PHP FPM Errors After Upgrade

Recently I noticed a few of my servers had stopped serving my sites, with  502 errors being to visitors. I took a look at my site logs and noticed that they were full of the “Permission Denied” errors below: 2014/06/09 09:45:17 [crit] 11453#0: *22 connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream A little more investigation and I found that a privilege escalation issue in the PHP default fpm configuration had been found. This had consequently been fixed in the latest releases. But unless a systems administrator is paying attention and knows that changes to the config are required, upgrading the PHP instance leads to a broken web server. […]

By |June 10th, 2014|PHP, Security, Sysadmin|0 Comments

PNG Crush: PNG image optimisation script

Building a Cordova based mobile application recently at work we were facing an issue with an application size that was literally growing by the day. The project leveraged a lot of PNG templates sent to us by the design department and these template files were contributing about 50mb to the total size of the application. [...]

By |March 27th, 2014|Web, web development|0 Comments

Tracing Email Sending PHP Scripts On Servers

It happens sometimes, a server you are responsible for seems to be sending out spammy emails, and its normally caused by legacy or insecure code. The mail log indicates there are plenty of potential spam messages going out that are originating locally but most Linux servers host a lot of sites. So the question then becomes, how do I find the script thats responsible for sending all of the emails? […]

By |July 9th, 2013|Linux, PHP|0 Comments

Executing PHP Code Server Side In .html Files

On a recent project we needed to provide a client our contribution to the site code base as static .html files. To make the development process easier though a number of the developers wanted to include some of the global page assets such as the header and footer using PHP includes in their development environments. This of course normally does not work as the server never passes the page content to the PHP engine to process as it doesn’t have a .php or .phtml extension. […]

By |November 26th, 2012|PHP, Sysadmin, web development|0 Comments

Using The Panoramio Wrapper Class

Ever been working on a project that was area specific and wanted nearby local images? I did recently, and knew after seeing images over layed onto Google maps that it must be possible. Looking around I found a few pieces of code that did what I wanted using the Panoramio API but they were all written in Javascript and I wanted to do some server side processing and caching before presenting them. This prompted me to create a Panoramio wrapper class. Simply instantiate and provide your chosen location via its longitude and latitude and the class will return a PHP object containing images from the surrounding area. The project show up in github as being written in Javascript although this is wrong the main code is PHP, the inclusion of jQuery and a few other javascript libraries with the documentation seem to have thrown its language detection off. […]

By |June 15th, 2012|Open Source, PHP|0 Comments

Logging PHP Errors For Production Environments

Good security practices dictate PHP should be configured to never display error messages and notices to screen in a production environment due to its potential to reveal information about your server and application setup. One solution is to enable error logging on the server by setting the log_errors attribute to 1 in your php.ini and reloading Apache. When active by default all errors will be sent to the Apache error log and will appear similar to the line below, unless a different path has been set in the php.ini configuration file using the error_log directive. […]

By |July 18th, 2011|PHP|0 Comments

Removing The WordPress Toolbar

One thing that has caused me some grief since the release of WordPress 3.1 is the admin bar that appears up the top of the blog when you are logged in. Call me a stick in the mud but I have never really used it since its introduction and on a few sites it has even gone as far as breaking the appearance of the template. […]

By |July 9th, 2011|Wordpress|0 Comments