Menu
homeMicrosoft

Bitrix virtual machine. VMBitrix capabilities. The solution to the virtual machine. Virtuozzo Application Template for launching an optimized Bitrix VPS

Greetings, Friends!

In this video tutorial we will talk about how to work with a local website on 1C-Bitrix as comfortably as possible, so that nothing slows you down. And for this we will use the BitrixVM virtual machine.

Why is there such a need to install a virtual machine under Windows to work with a website? Yes, because when working with 1C-Bitrix or another CMS using local servers such as Denwer, OpenServer, XAMMP, etc. A lot of problems often arise:

1. If the computer is slow, if the hard drive is old, if the system has been running for a long time and is clogged, then working with the site can sometimes be problematic - everything slows down. This is especially true for engines with a large number of files such as 1C-Bitrix, Magento, etc.

2. Very often these local servers have a very poorly configured connection to MySQL by default (especially in Denver). And it turns out that if the site works powerfully through heavy AJAX or has a complex structure based on dynamic information that is selected by many queries to MySQL (for example, a Joomla site that has many modules and plugins installed for various additional functions), then everything is the same again begins to slowly toss and turn. And this is extra nerves for the developer.

3. The main problem of local servers when using them with complex projects is that there are no standard or simply common modules for PHP or Apache, or a stripped-down version of MySQL that does not support the necessary capabilities that will be needed on a real project server. Of course, you can try to configure all this on these local servers, but not everything is possible, or it works with such glitches that development becomes extremely difficult.

All these problems are solved by development on a production server (directly on hosting), but this is also not always possible, either for security reasons or for some other reason. Not everyone can make their own separate server for Linux projects either, since you need to have the skills to both install and administer such servers.

What is the way out? And he is simple - use virtual server, which has already been optimally configured for us by specialists and which runs on completely free programs right in the familiar Windows. And this virtual server solves all these problems, and at the same time also teaches you to work with projects remotely, as if they were really on a real hosting.

You get a real Linux-based server for your project(for Bitrix it is now made on CentOS 6.5), everything is done there as on a real hosting, there you can install the necessary packages as on a real dedicated server, and there the speed is the same as on a hosting. And all this on your computer running Windows, you don’t need to be able to install Linux, you don’t need to be able to optimize a web server, you don’t need to make complex settings, I will show in detail the entire process of installing and running such a server in just 30 minutes in this video:

That's all for today! Don't forget to click on the social buttons on the left and ask your questions below in the comments!

Comments (21):

  • Alex

    Good evening, Dmitry!

    I can’t find the answer to launching the virtual player, I’ve already read everything I can and watched the video several times and I can’t understand where the error lies. Basically, when you create a new password for root, everything goes great, until the moment when you need to enter a new password. Here, even if you enter numbers or letters, an entry appears, either the password is bad, or it gives out some kind of nonsense. Of course, after several unsuccessful attempts, it again throws on data entry. Have you ever encountered such nonsense?

  • Denis

  • tehfoxen

    • It is not very clear what kind of file you are requesting. Firstly, the error is not issued for the absence of a file, but for a syntax error in the request. However, when clicking on the link, we can only receive information about the license, which does not exist.

      • tehfoxen

        We tried different installations: 1. Installation from the cloud (using a license key), this error appears above.

        3. Installing their archive downloaded to the local computer (error, not all packages, although all were downloaded)

        4. We uploaded the entire archive to the root of the server and tried to download it from there, but there was also an error (not the entire archive).

        The error occurs after the upload option is selected and then it gives an error.

  • Anton

    Dmitry, good afternoon!

    Please tell me, did you have any problems with SFTP connection to VM5?

    I did everything according to the video, changed passwords, for example accesses:

    NAT is enabled in the machine settings

    But I can’t connect to WinSCP, it always says Access denied.

    although in the virtual machine itself I connect normally using this login and password, I don’t understand what’s wrong...

1C-Bitrix: Virtual Machine" was developed directly for the needs of projects on 1C-Bitrix. The undeniable advantage of this software product is its initial configuration, which is an example of ideal virtual server settings for Bitrix. “1C-Bitrix: virtual machine” has been tested and configured to work with both 1C-Bitrix products and any PHP applications.

What is a “Virtual Machine” for?

Using "1C-Bitrix: Virtual Machine" will allow your projects to show consistently high performance indicators. In addition to simplicity and ease of use, it allows you to significantly reduce the time for administering a website created on the basis of 1C-Bitrix products and setting up the server, as well as on the equipment. Using "1C-Bitrix: Virtual Machine" you can create a new project or transfer an existing one.

Full access at the administrator level makes it possible to install any software using a virtual machine for 1C-Bitrix and make changes to the settings of the BitrixVM virtual server.

What version is being installed?

You receive the latest version of the program. Today, the latest version of this software product is “1C-Bitrix: Virtual Machine 7.0” with the latest version of PHP, which gives a noticeable increase in performance.

How to order a virtual machine?

For all our clients, the 1C-Bitrix virtual machine is provided free of charge when ordering any VPS server for CMS Bitrix and is ready to work immediately after deployment, which takes just a few minutes.

How to pay for VPS?

To pay for VPS, select the desired tariff in the table and click the “Order” button. Next, follow the instructions in the billing panel, indicating the necessary actions with the domain, your data and select the appropriate payment method. That's all! Your server will be activated immediately after payment.

With the help of special VM solutions, you can quickly get an optimally configured server that is not inferior in performance to BitrixVM, and in scalability - superior to the 1C-Bitrix virtual machine. The packages were prepared by 1C-Bitrix specialists and are available for download and use.

1. “1C-Bitrix: Virtual machine 7.3.4”

“1C-Bitrix: Virtual Machine 7.3.4” is specially configured for fast execution of 1C-Bitrix software products: it deploys in minutes and is immediately ready for work! You can not only install trial versions of 1C-Bitrix products on a virtual machine, but also transfer your own, ready-made projects.

2. “1C-Bitrix: Web Environment” - Linux

"1C-Bitrix": Web Environment" - Linux is used for quick and easy installation of all software necessary for the operation of 1C-Bitrix products and solutions on the Linux platforms CentOS 6 (i386, x86_64) and CentOS 7 (x86_64).

3. Virtuozzo Application Template for launching an optimized Bitrix VPS

Virtuozzo VZ Application Template package for Bitrix using the 1C-Bitrix: Web Environment solution - Linux 2.0. The template is designed for installing (creating) Virtuozzo containers based on CentOS 6 (i386, x86_64) and CentOS 7 (x86_64) packaged as a Virtuozzo EZ Template.

Installing packages requires administration skills! For more information, please visit the Developer Support Center or reach out to the community on the forum.

About the product

About the product

“1C-Bitrix: Virtual Machine” is specially configured for fast execution of 1C-Bitrix software products: it deploys in minutes and is immediately ready for work! You can not only install trial versions of 1C-Bitrix products on a virtual machine, but also transfer your own, ready-made projects. Moreover, you can run several sites on one virtual machine through the wizard.

Web cluster enabled virtual machine

The virtual machine includes a wizard for creating a cluster, a wizard for adding a slave server, and a wizard for switching a slave server to master mode. Now it takes 5-10 minutes to deploy the cluster. There is no need to install or configure anything.

You can appreciate the benefits of virtual machines right now, even if you have never used them. Download a fully ready-to-use virtual machine. Launch it and see how quickly 1C-Bitrix products work under a correctly configured virtual server.

Download and use for free!
Rent at the price of hosting tariff

“1C-Bitrix: Virtual Machine” is implemented using VMware virtualization technologies and can be used in any VMware solutions designed for cloud computing.

How to try?

There are two ways to test a virtual machine:
  • download and run the installation file on your computer yourself (free);
  • rent a hoster’s virtual machine (at the price of the hosting tariff).

"1C-Bitrix: Virtual Machine" is a non-commercial product. At the same time, you can turn to 1C-Bitrix for help if you encounter problems with the functioning of our commercial products (“1C-Bitrix: Site Management”, “1C-Bitrix: Corporate Portal” and) on BitrixVM. But other issues, for example, changing the BitrixVM configuration, are resolved only by the developer community.

Composition of the product

“1C-Bitrix: Virtual Machine” emulates the operation of a real computer. The product includes a configured operating system, web server, database, firewall, mail server, as well as a large number of settings on which the reliability, performance and security of the web project depend. You can launch a new project on a Virtual Machine, or transfer a ready-made website to it. It is possible to transfer a website directly from the server to the machine.

The virtual server contains:

  • Operating system - CentOS 7.5 with automatic updates
  • Two-level configuration - NGINX + Apache2
  • MySQL5 with InnoDB support
  • HTTPS support
  • Wizards for setting up a cluster and adding additional sites
  • Sphinx Search Server Configuration Wizard
  • Additional packages: geoip, catdoc, poopler, mc, man, strace, sphinx
  • configured firewall (iptables) and verified configuration security
  • The IP address is obtained via DHCP or set manually
  • easily customizable email client (msmtp)
  • minimum memory requirements - 512M
  • maximum disk space 100 GB
  • automatic performance optimization for different memory sizes (up to 16 GB)
  • console panel of typical actions for managing a virtual server
  • a large number of settings that affect reliability, performance and security
  • The root password is bitrix (will need to be changed upon first login)
  • Bitrix password - bitrix (will need to be changed upon first login)

About virtual machines

Virtual machine technology is becoming more widespread. The market leader is VMWare, Microsoft is actively developing with Hyper-V, Citrix with XEN.

Material from Wikipedia:

What's new?

Version history of BitrixEnv and BitrixVM

The 1C-Bitrix: Virtual Machine product is constantly being improved and refined. Keep track of changes and new features of the Virtual Machine on this page.

Changes in version 7.3.4

Software Update:
  • push-server 2.0.0
Major fixes:
  • The push-server package has been updated to work correctly on CentOS 7.6. Fixed an issue with starting the push-server service via systemd.

Changes in version 7.3.3

Major fixes:
  • Added automatic inclusion of PHP extensions zip and dom. They have become mandatory, as they are necessary for the operation of the Document Generator module.

Changes in version 7.3.2

Major fixes:
  • Added the ability to enable or disable the yum repository that stores beta versions of virtual machine packages.
  • Fixed a typo in the menu phrase that was causing the default certificate restoration for the site to not work.

Changes in version 7.3.1

Software Update:
  • push-server 2.0.0
Major fixes:
  • Fixed the display of MySQL and PHP update items if the MySQL server version is 5.5 and PHP is updated to 7.0.
  • Added copying of the certificate chain when setting up your own SSL certificate.
  • Easier generation of dhparam.
  • Fixed blocking of the menu when the configuration script is running.
  • Fixed exiting the menu for several items.
  • Fixed menu behavior when monitoring is enabled.

Changes in version 7.3.0

Software Update:
  • nginx 1.14.0
  • hostname 1.0.0
  • php 7.1
Major fixes:
  • Added use of php version 7.1 by default.
  • Fixed setting up certificates when access to the site is configured with https.
  • Fixes for package settings (option in dbconn.php and ethtool dependencies).

Changes in version 7.2.2

Major fixes:
  • Fixed a bug with duplicating ntlm settings for the httpd-scale service.

Changes in version 7.2.1

Major fixes:
  • Fixed an error that occurred when creating a site with advanced parameters specified.
  • The phrase in the mail settings for the site has been corrected.

Changes in version 7.2.0

Software Update:
    nginx 1.12.2
Major fixes:
  • Added support for installing certificates: your own and Let's Encrypt.
  • Added the ability to return the site's "default" SSL certificate.
  • Web cluster configuration errors have been fixed.
  • Added the ability to change the hostname after creating a server pool.
  • The procedure for updating MySQL server settings in a pool has been fixed.
  • Security fixes for nginx and httpd configuration files.
  • Errors in creating sites have been fixed if there is not a single working site on the server.
  • Added removal of servers from monitoring when they are removed from the server pool.

Changes in version 7.1.0

Software Update:
  • nginx 1.12
  • mysql 5.7
  • nodejs push-server 1.0.0
Major fixes:
  • New version of mysql server. Added an update wizard to the menu for existing installations.
  • Added the ability to configure a new push-server.
  • Fixed lsyncd server configuration error
  • The procedure for updating a machine in a pool has been fixed; the ability to run a full update from the menu has been added
  • Security fixes for nginx configuration files
  • Added X-Frame-Options for online chats
  • Fixed launch of smtp service

Changes in version 7.0.1

  • The proxy_ignore_client_abort option has been added when creating new sites, and a separate menu item has been added for configuring existing sites.
  • Added settings for fast file upload via nginx for external storages: Clodo, Rackspace, Google Storage and Selectel.
  • Added generation of DH parameters for ssl connection.
  • Fixed lsyncd service configuration for Cent OS 6.
  • The index name generation procedure has been changed.
  • Fixed an error in setting up monitoring in the system.
  • Fixed an error configuring the mysql service after it was stopped in the system.
  • Fixed error when changing the password for the mysql service.
  • Fixed an error in obtaining the mysql service status for a localized version of the OS.
  • The procedure for changing the password for hosts without installed/configured sites has been fixed.

Changes in version 7.0.0

  • CentOS 7 (x86_64) becomes the main distribution for 1C-Bitrix: Virtual Machine 7.0. The images work under CentOS 7 (x86_64), rpm packages are still available on CentOS 6 (i386, x86_64).
  • Software Update:
    • nginx up to version 1.10.2
    • sphinx 2.2.11
    • php 7.0
    • ansible 2.2
  • Fixed virtual machine scripts to work with Ansible 2.2. The ansible package is now available via the Bitrix repository.
  • The procedure for generating passwords in the machine has been fixed, support for special functions has been added. characters.
  • Added a procedure for automatically creating a password for the mysql service when the machine first starts and when installing via bitrix-env.sh.
  • PHP 7.0 is used by default. Added the ability to roll back the version to PHP 5.6 if necessary. When upgrading a virtual machine from 5.1 to 7.0, in the same menu item you can perform the upgrade procedure from PHP 5.6 to 7.0.
  • Added the ability to create your own rules for iptables/firewalld.
  • Errors in the menu operation in the case of several IP addresses on one network interface have been fixed.
  • The procedure for setting up a web cluster is divided into two steps that can be run separately from each other: data synchronization and setting up the web environment.
  • The default data synchronization service is lsyncd.
  • Errors have been fixed when deleting a machine from a server pool.

Changes in version 5.1.8

The virtual machine scripts have been fixed to work with Anaible 2.1.0.

Changes in version 5.1.7

Software update: nginx - 1.8.1

Changes in version 5.1.6

  • ANSIBLE: Support for working with ansible 2.0.1
  • Description: Fixed virtual machine scripts to work with Anaible 2.0.1

Changes in version 5.1.5

A number of changes have been made to improve the performance of the 1C-Bitrix: Virtual Machine product.

Changes in version 5.1.4

  • Added removal of pool configuration, for cases when it is necessary to recreate it.
  • Added the ability to remove servers from the pool that are disabled or unavailable for one reason or another.
  • Added the ability to update PHP to version 5.6.
  • Added the ability to set the authorization method when setting up mail.
  • Added the ability to set cron settings or hits for a site during its creation.
  • Added the ability to configure email notifications for the Nagios monitoring system.
  • Added the ability to set a personal login and password for Nagios and Munin monitoring systems.

Changes in version 5.1.3

Now, when adding a server to AD, you can specify an arbitrary NETBIOS name that is different from the machine name.

Bugs fixed:

  • connecting the server to a domain with localized group names;
  • creating incorrect configuration files for the samba server;
  • impossibility of changing the domain for the server;
  • creating websites in cp1251 encoding;
  • creating an invalid link in case of an https request.

Change in version 5.1.2

When creating mail for a site, the msmtp profile is registered for cron. This way, the configured mail for the site starts working if the job is transferred to cron.

Changes in version 5.1.1

  1. Changed the behavior of disabling php modules through configuration files. Allows you to avoid including “unwanted” PHP modules when updating PHP packages.
  2. Added the ability to set the root password by creating the /root.my.cnf file when updating the mysql server.

Changes in version 5.1.0

Major changes
  1. Added the ability to configure the delivery of a composite cache via nginx, if it is configured on the website
  2. Software Update:
  • php-5.4
  • mysql-5.5
  • nginx - 1.6.2
  • Support for external kernels (ext_kernel) for websites
    For this type of site:
    • no access via web
    • you can use them to create a link
    • all cluster functions supported (mysql, web)
  • The dependence of creating the memcached and sphinx roles on the cluster and searchd modules installed on sites has been removed. If the module is missing on the site, the service will be added. But it will not be registered in the corresponding site model
  • Added restrictions on creating a cluster configuration (mysql, web) in the following cases:
    • if there is more than one site of type kernel (kernel) or external kernel (ext_kernel) on the server
    • cluster or scale module not installed
  • ntlm update (fixed errors in synchronizing calendars and contacts; added the ability to update the configuration of several sites if NTLM is already configured for the server)
  • Added HVM images (Frankfurt and not only)


    • Changes in version 5.0

    New:
    • Added work with dynamic addresses (updating the list of servers in the pool; if the address on one of the pool servers is updated, the access settings, as well as the access configuration, change). Wiki article
    • Changed work with sites:
      • added determination of whether the scale and/or cluster module is installed on the site; site operations are allowed for such sites: setting up email, enabling/disabling https-only mode, setting up backup, but such sites do not participate in cluster operations: memcached, mysql, apache
      • in case of an error on one of the installed sites installed on the server, such site will not participate in any of the operations in the cluster, a list of such sites and their errors can be found in paragraph 6, subparagraph 8
    • API for hosters
    Corrections:
    • Working with subinterfaces, which were not defined correctly in the previous version, which did not allow working in OpenVZ/Virtuozzo containers
    • Incorrect determination of what mode the server is operating in (with or without a balancer) led to the following errors:
      • creating a website on port 8080
      • Enabling HTTPS-ONLY mode did not work
      • links to the https version of the site were created incorrectly
    • Domain names were used in the nginx server configs (allow/deny rules), if the user specified FQDN when creating a master or adding a new server to the pool, which led to service restart errors

    Changes in version 4.3:

    • the settings of the nginx-push-stream-module module have been changed, the ability to work via websocket and standard ports 80, 443 has been added
    • Configuration files reworked, comments added
    • fixed loss of get parameters in dav
    • nginx-push-stream-module, nginx, apc module updated
    • added sphinx setup and connection wizard
    • Auto-scaling parameters expanded to 16 GB

    Changes in version 4.2:

    • nginx-push-stream-module settings have been changed to support push & pull correctly
    • php json module is enabled by default
    • fixed rpm package behavior when updating
    • Fixed setting the task of checking munin and nagios rights in cron
    • fixed rules for nginx processing of merged css
    • added rules for nginx processing of combined js
    • Correct nginx response headers are set when displaying custom errors
    • fixed definition of variables in nginx
    • Library dependencies have been fixed in BitrixVM

    Changes in version 4.1:

    • CentOS updated to version 6.3
    • fixed the wizard for adding additional sites
    • The backup setup wizard has been fixed, the archive format has been made compatible with restore.php
    • The service for setting parameters of the bvat system has been improved
    • 404 error handling for static content has been moved to nginx
    • nginx fixed handling 404 errors for dynamic content
    • error pages added to nginx
    • Correct processing of calendars has been added to nginx
    • to support the push & pull module, nginx is compiled with the nginx-push-stream-module module
    • Fixed the mechanism for working with the Bitrix html cache in nginx
    • added system update wizard
    • changes aimed at improving system security

    Changes in version 4.0:

    • operating system CentOS 6.2 i386
    • Removed a number of VMWare components that led to problems after virtual machine updates
    • standard virtual machine disk size increased to 10 GB
    • ZendServer replaced by Apache and APC
    • The connection scheme for Nginx and Apache configuration files has been changed to minimize problems when updating or installing additional packages
    • The ntlm authorization mechanism has been changed and the BitrixEnv4 package has been added to the rpm
    • added wizards for creating a scheduled site backup, deleting settings for additional sites, setting up system monitoring (munin, nagios)
    • changes aimed at improving system security
    • The wizard for creating additional sites has been improved
    • The operation of the bvat system parameter settings service has been adjusted
    • added Mercurial version control system

    Changes in version 3.1:

    • updated version of nginx 1.1.0, with upstream_keepalive patch
    • expanded set of pre-installed packages (htop, samba, etc.)
    • ntlm authorization setup wizard

    Changes in version 3.0:

    • operating system CentOS 6.0 i386
    • ext4 file system
    • updated version of nginx 1.0.6, configuration changes
    • updated version of msmtp 1.4.24, changes in the setup wizard
    • replacing xpdf with poppler
    • corrections have been made to the mysql configuration
    • the set of pre-installed packages has been expanded in the virtual machine (mc, strace, man, etc.)
    • added the ability to create additional sites, both on a separate core and as part of multisite
    • added wizards: creating a master node of the cluster, adding a slave node to the cluster, changing the role of a slave node to master
    • GeoIP databases updated

    Main changes in version 2.0:

    • php-5.3.3 or php-5.2 (version php-5.3.3 lacks the Zend Guard Loader component, i.e. encoded files will not work);
    • PHP parameters have been changed for optimal operation of Bitrix products
    • added xdebug module (not active by default, to activate it is enough to uncomment the corresponding line in php.ini and restart apache);
    • updated version of nginx 0.7.67, configuration changes;
    • the list of operating systems for installing Fedora 8-14 (i386 only), server CentOS/RHEL/OEL 5 (i386 and x86_64) has been expanded;
    • disabling duplicate compression in product configuration (now only nginx compresses data);
    • Troubleshooting msmtp mail program configuration problems;
    • Auto-update of packages (via yum) is disabled when restarting the server;
    • Minor comments and errors have been fixed.
    Packages tested on Fedora 8,12,14(i386), CentOS/OEL 5(i386/x86_64). Fedora 14 has minor issues related to OS bugs.

    Changes in version 1.6:

    • By default, the Virtual Machine site is now accessible over both HTTP and HTTPS protocols, and the Zend Server control panel is disabled to save resources. Both of these options are still well managed through the root user menu.
    • Added support for the SMTP server that appeared in 1C-Bitrix: Corporate Portal 9.0, which starts automatically if configured correctly.
    • After updating the product, search in PDF files becomes available.
    • All software packages have been updated, including Zend-Server-CE (very seriously updated), the php-5.2-memcache module has been added to use caching in RAM.
    • Changes have been made to the NGINX configuration to process cached PHP pages (HTML caching technology), errors in processing WebDAV requests have been fixed, and scalability has been improved. In the APACHE configuration, errors have been fixed that caused, in particular, errors during the “classic” loading of pictures into the photo gallery (via java-applet). Added processing of document types docx, xlsx, pptx.
    • The bitrixsetup startup script has been improved, localizations have been added for English and German.

    Changes in version 1.5

    • all Ubuntu 8.0.4 OS packages have been updated, as well as Zend Serevr CE 4.0.3, PHP 5.2.10 application packages;
    • improved nginx configuration in terms of compression;
    • changes in the console menu: when the Zend panel is disabled, the corresponding service stops, which allows saving RAM of the Virtual Machine;
    • system improvements regarding the use of RAM: The virtual machine works satisfactorily on 160 MB of RAM, although the main recommendation for the size of RAM remains the same - 256 MB of RAM;
    • updated bitrixsetup.php - allows you to install additional 1C-Bitrix applications.

    Changes in the new version 1.4

    Added installation using BitrixSetup.

    Changes in version 1.3

    The new edition of VMBitrix is ​​implemented according to the VMware Virtual Appliance standard!

    General configuration:

    • the home directory of the bitrix user is separate from the webroot;
    • Before the initial login via ssh/console to change the default password (bitrix), you cannot connect via SFTP and HTTPS to manage the server. This does not affect the launch of bitrix_setup and installation of the product;
    • EULA removed.
    Error correction:
    • fixed test SSL certificate;
    • console menu: fixed error in mail configuration, removed menu items for configuring IP - this is available in VMware tools;
    • nginx configuration: fixed WebDAV errors (for proper operation you need to update to 8.0.2), 400 Bad Request when creating a new topic, synchronization with Outlook;
    • Fixed a bug when launching XMPP.
    Applications:
    • additional packages installed: catdoc, memcached, xpdf;
    • reworked and fixed the bitrix_setup script;
    • nginx updated to version 0.7.62 (security bug - Critical vulnerability in the Nginx http server);
    • The script for auto-tuning service parameters has been modified to ensure high performance with RAM values ​​up to 2 GB;
    • changes necessary for the correct operation of the VM have been made to the distribution kits of 1C-Bitrix products.

    Advantages

    Advantages

    “1C-Bitrix: Virtual Machine” is an excellent solution to the problem of high-quality configuration of hosting and dedicated servers. Usually, in order to achieve high project performance, you need to configure the server software, OS, and hardware yourself. In addition, it is important to ensure safety. And in “1C-Bitrix: Virtual Machine” all these settings have already been completed. As a result, you save time and money on server deployment and configuration, on purchasing the necessary equipment, and on ensuring project security.

    Everything is ready to go!

    The virtual server is ready for immediate use. This means that 1C-Bitrix products will work quickly on the server, and most of the services here are not just configured, but work perfectly.

    After installing the virtual machine:

    • you can use the cluster setup wizard and add additional sites;
    • the menu allows you to configure sending mail through an external SMTP server;
    • if you configure an SMTP gateway, mail can be routed within the organization;
    • the instant messaging server (XMPP/JABBER server) is configured and running (automatically starts);
    • Miranda, QIP and other messenger programs can be configured to work with the Internet/Intranet portal;
    • indexing of office documents is configured;
    • WebDAV is configured and running;
    • HTTPS support for the Corporate Portal;
    • SSL support for XMPP

    Saving

    There are significant savings for the company:

    • on deployment time;
    • on equipment;
    • on operating costs.

    Rent

    The product “1C-Bitrix: Virtual Machine” can be rented from hosting providers. You can rent a virtual machine using any virtualization technology: VMware, Parallels Virtuozzo Containers, Amazon EC2 (AMI), Open VZ, Citrix. "1C-Bitrix: Virtual Machine" specially configured for fast execution of 1C-Bitrix software products: it deploys in minutes and is immediately ready for work! You can not only install trial versions of 1C-Bitrix products on a virtual machine, but also transfer your own, ready-made projects.

    "1C-Bitrix: Web Environment" - Linux

    "1C-Bitrix": Web environment" - Linux serves for quick and easy installation of all software necessary for the operation of 1C-Bitrix products and solutions on the Linux platforms CentOS 6 (i386, x86_64) and CentOS 7 (x86_64).

    Using "1C-Bitrix: Virtual Machine", you save time and money: on deployment and configuration of the server, on purchasing the necessary equipment, on ensuring the security of the project. You can use a virtual machine use for free. The machine is also available for rent from hosters at the price of the hosting plan.

    Amazon Elastic Compute Cloud (Amazon EC2)

    Amazon EC2 is a web service that provides scalable computing power and is designed to quickly and easily deploy web applications on Amazon sites (clouds). 1C-Bitrix specialists have prepared pre-configured BitrixVM images (AMI images) for quickly launching 1C-Bitrix applications in Amazon EC2, which include:
    • CentOS 7.5
    • NGINX + Apache2
    • MySQL5 with InnoDB support
    • Mail server agent
    • A UNIX-like Control Menu with common tasks
    • IP address via DHCP, or configured by Amazon Elastic IP
    • HTTPS support
    List of ami by region:

    Installation procedure

    Installation procedure:


    		 Download and install VMWare Player - a free product that runs on any Windows or Linux OS.

    		Download and unpack the configured BitrixVM virtual machine.

    		Launch VMWare Player and open the BitrixVirtualAppliance.vmx file from the directory where you unpacked its virtual image.
    If you are familiar with VMWare, then you probably have server products from this company in which you can run our virtual machine without any problems.

    		Answer the VMWare dialog questions and reboot the virtual server.

    		Open the received IP address in your browser.
    Launch the installation and configuration wizard for 1C-Bitrix products, complete all the steps and get to work!
    BitrixSetup

    BitrixSetup script

    In "1C-Bitrix: Virtual Machine" built in special script BitrixSetup, with which you can download the distribution kit of a trial or commercial version of the product from the website www.1c-bitrix.ru directly to your website, without downloading the file to your local computer.

    Using another built-in script to restore backups - restore.php- Can quickly transfer sites between machines, and without creating intermediate files. How does this all happen? You make a backup copy of the site using our product (Settings-Tools-Backup), and in the transfer script (directly in the virtual machine) you specify the file name and site. The system itself will copy the file, unpack it and restore it on the Virtual Server.

    February 1, 2018 at 4:04 pm

    Why is it important not to delay the installation and configuration of the Bitrix CMS based on 1C-Bitrix: Virtual Machine?

    • Information Security

    Who dropped the glove?

    While performing one of the penetration testing projects, we came across a virtual machine on the Customer’s public IP address. From the set of ports open on the host, we got the feeling that this was Bitrix. The link discusses the purpose of ports. Below is a list of ports that are open on the VM out of the box:
    • 22/tcp
    • 80/tcp
    • 443/tcp
    • 5223/tcp
    • 8893/tcp
    • 8894/tcp
    When you clicked on the URL ip_addr :80, the initial setup page for the 1C-Bitrix website opened, and the “Restore a copy” link opened, which takes you to the restore.php module. When clicked, instructions for creating a backup copy of an existing 1C-Bitrix website, links to documentation, and a “Next” button open. And then things get interesting, you can do the following:

    It is clear that at some point the administrator did not complete the procedure for setting up the site and the 1C-Bitrix VM. Here we could write this problem into the report (and then try to sell the Customer an infrastructure monitoring system, SIEM or something similar) and move on. But we are not one of those.

    The human factor or the lack of Customer control over the infrastructure is not so important. What's important is how this bug can cause a hack.

    Hello distant sites

    The restore.php module, in addition to presenting the interface, performs the functions of checking and downloading files and deploying site backups. If you choose to download files from a local disk, then nothing prevents you from choosing not a backup copy, but, say, downloading the phpinfo.php script.

    And then Bitrix started leaking. We expected that checking files at the download stage or post-checking the contents of the file would work. It didn’t work...the transferred file ended up in the web application’s home folder!

    Have you started to figure out what’s “under the hood” and why the script loads everything? To satisfy curiosity and for reporting to the Customer, we deployed “1C-Bitrix: Virtual Machine” version 7.2 in our lab.

    The primary server configuration when connecting via SSH is performed in two steps:

    1. Change root user password
    2. Change bitrix user password
    Next, access to the local command interpreter will become available. We try to upload files with the .php extension to the “experimental” server - no problems, they are written to the home directory ‘/home/bitrix/www’:

    We started digging further into restore.php. The next function was “Download a backup from a distant site” (“distant site” is a very peculiar term, but okay). This script does not allow you to download anything other than backup copies. We looked into the source code of restore.php and found a condition for checking the downloaded file:

    $f = fopen($_SERVER["DOCUMENT_ROOT"]."/".$arc_name, "rb"); $id = fread($f, 2); fclose($f); if ($id != chr(31).chr(139)) // not gzip ( $s = filesize($_SERVER["DOCUMENT_ROOT"]."/".$arc_name); if ($s%512 > 0 ) // not tar ( unlink($_SERVER["DOCUMENT_ROOT"]."/".$arc_name); $res = false; ) )
    The first condition: if the beginning of the file does not contain characters with codes 0x1f and 0x8b of the ASCII+extended table, then the downloaded file is not an archive.gz.

    The second condition checks the size of the downloaded file: if the value is not divisible by 512, then the file is not a tar archive. This is where the check ends.

    It turns out that only the first condition needs to be circumvented. OK! We took a simple cmd.php script for testing (there is a ready-made one from “The Dark Raver”). In the system cli, the identifier characters with the contents of the cmd.php file were transferred to a new file called cmd_boom.php:

    Echo -e "\x1f\x8b\n$(cat cmd.php)" > cmd_boom.php
    Using the xxd utility, you can see the contents of the file in the form of a hex table:

    Cat cmd_boom.php | xxd
    Conclusion:

    That’s it, the file is ready for uploading to the “distant server”. Upload cmd_boom.php to your GitHub repository and paste the script URL on the 1C-Bitrix recovery form. As a result, after a short contemplation of the loading progress bar, we received an error message:

    Well, maybe the file was deleted from the home folder due to an error? What's the point of storing it if the file breaks along the way or is inconsistent? But the authors of the restore.php script apparently considered it unnecessary to clear the site’s home directory of garbage. So, what about the loaded shell? So here he is, dear!

    Now comes the fun part. By clicking the “Skip” and “Try Again” buttons on the form with the error message, we received a page with a button “Delete local backup and service scripts.” Clicked and the files were deleted!

    As a result, the home directory will be cleared of the restore.php, bitrixsetup.php scripts and the downloaded cmd_boom.php file. After this, nothing decisive can be done with the site - the backup copy is not restored and you cannot proceed to installing a new site.

    Of course, you could hide the cmd.php script in a subdirectory or rename it index.php. We stopped there.

    There is a set aside!

    We reported to the 1C-Bitrix technical support service about the problem with the restore.php script, to which we received the following response:

    “It makes no sense to talk about vulnerabilities in restore.php; this script is intended for deploying a site management system. In its essence, it is needed in order to upload PHP scripts to the site.”

    Well, in general, everything is correct, we successfully uploaded the scripts to the “abandoned” customer site and received a local shell.

    The position of technical support is clear: “If you haven’t finished the site configuration, you are your own evil Pinocchio.” The ticket was closed by technical support without a response from the developers directly.

    We did not find out how many “abandoned” 1C-Bitrix VMs were published on the Internet; a couple found by the query “intitle:“Welcome!” intext:"Welcome to Bitrix Virtual Appliance"" on Google.

    Epilogue

    Do not publish the 1C-Bitrix VM before the site is deployed. Keep track of your company's resources published on the Internet. Abandoned sites are almost always a bad thing.