PHP Request Timeout Error

PHP Request Timeout Error

Request Timeout

This request takes too long to process, it is timed out by the server. If it should not be timed out, please contact administrator of this web site to increase ‘Connection Timeout’.

If you got an error like the one shown above, and your host is using LiteSpeed as its server, then chances are you have gotten the same error as me. To solve it, edit your .htaccess in the root folder of your site with the following

RewriteEngine On
RewriteRule .* - [E=noabort:1]
RewriteRule .* - [E=noconntimeout:1]

 

Enjoyed the content ? Share it with your friends !

Optimize VestaCP Part 1 – Upgrade PHP

Optimize VestaCP Part 1 – Upgrade PHP

Assuming you already have VestaCP installed, your PHP that comes along with it is probably 5.x . However, the latest PHP version as of writing is already 7.2 . There is a huge difference in performance between PHP 7.x and PHP 5.x and hence, it is important to upgrade your PHP version if you wish to optimize and speed up your server.

Now, onto the actual upgrade process. For this tutorial, the commands will be based on CentOS

1. SSH into your server.

2. Check your PHP version just to be sure you aren’t already on 7.x

php -v

If it is already PHP 7.0 and above, you need not continue with this tutorial. You may wish to proceed to the other optimization tutorials instead..

3. Stop necessary services – httpd and php-fpm

service httpd stop
service php-fpm stop

4. Remove our current PHP installation

yum uninstall php

4.  Download or update the remi repository and enable it

wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm

yum --enablerepo=remi update remi-release

5. Install our new PHP with the modules that you wish to have or remove

yum --enablerepo=remi-php70 install php70-php php70-php-pear php70-php-bcmath php70-php-pecl-jsond-devel php70-php-mysqlnd php70-php-gd php70-php-common php70-php-fpm php70-php-intl php70-php-cli php70-php php70-php-xml php70-php-opcache php70-php-pecl-apcu php70-php-pecl-jsond php70-php-pdo php70-php-gmp php70-php-process php70-php-pecl-imagick php70-php-devel php70-php-mbstring

6.  Remove old symbolic link for PHP and create a new one for our PHP 7

rm /usr/bin/php
ln -s /usr/bin/php70 /usr/bin/php

7. Start the services again

service php70-php-fpm start
service httpd start

That’s it. You can now check if the installation is successful by doing another php -v command.

 

Enjoyed the content ? Share it with your friends !

Things to consider before buying your first web hosting

Things to consider before buying your first web hosting

1. Budget
What is your monthly or yearly budget?
Usually a monthly payment is more expensive than that of a yearly one. That is because a host usually offer discounts on yearly prepayments. However, a yearly payment service is riskier as you won’t be able to quit as easily should the hosting or service be bad.

2. Requirements
What are your technical specifications that the host have to meet?
Do you require PHP ? Asp.Net? Node.js?
There are only a handful of hosts that offer asp.net or node.js, so if either one are a requirement, you have to take caution so as to not be buying the wrong one !

Other than those specifications, you will have to think about other requirements such as hard disk space, monthly traffic,
processing power, ram/memory needed, number of ftp accounta and so on…

3. Support
You will definitely have to rely on the hosting’s support at some point of time, and you will definitely want to have one that provides a top-notch support.Support is also what usually separates a bigger and a smaller hosting company. Both have their pros and cons.

A bigger hosting company will usually outsource their support to people from countries such as India as labor cost is cheaper. This can lead to poorer communication in English.
Pros : quicker responses
Cons : potentially lower quality of support
A smaller hosting company will usually have more personal support because their support is usually not outsourced but rather in-house. This may mean better quality of support, but slower response times
Pros : better quality of support
Cons : slower responses

*by quality of support i mean everything else except response time. i.e. communication level, knowledge and skill level of support, how fast they get things done, and so on...

Of course, these do not apply to all companies but is just a general outlook of what I see in the hosting industry now. The best case is if you are able to get a host that provides quality support with quick response time but yet friendly to your budget.

CONCLUSION
There are many web host out there and there are many options to choose from. So don’t rush into your first buy. Compare costs, technical specifications, reviews before purchasing your web host !

Enjoyed the content ? Share it with your friends !

Analysis on VestaCP exploit

Analysis on VestaCP exploit

The first report of exploit was on April 07, 2018 2:56 pm on VestaCP’s official forum. The hackers seems to have gotten access to the server 2-3 weeks before and let their malware – which was a XorDDos variant, stay dormant till April 7. The hackers used the compromised systems to launch a Ddos attack to the ip below :

111.231.132.129 – ISP : Beijing Faster Internet Technology Co.,Ltd

It is crucial that you take down any servers that have VestaCP running immediately and do the following

– Check for the presence of malware

 Go to your /etc/cron.hourly folder and check for a file called gcc.sh

– Run an antivirus scan (clamav can pick this malware up)
– Reinstall if necessary

From the looks of it, nobody knows how the actual attackers compromised the systems and what expoit they have used to gain entry. Although the VestaCP team has patched a few security loopholes, it can’t be confirmed that those were the same entrypoint used by the hackers. Hence, it still poses a huge risk to continue using VestaCP.  It is recommended that if you need to manage your web server again, you should
1. Lockdown your server to specific ip address
2. Look to other control panels, if possible, commercial ones like CPanel as they have dedicated security review and response team.

Also, follow these threads to get updates on the current status of VestaCP

https://forum.vestacp.com/viewtopic.php?t=16556
https://www.digitalocean.com/community/questions/how-do-i-determine-the-impact-of-vestacp-vulnerability-from-april-8th-2018

Enjoyed the content ? Share it with your friends !