Jump to content
The Uniform Server Community

Yoni

Support Team
  • Content Count

    96
  • Joined

  • Last visited

Everything posted by Yoni

  1. Hi there, I'm unable to sync with Google's calendar from my webmail application... Doing some investigation this is what I get from cURL debug: error:14092073:SSL routines:SSL3_GET_SERVER_HELLO:bad packet length I believe PHP is throwing this error because OpenSSL is compiled with no-tlsext? I'm on Coral 8.0.0 and this is really an issue affecting my production system. Is it there a work around to fix this? Can I use apache binaries to allow my application to work? Any tip is appreciated. This is the first and only issue that I have really faced with UniServer Coral running in production I think I have hit a month or so of uptime and even when there isn't much traffic yet Uniserver seems rock solid. Please, give me some hints on how to resolve this issue...
  2. Ermm... I can't seem to replicate this in Coral 8.0; perhaps I'm not looking at the right place? Table names are displayed correctly here on the left hand frame.
  3. I think you want to go back to C:\UniServer\.... That's what causing the issue I believe. You have broken paths by removing "UniServer"
  4. Am I the only lucky person with no Accelerators crashes of any kind? Sorry to jump in just to mention this but it really caught my attention. About your Server 2003... Look in Event Viewer and report what you see there. There is gotta be an explanation for it. Chances are we can find what's causing the crash there so we can investigate.
  5. Yoni

    Wiki down

    has anyone noticed that the Wiki has been down for several days. I haven't been able to access it for almost 2 weeks now... What's going on? MessagesEn.php is missing. Backtrace: #0 /home/uniforms/public_html/wiki/includes/LocalisationCache.php(292): LocalisationCache->initLanguage('en') #1 /home/uniforms/public_html/wiki/includes/LocalisationCache.php(222): LocalisationCache->loadSubitem('en', 'messages', 'mainpage') #2 /home/uniforms/public_html/wiki/languages/Language.php(1793): LocalisationCache->getSubitem('en', 'messages', 'mainpage') #3 /home/uniforms/public_html/wiki/includes/cache/MessageCache.php(643): Language->getMessage('mainpage') #4 /home/uniforms/public_html/wiki/includes/GlobalFunctions.php(1183): MessageCache->get('mainpage', true, true) #5 /home/uniforms/public_html/wiki/includes/GlobalFunctions.php(1163): wfMsgGetKey('mainpage', true, true, true) #6 /home/uniforms/public_html/wiki/includes/GlobalFunctions.php(1129): wfMsgReal('mainpage', Array, true, true) #7 /home/uniforms/public_html/wiki/includes/Title.php(336): wfMsgForContent() #8 /home/uniforms/public_html/wiki/includes/Wiki.php(78): Title::newMainPage('mainpage') #9 /home/uniforms/public_html/wiki/includes/Wiki.php(54): MediaWiki->parseTitle() #10 /home/uniforms/public_html/wiki/index.php(56): MediaWiki->__construct() #11 {main}
  6. Here you go: I don't know if you feel comfortable with this but if possible I could remote in and take a look at it. Otherwise I can let you remote in into that server so you can take a look around o the configuration and try to figure out the issue yourself. that's the test server so there is nothing to worry about.
  7. I certainly don't know what you have done in your installation and maybe some information on your part will help us. I can confirm that denying everything to Uniserver Group on C:\ does not break apache. As I type this I have a Server 2008R2 running. Are you running Uniserver on its own dedicated partition as the guide states or are you running it on the same OS drive?
  8. Clint, Coral doesn't even work out of the box under server 2008 R2. I believe this is a great opportunity to add some more info to the guide and not something to feel bad about. The guide works as intended for the most part and it worked for you until the point in which it breaks because of the permissions on C: (Windows Server 2008R2 specifically) Microsoft recommends not to modify permissions in the C: drive unless you absolutely understand the propose of it and the implications this may have. Let's make from this a constructive thread. It is after all the propose of everyone here. Let me get to my office and check my server R2, we will go from there and update the guide as needed. Thanks for your feedback
  9. If apache is already running under its own limited account and you have configured the local policies as suggested you do not need to worry on your server 2008R2 about denying anything in the OS drive. It doesn't have privileges to modify or change or create any files. You can simply deny write to apache on C:\ (not that it can write to it afaik) Remove the Uniserver group completely from C:\ and deny apache to write (optional) Fire up a command prompt under apache credentials and test.. It should be fine. I'm gonna look at my server 2008R2 to double check my config. I'll let you know in a little bit.
  10. I didn't really have experiences with earlier versions but Coral seems to be a good working solution for me. I specially like its structure. It is well distributed and organized in my opinion.
  11. Yoni

    ssl configuration

    Awesome! Glad you figured it out.
  12. I enabled comments in that page so you can comment. I've been answering e-mails from people asking few questions and I believe it is more productive to just post there for others to see it. Good luck, and my best to the UniServer team. This is indeed such a nice project!
  13. Thank you for your kind comments. I do believe there are many people who do actually take precautions when running a webserver. They have just not dedicated the time to write it down and give a kick-back to the community. By the way, that server you hit there is running on the Uniserver. I moved the site off of IIS to lead by example... You can create a partition in your XP and dedicate it to your Uniserver. I do believe it needs to be completely isolated for easier management. Once you apply your local policies for apache and mysql, try to open a command prompt under those credentials - (you cannot) Good luck
  14. Hi, Sorry I hadn't seen this post up until now. Server 2008 R2 should be no different. I have a live server 2008R2 in production with no issues whatsoever. I believe you should double check your permissions. It is obvious you do not have permissions where permissions are required. As a troubleshooting step, you can remove the NTFS permissions temporarily and run the services under their respective accounts... This will help you understand if the issue is related to NTFS permissions or to the accounts itself. In my opinion it is an NTFS permission issue though since you can run the server under SYSTEM. Let us know
  15. I'll assume you are running at least v8 Coral... Copy your database to X:\UniServer\etc\phpmyadmin Open phpMyAdmin and go to Import... Use the option "Select from the web server upload directory X:/UniServer/etc/phpmyadmin/:" and your database should be listed there. Select it It shouldn't time out now. You can delete the database from that folder once it is completely imported. Hope this helps
  16. Yoni

    Subdomain redirect

    Read the prompt. It doesn't delete it unless you tell it to do so
  17. Yoni

    ssl configuration

    The first thing you would do is to move your vhosts folder and sites off of the www folder and update your vhosts path. Uniserver/www/ Uniserver/vhost/mysite1 Uniserver/vhost/mysite2 Open Uniserver/usr/local/apache2/conf/httpd.conf and towards the end you should have your Virtual Host configuration... make sure it reads as folow: ##====== VIRTUAL HOST =========== Include conf/extra/httpd-vhosts.conf <IfModule mod_ssl.c> Include conf/extra/ssl.conf </IfModule> That's it! There is no need to mess with your httpd.conf anymore. Everything else will be managed from the /extra/vhosts.conf & /extra/ssl.conf (loving its simplicity ) Open vhosts.conf and edit as needed... #BEFORE NAMEVIRTUALHOST <Directory "C:/UniServer/vhosts"> Order Deny,Allow Allow from all </Directory> #NOW YOUR VIRTUAL HOST DECLARATION #--US_START--------------Do not remove NameVirtualHost *:80 #--US_END----------------Do not remove # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for all requests that do not # match a ServerName or ServerAlias in any <VirtualHost> block. # <VirtualHost *:80> DocumentRoot C:/UniServer/www ServerName localhost ServerAlias localhost ErrorLog "logs/error.log" CustomLog "logs/access.log" common </VirtualHost> <VirtualHost *:80> ServerAdmin webmaster@mysite1.com DocumentRoot C:/UniServer/vhosts/mysite1 ServerName mysite1.com ServerAlias mysite1.com ErrorLog logs/mysite1.com.log CustomLog logs/mysite1.com-access.log common </VirtualHost> Open ssl.conf and edit as needed... ########### SSL Virtual Host ############################ NameVirtualHost *:443 <VirtualHost _default_:443> ServerName localhost DocumentRoot C:/UniServer/vhosts/mysite1 ServerAdmin webmaster@mysite1.com ErrorLog logs/error_ssl.log TransferLog logs/access_ssl.log #== SSL Engine Switch: SSLEngine on SSLOptions +StrictRequire #== SSL Cipher Suite: SSLProtocol -all +TLSv1 +SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM #== Server Certificate: SSLCertificateFile C:/UniServer/usr/local/apache2/server_certs/server.crt #== Server Private Key: SSLCertificateKeyFile C:/UniServer/usr/local/apache2/server_certs/server.key #== StartSSL certificate chain for class 1 certificates # Disable when using a self-signed certificate # Enable remove # disable add # #SSLCertificateChainFile C:/UniServer/usr/local/apache2/server_certs/sub.class1.server.ca.pem #SSLCACertificateFile C:/UniServer/usr/local/apache2/server_certs/ca.pem SSLVerifyClient none SSLProxyEngine off #== Server Root folder: <Directory "C:/UniServer/ssl"> AllowOverride All Order allow,deny Allow from all SSLRequireSSL </Directory> #== Most problems of broken clients are related to the HTTP # keep-alive facility. Disable keep-alive for those clients. SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost> ########################SUBDOMAIN SAMPLE ############ <VirtualHost *:443> ServerAdmin admin@mysite1.com ServerName subdomain.mysite1.com ServerAlias *.mysite1.com DocumentRoot C:/UniServer/vhosts/mysite1/subdomain ErrorLog logs/error_ssl.log TransferLog logs/access_ssl.log SSLEngine On SSLOptions +StrictRequire #== SSL Cipher Suite: SSLProtocol -all +TLSv1 +SSLv3 SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM SSLCertificateFile C:/UniServer/usr/local/apache2/server_certs/server.crt SSLCertificateKeyFile C:/UniServer/usr/local/apache2/server_certs/server.key SSLVerifyClient none SSLProxyEngine off </VirtualHost> Hope this help
  18. Hi Bob, thank you for your response. I did actually posted this before I reported it. Glad to know it's been addressed in 8.1RC3 Again, thank you for this amazing package we call UniServer.
  19. Most of the time you want to attack the weakest spot on a server. Hackers are smart enough to understand that your server is as secure as the weakest vulnerability they can target. They ain't doing anything in specific at that point. They are just trying to map the setup there. If they can find something like phpmyadmin, admin page of any kind or applications that are not secured by default then they already have a target. Brute forcing your admin login (or any login) against a 30GB-40GB passwords database is a good start and simple to implement. Lazy admins tend to believe that running a server is just a matter of setting it and forgetting it. They can't be farther from the truth, you should always keep your eyes in your server's logs. Once you start doing so, you actually start making your server a lot more secure by nature. I'm loving UniServer, honestly. It can't get any simpler.
  20. Not sure if that black is really hard to the eyes. For me it is refreshing as I read mostly during night time. Anyways, I made it white with black fonts taking your feedback into consideration. I hope you find it useful.
  21. Glad you figured it out. There was an issue with the path in the conf file you posted. "DocumentRoot C:/aducom/Orion/UniServer/wwwrvu" wwwrvu was the issue. so you changed it to /rvu and it came up. Of course the folder has to exist in your setup otherwise it will not find it and default back to /www Good job and good luck with your site Happy serving.
  22. I got late to the party. For some odd reason I assume that everyone is running the later version. I'm sorry. There is gotta be a way to turn it off and I'm sure it is in a config file Maybe someone with experience or a search in the forum could get you some answers. Good to know that I'm not the only one running UniServer in production.
  23. It's in the documentation... Go to X:\UniServer\uni_con\config_tracker.ini 1- Find ; Display page at start up. true display page false no page start=true 2- Set to false ; Display page at start up. true display page false no page start=false hope this help
  24. Glad you figured it out. Ahhhhh he had a bunch of roles installed by default. Got it Good luck and happy serving.
  25. The reason why I'm asking is because "Web Deployment Agent Service" will trigger this PID=4 SYSTEM Additionally, SQL Server Reporting Services (MSSQLSERVER) will also trigger it. And last but not least turn the Reporting Service off. I've seen Windows admins having issue running apache on port 80 because of it Make sure those services are stopped and disabled. Reboot, try to run apache again and please let us know.
×
×
  • Create New...