Tag Archives: Linux - Page 2

ModSecurity Vulnerabilities Fixed

ModSecurity versions 2.5.8 and 2.5.9 have been released to fix two vulnerabilities which could be used to cause a denial of service (DoS).  The first vulnerability is fixed in version 2.5.8 and the second (as it was disclosed after version 2.5.8 was already frozen) is fixed in version 2.5.9.  Because of this, the 2.5.8 release should be disregarded in favor of 2.5.9.  Both vulnerabilities, however, have workarounds until ModSecurity can be upgraded/patched.

Read more…

1 Star2 Stars (+8 rating, 2 votes)

Joomla/Mambo – PDF Indexer Module

PDF Indexer

Allow PDFs to be searched via the Joomla/Mambo search module.

This Joomla/Mambo Component allows you to index PDFs located within your Joomla directory and the corresponding mosbot allows that index to be searched using the Joomla search component. This allows the text of PDFs to be viewed when searching a Joomla site.

Version 2.4

New Features:
* Joomla 1.5 legacy support
* More bug fixes

Also Featuring:
* Indexes new pdfs only so indexing is much faster.
* PDF file version changes.  It will automatically detect if a PDF has changed and index it on the next pass.
* Delete indexes to PDFs that have been removed from your file structure.
* Password Protected PDF indexing!
* Ability to edit past indexes (For those image based pdfs, add keywords, phrases)
* Improved MosBot
* Other Various Bug Fixes

Does not work on servers in SafeMode or when Popen is off.

Great work! Really!
But i run into a big problem…

I have tested PDF Indexer with Joomla 1.5 and works PERFECT with “small” pdf files.
With “Small” pdf files I mean up to 1 MB.
When I tried a “bigger” pdf file like 10 MB or even worst 40MB or 80MB, although it seemed that it was working (that is, no errors found) when I tried to see it in “Modify Indexes” from the Administration Menu… it wasn’t there.


1. Edit the file…

Lines 366,445:
Change this…
$contents .= fread($handle2, 8192);
to this…
$contents .= fread($handle2, $fileSize);

then add the following line…
in the first lines of the file.

Alternative: If you have access, change the memory_limit = 32M to  memory_limit = 128M in your /etc/php.ini file. Restart apache !!!

2. Edit the file…
set-variable = max_allowed_packet=xM
where xM the needed MB (for example 5MB)!

Fire up phpMyAdmin or open your favorite MySQL Manager.
Go to the Joomla DATABASE and in the TABLE that stores the data for indexing edit the FIELD Description to LONGTEXT.
Restart mysql !!!

That’s all!

The results were great. In a few seconds a 78MB pdf file was indexed !

Hotlinking, Bandwidth Theft and mod_rewrite

Have you seen your bandwidth increase without reason !?!?!
I guess you have…
Hotlinking (Bandwidth Theft) makes your bandwidth limit up!

You have taken a few nice photos with your brand new camera and you have uploaded them to your blog (website) so family,friends and visitors could see them.
That is so… nice.
That is what the HotLinkers said too.

Use the mod_rewrite module of Apache.
Let’s say your site’s url is www.MyDomain.com.
Fire up your preffered editor, copy these lines below…

RewriteEngine On
# Uncomment the next line if you have placed your images in a folder called photos. As you can see /photos/ is in root directory and the .htaccess file will take care all the subfolders if you have any...
# RewriteBase /photos/
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?MyDomain.com/.*$ [NC]
RewriteRule \.(gif|jpg|swf|flv|png|JPG)$ http://www.MyDomain.com [R,NC]

and paste them to a file you will call .htaccess (mind the dot please… it’s important!)
Put the .htaccess file to the folder where your photos are…
That’s all!

Keep in mind that even Google will not be able to HotLink your images. If you want to allow this, just insert this line…

RewriteCond %{HTTP_REFERER} !^http://(www\.)?images.google.com(/)?.*$ [NC]

Before the RewriteRule.
Now you are done.

“The great thing about mod_rewrite is it gives you all the configurability and flexibility of Sendmail. The downside to mod_rewrite is that it gives you all the configurability and flexibility of Sendmail.”
— Brian Behlendorf

“Despite the tons of examples and docs, mod_rewrite is voodoo. Damned cool voodoo, but still voodoo.”
— Brian Moore


1 Star2 Stars (+17 rating, 4 votes)