache2 server up and running that I use to stream movies to my computer and would like to include it as a source in XBMC. I'm no web server expert, but I managed to get h5ai style indexing on my server, which I'd like to keep. The problem is that when h5ai is enabled, XBMC can't locate any of the files. With h5ai disabled I have no issue browsing through my files.
The obvious solution is to keep h5ai off, but since I use my server outside of XBMC, I'd like to find a way to keep it on. I'm very new when it comes to web servers, so it's very possible I'm just doing something wrong. I merely followed the instructions of placing the _h5ai folder in my path and editing .htaccess. If anyone could shed some light on the issue (solution or simply an explanation) I would greatly appreciate it.
Additional info: I'm running XBMC 12.0. My server is a rented seedbox, so I have no root privileges.
Easiest solution is making a subdirectory specifically for XBMC and adding a .htaccess file that keeps h5ai indexing out of it:
DirectoryIndex index.html
Then have the HTTP source include the full path to said subdirectory.
I had the same issue and fixed it by removing "IndexOptions IconsAreLinks" from .htaccess

Make Maven Proxy/Server settings configurable based on location?

So I'm not sure what the best way to accomplish this is, but basically I have a laptop that I use at work for Maven projects. It works fine when I'm at work, but as soon as I walk out of the door of their corporate proxy and maven server, I often have to do alot of hand-fudging of the settings.xml file when I'm at home if I'm not VPN'ed in:
We have a corporate-installed Maven Repository proxy server to store some of our own artifacts and handle being the middle-man for our commonly used artifacts.
We have an http proxy that we use for connecting to the outside world.
Both configurations have been handled by my settings.xml file for setting a single Nexus group and maven proxies. If I'm not connected to the VPN while away from the office, I have to muck around with the settings.xml each time I'm not on it, then switch it back when I am on it.
What solutions have anyone else found to handle this? I've been trying profiles to manage the proxy, but I can't seem to get it to work correctly, and it's starting to look pretty ugly. Are there some settings configurations that can detect when I'm not behind the proxy at work and not use the corporate proxy server or Maven server?
While I can think of some profile based solution to handle the proxy (basically, reading the <active> value from a property defined in a profile), this wouldn't be fully automated (the profile activation do not support network based stuff) unless you can find a file that is present or not depending on your location (in which case, you could use an existing/missing file trigger but this is kinda hacky). Anyway, this would solve only one part of the problem because mirrors can't be declared in profiles (see MNG-3525).
So, instead of trying to control this with a profile, my suggestion would be to use two settings.xml and to pass your settings-home.xml file with the -s command line option when you're at home.
Another option would be to automate the changes in your settings.xml with a script (Groovy would be a good choice as someone reported in MNG-3525).
I found a use environment variables to set nonProxyHosts together with proxy and noproxy shell aliases to be the most convenient solution when switching between networks with proxy and without it.
In settings.xml, configure proxy with
<host>proxy.corporation.int</host>
<port>8080</port>
<nonProxyHosts>${env.MAVEN_NONPROXY}</nonProxyHosts>
Then in ~/.profile set
export MAVEN_NONPROXY_PROXY='*.corporation.int|local.net|some.host.com'
export MAVEN_NONPROXY_NOPROXY='*'
alias proxy="export MAVEN_NONPROXY=\"$MAVEN_NONPROXY_PROXY\" && export all_proxy=http://proxy.corporation.int:8080"
alias noproxy="export MAVEN_NONPROXY=\"$MAVEN_NONPROXY_NOPROXY\" && unset all_proxy"
To do the switch when roaming, you would just execute from a shell:
[me#linuxbox me]$ proxy
or
[me#linuxbox me]$ noproxy
Obviously, both aliases proxy and noproxy can include much more changes than just setup of MAVEN_NOPROXY and all_proxy.
I was frustrated by the same problem: having to manually edit settings.xml when roaming between networks. So much in fact, that I wrote a Maven plugin that enables automatic discovery of proxy settings. The current implementation uses the proxy-vole library written by Bernd Rosstauscher to detect proxy settings based on OS configuration, browser, and environment settings.
I've just released the source code of the plugin on Github, under an Apache 2.0 license: https://github.com/volkertb/autoproxy-maven-plugin
You're welcome to give it a try and to see if it meets your needs. Any feedback or contributions are welcome!
(Note: you don't necessarily have to add the plugin to your project's POM. You can invoke it from the command line as well, after you've installed it. See the README on the site for more details.)
You can set MAVEN_OPTS when you need to activate a proxy:
export MAVEN_OPTS="-Dhttp.proxyHost=my-proxy-server -Dhttp.proxyPort=80 -Dhttp.nonProxyHosts=*.my.org -Dhttps.proxyHost=my-proxy-server -Dhttps.proxyPort=80 -Dhttps.nonProxyHosts=*.my.org"