Friday, March 31, 2017

Lighttpd and Simple Virtual Hosts Configuration.

I manage some websites for car clubs I belong to. They had been paying for web hosting and had some volunteers who knew not quite enough administrating the sites. Having some prior experience with these small club sites, I volunteered to host them and admin them.

With the first site, the pages were a train wreck of PHP and making even a small change on the existing pages caused the site to crash. Way back around the turn of the century, I had a few Linux user’s groups that wanted a website, so I worked with Cynthia Manuel of Flamingo Internet Navigators to make a template for a web site that would be easy to maintain and easy to add static content. She developed templates that relied on Server Side Includes (SSI) and Cascading Style Sheets (CSS) to make administration and content additions simple and easy, so I ported all the content over to that template and hosted the site myself. Later, another car club needed the same assistance and I ported it over as well.

The web server I chose initially was the venerable Apache web server. Setting up SSI was a little complicated, but not too bad, but Apache seemed like overkill and virtual hosts were a pain to configure. Enter the Lighttpd webserver.

Configuration for Lighttpd was pretty straightforward until it came time for virtual hosts, so here’s what I did to enable SSI and Virtual Hosts (vhosts) on the Lighttpd webserver. Part of the initial difficulty was that all the documentation available seemingly addressed older versions and it appears that the configuration options have changed quite a bit.

As of March, 2017, this guide applies to Lighttpd version 1.4.45. I currently have it running in a Mageia6 32-bit virtual machine. That makes backups easy and as simple as cloning the machine. As well, it makes moving it to a new host easy.

The HTML files for each website are kept at /var/www/html/xxxx and /var/www/html/yyyy. In this way, if anyone just uses the IP address instead of the domain name, they only get the standard default page: It works!

To configure lighttpd for my use, it’s necessary to enable the modules I will be using by simply editing /etc/lighttpd/modules.conf and un-commenting the entries for SGCI and mod_simple_host.

To create the actual virtual hosts, I created a new directory, /etc/lighttpd/vhosts.conf and in that directory, I created two files, xxxx.conf and yyyy.conf.

In those files, I added the following information:

$HTTP["host"] =~ "(^|\.)xxx\.com$" {
server.document-root = "/var/www/html/xxxx"

$HTTP["host"] =~ "(^|\.)yyyy\.org$" {
server.document-root = "/var/www/html/yyyy"

To make those files available to the webserver, I needed to add the following to /etc/lighttpd/lighttpd.conf

include "vhosts.conf/xxxx.conf"
include "vhosts.conf/yyyy.conf"

There is, of course, much greater flexibility in writing these configuration files and many more features that can be enabled in Lighttpd and they are about as easy as my example. If you need more flexibility with virtual  hosts, it is possible to have the virtual hosts kept in a mysql database.


Lighttpd Homepage

Lighttpd Docs

How to Support Configuration per Virtual Host
A more elaborate procedure to configure multiple virtual host with differing configurations.

Monday, December 12, 2016

Using FreeDOS to admin computer hardware

FreeDOS just released version 1.2, a small upgrade in functionality, mostly to be compatible with modern hardware.

ArchLinux has an excellent wiki that is easily applied to other Linux distros. Here is their discussion on using FreeDOS to flash a system BIOS and, interestingly, creating bootable DOS images that are bigger than standard floppy disk sizes. It offers step-by-step instructions on how to create a bootable CD using your FreeDOS image.

There's no need to repeat the wiki article here. I'll add more info if I develop more sources.

If you need an updated DOS memory extender, check this out.


FOSS DOS for 21st Century Hardware


ArchLinux and FreeDOS

DOS4GW.EXE Version 2.01a and Alternative DOS Extenders

Thursday, November 10, 2016

Upgrade Mageia5 to Mageia6

Back in the early days of Linux, the changes to the operating system were so dramatic that even when updating withing the same distro, in-place point release updates were problematic enough and it was always recommended that a major version release be done from scratch. There were just too many major changes to the underlying subsystems and package naming conventions. Doing an in-place update was just asking for trouble.

Modern distros have matured quite a bit even though there are occasionally some major subsystem changes being made. Yet it's never been easier to do an in-place major version upgrade.

I just did the upgrade on several Mageia5 systems and the results were consistent and satisfactory, not to mention simple.

Step 0.

Always backup critical information. Have a Mageia5 recovery disc on hand.

Read the Release Notes, the Documentation and the Errata for Mageia 6. Other than updated applications, the biggest changes are support for UEFI and GRUB2.

You can always download an ISO image to do the upgrade rather than do an in-place installation if your Internet connection is slow. DO NOT attempt an upgrade from the Live ISO image as it will overwrite your existing system.

Upgrade From GUI

Step 1.

Open a terminal window.

$ sudo mgaapplet-upgrade-helper --new_distro_version=6

And you're done. This essentially does all the following individual commands.

Upgrade From CLI

Step 1.

Fully update the packages you now have installed.

$ sudo urpmi --auto-update --auto -v

Step 2.

Remove all the existing Mageia5 repositories.

$ sudo urpmi.removemedia -av

Step 3.

Add the Mageia 6 repositories. (All on one line.)

$ sudo urpmi.addmedia --distrib --mirrorlist ''

Note: for 64-bit systems, substitute x86_64 for i586.

Step 4.

Update the packages

$ sudo urpmi --replacefiles --auto-update --auto -v

Step 5.

Reboot. You'll be using a new kernel, new glibc and so on.

$ sudo shutdown -r now

Step 6.

Run the package update command from Step 4 again. It should return with no packages needing updating.

Done.  But . . . .

Do Some Checking.

$ cat /etc/redhat-release
$ cat /etc/issue

Those commands should return the information that you are running Mageia 6.

I did have an issue on one machine and

$ sudo urpmi mageia-release-common 

fixed it. You can also manually edit those version files in /etc to change the version number.

Saturday, August 13, 2016

Here's the Linux Fix to disable WPAD ATTACKS

Use the internet? This Linux flaw could open you up to attack

Study Highlights Serious Security Threat to Many Internet Users

"RIVERSIDE, Calif. ( — Researchers at the University of California, Riverside have identified a weakness in the Transmission Control Protocol (TCP) of all Linux operating systems since late 2012 that enables attackers to hijack users’ internet communications completely remotely."

tl;dr The FIX

Edit /etc/sysctl.conf to include this line:

net.ipv4.tcp_challenge_ack_limit = 999999999

Then execute this command as root to apply the fix.

# sysctl -p

If you need the Windows Fix:

How to Turn Off (Disable) Web Proxy Auto Discovery (WPAD) in Windows Server 2008 R2

Tuesday, June 07, 2016

Bootable USB device for Mageia 5

If you Google "create a bootable USB drive in Linux" most of the returns you get will tell you to use Rufus for Windows or netbootin for Linux.

The problem is that Mageia no longer provides unetbootin and instead provides their own tool, IsoDumper. Still in development, IsoDumper can only save as a disk image of the existing files, write an image file to the USB device, or format the USB device with a FAT, NTFS or EXT filesystem. It would be nice if Mageia provided a bootable FreeDOS image for you so that you could easily do BIOS and firmware updates since Linux has yet to produce a usable tool for that.

It's always good to know how to do that from the command line if the GUI tools are not available, so that's what we will do.

You can get a USB image containing FreeDOS from this site. There are three different images depending on the size of your USB stick. Mine is 2GB, so I could choose either of the first two. I chose the second image.

Once downloaded, you need to uncompress the file like this:

$ bunzip2 FreeDOS-1.1-memstick-2-256M.img.bz2

Now it's simply a matter of using dd to copy the image file to the USB device. On my system, the USB device was detected as /dev/sdj and /dev/sdj1 was auto-mounted at /run/media//. That's OK to let it do that, no need to unmount it, just note what the device is named by your system. Note that we use dd to write to the device, not the filesystem that may be on it.

$ dd -if=FreeDOS-1.1-memstick-2-256M.img of=dev/sdj bs=512

For good measure, invoke the sync command and unmount the device.

$ sync && sudo umount /dev/sdj

Reinsert the USB device, allow the system to auto-mount it, and transfer whatever BIOS/firmware and installation program you need. Use the USB device to boot your computer which will leave you at a command prompt to invoke whatever installation program you have.


Rufus Download

unetbootin homepage

IsoDumper Homepage

dd manpage

FreeDOS for USB/PXE Homepage

Monday, May 30, 2016

Kill the Upgrade to Windows 10

There are many people who, for whatever reason, don't want to upgrade  to Windows 10. Microsoft admits this and outlines the way to do this on their support page.

This is what you need to do:

Create a blank .reg file and put this in it:

Windows Registry Editor Version 5.00


Then run it bu double-clicking on it.  Alternatively, you may manually add those keys to the registry yourself using regedit.

Or you can download this file which is the file you were told to create above. Please examine the downloaded file in a text editor to see that it matches the instructions above.

Wednesday, May 18, 2016

Adding a Spellchecker to Leafpad

Leafpad is the text editor for the LXDE desktop environment. It does well for editing basic text files, but it lacks a spellchecker.

This is a hack to use the default-installed Hunspell to spell-check your text file.

To accomplish this, you need to save the text file, open it in Hunspell, close Hunspell and re-open the document in Leafpad.

This is accomplished by a script added to your .bashrc. I found this script in a recent Knoppix thread.

Add this to .bashrc:

lpad() { # uses leafpad to edit $1; on closing leafpad, # # # hunspell checks spelling; 
#on closing hunspell, leafpad shows corrected copy.
leafpad $1; aspell $1; leafpad $1 &

NOTE: You can also use this with ispell, but you'll need to invoke "ispell  -c".

NOTE: I found the command line at the bottom of Hunspell to be misleading. For example, it says that pressing "I" is "Insert". It actually means "Accept  the  word,  capitalized as it is in the file, and update private dictionary."  As well, "U" is "Uncap". It actually means "Accept the word, and add an uncapitalized (actually,  all lower-case) version to the private dictionary." "X" causes you to exit the file with no changes and "Q" causes you to exit, discarding any changes you have already made.

NOTE: Hunspell keeps its dictionaries in /usr/share/hunspell and by default two additional dictionaries are installed. I have found that these other dictionaries, en_CA and en_GB, often confuse Firefox and that is solved easily by deleting all but the en_US files.