Friday, December 16, 2011

Debian - files list file for package `PACKAGE-NAME' is missing final newline

You have some problem in this file:


delete it and reinstall the package:

apt-get install PACKAGE-NAME --reinstall

Tuesday, December 13, 2011

URL based security constraint to SOLR

In /var/lib/tomcat6/webapps/solr/WEB-INF/web.xml, add the following:

Add a username/password to /var/lib/tomcat6/conf/tomcat-users.xml

and restart the tomcat:

/etc/init.d/tomcat6 restart

Monday, December 12, 2011

Memcache and TYPO3

In debian install the php5-memcache and memcached packages:

apt-get install php5-memcache memcached

add the memcache configuration lines to localconf.php:

$TYPO3_CONF_VARS['SYS']['useCachingFramework'] = '1';
$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_pages']['backend'] = 't3lib_cache_backend_MemcachedBackend';
$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_pages']['options'] = array(
'servers' => array('localhost:11211'),

$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_pagesection']['backend'] = 't3lib_cache_backend_MemcachedBackend';
$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_pagesection']['options'] = array(
'servers' => array('localhost:11211'),

$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_hash']['backend'] = 't3lib_cache_backend_MemcachedBackend';
$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_hash']['options'] = array(
'servers' => array('localhost:11211'),

$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_pages']['frontend']= 't3lib_cache_frontend_VariableFrontend';
$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_pagesection']['frontend']= 't3lib_cache_frontend_VariableFrontend';
$TYPO3_CONF_VARS['SYS']['caching']['cacheConfigurations']['cache_hash']['frontend']= 't3lib_cache_frontend_VariableFrontend';

Thursday, December 8, 2011

Typo3 Parstime

You could see the parse time for a page in source of that page by adding this line in the localconf.php:

$TYPO3_CONF_VARS["FE"]["debug"] = '1';

Thursday, November 3, 2011

TYPO3 Update - BLOB/TEXT column 'identifier' used in key specification without a key length

By upgrading typo3 (after Database Compare) it might be happened sometimes this Error:

BLOB/TEXT column 'identifier' used in key specification without a key length

You can solve that simply by deleting [multiplyDBfieldSize] = 2 from localconf.php.
If DB is utf-8, it wouldn't need to use this parameter.

Friday, October 21, 2011

Plesk - Enabling change password in Webmail

It is easy. Just rename the file /etc/xinetd.d/ to /etc/xinetd.d/poppassd_psa

then restart the xinet.d service:
/etc/init.d/xinetd restart

Friday, October 14, 2011

Windows 2008 BRP: Local activation permission to the iis wamreg admin service required

* From the SBS console, click Administrative Tools > Component Services
(or, if you prefer: click Run > comexp.msc)

* Expand down Component Services > Computers > My Computer > DCOM Config

* Right click on IIS WAMREG Admin Service, then click Properties

Click on the Security tab

* Click the Edit... button within the Launch and Activation Permissions section

* Click Add and add the user named: 'Network Service'
(NB: this is the step that confuses people. Most instructions simply tell you to add the appropriate user, but do not make it clear which user to add!)

* Click on the checkbox to Allow (enable) the Local Activation rights option for this user

* Click OK twice, and close Component Services

* Finally reboot the server for good measure and to ensure the change takes effect

Friday, October 7, 2011

Backing Up and Restoring Web Sites (Windows SharePoint Services 2.0)

stsadm.exe is at C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\BIN.

Find the list of sites:

stsadm.exe -o enumsites -url
To perform a simple backup of a site, you would use syntax similar to the following:
stsadm.exe -o backup -url http://server_name/site -filename backup.dat
To restore a site from a backup file, either to a new site or a separate server,
you would use syntax similar to the following:
stsadm.exe -o restore -url http://server_name/site -filename backup.dat

See also:

Wednesday, August 17, 2011

List all the loaded apache's modules in debian

You can see the loaded modules by apache with this command:

apache2ctl -t -D DUMP_MODULES

Wednesday, August 3, 2011

Add HTTPS to Amazon AWS Loadbalancer

First, I tried uploading the certificate using the AWS command line tools like so:

iam-servercertupload -b MyCert.crt -k MyCert.key -s TESTKEY -c CA_Bundle.pem

CA_Bundle.pem is the chain key provided by Certificate Issuer.

Find the name of uploaded certify:


add new listener to existed LoadBalancer:

elb-create-lb-listeners my-load-balancer --listener "protocol=https, lb-port=443, instance-port=8080, cert-id=$CERT" --region eu-west-1

Make sure your instances accept HTTP connections on port 8080 (add port to apache conf).

Friday, July 29, 2011

Debian Lenny - Update PHP 5.2 to 5.3

It must be added the new source to apt-source. Edit the file /etc/apt/sources.list:

vim /etc/apt/sources.list

and add these lines to it:

deb stable all
deb-src stable all

 Download and import the dotdeb key:

cat dotdeb.gpg | sudo apt-key add -

Then remove all php packages from the system. For example in my case:

apt-get remove php5 libapache2-mod-php5 php5-gd php5-mysql
apt-get remove php5-curl php5-tidy php5-dev php-pear php5-cli
apt-get remove php5-common php5-suhosin

Update your sources:

apt-get update

and reinstall PHP packages:

apt-get install php5 libapache2-mod-php5 php5-gd php5-mysql
apt-get install php5-curl php5-tidy php5-dev php-pear php5-cli
apt-get install php5-common php5-suhosin

now the following command will show you the new PHP version:

php -v


because no longer has lenny packages, we install the PHP 5.3 manually:

mkdir /tmp/php5
cd /tmp/php5

download all PHP5 packages from (our example is PHP 5.3.10) :

wget -r -l 1

remove old version:

apt-get remove php5 libapache2-mod-php5  
apt-get remove php5-gd php5-mysql php5-curl 
apt-get remove php5-tidy php5-dev php-pear 
apt-get remove php5-common php5-mcrypt php5-cli

and install new PHP packages:

dpkg -i php5-common_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i libapache2-mod-php5_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5_5.3.10-1~dotdeb.0_all.deb
dpkg -i php5-mysql_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-curl_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-cli_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php-pear_5.3.10-1~dotdeb.0_all.deb
dpkg -i php5-curl_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-mcrypt_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-tidy_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-gd_5.3.10-1~dotdeb.0_amd64.deb
dpkg -i php5-dev_5.3.10-1~dotdeb.0_amd64.deb

restart the apache:

/etc/init.d/apache2 restart

Wednesday, July 27, 2011

Amazon AWS resize the Volume for a Linux instance

Follow these steps:Stop the instance
  • Make a snapshot (MySnap) from volume.
  • Create new volume with new size from your snapshot (MySnap).
  • Detach the old volume
  • Attach the new volume as /dev/sda1
  • Start the instance
  • in terminal resize the partition:
resize2fs -p /dev/xvda1 (see fdisk -l for your partition name)

Tuesday, July 19, 2011

VPN Server on Debian

Install the pptp server package:

sudo apt-get install pptpd

Edit the “/etc/pptpd.conf” configuration file:

sudo vim /etc/pptpd.conf

Add to it:



that means Clients will get the IPs from 100 to 200.

Edit the “/etc/ppp/pptpd-options” configuration file:

sudo vim /etc/ppp/pptpd-options

Append to the end of the file, the following directives:




mtu 1490

mru 1490

Where the IP used for the ms-dns directive is the DNS server for the local network your client will be connecting to and, again, it is your responsibility to adjust this to your network’s configuration.

Edit the chap secrets file:

sudo vim /etc/ppp/chap-secrets

Add to it the authentication credentials for a user’s connection, in the following syntax:

username * users-password *

Restart the connection’s daemon for the settings to take affect:

sudo /etc/init.d/pptpd restart

If you don’t want to grant yourself access to anything beyond the server, then you’re done on the server side.

Enable Forwarding (optional)

While this step is optional and could be viewed as a security risk for the extremely paranoid, it is my opinion that not doing it defeats the purpose of even having a VPN connection into your network.

By enabling forwarding we make the entire network available to us when we connect and not just the VPN server itself. Doing so allows the connecting client to “jump” through the VPN server, to all other devices on the network.

To achieve this we will be flipping the switch on the “forwarding” parameter of the system.

Edit the “sysctl” file:

sudo vim /etc/sysctl.conf

Find the “net.ipv4.ip_forward” line and change the parameter from 0 (disabled) to 1 (enabled):


You can either restart the system or issue this command for the setting to take affect:

sudo sysctl -p

Add these rules to Firewall (IPTABLES):

iptables -A FORWARD -m state --state ESTABLISHED,RELATED,NEW -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

now all the server side settings are prepared.


Friday, May 27, 2011

Sendmail gethostbyaddr Problem

The problem is that sendmail tries to resolve the ip of
every interface your have.

Change this line in

#O DontProbeInterfaces=False


O DontProbeInterfaces=True

and restert the sendmail.

Monday, May 9, 2011

Amzon EC2 - Changing Scale

This script disables the Auto Scaling, because min-size and max-size are zero.



as-update-auto-scaling-group $SG_NAME --availability-zones $ZONE --launch-configuration $LC_NAME --min-size 0 --max-size 0

Amazon Auto Scaling

This script is enough for me :)

ZONE="us-east-1d" <=== Availability Zone
<=== Instance Type (micro, small, Large, ...)
LC_IMAGE_ID="ami-xxxxxxxx" <=== Enter your AMI ID here

# Set up load balancer
elb-create-lb $LB_NAME --headers --listener "lb-port=80,instance-port=80,protocol=http" --availability-zones $ZONE --region $REGION

#Setup Load Balancer Health Check
elb-configure-healthcheck $LB_NAME --headers --target "HTTP:80/index.php" --interval 5 --timeout 2 --unhealthy-threshold 2 --healthy-threshold 2 --region $REGION

# Setup Auto Scaling
as-create-launch-config $LC_NAME --image-id $LC_IMAGE_ID --instance-type $INSTANCE_SIZE --group $SECURITY_GROUP --region $REGION

#Setup Auto Scaling Group
as-create-auto-scaling-group $SG_NAME --availability-zones $ZONE --launch-configuration $LC_NAME --min-size 1 --max-size 6 --load-balancers $LB_NAME --health-check-type ELB --grace-period 60 --region $REGION

# Setup Scaling Policies (to add instance)
SCALE_UP_POLICY=`as-put-scaling-policy MyScaleUpPolicy1 --auto-scaling-group $SG_NAME --adjustment=1 --type ChangeInCapacity --cooldown 300 --region $REGION`

#Setup Alarm (Add instance when CPU Load is more then 70%)
mon-put-metric-alarm MyHighCPUAlarm1 --region $REGION --comparison-operator GreaterThanThreshold --evaluation-periods 1 --metric-name CPUUtilization --namespace "AWS/EC2" --period 60 --statistic Average --threshold 70 --alarm-actions $SCALE_UP_POLICY --dimensions "AutoScalingGroupName=$SG_NAME"

# Setup Scaling Policies (to reduce instance)
SCALE_DOWN_POLICY=`as-put-scaling-policy MyScaleDownPolicy1 --auto-scaling-group $SG_NAME --adjustment=-1 --type ChangeInCapacity --cooldown 300 --region $REGION`

#Setup Alarm (Reduce instance when CPU Load is less then 30%)
mon-put-metric-alarm MyLowCPUAlarm1 --region $REGION --comparison-operator LessThanThreshold --evaluation-periods 1 --metric-name CPUUtilization --namespace "AWS/EC2" --period 60 --statistic Average --threshold 30 --alarm-actions $SCALE_DOWN_POLICY --dimensions "AutoScalingGroupName=$SG_NAME"

Wednesday, March 30, 2011

How can I log the client IP address on the backend in Varnish?

All I see is the IP address of the varnish server. How can I log the client IP address?

We will need to add the IP address to a header used for the backend request, and configure the backend to log the content of this header instead of the address of the connecting client (which is the varnish server).

Varnish configuration:

sub vcl_recv {
# Add a unique header containing the client address remove
set req.http.X-Forwarded-For = client.ip;
# [...] }

For the apache configuration, we copy the “combined” log format to a new one we call “varnishcombined”, for instance, and change the client IP field to use the content of the variable we set in the varnish configuration:

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined

And so, in our virtualhost, you need to specify this format instead of “combined” (or “common”, or whatever else you use):

# [...]

CustomLog /var/log/apache2/ varnishcombined

# [...]

Reference: Varnish Website

Installing Varnish on Debian

Varnish is the key software that speeds up your web site. It is Open Source, built on industry standards and requires very few resources.

Install on Debian:

curl | apt-key add -
echo "deb $(lsb_release -s -c) varnish-2.1" >> /etc/apt/sources.list
apt-get update
apt-get install varnish

Change the Apache's port in /etc/apache2/ports.conf

NameVirtualHost *:8000

Listen 8000

The configuration daemon for Varnish is located in /etc/default/varnish. Here you can pass the startup options:

"-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-S /etc/varnish/secret \
-s malloc,256M \
-u www-data \
-g www-data"

Now let's get to the configuration file (/etc/varnish/default.vcl). This is a very simple use of Varnish
which strips the cookies of some static files, like jpg and png, allowing them to be cached. In my case
this works best, and it also gives me a header information of what was cached and what not
(if you check the headers with something like FireBug). Of course you can find even better configurations available.
Having a specific configuration for your platform.

backend apache { 
.host = "";
.port = "8000"; }

acl purge {
""; }

sub vcl_recv {
// Strip cookies for static files:
if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") {
unset req.http.Cookie;
return(lookup); }

// Remove has_js and Google Analytics __* cookies.
set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|has_js)=[^;]*", "");

// Remove a ";" prefix, if present.
set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");

// Remove empty cookies.
if (req.http.Cookie ~ "^\s*$") {
unset req.http.Cookie; }
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";}
purge("req.url ~ " req.url " && == ";
error 200 "Purged."; }

sub vcl_hash {
if (req.http.Cookie) {
set req.hash += req.http.Cookie; }

sub vcl_fetch {
// Strip cookies for static files:
if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") {
unset beresp.http.set-cookie; }

// Varnish determined the object was not cacheable
if (!beresp.cacheable) {
set beresp.http.X-Cacheable = "NO:Not Cacheable"; }
// You don't wish to cache content for logged in users
elsif(req.http.Cookie ~"(UserID|_session)") {
set beresp.http.X-Cacheable = "NO:Got Session";
return(pass); }
// You are respecting the Cache-Control=private header from the backend
elsif ( beresp.http.Cache-Control ~ "private") {
set beresp.http.X-Cacheable = "NO:Cache-Control=private";
return(pass); }
// You are extending the lifetime of the object artificially
elsif ( beresp.ttl < 1s ) {
set beresp.ttl = 300s;
set beresp.grace = 300s;
set beresp.http.X-Cacheable = "YES:Forced"; }
// Varnish determined the object was cacheable
else {
set beresp.http.X-Cacheable = "YES"; }

then Restart Apache2 and Varnish processes:

/etc/init.d/apache2 restart
/etc/init.d/varnish restart