Comments for Prion Interactive

Comment on Exploring Data Encryption with MySQL by Scott

Scott — Mon, 05 Dec 2011 08:43:13 +0000

One last question…

In a more practical implementation, decryption would be done in a separate call to the script, rather than immediately after encryption on the same run.

So I would assume you need to call mhash again.

And, to decrypt, would you need the original ‘initialization vector’ used to encrypt, or could a new ‘iv’ be generated for subsequent decryption?

Also, why do you strip out the \4 sequence at the end?

Thanks again!

Comment on Sub-domain changes on Media Temple DV 4 by Joseph McCullough

Joseph McCullough — Mon, 05 Dec 2011 02:55:32 +0000

Dude, you thank you SO Much. Seriously. We thought we were having DNS issue, but it was this quirk. I would’ve never found this out on my own.

Comment on Exploring Data Encryption with MySQL by Scott

Scott — Mon, 05 Dec 2011 00:33:03 +0000

I would also suggest obfuscating any PHP source code containing full path information above the webroot (just to be on the safe side).

Comment on Exploring Data Encryption with MySQL by Scott

Scott — Sun, 04 Dec 2011 23:46:26 +0000

Excellent article on implementing MySQL encryption from the scripting side.

One question…

If a hacker already has access to mysqlbinlog and /var/lib/mysql, wouldn’t he also have access to the secret key file above the webroot?

If so, it seems like it’s at the “game over” point to me.

Your thoughts?

Comment on Storing Files Above the Web Root on Media Temple DV by Shanan

Shanan — Wed, 23 Nov 2011 22:45:07 +0000

A quick update to my previous comment — I received feedback from mediatemple. There was an error in their wiki documentation that they have now fixed. The previous version:
php_value open_basedir "/var/www/vhosts/example.com/httpdocs:/tmp/:/usr/share/pear"

The corrected version:
php_admin_value open_basedir "/var/www/vhosts/example.com/httpdocs:/tmp/:/usr/share/pear"

Comment on Storing Files Above the Web Root on Media Temple DV Redux by Shanan

Shanan — Wed, 23 Nov 2011 20:43:50 +0000

Thank you for this post — it’s incredibly helpful.

Can you verify if this is still working on your installs? I am running into issues with an install on a dv4 server. I have isolated the issue I am having to this command:
/usr/local/psa/admin/sbin/httpdmng –reconfigure-domain example.com

…this command is not generating a corrected Apache config file. For example, running the script is not updating the …_httpd_ip_default.include with the updated vhost.conf information. It does create a new default_include file, but not with information pulled from vhost.conf. The end result is that the server does not allow PHP to access the directory I created above the web root.

If I force the issue and directly edit the current default_include file, everything works correctly. This is a bit hacky though, since it looks to be configuring a temporary file, not creating a permanent change to which directories are allowed.

For what it’s worth, (mt)’s phone technical support says the only way to make this work is to completely disable open_basedir. I would prefer your approach if it’s still working for you.

Thank you for your time.

Comment on SFTP-only Accounts With Media Temple DV 4 by Steve

Steve — Mon, 19 Sep 2011 02:39:14 +0000

Excellent worked like a charm. Only issue is that I can move up to the parent directories. Any way to lock out the new users to parent directories?

Comment on Storing Files Above the Web Root on Media Temple DV by Yulia

Yulia — Tue, 09 Aug 2011 20:03:19 +0000

Thank you so much!! This is exactly what i needed, and i couldnt figure it out for the life of me!!!

Comment on ImageMagick, Imagick, and Opticrop on Dreamhost’s Shared Hosting by Chris Carrigan

Chris Carrigan — Thu, 07 Jul 2011 06:30:43 +0000

** This post is just a note about correcting my previous one, it removed the {username} part of the line about what to change the line to. If you can edit the post and add that in before approving it, that would fantastic. I’m sure there are others out there who could benefit greatly from your article as well. Thanks**

Comment on ImageMagick, Imagick, and Opticrop on Dreamhost’s Shared Hosting by Chris Carrigan

Chris Carrigan — Thu, 07 Jul 2011 06:19:26 +0000

I thought I would add one additional note from my install, when trying to install imagick I received the following error:

checking ImageMagick MagickWand API configuration program… configure: error: not found. Please provide a path to MagickWand-config or Wand-config program.

After doing a big of useless searching through the endless miles of google soup, I finally got frustrated enough to try it on my own. Here’s what I came up with:

nano configure

Do a ^W to search the document for MagickWand (must be capitalized this way) and you will find a number of lines that are used for that API. The line you are interested in is the line that reads:

for i in $PHP_IMAGICK /usr/local /usr;

Modify it to read:

for i in $PHP_IMAGICK /usr/local /usr /home//local;

This allows it to search your /local/bin folder under your user installation.

After the rest of the directions worked like a charm.

Thanks again for an awesome write-up on this!