Making Life Simple » linux

Steps to speed up Eclipse

lalit — Tue, 08 Nov 2011 13:19:03 +0000

I found an interesting link which helped me to speed up the eclipse loading time. Let me know if that helped you.

Access AWS with Putty

lalit — Fri, 22 Jul 2011 18:56:46 +0000

When accessing EC2 amazon cloud, you would receive a .pem file to login to the shell. Putty does not use .pem file and you would need to convert that file to .ppk file which putty uses. In order to convert it, you would need to download puttygen.exe from the website. Run the program and follow the following steps:

Click “Conversions” on the menu and select “Import key”
Browse to the .pem file
Click “Save private key” button
You would get a warning that you are saving the key without a passphrase. Please ignore it and click “Yes”
Save the .ppk file

On putty:

Select the session you created and click “Load”
Open “SSH->Auth” from the tree on the left
Under “Private key file for authentication” browse to the recently created .ppk file
Save the session and you are ready

Integrate Apache 2 with Tomcat 6

lalit — Mon, 18 Jan 2010 20:08:18 +0000

I have been trying to configure apache/tomcat is such a way that apache comes on the front-end so that I can have all the features of apache like URL rewriting, virtual hosts, PHP etc. and forward only certain requests to tomcat whose only job should be running servlets.

I have CentOS installed on my server with Apache 2 installed through yum and the goal was to install the binaries for Tomcat 6 and make them talk to each other. After some googling, the best tutorial I found to configure tomcat through mod_jk was found here. I have attached the PDF of the instructions here.
After following the steps, I was easily able to create a worker and configure apache to forward the request to /examples to tomcat.
The next issue was how to configure virtual hosts so that I can host multiple websites, some handled by apache and others through tomcat. Following is the snippet of httpd.conf setting that needs to be updated to enable virtual hosting.

NameVirtualHost *:80 # # NOTE: NameVirtualHost cannot be used without a port specifier # (e.g. :80) if mod_ssl is being used, due to the nature of the # SSL protocol. # # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for requests without a known # server name. # # # ServerAdmin webmaster@dummy-host.example.com # DocumentRoot /www/docs/dummy-host.example.com # ServerName dummy-host.example.com # ErrorLog logs/dummy-host.example.com-error_log # CustomLog logs/dummy-host.example.com-access_log common #ServerAdmin webmaster@lalitmehta.com ServerName www.lalitmehta.com ErrorLog logs/lalitmehta.com-error_log CustomLog logs/lalitmehta-access_log common ServerAdmin info@saiyam.com ServerName rsspile.com # No need of DocumentRoot ErrorLog logs/rsspile.com-error_log CustomLog logs/rsspile.com-access_log common JkMount /rss ajp13 JkMount /rss/* ajp13

I do have two questions though:
1. since mod_jk.so is available for download for Linux, what advantage you get by compiling Apache and mod_jk from source? Most of the websites mention the need to compile the source. Let me know
2. How do I enable SSL on my server with the above configuration?

Increase maximum limit of open files per user

lalit — Fri, 15 Jan 2010 16:34:48 +0000

If you want to increase the limit of open files for the current session, simply run

ulimit -n 2048

If you want to increase it by default, edit /etc/security/limits.conf and add

* hard nofile 2048 * soft nofile 2048

or if you want to increase it only for a certain user, set it as

userlogin hard nofile 2048 userlogin soft nofile 2048

Force SSL on apache

lalit — Fri, 10 Jul 2009 15:17:53 +0000

mod rewrite should be enabled on apache. Add the following to your apache config file.
######################################### #### XXX: BEGIN EDIT FOR MOD_REWRITE #### #### This is intended to force HTTPS #### #### for all inbound HTTP requests ####


####

# This module (mod_rewrite) simply tells Apache2 that all connections to

# port 80 need to go to port 443 – SSL – No exceptions

####


LoadModule rewrite_module modules/mod_rewrite.so





RewriteEngine on
####

# The line below sets the rewrite condition for mod_rewrite.so.

# That is, if the server port does not equal 443, then this condition is true

####
ReWriteCond %{SERVER_PORT} !^443$
####

# The line below is the rule, it states that if above condition is true,

# and the request can be any url, then redirect everything to https:// plus

# the original url that was requested.

####
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L]

#### XXX: END EDIT FOR MOD_REWRITE ####

Linux Disable Hardware Beep Sound For Terminal

lalit — Wed, 08 Jul 2009 13:03:44 +0000

If you are using xterm, open ~/.xsession file
$ cd $ vi .xessionAppend the following line:
xset b offSave and close the file.
If you are using bash shell, open ~/.inputrc file
$ cd $ vi .inputrcAppend following line:
set bell-style noneSave and close the file.
If you want to turn off beep for VIM text editor, open vim config file ~/.vimrc
$ cd $ vi .vimrcAppend following line
set vbSave and close the file.

Remove .svn folders

lalit — Wed, 08 Jul 2009 07:04:41 +0000

In order to clean up the SVN checkout, you can do

#deletes all .svn files/folders find . -name ".svn" -exec rm -rf {} \;

#deletes all .svn folders find . -name ".svn" -type d -exec rm -rf {} \;

TOP 25 Most Dangerous Programming Errors

lalit — Wed, 14 Jan 2009 01:59:07 +0000

CWE-20:Improper Input Validation
CWE-116:Improper Encoding or Escaping of Output
CWE-89:Failure to Preserve SQL Query Structure
CWE-79:Failure to Preserve Web Page Structure
CWE-78:Failure to Preserve OS Command Structure
CWE-319:Cleartext Transmission of Sensitive Information
CWE-352:Cross-Site Request Forgery
CWE-362:Race Condition
CWE-209:Error Message Information Leak
CWE-119:Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-642:External Control of Critical State Data
CWE-73:External Control of File Name or Path
CWE-426:Untrusted Search Path
CWE-94:Failure to Control Generation of Code
CWE-494:Download of Code Without Integrity Check
CWE-404:Improper Resource Shutdown or Release
CWE-665:Improper Initialization
CWE-682:Incorrect Calculation
CWE-285:Improper Access Control
CWE-327:Use of a Broken or Risky Cryptographic Algorithm
CWE-259:Hard-Coded Password
CWE-732:Insecure Permission Assignment for Critical Resource
CWE-330:Use of Insufficiently Random Values
CWE-250:Execution with Unnecessary Privileges
CWE-602:Client-Side Enforcement of Server-Side Security

Full story

oracle XE “cannot access http://127.0.0.1:8080/apex”

lalit — Fri, 26 Dec 2008 17:41:30 +0000

I had installed oracle XE on CentOS and was not able to connect to web admin for past two days. Finally after a long two days of search, found this.

Thanks!

Delete all iptables rules

lalit — Wed, 06 Feb 2008 06:21:16 +0000

Enter the following to delete iptables completely

# iptables -F
# iptables -t nat -F
# iptables -t mangle -F
# iptables -X