How to fix CPanel Server Error due to file permissions

I’ve run into a problem a couple times that maybe you have seen too.  After uploading a website that is maintained by a CPanel backend, you run into a “403 Forbidden” and “500 Internal Server Error” problems.

Unfortunately, a CPanel installation is not usually helpful in this matter. It turns out, the problem is usually simple to solve. Usually, these errors are caused by security settings that are default in CPanel. They ensure that other accounts on the system are not able to mess with your files.

The fix

To fix the problem, open up a terminal window and run the following code (replace your webroot directory as needed):

find /path/to/base/dir -type d -print0 | xargs -0 chmod 755 
find /path/to/base/dir -type f -print0 | xargs -0 chmod 644

That’s it. Problem solved. Go load your website and enjoy the permission error free experience.

Creating a patch file in Git

I don’t usually use patch files for their intended purpose (patching). I just don’t have the need for them in my development process. But, I do think the files themselves have another valuable purpose. They make a great way to do a quick code review of changes that were made.

So, whether you are actually applying a patch, or you just wish to review the changes between commits quickly, patch files are valuable.

If you wish to create a patch file with Git, it is a simple command…

git diff commit1 commit2 > nameOfPatch.patch

Continue reading

Terminal Window

Open in terminal menu for Ubuntu

Back when I used Windows, on e of my first modification would be to install Windows power toys and get the “Open command prompt here” right click menu working. Occasionally, I find this could be useful in Ubuntu when using Nautilus (the default file manager).

By default, a right click option for this does not exist. But like most things in Ubuntu, it is simple to add:

  1. Open your terminal and type: `sudo apt-get install nautilus-open-terminal`
  2. Close all open sessions of Nautilus by typing `nautilus -q`
  3. Open Nautilus and right click somewhere. You now have an “open in terminal” option.
JQuery - Write more, do less

Toggling table rows with JQuery

Sometimes webpages and forms grow too large to be viewed comfortably. This can confuse the user. It is kind of like a kid dumping out his toy boxes on the floor all over the house. Now he can’t find anything and the landscape becomes daunting to navigate.

A quick solution in the web world is to collapse a section. This will work for divs or tr (table rows), etc.

Using JQuery, I can select a class and tell it to collapse everything until the next class instance. This is a very quick way to enhance the usability of your tables, forms, etc. The code below collapses on table headers (th), but you can modify to be used elsewhere.

<script>
$(function() {
$(‘.subheader’).click(function(){
$(this).nextUntil(‘th.subheader’).slideToggle(500);
});
});
</script>

replace

Dealing with config files in Git

So while developing for my job, I’ve come across an interesting challenge. How does one automatically change config file values based on the branch they are currently using in Git?

Background

So for one of my projects, we have a website that is used on several domains. Due to certain constraints and history of our project, we have forked the website into two versions. Each version has its own master branch (Master and Master_ExtraFeatures).

Master_ExtraFeatures always contains all the features of master, but also contains some additional code.

When testing Master_ExtraFeatures, we have to modify the config file a little bit. Since we do not keep the config files as part of the Git repository, the config does not change when I checkout Master or Master_ExtraFeatures. I have to manually update the settings, or I have to copy in a file from elsewhere.

Solution

This is by no means the only way to do it, but it works good for me. Basically, I wanted to write a script that would hook into the git process and modify the config file every time I checkout a new branch.  Clearly, this is a good candidate for Git hooks. I created a file in my .git folder called “post-checkout”.  This will be executed every time a branch is checked out. Then I added the following code:

branch=$(git rev-parse –abbrev-ref HEAD)

if [[ $branch == *ExtraFeatures* ]]
then
sed -i ‘/EXTRA_FEATURES_ENABLED/s/FALSE/TRUE/g’ /home/me/projects/website/config.php
else
sed -i ‘/EXTRA_FEATURES_ENABLED/s/TRUE/FALSE/g’ /home/me/projects /website/config.php
fi

Explanation

branch=$(git rev-parse –abbrev-ref HEAD)

  • Gets the newly checked out branch name.

if [[ $branch == *ExtraFeatures* ]]

  • Checks if the branch name contains “ExtraFeatures”. The asterisks are to wildcard the phrase.

sed -i ‘/EXTRA_FEATURES_ENABLED/s/FALSE/TRUE/g’ /home/me/projects/website/config.php

  • This is the ‘sed’ command. It is basically used for string and file manipulation. For your purposes, the format should be similar to this:
    • sed -i ‘/[PHRASE TO LOOK FOR ON A LINE IN THE FILE]/s/[PHRASE THAT WILL BE CHANGED ON THAT LINE]/[CHANGE THE PHRASE TO THIS]/g’  [COMPLETE FILE LOCATION FOR FILE THAT WILL BE SEARCHED]
    • The -i flag in sed says that the file will be written. If you want to try it without overwriting your file, skip the -i, the changes will instead be written to standard out.

You will notice I have two lines with sed. Basically this example is a simple toggle that will change the EXTRA_FEATURES_ENABLED setting from true to false.  So my config.php file changes:

from this:

define(‘EXTRA_FEATURES_ENABLED’,FALSE);

to this:

define(‘EXTRA_FEATURES_ENABLED’,TRUE);

No additional lines are affected, which is exactly what I wanted.

Auto refresh body of page with JQuery

Ever want to refresh the body of a page, but not everything else (head section, etc)?

Here is how you do it…

First, we need to make sure we include the JQuery script in our page. This should be placed at the bottom, just before the body tag.

Next, we will include a quick script below the jquery.min.js call…

<script>
$(‘#reloadbtn’).focus();
$(‘#reloadbtn’).click(function() {
$.ajax({
url: “”,
context: document.body,
success: function(s,x){
$(this).html(s);
}
});
});
</script>

Finally, create a button with a ‘reloadbtn’ id somewhere in the body of your page…

<button id=”reloadbtn” >Refresh</button>

 

That’s it. You now can refresh just the body. Using this example, you can modify it to do some other cool refreshes as well. Please comment if you have modifications to this code!

firewall

Reverse SSH to access Linux computer behind firewall.

firewallEver find yourself needed to access a computer that is behind a NAT firewall, but cannot without a bunch of goofy port forwarding rules at your router? I know, it is annoying. Here is how to SSH into your computer without adding port forwarding rules to your router’s firewall.

For ease of explaining, I will label some of these in a common setup and then refer to them as such. Your setup may be slightly different. Change the names and locations to fit your needs… In my case, I am going to have a laptop, a home desktop and a server.

When I am out and about, I bring my laptop with me. I want to connect to the home computer (running Ubuntu Linux). Since the home desktop is behind a firewall, I cannot access it directly.However, I do have a server with a public domain that I can get to from the internet. Using this, I can proxy through the server and use it as a common meeting ground.

What you will need:

  • ssh setup on all computers (Server, Laptop, and Desktop)
  • Root access on the desktop and maybe on the server
  • SSH Key (login without password) needs to be working on your Server and Desktop. See here for setup instructions.

Setup Server

  • There is not much to setup here. Let’s just say 12345 for the port (You can choose anything in range). Make sure any firewall on your system (or on an external router) allows this port. There, that is it.

Setup Home Desktop

  • On the home desktop, we need to have it connect to the server automatically. To do so, we will setup a script that will automatically dial in to the server. This script will login, but also ask that all traffic that comes into the server on a specific port be forwarded to the home desktop.
  • First, edit your ssh config file to include the following line:
    • GatewayPorts On
  • Create a new file (or modify the existing file) with this command and add the text below (this will cause the command to be executed at 10 minutes after startup): sudo vim /etc/rc.local
    • #!/bin/sh
      # ------------------------------
      # Automatically setup reverse tunnel on boot...
      # This script allows me to connect to the nat'ed computer by using a third party server as a proxy.
      # To connect from somewhere other than the office, use port 12345 like this... ssh workcomputer -p 12345
      # This should cause the job to start initially about 10 minutes after boot. It will recheck/initialize
      # every 10 minutes after that.
      # See http://terry.ipearson.net/programming/reverse-ssh-to-access-linux-computer-behind-firewall/
      # ------------------------------
      while true; do
      sleep $((60*10))
      ssh -nNT -R 12345:localhost:22 myusername@server.com
      done
  • Change the permissions of the script:
    • sudo chmod 755 /etc/rc.local
  • Now restart sshd and networking. I would recommend just restarting the computer since there appears to be a bug with network restarts in Ubuntu.
  • Now, from your laptop, ssh to the server using the port specified:
    • ssh -p 12345 user@server.com

You will notice that instead of logging in to your server, you will actually be logged in to your home desktop! You have not broken through the NAT barrier. Congrats.

 

Troubleshooting:

If you are having ‘connection refused’ errors after restarting, but it works when directly running the script, the issue may be that your root user does not have an ssh key setup properly.

Outside world access for Linux Containers

If you have ever used a virtual machine, you know how useful they can be. Linux has a special lightweight virtual machine-like interface that reuses the kernel, but installs the remaining portion of the operating system in a separate container. It uses less memory and integrates nicely with an existing system.

There are many advantages to these, but this is a functional post. Here is what you need. Note, I will be showing you instructions for Ubuntu 13.04.

First, install LXC (stands for LinuX Containers) and other needed software:

sudo apt-get install lxc bridge-utils -y

Next, download the web interface for Linux Containers

  sudo su
  wget http://lxc-webpanel.github.com/tools/install.sh -O - | bash

Note that root is required for the wget command because it is piped to a bash install script that requires root. Entering “sudo” before wget will not be enough.

At this point, you have linux containers. Go to http://localhost:5000 and login using user name ‘admin’ and password ‘admin’.

But utilities like this are no fun if they cannot be accessed through your normal router. Right now, all Containers will be created on a private 10.?.?.? network. Only your computer can access them. If that is all you need, stop here. If you would like to assign real ip addresses on your network, continue…

Note that Ubuntu uses the network manager app by default. Once we make our configuration, it is important to realize that future network changes need to be done through the command line. As soon as we modify the network settings file, all Network Manager interfaces will be overridden. This means that if you fail to setup network interfaces that already exist, they will not exist after restart.

So let us configure the network. Your setting may be different.

I use vim as my editor, you can use nano, vim, or anything else. Enter the following command:

sudo vim /etc/network/interfaces

This brings you into the main configuration for your networks. This is where you setup dns servers, interfaces, etc. The file I use is based on a dhcp connection (I create static assignments in the router for specific mac addresses.). Mine looks like this:

# interfaces(5) file used by ifup(8) and ifdown(8)

# This defines my wired interface.
auto eth0
iface eth0 inet manual

# This is the network bridge, the only thing that might need changing is the network interface name.
auto br0
iface br0 inet dhcp
bridge_ports eth0 lxcbr0

# This is the loopback – It was probably in the file by default
auto lo
iface lo inet loopback

After all that is done, restart the computer. After restart, verify that network connections work and then go to http://localhost:5000 and add a container. Make sure you change the network address to something in your network’s range (you can assign an ip, as long as it is in your subnet). If you do not assign something, an ip will be given in the range defined in your config for lxc. Also make sure that the network interface for the device is called “br0″

Tip 1: A couple of quick tips. DO NOT do this over ssh from the outside world. I’ve cut off my access a few times trying that. That being said, you probably will anyway, so maybe work on writing a script to reset settings in /etc/network/interfaces, then restart at a certain time of day if you don’t cancel it. That way, you will automatically regain access without having to be physically present.

Tip 2: If you installed on ubuntu, it probably has a default username and password of ubuntu. So ssh in with this command: (assuming the container is at 192.168.1.15)

ssh ubuntu@192.168.1.15
password: ubuntu

Tip 3: You can go to /var/lib/lxc/[NAME_OF_CONTAINER]/rootfs/ and access the folders of the file system for your virtual machine. This makes it easy to copy settings and other items into the virtual instance.

Tip 4: A good use of containers is for websites (they can each have their own ip address). Other good uses would include Caching dns servers for your network, media servers, anonybox setups, vpns, and anything else that you wish to install without screwing up your ubuntu installation settings.

Technology and freedom on the internet