PHP Cannot Connect to MySQL (Error 13) But CLI Can

Sometimes More often than not, quirky things happens when initially setting up a server environment. Usually, this quirks tend to arise when getting the various components of your stack talking to each other. In this situation, PHP and MySQL have been properly configured, however a problem has presented itself: the command line interface to PHP is connecting to MySQL just fine, however when testing the connection via a script run from a web browser, it results in the error:

Could not connect: Can't connect to MySQL server on 'MYSQL.SERVER' (13)

This particular problem popped up on a CentOS 5.8 server, however this annoyance can be experienced on a number of systems, as it has to do with the default network security behavior of SELinux, which does not allow connections from HTTP to MySQL. You can allow this behavior by running the following command:

setsebool -P httpd_can_network_connect_db=1

Alternatively, you can disable SELinux entirely; that’s a tutorial for another day, though.

Update Ruby to 1.9.3 in OS X Lion 10.7.3

It’s really quite simple, as annoying (possibly daunting, too) as it may seem. You don’t need Homebrew, although you can do it that way if you would like. Here’s the nitty gritty, just open up a Terminal window and follow along.

Install RVM (Ruby Version Manager)
curl -L get.rvm.io | bash -s stable

If you have any other Terminal windows open, use the below command in each open window at this point, replacing username with your actual username:
source /Users/username/.rvm/scripts/rvm

Install Ruby 1.9.3
rvm install 1.9.3

Run Ruby with the version flag to double check our work.
ruby -v
ruby 1.9.3p194 (2012-04-20 revision 35410) [x86_64-darwin11.3.0]

Reset FileMaker Server 8 Admin Password

In situations where the administrative bus factor was one and you are not privy to the FileMaker Server (FileMaker Server 8, that is) administrator password, fret not! You are in luck, it is indeed possible to circumvent this protection. I cannot stress enough that this is not common practice and falls into the category of “database server open heart surgery” … do not attempt this if you are unfamiliar with the unix command line or the OS X architecture.

Make sure any and all FileMaker Pro users are disconnected before attempting this process.

Step #1 – Back up the existing FileMaker Server .plist file

sudo cp /Library/FileMaker\ Server/Library/Preferences/ByHost/com.filemaker.fmserver.MACADDRESS.plist ~

Replace MACADDRESS with your computer’s MAC address. Alternative, you can list the directory to see what .plist yours might be:

sudo ls /Library/FileMaker\ Server/Library/Preferences/ByHost/

Step #2 – Edit the .plist file and save as new .plist file

Using a .plist editor, remove the ‘AdminAuth’ key and value completely. When done, save the updated .plist as a new file, I chose new.plist in this example.

Step #3 – Forcefully shut down the FileMaker Server

This is not a recommended way to shut down your FileMaker database, as it could cause corruption, especially if the database is actively being used. Please make sure to have a recent backup before attempting this step.

Use ps aux | grep FileMaker to find the process id of fmserverd, then kill it:

kill PROCESSID

Step #4 – Update the .plist file FileMaker Server uses for configuration

sudo cp ~/new.plist /Library/FileMaker\ Server/Library/Preferences/ByHost/com.filemaker.fmserver.MACADDRESS.plist
sudo chown fmserver:fmsadmin /Library/FileMaker\ Server/Library/Preferences/ByHost/com.filemaker.fmserver.MACADDRESS.plist

Step #5 – Reboot the FileMaker Server machine

Reboot the FileMaker Server machine and when FileMaker Server automatically launches, it will no longer require an administrator password. Use fmsadmin or a GUI administration tool to log in and set a password to resecure the FileMaker database.

Setting Up A LAMP Stack on Debian Squeeze

As it’s mostly for the sake of my own posterity, I’m going to be extremely concise with this walk through on setting up a LAMP stack on the Debian Linux distribution, specifically, Debian 6.0 (Squeeze).

Note: All commands are from root’s perspective, as we’ll be setting up users for each of the sites. Further note that this tutorial does not encompass jailing users to their home directory.

Step #1 Installing Apache2
apt-get install apache2
Optionally, enable mod_rewrite using ‘a2enmod’
a2enmode rewrite

Step #2 Configure an Apache2 Virtual Host
Create a new sites-available configuration file for apache2.
vi /etc/apache2/sites-available/mysite.com
Enter the following contents (modify the details for the site you are setting up) into said file:
<VirtualHost *:80>
ServerAdmin info@mysite.com
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /srv/www/mysite.com/public_html
ErrorLog /srv/www/mysite.com/logs/error.log
CustomLog /srv/www/mysite.com/logs/access.log combined
</VirtualHost>

Step #3 Create the appropriate directories
mkdir -p /srv/www/mysite.com/public_html
mkdir /srv/www/mysite.com/logs

Step #4 Enable apache2 site using ‘a2ensite’
a2ensite mysite.com
To disable a website, use the command ‘a2dissite’

Step #5 Install and configure the MySQL server
apt-get install mysql-server
Once the installation runs, execute the following command to begin a GUI based secure setup of MySQL:
mysql_secure_installation
Create a database and user after logging into the MySQL server using the ‘mysql’ command:
create database mysitedotcom;
grant all on mysitedotcom.* to 'mysitedotcom' identified by 'apassword';

Step #6 Install and configure PHP
apt-get install php5-php-pear php5-suhosin php5-mysql
Optionally, install ‘php5-curl’ for cURL support in PHP.

Step #7 Create a user for this site
useradd mysitedotcom
passwd mysitedotcom
usermod -d /srv/www/mysite.com mysitedotcom
chown -R mysitedotcom:mysitedotcom /srv/www/mysite.com

Step #8 Restart Apache2
/etc/init.d/apache2 restart

Setting Up SSL Certificates On PHP Fog Apps

Let me tell you, it was something of an endeavor setting up an SSL certificate on a PHP Fog application, mostly due to lack of (obvious) documentation, but their technical support was extremely fast and helpful, so we were able to get through the issues quickly. Here’s a little step-by-step write up for those of you who might still be in the dark about the whole SSL certificate installation process.

First of all, be ready to fork over $20 per month to enable the ability to attach an SSL certificate to your PHP Fog application. (C’mon guys, really? I get that IPs are limited, and Amazon’s ELB has a price too, but there’s got to be a better and more cost effective way to do this.)

Second, you’re going to want to log into a computer with OpenSSL installed, so that you can generate the private key to sign your Certificate Request (CSR) file. Run the following command to generate the private key, and be sure to not use a PEM passphrase:

openssl genrsa -out phpfog.key 2048

Now, we are going to generate the Certificate Request. Run the following command to generate the CSR file, using www.yourdomain.com or *.yourdomain.com for the “Common Name” input when it prompts you:

openssl req -new -key www.reconapi.com.key -out phpfog.csr

You can now use this .CSR file to generate your SSL certificate from your provider. I used a Comodo PositiveSSL certificate from NameCheap, which ran me a grand total of $8.95 … however they’re currently running a promotion offering PositiveSSL certificates for $1.99 with the registration or transfer of a domain name. (affiliate link)

Once you generate your SSL certificate with your .CSR file, your provider will make the certificate available for download via e-mail or their website. Be sure to download all related certificates, including the intermediary certificate if there is one available.

Now, navigate to your application’s dashboard on PHP Fog, and select the SSL tab from the sidebar. You are going to be filling out two (possibly three) text boxes with relevant certificate information:

• Paste the contents of www_yourdomain_com.crt into the Signed Certificate text box.
• Paste the contents of phpfog.key into the box labeled RSA or DSA Private Key Used to Sign the Certificate.
• If you received an intermediary certificate, check the box “Use intermediate certificate” and paste the contents of the intermediary certificate file into the text box that appears.

You should be good to go, just click the orange ‘Enable SSL’ button to proceed! Remember, you will have to add some sort of redirection to your application, it won’t automatically forward your visitors to the proper secure pages. I tried using mod_rewrite, however %{HTTPS} does not seem to work, so here’s a little PHP snippet that works instead:

if($_SERVER['HTTP_X_FORWARDED_PROTO'] !== 'https') {
header("HTTP/1.1 301 Moved Permanently");
header("Location: https://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}"); exit;
}

Mount Box.net Storage As Network Drive

Box.net has been running a recent promotion giving away a FREE 50GB of cloud storage if you sign up for your account via one of their iOS applications. Naturally, this was very tempting. However, after signing up I realized there was no easy way to upload mass amounts of files. Well, a little Google magic and I had a solution to make the newly acquired 50GB “cloud drive” mount as a network drive and be available through Windows Explorer!

• Mount Network Drive > Specify an alternate network location
• Enter https://www.box.net/dav in the “Internet or network address” field
• Once you click next, you will be prompted to enter your box.net credentials. After you enter your username and password and successfully log in, name your “Network Drive” and you’re good to go!

Reset the Root MySQL Password on Ubuntu 10.04

It’s a commonality among sleep-deprived developers to set up a sandbox at 3AM and wake up not remembering the passwords that were set before the retreat into la-la land. Well, resetting the root user’s administrative password for MySQL is a little tedious, but it’s not impossible:

• sudo /etc/init.d/mysql stop
• sudo /usr/sbin/mysqld --skip-grant-tables --skip-networking &
  You will now be able to log into MySQL as root with no password, since you have launched the MySQL daemon with the flag to skip the privilege index.
• mysql -u root
  • FLUSH PRIVILEGES;
  • SET PASSWORD FOR root@'localhost' = PASSWORD('password');
  • UPDATE mysql.user SET Password=PASSWORD('newpwd') WHERE User='root';
  • FLUSH PRIVILEGES;
• sudo /etc/init.d/mysql stop
• sudo /etc/init.d/mysql start

Installing Git on Ubuntu 10.04

I’m positive there are other blog posts almost identical to this one, however since this blog serves for the purpose of posterity, I am going to post it as a reference regardless.

In order to install Git (via command line) on Ubuntu 10.04, Lucid Lync, you must follow these steps:

• sudo aptitude build-dep git-core
• wget http://git-core.googlecode.com/files/git-1.7.7.tar.gz
• tar xvzf git-1.7.7.tar.gz
• cd git-1.7.7
• ./configure
• make
• sudo make install
• git --version

Pandora via the Command Line on Ubuntu 10.04

I’ve been using a really great command line app to listen to Pandora on my laptop lately, it’s called Pianobar. You can install it by running the following commands:

cd ~
sudo apt-get install build-essential
sudo apt-get install libao-dev libmad0-dev libfaad-dev
wget https://github.com/PromyLOPh/pianobar/tarball/master
tar xvf Promy*.tar.gz
cd Promy*
make
sudo make install

That’s it! You’ve installed Pianobar on Ubuntu 10.04, Lucid Lynx. Now just run pianobar to start the Pandora CLI app. Please refer to man pianobar for further usage instructions

Windows Vista/7 God Mode Shortcut

You’ve probably heard of this little easter egg before, but in case you haven’t, Microsoft offers a myriad of various administration tools that are only available in a hidden Easter Egg shortcut, the GodMode shortcut!

It’s pretty easy to get access to Windows God Mode, here’s how:

• Create a new folder where you would like your God Mode folder to reside.
• Rename the newly created folder to: GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
• Your folder will change to a “Control Panel” looking icon, and its name will set to GodMode. You’re done!

When you open the GodMode folder, you’ll be presented with a host of options, which all are a pretty granular version of your existing Windows Control Panel; however, there are new options to play with, and I’ll leave the discovery of those as an excercise for the reader.