This is a little trick I’ve picked up that helped me out quite a bit, especially when developing Wordpress sites where you need to get the paths and URLs right for everything to work properly.

The scenario

You’re hired to do the redesign of an existing website (example.com). Your client wants to move their website to your hosting (or new hosting) when the redesign goes live. You’ve agreed on a seamless transition from old to new on one sunny Monday morning in a months time.

So you get to work on the site in your chosen development area, demo it to the client, they’re happy and you transfer the site to the newly configured hosting space on your server, however the name servers for example.com haven’t been changed yet, it’s only Friday and the redesign isn’t going live until Monday, but you’re a contentious developer and you want to test the new design to ensure everything is working as expected in the live environment.

What do you do?

Our goal

We’re going to edit the hosts file on our Mac to make our servers IP address (e.g. 70.26.55.80) resolve to example.com, just like what a DNS server does when example.com’s name servers have been changed to point to the new hosting.

Configuring the server

All server configurations are different but the principle is generally the same, we need to find out/set our example.com to appear in the web browser when we visit our example IP of 70.26.55.80. For this example I’m going to explain the process on a Plesk driven server (from this you should be able to get an idea of how this would be achieved through other management software packages).

• Configure your web space for example.com and upload all your files to it
• Login to Plesk
• Select Server from the left-hand menu
• Go to the IP Addresses – This should present you with a list of IP addresses assigned to your server, when you configured the hosting for example.com you will have selected one of these IP addresses (you may even only have one IP address in this list)
• For each IP address there’s a column titled Hosting with a link showing the number of domains assigned to that IP address, click the link that corresponds with the IP address you selected for the web space
• Select example.com and click Set As Default - You can only select one default domain to be displayed if you visit that IP address in a browser
• Make a note of the IP address (e.g. 70.26.55.80)
• Visit 70.26.55.80 in a web browser – You should be presented with your newly uploaded site for example.com

Editing the hosts file

Mac’s have a hosts file that we can edit to make 70.26.55.80 resolve to example.com just as if the name servers for example.com had already been changed (obviously this only effects the Mac you are on).

I’m sure you’ll be able to do this on a PC as well but don’t ask me how, I’m a Mac man.

• Open a Terminal
• Enter sudo vim /etc/hosts then enter your administrator password

This will open the hosts file in the vim editor. You should see something like this:

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1       localhost
255.255.255.255 broadcasthost
::1             localhost
fe80::1%lo0     localhost

To edit the file press ‘a’, cursor down to the bottom of the list and enter:

70.26.55.80       example.com

Press ‘esc’ then enter ‘:wp’ to write and quit vim.

If you now visit example.com in your web browser it should resolve to 70.26.55.80 (the new hosting) and you can test your newly designed site in its live environment.

Now all that has to be done to make the site seamless go live on Monday is change the name servers for example.com to point to your hosting and you can guarantee that everything will work.

Important note: Remember to take the entry for example.com out of your hosts file when you have finished testing, otherwise you may end up seeing a false representation of what is actually being displayed at that domain when the name servers are changed!

Final Tip: Instead of removing the line completely from your hosts file simply add a # to the beginning of the line. This “comments out” the line and stops it from being applied. If this is a process that you are going to use regularly in the future then the line is already in your hosts file and you can simply remove the # and change the domain name when you need to.

If you follow my blog you’ll know that I’ve recently moved to Media Temple as my hosting provider. I’ve gone for a Dedicated Virtual server and so far I’m very pleased with the flexibility I have with it.

Media Temples’ servers, like many other providers, run Plesk as their control panel which means there are a few quirks that need to be overcome.

I should say at this point that I don’t claim to be a Linux/Plesk expert, i simple know enough to find my way around (or enough to be dangerous depending on who you’re asking).

Default behaviour

By default Plesk uses the PHP open_basedir directive to limit access to files outside a sites directory-tree. So if you have setup the domain example.com all your files go into the httpdocs folder (unless you’re using an SSL certificate in which case they go in the httpsdocs folder). For our example.com domain the server path would be:

/var/www/vhosts/example.com/httpdocs

Plesk’s default value for open_basedir is:

/var/www/vhosts/example.com

Which means any PHP script you place in the httpdocs cannot dig any further down the directory-tree than the example.com folder.

This is a security measure.

The problem

There are two scenarios (that I’ve come across) where this is a problem. The first is if you want to use PEAR, which is the scenario I’m most common with and will be covering the solution for here, and the second is if you want to use the Expression Engine Multi Site Manager.

Both require PHP scripts to access files outside of their directory-tree.

The solution

To enable access to PEAR packages we need to add the server path to the open_basedir variable as well as the include_path variable. If you’re on a Media Temple server like me the path should be:

/usr/share/pear

If not you’ll need to locate the folder that PEAR is installed in on your server.

Step 1 – SSH to the server

You need to SSH into your server, if you are with Media Temple and this is the first time you are trying to do this, you’ll first need to enable Root Access for your domain through your Media Temple Account Center.

If you’re on a Mac you can use Terminal to SSH to your server with:

ssh admin@example.com

Then your passworld.

If you’re on a PC you can use Putty. My memory is fuzzy on the exact use however, so you’ll need to consult the manual.

Once you are connected to your server you will need to switch user to root for the next step. To do this enter:

su - root

Then your password.

Step 2 – Create a vhost.conf file

Be careful, you now have godly control of your server!

We now need to create a vhost.conf file for our example.com domain which will override Plesk’s default settings.

The following command will create the file:

vim /var/www/vhosts/example.com/conf/vhost.conf

If you’ve never used vim (which is an editor for Linux) you need to know that pressing the ‘a‘ key puts you into author mode and the ‘esc‘ key takes you out (this is about the extent of my vim knowledge, I hope you are impressed!).

While in author mode enter the following information:

<Directory "/home/httpd/vhosts/example.com/httpdocs">
php_admin_value open_basedir "/home/httpd/vhosts/example.com/httpdocs:/usr/share/pear:/tmp"
php_admin_value safe_mode Off
php_admin_value include_path ".:/usr/share/pear"
</Directory>

To save the file and quit, press the ‘esc‘ key to leave author mode and type ‘:wq‘ (write and quit) and press enter.

So you can see that we specify the location of our example.com domain, added /usr/share/pear to the open_basedire variable and turned off safe_mode…?

PHP documentation states that open_basedir isn’t effected by safe_mode being on or off however from my experience if you don’t have it turned off, PEAR doesn’t work, as I say I’m no expert so maybe someone can enlighten me?

You can also see that we set the PHP include_path to also include /usr/share/pear

A little gotcha

We use php_admin_value to set the include_path. This means that the include path cannot be change using the PHP set_include_path function.

If you want to be able to change the include_path from within your script, perhaps you want to include a folder containing your own classes for example, you need to change:

php_admin_value include_path ".:/usr/share/pear"

To:

php_value include_path ".:/usr/share/pear"

Step 3 – The scary bit! Reconfigure and restart apache

You now need to run the following command so that the server knows to use our new vhost.conf file:

/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=example.com

And then restart apache:

/etc/init.d/httpd stop
/etc/init.d/httpd start

Conclusion

That should be it, you’re all PEAR’ed up and ready to go. You should note that this configuration will only effect the example.com domain. If you create a new domain you’ll have to create a vhost.conf file for that domain as well.

Around 3pm on Sunday 4th October, Havoc Inspired and all my client sites along with about 700 other sites hosted on the same server, were hacked!

24 hours later I received an e-mail from my hosting provider:

At approximately 14:48 on Sunday all accounts on the server we host your reseller account on were targeted by a hacking group. They exploited a script from a customers account and were able to upload malicious scripts which were then used to exploit a PHP function to deface all hosting accounts on this server.

As soon as the hack was discovered we began restoring all accounts using our R1Soft CDP Backup system, this process however is taking much longer than normal and we will be raising this with R1Soft which we understand this doesn’t help you now. The full restore process should be complete within the next couple of hours, at this moment most sites on the server are back to normal.

Several of my client sites are still yet to be restored…

The attackers basically replaced every index file on the server with their own malicious script that shrank the browser window and made it float around the screen, eventually resulting in the browser crashing.

As you can imagine, I find this unacceptable. Therefore I have decided to move to a dedicated virtual server with Media Temple. I have had mixed responses to this decision, some people worn against, others swear by them…

The server runs Plesk which I am pretty familiar with already and was available for me to start configuring within 15 minutes of me pleasing the order, very impressive!

Their knowledge base also seems to be quite extensive and I’ve easily found example commands that I just needed refreshing on.

So so far so good. I kind of feel like a grown up now, having my own server and there’s something about being able to SSH that just feels hardcore to me.

Anyone else with Media Temple? Experiences good or bad?