Facing the following error when running any PHP scripts ?
PHP Fatal error: Out of memory (allocated xxxxx, tried to allocate xxxx bytes)
Tried increasing the memory limit from php.ini file and still getting the above error ?
Initially, we might think this issue is with the memory limit factor
seen in php.ini file. But if we analyze the error we get we can see that the issue is not directly related with the PHP configuration settings.
Usually, when a PHP script does not have enough memory to execute itself, the error message seen would indicate the amount of memory exhausted, something like :
========= Fatal error: Allowed memory size of xxxx bytes exhausted (tried to allocate xxxxxx bytes)
When we analyse things further, we can see that the real issue lies within the Apache configuration. Apache have memory limits of its own set in the configuration files. This value is referred to as ‘RLimitMEM’
Explanation of RLimitMEM from the official documentation of Apache :
It sets the soft resource limit for all processes and the second parameter sets the maximum resource limit. It indicate to the server that the limit should be set to the maximum allowed by the operating system configuration. Raising the maximum resource limit requires that the server is running as root, or in the initial startup phase.
This applies to processes forked off from Apache children servicing requests, not the Apache children themselves. This includes CGI scripts and SSI exec commands, but not any processes forked off from the Apache parent such as piped logs. Memory resource limits are expressed in bytes per process.
-> So, increase this value/limit from your httpd configuration file, to get around the issue.
Bruteforce attack against wp-login.php is very common issue and
many users has been affected by this. In this scheme of attack,
the attacker is brute-force attacking the WordPress administrative
portals, using the username “admin” and trying thousands
of passwords using any configured botnets.
– In order to secure your WordPress against the attack, you might
consider the following :
* Changing the administrative username from the standard
‘admin’ to any less obvious ones.
* Upgrading the password to a much stronger one,
perhaps around 10 or 12 characters.
– There are also some plugins which can be used to limit the number of login attempts made on your site, or block people from accessing
– You can also use .htaccess rules to deny the connections from any
unwanted IP’s and allow just your’s. If you have a static IP, you can
give it or if it is a dynamic one with a common range, specify
it using the netmask.
Contents of .htaccess file may look like :
allow from x.x.x.x (
– You can also use mod_security if its enabled with Apache configuration.
Ubuntu is the most popular Debian-based desktop Linux distribution with Unity as its default desktop environment. So today we’re going to see how to install Ubuntu inside Windows.
Dual boot the easiest way
Multi-booting is the act of installing multiple operating systems on a computer and being able to choose which one to boot when starting the computer. Dual-booting refers to the common configuration of specifically two operating systems on the same machine.
Windows can stay on your computer, when you install Ubuntu! It’s handy to turn your computer into a dual-boot machine. That way you can choose each time you turn on your computer, what operating system you want to boot: Ubuntu or Windows.
You can do this either by using a separate partition for Ubuntu or it’s also possible to install Ubuntu within Windows, basically as an application. This is done with an installer called Wubi (Windows-based Ubuntu Installer). I advise against this method, because it’s technically inferior to a normal dual-boot on a separate partition on the hard disk but this one is easy for the noobs as you will not harm anything on your computer.
With a Wubi installation of Ubuntu, you have lesser performance, dependence on Windows and its boot loader, less reliable file recovery and some security issues. In short: a separate partition for Ubuntu is much better.
Now a word about the Wubi.
Wubi (Windows-based Ubuntu Installer) is an official Windows-based free software installer for Ubuntu, which installs the software on an existing Windows partition, thus without need for partitioning. Wubi is an officially supported installer for Windows XP, Vista and 7 users that allows Ubuntu to be installed and uninstalled in a safe, easy way as with any other Windows application. Wubi was born as an independent project and as such versions 7.04 and 7.10 were unofficial releases. Since 8.04 the code has been merged within Ubuntu and can be found in the Ubuntu Live CD. It was removed in 13.04. The project’s aim is to enable existing Windows users, unacquainted with Linux, to try Ubuntu without risking any data loss due to disk formatting or partitioning mistakes. It can also safely uninstall Ubuntu from within Windows through Uninstall a Program in Control Panel. It is not a virtual machine, but creates a stand-alone installation within a loopmounted device, also known as a disk image, like Topologilinux does. It is not a Linux distribution of its own, but rather an installer for Ubuntu.
Windows 7, Vista, XP, and 2000 are known to work with Wubi. Windows 98 should also work, but has not been thoroughly tested. Windows ME is not supported. Linux is supported through Lubi (Linux-based Ubuntu Installer).
So What about Windows 8?
At this time, Wubi does not work with Windows 8 default boot-loader. You would be able to install, but not reboot into Ubuntu. If you have upgraded to Windows 8 and still using BIOS firmware, Wubi does work, but do not enable hybrid-sleep on Windows 8.
The WUBI installer is on the 14.04 ISO and works with windows up to 7. It works O.K. for all defined flavours i386/amd64 builds in BIOS mode. Windows 8 and Windows ME are not supported by WUBI. It is shipped on the CD to primarily function as a “cd autolauncher” for people who pop the cd into a Windows machine, at that time it says “You need to reboot, to try ubuntu! [reboot now]” or some such.
Officially it is still supported – to be precise, it has 3 more years of support, and wubi has not yet been removed from any isos and is present to download for all releases and is present on all released .isos. (14.04 , 13.04, 13.10, 12.04 and 12.10 point releases)
The Easy installation Part
You can download the latest version of Ubuntu from Ubuntu Download Section.
You can either burn the iso to a CD/DVD or mount it on a virtual drive or just unzip the contents to a folder location and use it in the method below to force Wubi to install Ubuntu inside Windows.
For 14.04 they have simply restricted wubi.exe to not offer the option to install, which you can bypass with a command-line option e.g. if your CD drive is H: you can go to a command line and run:
Now the Wubi will run in forced mode so that you can install Ubuntu inside windows.
Click on Install inside Windows button and select the drive to which Ubuntu should be installed and installation size for Ubuntu. Select other options as you need, then click Install.
After copying necessary files and taking necessary actions Wubi will prompt you to restart windows. Click Finish and restart the system which will take you to the complete installation of Ubuntu. Connect internet if you want updates to be installed during OS installation. After successful installation the system will auto restart. Voila!!! Now during boot time you will be presented with the Dual-Boot OS selection screen. Select Ubuntu from it and you will be booted into Ubuntu.
CyanogenMod, the popular open source OS for smartphones and tablet computers, based on the Android mobile platform is out with yet another milestone release. CyanogenMod pushes newer releases on a nightly, milestone, and “stable version” schedule.
CyanogenMod Team has started pushing the latest milestone release CyanogenMod 11.0 M7 to the download servers for the general public. The latest version of the CyanogenMod is based on Android 4.4.2 KitKat and is now available for download for all compatible devices.According to the team, the new release runs on Android 4.4.2 and the 4.4.3 based milestone release M8 will come sometime in July because the android 4.4.3 KitKat source was release only a week back and they didn’t want to rush it in the stable release. But the 4.4.3 source has been merged into CM for nightlies. You can try the CyanogenMod nightly builds if you’re interested in getting your hand on Android 4.4.3 right away.
In terms of the changes, the M7 builds include an overhaul of the theme chooser, revamped calculator app, improved performance on low memory devices, and many more. The team has also revealed the changelog for CyanogenMod 11.0 M7 which includes:
Common: Theme Chooser UI Overhaul
Common: Calculator app redesign
Common: Performance Profiles
Common: Improved theming performance on low memory devices (~512MB RAM or less)
Trebuchet: Move settings to new slide-out panel
Trebuchet: Consolidate settings for home and drawer options
Media: Add FFMPEG support (expanded media format support)
Bluetooth: Improved support for new car audio systems and docks
Various small bugfixes, global and device-specific
With the latest build, Cyanogen has announced support for new devices that include the HTC One M8, Samsung Galaxy Tab Pro 8.4 (mondrianwifi), Galaxy Note 8.0 LTE (n5120) and LG G2 Docomo (l01f).The CM Team also mentioned that the non-device specific code was branched on May 22nd and Device specific code was branched on May 31st. The team has also tipped those who jump between nightlies and M releases to pay attention to the May 22nd branch point.
Updated builds can be grabbed from CM Updater on your CM running device as an over-the-air update or directly from CyanogenMod website for manual flashing. CM 11.0 M7 is available for around 40 devices and is the most stable AOSP (Android Open Source Project) fork available.
SSH is the most powerful tool with which you can access your server. As Uncle Ben says in Spiderman —
Remember, with great power, comes great responsibility.
If your service is not hardened, it can be exploited to a level directly proportional to the power of SSH. Let us now consider some of the ways in which you can secure/harden your SSH server.
–> Use key based authentication instead of passwords. There are a lot of botnets trying brute force attacks against your SSH server. Using a password authentication system at the first place, gives them more opportunities. If you use password authentication system, it would mean any machine can connect to your server, if they are aware/have successfully brute forced the password. On the other hand, if you use public/private key based authentication system, not every machine around the world can get in access. Only the ones for which the private/public key pairs match can get-in. And brute-forcing such a system is currently impossible.
To set up key-based authentication, follow the steps given below :
ClientMachine # ssh-keygen
^ Generate a passphrase-protected SSH key
Once this is complete, the private key gets stored to /root/.ssh/id_rsa and public key to /root/.ssh/id_rsa.pub.
Now you need to copy paste the contents of /root/.ssh/id_rsa.pub to your server or transfer this to your server. You can transfer this using :
# ssh-copy-id SERVERIP ( will prompt for root password as well )
or copy paste the contents of /root/.ssh/id_rsa.pub ( from ClientMachine) to the file /root/.ssh/authorized_keys found in the server.
Once this is complete, open your SSH configuration file ( /etc/ssh/sshd_config ) and give-in the below line and restart the service :
PasswordAuthentication no ( If its already commented, uncomment and make sure the argument passed is ‘no’
Now you can SSH from your ClientMachine without passing any passwords ( you might have to type your passphrase if it was given )
–> For a server with user’s around the world having to SSH in and the machines which they use are subject to changes, key based authentication can become a real headache.
Even when we are using Password based authentication, we can make it more secure. Disabling root login can be a big plus-point. Most of the brute force attacks are carried out with the username as ‘root’ in perpective. We can change that root user to be able to login, allow a system user and then sudo in to get the root privilages.
$ First create a system user for this purpose ( Ingnore this step if you already have one user in mind )
# adduser newusername
# passwd newusername
$ Now, we want to edit the sudo rights and grant administrative privilages to this user.
# visudo or # vi /etc/sudoers
Add the username which we just created, below the space
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
After adding, it would look like :
Now save and close this file. Go to your ssh configuration file and give the setting :
This will make sure, root login is disabled and you can SSH as the newusercreated, then sudo in to get as root
–> You can also consider about changing the custom SSH port from 22 to any other.
–> If you have multiple IP’s, you can think about binding SSH server to just one IP.
^ These 2 options can be found from /etc/ssh/sshd_config file
–> If you have a defined networking environment, you can provide the range of IPs which can access the SSH service and deny all others. This can be done using TCP_Wrapper. Using the files /etc/hosts.deny and /etc/hosts.allow
sshd: Trusted IPs/subnet