Hard-disk is normally divided into logical drives called partitions. Partition information is always stored in sector 0 of the hard-disk. Lets have a look at hard-disk naming convention in linux

/dev/hda :  dev=> Device, hda => Hard-Disk 1
Similarly
/dev/hdb : hdb => Hard-Disk2

NOTE : hda,hdb are normally IDE devices

/dev/sda :  dev=> Device, hda => Hard-Disk 1
Similarly
/dev/sdb : hdb => Hard-Disk2

NOTE: sdb,sda are SCSI or SATA Disks

List partitions

To view partitions you should have root privileges or a sudo access. Open a terminal and type command listed below

[root@indianpirates ~]# fdisk -l

OUTPUT:

Disk /dev/sda: 21.4 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1           6       48163+  83  Linux
/dev/sda2               7         515     4088542+  83  Linux
/dev/sda3             516        2356    14787832+  83  Linux
/dev/sda4            2357        2610     2040255    5  Extended
/dev/sda5            2357        2610     2040223+  82  Linux swap / Solaris

sfdisk command

The sfdisk command act as a partition table manipulator for Linux. You can also use this tool to list partitions .

sfdisk -l /dev/sda
sfdisk -lu /dev/sda
sfdisk -ls /dev/sda

[root@indianpirates ~]# sfdisk -l /dev/sda

Disk /dev/sda: 2610 cylinders, 255 heads, 63 sectors/track
Units = cylinders of 8225280 bytes, blocks of 1024 bytes, counting from 0

Device Boot Start     End   #cyls    #blocks   Id  System
/dev/sda1   *      0+      5       6-     48163+  83  Linux
/dev/sda2          6     514     509    4088542+  83  Linux
/dev/sda3        515    2355    1841   14787832+  83  Linux
/dev/sda4       2356    2609     254    2040255    5  Extended
/dev/sda5       2356+   2609     254-   2040223+  82  Linux swap / Solaris

Listing partition of larger size say 2TB
fdisk and sfdisk cannot be used to view partitions of more than 2TB. To solve this problem you have to use another special command called “parted” which is GNU parted command with GPT partitions.

Sample output:

[root@indianpirates ~]# parted -l
Model: VMware, VMware Virtual S (scsi)
Disk /dev/sda: 21.5GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos

Number  Start   End     Size    Type      File system  Flags
1      32.3kB  49.4MB  49.3MB  primary   ext3         boot
2      49.4MB  4236MB  4187MB  primary   ext3
3      4236MB  19.4GB  15.1GB  primary   ext3
4      19.4GB  21.5GB  2089MB  extended
5      19.4GB  21.5GB  2089MB  logical   linux-swap

We will review more such useful commands in near future. thanks for reading this article.

Lets have a look at some of the best interactive and make use of most fun effects efficiently and are nominated at Awwward for best website.

Bagigia- the bag

Bagigia - the bag

Visit the website by clicking on the image or title. When you visit the website check out navigation to right of website to feel the amazing effect of scroll. Scroll is used very intelligently.

indofolio

IndoFolio

Visit the website by clicking on the image or title. This website is very Indian. it is a portfolio website of a designer, checkout how innovative is put to use to show a portfolio full marks to designer.

Secondstory

SecondStory

Visit the website by clicking on the image or title. Another good example of how informative website with effects should look like. Smart use of effects make a feel that you are running a desktop software.

 Layrr

Layrr

Visit the website by clicking on the image or title. Good example of how to show the world what you do in a stylish way.

myownbike.de

myownbike

Visit the website by clicking on the image or title. Simple and beautiful color combination.

Voice.no

voice.no

Visit the website by clicking on the image or title.Another Gem of website. A must watch & browse website.

 Blind Barber

Blind Barber

Visit the website by clicking on the image or title. I am out of words now amazing is the word i can use for this website.

 herr-leder.de

herr-leder

Checkout more such Web design inspiration in coming days.

PLEASE DON’T COPY DESIGN USE YOUR BRAINS AS DID BY ORIGINAL DESIGNERS. THESE DESIGNS ARE ONLY FOR REFERENCE AND IDEAS.

According to reports, Microsoft is expected to have both the x86 and the ARM editions ready simultaneously. Earlier, the reports were that Windows 8 would be ready by the end of July 2012.

So, there’ll be only 5 ARM devices in the release, compared with over forty Intel machines. However, taking into consideration the fact that the industry wasn’t expecting to see ARM hardware until much later, that wasn’t very surprising. In other words, Microsoft is going to target Christmas shoppers with the new software able to work with touch-screen electronic devices.

The industry experts pointed out that if Microsoft misses the fall time frame, the software giant is going to be stuck without having ability to ship anything in the current year. Indeed, the company needs a Windows tablet out there, able to compete with the Apple’s new iPad. Microsoft is planning to host an event for its industry partners early next month, where it will spell out its release strategy for the new operating system, providing more details on both timing and marketing.

Meanwhile, the industry experts have noticed that the developers seem to have less difficulty getting Windows 8 ready for x86, but it appeared harder to make it run on ARM. Meanwhile, Steven Sinofsky, president of the Windows business, continues saying that the company is going to have both ARM and Intel-based systems available when the new operating system is released this fall.

Director: Tim Burton
Genre: Comedy & Fantasy
Release Date: 11th May 2012 (USA)

Consider an example of singly inherited families of classes.


abstract class Animal {
abstract void talk();
}

class Interrogator {
static void makeItTalk(Animal subject) {
subject.talk();
}
}

Given these set of classes and inheritance, it becomes mandatory for you to pass only objects of the family Animal to the makeItTalk() function.

Remember a very good design never mandates you on any obvious scenario that might occur in future. As in case of the above example it does and hence it’s not a very good design to follow. This is where interfaces come and save you.

Using Interfaces make your design more flexible. Interfaces give you more polymorphism and design freedom than singly inherited families of classes, because with interfaces you don’t have to make everything fit into one family of classes.

For example:


interface Talkative {

public static void main(String[] args) {
CuckooClock cc = new CuckooClock();
Interrogator.makeItTalk(cc);
}
}


With single inheritance only, you’d either have to some how fit CuckooClock into the Animal family, or not use polymorphism. With interfaces, any class in any family can implement Talkative and be passed to makeItTalk(). This is why interfaces give you more polymorphism and design freedom than you can get with singly inherited families of classes.

Whats happen when your wordpress website becomes popular? obviously traffic to your website increases. this traffic will strain your server to such a extended that your site may be down and frequent blackouts. to deal with this situation lets have a look at few of the tweaks of wordpress blog so that minimum server resources are  used.

Caching

You can enable caching of your blog by inserting a small line of code given below into wp-config.php file

define(ENABLE_CACHE, true);

This will generate a static HTML page of the requested post or page when first visitor visits. Other users will be served with static page generated by first user. This will tremendously decrease queries exchanged between your PHP and MYSQL server.

You can also install plugin called super WP-cache and W3 total cache. These plugins will write they own MOD rules to serve static files more efficiently. These plugins also enables compression on images,css and Js files used in blog.

Choose hosting account wisely

They are many hosting companies which provide good platform to host wordpress website.We need to choose the hosting package very sensible keeping in mind how much your website will grow. Now a days this problem of exponential growth is taken care by cloud based hosting accounts.

Ideal wordpress setting can be seen at http://wordpress.org/about/requirements

Choosing a correct host according to requirement means not just space, but also few other things listed below.

• Server softwares installed.
• Bandwidth
• number of processors and its make
• Databases allowed
• Domains allowed
• Versions of PHP, MySQL, etc. are installed
• Memory installed and % of CPU resource allowed to used

server softwares represents web servers like Apache with NGINX as reverse proxy, Mem Cache as caching engine etc.

Minimize use of plugins

Don’t populate your wordpress blog with too many plugins as these plugins will eat up your server resources. You should remove plugins which are not used frequently. Also you should not use beta versions of plugins as those may still have bugs in it.Please keep on updating your plugins regulary.

Please choose right theme

Please choose a theme which is very light and don’t have too many graphics used in it. I would prefer to go with a CSS based design, avoid use of themes with tables and frames.If your theme uses too many images then your site’s loading time will get affected. remember that SEO also depends on websites speed. Try to used plane colors instead of graphics.

Compress images, CSS, Javscript files

Try to compress images,javascript and css files so that it increases the website speed. To add compression to css and js files via htaccess please look at the code given below

<ifModule mod_deflate.c>
<filesMatch "\.(js|css)$">
SetOutputFilter DEFLATE
</filesMatch>

Keep graphics local

Try to keep your files local to your website so that time is not wasted looking for required resource from other website. Other website may be down when resource is requested at your website. they will be a latency added to requests on your website.

Database optimization

You have to repair and optimize database using tools like PhpMyAdmin. They are many plugins available which will do optimization automatically you can use them.

Tune your wordpress settings

You can tune wordpress blog in different ways. You can turn off cron jobs, Load minimum blog posts on first page or landing page of your website.You can view more settings in admin panel use them wisely else they will backfire.

Try to block pingbacks as they communicate with outer blogs for updates.

Hope this tips will somewhat speed up your wordpress website. These are very basic tips you can hope to get more advanced tips related to coding area in my coming articles.

Used and Free RAM Information

[root@indianpirates ~]# free
EXPECTED OUTPUT
[root@indianpirates ~]# free
total used free shared buffers cached
Mem: 1035324 501620 533704 0 28064 337400
-/+ buffers/cache: 136156 899168
Swap: 2040212 0 2040212


We can get information in more appropriate way in MB using command given below

[root@indianpirates ~]# free -m
EXPECTED OUTPUT
[root@indianpirates ~]# free -m
total used free shared buffers cached
Mem: 1011 489 521 0 27 329
-/+ buffers/cache: 132 878
Swap: 1992 0 1992


Lets move on to more advance command which will show make,speed and other information.

dmidecode --type memory
EXPECTED OUTPUT
[root@indianpirates ~]# dmidecode --type memory
# dmidecode 2.7
SMBIOS 2.4 present.

Handle 0x003C, DMI type 17, 27 bytes.


If you want to get it in graphical visual please try command given below

[root@indianpirates ~]# gnome-system-monitor

Isn’t it simple ? this is the power of linux.

To view file

[root@indianpirates perl]# cat forlast.pl
#! /usr/bin/perl5
# use of last to break the loop

use warnings;
use strict;

my @array = ("Blue","Red","Green","Stop","King");
for my $i (@array){
  last if $i eq "Stop";
  print "Todays colour is $i\n";
}

In above example, We have given a command to display perl file called “forlast.pl”, so basic command is “cat [filename]”

To create a file

[root@indianpirates perl]# cat > file.txt
this is test content for file creation using cat command
<press ctrl+d>

To view the saved content give command as “cat file.txt” you can see the content you have saved in file.isn’t it simple

Displaying large files using cat

You can display large files who output normally scrolls fast to bottom to show prompt. To view all the text we have 2 commands listed below.


cat filename | more
cat filename | less


Joining 2 or more files


cat file1 file2 > newfile
cat newfile


newfile will contain content of both file1 and file2.

Appending a file

cat >> filename

OUTPUT:

[root@indianpirates perl]# cat >> file.txt
appendend content

[root@indianpirates perl]# cat file.txt
this is test content appendend content

View cat output with numbered lines

You can view the cat output with line numbering.This can be done with command listed below.

cat -n filename

OUTPUT:

[root@indianpirates perl]# cat -n file.txt
     1  this is test content appendend content
[root@indianpirates perl]#

Print files using cat

You can print a file with cat command using below syntax.

cat file.txt | lpr
OR
cat file.txt > /dev/lp

Joining binary files

You can join binary files to create a single gz file to compress them.lets have a look at syntax of how we can do that.


cat file1.bin file2.bin file3.bin > file.tar.gz
# to unzip the created file.
tar -zxvf file.tar.gz


They are many more commands which are used with cat, I have listed few of the popular usage of cat command. Hope you enjoyed it reading and learned how powerful is linux with these type of simple to use commands.

PHP User and Group ID
mod_fastcgi is a cgi-module for Apache web server. It can connect to an external FASTCGI server. You need to make sure php run as non-root user. If PHP executes as a root or UID under 100, it may access and/or manipulate system files. You must execute PHP CGIs as a non-privileged user using Apache’s suEXEC or mod_suPHP. The suEXEC feature provides Apache users the ability to run CGI programs under user IDs different from the user ID of the calling web server. In this example, my php-cgi is running as phpcgi user and apache is running as apache user:

# ps aux | grep php-cgi

Output expected:


phpcgi 6012 0.0 0.4 225036 60140 ? S Nov22 0:12 /usr/bin/php-cgi
phpcgi 6054 0.0 0.5 229928 62820 ? S Nov22 0:11 /usr/bin/php-cgi
phpcgi 6055 0.1 0.4 224944 53260 ? S Nov22 0:18 /usr/bin/php-cgi


Session Path
Sessions in PHP consists of a way to preserve certain data across subsequent accesses. This enables you to build more customized applications and increase the appeal of your web site. This path is defined in /etc/php.ini file and all data related to a particular session will be stored in a file in the directory specified by the session.save_path option. The default is as follows under RHEL/CentOS/Fedora Linux:


session.save_path="/var/lib/php/session"
upload_tmp_dir="/var/lib/php/session"


Make sure path is outside /var/www/html and not readable or writeable by any other system users:

# ls -Z /var/lib/php/

OUTPUT:

drwxrwx---. root apache system_u:object_r:httpd_var_run_t:s0 session

Keep PHP, Software, And OS Up to Date
Applying security patches is an important part of maintaining Linux, Apache, PHP, and MySQL server. All php security update should be reviewed and applied as soon as possible using any one of the following tool (if you’re installing PHP via a package manager):


# YUM update
OR
# apt-get update && apt-get upgrade


Use Linux Security Extensions (such as SELinux)
Linux comes with various security patches which can be used to guard against misconfigured or compromised server programs. If possible use SELinux and other Linux security extensions to enforce limitations on network and other programs. For example, SELinux provides a variety of security policies for Linux kernel and Apache web server. To list all Apache SELinux protection variables, enter:

getsebool -a | grep httpd

Output:


httpd_builtin_scripting --> on
httpd_can_check_spam --> off
httpd_can_network_connect --> off
httpd_can_network_connect_cobbler --> off
httpd_can_network_connect_db --> off


Install Mod_security
ModSecurity is an open source intrusion detection and prevention engine for web applications. You can easily install mod_security under Linux and protect apache and php based apps from xss and various other attacks:


## A few Examples ##
# Do not allow to open files in /etc/
SecFilter /etc/

# Stop SQL injection
SecFilter “delete[[:space:]]+from”
SecFilter “select.+from”

Use Firewall To Restrict Outgoing Connections
The attacker will download file locally on your web-server using tools such as wget. Use iptables to block outgoing connections from apache user. The ipt_owner module attempts to match various characteristics of the packet creator, for locally generated packets. It is only valid in the OUTPUT chain. In this example, allow indianpirates user to connect outside using port 80 (useful for RHN or centos repo access):


/sbin/iptables -A OUTPUT -o eth0 -m owner --uid-owner indiapirates -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT


Logs
You should regularly check log files of the server for any unusual behaviour


# tail -f /var/log/httpd/error_log
# grep 'login.php' /var/log/httpd/error_log
# egrep -i "denied|error|warn" /var/log/httpd/error_log


Log files will give you some understanding of what attacks is thrown against the server and allow you to check if the necessary level of security is present or not. The auditd service is provided for system auditing. Turn it on to audit SELinux events, authetication events, file modifications, account modification and so on.

Run each service as a server or VM instance
if you are running a big portal, you must run each service as a server so that whole portal don’t come down.Example listed below will show you what i meant to say.

Prepare a VM instance for file serving. files like javascripts,css,images can be stored in file server.
in a same way prepare a database server so that if database is down your entire service will not be down.

in the same way you can separate phpcgi engine, memcache server also you can install nginx reverse proxy on another server.

Some of the tools
you can use some of the tools which are available to check if your system is secure or not and give suggestions how we can improve our security.
1) PHP-Intrusion Detection System
2) PhpSecInfo

I conclude my views on PHP security hope these series of tutorial will help you in keeping your system UP and Running without any problems.if you feel that i have gone wrong somewhere or you have any doubts please comment it and we will try to solve your problem. Thanks for reading our article.

Previous parts
http://www.blogswag.com/2012/03/07/understanding-php-security-part-1/
http://www.blogswag.com/2012/03/07/understanding-php-security-part-2/

Log all PHP errors
Errors should not be displayed to the site users. You can change security settings at  /etc/php.d/security.ini and set the following directive:

display_errors=Off
Also make sure that errors are log to a file which will be used by you to track the errors. You should check this file regularly to get an idea of how your website is functioning.

log_errors=On
error_log=/var/log/httpd/php_scripts_error.log

Disable uploading of files to server
Uploading of files to server should be disabled.It is better to have a separate file server defined so that your web services are not affected by any virus or bandwidth problem.
Edit /etc/php.d/security.ini and set the following directive to disable file uploads for security reasons:

file_uploads=Off

You can also set user to upload only allowed file sizes.You can define it as given below

upload_max_filesize=1M

Disable Remote Code Execution
If enabled, allow_url_fopen allows PHP’s file functions such as file_get_contents() and the include and require statements can retrieve data from remote locations, like an FTP or web site which is a very risky thing.

Programmers frequently forget this and don’t do proper input filtering when passing user-provided data to these functions, opening them up to code injection vulnerabilities. A large number of code injection vulnerabilities reported in PHP-based web applications are caused by the combination of enabling allow_url_fopen and bad input filtering. Edit /etc/php.d/security.ini and set the following directive:

allow_url_fopen=Off

I also recommend to disable allow_url_include for security reasons:

allow_url_include=Off

Enable SQL safe mode
Edit /etc/php.d/security.ini and set the following values:

sql.safe_mode=On

If turned On, mysql_connect() and mysql_pconnect() ignore any arguments passed to them. Third party and open source application such as WordPress, and others may not work at all when sql.safe_mode enabled. I also recommend that you turn off magic_quotes_gpc for all php 5.3.x installations as the filtering is ineffective and not very robust. mysql_escape_string() and custom filtering functions serve a better purpose.

magic_quotes_gpc=Off

Set Post max size
POST request method for form to send data to any web server. Attackers may attempt to send oversized POST requests to eat your system resources. You can limit the maximum size POST request that PHP will process. Edit /etc/php.d/security.ini and set the following directive:

post_max_size=1K

The 1K sets max size of post data allowed by php apps. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize. I also suggest that you limit available methods using Apache web server. Edit, httpd.conf and set the following directive for DocumentRoot /var/www/html:

<Directory /var/www/html>
    <LimitExcept GET POST>
        Order allow,deny
    </LimitExcept>
</Directory>

Solving Denial of service attack (DOS)
You can set maximum execution time of each php script, in seconds. Another recommended option is to set maximum amount of time each script may spend parsing requested data, and maximum amount of memory a script may consume. Edit /etc/php.d/security.ini and set the following directives:


* all values are in seconds
max_execution_time = 30
max_input_time = 30
memory_limit = 40M


Disabling system PHP Functions
PHP has a lot of functions which can be used to crack your server if not used properly. You can set list of functions in /etc/php.d/security.ini using disable_functions directive:

disable_functions =exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec

You can disable many more function i have given few of the examples.

Limit PHP Access To File System
The open_basedir directive set the directories from which PHP is allowed to access files using functions like fopen(), and others. If a file is outside of the paths defined by open_basdir, PHP will refuse to open it. You cannot use a symbolic link as a workaround. For example only allow access to /var/www/html directory and not to /var/www, or /tmp or /etc directories:

open_basedir="/var/www/html/"

Restrict File and Directory Access
This point is a very important point. We MUST configure apache user as a non-root user.All files and directory should be owned by non-root user (or apache user) under /var/www/html. This prevents any hack into core of the system.

chown -R apache:apache /var/www/html/

Write Protect Apache, PHP, and, MySQL Configuration Files
Always set configuration files of Apache,PHP and Mysql are readonly to avoid unauthorized modifications.You can do it using Use the chattr command to write protect configuration files:


# chattr +i /etc/php.ini
# chattr +i /etc/php.d/*
# chattr +i /etc/my.ini
# chattr +i /etc/httpd/conf/httpd.conf
# chattr +i /etc/


We will learn more PHP Security lessons in my next part.
Check out the first part at http://www.blogswag.com/2012/03/07/understanding-php-security-part-1/

Cheers