Category: Web work

These days, most of my work is very related to the online world. Building web sites, reviewing web applications, integrating with web services, coordinating people who are far away from each other, etc. Whenever I find a new tool or service or an innovative, interesting idea about working online, I share it in this category.

Nikto – Open Source web server security scanner

Nikto – Open Source web server security scanner

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software.

PHP exposure via easter egg

Here is an interesting easter egg in PHP.  Check if your php.ini file has expose_php setting turned on like so:

; Decides whether PHP may expose the fact that it is installed
; on the server (e.g. by adding its signature to the Web
; server header). It is no security threat in any way, but it
; makes it possible to determine whether you use PHP on your
; server or not.
; http://www.php.net/manual/en/ini.core.php#ini.expose-php
expose_php = On

If it’s on, then you can see PHP Credits page, which includes PHP authors and contributors, as well as authors and contributors to the PHP modules that you have installed. To see the page add the secret parameter to any of the PHP pages on your server, like so: http://localhost/index.php?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000. You’ll see a long page that starts like so:

Kudos to Chris for pointing it out to me.  I’ve since disabled the setting on my server.

Economic impact of open source on small business

Economic impact of open source on small business

Here are a few of the findings we derived from Bluehost data (an EIG company) and follow-on research:

  • 60% of web hosting usage is by SMBs, 71% if you include non-profits. Only 22% of hosted sites are for personal use.
  • WordPress is a far more important open source product than most people give it credit for. In the SMB hosting market, it is as widely used as MySQL and PHP, far ahead of Joomla and Drupal, the other leading content management systems.
  • Languages commonly used by high-tech startups, such as Ruby and Python, have little usage in the SMB hosting market, which is dominated by PHP for server-side scripting and JavaScript for client-side scripting.
  • Open source hosting alternatives have at least a 2:1 cost advantage relative to proprietary solutions.

Given that SMBs are widely thought to generate as much as 50% of GDP, the productivity gains to the economy as a whole that can be attributed to open source software are significant. The most important open source programs contributing to this expansion of opportunity for small businesses include Linux, Apache, MySQL, PHP, JavaScript, and WordPress. The developers of these open source projects and the communities that support them are truly unsung heroes of the economy!

Via Matt Mullenweg.