Plesk 10 bugs

(versión en español)
Recently have been appeared  vulnerabilities in API of Plesk . These vulnerabilities are  SQL injection type and have been a constant worry for more than one.

I leave details in the following link http://kb.parallels.com/en/113321

The latest microupdates of versions 9.5.4 and 10.3.1, fixed such vulnerabilities.

But those who chose to upgrade to 10.3.1 or 10.4.4 have been involved in another mess. These versions of the Plesk panel have another bug, though no worse than the previous one, is quite important.

The problem has to do with php and any change made in the php main configuration file  (/ etc / php.ini usually) not taken into account. So, for example, if we remove the safe_mode (safe_mode = Off) for all domains, if we edit the file / etc / php.ini and we restart the web service for the change to take effect, we will can see that has not happened.

The only thing you can do is manually edit the php.ini file of the domains that you need, which is a bit sloppy but it works.

For now Parallels has provided no solution, or to indicate when it will. To be a product for which a license is paid, is taking too long.

We do not usually so staunchly defend any software, as none is free of bugs, but there are other panels such as ispCP which are free and so far has not been published any vulnerabilities inherent to the panel. Something else, are the vulnerabilities that have appeared in software that goes under the panel, as the web server, kernel, …

 

Django South, listing, merge and fixing several messes

(versión en español)

In a Django project in which several people working under a repository, it is common you do changes in the database more or less simultaneously and when in “pre” / staging, or worse, directly in production you make the “. / manage.py migrate app” and get the following Traceback, is when you start to get sick.

(the app in this example is called “main”)

Running migrations for main:  ! Migration main:0048_auto__add_field_reseller_cdn_css__add_field_reseller_cdn_js__add_field should not have been applied before main:0047_auto__add_securitylevelfile but was. Traceback (most recent call last):  File "./manage.py", line 11, in <module>  execute_manager(settings)  File "/usr/lib/python2.5/site-packages/django/core/management/__init__.py", line 438, in execute_manager  utility.execute()  File "/usr/lib/python2.5/site-packages/django/core/management/__init__.py", line 379, in execute  self.fetch_command(subcommand).run_from_argv(self.argv)  File "/usr/lib/python2.5/site-packages/django/core/management/base.py", line 191, in run_from_argv  self.execute(*args, **options.__dict__)  File "/usr/lib/python2.5/site-packages/django/core/management/base.py", line 220, in execute  output = self.handle(*args, **options)  File "/usr/lib/python2.5/site-packages/South-0.7.3-py2.5.egg/south/management/commands/migrate.py", line 105, in handle  ignore_ghosts = ignore_ghosts,  File "/usr/lib/python2.5/site-packages/South-0.7.3-py2.5.egg/south/migration/__init__.py", line 185, in migrate_app  raise exceptions.InconsistentMigrationHistory(problems) south.exceptions.InconsistentMigrationHistory: Inconsistent migration history The following options are available:  --merge: will just attempt the migration ignoring any potential dependency conflicts. aloja:/var/www/virtual/guardatum.com/guardatum_code# ./manage.py migrate 0054 main Traceback (most recent call last):  File "./manage.py", line 11, in <module>  execute_manager(settings)  File "/usr/lib/python2.5/site-packages/django/core/management/__init__.py", line 438, in execute_manager  utility.execute()  File "/usr/lib/python2 achat de viagra quebec.5/site-packages/django/core/management/__init__.py", line 379, in execute  self.fetch_command(subcommand).run_from_argv(self.argv)  File "/usr/lib/python2.5/site-packages/django/core/management/base.py", line 191, in run_from_argv  self.execute(*args, **options.__dict__)  File "/usr/lib/python2.5/site-packages/django/core/management/base.py", line 220, in execute  output = self.handle(*args, **options)  File "/usr/lib/python2.5/site-packages/South-0.7.3-py2.5.egg/south/management/commands/migrate.py", line 78, in handle  apps = [Migrations(app)]  File "/usr/lib/python2.5/site-packages/South-0.7.3-py2.5.egg/south/migration/base.py", line 60, in __call__  self.instances[app_label] = super(MigrationsMetaclass, self).__call__(app_label_to_app_module(app_label), **kwds)  File "/usr/lib/python2.5/site-packages/South-0.7.3-py2.5.egg/south/migration/utils.py", line 41, in app_label_to_app_module  app = models.get_app(app_label)  File "/usr/lib/python2.5/site-packages/django/db/models/loading.py", line 140, in get_app  raise ImproperlyConfigured("App with label %s could not be found" % app_label) django.core.exceptions.ImproperlyConfigured: App with label 0054 could not be found

Do not run the “–merge” that is recomended. What you need to do is show a list of historical migrations and see which ones have been left hanging:

( ) 0047_auto__add_securitylevelfile (*) 0048_auto__add_field_reseller_cdn_css__add_field_reseller_cdn_js__add_field (*) 0049_auto__add_field_orders_admin (*) 0050_auto__del_field_orders_admin () 0051_auto__add_field_customer_notify_reseller

As we see the 0047 is that we are breaking consistency. What we do is mark it as already done this migration, since in the past and effectively carry out the 0047;-)

./manage.py migrate main --fake 0047_auto__add_securitylevelfile

We run list to see the result:

./manage.py migrate --list
(*) 0047_auto__add_securitylevelfile
 (*) 0048_auto__add_field_reseller_cdn_css__add_field_reseller_cdn_js__add_field
 (*) 0049_auto__add_field_orders_admin
 (*) 0050_auto__del_field_orders_admin
 () 0051_auto__add_field_customer_notify_reseller

and we run migrate at the end

./manage.py migrate main

You can also go a little further, resetting completely  South

Download and share free files without fear of the censorship

(versión en español)

At this time, in almost every country in the world there is some law or laws which makes it difficult to share information on the Internet.
Some of them are the famous SOPA, PIPA and the law <a href="http://es.wikipedia posologie de viagra.org/wiki/Ley_de_Econom%C3%ADa_Sostenible” target=”_blank”>SINDE but are not the only, the most extreme case is probably censorship in China.
However, there are several methods to share what we want without censorship

Click the image to enlarge
How to avoid censorship to share files in Internet
Via: CONEKIA

Email marketing. Increases the rate of messages delivered.

(versión en español)

The goal of many of our customers is that messages sent in email marketing campaigns to reach the maximum number of subscribers.

These campaigns are based on sending mass e-mails and Internet service providers (ISP) may block the delivery of these emails to subscribers who are in their networks.

I will focus on certain concepts that may help to improve or increase the rate of message delivery in email marketing campaigns, but also is applicable and desirable, to any server or email system: Sigue leyendo

Combat Spam in your server

(versión en español)

In Conekia have spent years dealing with spam in the mail, curse on network can made somebody mad  in performing of his daily work.
It could be defined as any unsolicited or unwanted, usually for advertising purposes and are also often sent in bulk. Any email account is likely to receive such messages, and as suffer.

Techniques to avoid spam.
Let’s say there is no technique that guarantees complete form that we will not suffer the arrival of these messages, even though someone back in 2004 (we all know who) predicted the end of such practices in 2006.
As new methods appear to combat it, spammers (those who send spam) manage to develop others to continue with these practices.
These are some of the methods that we use in the server configurations to our customers.

Sigue leyendo

The importance of the Backup

(versión en español)

A backup is a copy of critical information from a computer system, which is then used to retrieve the information for a possible loss.
Needless to say, the backup’s is one of the most important elements of any business to save data. We at Conekia, do backups regularly and review are being done correctly. In fact, shortly before writing this article, we had to retrieve a copy of one of our internal servers.
What information do you copy?
When we do the copy is to consider what information is being copied and the characteristics of it.
For example, files from a web page do not change unless you update the web. This information is static so we should not take actions such as blocking file to copy. Furthermore, a database changes over time so that when we do the backup, you could be doing writing on it. So we have to use some strategy to block files, such as a dump (which will lock the tables when to dump the database) or a snapshot.

Install ISPCP control panel

(versión en español)
In this article I will explain how to install ispCP panel in Ubuntu.

Unlike Plesk, this panel is free, no need to acquire licenses to use it without restrictions.
The server where you go to install the panel must have an associated domain name FQDN format, such as panel.midominio.com
Make sure you have root privileges on the server before you install the panel.

1. Install the required software packages.

# apt-get install aptitude
# aptitude update && aptitude safe-upgrade
# aptitude install tar bzip2 wget lsb-release nano

Sigue leyendo

Install and upgrade Plesk

(versión en español)

To purchase Plesk you must first create an account at Parallels http://www.parallels.com.

Then you can download a trial version of 15 days, enough to see how it works.
If you want to use plesk without that restriction must obtain a license, which can be processed from the Plesk panel.

These are the operating systems on which you can install plesk:

 Linux:                                Windows:
 CentOS 6.x *                          Windows Server 2008 R2 SP1 *
 CentOS 5.x                            Windows Server 2008 R2
 CloudLinux 6.x *                      Windows Server 2008 SP2
 CloudLinux 5.x                        Windows Server 2003 R2
 Debian 6.0 *                          Windows Server 2003 SP2
 Debian 5.0                            Windows Server 2003 SP1
 openSUSE 11.4 *
 openSUSE 11.3
 RedHat Enterprise Linux 6.x *
 RedHat Enterprise Linux 5.x
 Ubuntu 10.04 Server LTS *
 Ubuntu 8.04 Server LTS
 * Recommended operating systems.

Sigue leyendo

Choose your domain provider.

(versión en español)

In another article we describe what a domain is and some concepts related to it. In this article we will describe some things to consider when registering a domain.

Types of domains.

The extent of each domain (which is on the right after the point) is what is called top-level domain (TLD).

There are two types of TLDs:
The generic (gTLD) such as. com,. org, .net …
And the country code (ccTLD) like .es, .uk, .It …

What we know as the domain as such would be a second-level domain, for example mydomain.com.  A third level domain could be mydomain.com.uk which are usually cheaper.

Sigue leyendo

How to register a domain.

(versión en español)
What is a domain?
A domain or domain name is an identifier that groups a number of devices or services connected to the Internet.
Another possible less technical definition, would be the name that gives presence (usually a company) on the Internet.
A domain is always associated with the IP address of a device connected to the Internet, as it could be a web server. This makes it easier to connect with one of these devices, since it is easier to remember a name like midominio.com an ip address.

Sigue leyendo