SynapsEd

Setting up a localhost using apache server on linux(ubuntu) which uses a directory of your choosing to serve your web pages.

1). Edit your /etc/hosts file and set a domain i chose "127.0.0.5 mynet"

2). In the apche.conf (httpd.conf) file use the directive to create a new virtual host.

DocumentRoot "path/to/your/webfiles"
ServerName mynet


3). Edit the directive

Options Indexes FollowSymLinks
AllowOverride None
Require all Granted


4). Restart apache using sudo apachectl -k restart

Make sure your system has php installed on it

open your browser and type in the address, 127.0.0.5 in my case. If it shows a response. You've just installed a web server.

127.0.0.5

One extremely mind boggling caveat of using code igniter is that you cannot use sessions while having localhost as your domain name. It is because code igniter checks for a fully qualified domain name before allowing sessions and cookies.

The workaround is, you need to make changes in your hosts file which a typical linux user can find under /etc. Open the hosts file in a text editor there you will see things like

127.0.0.1 localhost
127.0.1.1 phoenix

where localhost is the loopback address (https://en.wikipedia.org/wiki/Localhost) which is used for development purposes in web dev.

So you need to add two lines like this in this file..

127.0.0.1 www.mysite.com
127.0.0.1 mysite.com

save it.

Now, in your config file, find the line that looks like this

$config['cookie_domain'] = 'localhost';

as you can see this is not a fully qualified domain. A fully qualified domain looks like this "subdomain.domain.com". Edit the above line to look like this

$config['cookie_domain'] = 'www.mysite.com';

this should get you working with sessions. :)

One more thing you need your session directory to be writeable for sessions to work. See how to do that in my previous posts.

Enjoy coding :)

127.0.0.1

Alright! So now the core web dev issue! While working with a fresh php install you try to work with sessions, you are happily following the manual on how to make your site more responsive with sessions and then when you load your page you get an error "session error: The specified path ' ' does not exists, can't be created or is invalid"

or "session error: php cannot write to the specified path '/path/to/save/sessions/".

The error gives you this much that your application does not have the required permissions. To solve this problem you need to find the php.ini file. This file contains basic configuration details which php follows. To locate php.ini on Linux systems use "whereis php.ini" at the commnad prompt. On windows this file will usually be located in where you installed php, which usually will be C:\Program Files\php or if you are using XAMPP or WAMP it will be located in your XAMPP's/ WAMP's php folder.

Open php.ini with administration right:
1. Linux (ubuntu/debian) user : sudo gedit php.ini
Windows users might have to log in to the administration mode to make this edit.

note: gedit is the text editor that I use.

2. In php.ini find a line

;session.save_path = /tmp

and uncomment this line by removing the ; from the beginning of the line. Save and close the file.

3. Restart your server. The error should not come up again.

During our coding expeditions we're required to put on the hat of a system admin, while most of us do not enjoy this task but let's face it, we must deal with it.

One situation is grub rescue. Which sometimes is so scary that it might prompt some to re-install the system (ouch! that hurts!). However you can follow these steps to make sure that there is an unrepairable error which warrants a system re-install.

http://askubuntu.com/questions/88384/how-can-i-repair-grub-how-to-get-ubuntu-back-after-installing-windows/125784 #125784

So as promised m back with the list of openssl libraries one need to have on his box to compile php with openssl support...

Pesky errors and warnings are a headache for any developer/coder/programmer. So in the following few posts I will try to list out a few errors, that I encountered and cleared while playing the field with python, php, mysql, apache all on Linux. Windows and mac user might benefit from this too. Read through guys 😊

1. Trying to host a python website : This is tricky I'm still working on this one. Although python is fast changing the web dev scene hosting a python website is still complicated. So do consider other options well before jumping on to coding your web with python. Python codes are very tempting though. I'll give you that 😜

2. Compiling PHP : It requires a bunch load of tools and libraries few of which are gcc, g++, make, autoconf, etc. Read the documentation carefully. You will also require to install openssl, libssl and some more libraries(listing them tomorrow) if you want to compile it with opensdl support.
3. To compile php: Move to the php folder where you have extracted your tarball. And in that run ./configure --help, read all the options available. Now issue the ./configure --options-that-you-want.

--options-that-you-want for a typical web dev scenario you will require --with-openssl, --with-mysqlid, --enable-exif, --enable-pcre-regex etc.

For installing php you will require apache server installed on your pc.

3. Installing apache : Download the source code from the official site and run as per the instructions. One of the pre requisites of apache is PCRE.while installing PCRE, issue ./configure --enable-utf8 --enable-unicode-properties to enable decoding of utf charset. Also to see if your build of PCRE supports utf8 or not, issue pcretest -C command at the terminal.

4. Codeigniter is a php based web framework with a very small learning curve and very clear doc. Use it for quick development of projects. Recommended for people who have coded with php before and want to try a web framework.

More errors and more discussions will be posted soon.

Configuring mysql backend for Django-1.8 (the python web framework) on Ubuntu 14.04:
1.Install mysql from the official site.
2.Install python and python3 development tools using sudo apt-get install python-dev python3-dev
3.Install pip and pip3 using sudo apt-get install python pip for pip and sudo apt-get install python3-pip for pip3
4.Install mysqlclient development tools using sudo apt-get install libmysqlclinet-dev
5.Install python MySQL using pip install MySQL-python
6.Install pyMySQL using sudo pip install pymysql for python2.x and sudo pip3 install pymysql for python3.x
7. lastly install mysqlclient for python2.x using sudo pip install mysqlclient and for python3.x use sudo pip3 install mysqlclient.

Change the database tupple in the settings.py file in the Django project folder to:
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'your_db_name',
'USER':'user_for_db',
'PASSWORD':'password_for_db',
'HOST':'',
'PORT':'',
}
}
leave the HOST and PORT fields blank to use the default values. The default value for HOST is 'localhost' or '127.0.0.1'.

Save and exit the file.

Go to the terminal and check the configuration using the following steps:
1. cd in project directory
2. run the following command : python3 manage.py runserver

the server should start without any error. If it doesn't then kindly ask in the comments.

Hello friends, I've been absent for a long time, but I was working on developing my skills a little bit. In that quest, i developed the hangman game, it's still sticks and stones, graphics and stuff will be added. Do share your comments and criticism:) Thanks

Download and extract the hangman folder, there will be a hangman.exe file inside t, double click it and play away :)

Suggest new categories fr the words too :)

https://drive.google.com/file/d/0B1C9Gpj4DQIaV2VXdmNDVDRLZGc/view?usp=sharing

hangman.zip - Google Drive

Sorry guys, as it is the navratri festival going on, and I gave in to the temptations last night and I went out, and I danced and didn't post the promised post, but wait no more, here I lay bare the blood and guts of the shell shock :D :D It's a series of screen shots so that you can see what is going on and not wonder unnecessarily :)

As a little background, shellshock bug exist because of the way bash handles environment variables. A variable is a named memory location which stores a piece of data which can be modified during a program. An environment variable is a variable that contains data that is crucial to a programming environment like, path to compiler, path to the libraries and include programs, path to the default directory of the program and error log, etc, etc....

Hit me with doubts, suggestions and corrections (and appreciation too ;) ;) ) in the comments section.

With this knowledge, scroll through the pics and have fun :) :)

A patch to this bug has been released by RedHat and it can be found here, https://access.redhat.com/security/cve/CVE-2014-7169 and how to guide to apply this patch can be found here https://access.redhat.com/node/1207723 :) :) Happy coding guys, time to sleep :)

For those who pursue their dreams tireless and walk on the roads not taken, for the powerplayer in each and everyone of us. Let the path we chose to walk on be conquered and let the flag flying highest will be ours! RideON!

It's time ladies and gentlemen and we all are SHELL SHOCKED! And no, it's not the TMNT song, this tune is much more hardcore and even more badass! I'm talking about the bug that is keeping the IT security professionals and researchers up all night, BASHing head to find a way to contain this bad boy, that is a pathway to acts of crime that are of unimaginable magnitude, and the bug is SHELLSHOCK.

To give a little bit of a background necessary to appreciate the scale of impact this bug can have, we need to look at Shell, Bash, Unix and Linux. Shell is a command line interpreter provided with Unix like and Linux like operating systems. It provides an interface for the user to interact with the computer. Shell was originally written by Stephen Bourne for Unix, which at that time was a property of AT&T Bell Labs, and it wasn't without a significant fees that one could purchase it and use and study it. So to make an operating system available to a large number of computer engineers and students Andrew S. Tanenbaum created MINIX, a significantly small complete OS, from scratch without using any code from UNIX hence creating the predecessor of the modern Open Source Operating Systems. Linus Torvalds hacked MINIX to create the first version of Linux, in 1994 and it was called Linux 1.0.

However, MINIX at that time was widely popular in academia it wasn't the choice of many commercial organizations. Corporate communities were still using UNIX based OSes due to the absence of a competitive free software, increasing their cost of computing operations. Even if the OS was custom made for a company's needs, it still used the Unix's Bourne Shell or simply Shell. This further increased the costs. To curb this cycle of starting from scratch, Richard Stallman, father of GNU and Free Software Foundation (FSF), encouraged the software community to write a shell that would be free and as powerful as Bourne Shell. He however grew dissatisfied with the progress being made on this, he assigned the task of writing a new shell in 1988 to Brian Fox. Brian Fox drew heavily from the Bourne Shell on keywords, language and other basic features. Some desirable features of csh (C shell) and ksh (Korn shell). The resultant was BAsh, released in 1989. The name is a pun on Bourne shell (sh) as Bourne Again shell which is crudely read as Born Again shell. At the time of its release, Bash was a minor player in the world of shells, which it has come to dominate over a duration of a quarter century of its existence.

Now, bash is a major shell shipped with every Linux like operating system and is also being actively ported to the windows platform but the steps has been pretty trivial so far. But even a windows user's doesn't pass by without interacting with the bash. If the latest web server of Netcraft is used as a measure, operating systems running bash run on 51% of the web servers powering the World Wide Web. This is half the pie of a very large pie ladies and gentlemen.

So coming back, what has happened to the very "dreamy rags to riches" story of bash? And after two and half decades of popularity? The answer is Shellshock! Shellshock is a bug in the bash which lets user inject malicious code illegally. More specifically the bug exists because of the way environment variables are dealt with in bash. Environment variables are a set of variables which are used by the shell to carry out its tasks. Environment variables consists of paths to source files, the GUI specifications, etc etc. The bug allows a user to create a especially crafted environment variables to inject potentially malicious code. And which when used with privilege escalation can grant Root or superuser capabilities to the remote user, which simply means, the remote user can now, tame your PC or server any which way he/she wants and can even erase the contents of the entire disk!!! Scary, right!

So how do you know, if you have a PC infected with Shellshock? If you're a windows user, fret not, you are safe from this.Since windows doesn't have a bash it doesn't have shellshock either. But Linux users, irrespective of if it is Fedora, Ubuntu, Debian, Slackware, Gentoo, etc. Bash up till versions 4.3 have this bug. If you're unsure about the bash version, fire up the terminal and at the prompt type, bash --verison, it'll give a long description, but you will find the version number. If the version number>4.3, you're safe, otherwise to doubly assure yourself, at the prompt type this command (the one inside the [ ]), [ env x='() { :;}; echo vulnerable' bash -c "echo You are shellshocked" ], if the output is [ vulnerable (newline) You are shellshocked ], you have a bash infected with shellshock.

Why is it neccessary for us to know what Shellshock is? Because in April 2014 we had the most apocalyptic, till date, Heartbleed bug in the openSSL library which could allow a remote user to request additional memory on every request to a web server (bleed extra memory, hence the name), at that time it was named as the biggest nemesis of the IT security professionals world over as OpenSSL is massively deployed on the webservers across the breadth of the world wide web. Fortunately the bug was patched quickly before any major damage could've occured. Shellshock is bigger than the heartbleed bug in the sense that, it is relatively simple to execute and the benefits (some dark talk 3:) ) to the attackers are many, from deleting directories on the compromised PC to taking over the PC or server itself as the superuser by privilege escalation. What makes this situation even darker is the relative ease with which an attacker can execute this attack via PHP scripts or CGI scripts that interact with the bash on the servers. The situation looks grim.

A flawed patch for the bash has been released by the Red Hat Foundation to minimize the impact of the bug. However corporate and academic worlds need an stable patch before they begin to feel safe to do their business online again.

For those who wished to know what shellshock is and if they're infected with it, this post ends now, for those who want to know what is all the code in this command, env x='() { :;}; echo vulnerable' bash -c "echo You are shellshocked", hold on it's due tonight :D :D

Ladies and gentlemen, if you're like me you'll probably want songs to go with your coding deeds. Check out Slaughter Cage these guys are an upcoming death/trash metal band, but their sound is EPIC! Like their page and like my page and share the goodness :)

Linux after a long wait ladies and gentlemen :D wait I'll come back with a jaw dropping awesome post :D