Search This Blog

Loading...

Thursday, July 2, 2015

Internal Server Error 500 + Apache + GoDaddy + .htaccess

One of our websites hosted at GoDaddy suddenly started displaying the message: "Internal Server Error 500."  I quickly determined the problem was with the .htaccess file.  I knew this file had been unchanged for quite some time and it was clear to me the problem was with how Apache on GoDaddy's Server was processing the .htaccess file.  I contacted GoDaddy on multiple occasions and provided GoDaddy with the exact date and time the problem started.  I was never given a proper solution to this problem.  In fact, I was essentially told they could not help me and the responsibility for the issue was with me.  I expressed to them the problem involved their virtual hosting and provided them with other domains at GoDaddy using the same .htaccess file without issue.  The only lines in the .htaccess file was the following:

AddHandler fcgid-script .html
FCGIWrapper /usr/local/cpanel/cgi-sys/php5 .html

I replaced it with this:
AddType application/x-httpd-php5 .php5 .php4 .php .php3 .php2 .phtml .htm .html

The Internal Server Error is no longer present and PHP functionality has returned to HTML files.  It was my impression the first level technicians were not properly routing my call.  It is unfortunate that GoDaddy does not appear to have an email contact form for Technical Support.  Email is quite effective at documenting and sharing technical information.  Without being properly routed to a GoDaddy Hosting Administrator, I am left to find a solution myself for what may have been a change made by GoDaddy staff to the Server hosting this website.  I am certain that if a second-level technican in the GoDaddy Hosting Department had been assigned this ticket, they would very likely have been able to isolate the source of this problem and resolve the issue at GoDaddy.  I think many customers would greatly benefit if GoDaddy re-evaluated their present routing of tech support calls.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Tuesday, May 5, 2015

You cannot service a running 64-bit operating system with a 32-bit version of DISM. Please use the version of DISM that corresponds to your computer's architecture.

When executing the DISM command, you may encounter the message: "You cannot service a running 64-bit operating system with a 32-bit version of DISM.  Please use the version of DISM that corresponds to your computer's architecture."  This message typically means you are attempgint to execute DISM while using the 32-bit version of CMD rather than the 64-bit version of CMD on a 64-bit version of Microsoft Windows.

On a 64-bit version of Microsoft Windows, the 64-bit version of CMD is located here:
C:\WINDOWS\SYSTEM32\CMD.EXE

On a 64-bit version of Microsoft Windows, the 32-bit version of CMD is located here:
C:\WINDOWS\SYSWOW64\CMD.EXE

Using the 64-bit version of CMD, you can also explicitly execute the 64-bit version of DISM using:
C:\WINDOWS\SYSNATIVE\DISM.EXE

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Thursday, April 30, 2015

How do you password protect the "Network Connections" and "Network and Sharing Center" Control Panels?

In an environment without a Windows Domain and/or Group Policy, you may find that you want to lock down Windows in order to prevent employees from changing Windows settings.  On computers that do not store data on the primary partition, Toolwiz Time Freeze is an excellent solution.  You may also want to experiment with the use of Limited User Account permisisons.  On computers that store data on the local hard drive, Winability Folder Guard is the most effective solution.

In this example, I want to password protect the "Network Connections" and the "Network and Sharing Center" Control Panels within Windows.  WinAbility Folder Guard can password protect by File Name or Folder Name not by CLSID/GUID or Process ID.  Therefore, we have to identify the file related to the process we wish to password protect.  In the past, this would have been as easy as selecting a Control Panel file such as NCPA.CPL.  Since Windows Vista, we need to find the CLSID/GUID of the Network Control Panels which will then give us the relative DLL.  It's important to note that we have to be be very selective about what files we wish to password protect.  If we were to password protect SHELL32.DLL or EXPLORER.EXE for example, Windows would become incredibly unstable.  It is also important to note that by password protecting a System File we are limiting some functionality of the Windows operating system which may impact software on your computer that depends upon these shared resources.

So first, I locate the CLSID/GUID of the Network Connections Control Panel which is {7007ACC7-3202-11D1-AAD2-00805FC1270E}.  I then open RegEdit and go browse to: HKEY_CLASSES_ROOT\CLSID\{7007ACC7-3202-11D1-AAD2-00805FC1270E}.  I note this CLSID executes NETSHELL.DLL.  

I then locate the CLSID/GUID of the Network and Sharing Center Control Panel which is {8E908FC9-BECC-40f6-915B-F4CA0E70D03D}.  I then open RegEdit and browse to: HKEY_CLASSES_ROOT\CLSID\{8E908FC9-BECC-40f6-915B-F4CA0E70D03D}.  I note this CLSID executes NETCENTER.DLL.

I then install WinAbility Folder Guard and add NETSHELL.DLL and NETCENTER.DLL to the Protected Files list as Visible/No Access.  Now, these Control Panels can no longer be opened unless I log into Folder Guard using my password and temporarily disable protection.  In addition to protecting NETSHELL.DLL and NETCENTER.DLL, I also protect NETSH.EXE, SERVICES.MSC and APPWIZ.CPL.  In Winability Folder Guard Settings, I also enable protection in Safe Mode.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Wednesday, April 29, 2015

How do you disable the wireless on a Cisco Linksys wireless router?

For security reasons, you may find that you want to configure a Cisco Linksys Wirelesss Router as a router without wireless.  Following are the steps to disable the wireless on a Cisco Linksys wireless router:
  1. If the router is using the default IP Address, browse to: http://192.168.1.1

  2. Login is admin.  If the admin password is unknown, you may have to reset the router to default values by holding down the reset button for 5 to 10 seconds.  If there are custom settings within the router, these values will be lost if the router is reset.

  3. If the router is reset, you would then typically login using the default username of no username and a password of admin.

  4. Click Wireless.

  5. Click Basic Wireless Settings.

  6. Select Manual.

  7. Change Network Mode to Disabled.

  8. Click Save Settings. 
I would then recommend setting the admin password to a custom password.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Access Denied (policy_denied). Your system policy has denied access to the requested URL. For assistance, contact your network support team.

While browsing the internet, you may encounter the message: "Access Denied (policy_denied).  Your system policy has denied access to the requested URL.  For assistance, contact your network support team."  

This message indicates the internet traffic is being filtered.  The most common source of an internet traffic filter is in corporate environments that use a proxy server or a firewall appliance designed to filter web traffic.  Some businesses are configured as satellite locations using a VPN tunnel.  In these configurations, the VPN may be configured to filter internet traffic.  In rare instances, the Internet Service Provider is filtering internet traffic.  Typically though, your IT Department or a Network Management Team has configured your internet traffic to be filtered. 

Isolating Source of Web Filtering

In an environment that is unmanaged and the source of the filtering is unknown, following are some steps you may wish to peform:

The source of this issue may be a Proxy Server Setting in your web browser or it may be the Gateway IP Address on the computer.  The gateway may be a Proxy Server or Firewall Appliance or VPN Router. 

First, I would recommend checking the Proxy Server Settings in your web browser.

Second, I would recommend browsing to the Gateway IP Address.

Third, you may want to review software installed on the local computer such as antivirus or web filtering software.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Monday, April 20, 2015

How do you port forward a VPN?

Periodically, I encounter documents on the internet that indicate you can port forward from an internet modem in order to establish a VPN.  Typically, internet modems can port forward Ports like TCP and UDP Ports but they cannot normally forward IP Protocol IDs.  A Virtual Private Network consists of TCP Ports, UDP Ports and IP Protocol IDs.  

L2TP over IPSec uses ESP (IP Protocols ID 50), AH (IP Protocol ID 51), IKE (UDP Port 500), L2F/L2TP (UDP 1701) and NAT-T (UDP Port 4500) .
 
IPSec uses ESP (IP Protocol ID 50) and AH (IP Protocol ID 51).  For IKE Phase 1 and 2 negotiations, IKE (UDP Port 500).  For NAT-T IKE Phase 1 and 2 negotiations, IKE (UDP Port 500) and NAT-T (UDP Port 4500).

PPTP uses (TCP Port 1723) and GRE (IP Protocol ID 47).

IPSec Passthrough

Some internet modems are capable of enabling IPSec Passthrough which is also called IPSec NAT Traversal which allows an IPSec VPN to be established.

IP Passthrough & Bridge Mode

Another option is to configure an internet modem to use IP Passthrough which assigns a Public IP Address to the External NIC of the device being accessed.  You could also configure an internet modem to use Bridge Mode which also assigns a Public IP Address to the External NIC of the device being accessed.  However, this would would only be secure if you have a firewall between the internet and the device being accessed.  Without a hardware firewall, the device is open on the internet.  Software firewalls are not recommended as they can be compromised.  It is also recommended that the device being accessed is inside a DMZ meaning your Internal LAN is on a separate subnet on a separate LAN port of your hardware firewall.

Curiously, not all Internet Service Providers truly provide IP Passthrough.  ClearWire for example provides true IP Passthrough while Comcast Business does not.

Conclusion

The easiest and most straight-forward solution for establishing a VPN is with the use of a firewall.  I recommend the Watchguard XTM.  I also recommend the use of L2TP over IPSec versus other VPN Protocols such as IPSec or PPTP.  L2TP over IPSec is secure and the Client Protocol is native to the Windows Operating System.

Notes

  • Client-side computers often connect to a VPN using a dynamically assigned outbound port.

  • Firewalls can be configured with policies which handle IP Protocol ID destinations which is similar to port forwarding.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Wednesday, December 24, 2014

osCommerce Online Merchant - Error: The maximum number of login attempts has been reached. Please try again in 5 minutes.

When attempting to login as Administrator to osCommerce Online Merchant, you may encounter the message: "Error: The maximum number of login attempts has been reached. Please try again in 5 minutes."  The error message may recur for an extended period of time beyond five minutes which results in being unable to login as administrator.  Although not stated in the error message, this error message may actually indicate a corrupt installation of osCommerce Online Merchant.  You may need to backup the osCommerce Online Merchant MySQL database and reinstall the application. However if the issue is simply an incorrect Administrator Username and/or incorrect Administrator Password, you can reset the Administrator Username and Administrator Password using the following steps:

To reset osCommerce Online Merchant Administrator Username and Administrator Password, please perform the following steps:
  1. Using PHPMyAdmin login to MySQL.

  2. Backup the MySQL database.

  3. Truncate the tables: administrators, action_recorder and sessions.

  4. Using a web browser, browse to the osCommerce Online Merchant Admin directory.

  5. When prompted, set the new Administrator Username.

  6. When prompted, set the new Administrator Password.

  7. Login using your newly created credentials.
This issue has been resolved.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

How do you locate osCommerce Online Merchant version number?

To locate osCommerce Online Merchant version number, please perform the following steps:
  1. Using a web browser, browse to the osCommerce Online Merchant Admin directory.

  2. Login using your Administrator Username and Administrator Password.

  3. Click Tools.

  4. Click Server Info. 
This issue has been resolved.

If you found this information helpful, please consider linking to Eugene Computer Repair.

Donations are greatly appreciated.

Subscribe to: Posts (Atom)

Legal Notice

Alan Curtis and A1 Smart Computer Services provide programming examples and technical information for illustration only without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose.

Alan Curtis does not assume any legal liability or responsibility for the accuracy and/or completeness of the information provided. Alan Curtis will not be held liable for any direct or indirect loss or damage arising under this legal notice or in connection with the use of this website. Alan Curtis is not affiliated with Microsoft, Yahoo and Google. All trademarks and copyrighted material are the property of their respective owners.

The opinions expressed by Alan Curtis on this blog is based upon information he considers reliable but is not warranted for its completeness or accuracy and should not be relied upon as such. Alan Curtis' statements and opinions are subject to change without notice.

The entire contents of this blog has been copyrighted by Alan Curtis and A1 Smart Computer Services unless otherwise indicated. All rights are reserved by Alan Curtis and A1 Smart Computer Services and content may not be reproduced, downloaded, disseminated, published, or transferred in any form or by any means, except with the prior written permission of Alan Curtis and A1 Smart Computer Services.

For professional Eugene Computer Repair, contact A1 Smart Computer Services.