Your browser (Internet Explorer 6) is out of date. It has known security flaws and may not display all features of this and other websites. Learn how to update your browser.

Posts tagged ‘nginx’


Why we can’t have nice things

Brainfart.SG was taken down for almost a month since last April, due to my VPS being exploited. The reason I believe is due to a misconfiguration of the webserver.

Somebody managed to install a backdoor in the VPS and then installed a script to launch a DoS attack.
My VPS was only suspended at first, but after recovering my VPS, it was again compromised to launch DoS attack. Which resulted in me being banned from BuyVM.

Since then, I have moved to Virpus and have spent a considerable effort to harden the VPS.
I’ve installed APF, rkhunter, ZB Block, among other things. And not to mention closing the security hole for nginx + PHP.
Looks like I’ll have to be on an active lookout for vulnerabilities and also solutions…

It seems like in a perfect world, you can leave your doors unlock at night and you also need not worry about your webserver much. But since we live in a imperfect world, we’ll have to lock up our doors, harden our webservers, deploy SSL for our web connections, etc.

And this is why we can’t have nice things.


WordPress Upload Problem

I’ve finished setting up the LNMP stack on my VPS, and got WordPress running on it.

I will be sharing the steps I’ve done to setup the LNMP stack on a later date, but first, I’d like share an issue I’ve encountered after getting WordPress up and running.

After running the install.php script and doing up the settings of my WordPress site, I tried to upload a free theme pack from WooThemes. (Typebased, if you are wondering which one)

The first problem I hit was the server giving me a “Connection Reset” everytime I tried to upload the theme. In the Nginx error log, this was recorded:

2011/09/24 07:34:58 [error] 30097#0: *70 client intended to send too large body: 2617076 bytes, client:, server:, request: "POST /wp-admin/update.php?action=upload-theme HTTP/1.1", host: "", referrer: ""

The “client intended to send too large body” tells us that Nginx was rejecting the theme zip file as it was too big (it’s 2.49MB in size). A check on the Nginx Wiki shows that the default maximum size accepted by Nginx is 1MB, and Nginx resets the connection whenever a browser tries to send or request a file greater than 1MB. So we’ll have to update the nginx.conf file with the “client_max_body_size” directive to get Nginx to send and receive a bigger file. I’ve changed mine to a value of 3MB and you may adjust yours accordingly. Note that the directive is placed in the “http” section.

http {
client_max_body_size 3M;

I tried to upload the theme file again, and this time the file was accepted by Nginx without a problem. However, WordPress threw an error, “The uploaded file could not be move to …/wp-content/uploads.” Not a very intuitive error, seems like it is a permission issue with WordPress trying to write to the uploads directory… The logs weren’t showing any error and a Google search resulted in quite a few people having the same problem.

Most of the resolution are to do with setting the correct permission for the uploads directory. A check with my uploads directory shows that the permissions are correct  and I even tried to give full 777 permission to the directory! But error still persist… It took me quite a while, trying to figure out what’s wrong and then it suddenly hit me! It could be related to the Nginx size error, but at the PHP layer. A quick Google shows that PHP has a “upload_max_filesize” and “post_max_size” directive, so I updated my php.ini to include the two directives:

upload_max_filesize = 3M
post_max_size = 3M

Bingo!  The theme file went through and was installed in WordPress.