What's the exact purpose of Yii Appliance? - yii

It's introduction is here:
http://www.yiiframework.com/demos/
But what's that virtual server image for ?

A simple way to have a preconfigured server environment with the software in question already installed, configured, and ready to run.

I agree with Dav, also, it is not updated very often (If I'm not bad, the included Yii version is 1.0.2 and current is 1.1.2, about 1 year old). Y recommend you to download the last stable version and try with it with your own web server it can be a local server). If you have Windows OS I recommend WAMP (one of the easiest to install) or ZWAMP (I think this is the most updated one, http://zwamp.sourceforge.net/), if you are using Linux or *BSD you have more and easy-to-install alternatives.

Related

Run MS SQL Server Express on Linux Mint

I am aware that MS SQL Server 2016 is compatible with Linux. Despite this flavor of SQL, I am needing to run SQL Express for training purposes. Is there a method to successfully operate Microsoft SQL Server Express in the Linux Mint environment?
I think this is an interesting question and shouldn't be marked down. After searching online, i came up with his tutorial on setting up mssql server on linux. I tested on linux mint 18.1.
http://www.tecmint.com/install-ms-sql-server-centos-ubuntu-linux/
I installed MSSQL 2016 on Ubuntu last night. Mint is Debian based so it 'might' work. The instructions are here ...
https://learn.microsoft.com/en-gb/sql/linux/sql-server-linux-setup-ubuntu
The installation process is very simple - in fact it literally took seconds, since it uses the familiar apt-get install package manager install which is available with Mint. One thing to be aware of is the requirement for openssl needs version 1.0.2 - this caught me out. I tinkered around trying to upgrade to the correct version on my ubuntu server and did have the correct version installed but MSSQL still would not install. So I created a 16.04 version of ubuntu and then it installed easily. I'm not sure if my comments qualify as an 'answer' but I'd just try and install it as if you have the dependencies I would think you'll be okay.

Apache version 2.2 and security vulnerabilities

A penetration test has recently identified that one of our RHEL(6.7) servers running Apache 2.2.15 is vulnerable on a number of points and needs to be updated to the latest version 2.4. I have run yum update and it says that there are no packages marked for update. I understand that I will need to download the updates manually. There are a few questions I have around the requirement to upgrade Apache.
I am up to date on the 2.2 version tree. Does this mean that any security patches made to version 2.4 will be back patched to version 2.2.X as well?
I am running PHP (version 5.3.3) and MySQL (version 5.1.73) - will these be affected by upgrading the Apache version (Google tells me that there is no problem on both fronts - but I thought I'd ask before I started down this route).
If you experts tell me that I have no other choice but to upgrade, then I'm planning on using the instruction set here: https://unix.stackexchange.com/questions/138899/centos-install-using-yum-apache-2-4
Thank you in advance for your advice.
You could download the 2.4 source code from the Apache site and compile it. There's a setting which will configure for RedHat:
--enable-layout=RedHat
This setting will configure the paths for executables, configuration files, libraries etc in one go.
The following should be a reasonable starting point for a configuration line:
sh ./configure --enable-layout=RedHat --enable-mods-shared=all
then perform a make and make install
Do the same with a newer version of PHP (5.3.29 is available in the "old downloads" section, but try a newer version. Check the changes first though) and your problems should be lessened. Finally, MySQL or MariaDB is available for download and compilation too
Obviously, try all of this on a test machine first and back everything up. Your test machine should be as close as possible to your production machine. If you use something like VirtualBox to try it, you can take a snapshot at each point of the process and rollback if something goes wrong

Using httpd 2.4 instead of 2.2 on centos 6

I use Centos 6.5, I've installed apache 2.2 on my server by yum, I want to upgrade my apache to 2.4, but yum not support that, so I download apache 2.4.7 and install it to opt/apache/httpd-2.4.7 follow the tutorial here: Apache 2.4.x Manual install on RHEL 6.4 - No apache modules will load on start . I want to change environment variables to new apache version to write apache 2.4 modules (change include folder for header file, change "modules" folder when build with apxs,...). I think I must install another httpd-devel for apache 2.4.7, because I still not install httpd-devel-2.4.7, but I don't know how to install and use it instead of httpd-devel-2.2 by yum. I can not describe my problems clearly in English, so I hope you can understand it. I'm a newbie and I really need your help. Thank you!
CentOS is image of RHEL, which stands for Red Hat Enterprise Linux. RHEL is designed to be an "Enterprise class" operating system, in which you rely on software packages that are delivered from controlled repositories where they are made available only after being thoroughly tested for Enterprise level use.
From that point of view, its generally not a good idea to install packages from source code, or using third party RPMs, because once you do, your OS is no longer "Enterprise" class.
If you're trying to upgrade for security reasons, you shouldn't. Critical security updates are always backported in previous RPM releases, so you only have to update your current package from the same yum repo from where you got it first. The binary will still say it is Apache 2.2, but it will have the latest security updates.
If you need an actual feature of 2.4, the smart move is to upgrade your CentOS. It may seem like the harder option initially, but it never is in the long run.
In my experience these reports can be fairly basic/binary:
Are you running the latest version of the software? If no flag as security risk.
However this fails to take into account package managers which back port fixes to older versions and so often have addressed potential security issues.
By moving away from the packaged version you are making security updates more difficult (as can't do a simple "yum update" to address them anymore).
Apache 2.2 is still maintained for security and bug fixes - though how long for remains to be seen and it is falling further and further behind in features.
So often you just need to explain (and prove!) you have a regular patching process and so the "version of Apache" you are reporting is not really accurate in terms of security patching.
See here for more details: https://serverfault.com/questions/731657/pci-compliance-apache-versions/
Saying all that we moved to Apache 2.4 on centos a while back for some extra features we wanted and just upgrade it to the latest version as part of regular patching cycle and are not finding it too inconvenient. Yes it's not quite as simple as "yum update" but it's a decision we've made because of some features we required. Not a decision to be taken lightly as Garreth states but it had the added side effect of this not getting highlighted anymore in these sorts of security scans :-)
We made this decision despite upgrading to a newer version of Red Hat as that was still on an older version of Apache (2.4.7 if memory serves me correctly) which still missed a few features we required. Sometimes it's frustrating how far behind some of these "enterprise" versions are, but that's the downside when there are plenty of upsides to using them too (stability, security... etc.).

Prevent Zend Server CE from loading at start up Mac OS X?

I installed the latest version of Zend Server CE on my MacBook Pro and I would like for someone to instruct me how to stop it from loading upon start up. I only want it operational if I choose to start it. I'm sure it's simple but so far, I can't find this information anywhere.
Thanks.
I found the answer here: http://bit.ly/WemVm5
Essentially, you need to either remove entirely or (as I did) simply comment out all of the code inside ZendServer_init; once that is done, reboot your Mac and Zend Server CE should not automatically load anymore.

Version difference between variouis Apache tomcat server versions causes any problem?

I am not able to find "Application Server Apache Tomcat 6.0.18" i need this for ubuntu. Can any one help me with knowing the difference between this version and available version i.e "Application Server Apache Tomcat 6.0.32" ..
Is it safe to use the advance version when in project documentation it is mentioned that earlier version is required ?
In 6.0.32, 6 is the major release number, 0 is the minor release number, 32 is the patch number.
And since this is a patch version and there are no new features/major changes, it is safe to use it in production.