Category Archives: Web Server

PHP connection to Microsoft SQL server from LAMP server

We have recently been working on a project for a client that involves dynamically creating web pages from data stored in a Microsoft SQL database. The solution is based on a LAMP (Linux, Apache, MySQL and PHP) server running Ubuntu.

Why not use IIS I hear you ask? Mainly because of costs and licensing and the Ubuntu server will be running several Web sites.

Here is a very basic example of the PHP code using PDO and DBLIB:

$user="username";
$password="password";
$dbh= new PDO('dblib:host=SERVERNAME\SQLSERVERINSTANCE;dbname=DBNAME',$user,$password);

$query = “SELECT * FROM SOME_TABLE”;
$statement = $dbh->prepare($query);
$statement->execute();
$result = $statement->fetchAll(PDO::FETCH_ASSOC);

var_dump($result);

You need to install the DBLIB PDO driver:

sudo apt-get install php7.0-sybase

Fail2ban Linux Security

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs — too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.

Source: Fail2ban

How to loose customers permanently.

Nearly all of us have had spam emails from a business that have had one or more Email accounts or their website hacked and normally we ignore it and add it to our Email clients spam list and that’s the end of it. But what does this mean to the business ? They have just lost clients permanently.

So how do business prevent such disastrous events ?

  • Every PC, Laptop, Tablet and Phone should have an active anti virus installed.
  • You Email domain needs to have some kind of SPAM filtering so that your users do not click on an infected Email, for a small business this can normally be done via the anti virus application.
  • Unless your web site is static you must ensure that the web design company or individual provide regular updates to the base code and web hosting package you have, if they don’t do this don’t use them and find a more professional company.
  • Ensure that your hosting account has very strong passwords, such as your control panel, FTP account and Email accounts.
  • When an employee leaves your business change every password they might have known !
  • Monitor Email blacklists to see if you have been included, your web design company should do this.
  • Do not send SPAM.
  • Add a SPF record to prevent anyone sending Email with your from Email address.

These are the basics but will prevent the multitude of attacks. It is better to do this now than loose customers remember TalkTalk and Vtech to name a few.

If you require assistance please contact us.

Custom Debian Linux build

A client in London asked us to create a custom build of Linux.

Custom Debian Linux build.

The client wanted a fast boot and minimum install of Debian to use for a custom embedded application, the build had to include the following:

  • File sharing
  • A web browser
  • A web server
  • Minimum desktop
  • Auto start the application on user login

We achieved the above by using the Debian net install as the base, Xorg as the X Windows server, Openbox as the desktop, Samba for file sharing, Nginx as the web server.

When the user logs in the web browser is run in kiosk mode and the start page is the local web server. The bespoke application is web based and is based on Bootstrap and a few JavaScript libraries.

The target hardware will be a low powered dual core with 2 GB of RAM and 60GB of solid state storage.

If you require something similar or a bespoke software development from a UK company please contact us