How did my PHP session path change? - session

EDIT - HUGE ERROR ON MY PART
I found another site that had the issue that I knew was not on the same server. Then I realized that the original site with the issue was also on a different server and had not been moved over completely yet. The server in question was actually a Plesk Parallels' server and the issue was caused by a patch applied to the server over the weekend due to a security update. This server did have the file path and I just had to chmod it to 777 instead of 77x for it to work. I apologize for the confusion and thank everyone for trying to help. +'s for all. :)
Original Post
I have a website on a shared hosting server (also mine) that since yesterday started giving me this error:
Warning: session_start() [function.session-start]: open(/var/lib/php/session/sess_678cf69f0f17b87c52136ee0280d23cc, O_RDWR) failed: Permission denied (13) in /var/www/vhosts/domain.net/httpdocs/index.php on line 1
I've checked /usr/lib/php.ini and /usr/local/lib/php.ini to see where it is set and both say it is set to the /tmp directory, which is where it should be set and always has been. The /var/lib/php/session directory never even existed. I did create it and give it 777 permissions but that did not help. Though the bigger issue here is why did it change to begin with. There is no .htaccess file for this site and I cannot find this being set anywhere on the site itself either.
This is the ONLY site on this server with this issue, telling me its something local to the website. I just cannot figure out what. So my question is this: what should I look for to check the session save path settings for an individual site on a shared hosting environment to find out why it suddenly changed for this one client?
FYI, I am running a WHM server.
Thanks

session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/../tmp'));
You need to add the above code before starting the session.

You don't appear to have write permission to the /var directory on your server. This is a bit weird, but you can work around it. Before the call to session_start() put in a call to session_save_path() and give it the name of a directory writable by the server. More details here

I found another site that had the issue that I knew was not on the same server. Then I realized that the original site with the issue was also on a different server and had not been moved over completely yet. The server in question was actually a Plesk Parallels' server and the issue was caused by a patch applied to the server over the weekend due to a security update. This server did have the file path and I just had to chmod it to 777 instead of 77x for it to work. I apologize for the confusion and thank everyone for trying to help. +'s for all. :)

Related

Lost bash got jailshell on shared host reboot - how to get bash back?

A few days ago my shared hosting ISP apparently had server issues and ever since I get jailshell rather than bash when connecting with .ssh.
After three tech troubleshooting sessions, they have not been able to restore my bash capability. They say they get bash if they log in. They seem to keep trying ineffective measures, and provide no details about them.
During the server restart I had tried to log in, and saw the jailshell then. Could that attempted login during server restart have caused this issue?
In any case, advice would be appreciated on how I can get bash back or tell them what to try on their side. Are there useful questions to ask, or things to suggest to them to try to resolve this?
Multiple machines have been used with .ssh with same results. I can FTP into my account (if going to root I see just a few jailshell files; if going directly to folder and then up to root I see all my files; the web serving is not affected).
-Ken

CodeIgniter error - unable to connect to database using the provided settings

I have a CodeIgniter setup that has been running fine for the past 2 months and recently I keep getting:
CodeIgniter error- unable to connect to database using the provided settings
I've recently added a new domain that has a landing page for the database login (zPanel), but I don't see how that could have caused a problem--maybe the page keeps getting directory attacked or something, but I'm not sure.
Is there a way to check if this is the problem through logs? I'm at dead ends with this problem, as when I restart the server (DigitalOcean) it works fine again.
Really not sure. If anyone else has had a similar problem, I'd love to hear your solution.
Thanks.
I think your mysql is going down so Codeigniter can't connect to your database settings.
Please login to SSH and check processes by "TOP" comment. See what is using resources ram or cpu.
And check your mysql conf settings, be sure that everything written if its empty it will cause alot of problems.
Some example :
http://www.maxwhale.com/how-to-optimize-mysql-for-1gb-memory-vps/

How to make updates to windows 8 file remotely

We have a simple problem, we are setting up our new server and before we point our DNS to the server we want to check everything so we are changing the hosts file on our Windows 8 machine to do this.
That all works fine the problem is we are migrating tons of sites over and we have employees that are testing the sites for us and they are not very tech savvy, and because we are updating the hosts file alot during the day we figured we could temporarily share the /etc/ folder that contains the hosts file.
However we can only view it from another network PC and not update it with the new sites.
It gives an "accessed denied" error
We have tried everything changed ownership granted administrator permission, granted permissions to Everyone. Still we can't update it. And having my IT team go to the PC individually and update them is taking to long.
Any Suggestions?
And yes we know this is bad security protocol, but again it is Temporary so no lecture comments on that please.
This was actually a very simple problem, we never set the share permission just the file permissions.

No single directory is writable Joomla

Some really strange happened to me, while migrating my websites from a hoster to my new VPS with CentOS 6, DirectAdmin (and Jira Image V6, optimized for Magento and Joomla).
I migrated one website succesfully, without any problems. The first one. It really works like a charm!
All other websites, with the same Joomla! version, I tried to copy, had the same problems of no single directory or file is writable. I checked all settings, everywhere, as far as my knowledge goes, but nothing. The copy method was exactly the same, as the first one.
What I did and tried so far:
.htaccess check (what could be wrong?)
permissions check (755 and 644) (these are good)
ownership check and user / group check (as far as I know they are ok)
php.ini check (changed and tried a lot, I really don't know much about this)
configuration.php check (all good for sure)
I tried manually uploading, downloading and extracting using SSH, resetting owner via DA.
I also tried to put in php.ini > open_basedir = /tmp/ , which resulted in a blank page. (possibly something?)
I can see the website, I can login into backend, I can use FTP, but I can not modify anything in settings, I can not install anything, I checked the permissions overview and everything is very red, like: Unwritable, really every file and directory. And that is not good.
Additional info:
Old server: PHP 5.4.16 > New one: PHP 5.4.15
Old server: MySQL 5.5.28 > New one: MySQL 5.5.31
Old server: cgi-fcgi > New one: apache2handler
Old server: CentOS 6 > New one: CentOS 6
need anything to know? ask
I am kind of desperate, while reuploading, VPS reinstalling, etc, etc, doesn't work! Who can point me into the right direction?
I guess your site is running under a user you are not expecting (or you ran out of disk space). All commands below are meant to be run from the site webroot, i.e. where the index.php is:
cd /home/yourwebsite/html
or whatever is your server path.
Wrong user is the most frequent as tar will by default mantain the original owner id.
Just make the images folder 777
chmod -R 777 images
and upload a file with media manager.
ls -la images/*
-rw-r--r-- 1 fasterjoomla fasterjoomla 31 Apr 26 13:12 index.html
-rw-r--r-- 1 fasterjoomla fasterjoomla 3746 Apr 26 13:12 joomla_black.gif
-rw-r--r-- 1 apache webserver 2301 Jul 16 11:57 test.png
locate your freshly uploaded image: the beginning of the line will tell you the owner and group, for example here test.png is owned by user apache and group webserver.
Now change the ownership of the whole Joomla installation to that except for the configuration.php, administrator or any other files you may want to protect:
chown -R username:usergroup *
After this you can restore the permissions as per your standard 555/755 and your problem should be solved.
chmod -R 555 *
chmod -R 755 images logs tmp cache
rm -f images/test.png
or whatever is appropriate per your security policy.
What is the Linux distro you migrated from?
One potential source of problems when moving to CentOS is the fact that its default configuration is much more secure (SELinux, secure php.ini settings ect). For instance php_ini is disabled along with exec and a few other commands ect.
Also the apache user can't access anything outside web-root directory.
So there's many little things like that and that is probably why most of your application won't run
hth
I know you said you checked it, but usually if you have to use FTP (and there is a reason that was implemented which is this situation) it means that there is a file ownership problem and that suphp or similar are not installed/operational.
The tricky thing with the ftp is that you need to get the credentials saved to be able to use it and if you are in this situation you can't save the configuration.php with the credentials. That's why on a new installation with this situation you would have been prompted for the credentials and then this would have saved. If you can go to your file system and edit configuration.php to put in that data it would provide the immediate solution.
However the real solution is to either have the apache extensions like mod_suphp that will manage this or to deal with the ownership problem. Joomla needs to be able to own the folders/files when it is doing thing like installing extensions and so on.
I was really desperate and hired a kind of addict in (from distance). He was able to point me at the following fact (for free!) :
I was moving the websites to my new server, and I wanted to make the website ready and working before making it live, and that was the mistake.
I kept working on the website with de URL http://xxx.xxx.xxx.xxx/~user/
I didn't want to make the site live, so change the DNS, until the site worked. BUT...!!!
The site will never fully work in upper scenario, and only works with a static address, so http://(subdomain).yourdomain.com for example.
First thing for me was to immediatly change the DNS, and guess what? It works... I spend really 36 hours or more on this, but I hope I can help others with this, because I never NEVER did see this option, and it is written nowhere! Until now...

Server error when loging in Joomla

The site has been just moved to a new host. Everything works as it is supposed, but when trying to log in as administrator, I am given the following error:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster#localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Any idea of what can be wrong? htcaccess file is renamed to htcaccess.txt
If you follow everything in here you will find what you forgot.
Typically configuration.php is what is forgotten. In addition I strongly recommend Akeeba backup. Something to think about next time.
I have finaly figured it out. The htaccess.txt was in the root directory. What I had to do is to rename the .htaccess file in administrtor folder.

Resources