[Fix] Linux Bash Code Injection Vulnerability – ShellShock
ShellShock is new Linux vulnerability affecting all versions of Bash package. This vulnerability is worse than HeartBleed! This command line vulnerability is present in Mac OS X too. Basically it’s there in all the systems having Bash, a software used to control the command line in Unix.
To test if you are vulnerable to ShellShock, run this command:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test" |
If you see output:
vulnerable | |
this is a test |
that means you are vulnerable!
Fix for Redhat packages:
yum update bash |
Fix for Ubuntu/Debian packages:
apt-get upgrade bash |
After running above commands, check again to see if you are vulnerable:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test" |
If you see below output, that means you are no longer vulnerable
bash: warning: x: ignoring function definition attempt | |
bash: error importing function definition for `x' | |
this is a test |
Magento: Sample apache virtualhost for your website
Sample apache virtualhost to point to your magento directory and run your local website with specified URL.
<VirtualHost *:80> | |
ServerAdmin webmaster@dummy-host.example.com | |
DocumentRoot "/var/www/magento/" | |
ServerName loca.lho.st | |
ServerAlias loca.lho.st | |
ErrorLog "logs/error_log" | |
CustomLog "logs/access_log" common | |
</VirtualHost> |
Add entry to /etc/hosts too:
127.0.0.1 loca.lho.st |
Restart apache (service httpd restart OR service apache2 restart) and point your browser location to:
http://loca.lho.st |
and you will see the website running from your /var/www/magento directory.
Magento: Clear all caches from command line
Magento clear all caches from command line, programatically from ssh. Clearing the caches is a must when you are making any configuration changes in your Magento website. Although you can always clear the cache from admin panel, sometimes for faster cleaning or unable to log into admin panel reason, it’s good to have a script which will clear all the caches in Magento.
Create a file in your Magento root and name it clearCache.php with the below code:
<?php | |
echo "Start Cleaning all caches at ... " . date("Y-m-d H:i:s") . "\n\n"; | |
ini_set("display_errors", 1); | |
require 'app/Mage.php'; | |
Mage::app('admin')->setUseSessionInUrl(false); | |
Mage::getConfig()->init(); | |
$types = Mage::app()->getCacheInstance()->getTypes(); | |
try { | |
echo "Cleaning data cache... \n"; | |
flush(); | |
foreach ($types as $type => $data) { | |
echo "Removing $type ... "; | |
echo Mage::app()->getCacheInstance()->clean($data["tags"]) ? "Cache cleared!" : "There is some error!"; | |
echo "\n"; | |
} | |
} catch (exception $e) { | |
die("[ERROR:" . $e->getMessage() . "]"); | |
} | |
echo "\n"; | |
try { | |
echo "Cleaning stored cache... "; | |
flush(); | |
echo Mage::app()->getCacheInstance()->clean() ? "Cache cleared!" : "There is some error!"; | |
echo "\n\n"; | |
} catch (exception $e) { | |
die("[ERROR:" . $e->getMessage() . "]"); | |
} | |
?> |
Make sure all the double quotes comes good in copy pasting.
You can now run this script by the command “php -f clearCache.php” from your magento root location in terminal and this will start clearing all the caches for you! Once done, it will confirm by the message “Cache cleared!” or giving error message if it fails.
OroCRM Installation guide
I will show you here how to install OroCRM in your machine. OroCRM is the latest open-source CRM tool developed by MageCore. It’s little difficult to make it work on your system as there are some issues which occurs in installing it, and there is also no thorough documentation as of now. It’s in pre-alpha release and just publicly available since 3 weeks. I will show you how to install OroCRM assuming you have Linux system.
Requirements: Symfony 2, Doctrine 2, PHP >= 5.3.3
– Clone the CRM application Git repository in your local. It should be done in your web server’s root directory (e.g. /var/www/).
git clone http://gitlab.orocrm.com/crm-application.git |
pdo_mysql extension is not installed
PHP Mysql Error: pdo_mysql extension is not installed.
Magento needs PDO Mysql extension for database connection and related things, so if you don’t have pdo_mysql extension enabled Magento will complain about this and will not proceed further installation. If you are not sure what PDO is, it’s high time for you to look at http://php.net/manual/en/ref.pdo-mysql.php
Coming back to error, to resolve this you will need to edit your php.ini file where it says:
;extension=pdo_mysql.so
Just uncomment the line by removing front semincolon, so it becomes
extension=pdo_mysql.so
Save it and restart the server, the error should go.
If you are on Windows, then that line should read:
extension=php_pdo_mysql.dll
If you don’t find pdo_mysql in php.ini, install php5-mysql by running the command:
sudo apt-get install php5-mysql (on Ubuntu)
sudo yum install php-mysql (on Redhat, Fedora, CentOS)
Welcome to my Blog
Helping Magento developers in their day-to-day development problems since 2011. Most of the problems and solutions here are my own experiences while working on different projects. Enjoy the blog and don't forget to throw comments and likes/+1's/tweets on posts you like. Thanks for visiting!Certifications
Honor
Recognition
Contributions
Categories
- Apache (2)
- ChatGPT (1)
- Domain name (2)
- eCommerce (2)
- htaccess (1)
- Humor (3)
- Instagram API (1)
- jQuery (4)
- JSON (1)
- Linux (10)
- Magento (142)
- Magento admin (58)
- Magento Certification (5)
- Magento error (13)
- Magento frontend (68)
- Magento Imagine (2)
- Magento Interview (5)
- Magento Master (2)
- Magento2 (10)
- Mobile (1)
- MySQL (7)
- OpenAI (1)
- OroCRM (2)
- Performance (2)
- PHP (8)
- Prototype JS (3)
- Security (4)
- Wordpress (3)
- XML (2)