cPanel: Setup Nginx as Reverse Proxy with Apache

cPanel comes with Apache web server by default. Its not mean that we cannot integrated Nginx inside. With some minor changes, we can install Nginx to listen to port 80 and forward any PHP process to Apache on another port, 88. Apache is not really good in handling static files, so we will pass this task to Nginx. You will noticed that your memory and CPU will decrease once you have done this setup.

Warning: This setting is not suitable for shared hosting environment. I strongly recommend you to apply this if you have 1 busy website running under cPanel. Make sure you have compiled your Apache modules and features using EasyApache.

I am using variables as below:

OS: CentOS 5.6 32bit
cPanel: cPanel 11.30.1 (build 4)
Domain IP:
Apache port: 88
User: mywebs
Home directory: /home/mywebs

1. Since Nginx will be reverse proxy for Apache, we don’t want our log file to record the proxy IP. We want the real IP as usual. This will make sure our stats page like Webalizer and AWstats will record the correct information. So we need to install mod_rpaf which is “Reverse Proxy Add Forward” module for Apache. You can download that at

cd /usr/local/src
tar -xzf mod_rpaf-0.6.tar.gz
cd mod_rpaf-*
apxs -i -c -n mod_rpaf-2.0.c

2. Once installed, we need to load the module into Apache configuration. Since cPanel already has Include Editor for Apache, we will use that functions. Login to WHM > Service Configuration > Apache Configuration > Include Editor > Pre Main Include > All Versions and paste following text:

LoadModule rpaf_module modules/
RPAFenable On
RPAFproxy_ips # replace the value with your server IP
RPAFsethostname On
RPAFheader X-Real-IP

3. Click Update > Restart Apache. The module should be loaded after restart.

Continue reading “cPanel: Setup Nginx as Reverse Proxy with Apache” »

PHP Driver: MySQL vs MySQLi vs PDO MySQL

In order for PHP to communicate well with database provider which is MySQL, we need to decide on which PHP “driver” that we should use. The term “driver” is not so correct but its fair enough to describe the MySQL connecter from PHP point-of-view.

mysql extension

  • Mysql extension is the original extension designed to allow you to develop PHP applications that interact with a MySQL database.
  • The mysql extension provides a procedural interface and is intended for use only with MySQL versions older than 4.1.3.
  • This extension can be used with versions of MySQL 4.1.3 or newer, but not all of the latest MySQL server features will be available.
  • Develop using PHP extension framework.
  • Mysql extension does not support Charsets, Prepared Statements and Stored Procedures.

mysqli extension

  • MySQL improved extension, was developed to take advantage of new features found in MySQL systems versions 4.1.3 and newer. The mysqli extension is included with PHP versions 5 and later.
  • Mysqli was faster perform faster queries result than PDO-mysql and mysql extension.
  • Developed using PHP extension framework.
  • Mysqli does support Charsets, Prepared Statements and Stored Procedures.
  • Server-side prepared statements which can increases the number of round-trips or memory usage.
  • If you are using MySQL versions 4.1.3 or later it is strongly recommended that you use the mysqli extension instead.

PDO-mysql extension

  • PDO (PHP Data Objects) offer great security than other without much hassle, but for transition i would suggest you to move to mysqli since it faster, easier than PDO, and most api/syntax are quite same with the old mysql extension.
  • PDO allows you to use the same API calls for various databases. You can scale your application to use other databases with just a few code changes.
  • The PDO library has much of the security built in.
  • PDO will need to have different queries to return number of rows.
  • Cannot use /* */ commenting.
  • Server and client-side prepared statements.
  • Complete database abstraction layer.


Features MySQL Improved Extension – ext/mysqli PDO Driver for MySQL – PDO_MYSQLND Classical MySQL Extension – ext/mysql
PHP version introduced 5.0 5.0 Before 3.0
Comes with PHP 5.x yes yes Yes
Comes with PHP 6.0 yes yes Yes
MySQL activities active development active development as of PHP 5.3 maintenance only
MySQL recommended for new projects Yes Yes No
API supports Charsets Yes Yes No
API supports server-side Prepared Statement Yes Yes No
API supports client-side Prepared Statement No Yes No
API supports Stored Procedures Yes Yes No
API supports Multiple Statement Yes Most No
Supports all of MySQL 4.1+ Yes Most No


The mysql extension, the mysqli extension and the PDO-mysql driver can each be individually configured to use either libmysql or mysqlnd. As mysqlnd is designed specifically to be utilised in the PHP system it has numerous memory and speed enhancements over libmysql.

So, when writing an application that is 100% guaranteed to always use MySQL, using mysql or mysqli extension will work better than PDO. But when we need the flexibility of a database abstraction layer, PDO will make your code much more solid and portable.

PDO offer great security than other without much hassle, it is highly recommened to use mysqli since it faster and easier than PDO, and most syntax are similar with the old mysql extension.

For list of supported connector in MySQL, you can refer this page:

Handling 500 Internal Server Error

What usually caused this?

It means that the web server facing ‘internal‘ error before the output can be deliver to client. Basically something has gone wrong, but the server can not be more specific about the error condition. Since web server can be integrated with so many modules inside, this may cause by one of the module facing error when web server received the data from them.


Can you give me some example?

  • An error in a CGI script that caused it to fail or output an error message before it started producing valid HTML. It usually happens if you have a syntax error in one of Perl/PHP CGI scripts.
  • A permissions issue attempting to access a CGI script. Depending on how your web server is configured, quite often it’s not enough for the script to have “execute” permission, but it must also be owned by the correct user, and belong to the correct group.
  • Invalid custom configuration files like .htaccess, web.config, version  incompatibility or wrong syntax applied

What you need to check?

Continue reading “Handling 500 Internal Server Error” »

cPanel: Apache + PHP FastCGI Data Timeout Error

If you are run on cPanel server and have FastCGI enabled in Apache, you might facing following error which caused your website hang or prompting ‘500 Internal Server Error’ message. When checking into /etc/httpd/log/error_log, you will see something similar as below:

[warn] .. mod_fcgid: read data timeout in 40 seconds, ...
[error] .. Premature end of script headers: index.php ...

This is because mod_fcgid has reached the timeout in processing the parse data. So we need to increase some of the respective value:

1. Login to WHM > Apache Configuration > Include Editor > Post VirtualHost Include > All

Continue reading “cPanel: Apache + PHP FastCGI Data Timeout Error” »

Spam, Spammer, Spambots = Money

Spams, spammers and spambots are exist for only one purpose, money.

1. Spam is email that is sent to other people without being requested. Why they want to disturb our life? Because this is one way of advertising.

2. Spammer will mostly send you something that you don’t know and don’t want to know, and turn to make you know, which equal to advertising. Advertising agency usually get paid for publishing advertisement, newsletter, social announcement and many more, so do spammer. Spammer get money for doing advertising on bad things like replica stuffs, pills, porn, multi-level marketing etc. In short word, spammer is ‘bad advertising agency’.

3. Spammers are not stupid. They have capabilities to be hackers, software developers, system engineers, researchers who tend to get more money which will bring themselves happiness, with less effort. They know how to do things right, do automation for their spamming task, bypass all security features and build many ‘add-on features’ in order to bring the ‘advertisement’ directly to you.

Continue reading “Spam, Spammer, Spambots = Money” »

Windows: Find And Replace Text Command Line Utility

FART or Find And Replace Text command line utility is a Windows improved version of the well-known ‘grep‘ command, with advanced features such as: case-adaption of the replace string; find (and replace) in filenames or auto CVS edit. You can download from Sourceforge and integrate it into your Windows environment.

Why We Need This?

For me, Windows Server 2008 R2 search tool is not really good, where its hard for me to find/replace some text into all files in certain directory recursively. Since I have experience in managing Linux box (using command line), it is really convenience to have something command-line based to do this for you.

Lets say something wrong happen to your website, which being injected, similar to this post, but happen in Windows server, then this is what you need.

Here is my environment:

OS: Windows 2008 R2 64bit
Directory: C:\user1\public_html
Infected files: All .html files under this directory
Infected code: “<script src= ></script>”

1. Download the application at Sourceforge,

2. Extract the zip files somewhere and you will see there is one file inside called fart.exe. Move or copy it to C:\Windows\system32.

Continue reading “Windows: Find And Replace Text Command Line Utility” »

FreeBSD: Update Ports

FreeBSD has a lot of variety applications available via port. For me, this is the best thing so far in FreeBSD, plus simplicity, configurable and stability. Portsnap is a tool to let us get the distributed FreeBSD ports tree, in a simple way, we update the ports and get the latest stable version from the main tree.

To update ports, run following command:

portsnap fetch update

Once done, we need to extract them so it will update what available under /usr/ports:

portsnap extract

Attention: It might takes long time depending on your connection speed and hardware specs. You can grab a cup of coffee and watch Youtube to wait for this process to complete.

FreeBSD: NginX+PHP 5.3 FastCGI (FPM) Installation

NginX (pronounced “engine x”), is a high performance web server and a reverse proxy server. This server is well-known for its low memory footprint rather than Apache. You can refer here for Nginx vs Apache Performance Benchmark result. Nginx is way too better for Apache.

Popular websites that run on Nginx are SourceForge, WordPress, and Hulu. By making Nginx run in FreeBSD, you can deliver light, efficient, powerful, stable and secure web server in a simple way.

What is PHP? I think you all already know and no need to explain further. The PHP handler we will use is FastCGI Process Manager (FPM), is an alternative PHP FastCGI implementation with some additional features useful for sites of any size, especially busier sites. This setup will surely deliver high-performance web service with low specs hardware.

OS: FreeBSD 8 64bit
Nginx version: 0.8.54
PHP version: 5.3.6
Website IP:
Web directory: /home/mydomain/public_html

1. Lets start by installing Nginx web server:

cd /usr/ports/www/nginx
make install clean

Once installation start, it will prompt nginx module selection page. You can select any Nginx module you want, but for me, I will select following module to be compiled right away:

[X] HTTP_MODULE               Enable HTTP module
[X] HTTP_ADDITION_MODULE      Enable http_addition module
[X] HTTP_CACHE_MODULE         Enable http_cache module
[X] HTTP_DAV_MODULE           Enable http_webdav module
[X] HTTP_FLV_MODULE           Enable http_flv module
[X] HTTP_GEOIP_MODULE         Enable http_geoip module
[X] HTTP_GZIP_STATIC_MODULE   Enable http_gzip_static module
[X] HTTP_IMAGE_FILTER_MODULE  Enable http_image_filter module
[X] HTTP_PERL_MODULE          Enable http_perl module
[X] HTTP_RANDOM_INDEX_MODULE  Enable http_random_index module
[X] HTTP_REALIP_MODULE        Enable http_realip module
[X] HTTP_REWRITE_MODULE       Enable http_rewrite module
[X] HTTP_SECURE_LINK_MODULE   Enable http_secure_link module
[X] HTTP_SSL_MODULE           Enable http_ssl module
[X] HTTP_STATUS_MODULE        Enable http_stub_status module
[X] HTTP_SUB_MODULE           Enable http_sub module
[X] HTTP_XSLT_MODULE          Enable http_xslt module

If you receive any prompt after that, just accept all values if you want to have a complete setup, or else select what you want, if you know what you are doing.

2. Web server installation done. Make sure Nginx is enabled by adding following line to /etc/rc.conf:


Continue reading “FreeBSD: NginX+PHP 5.3 FastCGI (FPM) Installation” »

Linux: Remove Specific String in Text Files

Webmaster usually can get headache when their website’s static page like HTML, JS and CSS being injected with some kind of malicious code. You will see some iframe tag or source tag inside your HTML coding and some of it has caused your website being classified by Google and Firefox as ‘harmful’.

We called this as XSS attack (cross site-scripting; X means cross) which enable attackers to inject client-side script into the web pages viewed by other users. Usually it caused by permission of your web files is globally writable. You can find out more about this attack at Wikipedia, since here I just showing you some way to find and remove the injected scripts.

I am using following variables:

Infected user: user1
User’s web directory: /home/user1/public_html

1. Usually, you will received a report regards to your website has been listed as harmful or ‘Reported Attack Site’ as below:

2. Click the ‘Why was this site blocked?’ and then you will be redirected to Google Safe Browsing page. This website will tell you what malicious software has been hosted, or being injected into your code. Lets say in this case, the values is

Continue reading “Linux: Remove Specific String in Text Files” »

Debian – Update Source List

If you are a Debian administrator, its advisable to run apt-get update before proceed to install any package to make sure that you can get connected to the mirror and the installation will run smoothly with latest package list. Sometimes, you will see following error when trying to update:

W: Some index files failed to download, they have been ignored, or old ones used instead.

This means that the mirror provider which has been setup in your source list is down, or unreachable, or you have routing problem between you and mirror server and any related connectivity problem. So, we need to change the sources list and provide another mirror server which you can get from Debian website, . In my case, I will use Japan mirror.

1. Login to the server via SSH/console and open /etc/apt/sources.list via text editor:

[email protected]: ~# nano /etc/apt/sources.list

2. Edit the file following example below. Since I will use Japan mirror, my sources list will be like this:

# deb cdrom:[Debian GNU/Linux 6.0.1a _Squeeze_ - Official amd64 NETINST Binary-1 20110320-15:00]/ squeeze main
#deb cdrom:[Debian GNU/Linux 6.0.1a _Squeeze_ - Official amd64 NETINST Binary-1 20110320-15:00]/ squeeze main
deb squeeze main non-free contrib
deb-src squeeze main non-free contrib
deb squeeze/updates main contrib non-free
deb-src squeeze/updates main contrib non-free
deb squeeze-updates main non-free contrib
deb-src squeeze-updates main non-free contrib

3. Update the package list from new provider:

[email protected]: ~# apt-get update

After you run that, make sure you will see no error at the end of the output. You should able to do apt-get installation without any problem anymore.

PHP Handler: DSO vs CGI vs SuPHP vs FastCGI

What is PHP Handler?

PHP handler supplies the required library to interpret PHP code. Each handler delivers the libraries through different files and implementations. Each file and implementation affects Apache’s performance, because it determines how Apache serves PHP.

You need to make the right decision on how Apache should handle your websites or web applications. I am using WHM/cPanel to manage Apache and PHP, I will focus more on advantages and disadvantages from cPanel point of view rather than how to install, implement or switch between each handler.


PHP runtime is loaded once, when Apache starts up and then reused for all requests.



  • Since DSO is only loaded once, it is faster than CGI and SuPHP
  • PHP can direct access to some Apache-specific calls, which gives you some more fine-grained control on the HTTP-level.
  • Allow for most common PHP .htaccess (php_flag) directives to be used.
  • Good for single sites that require performance over ease of use and security
  • Suitable environment to run PHP optcode caching addon such as eAcclerator, APC or Xcache
  • Well suited for low and high traffic sites but not for CMS systems like Joomla


  • PHP processes are handled by the user that is running httpd. In most cases, this user is the ‘nobody’ user. This means when PHP interacts with files on the file system, they have to be accessible by the ‘nobody’ user. This creates permissions issues as your normal cPanel based user will not have access to read/write files that are owned by the ‘nobody’ user without the correct permissions changes. Most PHP web scripts need to write to files and directories and if they are owned by the cPanel user, without changing the permissions on the files or directories to 777, it will cause issues and in some cases, break your website
  • Runs not under user who owner of the site, so you will have to manually manage the permissions on a per user basis to ensure that your PHP apps/scripts can read and write to the files and directories of which it needs to function
  • Any changes on PHP configuration, will required to restart Apache service to make sure the module being reloaded


A new PHP CGI process is invoked on each Apache request for PHP processing.



Popular and Free WHM/cPanel Plugins

WHM/cPanel is the most popular Linux control panel for hosting provider. This powerful software can be integrated with many plugins which come from cPanel Inc or 3rd party provider. Integrating plugins inside WHM is easy and it will help you administering the server, while in other hand, adding more features for your users.

I have list out some of my favorite plugins including on how to install which is FREE to use:

cPanel Inc

ClamAV Connector
Description: Anti-virus protection which integrated to cPanel/WHM. You can use this to scan home directory, mail, public_html and public_ftp folder for each account

How to install: Login to WHM > cPanel > Manage Plugins > tick ‘clamavconnector’ > Save

Description: Networked resource monitoring tool that can help analyze resource trends

How to install: Login to WHM  > cPanel > Manage Plugins > tick ‘munin’ > Save

Description: Install, update, and uninstall addons. Addons in cPanel term are applications that work with cPanel to perform useful functions for users’ websites. Examples of these applications include bulletin boards, online shopping carts, and weblogs

How to install: Login to WHM > cPanel > Install cPAddons > tick all checkboxes > tick ‘Force Refresh of All cPAddon Sources’ > Update Addon Config

Ruby on Rails
Description: Open source web application framework for the Ruby programming language

How to install: Login to the server via SSH/console as root and execute following lines:


Softaculous Ltd

Description: Auto installer that can help you install 200++ web applications with single click

How to install:
cd /usr/local/cpanel/whostmgr/docroot/cgi
wget -N
chmod 755 addon_softaculous.php

Continue reading “Popular and Free WHM/cPanel Plugins” »