The Wonderful World Of Linux

Linux, Mac, Web Hosting and Whatnot

How to Build Multiple Versions of PHP With cPanel

| Comments

For the longest time I have wanted to be able to support multiple versions of PHP within apache and cPanel but I wasn’t able to find any sort of guide on this. After searching for a while, I did come across ntphp and these guys did a really, really great job! If you are looking for a quick and simple way to get multiple versions of PHP that also comes with a cPanel plugin, check these guys out! However, I like to do things myself and come up with my own way of doing things. So here is my guide to installing multiple versions of PHP in cPanel!

A couple Things to Note

  • This will only work with suPHP (Not DSO or mod_ruid2)
  • This does not sync up with EasyApache or rebuild with EasyApache
  • You probably shouldn’t build the same version as the default. If your default PHP version is 5.4, then don’t build php5.4 via this method. I don’t think anything will happen but I would personally avoid it.

Installing PHP 5.2

Php 5.2 is slightly different because it requires a patch in order to build correctly. If you don’t care about 5.2, skip down to 5.3, 5.4, and 5.5. Recently, multiple versions of PHP were labeled with a vulnerability and its recommended you avoid those versions. All versions of PHP 5.2 were listed because 5.2 is officially end of life and has not and will not be updated. Basically, you should NOT be using this version of PHP. With that being said, I have had some clients that did require this and had not had a chance to upgrade their site code. This method below is perfect for this scenario! You can have PHP 5.5 as the default and install PHP 5.2 for that 1 client that refuses to upgrade their 4 year old code. Lets take a look at the process!

Download and Extract It

Lets start by downloading it! We have to go to the PHP museum for this:

1
2
3
4
5
su -
cd /usr/local/src/
wget -O php-5.2.17.tar.gz http://museum.php.net/php5/php-5.2.17.tar.gz
tar -xvzf php-5.2.17.tar.gz
cd php-5.2.17

Build It

The easiest way to configure this is to copy the config options from the current working PHP (the one you built in EasyApache):

1
$(php -i | grep configure | sed s/\'//g | cut -d" " -f4- | sed "s:--prefix=/usr/local:--prefix=/usr/local/php52:")

Quick note. The $() surrounding the command basically takes the output and runs it as a command within the shell. If you are running litespeed (but using apache), copy the command above (without the $()) and remove --with-litespeed. If you don’t do this it will not build php-cgi which is required for suPHP. If you get errors about sqlite not being shared, you can simply remove it (If you don’t need it of course) by appending the following to the command --without-pdo-sqlite --without-sqlite

Next we need to add the patch for php 5.2 for it to build correctly:

1
2
wget https://mail.gnome.org/archives/xml/2012-August/txtbgxGXAvz4N.txt
patch -p0 -b < txtbgxGXAvz4N.txt

Then make it

1
make && make install

If you look in /usr/local/php52/bin you should see a binary file called ‘php-cgi’. If you do not then you will need to go back and run this from the “build it” section. Append --with-apxs2=/usr/local/apache/bin/apxs to the end of the configure line. Apxs is located in /usr/local/apache/bin/ by default in cpanel but it never hurts to verify. Then you can go back and run make && make install. You should now see the php-cgi binary.

Add It To Apache

Generate the PHP config:

1
2
3
4
5
6
cat > /usr/local/apache/conf/php52.conf << EOF
AddType application/x-httpd-php52 .php52 .php
<Directory />
   suPHP_AddHandler application/x-httpd-php52
</Directory>
EOF

And add the include to apache:

1
echo "Include /usr/local/apache/conf/php52.conf" >> /usr/local/apache/conf/includes/pre_main_global.conf

Then Add the Handler to suPHP’s config:

1
sed -i '/\;Handler for php-scripts/a application\/x-httpd-php52=\"php\:\/usr\/local\/php52\/bin\/php-cgi\"' /opt/suphp/etc/suphp.conf

Copy a default php.ini into 5.2

1
cp /usr/local/cpanel/scripts/php.ini /usr/local/php52/lib/

And restart Apache!

1
service httpd restart

Configure Domain To Use This PHP

Add the following /home/username/public_html/.htaccess

1
AddType application/x-httpd-php52 php

And you are done! All of your php binaries and libraries are located at /usr/local/php52/. The php binary is /usr/local/php52/bin/php and pecl/pear is located at /usr/local/php52/bin/pecl. Your php.ini will be reachable from here /usr/local/php52/lib/php.ini. Enjoy!

Installing PHP 5.3, 5.4, 5.5

These do not require a patch and the setup is exactly the same. However, please READ EACH COMMAND CAREFULLY. Im going to write this guide for PHP 5.5 but if you want to use this for php 5.3 or 5.4, please make sure you read every command and replace all applicable strings with your version. You’ll want to replace all instances of 5.5.10 and all instances of php55 with your respective version. Lets get going!

Download and Extract It

Lets start by downloading it:

1
2
3
4
5
su -
cd /usr/local/src/
wget -O php-5.5.10.tar.gz http://us1.php.net/get/php-5.5.10.tar.gz/from/this/mirror
tar -xvzf php-5.5.10.tar.gz
cd php-5.5.10

Build It

The easiest way to configure this is to copy the config options from the current working PHP (the one you built in EasyApache):

1
$(php -i | grep configure | sed s/\'//g | cut -d" " -f4- | sed "s:--prefix=/usr/local:--prefix=/usr/local/php55:")

Quick note. The $() surrounding the command basically takes the output and runs it as its own command within the shell. If you are running litespeed (but using apache), copy the command above and remove --with-litespeed. If you don’t do this it will not build php-cgi which is required for suPHP. If you get errors about sqlite not being shared, you can simply remove it (If you don’t need it of course) by appending the following to the command --without-pdo-sqlite --without-sqlite

Then we make it and install:

1
make && make install

If you look in /usr/local/php55/bin you should see a binary file called ‘php-cgi’. If you do not then you will need to go back and run this from the “build it” section. Append --with-apxs2=/usr/local/apache/bin/apxs to the end of the configure line. Apxs is located in /usr/local/apache/bin/ by default in cpanel but it never hurts to verify first. Then you can go back and run make && make install. You can should now see the php-cgi binary.

Add It To Apache

Generate the PHP config:

1
2
3
4
5
6
cat > /usr/local/apache/conf/php55.conf << EOF
AddType application/x-httpd-php55 .php55 .php
<Directory />
   suPHP_AddHandler application/x-httpd-php55
</Directory>
EOF

And add the include to Apache:

1
echo "Include /usr/local/apache/conf/php55.conf" >> /usr/local/apache/conf/includes/pre_main_global.conf

Add the Handler to suPHP:

1
sed -i '/\;Handler for php-scripts/a application\/x-httpd-php55=\"php\:\/usr\/local\/php55\/bin\/php-cgi\"' /opt/suphp/etc/suphp.conf

Copy a default php.ini:

1
cp /usr/local/cpanel/scripts/php.ini /usr/local/php55/lib/

And restart Apache!

1
service httpd restart

Configure Domain To Use This PHP

Add the following /home/username/public_html/.htaccess

1
AddType application/x-httpd-php55 php

And you are done! All of your php binaries and libraries are located at /usr/local/php55/. The php binary is /usr/local/php55/bin/php and pecl/pear is located at /usr/local/php55/bin/pecl. Your php.ini will be reachable from here /usr/local/php55/lib/php.ini. Enjoy!

Wrap Up

So that wasn’t too hard! You should now have a fully functional php install for your clients! Another quick note, this doesn’t work with litespeed. I’ll be writing up a litespeed specific version in a little while. I also plan on creating a WHM plugin for this to quickly generate new php versions (And even get fancy like having several instances in the same branch). If that ever happens I’ll post about it here. If you have any questions, hit me up in the comments or on twitter. I can’t guarantee I’ll have the answers but I’ll give it my best!

Building Python2.7 and Python3 on CentOS and cPanel

| Comments

Python is built right into CentOS but if you are using CentOS 5 you are stuck with python2.4. This is pretty old and we are getting to the point where many plugins simply will not work with it any longer. You may be on CentOS 6 which is better but still behind. This will allow you to install python 2.7 or 3.0 without removing built in to CentOS. I havent tested it but there is no reason this will not work with Ubuntu or Debian. To access this you will have to launch the program by typing “python2.7” or “python3” rather than just “python”. You can then put /usr/local/python2.7/bin/python2.7 in the shebang of the script to have it called automatically.

Another note, many admins prefer not to even mess with it this way as Yum relies on python to do its work. This method will install python2.7 or python3 without breaking yum. Lets get started!

PreReq

If you havent already, go ahead and install the development tools

1
yum groupinstall "Development Tools"

You will also need the zlib developer package and openssl-devel

1
yum install zlib-devel openssl-devel

Installing Python 2.7

1
2
3
4
5
6
7
cd /usr/local/src
wget http://python.org/ftp/python/2.7.9/Python-2.7.9.tgz
tar xzf Python-2.7.9.tgz
cd Python-2.7.9
./configure --prefix=/usr/local/python2.7 --with-libs --with-threads --enable-shared
make
make altinstall

This will install the python2.7 binaries and library files to /usr/local/python2.7/. This will keep everything organized and out of the way of the base python installation. Next we will add the lib folder to the library path and update our global PATH upon login

1
2
3
echo 'PATH=$PATH:/usr/local/python2.7/bin' > /etc/profile.d/python2.7-path.sh
echo 'export PATH' >> /etc/profile.d/python2.7-path.sh
echo "/usr/local/python2.7/lib" > /etc/ld.so.conf.d/opt-python2.7.conf

We can now run the following to update the servers library cache and our own session

1
2
ldconfig
source /etc/profile.d/python2.7-path.sh

Its also a good idea to install setup tools because who does not like to easy_install?

1
wget https://bitbucket.org/pypa/setuptools/raw/bootstrap/ez_setup.py -O - | python2.7

Thats it! Python 2.7 can be ran by typing “python2.7” and easy_install can be ran by typing “easy_install-2.7”. While you are here, go ahead and install pip. To anwer the previous question of “Who does not like to easy_install?”. Those who pip install!!

1
easy_install-2.7 pip

This can now be called by typing “pip-2.7” and you should have a fully complete setup!

Install Python3

This is virtually the same method as above. You can call up this version of python by typing “python3.4” or simply “python3”

1
2
3
4
5
6
7
cd /usr/local/src
wget http://python.org/ftp/python/3.4.2/Python-3.4.2.tgz
tar xzf Python-3.4.2.tgz
cd Python-3.4.2
./configure --prefix=/usr/local/python3.4 --with-libs --with-threads --enable-shared
make
make altinstall

This will install the python3.4 binaries and library files to /usr/local/python3.4/. This will keep everything organized and out of the way of the base python installation. Next we will add the lib folder to the library path and update our global PATH upon login

1
2
3
echo 'PATH=$PATH:/usr/local/python3.4/bin' > /etc/profile.d/python3.4-path.sh
echo 'export PATH' >> /etc/profile.d/python3.4-path.sh
echo "/usr/local/python3.4/lib" > /etc/ld.so.conf.d/opt-python3.4.conf

We can now run the following to update the servers library cache and our own session

1
2
ldconfig
source /etc/profile.d/python3.4-path.sh

For easy_install you had to use distribute but now you can use the same setup tools as before!

1
wget https://bitbucket.org/pypa/setuptools/raw/bootstrap/ez_setup.py -O - | python3.4

Then install pip

1
easy_install-3.4 pip

And thats it boys and girls!

Install Node and NPM Without Compiling

| Comments

You can easily install NodeJS with NPM via your default repository. If it isnt in there, due to the popularity, its likely in one of the many community repositories such as the EPEL and RPMForge repositories, but unfortunately they are rarely up to date. Luckily, getting the latest version of node and npm could not be easier! Lets get started by grabbing some dependencies:

Prerequisites

Ubuntu

1
sudo apt-get install g++ curl libssl-dev apache2-utils

CentOS

You can just grab all the development tools

1
yum -y groupinstall "Development Tools"

Installing the Precompiled Binary

This is by far the easiest way as there is no compiling what so ever, the nice folks at NodeJS have done all that for you! However, because it is precompiled you may run into some issues but I personally havent experienced any yet.

1
2
3
4
cd /usr/local/src
wget http://nodejs.org/dist/latest/$(curl http://nodejs.org/dist/latest/ 2>1  | grep linux | sed -e 's/<[^>]*>//g' | awk '{print $1 }' | grep $([[ $(getconf LONG_BIT) = 64 ]] && echo x64 || echo x86))
cd node-*
rsync -Pav {bin,lib,share} /usr/

We first start by switching into our src directory. I like doing this as having random source files spread out in /root and /home can be awfully messy. The very next line is a fancy wget statement that curls the nodejs latest folder, grep’s for linux, strips out the html and then greps for whichever result matches your architecture and then downloads it! Pretty fancy! Followinng this we cd into the newly untarred directory and simply rsync the binary and library files. Thats it! You can verify by running the following:

1
node -v ; npm -v

If its copied correctly, those commands will not error out.

But I Like Compiling!!!

Well fine then, luckily its just as easy!

1
2
3
4
5
6
cd /usr/local/src
git clone git://github.com/ry/node.git
cd node
./configure
make
make install

And thats that! Enjoy Node!!

How to Install the Newest ImageMagick in Centos

| Comments

For whatever reason I always had trouble installing the ImageMagick RPM’s from their website. So when I got a good guide written down I figured Id share it with everyone. Here’s how to install the latest and greatest ImagickMagic rpm’s to Centos 5 and Centos 6 and should be compatible with most cpanel systems!

Prerequisites

Lets download all of the development tools and prerequisites

1
2
yum -y install gcc gcc-c++ make
yum -y install rpmdevtool libtool-ltdl-devel freetype-devel ghostscript-devel libwmf-devel lcms-devel bzip2-devel librsvg2 librsvg2-devel libtool-ltdl-devel autotrace-devel fftw3-devel libtiff-devel giflib-devel libXt-devel xz-devel 

The we’ll download all the rpms:

1
2
3
4
5
6
7
8
9
10
11
12
13
#ImageMagick
wget -rnd ftp://ftp.imagemagick.org/pub/ImageMagick/linux/CentOS/$(uname -i)/

#lifttw3 for  CentOS 5 Only
if [ "$(cat /etc/redhat-release | cut -d' ' -f3 | cut -d'.' -f1)" == 5 ]
then
  wget -rnd http://pkgs.repoforge.org/fftw3/fftw3-3.1.1-1.el5.rf.$(uname -i).rpm
  wget -rnd http://pkgs.repoforge.org/fftw3/fftw3-devel-3.1.1-1.el5.rf.$(uname -i).rpm
fi

#And Djvulibre
wget http://pkgs.repoforge.org/djvulibre/djvulibre-devel-3.5.22-1.el5.rf.$(uname -i).rpm
wget http://pkgs.repoforge.org/djvulibre/djvulibre-3.5.22-1.el5.rf.$(uname -i).rpm

We need to copy libltdl to livltdl.so.3. You’ll get an error on Centos 5 most likely. You can ignore it if you do.

1
2
3
4
5
6
if [ "$(uname -i)" == "x86_64" ]
then
  cp /usr/lib64/libltdl.so /usr/lib64/libltdl.so.3
else
  cp /usr/lib/libltdl.so /usr/lib/libltdl.so.3
fi

Finally, install the RPMs…

1
rpm -Uvh *.rpm --nodeps --force

And verify!

1
2
3
4
[[email protected] imagemagick]# convert --version
Version: ImageMagick 6.8.6-9 2013-08-25 Q16 http://www.imagemagick.org
Copyright: Copyright (C) 1999-2013 ImageMagick Studio LLCFeatures: DPC OpenMP
Delegates: bzlib cairo djvu fftw fontconfig freetype gslib jng jp2 jpeg lcms ltdl lzma openexr png ps png rsvg tiff webp wmf x xml zlib

You can also give it a test by creating a sample image from text:

1
convert -background 'rgb(3,27,5)' -fill white -font Helvetica-Bold -size 250x100  -pointsize 42 -gravity center label:'Linux Rulez!!' linux.gif

ImageMagick PHP Extension

You may also need to install the ImageMagick PHP Extension and its just as annoying. Lets get started, we need to create some folders and link some files:

1
2
mkdir -p $(MagickWand-config --prefix)/include/ImageMagick/
ln -s /usr/include/ImageMagick-6/wand $(MagickWand-config --prefix)/include/ImageMagick/wand

Download the file:

1
2
3
4
cd /root
wget http://pecl.php.net/get/imagick-3.1.0RC2.tgz
tar xzf imagick-3.1.0RC2.tgz
cd imagick-3.1.0RC2

And install:

1
2
3
4
phpize
./configure PKG_CONFIG_PATH=/usr/local/lib/pkgconfig/
make
make install

Add it to the php.ini:

1
echo "extension=imagick.so;" >> /usr/local/lib/php.ini

And verify!!

1
2
3
4
5
6
7
[[email protected] ~]# php -i | grep imagick
imagick
imagick module => enabled
imagick module version => 3.1.0RC2
imagick classes => Imagick, ImagickDraw, ImagickPixel, ImagickPixelIterator
imagick.locale_fix => 0 => 0
imagick.progress_monitor => 0 => 0

Change PECL Tmp Directory

| Comments

If you’ve ever ran into the “/tmp/foobar does not exist or is not executable” after running “pecl install foobar” then its likely because /tmp is set to noexec in the fstab. Obviously removing the noexec flag and rebooting or remounting will fix the problem but generally the time required to do this and the fact that processes will need to be temporarily halted doesnt make this necessarily the best option. Lets do a quick little fix!

1
2
mkdir /root/tmp
pecl config-set temp_dir /root/tmp

If this yells at you and says it failed, try this:

1
pear config-set temp_dir /root/tmp

Then “pecl install foobar”!

Find Which Accounts Are Potential Spammers in cPanel/Exim

| Comments

So you’ve discovered that all of a sudden your server load has shot and your email inbox is getting filled up with hundreds of bounce backs. You sir may be spamming! Now if you are a spammer, this isnt really much of a shock.

But if you’re not a spammer you may be wondering what happened. Well odds are your website got hacked or your personal machine has a virus/malware. Now usually if your website gets hacked its because you are using an outdated version of your CMS software. Because wordpress doesn’t auto update and we don’t always login every day (especially if your wordpress just hosts a static website) it can be hard to keep up with the constant updates. And of course in doing so all the little hackers out there are now able to exploit whatever security holes you didn’t patch. On top of this it isn’t just the wordpress core we have to worry about, but also the plugins and the themes. Joomla and drupal and practically all other CMS’s follow the same logic. Keep your apps up to date and your chances of being compromised slim down quickly. What happens though when you are compromised? Usually the attacker places a php file on the server that acts as part of a ddos or a script that sends out a ton of spam. If your personal machine was compromised then whatever application you are running to connect to your email (such as outlook, thunderbird, etc) is usually used (or they just grab any IMAP/SMTP connection info) and use that to start spamming.

Ok, so we know that someone on the server is spamming. We don’t know if its a script or if its because someone’s personal machine got attacked. Lets take a look a couple one liners to help out with this. First, lets look at a command which searches for all external logins (meaning the personal local machine was compromised)

Installing Git on cPanel/CentOS Servers

| Comments

Git is awesome, plain and simple! If you would like to install this on a cPanel and/or a CentOS based server you have 2 options: Installing from and RPM or installing from source.

RPM/Yum Based

You should just simply be able to do a yum install on the server and git will e pulled from the “updates” repo:

1
yum install git

If you run into a dependency issue with perl-Git, check and make sure that perl is not entered into the excludes in /etc/yum.conf. Now one issue with simply pulling from the basic repo is that the version may not be as up to date as possible. On my server I pulled down version 1.7.1, however the latest stable version of git is 1.8.2. You may be able to find much more up to date versions in the EPEL repo or RPMForge. You can also install the latest available version straight from source:

Source Install

First off, you’ll want to make sure you have any and all dependencies taken care of:

1
yum -y install curl-devel expat-devel gettext-devel openssl-devel zlib-devel

Now lets grab the latest version and git (See what I did there?) to work!!

1
2
3
4
5
6
cd /usr/local/src/
wget https://github.com/git/git/archive/master.tar.gz
tar xzf master
cd git*
make prefix=/usr/local all
make prefix=/usr/local install 

And thats it! Now feel free to learn git (http://try.github.com) and give it a shot!

1
2
[email protected] [~]# git --version
git version 1.8.2.GIT

Rebuilding Spamd on cPanel

| Comments

Spamd on cpanel seems to always fail for me. I dont if its something special within my config or if its just a cpanel thing in general. Because I am a lazy admin I dont always bother with fixing things but jump to rebuilding them…this usually does the trick for me:

1
2
3
4
5
6
7
rpm -e `rpm -qa | grep spam`
/usr/local/cpanel/scripts/installspam --force
sa-learn -D --force-expire
sa-update -D
/usr/local/cpanel/scripts/spamassassin_dbm_cleaner
/usr/local/cpanel/scripts/fixspamassassinfailedupdate
/usr/local/cpanel/scripts/restartsrv_spamd

This just completely reinstalls spamd and cleans up any messes. Does the trick for me!

Getting Started With HA Proxy [High Availability]

| Comments

HAProxy is a very fast, very awesome and very free TCP/HTTP Load Balancer and Failover program. Its very simplistic but also quite powerful. The configuration is flexible enough to fit into many high traffic infrastructures but also simple enough to fit into any design seeking simple high availability. It can support tens of thousands of connections at high speeds and can even private a private to public address “translation” if you will by hiding web servers from the internet.

One of the most popular scenarios for HA Proxy is load balancing in its simplest form. A web server struggling to keep up with traffic demands would benefit by throwing the software in front of the web server, adding a second server and balancing between the two. This would effectively cut the load in half on any individual server and distribute it amongst the two, or however many you want, and should yield a much more stable web site.

However load balancing is only the beginning, because of the powerful nature of the config many webmasters have found that much of its value lies in its ability to be a “traffic cop” if you will. Imgur has a really interesting post on how they utilize the software, not for load balancing, but for directing any image requests to another server. Essentially, HA Proxy is grabbing any GET requests destined for any JPG, PNG or whatever and sending to a separate Lighttpd process and everything else goes to apache. It would be trivial to take this concept and use it to your advantage. Rather than writing any custom code to separate out certain elements you could simply write your requests in HA Proxy to rewrite your images, javascripts, css files, whatever to a CDN and send all traffic to a dedicated server. Its the flexibility and power that makes this a necessary piece of software for any linux fan to take hold of. There are dozens of other case uses (Conveniently located on their site) and quite a few more advanced features. For now, lets just get this software installed and setup a basic round robin config setup!

Switching Over to InnoDB From MyIsam

| Comments

InnoDB can be a complete pain to manage, troubleshoot and fix…but this is all wiped out by its impressive performance improvements as documented all over the place. Now simply switching to InnoDB on your tables should increase your performance but you can go even further by optimizing them to take advantage of some of the core features of InnoDB. Either way, switching should be your first step, lets get started!