SWAT Blog

Archive for the ‘Uncategorized’ Category

Nginx Server Blocks Setup on Ubuntu 14.04 LTS

Friday, May 6th, 2016

(Nginx Server Blocks run more than one domain on a single server)

Prerequisites:-
User with sudo privileges.

Open Terminal and install Nginx on your server by typing:-

user1@ubuntu:~$ sudo apt-get update
user1@ubuntu:~$ sudo apt-get install nginx

Create directories for each domain example.com and myexample.com site:-

user1@ubuntu:~$ sudo mkdir -p /var/www/example.com/html
user1@ubuntu:~$ sudo mkdir -p /var/www/myexample.com/html

Transfer ownership to our regular user.

user1@ubuntu:~$ sudo chown -R $USER:$USER /var/www/example.com/html
user1@ubuntu:~$ sudo chown -R $USER:$USER /var/www/myexample.com/html

Correct the permissions of our web roots.

user1@ubuntu:~$ sudo chmod -R 755 /var/www

Create Sample Pages for each site.
We’ll create a first basic file that indicates what site we are currently accessing.

user1@ubuntu:~$ vim /var/www/example.com/html/index.html
<html>
    <head>
        <title>Welcome to Example.com!</title>
    </head>
    <body>
        <h1>Success! Working!</h1>
    </body>
</html>

Save and Exit.
Our second site is the same, we can copy first site over to our second document root.

user1@ubuntu:~$ cp /var/www/example.com/html/index.html /var/www/myexample.com/html/

Now,we open the 2nd file in editor and modify it so that it refers to our second domain.

user1@ubuntu:~$ vim /var/www/myexample.com/html/index.html
<html>
    <head>
        <title>Welcome to Myexample.com!</title>
    </head>
    <body>
        <h1>Success! Working!</h1>
    </body>
</html>

Save and Exit.

Create Server Block Files for each Domain.
We will create our first server block config file by copying over the default file.

user1@ubuntu:~$ sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/example.com

Now, open the file example.com you created in your text editor with root privileges.
Your file will look something like this:

user1@ubuntu:~$ sudo vim /etc/nginx/sites-available/example.com
 
  server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

        #root /usr/share/nginx/html;
        root /var/www/example.com/html;
        index index.html index.htm;

        # Make site accessible from http://localhost/
        #server_name localhost;
        server_name example.com www.example.com;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }

Save and Exit.

Copy initial server block configuration over to create a new file. Open new file with root privileges in editor.
Your file will look something like this:

user1@ubuntu:~$ sudo cp /etc/nginx/sites-available/example.com /etc/nginx/sites-available/myexample.com

server {
        #listen 80 default_server;
        #listen [::]:80 default_server ipv6only=on;
        listen 80;
        listen [::]:80;
        #root /usr/share/nginx/html;
        root /var/www/myexample.com/html;
        index index.html index.htm;

        # Make site accessible from http://localhost/
        #server_name localhost;
        server_name myexample.com www.myexample.com;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }

Save and Exit.

Enable our server blocks and restart Nginx.

user1@ubuntu:~$ sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
user1@ubuntu:~$ sudo ln -s /etc/nginx/sites-available/myexample.com /etc/nginx/sites-enabled/

We can disable the default server block file by simply removing the symbolic link.
It will still be available for reference in the sites-available directory, but it won’t be read by Nginx on startup.

user1@ubuntu:~$ sudo rm /etc/nginx/sites-enabled/default
Find #server_names_hash_bucket_size 64; and remove the comment from default Nginx configuration file.
user1@ubuntu:~$ sudo vim /etc/nginx/nginx.conf
#server_names_hash_bucket_size 64;
user1@ubuntu:~$ sudo service nginx restart
Edit file /etc/hosts and add the virtual domain names one by one as shown below.
user1@ubuntu:~$ sudo vi /etc/hosts
127.0.0.1       localhost
127.0.1.1       user1
172.17.0.48     example.com
172.17.0.48     myexample.com
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
Save and Exit.
Open up your browser and point to the URL, you should see the sample pages.

http://example.com
http://myexample.com

If you are on command line (Terminal) then browse URL shown below.

user1@ubuntu:~$ links http://example.com/
user1@ubuntu:~$ links http://myexample.com/

If you want to access these sites from remote systems, you should add the actual domain name records in DNS server. Similarly, you can add as many as Server Blocks you wanted.

Fixed: Google Chrome Can Not Be Run As Root. (Ubuntu)

Thursday, December 13th, 2012

Google restricted running Chrome from root user account as it is directly linked with security issues. So if you understand the risks, here is how to make Google Chrome work from root.

  1. Open a Terminal Window (Ctl+Alt+T)
  2. Run this command -> sed -i ‘s/geteuid/getppid/g’ /opt/google/chrome/chrome
  3. Launch Google Chrome

This is assuming the google executable is present at /opt/google/chrome/chrome. Otherwise replace it with the correct path.

Process Address Space – Code, gvar, BSS, Heap & Stack

Wednesday, March 23rd, 2011

Almost all modern operating systems implement Memory Protection to protect access to a private address allocated to a process by other processes to avoid storage violation. this private space is called Process Address Space.

Process Address Space partitioned into various memory areas or segments based on the functional differences.

Text/Code Segment

This segment, also known as the code segment, holds the executable instructions of a program.

  • execute-only
  • fixed size

Data Segment

The data area contains global and static variables used by the process that are initialized. This segment can be further classified into initialized read-only area and initialized read-write area.

  • Gvar Section
    A global variable that is initialized and stored in the data segment. This section has read/write attributes but cannot be shared among processes running the same program.
  • BSS Section
    This section holds uninitialized data. This data consists of global variables that the system initializes with 0s upon program execution. Another name for this section is the zero-initialized data section.
  • Heap Section
    This is used to grow the linear address space of a process. When a program uses malloc() to obtain dynamic memory, this memory is placed in the heap.The heap area begins at the end of the BSS segment and “grows up” to larger addresses from there. The Heap area is shared by all shared libraries and dynamically loaded modules in a process.

    • read/write
    • variable size
    • dynamic allocation by request

Stack Segment

This contains all the local variables that get allocated. When a function is called, the local variables for that function are pushed onto the stack. As soon as a function ends, the variables associated with the function are popped from the stack. Other information, including return addresses and parameters, is also stored in the stack. The stack is a LIFO structure, typically located in the higher parts of memory. It usually “grows down” with every register, immediate value or stack frame being added to it.

  • read/write, variable size
  • automatic growth/shrinkage
  • © 2004-2015 Special Work & Technology Limited