php Sessions write error suddenly on website

http://kb.parallels.com/en/115704

Step 1

 cd /var/lib/php/
[root@austin php]# ls -la
total 12
drwxr-xr-x  3 root root 4096 Apr  9 19:54 .
drwxr-xr-x 37 root root 4096 Apr 24 23:41 ..
drwx-wx-wt  2 apache apache 4096 Aug  5 20:01 session

Change the permissions and ownership


chmod 1733 /var/lib/php/session
chown root:root /var/lib/php/session

Step 2

Check the yum update log for php updates as this is usually the cause of the permissions change.


[root@austin log]# grep php /var/log/yum.log
Apr 09 19:54:09 Installed: php-5.3.3-27.el6_5.x86_64

This will give you the date and time of the last php update!

Open the Ubuntu Software center

Screenshot from 2014-08-07 10:42:06

http://www.liveperson.com

Linux

http://solutions.liveperson.com/agent-console/launch/lpac_frame.html
Windows

http://agent.liveperson.net/LPAC/INSTALLER/GA/LPAC_WIN.exe
Mac

http://agent.liveperson.net/LPAC/INSTALLER/GAEA/LPAC_OSX.dmg

(Complete the form with your login credentials & Log in)

My Liveperson Agent Console Download


cd ~/Downloads

javaws LPAC-GA.jnlp


To get started, search for and install network-manager-vpnc package from Ubuntu Software Center. Or, do a:

sudo apt-get install network-manager-vpnc

Once installed, you can follow below steps to setup Cisco VPN for Ubuntu:

1.) Move your cursor to right-top corner system tray area, click on Network Manager icon and choose VPN Connections -> Configure VPN

2.) In next window, click on Add button to add a new connection and then choose Cisco Compatible VPN (vpnc) from the drop-down menu.

3.) Click on Create and you’re able to type in your Cisco VPN details in next window. After all, check off “Use this connection only for resources on its network” otherwise your traffic significantly slowed down

Have a PCF File?


cd /etc/vpnc
mv default.conf default.conf.bk

Now convert the pcf file:


pcf2vpnc namofpcffile.pcf default.conf

Then to run it, you simply do


sudo vpnc /path/to/new.conf

So – you migrated some file to a plesk/cpanel server and the ownership is wrong. Here is how to change it.
Plesk

[root@austin httpdocs]# cd /var/www/vhosts/domain.com/httpdocs/
[root@austin httpdocs]# chown -R  user:group *

cPanel

[root@austin httpdocs]# cd /home/user/public_html/
[root@austin httpdocs]# chown -R  user:group *

Or

Plesk

[root@austin httpdocs]# chown -R  user:group /var/www/vhosts/domain.com/httpdocs/*

cPanel

[root@austin httpdocs]# chown -R  user:group /home/user/public_html/*

How do you move a site from one plesk domian to another on the same server?

The ftp and export method.

Get your data.

1. Ftp to the old site and download the files to your local computer.
2. Login to the plesk panel and go to Manage Hosting for the old domain. Go to Websites and Domains. Go to databases. Click on the database name. Click Webadmin. Click Export Tab. Click Custom. make sure all the databases tables are selected (blue). Click Go. This should produce a popup so you can save the file locally.

New Domain.

1. Login to pelsk and click subscriptions. Click Add New Subscription. Fill out the details (make note of the new username and password) and and click okay.
2. ftp to the new domain and upload the files from the old domain.
3. Go to Manage Hosting for the new domain. Go to Websites and Domains. Go to databases. Click add new database. Click on the database name after creation and add a new database user. Click on Webadmin and go to the import tab. Locate the file for the database download and upload. You should see all the tables at this point.
4. Locate the database config file in the new database and edit it with the new database name, user and password.

Servers popping up that are having php failures or issues with php_admin_value or php_admin_flag when apache restarts. This is occurring on servers running PHP 5.3.26. It appears when this update was pushed out, mod_php is no longer being loaded by default.

The symptoms are outlined here:

http://forum.parallels.com/showthread.php?287767-SOLVED-Latest-php-5-3-26-yum-update-from-art-breaks-apache
https://www.atomicorp.com/forum/viewtopic.php?f=12&t=6891&sid=a2317265ae0523eb9273d9d6001f10ed

You should be able to add the following to the top of php.conf file to resolve the issue:


<IfModule prefork.c>
  LoadModule php5_module modules/libphp5.so
</IfModule>
<IfModule worker.c>
  LoadModule php5_module modules/libphp5-zts.so
</IfModule>

Also…

If you come across a managed server that has the atomic repo enabled and has updated to PHP 5.4.x it more than likely killed their sites.

If this is the case and they were on a newer version of 5.3.x from atomic I’ve got the couple of one liners that I used to remove all the install PHP packages and then install the webtatic repo (which installed disabled) and then to install a base set of php modules from their repo.

This command will figure out what php-5.4.x packages are installed from atomic. Just to verify that you won’t be killing off anything other than the offending atomic packages.


rpm -qa | grep php | grep 5.4

This one-liner will remove all packages that match the above criteria even if they refer to multiple packages or are listed more than once.


for i in `rpm -qa | grep php | grep 5.4` ; do rpm -ev --allmatches --nodeps $i; done

Once they are all removed install the webtatic repo


rpm -Uvh http://mirror.webtatic.com/yum/centos/5/latest.rpm

Then you can install the basic set of packages for php 5.3


yum --enablerepo=webtatic install php php-devel php-mysql php-imap php-xml php-pdo php-gd php-soap

If you connect to the server via SSH and run the command:


ps afwux

php

[root@austin ~]# ps afwux | grep php
root       998  0.0  0.3 335940 25100 ?        Ss   Jun18   1:10 /usr/bin/sw-engine -c /usr/local/psa/admin/conf/php.ini /usr/local/psa/admin/bin/modules/watchdog/wdcollect -c /usr/local/psa/etc/modules/watchdog/wdcollect.inc.php
root     19926  0.0  0.0 103244   848 pts/0    S+   14:39   0:00          _ grep php
10016    23321  0.0  0.1 257956 10956 ?        S    Jul01   0:00 /usr/bin/php-cgi -c /var/www/vhosts/system/coldriverdata.com/etc/php.ini
10016    19924  0.5  0.7 275928 57464 ?        SN   14:39   0:00  |   _ /usr/bin/php-cgi -c /var/www/vhosts/system/coldriverdata.com/etc/php.ini

Plesk server using resources – process is pigz. This is a process used like gzip or zip and is part of the backup process.
http://download1.parallels.com/Plesk/PP11/11.5/release-notes/parallels-plesk-panel-11.5-impacts-for-linux-based-os.html

Compression with pigz

Panel now uses the pigz library instead of gzip to compress backup data. This ensures better CPU utilization and speeds up the compression 3.5 times on a physical server and 1.2 times on a virtual server (depending on the disk I/O).

See more: https://support.plesk.com/hc/en-us/articles/213366009-High-CPU-wait-I-O-and-Load-Average-during-backup

Duplicated Data Removed

Duplicated data is removed from server.xml: Now top-level XML nodes do not contain information about child nodes.

Connection Speed

Now you can see the estimated connection speed between the source and destination servers during data transfer.

Storing Backup Files

You can set the path for storing a temporary backup file, which is created when a customer downloads a backup from the server.

[stextbox id=”warning”]Connection reset by peer: mod_fcgid: error reading data from FastCGI server[/stextbox]

Connection reset by peer: mod_fcgid: error reading data from FastCGI server
[Thu Jul 31 13:05:21 2014] [error] [client 99.xxx.xx.xx] Premature end of script headers: cron.php

Edit fastcgi.conf and add the following:

nano /etc/nginx/fastcgi.conf
FcgidBusyTimeout 3600

PHP Spam Scripts

I finally decided this topic deserves its own page.
To find the script sending spam
Plesk

Ver -11.0


cat /var/www/vhosts/domain.com/statistics/logs/access_log | grep POST > /tmp/post.log

Ver 11.5+


cat /var/www/vhosts/system/domain.com/statistics/logs/access_log | grep POST > /tmp/post.log

WHM cPanel


cat /usr/local/apache/domlogs/domain.com | grep POST > /tmp/post.log

View the results


cat /etm/post.log

78.138.118.128 - - [02/Jan/2014:10:51:41 -0500] "POST /tmp/sys09725841.php HTTP/1.1" 200 181 "-" "-"
78.138.118.128 - - [02/Jan/2014:10:52:54 -0500] "POST /tmp/sys09725841.php HTTP/1.1" 200 181 "-" "-"
78.138.118.128 - - [02/Jan/2014:10:54:13 -0500] "POST /tmp/sys09725841.php HTTP/1.1" 200 181 "-" "-"
78.138.118.128 - - [02/Jan/2014:10:55:18 -0500] "POST /tmp/sys09725841.php HTTP/1.1" 200 181 "-" "-"
78.138.118.128 - - [02/Jan/2014:10:56:32 -0500] "POST /tmp/sys09725841.php HTTP/1.1" 200 181 "-" "-"

Joomla

This file often appears in /tmp/sysNNNNNNNN.php file
1. /tmp is 777
2. the sysNNNNNNNN.php is usually accompanied by a .zip file
3. .php and .zip are owned by apache