SecureSlash.com

I have used Apache Benchmarking tool and ran it for 1000 requests with
concurrenncy 2

You can learn about this tool on http://httpd.apache.org/docs/2.0/programs/ab.html

Testing PHP

This is the result of Processing the Whole secureslash.com/index.php . We have sent 1000 request to
it to see how it performs.

PHP Results:

*
Requests per second:    85.96 [#/sec] (mean)
Time per request:       58.168 [ms] (mean)
Time per request:       11.634 [ms] (mean, across all concurrent requests)
*

This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 1997-2005 The Apache Software Foundation, http://www.apache.org/

Benchmarking secureslash .com (be patient)
Completed 100 requests
Completed 200 requests
Completed 300 requests
Completed 400 requests
Completed 500 requests
Completed 600 requests
Completed 700 requests
Completed 800 requests
Completed 900 requests
Finished 1000 requests

Server Software:        Apache/2.2.6
Server Hostname:        secureslash.com
Server Port:            80

Document Path:          /
Document Length:        23188 bytes

Concurrency Level:      5
Time taken for tests:   11.633571 seconds
Complete requests:      1000
Failed requests:        0
Write errors:           0
Total transferred:      24052000 bytes
HTML transferred:       23188000 bytes
Requests per second:    85.96 [#/sec] (mean)
Time per request:       58.168 [ms] (mean)
Time per request:       11.634 [ms] (mean, across all concurrent requests)
Transfer rate:          2018.98 [Kbytes/sec] received

Connection Times (ms)
min  mean[+/-sd] median   max
Connect:        0    2   4.0      1      27
Processing:    26   55 114.2     37    1357
Waiting:       21   44 114.2     28    1349
Total:         26   57 114.5     39    1364

Percentage of the requests served within a certain time (ms)
50%     39
66%     45
75%     51
80%     54
90%     65
95%     77
98%    195
99%    804
100%   1364 (longest request)

—————————————————————————————————————————–

Testing Perl

This Is a result of JUST HELLOWORLD Program in cgi bin — > secureslash.com/cgi-bin/index.cgi see the
times below it is SLOWER than php .

PERL Results

*
Requests per second:    86.01 [#/sec] (mean)
Time per request:       58.131 [ms] (mean)
Time per request:       11.626 [ms] (mean, across all concurrent requests)*

This is ApacheBench, Version 2.0.40-dev <$Revision: 1.146 $> apache-2.0
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Copyright 1997-2005 The Apache Software Foundation, http://www.apache.org/

Benchmarking secureslash.com (be patient)
Completed 100 requests
Completed 200 requests
Completed 300 requests
Completed 400 requests
Completed 500 requests
Completed 600 requests
Completed 700 requests
Completed 800 requests
Completed 900 requests
Finished 1000 requests

Server Software:        Apache/2.2.8
Server Hostname:        secureslash.com.com
Server Port:            80

Document Path:          /cgi-bin/index.cgi
Document Length:        12 bytes

Concurrency Level:      5
Time taken for tests:   11.626206 seconds
Complete requests:      1000
Failed requests:        0
Write errors:           0
Total transferred:      258320 bytes
HTML transferred:       12000 bytes
Requests per second:    86.01 [#/sec] (mean)
Time per request:       58.131 [ms] (mean)
Time per request:       11.626 [ms] (mean, across all concurrent requests)
Transfer rate:          21.68 [Kbytes/sec] received

Connection Times (ms)
min  mean[+/-sd] median   max
Connect:        0    0   0.0      0       0
Processing:     5   56 206.2      7    2441
Waiting:        5   56 205.9      7    2441
Total:          5   56 206.2      7    2441

Percentage of the requests served within a certain time (ms)
50%      7
66%     11
75%     13
80%     15
90%     25
95%    508
98%    821
99%   1027
100%   2441 (longest request)

———————————–

Moral is PHP is faster than CGI-Perl.

You may have a site that has background other than White.

<!– ckey=”72D5D611″ –>

And sometimes when using css/javascript menus,etc when the people navigate to other pages , you will see a Big Flash entering the eyes

Not to mention, average users will get Annoyed by this and leave the site unless you provide something that makes them cope that behavior of the browser

You may not notice this in famous Firefox browser but IE is prone to this kind of behavior

To fix the problem easily we can ask all users to switch to firefox but this is not always the case so

Here is the fix for Internet Explorer

we have tried some advice from fellow webmasters that you can setup cache on IIS webserver,etc.. most people dont have previlage to do that or their hosting admins may not be interested in doing that.

So without any ones help you can fix this yourself by using an Iframe

Make a new file like iframe.html or index.html whatsoever

Make the background to the color of your site background <body bgcolor = “xxxx”>

then make a iframe with this code

• <iframe src=”http://secureslash.com/” allowtransparency=”true” align=”left” frameborder=”0″ height=”1024″ scrolling=”no” width=”100%”></iframe>

change the secureslash.com with your site url.

And dont forgot that, You need to use some javascript to change the browser address bar url according to the current source of iframe. Google or Live it for doing this.

Thats it , Enjoy Cheers

Paimpozhil

Its getting hit by Trojan virus:

Read the News about Thousands of infected websites.

A lot of sites are now being attacked with JavaScript Trojans

the server is not attacked by virus , this happens to both Linux and windows server sites.

so it is doesnt look like a server based attack

How this happens?

when the computer from where you upload data thru FTP/fp is infected , it injects some JavaScript to all html files.

so how you can prevent this happening is keep your pc up2date by having recent antivirus,antispyware and then change your ftp logins.

If there is a Repeating same pattern of JavaScript on 100s of your files you have a shell script for Linux server users that can remove these injected javascript .

so you can request your host or you yourself can run this on your shell

find ./ -type f -exec sed -i ‘/unescape/d’ {} \;

this command will remove all the lines with pattern ‘unescape’

some virus has lines of function okban, in that case you can try pattern ‘okban’

it depends on your need.

you can do the same with a software called GrepWin for replacing/searching PERL Regular Expression patterns on your files

http://tools.tortoisesvn.net/grepWin

use it to search for patterns and replace with null or use the options to delete those lines

this can be either used on a windows server or client side (but then you have to upload all modified files again )

Sometimes, We need to monitor that, Who is visiting our forum without logging in. People who struggled a lot with spammers on their phpbb board should need some monitoring script to trace the guests.

Save the below code as “infolist.php”;

<?php

include "config.php";

mysql_connect($dbhost,$dbuser,$dbpasswd);

mysql_select_db($dbname);

$sql = mysql_query("SELECT * FROM `phpbb_sessions` where

`session_user_id` = '-1' group by `session_ip` order by `session_time`

asc ");

echo ("IP Address - HostName - Start Time - End Time -  VisitingPage<br

/> ");

while(($result = mysql_fetch_assoc($sql)))

{

$r = $result;

echo decode_ip($r["session_ip"])  .  " - " .

gethostbyaddr(decode_ip($r["session_ip"])) . " - <b>" . date("M d Y

H:i:s",$r["session_start"]) .  " - " . date(" H:i:s",$r["session_time"])

. "</b>" ;if ($r["session_page"]!=0){

echo '<a href="/forums/viewforum.php?f=' . $r["session_page"]  . '"

target=_blank > Looking into Page </a>';

}

echo "<br />";

}

mysql_close();

function decode_ip($int_ip)

{

    $hexipbang = explode('.', chunk_split($int_ip, 2, '.'));

    return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' .

hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);

}

?>

Upload the infolist.php to the phpbb forum root folder.

Code will work fine on any phpbb 2.x.x release.

Hope, It will help someone who fights with blind spammers on their phpbb.

To find files quickly on the redhat based distributions (fedora,centos,rhel,etc)

You need to first index the file names before you can search them quickly for this command is

updatedb &
man updatedb

& (lets you to run the command in background so you can do something now
in shell in mean time)

then after it is done.

you can find files using command locate

locate [filename or part of filename]

Example

[xxx@server1 plugins]$ locate wysiwyg
/scripts/wysiwygpro_cleanup
[xxx@server1 plugins]$
man locate
You have to update the index periodically else it will be outdated and not pretty useful as it should be

so add this to your cron job to make it run once daily
$crontab -e
1 1 * * * /usr/bin/updatedb

This will update it daily to the db

If you dont want to index it daily & If your files rarely change you
can change it weekly or monthly by just changing it accordingly on crontab

making , editing crontab is out of subject of this article but the
simple way is

crontab -e & paste that cron command and then save it.

Online Cron command generator

Many scripts and softwares may ask you a path for another tool, For its main or additional functionality

For example: many php scripts will ask you path to imagemagic, GD Library like path to convert utility.

You can use tool like which , whereis

which [command or binary name]
man which

whereis [command or binary name]
man whereis
Example

which php
whereis php
which convert
whereis convert

and whereis will show more information than which command

In some situations a program could terminate without even showing an error message. In such cases, the best tool to use and check the problem is

strace

If you dont have it pre-installed, then install it by yum, or using rpms

Yum Command to install strace
yum install strace

This command will install in most redhat based distros.

Install strace using RPM
wget ftp://rpmfind.net/linux/fedora/core/development/i386/os/Fedora/strace-4.5.15-1.fc7.i386.rpm

How to use strace command?

strace [command that crashes here]

For getting help,

# strace --help

usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] … [-o file]
[-p pid] … [-s strsize] [-u username] [-E var=val] …
[command [arg ...]]
or: strace -c [-e expr] … [-O overhead] [-S sortby] [-E var=val] …
[command [arg ...]]
-c — count time, calls, and errors for each syscall and report summary
-f — follow forks, -ff — with output into separate files
-F — attempt to follow vforks, -h — print help message
-i — print instruction pointer at time of syscall
-q — suppress messages about attaching, detaching, etc.
-r — print relative timestamp, -t — absolute timestamp, -tt — with usecs
-T — print time spent in each syscall, -V — print version
-v — verbose mode: print unabbreviated argv, stat, termio[s], etc. args
-x — print non-ascii strings in hex, -xx — print all strings in hex
-a column — alignment COLUMN for printing syscall results (default 40)
-e expr — a qualifying expression: option=[!]all or
option=[!]val1[,val2]…
options: trace, abbrev, verbose, raw, signal, read, or write
-o file — send trace output to FILE instead of stderr
-O overhead — set overhead for tracing syscalls to OVERHEAD usecs
-p pid — trace process with process id PID, may be repeated
-s strsize — limit length of print strings to STRSIZE chars (default 32)
-S sortby — sort syscall counts by: time, calls, name, nothing (default
time)
-u username — run command as username handling setuid and/or setgid
-E var=val — put var=val in the environment for command
-E var — remove var from the environment for command

In rare cases , the command may be a script , And it might internally call other command or program and then it could get mixed up somewhere. So, Simple strace might not help much in this situation.

In those cases

strace -f [command]
will help

It will follow the forks and show detailed strace output for even the internal calls,etc.

you can suppress some unwanted info (for sys admins) like attaching & detaching by using,

strace -q -f [command]

Advanced programmers might look for this as well.

Go through man pages of strace and know more options.
man strace

Port access related problems will occur, During the fresh installation or reinstallation of programs such as Apache/MySQL. When you are starting a service in linux/unix and it says Address already in use or similar error..

It is common in Apache and solution is,

Case 1: You dont know which service is blocking that port
in this case.

fuser -k [portnumber]/[protocol]

Examples:

fuser -k 80/tcp
fuser -k 443/tcp
fuser -k 576/udp

fuser man page

Case 2: You know the name of program.

killall -9 programname

Examples

killall -9 httpd

killall -9 exim

once done.. restart the service now and remember this to handle port
blocks with “Ease in breadth”.

Recently we have got to a site called alpha software somewhere through google , found some very interesting funny pages there.

This Alphasoftware claims they are 10x-50x more efficient than the other scripting languages

and you can see more of this crap on their site http://www.alphasoftware.com/ )

But i dont get the exact reason why they use asp themselves for their homepage

http://www.alphasoftware.com/about/contact.asp

some people might argue that This is not asp , and they might have spoofed the extension with help of their web server mime configurations but Look at this

http://www.alphasoftware.com/resources/it_related_9.asp and take rest!

why do they use asp that is 10x less effiecient or slower than their AlphaSoftware.

Some more of their technology

“Application Hosting

Once you have built your web application, the next step is to host or deploy your application to the Internet or intranet so that remote users can access your application via a browser. “

So you need to buy all these

Alpha version 5, application server and a runtime

it will cost you Very minimum of 1097 $ (very cheaper than php which i got for free)

https://www.alphasoftware.com/shop/AlphaFive/index.asp?UserType=new&RTSEL=0&V8SEL=0&WASSEL=0

Making some software that eases the people’s hard tedious work is always good but yelling stuff like 100x faster than this,that ,everything makes us look bad of them.

look at this

“Microsoft Access, Visual Basic, FileMaker, PHP, ASP, JSP, Cold Fusion all have merit, but none can match the combination of power and simplicity that is the trademark of all Alpha Software solutions.”

Why ? i find ruby on rails / cakephp a lot easier than this stuff after seeing few of their demos,etc

and finaly their product doesnt look that impressive decide for yourself )

http://afas.alphasoftware.com/SamplePages/

we are not encouraging them so we didnt provide any link to there website

If you people would like to share some about this you can comment here, make it more fun!.