Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2017-05-29, 15:18:18

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - MRatWork

Pages: [1] 2 3 ... 5
1
Kloxo-MR Technical Helps / [EOL] CentOS 5 since 31 Mar 2017
« on: 2017-04-09, 05:02:09 »
According to https://wiki.centos.org/HowTos/EOL, CenOS 5 have to EOL (End of Life) since 31 Mar 2017.

Impact for EOL, certain repos for CentOS become 'HTTP Error 404: Not Found'. At this moment, may impact to CentOS and IUS repos.

So, better to CentOS update from version 6 or 7.

2
Information from https://mratwork.com/2017/02/kloxo-mr-7-0-in-candidate-release-and-centos-7-ready/:

Quote

Since 29 Jan 2017 (kloxomr7-7.0.0.c-2017012901), Kloxo-MR 7.0 already in Candidate Release . It's that mean 1 step to Final Release.

Since 27 Feb 2017 (kloxomr7-7.0.0.c-2017022701), Kloxo-MR 7.0 ready to CentOS 7.

So, enjoy it.

PS:

3
Assumption:
- User: tester
- Domain: mytester.com
- Document root: /home/tester/mytester.com
- Mysql: tester_wp

Steps for wordpress install:

  • Go to 'admin > clients > (select tester) > mysql databases > add new'
  • Go to 'admin > clients > (select tester) > domains > add domain'
  • Go to 'admin > clients > (select tester) > domains > (select mytester.com) > file manager > upload' and then add 'https://wordpress.org/latest.zip' for 'Upload From URL' and then click 'update'
  • Go to 'admin > clients > (select tester) > domains > (select mytester.com) > file manager', click 'latest.zip' and then 'extract'
  • Go to 'admin > clients > (select tester) > domains > (select mytester.com) > file manager > wordpress' and then 'select all' and 'cut'
  • Go to 'admin > clients > (select tester) > domains > (select mytester.com) > file manager' and click 'paste'
  • Select 'wordpress' directory and 'latest.zip' file and then 'remove'
  • access website with 'http://mytester.com' (use tester_wp as database name and database username


Remember: Make sure using latest Kloxo-MR 7.0. Update Kloxo-MR 7.0 with 'yum clean all; yum update -y; sh /script/cleanup'.

4
Kloxo-MR Technical Helps / Kloxo API
« on: 2015-12-30, 16:37:17 »
Contents
1 Kloxo/HyperVM API
1.1 JSON
1.1.1 What is JSON
1.1.2 Initialization Prerequisites
1.1.3 JSON Code Examples ?1.1.3.1 Function lxlabs_get_via_json
1.1.3.2 Function lxlabs_if_error
1.1.3.3 Function lxlabs_get_and_print_select_variable
1.1.3.4 Function lxlabs_print_select
1.1.4 Listing Resources Example ?1.1.4.1 Listing a resource
1.2 Using JSON for webapplications (PHP)
1.2.1 Adding a resource with JSON
1.2.1.1 Add a Client to Kloxo
1.2.1.2 Add a VM to HyperVM
1.2.2 Updating resources with JSON
1.2.2.1 Updating a Resource
1.2.2.2 Enable or Disable a Resource
1.2.2.3 Reboot a VM
1.2.2.4 Deleting a resource
1.2.2.5 Getting properties from an object
1.3 Usage Examples from commandline (Shell)


5
Since upload 2015062006, Kloxo-MR 7.0 possible to choose Apache/Httpd 2.4. This feature only work for CentOS 6.

How to use it?. Follow this step:

1. Setting must be:
- Use Apache or proxy in 'switch programs'
- Use 'php-fpm_event' for 'php type' in 'webserver configure'
- Must be update to latest upload with:
Code: [Select]
yum clean all
yum update --disablerepo=*atrpms* -y
sh /script/cleanup

2. Steps from ssh:
Code: [Select]
sh /script/switch-apache httpd24
sh /script/fixphp
sh /script/fixweb
sh /script/restart-web -y

3. Steps from panel:
- Go to 'Admin > switch programs', select 'none' for 'web' and then click 'update'
- Select 'Use apache 2.4', select 'apache', 'hiawatha-proxy' or 'nginx-proxy', and then click 'update'.
- Go to 'Admin > webserver configure' and make sure 'php type' as 'php-fpm_event'
- Better select 'enable secondary php' and 'php used' with 'php54m', 'php55m' or 'php56m' instead 'php branch'

Note:
- Mod_ruid2 and mod_itk not work because need 'special' php compiled
- Suphp and fcgid still in progress
- According to Apache itself, default/recommendation 'php type' is php-fpm_event
- Something switch to httpd 2.4 have a trouble and then try 'pkill -9 httpd; sh /script/restart-web -y'

6
TheHostingTool is opensouce billing software and able to connect to Kloxo-MR 7.0 (possible also to 6.5).

Steps to enable this sofware:
1. Create aux user in 'auxiliary login' for admin like 'mustafa.aux'
2. Run 'sh /script/setup-tht' --> script will be install if not exists and then setup them
3. Go to 'http://cp.domain.com/tht' (you will see 'tht' in list if access cp.domain.com)
4. For setting, go to 'http://cp.domain.com/tht/admin' and login as 'admin' for username and password
5. Change password immediately
6. Add server with use 'aux user' (like 'mustafa.aux') as 'username'

7
This is a second time for donation/sponsorship.

Until now, donation and or sponsorship just very little. it's hard to developing Kloxo-MR as free/open-source products without donation and or sponsorship. Without donation and sponsor mean all resources (spend money for servers, spend times for developing Kloxo-MR and others) mostly from myself.

Hard to continuing for developing Kloxo-MR (also other apps) because I must share my times for another business (make a money). I hope everybody which using Kloxo-MR no hard to donation and as sponshorship.

Need minimum USD 60-80/month for rent 6-8 VPSes (4 VPSes for rpm compile purpose and 2-4 VPSes for testing and comparing) and internet connection USD 20-40/month. Total USD 80-120/month

At this moments, 2 options for donations:
1. Pay via paypal - click here
2. Special for Indonesia's peoples) - Mandiri: 137.00.0180361.4 (Mustafa Ramadhan) or BCA: 126.162.4414 (Lia Amaliati)
For sponshorship, need negotiation.

8
According to https://www.openssl.org/news/secadv_20140605.txt where OpenSSL have '
SSL/TLS MITM vulnerability (CVE-2014-0224)'.

To fix this issue, run:
Code: [Select]
cd /
yum clean all
yum update

9
At this moment, run 'yum update' will be fail. It's because something trouble with CentAlt repo (include in mratwork.repo).

To fix this issue:

Code: [Select]
cd /
yum clean all
yum update mratwork* --disablerepo=*centalt*
yum update kloxomr
sh /script/fixrepo
sh /script/cleanup

After above steps, you can run 'yum update' normally.

10
Because security issue related to php-fpm in php 5.3/5.4, php-fpm config need modified/adjustment.

In every php-fpm pool, must exists 'listen.owner', 'listen.group' and 'listen.mode' parameters. Without this parameters, we will see 'error 500' in website and panel.

To fix this issue, follow this steps:
Code: [Select]
yum clean all

## update Kloxo-MR and also others
yum update

## only for Kloxo-MR 6.5.1.b
sh /script/php53s-installer
## importance if using mariadb instead mysql
sh /script/php54s-installer
sh /script/fixlxphpexe php54s

## run cleanup
sh /script/cleanup

## to make sure php-fpm running well
killall -9 php-fpm
sh /script/restart
sh /script/restart-web

If using phpXYm series (aka 'multiple php'), reinstall via 'webserver configure'. The same way via ssh with 'sh /script/php53m-installer' (example for php53m).

11
Kloxo-MR Releases / [BUG] PHP53u-5.3.28 issue
« on: 2014-05-09, 11:16:58 »
There are many report where update php53u (to 5.3.28) make their website appear 'error 500'.

So, temporal solution (until IUS fix this problem):

1. Update mratwork.repo with
Code: [Select]
yum clean all
yum update mratwork* -y
yum clean all

2. Update the content of /etc/yum.repos.d/mratwork.repo:
from:
Code: [Select]
[mratwork-ius-stable]
name=MRatWork - IUS Community Packages for EL $releasever (stable) - arch
baseurl=http://dl.iuscommunity.org/pub/ius/stable/Redhat/$releasever/$basearch
mirrorlist=http://dmirr.iuscommunity.org/mirrorlist/?repo=ius-el$releasever&arch=$basearch
enabled=1
gpgcheck=0
exclude=mysql51*

[mratwork-ius-archive]
name=MRatWork - IUS Community Packages for EL $releasever (archive) - arch
baseurl=http://dl.iuscommunity.org/pub/ius/archive/Redhat/$releasever/$basearch
enabled=1
gpgcheck=0
exclude=mysql51*

to:
Code: [Select]
[mratwork-ius-stable]
name=MRatWork - IUS Community Packages for EL $releasever (stable) - arch
baseurl=http://dl.iuscommunity.org/pub/ius/stable/Redhat/$releasever/$basearch
mirrorlist=http://dmirr.iuscommunity.org/mirrorlist/?repo=ius-el$releasever&arch=$basearch
enabled=1
gpgcheck=0
exclude=mysql51* php53*

[mratwork-ius-archive]
name=MRatWork - IUS Community Packages for EL $releasever (archive) - arch
baseurl=http://dl.iuscommunity.org/pub/ius/archive/Redhat/$releasever/$basearch
enabled=1
gpgcheck=0
exclude=mysql51* php53*-5.3.28*

3. For using php53u in 'php-branch':
Code: [Select]
service php-fpm stop
yum downgrade php53u
service php-fpm start

4. For using Kloxo-MR 6.5.1.b with 'PHP used' for 'php53m':
Code: [Select]
killall -9 php-fpm
sh /script/php53s-installer
sh /script/php53m-installer
sh /script/fixlxphpexe php53s
sh /script/restart-all

12
Some users want install MariaDB instead MySQL. There some trouble with Kloxo-MR itself for this situation.

Solution for this situation:
Code: [Select]
cd /
yum clean all

## update Kloxo-MR
yum update kloxomr

## install php54s
sh /script/php54s-installer
## set lxphp.exe using php54s
sh /script/fixlxphpexe php54s
## restart Kloxo-MR
sh /script/restart

## switch mysql to mariadb; will show message for modified /etc/yum.repos.d/mratwork.repo
sh /script/mysql-to-mariadb

Kloxo-MR not work for php53s + mariadb combination because php53s (taken from php53u from IUS repo) compile with '--with-mysqli=shared,/usr/mysql_config' (aka libmysqlclient).

Kloxo-MR code use mysqli functions instead mysql functions (still use by Kloxo Official).

PHP 5.3 already have mysqlnd module where MariaDB not compatible with mysqli if compile with  '--with-mysqli=shared,/usr/mysql_config' but need '--with-mysqli=mysqlnd'.

PhpMyAdmin still show warning about libmysqlclient not match but avoided this warning.

The reason for change mysql function to mysqli function is mysql function deprecated in php 5.5 and remove in php 5.6.

I have a plan to change mysqli functions to pdo_mysql in c (candidate) or f (final) release of Kloxo-MR 6.5.1.

NOTE:
- If php54s stable for Kloxo-MR panel and in 6.5.1.c will be as 'default' lxphp.exe (instead php53s)
- This update also fixed custombutton issue.

13
Kloxo-MR Releases / [DONATION] Need donation (confirm here)
« on: 2014-04-29, 07:21:02 »
In this month, I have receipt some donations but after that sender complain to paypal and want their money back.

So, it's make my bad 'reputation' in paypal and I must payback to sender. Also, it's make my balance not good at this moment.

I hope some users give donation via 'forum.mratwork.com/donation/'. I am worry without donation (minimum USD $30/month), this forum will be stop at next month (May 2014).

NOTE:
- To operational Dedicated Server for developing Kloxo-MR need USD 100/month and USD 70/month from me (allowd budget) and need USD 30/month from users (let say as minimum)


-----------------

Please confirm for your donations.

14
As we know Kloxo Official 6.1.x, Kloxo-MR 6.5.0.f and Kloxo-MR 6.5.1.b implementing IP-based SSL certificate. With this implementing, if want certain domain have specific SSL certificate must assign free IP address to this domain.

With additional domain-based SSL certificate, we don't need free IP address for this purpose. Only need setup 'SSL certificate' for certain domain for this purpose. Kloxo-MR will be create SSL certificate files inside '/home/<user>/ssl'.

Need update to Kloxo-MR 6.5.1.b-2014042004 for this 'new' feature. And need run 'cleanup' because this 'new' feature need web config adjustment.

15
Many information about 'Kloxo-MR 6.5.0 - CSRF Vulnerability'. One of report is http://www.exploit-db.com/exploits/32666/.

The question is real or 'false positive'?.

In my test (using Kloxo-MR 6.5.1.b-2014041104):

1. Open firefox and then login with admin as user
2. Open new tab and then execute their code --> success
3. Open Chrome and then execute their code --> fail and page redirect to login page

Conclusion:
1. Their code not work without login (or remote execute will be fail and automatically redirect to login page)
2. With login mean page for their code will have the same session.
2. Not testing for 6.5.0.f but I think the same situation

Action:
1. Above fact still importance for security issue
2. Since 6.5.0.f and 6.5.1.b 2014041602, add 'csrf token' validation.
3. Effect of #2, every process via 'post' (like add domain) always verified with 'csrf token' with/without login

Pages: [1] 2 3 ... 5

MRatWork Affiliates:    BIGRAF(R) Inc.    House of LMAR    EFARgrafix

Page created in 0.064 seconds with 16 queries.

web stats analysis