Published: February 4, 2019
Recently I was trying update Gopherus’ FastCGI payload to clear PHP-FPM’s
security.limit_extensions value. Using Wireshark I knew I needed to edit an
However, no matter how much time I spent with Google I couldn’t find a decent explanation of the format of a
Fortunately, after going through the a
FCGI_PARAMS record byte-by-byte in Wireshark, I figured out what was going on. Here I’m documenting my findings for anyone else who finds them selves in the same shoes…
Published: January 30, 2019
Recently I needed to do some analysis on FastCGI packets being sent to PHP-FPM.
Wireshark has a page on their wiki titled FastCGI which shows a screenshot of a pcap in Wireshark with detailed FastCGI info.
However, I couldn’t easily figure out from the wiki how to get the same details on my FastCGI pcap.
Published: January 17, 2019
Something that’s tripped up both myself and devs that I’ve worked with is not finding Xdebug profiler files in the expected directory (
/tmp by default).
It usually goes something like this…
- Enable the Xdebug profiler by adding
xdebug.profiler_enable_trigger = 1to a
- Make a request with
?XDEBUG_PROFILE =1in the GET string.
- Check for the output file in
- Pull out hair because it’s not there.
This may be accompanied by running a sanity check, only to be accompanied by more hair pulling…
$ php -r 'var_dump(ini_get("xdebug.profiler_output_dir"));' string(4) "/tmp"
Published: January 8, 2019
You may have a mysql import fail for any number of reasons. Most recently, I had an import fail with the following error.
ERROR 3 (HY000) at line 270457: Error writing file '/var/lib/mysqltmp/MLTmnake' (Errcode: 28 - No space left on device)
While the error implies that the disk ran out of space during import, the issue was in fact that the disk ran out of inodes.
Regardless of the reason of failure, you likely won’t want to start the import over from the beginning.
Here I’ll provide some tips for resuming the failed import.
Published: December 16, 2018
Guzzle is the de facto library for doing HTTP requests in PHP. There may be cases where you’d prefer not to disclose your IP address when using it. You may also be using 3rd party tools and not be in a great position to introduce the proxying at an application level.
Fortunately, all you need to do is set the
ALL_PROXY environment variable when running your code.
Published: December 14, 2018
Recently I registered this site for Brave Rewards.
There were two options for doing this:
- Upload a file to the
.well-known/directory on the website
- Create a DNS record
I decided to opt for the former.
Initially, I thought it was as simple commiting the file to the repo in the specified location. However, after pushing and letting the site build I got a 404 when attempting to access https://maxchadwick.xyz/.well-known/brave-payments-verification.txt.