CVE-2017-5638: Apache Struts 2 Vulnerability

Struts-Shock-Blog

Apache Struts 2 is an open-source development framework for Java applications.
On March 6th, 2017, a vulnerability tracked as CVE-2017-5638 in Apache Struts 2 was made public. This vulnerability could allow an attacker to perform remote code execution with a malicious Content.
This particular vulnerability can be exploited if the attacker sends a  request to upload a file to a vulnerable server that uses a Jakarta-based plugin to process the upload request.
The attacker can then send malicious code in the Content-Type header to execute the command on a vulnerable server.
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string as exploited in the wild in March 2017.

Solution
===========
Both Cisco and Apache researchers asked administrators to upgrade their systems to Apache Struts version 2.3.32 or 2.5.10.1

Configuration of HAProxy Load Balancer on CentOS

HAProxy stands for High Availability proxy.  It is a very fast and reliable solution for high availability and load balancing. HAProxy is used as TCP/HTTP Load Balancer and for proxy Solutions.The HAProxy application will share the workload with multiple servers.

Steps for Installation and configuring  HAproxy
===========

Step 1: Before proceeding with the installation of  HAProxy in the server, we need to install epel repository on our system depending on the operating system version using the following command.
Continue reading…

Monitor Real time resource usage in CloudLinux :: lvetop

CloudLinux is one of the widely used Operating System now-a-days due to the high level stability and advanced server security it provides, which makes it the first preference to hosting providers, especially in shared hosting environment.

LVE (Lightweight Virtual Environment) is a kernel level technology developed by the CloudLinux team. It is lightweight and transparent. The goal of LVE is to make sure that no single website can bring down your web server.

The kernel makes sure that all LVEs get fair share of the server’s resources, and that no customer can use more than the limits set for that customer.
Continue reading…

Zend OpCache

The Zend OpCache provides faster PHP execution through opcode caching and optimization. It improves PHP performance by storing precompiled script bytecode in the shared memory.

Installing Zend OPCache on PHP 5.3 or 5.4

1. Login to SSH on your server

2. Type the following commands:

#cd /usr/local/src

#wget http://pecl.php.net/get/ZendOpcache

# to get the latest (master) build do the following instead:

Continue reading…