How to prevent that a user deletes a file owned by root in its home directory

If the root user stores a file in the home directory of another user or any other directory that is owned by another user, this other user is able to delete the file even if the file is owned by root and has 700 permissions.


root@workstation:/home/otheruser# ls -la
total 8
drwxr-xr-x 2 otheruser otheruser 4096 Oct 23 11:52 .
drwxr-xr-x 3 root      root      4096 Oct 23 11:51 ..
-rwx------ 1 root      root         0 Oct 23 11:52 root_users_file

If I su now to "otheruser", I'am able to delete the file as "otheruser" is the owner of the directory where "root_users_file" is stored:

root@workstation:/home/otheruser# su otheruser
sh-3.2$ rm root_users_file
rm: remove write-protected regular empty file `root_users_file'? y

Now to protect the file from beeing deleted, use the command chattr +i:

chattr +i root_users_file

and then try again to delete the file as "otheruser", the action will be denied:

root@workstation:/home/otheruser# su otheruser
sh-3.2$ rm root_users_file
rm: remove write-protected regular empty file `root_users_file'? y
rm: cannot remove `root_users_file': Operation not permitted

Now even root is not able to delete or edit the file anymore. With the command chattr -i the protection can be removed:

chattr -i root_users_file

How to extend the Windows 7 activation period to up to 120 days

Windows 7 has to be activated within a period of 30 days.  You can use the following command up to 3 times to extend the activation period to up to 120 days. The Command has to be executed as Administrator user on the Windows shell:

Click on "Start" > "All Programs" > "Accessories" and then right click on "Command Prompt" and select "Run as Administrator"

In the command promt window enter the following command and hit return:

slmgr -rearm


This slmgr command works also on the Test versions of Windows 7 that Microsoft offers on their website. It has to be executed before the activation period ended.

How to reset the MySQL root password

The following steps describe the procedure to reset the mysql root password on Linux.

1) Stop the mysql server

/etc/init.d/mysql stop

2) Start the mysql server manually without permission tables which allows us to login as root user without password:

mysqld_safe --skip-grant-tables &

3) Login into mysql as root user without a password and switch to the "mysql" database:

mysql -u root mysql

Then execute this SQL query to set a new password for the mysql root user:

update user set Password=PASSWORD('mynewpassword') WHERE User='root';

(Replace "mynewpassword" with the new root password in the above command).

Then logout from the mysql prompt by typing:


4) Now bring back the running mysql instance into the foreground by typing:


and then press [ctrl] + c to kill the mysql process.

5) Start the mysql server again:

/etc/init.d/mysql start

How to use a custom php.ini with suphp

To use a custom php.ini file with SuPHP for a website, you can define the path to the php.ini file in a .htaccess file or in the apache vhost like this:

suPHP_ConfigPath /home/websites/domain.tld/

Then add a php.ini file in the directory /home/websites/domain.tld/ which may be a copy of the global php.ini were you just changed a few settings or an empty file were you add only the settings that shall be overridden in the global PHP configuration.

If you use ISPConfig 2 or 3, you can add the suPHP_ConfigPath setting also in the apache directives field of the website  in ISPConfig.

Redirect a subdomain with apache mod_rewrite and keep the URL in the address bar

If you want to redirect a subdomain like sub.domain.tld into a subdirectory of the website and keep the original URL in the browser location bar, you may use the following apache directives.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^sub.domain.tld [NC]
RewriteRule ^/(.*)$ /sub/$1 [L]

This rewrite rule can be added into a .htaccess file in the website root or inside the vhost file. If you use ISPConfig 2 or 3, you can add this also into the apache directives field in the website settings.

Replace sub.domain.tld with the subdomain that shall be redirected and /sub/ with the path to the directory were the pages for this subdomain are located.

Redirect domains without www (e.g. to with apache rewrite rules

If all your visitors shall access your website with a URL like and not without www, use the following apache rewrite rule for redirecting them.

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www
RewriteRule (.*) http://www.%{HTTP_HOST}$1 [L,R]

The apache rewrite rule can be added in a .htaccess file in the website root directory or if you use ISPConfig 2 or 3, you can also add the rwrite rule into the apache directives field of the website.

How to set the PassivePortRange in pure-ftpd on Debian and Ubuntu Linux

If you run a firewall on your Linux server and want to use passive FTP connections, you have to define the passive port range in pure-ftpd and your firewall to ensure that the connections dont get blocked. The following example is for pure-ftpd on Debian or Ubuntu Linux and ISPConfig 3:

1) Configure pure-ftpd

echo "40110 40210" > /etc/pure-ftpd/conf/PassivePortRange
/etc/init.d/pure-ftpd-mysql restart

2) Configure the firewall. If you use ISPConfig 3 on my server to configure the bastille firewall, you can add the nescessera port range in the ISPConfig firewall settings.

Change the list of Open TCP ports from:




and then click on "Save".

How to redirect an HTTP connection to HTTPS in apache webserver

Http connections can be redirected to https with the apache mod_rewrite module, which should be available in every apache installation. Create a file with the name .htaccess in the website root directory which contains the following lines:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

If you use ISPConfig 2 or 3, you can add these lines also in the apache directives field of  the website settings form instead of adding them to a .htaccess file. But the approach with the .htaccess file will work on ISPConfig as well.