Racker Hacker

To force HTTPS with a PHP script, just put this snippet near the top:

if ($_SERVER['SERVER_PORT'] != 443) {
header(”Location: https://”.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
}

The AWStats package in RHEL4/Centos4 and Plesk 8.1 uses an alias directory for the icons called /awstats-icon, but when the AWStats contents is generated, the icon directory is different (/icon). To fix this issue, change this file:

/usr/share/awstats/awstats_buildstaticpages.pl

my $DirIcons='/awstats-icon';

If you need Redhat DST change information, you can get it here.

I rarely try to toot my own horn, but I’ve created a pretty handy site. Check out Blacklist Watch if you get the chance. You can immediately test a server against the most commonly used spam blacklists available online. Soon enough, I’ll have an automated notification service so that you can be notified when your IP’s appear on a blacklist.

Here’s a quick example of the blacklist checking.

Enable these two options to disable SSLv2 and also disable ciphers which are less than 128-bit:

smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium, high

If your server is sending out spam because of some bad scripts, hunt that stuff down:

grep POST /var/log/httpd/access_log | awk '{ print $7 }' | sort | uniq -c | sort -rn

Or on Plesk:

grep POST /home/httpd/vhosts/*/statistics/logs/access_log | awk '{ print $7 }' | sort | uniq -c | sort -rn

To stop those evil double bounce e-mails in Plesk, just do:

echo "#" > /var/qmail/control/doublebounceto