deny access to .git directory with Apache 2 on Debian

When you use GIT in order to deploy your website on an Apache web server, in everybody can access to the .git subfolder. Which means that it’s possible to get your source code (even passwords…).

Create a file name /etc/apache2/conf.d/denyGIT

# do not allow .git version control files to be issued
<Directorymatch "^/.*/\.git+/">
  Order deny,allow
  Deny from all
</Directorymatch>
<Files ~ "^\.git">
    Order allow,deny
    Deny from all 
</Files>

retart apache

/etc/init.d/apache restart

Remettre les serveurs DNS OVH

Un de mes domaines a pour registrar OVH. J’avais indiqué que ses DNS étaient un serveur privé pendant un temps, maintenant que je désire utiliser de nouveau les DNS d’OVH je ne trouve nulle part les Serveurs DNS à utiliser. après 24h sans réponse du support je fini par faire un choix un peu dangereux (car il est possible que je coupe la reception des emails pendant la transition).

Comme il m’est impossible de savoir quel serveur parmi les nsXX.ovh.net dnsXX.ovh.net (XX = 11, 12, 13 ou 14 ….) je fini par tenter à l’aveugle  ns.ovh.net et dns.ovh.net et là miracle, OVH a remplacé automatiquement par ns13.ovh.net dns13.ovh.net.

En conclusion, ce comportement n’est expliqué nulle part dans les doc et forum.

Mais mon soucis ne s’arrête pas là. Car en fait il m’est toujours impossible de gerer la zone DNS. Seul le support technique peut réparer cela car il semble que mon domaine est dejà déclaré chez eux et changer l’hébergement en choisissant

“Activer les redirections web et email (gratuit)” me donne le résultat suivant :

Ce domaine est déjà configuré sur notre système

 

Les forum sont unanimes, seul le support peut intervenir sur ce dernier soucis.

Suis-je en 3G 900MHz ou 2100MHz ?

Sur iPhone composer le *3001#12345#* et appeler.

Choisir alors UMTS Cell Environment->UMTS RR Info
Puis regardez le champs “Downlink Frequency”.

Les fréquences indiquées sont listées sur cette page :

http://en.wikipedia.org/wiki/UMTS_frequency_bands

Mais en résumé :

* UMTS 2100 – Downlink sera entre 10562 – 10838.

* UMTS 900 – Downlink sera entre 2937 – 3088.

suPHP

On a web server, suPHP allows PHP to run as the user and group that owns the file.

In WordPress, for example it allows to upload files, update wordpress itself or its plugins.

But obvious security issues can make this Apache module really dangerous for your other websites. Here is how I installed it only for WordPress.

http://wiki.gonzofamily.com/a/SuPHP

Git Server on Debian

After testing GIT, and without hesitation, I decided to abandon SVN/Subversion. I won’t write here one more article comparing them but I wrote (and update regularly) a wiki page explaining how to install it on Debian and give access via HTTP, SSH and HTML.

http://wiki.gonzofamily.com/a/Install_GIT_as_public_repository_on_Debian

I also noted how I transfered my existing local XCode repositories to this server, but I will improve this doc soon:

http://wiki.gonzofamily.com/a/GIT_and_XCode

Retrieve local IPv4/IPv6 on Wifi/Cellular on iPhone

On iOS, you want to know your local IP (for example, when an application opens a webpage on the wifi interface) but the iOS SDK provides no simple way to get the IP Address for the wifi connection.

I found an interesting Method in Objective-C which retrieve the IPv4 address of the wifi connexion as a NSString on Zach Waugh’s blog.

Sadly it doesn’t work with IPv6. So I modified it and here is the code:

http://wiki.gonzofamily.com/a/Retrieve_local_IPv4/IPv6_on_Wifi/Cellular

PID on Mac OS X without Netstat

On Linux we use to see the Processes associated to a listening network port with the following command
netstat -p

On Windows it’s
netstat -o

Sadly on Mac OS X this option doesn’t exist. The equivalent will be
sudo lsof -P

So we can imagine that we need to know which program dare listening on port 123
sudo lsof -Pn | grep 123

You will see something like that:

ntpd 21 root 20u IPv4 0x0899ace4 0t0 UDP *:123
ntpd 21 root 21u IPv6 0x0899ac08 0t0 UDP *:123
ntpd 21 root 22u IPv6 0x0899baa4 0t0 UDP [::1]:123
ntpd 21 root 23u IPv6 0x0899b8ec 0t0 UDP [fe80:1::1]:123
ntpd 21 root 24u IPv4 0x0899b810 0t0 UDP 127.0.0.1:123
ntpd 21 root 25u IPv6 0x098b5658 0t0 UDP [fe80:4::cabc:c8ff:fe90:6472]:123
ntpd 21 root 27u IPv6 0x098b5b80 0t0 UDP [2002:3ba7:d4b1::cabc:c8ff:fe90:6472]:123
ntpd 21 root 28u IPv4 0x15463370 0t0 UDP 10.0.130.101:123
ntpd 21 root 30u IPv6 0x15464b80 0t0 UDP [2002:3ba7:d4b1::c3e:e29a:8de6:68cc]:123

So it was the NTP Daemon with the process ID 21…. petit coquin !

(Cf this page of my Wiki: http://wiki.gonzofamily.com/a/Port_listening_on_Mac,_Windows_or_Linux)