Join the community today
Register Now

yum update question + nginx question

Discussion in 'System Administration' started by hitman, May 29, 2016.

  1. hitman

    hitman Member

    115
    9
    18
    Jul 18, 2014
    Ratings:
    +13
    Local Time:
    1:35 AM
    hello
    i hope it is not a problem that i ask 2 questions together and i am not opening a separate topic.

    1) I have the path for the uploads on my site like this domain.com/uploads and through the domain.com.conf file in /usr/local/nginx/conf/conf.d i have blocked the execution of php in this path. Now if someone visits this path domain.com/uploads it shows a white page and i believe that it should not, it should throw an error or something there. Could you please let me know if i have done something wrong or if i should add something there for extra security ?

    2) When i try to update through yum (yum -y update) i get the following error
    Code:
    ---> Package ImageMagick-last-c++.x86_64 0:6.9.4.3-1.el6.remi will be updated
    --> Processing Dependency: ImageMagick-last-c++(x86-64) = 6.9.4.3-1.el6.remi for package: ImageMagick-last-c++-devel-6.9.4.3-1.el6.remi.x86_64
    ---> Package ImageMagick-last-libs.x86_64 0:6.9.4.3-1.el6.remi will be updated
    --> Processing Dependency: ImageMagick-last-libs(x86-64) = 6.9.4.3-1.el6.remi for package: ImageMagick-last-6.9.4.3-1.el6.remi.x86_64
    ---> Package libxml2-python.x86_64 0:2.7.6-21.el6 will be installed
    --> Finished Dependency Resolution
    Error: Package: ImageMagick-last-c++-devel-6.9.4.3-1.el6.remi.x86_64 (@remi)
               Requires: ImageMagick-last-c++(x86-64) = 6.9.4.3-1.el6.remi
               Removing: ImageMagick-last-c++-6.9.4.3-1.el6.remi.x86_64 (@remi)
                   ImageMagick-last-c++(x86-64) = 6.9.4.3-1.el6.remi
               Updated By: ImageMagick-last-c++-6.9.4.4-1.el6.remi.x86_64 (remi-safe)
                   ImageMagick-last-c++(x86-64) = 6.9.4.4-1.el6.remi
    Error: Package: ImageMagick-last-6.9.4.3-1.el6.remi.x86_64 (@remi)
               Requires: ImageMagick-last-libs(x86-64) = 6.9.4.3-1.el6.remi
               Removing: ImageMagick-last-libs-6.9.4.3-1.el6.remi.x86_64 (@remi)
                   ImageMagick-last-libs(x86-64) = 6.9.4.3-1.el6.remi
               Updated By: ImageMagick-last-libs-6.9.4.4-1.el6.remi.x86_64 (remi-safe)
                   ImageMagick-last-libs(x86-64) = 6.9.4.4-1.el6.remi
    You could try using --skip-broken to work around the problem
    You could try running: rpm -Va --nofiles --nodigest
    please note that in order to update as soon i had run
    Code:
    yum -y update --enablerepo=remi --disableplugin=priorities
    how can i fix this?

    thank you in advance
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    8:35 AM
    Nginx 1.13.x
    MariaDB 5.5
    2nd fixed by disabling remi-safe repo if you update to latest 123.09beta01 and run centmin.sh once after Beta Branch - disable remi-safe repo by default | Centmin Mod Community

    or just disable it manually via cmd
    Code (Text):
    sed -i 's|enabled=1|enabled=0|' /etc/yum.repos.d/remi-safe.repo


    1st need the syntax you used for blocking php in /upload

    When you create a new nginx vhost domain via centmin.sh menu option 2 or menu option 22 or via /usr/bin/nv cli command line, you will create the Nginx vhost files and directories. You will get an outputted the path location where it will create the domain name's vhost conf file named newdomain.com.conf (and newdomain.com.ssl.conf if you selected yes to self signed SSL)
    • Nginx vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.conf
    • Nginx HTTP/2 SSL vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
    • Nginx Self-Signed SSL Certificate Directory at /usr/local/nginx/conf/ssl/newdomain.com
    • Vhost public web root will be at /home/nginx/domains/newdomain.com/public
    • Vhost log directory will be at /home/nginx/domains/newdomain.com/log
    Please post the contents of /usr/local/nginx/conf/conf.d/newdomain.com.conf and if applicable /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf wrapped in CODE tags (outlined at How to use forum BBCODE code tags)
     
  3. hitman

    hitman Member

    115
    9
    18
    Jul 18, 2014
    Ratings:
    +13
    Local Time:
    1:35 AM
    Code:
    # Prevent access to ./directories and files
        location ~ (?:^|/)\. {
            deny all;
        }
    
        location / {
    
            # block common exploits, sql injections etc
            include /usr/local/nginx/conf/block.conf;
    
            # Enables directory listings when index file not found
            # autoindex  on;
    
            # Shows file listing times as local time
            autoindex_localtime on;
    
            try_files    $uri $uri/ /index.php;
    
        }
       
    
    
        location ~^(/upload/).*(\.php)$ {
            deny     all;
        }
    this is the part that blocks php execution in upload path
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,194
    6,789
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,144
    Local Time:
    8:35 AM
    Nginx 1.13.x
    MariaDB 5.5
    looks good if you have a blank /upload/index.html it will show as it's not a .php file