Log Files: Dealing with Inconsistent Field Delimeter

Salam,

Log files are big. Processing  it  would be cumbersome especially if the field separator are not so unique.

Take a look at contain of file example.log below :

At first sight, anybody would agree to use ‘ as field separator. But hey, the third field contain that same character.

If we insist to choose (‘) as our separator, the field number will not be consistent through out the file.
Line 1 would have 7 field, line 2 have 5 field etc.

If the task is to print ip number and the file requested, how should we do that?

Luckily gawk have special keyword, NF, means number of field.
To print just first and second field using gawk:

# -F use to tell what the field separator character

From the example.log, the file requested is on the second last column. On line 1, its in field 6, meanwhile on second line, its on field 4.

In this case we can use NF keyword for gawk. NF would contain the number of field in each line.  To get the second last column, we can use (NF-1) as below:

Hope that helps.

Securing PHP : Disabling Dangerous PHP Functions

PHP is a very popular language nowadays. But at the same time, it’s also one of the main sources for user accounts and servers getting compromised. Every PHP developer and hoster should understand the primary attack vectors being used by attackers against PHP applications. They also should be able to classify PHP functions that allowed to be used and disable cirtain functions that can be categorized as dangerous.

Based on my experience and a big help from Google, I can categorize the following functions as dangerous :-

Now you need to verify your php.ini location

And look for Configuration File (php.ini) Path

phpinfo

Now, edit the configuration file with root permission

Look for the disable_functions = “” and modify it to

Make sure you save before exit.

Now restart Apache for the changes to take effect.

The default PHP configuration is intended for development purposes. Therefore, it is always advisable to reconfigure PHP before going into production phase. Some security settings are also recommended during the development phase to prevent programmers from producing vulnerable code, and make them stick to secure techniques.

Until next episode..

[References]