Skip to content

httpd down due to enabling php zip extension

Solved Hosting
  • @ash3t if you’ve enabled the extension by cPanel then this should work without issue, and certainly won’t cause websites to go down as a result. However, what may be the case is a change of PHP version.

    Sometimes, inadvertently selecting this can mean the default PHP extensions are enabled and not the ones that you require for your website to function. I’ve seen this happen several times in cPanel and it’s a known problem.

  • @phenomlab Thanks for sharing your past experience. Do you mean that change the PHP version would cause one website to go down? However, it won’t cause the whole server’s httpd to go down, right?

    The things is that since after installing the ZIP extension, the httpd was down, and without finding the cause, it is a bit worrisome to enabled the ZIP again. Since it is not just causing one website to go down, but all the websites that sharing the same IP.

  • @ash3t said in httpd down due to enabling php zip extension:

    Do you mean that change the PHP version would cause one website to go down? However, it won’t cause the whole server’s httpd to go down, right?

    Potentially, but this depends on what each website relies on in terms of topology. Can you provide more detail as to what technologies (such as WordPress etc) are running on these sites ?

    @ash3t said in httpd down due to enabling php zip extension:

    The things is that since after installing the ZIP extension, the httpd was down, and without finding the cause, it is a bit worrisome to enabled the ZIP again. Since it is not just causing one website to go down, but all the websites that sharing the same IP.

    So does the issue resolve itself when you remove the zip PHP extension ?

  • @phenomlab Unfortunately, I cannot provide more details. It my friend’s server, and as I know, it has run many small website. I image most of them would be using WordPress, if not, then just static html.

    “So does the issue resolve itself when you remove the zip PHP extension ?”
    As far as I know, since there is no error messages, we don’t know the issue yet. I believe the server is up and running now.

    My friend suspected that some malware stored in zip were pushed into our server and extracted afterwards. The situation is : The symptoms were the server ran so fast due to high CPU load and busy to deal with heavy connections.

    Is there a way to run any security checks for this situation?

  • @ash3t that doesn’t sound symptomatic of malware, but is heavily aligned to DDoS (Distributed Denial of Service) which is where the target machine receives thousands of connection requests per second and it’s overwhelmed meaning real visitors and sites cannot be served.

    Without any specific monitoring in place, it’s going to be very difficult to determine the exact cause. There are numerous tools that can scan for malicious activity - although much of this depends on the back end technology being used (cPanel, Plesk etc). One of the best products around for protection is imunify360.

    https://bobcares.com/blog/install-imunify360-cpanel/

    It’s not free, but worth every penny.

  • @phenomlab Thanks, that’s a relief. I have checked with my friend, the server already has ddos protection.

    For now, it seems that we cannot find a clue about it. What would you suggest that we should keep an eye on as we are thinking about enabling the zip extension again.

  • @ash3t my personal preference here would be to have some form of monitoring - something like SNMP counters using a product such as cacti, LibreNMS, or observium (I have extensive experience with these).

    Taking this route in terms of monitoring means you can draw some form of parallel with a specific time and function. In terms of malware protection, imunify360 really is difficult to beat.

    The only real issue with SNMP is that the community needs to be secured adequately to prevent abuse from external sources. For example, it’s possible to execute commands on a read and write community with a weak community string. For this reason, you’d close read only and restrict the accessing hosts to trusted IP addresses only.

  • @phenomlab Thanks for your suggestion! As far as I know, my friend got a monitoring system now.

  • @ash3t Good news. Thanks.

  • @ash3t I’m going to mark this as solved for the time being. Let me know if this isn’t the case, or if you need any further help.

  • phenomlabundefined phenomlab has marked this topic as solved on
  • phenomlabundefined phenomlab unlocked this topic on

Did this solution help you?
Did you find the suggested solution useful? Why not buy me a coffee? It's a nice gesture, and a great way to show your appreciation💗

  • 2 Votes
    3 Posts
    153 Views

    Just had a look through the new Free NGINX website, which looks like an 80’s throwback and that it was created using a ZX Spectrum 🙂

    https://freenginx.org

    Love the sarcastic note…

    image.png

  • 4 Votes
    3 Posts
    161 Views

    @phenomlab said in Come back PhP, all is forgiven!:

    I used IONOS for a while, and realised that Hetzner provide a much better deal for those experienced with Linux. I know @cagatay, @DownPW and myself all use Hetzner, and I think @Madchatthew (whom I haven’t seen for a while ) was also considering taking their services. There’s an affiliate link below if you’d like to go down that route

    Yep hetzner is very very cool and I haven’t seen before a panel magentment as complete as him : backup, snapshot, add cpu core, ram is easy.

    @phenomlab said in Come back PhP, all is forgiven!:

    Obtaining a VPS comes with the double-edged sword of being completely on your own with no support, although by using Virtualmin, you’ll find life so much simpler (something I know @DownPW can attest to, as I managed to convert him )

    Yep Virtualmin is very cool 😉
    And it makes life much easier for server management, domain, nginx and so on even if it is always better to know how to do all this in CLI. I would say that the 2 are really complementary

  • 2 Votes
    3 Posts
    292 Views

    @phenomlab developing an own app is a big time-consuming job, above tool worked perfectly to run quick sample tests.

    i have used temp mail to log in.

    thanks

  • Domain name factors

    Hosting
    16
    1 Votes
    16 Posts
    671 Views

    @phenomlab said in Domain name factors:

    @jac Yes, but don’t forget that Matomo (and most browsers) alike will allow you to “opt out” or not be tracked, so you can’t really rely on these 100%.

    Absolutely, very true pal.

  • Site down

    Solved Hosting
    9
    1 Votes
    9 Posts
    361 Views

    @jac thinking about it, this is probably related to the feature in Nord VPN.
    https://nordvpn.com/features/vpn-kill-switch/

  • DNS record invalid (Google webmaster)

    Solved Hosting
    13
    4 Votes
    13 Posts
    618 Views

    I can confirm the site is now verified and the sitemap has been submitted.

    Thanks chaps @gotwf @phenomlab

  • Virtualmin Letsencrypt Renewal

    Solved Hosting
    13
    1 Votes
    13 Posts
    1k Views

    @gotwf said in Virtualmin Letsencrypt Renewal:

    I favor KISS engineering

    Then I think you’ll be able to appreciate this
    https://content.sudonix.com/keep-it-simple-stupid/

  • 3 Votes
    4 Posts
    429 Views

    @cagatay same here. Was previously an IONOS user, but moved to Hetzner to realise both savings and performance increase and have never looked back.