2012 Updates!

Salams

Been a really long time since we updated this blog back in November it seems! We have not completely vanished we still around alhumdulillah!

So whats been going on since then?

Quite a lot infact

We have just completed designs of 2 websites

www.deencarrier.com << They provide unique Islamic Jewellery and

www.turath.co.uk << They sell a nice collection of Islamic Books

so do check them both out inshallah!

We also developing a few apps at the moment (Yup we do App development too)

One for a Quran Color Coded Tajweed Quran and another a Prayer app Watch this space for more information

and just generally busy with things sadly

Also We have had to increase our domain name prices by $1 (Only one Dollar) due to pricing increase over at ICANN but we still cheap though!

Anyway bit short blog so will update soon again inshallah!

We still around don’t worry

Wassalam

Magento Woes!

Salams

We are currently designing a few E-commerce based websites using Magento! Installed through softaculous

Installation went fine and the software is really good although it can be a bit of a fiddle to find your way around

Anyway Aside from that we can across a few very puzzling Errors

Each time we tested it out by adding items in the checkout if you go checking out it returns with error 500!

Cpanel Log showed “client Denied access by Server” Some help that was!

So then you can take a look at the actual Magento error log itself located in your magento directory called error_log

this showed

[05-Nov-2011 14:14:42] PHP Fatal error:  Allowed memory size of 42991616 bytes exhausted (tried to allocate 7680 bytes) in /home/nasheedc/public_html/portal/app/code/core/Mage/Directory/Model/Resou$
[05-Nov-2011 14:14:47] PHP Fatal error:  Allowed memory size of 42991616 bytes exhausted (tried to allocate 491520 bytes) in /home/nasheedc/public_html/portal/lib/Zend/Date.php on line 1591

Creating a PHP INI file and sticking it in root of magento is the way to go (the file code is below whcih you can use)

However when uploading it we came across the following error message

There has been an error processing your request
Exception printing is disabled by default for security reasons

Error log record number: XXXXXXXXXXXXXXX

AND

PDO Extension not Loaded Error

NOW what you need to do is create a php.ini file and copy the following down upload it to root of magento installation

; This file is for CGI/FastCGI installations.
; Try copying it to php5.ini, if it doesn't work

; adjust memory limit

memory_limit = 64M

max_execution_time = 18000

; disable magic quotes for php request vars

magic_quotes_gpc = off

; disable automatic session start
; before autoload was initialized

flag session.auto_start = off

; enable resulting html compression

zlib.output_compression = on

; disable user agent verification to not break multiple image upload

suhosin.session.cryptua = off

; turn off compatibility with PHP4 when dealing with objects

zend.ze1_compatibility_mode = off

; PHP for some reason ignores this setting in system php.ini
; and disables mcrypt if this line is missing in local php.ini

extension=mcrypt.so
extension=pdo.so
extension=pdo_mysql.so

 

The Key to this file is to add the 3 Extension code about in your PHP File and Voila! it worked Alhumdulillah!

 

 

Cpanel / WHM Access logs – Who has logged in from where

Assalamu alaykum

Today i had the unfortunate event of Witnessing one of the Reseller accounts on the Server Being Hacked into – it was a case of it being a Bad Password unfortunately.

What basically happened was this “Kiddy” This person is not worthy of being called Hacker because its not really hacking its just a bit of Kiddy Stuff trying to be Smart Aswell..but anyway

The Login using the Reseller account in WHM

Modified the Suspended Page with the usual “This page has been hacked along with the LOLZ, Dark Black Page, Animated Text and GIFs along with some awful taste of Music playing in the background” you know what i mean

Once this is modified they then went through this reseller account list and Suspended the accounts one by one!

Now when accounts are suspended they go to a custom Suspended Page which happened in this case! So when a user went to the Website they got the Suspended Page message which was infact the Page which this person created…got me for a while but i caught on in the End..so i went on the server hunt to track down what happened

First thing was to  analyse who has access to WHM / Cpanel

From SSH go to

/usr/local/cpanel/logs

The file you want to open is called

access_log

I normally do a

pico access_log via SSH

and then it will open up the log file takes a minute or so of everything single action logged via WHM / Cpanel

Quite useful for tracking down who has logged on, their IP address, their Browser and what they have run

Now Funny thing about this was on his “Modified page” he was stupid enough to leave a Pakistani Flag on there

Around the time this happened from the logs i noticed an IP address logged in using the reseller account lurking around the suspended Page and editing this then going on the “Suspend account Spree”

doing an IP lookup normally i use www.whois.sc this IP address resolved back to Pakistan! so that gave it away

Suffice to say that ISP has now got a blanket ban on our server

Hacking Incident i think not – but for him gloating about it being a hacking incident when it was down to bad password is laughable!

Anyway We move on and learn new things alhumdulillah all working and back to normal

[ipcheck] Problem with DNS setup – Fix email

One of our servers new one decided to really annoy us by sending us [ipcheck] Problem with DNS setup Emails!

The Email read as…

[ipcheck] Problem with DNS setup on hostname.domainname.com
IMPORTANT: Do not ignore this email.

Your hostname (hostname.domainname.com) could not be resolved to an IP
address. This means that /etc/hosts is not set up correctly, and/or
there is no dns entry for box.smwebserver.info. Please be sure that
the contents of /etc/hosts are configured correctly, and also that
there is a correct ‘A’ entry for the domain in the zone file.

Some or all of these problems can be caused by /etc/resolv.conf
being setup incorrectly. Please check that file if you believe
everything else is correct.

You may be able to automatically correct this problem by using the
‘Add an A entry for your hostname’ option under ‘Dns Functions’ in
your Web Host Manager.

After trying to figure what the problem was and why certain people around the world i’d say maybe 3% could not access our website the fix was the following (useful if anyone else is having the same problem)

Login to SSH

Type:
cd /etc
pico resolv.conf

Ensure that the contents of it is the following (obviously replace yourdomainane.ext with your own)

search yourdomainame.ext
domain yourdomainane.ext
nameserver 8.8.4.4
nameserver 8.8.8.8
nameserver 4.2.2.1
nameserver 4.2.2.2
nameserver 4.2.2.3
nameserver 4.2.2.4
Save this Ctrl + o

Then open your hosts file
pico hosts
(this should be in etc directory)

Ensure contents are like the following:

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
xx.xx.xx.xx          hostname.domainanme host
xx - Enter your MAIN Server IP Here
Replace Hostname with hostname
for example
server.mpadc.com server

server being the host 
again save
then run /scripts/ipcheck

Hopefully you should not get any more error messages!

Been a While

Salams all

Been a While since we updated the box but anyway better late then never! here is what has been happening for the past few weeks

1) Alhumdulillah we have launched our new website www.mpadc.com Check it out new products and new services we are offering!

2) Another new Server added to our collection Codenamed “box” I know very boring name if you ask me but we ran out of ideas .. i guess we should start being a bit more creating with server names..this one is a whopping 16 GIG Memory RAM – just running a few large websites on there at the moment and handling it quite well!

3) Started our Newsletter which you can find here – hoping to make this a monthly thing! Looks better then the boring old Plain text email we send out thought make it a bit more jazzy and Graphical! You can view october newsletter here http://www.mpadc.com/newsletter/October2011/octobernews2011.htm

4) Last week our server got hammered by Google bots combination of that plus some rogue sites on the Server, Please to say these sites are now out and We had to temporarily ban google IP addresses till load went down but all ok now!

and thats about it i guess for now

New Website Coming Soon

Salams

We were suppose to launch in 3 weeks ago but had obstacles in the way! so few days left to go now inshallah till we relaunch our BRAND new MPADC Website

New Products and Services such as More disk space on all hosting plans, pay for what you want to use, Streaming hosting with Auto DJ, Application development, reseller hosting and much much more..

so watch this spacei nshallah!

RAID Upgrades

Assalamu alaykum / Greetings all!

Been a long time since we contacted you so hope everyone is doing good! Just a quick email to let you know on Friday 16th September 2011 we are planning to upgrade our RAID Drives and install Larger Hard Drives on to our Server. Therefore we will need to take the Server Offline for a few hours whilst this upgrade take place We have Scheduled it for Friday 16th September 2011 22:30PM (UK TIME), the server will be disconnected and sites will be unavailable for a period of between 3-5 hours whilst this upgrades take place during the Night We are also due to be launching our NEW Website within the coming weeks inshallah with new products and Services, higher capacity web hosting packages, Media services, Iphone Applications development and much much more!

With Regards to tomorrow you can keep up to date with the upgrade by following us through Twitter http://twitter.com/#!/safarmedia

 

SSL encryption is required for access to this server. Log in using SSL Cpanel

For some reason whenever we tried to login to cpanel via domain.com/cpanel or :2082 came up with this error message saying

SSL encryption is required for access to this server.  Log in using SSL

Then when you click on Log in using SSL browsers comes up with a warning message saying site is unsafe etc etc

So going into WHM > Tweak Settings and Changing

Always redirect to SSL

Always redirect users to the SSL/TLS ports when visiting /cpanel, /webmail, etc.

Should Fix it – however it did not in my case

so instead you can do it by editing  /var/cpanel/cpanel.config changing the following entry:

requiressl=1

Change the “1″ to a “0″, and save the changes. You may also need to edit the following entry:

alwaysredirecttossl=1

If the value is a “1″, change to a “0″. Next run

/usr/local/cpanel/whostmgr/bin/whostmgr2 –updatetweaksettings

and this should fix it! which it did strange!

curlopt_followlocation cannot be activated when in safe_mode or an open_basedir is set

If you have Curl Installed and you are getting this error simple fix for it

WHM > PHP open_basedir Tweak

choose the account and save should work!

Spent ages trying to figure this out thought it was curl missing obviously not!

Server Down :-(

Assalamu alaykum

Unfortunately we have had to pull the Entire MPADC Web server down due to hacking attempts on several of the Websites on the server – with certain accounts running outdated software which has caused the problem, resulting in all Websites being inaccessible for the time being until we get the issue sorted out.

Being an Islamic Webhosting company with 99% Websites being Legit Islamic Websites (The other 1% of Websites are Websites which are not Islamic Oriented Websites they are things like hotels, businesses, organisations etc!! Just incase you were thinking 1% are not Legit Islamic Websites!!!)

The hacking was unfortunately done by Muslims themselves defacing several websites and leaving “Politically Pro Islamic Messages on the Website”, Which is quite confusing and baffling to say at the very Least! Which leaves me Asking why would “Muslim Hackers” Target “Muslim Oriented Websites” Leaving Political based Messages on there! Quite Baffling to say and I cannot quite understand it!

Anyway what happened was that one of the accounts on the server was running outdated Software which had explots which allowed this hacker to gain entrance and start to deface the Websites!!)

The only thing that was deleted were index files! These are the landing page you get to each time you access a Website! so these were more or less defaced!

Other files on the website were alhumdulillah still on there

Now we had a bit of dillema either try to attempt to restore the entire index files for all the accounts we host over 200 Websites and this itself was a huge task! or do a completely fresh installation

Safer bet was do a complete installation of the operating system (The equivalent of reinstalling windows but our servers was linux) best this was done incase something else was left behind which would allow the hacker to strike back

Backups are made every night so all accounts are going to be restored from how it was Wednesday morning 6am 13th July! And sites were hacked around 16:00PM so unfortunately anything done within those 10 hours would have been lost!

We are currently working with the Systems restore team to try and fix the problem! No data has been lost we have kept backups alhumdulillah! If worst comes to worse we may have to restore the Entire backups and state of accounts from last night 13th July 2011 Last backs from 06:00am UK time

Also alhumdullilah Only index.html / index.php / default.html files has been erased all other files are completely intact! So it could be the case that we just need to replace the index files of the website which will allow it to come back online again, but once our systems restore team update me i will update out twitter page located here

www.twitter.com/safarmedia

Will be regularly updating the twitter feed

Once again apologies for the downtime this was totally unexpected!

Wassalam