WHM APF Plugin

Posted by Nessa | Posted in uncategorized | Posted on 05-06-2008

20

I’m happy to announce my first ever perl-written plugin for WebHost Manager, which was developed by myself and one of my fellow sysadmins at InMotion Hosting. The first release is available here:

Download v.1.05

Download Now

To explain a little bit of background here, many hosting companies that give some sort of **** about security will leave SSH port 22 closed except for specified IPs. Us being one of them, requests from customers for us to add their IPs to their firewalls is rather redundant when we host over 900 V-dedicated systems and 100 Dedicated boxes where customers can opt for SSH access. Therefore, I decided that it would be well worth our efforts to create a WHM plugin to allow customers to add their own IPs without ever having to contact us. I am aware that some plugin developer already has a more sophisticated APF plugin for WHM but you have to pay for it.

Requirements:

– cPanel/WHM (tested on version 11.18)

– APF 0.9 (tested on 0.9.6)

– iptables enabled and working (if you are able to restart APF without any errors, it’s probably fine)

Note: default privileges will allow anyone with WHM/reseller access to use this plugin. You can manually change this in the addon_add2apf.cgi file if you want.

Installation:

cd /usr/local/cpanel/whostmgr/docroot/cgi
wget http://v-nessa.net/wp-content/scripts/apfadd_whm_1.05.tar.gz
tar -xvzf apfadd_whm_1.05.tar.gz
rm -f apfadd_whm_1.05.tar.gz

Simple enough?

From there, load up WHM and on the left side you’ll see an option to “Add IP to Firewall” and the plugin page will give you examples of what you can add. The script is set up to allow:

Hostname – v-nessa.net
Single IP – 205.134.252.71
IP CIDR – 205.134.252.71/24
Port/IP – d=22:s=205.134.252.71
Port/CIDR – d=22:s=205.134.252.71/24

Of course, the error checking is not perfect, so just be aware of what you’re adding or you might unintentionally ‘break’ your firewall, which usually results in blocked traffic.

Eventually I’m sure I’ll end up adding the ability to manage ports and remove IPs for users with a certain access level, but currently I don’t see a need to do so because I don’t believe that non-root users should have that type of access. Note that per the readme, you can edit the addon file to limit access to users with a certain reseller ACL privilege.

Which Programming Language is For You?

Posted by Nessa | Posted in Uncategorized | Posted on 30-10-2007

9

Working with a webhosting company I get asked all the time — which programming language is better? It’s obvious that I’m more bias towards PHP, but there are other great languages out there that may be more suitable for certain people creating certain sites. I’ve decided to write a nutshell comparison on the most common languages, so you can decide for yourself.

PHP

My preferred language, PHP, is the most popular and widely-used dynamic programming language on the Internet. As a result, it’s increasingly become easy to learn (I have 4 brain cells and even I could do it) and can be run on virtually any operating system. It’s popularity has resulted in the availability of thundreds of contributions, modules, and addons for PHP to increase its functionality and integration with other software. It’s also free to download and easy to install (for most people), and is the most common in CMS’s and prebundled website software.

The major downside to PHP is that it’s so popular that security holes are being found all the time. Its very nature requires some configuration changes and restrictions in order to boost security.

Perl

Perl is one of the oldest and most successful languages to date. With thousands of modules that can be added, it can pretty much do anything. While it’s currently not as popular as PHP, it’s more efficient for server management in its double use as a shell scripting language. It’s also open-source and compatible for most all OS’s. The only real downside is that it’s not as quick and easy to learn, and even the simplest tasks can take more programming and lines of code to accomplish. Also, the camel logo is fugly.

ASP/VBScript

I’ll try to be nice about this one. Really, I’m not an ASP fan mainly because it’s proprietary to Windows and IIS. That being said, I’m sure you can figure how secure and reliable it is. It’s not as actively maintained by its developers (Microsoft) so major bugs have been known to linger for months — unacceptable for busy webmasters trying to manage professional websites. While ASP, .net, and VBScript (aka the ASP family) are all “free”, if you want any of the fancy addons or modules for them you’ll be owing Microsoft a nice little licensing fee. On a positive note, Chilisoft has made is possible to port ASP over to Linux, so it’s no longer 100% platform dependent.

JSP

Java Server Pages (developed by Sun) is more similar to the ASP framework, but targeted towards Java fanatics. Out of all the programming languages I’ve studied in school, JSP is probably my least favorite. Not only is it hard to learn, but there’s no such thing as simplicity with it. However, it’s very powerful software and is platform-independent, as long as you have a Java Environment for it to run in. Tomcat (an Apache Project) is the most common servlet container for JSP. But, Java takes up a lot of memory and JSP servers are very difficult to maintain and administer for non-experts.

Ruby

Ruby is one of the newer programming language to hit the web developer market, and it’s actually quite close in concept to PHP except that it’s 100% object-oriented, and very clean because you don’t need as much punctuation. It’s also very beginner-friendly, and is growing in popularity. The main disadvantage to Ruby is that it’s difficult to troubleshoot runtime errors because its reluctance to declare variables before their use. And being that it’s a newer language, there are definitely less resources available and not as many applications currently employing Ruby as a framework. However, it is cross-platform compatible, easy to install, and even easier to learn.

Python

I really don’t know a whole lot about Python other than that expert programmers claim that it’s such a strong language. I personally think it’s crap…my one shot at Python and I find out that it’s very whitespace/tab sensitive, so one extra space can ruin your program. Coming from PHP I don’t find that very appealing…I personally think it’s a mistake, and that its developers just call it a ‘programming guideline’ since they can’t figure out how to fix it. Really, there’s no huge benefit in using Python other than for your Google sitemaps, so all I’m going to say is steer clear.

HTML

I put this at the bottom of the list because I don’t really consider it a programming language, but it is the more predominate and widely used language that all the others revolve around. I do think it’s important that every programmer become an expert in HTML before going dynamic with their coding. While other languages rely on HTML for output, it’s very common for sites to be purely HTML and nothing else. However, HTML is a static language with no dynamic capabilities in itself whatsoever, so it’s somewhat boring on its own

Client-side

In a category all its own, there are several client-side languages that augment the others. Client side languages no require any server-side software to be installed, just a browser capable of interpreting them. CSS (Cascading Style Sheets) is a language primarily used in formatting and creating a uniform and repetitive style for use across multiple pages. JavaScript is a mini-java language used to create mild effects for a website, like popup windows and form validation. I also consider it to be very insecure, so it should be used sparingly. AJAX is a newer JavaScript framework that is more appealing to the eye and lets you create those special effects that you see on many web 2.0 sites…things like refresh-less page loading.

Using PHP to Display Version Info

Posted by Nessa | Posted in Uncategorized | Posted on 15-10-2007

3

I’ve been working on this application for work that does some simple server reporting, part of which involves displaying the versions of major software running on the machines. The importance of this to me personally is that since we have over 30 shared servers hosting multiple customers, we are continually moving websites between servers. Some of our older generation servers are still running MySQL 4.0 and PHP 4.3, so I need to be aware of this to make sure that customers are being moved to servers with compatible versions. It’s also good in tracking and planning upgrades.

I find it best to use the exec() function since it’s not blocked by most hosts. However, if you are on a shared host it’s very likely that certain PHP functions are disallowed in the php.ini. In that case you may be able to subsitute exec with system, passthru, escapeshellcmd, or shell_exec…unless those are blocked too. Then I guess you’re out of luck.

Start by creating some variables to store ordinary shell commands. If you wanted to find the php version from command line, you would usually type:

php -v

This will give a huge chunk of crap that you really don’t need if you’re making a simple version display script. In this case, you can use grep, awk, sed, and cut to trim down the output into a one-liner:

php -v |grep built |awk {‘print $2′}

The awk command prints out columns, so in the above example I’m printing out the second column of the line that contains the word ‘built’. Once the desired output is figured out, you simply assign it to a variable passed through exec() or a similar function:


$phpver = exec("php -v |grep built |awk {'print $2'}");

Then you can call the variable $phpver anywhere in your script:

echo "PHP Version: $phpver";

You can probably go through and figure out the commands to show other software versions on your server. In my script I’m showing the perl, php, mysql, apache, python, cpanel, and ruby versions. Here are the commands I used:

<?php

$perlver = exec("perl -v |grep linux |awk {'print $4'}|sed -e 's/v//'");
$phpver = exec("php -v |grep built |awk {'print $2'}");
$mysqlver = exec("mysql -V |awk {'print $5'} | sed -e 's/,//'");
$apachever = exec("apachectl -v |grep version |awk {'print $3 $4'}|sed -e 's/Apache\///'");
$pythonver = exec("python -V 2>&1 | sed -e 's/Python //'");
$cpanelver = exec("cat /usr/local/cpanel/version");
$rubyver = exec("ruby -v |awk {'print $2'}"); ?>

Then I just echoed out all the variables to display my version numbers:

See here .

Ugh….CIDR

Posted by Nessa | Posted in Uncategorized | Posted on 28-08-2007

0

I kinda wish I paid attention in class when the professor was talking about CIDR notations and shit…because it would have come in handy tonight. But being that I’m lazy I did some looking around and found that there’s a perl module out there that will convert an IP range to CIDR for you with a simple 4-line script. You’ll need to install the Net::CIDR module for this to work
If you’re on cPanel just type:

# /scripts/perlinstaller Net::CIDR

Here’s the script:

#!/usr/bin/perl

use Net::CIDR;

$range = shift;

print (join(“\n”, Net::CIDR::range2cidr(“$range”)) . “\n” );


Usage:

root@vps [~]# perl convert.pl 192.168.0.1-192.168.1.1
192.168.0.1/32
192.168.0.2/31
192.168.0.4/30
192.168.0.8/29
192.168.0.16/28
192.168.0.32/27
192.168.0.64/26
192.168.0.128/25
192.168.1.0/31