Monthly Archives: April 2014

upgrade PHP to PHP 5.4 on CentOS 6.5 on Parallels Plesk Panel 11.5 from a remi repository

1. Install epel and remi repositories:

# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# wget http://rpms.famillecollet.com/enterprise/remi-release-6.rpm
# sudo rpm -Uvh remi-release-6*.rpm epel-release-6*.rpm

2. Enable remi repository:
In the [remi] section of the file, set the “enabled” option to 1.

# sudo vi /etc/yum.repos.d/remi.repo

3. Upgrade PHP with this command:

# yum install php

Installation of Other modules and extensions for php 5.4.x

# yum search imagick
# yum install php-pecl-imagick.x86_64

# yum search soap
# yum install php-soap.x86_64

# yum search git
# yum install git.x86_64

# yum search nodejs
# yum install nodejs.x86_64

# yum search python
# yum install python.x86_64

# reboot

# /etc/init.d/httpd restart

# yum search denyhosts
# yum install denyhosts

For more details regarding denyhosts read this post

Installation of ionCube for PHP 5.4 (optional)

1. Download ionCube: For x32:

# wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86.zip

For x64:

# wget http://downloads2.ioncube.com/loader_downloads/ioncube_loaders_lin_x86-64.zip

2. Unzip file.
3. Copy ioncube_loader_lin_5.4.so to PHP extensions folder:

# sudo cp ioncube/ioncube_loader_lin_5.4.so /usr/lib/php/modules/

4. Set SELinux attributes:

# sudo chcon -u system_u -t textrel_shlib_t /usr/lib/php/modules/ioncube_loader_lin_5.4.so

5. Switch on ionCube in PHP config:

# echo "zend_extension=/usr/lib/php/modules/ioncube_loader_lin_5.4.so" >> /etc/php.d/zend_extensions_psa.ini

6. Check functioning of ionCube:

# php -r 'phpinfo();' | grep -i ioncube

You can also test ionCube Loader by using the helper PHP script “loader-wizard.php” that’s included in the ionCube Loader archive.

Compute similarity between two strings in MYSQL using Levenshtein algorithm

DELIMITER $$
  CREATE FUNCTION levenshtein( s1 VARCHAR(255), s2 VARCHAR(255) )
  RETURNS INT
  DETERMINISTIC
  BEGIN
    DECLARE s1_len, s2_len, i, j, c, c_temp, cost INT;
    DECLARE s1_char CHAR;
    -- max strlen=255
    DECLARE cv0, cv1 VARBINARY(256);
    SET s1_len = CHAR_LENGTH(s1), s2_len = CHAR_LENGTH(s2), cv1 = 0x00, j = 1, i = 1, c = 0;
    IF s1 = s2 THEN
      RETURN 0;
    ELSEIF s1_len = 0 THEN
      RETURN s2_len;
    ELSEIF s2_len = 0 THEN
      RETURN s1_len;
    ELSE
      WHILE j <= s2_len DO
        SET cv1 = CONCAT(cv1, UNHEX(HEX(j))), j = j + 1;
      END WHILE;
      WHILE i <= s1_len DO
        SET s1_char = SUBSTRING(s1, i, 1), c = i, cv0 = UNHEX(HEX(i)), j = 1;
        WHILE j <= s2_len DO
          SET c = c + 1;
          IF s1_char = SUBSTRING(s2, j, 1) THEN
            SET cost = 0; ELSE SET cost = 1;
          END IF;
          SET c_temp = CONV(HEX(SUBSTRING(cv1, j, 1)), 16, 10) + cost;
          IF c > c_temp THEN SET c = c_temp; END IF;
          SET c_temp = CONV(HEX(SUBSTRING(cv1, j+1, 1)), 16, 10) + 1;
          IF c > c_temp THEN
            SET c = c_temp;
          END IF;
          SET cv0 = CONCAT(cv0, UNHEX(HEX(c))), j = j + 1;
        END WHILE;
        SET cv1 = cv0, i = i + 1;
      END WHILE;
    END IF;
    RETURN c;
  END$$
DELIMITER ;

Helper Function to find Ration in Percentage


DELIMITER $$
CREATE FUNCTION levenshtein_ratio( s1 VARCHAR(255), s2 VARCHAR(255) )
  RETURNS INT
  DETERMINISTIC
  BEGIN
    DECLARE s1_len, s2_len, max_len INT;
    SET s1_len = LENGTH(s1), s2_len = LENGTH(s2);
    IF s1_len > s2_len THEN 
      SET max_len = s1_len; 
    ELSE 
      SET max_len = s2_len; 
    END IF;
    RETURN ROUND((1 - LEVENSHTEIN(s1, s2) / max_len) * 100);
END$$
DELIMITER ;

Sample Usage

SELECT levenshtein_ratio(company_name, 'Company Name here') as perc, company_name FROM `clients` order by perc desc
/*return company name with percentage matching order by matching percentage.*/

Installing DenyHosts on Centos 6.5, Plesk 11.5

DenyHosts is a log-based intrusion prevention security tool for SSH servers written in Python. It prevents brute-force attacks on SSH servers by monitoring invalid login attempts in the authentication log and blocking the originating IP addresses. Upon discovering a repeated attack host, the /etc/hosts.deny file is updated to prevent future break-in attempts from that host.

Add the EPEL repository if it is not already installed.

# wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
# sudo rpm -Uvh epel-release-6*.rpm

and then simply install denyhosts from EPEL repository by using following command.

# yum install denyhosts

Before starting DenyHosts, configure a white list of IPs which DenyHosts should never block.
DenyHosts uses TCP Wrappers. edit /etc/hosts.allow and add IPs or entire subnets

sshd: 123.234.246.566
sshd: 192.168.0.0/255.255.255.0

Start DenyHosts

# service denyhosts start

Configure the OS to start DenyHosts at every boot

# chkconfig denyhosts on

IPs to white list should be added to /etc/hosts.allow.
IPs that DenyHosts blocks will be added to /etc/hosts.deny.
DenyHosts logs everything that it does to /var/log/denyhosts.
The DenyHosts configuration file is /etc/denyhosts.conf.
DenyHosts watches /var/log/secure for SSH login attempts.
Host IP can be added or removed from /etc/hosts.deny to block or unblock access.
Go through the DenyHosts configuration file (/etc/denyhosts.conf) and configure it to your liking. do not forget to restart DenyHosts after changes in this file.

# service denyhosts restart