Tag Archives: software

Bandinage in Robin Hood’s Barn

Leave a reply

HexedWow, what a long strange trip that was! I’ve got a lot of my amateur photography and I’ve been kicking around the notion of placing it all on my host and sharing it through my blog somehow. I started this sad trip with Pixelpost, then looked around for other LAMP scripts that could work after Pixelpost belly-flopped and died on impact. The issue I had with Pixelpost was trying to mass-import 218 pictures of my two cats. The software just couldn’t cope. So after a while trying to hammer a square peg in a round hole I just gave up altogether.

Then it struck me that I could use my WordPress blog maybe. I had a dim memory about something about Galleries. I can store as much as I like on my host and there’s no bandwidth issues so why not? So I did some reading in the Codex and well, there you go! Create a new Page, add Media, create a new Gallery and it’s EXACTLY WHAT I WANTED. Then I happened to notice JetPack and looked in there and it has Carousel feature which improves the standard Gallery control for WordPress. WOW! It was everything I wanted and it ate all 218 files without blinking and making new pages is a snap! Adding and removing pictures from the Galleries is just as easy.

So all that way and all that time blown out trying to get a weak system to behave itself and the answer was just under the covers in WordPress all along! I am exceptionally pleased. :) Thanks all you wonderful ladies and gentlemen at Automattic! Thankee-sai!

You can find these galleries on the main menu of my Blog, under the title of Photo Galleries. I hope you enjoy them!

photo by: Nicholas_T

Limit Login Attempts Plugin

1 Reply

IMG_0025I recently added to my WordPress blog security now that blogs like these are being targeted by botnets. I’ve found a great plugin called “Limit Login Attempts” which allows me to set lockout values to people who try to guess what the ‘admin’ account password is.

First, lets just say that the level of entropy in my admin accounts is so high that there isn’t enough time left in the Universe to try every combination – but that being said, my values for this plugin would make this a non-issue. I give people 4 attempts to try the ‘admin’ account, after that they are locked out for 1440 minutes, a day. If they lockout twice, the lockout penalty goes to 720 hours, or a month. There is 4320 hour span until retries are reset, that’s 6 months.

Of course, the filter also captures the IP address, so I’m going to look into getting a IP blacklist plugin and adding these captured IP addresses to that blacklist. They’ll never be allowed to my blog. This line of reasoning led me to think about an immune system for the Internet. If an IP does something wrong, it is blacklisted and that fact is then sent to every other site and they blacklist it as well. One false move and you are suddenly banished from the network. I think this would radically change how people behave online. There would definitely be a lot of noise raised when people are suddenly unable to communicate with any host whatsoever because their systems were filthy, compromised, or malevolent. That would add a certain value of responsibility. It would only be a little bit more to establish a site like Digg where people vote on the malevolence of comment traffic, putting trolls right along with botnets and black-hats, out in the cold, banished where they all belong.

I can smell an RFC forming. :)

photo by: katerha

WordPress Security

Leave a reply

Bank vault doorI run a gaggle of WordPress blogs, both for personal reasons and for work reasons. My SupportPress site runs on WordPress.org and the host I’ve been using all along, iPage sent me an email informing me that they have detected a botnet-sourced cyberattack directed at the login pages of WordPress.org installations. They also informed all their customers that they have installed network limits on these attacks, but that even though the attacks have been greatly reduced, that it shouldn’t lead to a flagging of security vigilance.

No time like the present to get things installed on all my WordPress blogs. The first thing I can think of since all my passwords are 16 to 20 characters long, randomized, stored for me in 1Password, and stored in such a way that even I don’t know them – is to install a plugin called Limit Login Attempts to all the WordPress blogs I manage. This will prevent people from screwing up their login attempts and it will email me when they try. So far this blog is covered and I don’t really expect any problems here.

Thanks to social networking, especially Twitter and my good friend @wyrdsmyth, and my hosting provider iPage I have been protected all along. More security is usually a good thing and in this case, warranted with this extra plugin. Next stop are all the other blogs I manage.

photo by: walla2chick

Nook HD: Built for Sluggish Annoyance

Leave a reply

47:366(Y2) - HungeringI really would like Apple to come out with a iPad Mini with Retina display. I’m quite tired of this Nook HD. It’s not very user-friendly and definitely not me-friendly. I don’t want to take a hammer to the device but when I use it, I sort of do.

So I was online to a site that lets you browse various fan-written fiction stories and they have a feature where you can download epub files, so I did so and saved it to my Dropbox. Then I went into Dropbox app on my Nook HD and went to go look for it. The Wifi on the Nook HD is a flaky pile of junk so that took way longer than it should have. Once I found the file I wanted I downloaded it to my Nook because the only other way to get it in there is to pop the MicroSD card, root around for a universal adapter and then put it in that way. That’s annoying, I’d much rather just be able to tap and download, like I would with an iPad Mini.

I downloaded it from my Dropbox and it ended up somewhere in my Nook’s own storage, which I hate to use, I much prefer my MicroSD plugged into the Nook instead, but there is no way to tell it where you want it to store the files. So I had to find another app called OpenExplorer which has an awful interface but lets you move files around the Nook.

Then the Nook library was confused about where I put that file. Every time I went to go look for it and tap on what it found, I’d be sent to the Wifi activation screen, where I would turn it on (why?) and then nothing. Nothing more than that. When I went back to the search and tapped on my file, it told me “File is not present.” and that was that.

I’ve never been happy with the Nook HD user interface. I bought it because it was cheap and supported Barnes & Nobles but really I think I would have been better off getting an iPad Mini. I regret this Nook HD. It could be so much better if only the B&N User Interface wasn’t so fascist. That’s what it really is. B&N doesn’t trust anyone with anything so they make it impossible to use beyond the B&N Book Experience. I don’t want all my ebooks at B&N, I’ve got thousands of ePub files all on my own – could I upload them and locker them at B&N? Of course not. That’s what the MicroSD card is for. So what value does the B&N store have for me? Little.

So is there any way I could get ePubs from Project Guternberg? Nope. I have to find some other way to get them, like on my iPad and then use Dropbox and OpenExplorer to… it’s way too much work. I’m tired even thinking about it.

So, if and when Apple decides to sell a iPad Mini Retina I’ll put all my Nook stuff on eBay and save up for the iPad Mini Retina. At least iOS respects me and I don’t feel like a criminal trying to cajole Android to give an inch.

I still don’t know why people think Android is any good. Wretched system.

photo by: Nomadic Lass

Burning Sage

Leave a reply

Holy Pickled Pomegranate Batman !I just received my invitation to attend Sage Summit 2013 in Washington, DC from July 23rd to the 26th at Gaylord National Hotel and Resort.

Since Sage dropped the hot potatoes it was juggling, this yearly pilgrimage is now utterly laughable and irrelevant. Not only will I not go to Washington, DC in the pit of Summer but I will definitely not be going to another Gaylord property. Those “resorts”, especially the abomination in Nashville Tennessee is a crime against humanity and an insult against nature.

My “most favored thing” today that I will do is to click the Unsubscribe button to all Sage communications. My interest drops like wet trousers around the ankles of my professional disgust. Tootles!

photo by: recubejim

Starting Out Small

Leave a reply

ethernet cablesThere is an issue I have at work, something I’ve written about before in my logs that I’ve found a solution for that I feel I can blog about. I can’t really talk about the why behind all of this, but I can share a technical explanation of how I am addressing this problem. It’s a half-thing, bear with me.

At Western, I’m very interested in the number of open TCP connections that a workstation has open at any one time. I don’t care what state the connection is in, ACK_WAIT to any of the others, if there is a line, I want to know about it. Specifically I want to know how many lines there are. Mac OSX is based on Darwin, and Darwin is based on BSD – so you get a shell to work with when you start Terminal.app. There is a lot of power in the command line interface and once you get the hang of it, it’s really quite useful.

So remote stations, at least two of them I have turned on “Remote Login” in their Sharing applet in System Preferences which enables the machines SSH servers to answer incoming connections. I can use SSH to call up a command line window to those remote stations, feeding them commands. I have done this for a long while for our servers in the office but this is the first time I’ve seriously done this for workstations. So, with this connection established I want to collect the number of TCP connections that machine has established. On the command line there are lots of pieces to get this to work:

First, you need a loop structure so that the command happens regularly: 

while true; do [command]; sleep 60; done

This will run a command every 60 seconds and it will never end unless I send a Control-C character which represents “Break” to the shell.

At first I just needed to count how many connections. You get this number, or at least an approximation of it this way:

netstat -p tcp|wc -l

That calls netstat to list out all the TCP connections, which then I pipe, using the pipe character ‘|’ to another command called wc, which calculates word-counts. I make wc ignore words and just count lines by using the -l switch. I don’t really care what other stations my targets are communicating with, just a count of how many. And yes, technically the SSH connection inflates this by at least one connection, it’s not intended to be forensic.

But something was missing. I need a date stamp. In BSD, there is a command called date, and you can give it a format so you can make date write out the Hours, Minutes, and Seconds the way you want to see them, but date has an annoyance to it. The command date always inserts a ‘newline’ character at the end, so what you’d get is a date, a new line, and your count. It’s okay, but it’s annoying. It would be far better to get rid of that newline character altogether. Enter in the ‘tr’ command, which translates characters. In this case, we tell tr to just delete the newline character, so ask date for the right sort of date, have tr nail off that newline at the end because it’s annoying and…

while true; do date '+%H:%M:%S '|tr -d '\n'; netstat -p tcp|wc -l; sleep 60; done

This outputs a very nicely formatted report on a remote workstation. So now I have datestamps, connection count levels, and when the count gets to a certain number and things happen, I can be faux-psychic.

UPDATE: Apparently I just can’t leave well enough alone. Seeing a slow parade of numbers trot by is rather dull when all I really want to know is when these numbers say, get over 70. So…

while true; do test "$(netstat -p tcp|wc -l)" -gt 70 && (date '+%H:%M:%S '|tr -d '\n'; netstat -p tcp|wc -l;); sleep 60; done

 

photo by: Bull3t

Tent Flapping

Leave a reply

Spam wall
Went back and forth just now on IntenseDebate plugin for WordPress.org. I thought it might be useful and add some features to my blog that would be nice to have, like After-The-Deadline plugin for comments and such. Everything was going well until I noticed that my Akismet Spam queue was at 74 comments. I tried to open the queue and couldn’t as IntenseDebate had replaced that part of my blog with its own controls. So, with no way to look at my Akismet Spam queue I decided that the pros for the IntenseDebate plugin couldn’t compensate for the way it broke my blog when it came to Akismet Spam queue access. So, there was for a brief time a new comment system, and then there wasn’t.

Which doesn’t mean a lot because people aren’t actually commenting on my blog, they are commenting on Facebook. I do get the one-off Twitter retweet or favorite, but that’s it.

Drafts Changes Workflow

Leave a reply

The more I use the Drafts app for my iPad and iPhone the more I love it and the more I want to use it. It’s actually changed the workflow for my “Post-a-Day” WordPress blogging as well as my regular blogging in general. What I used to do was copy the Post-a-Day prompt emails over to my WordPress blog and set the post type to Drafts and let them sit there. I’ve never been a huge fan of the editor built-in to WordPress, but copying the emails to Drafts and storing them there, syncing them to Simperium which then synchronizes them across all my devices that have Drafts loaded on them, which is now just my iPhone.

The app itself has so many neat features, being able to store multiple drafts and have them swipe-accessible from the left makes switching files a breeze and then when the post is done and ready to be published I can swipe from the right and select as many services as I want to send my drafts off to. It’s the perfect promontory to launch Day One, Facebook, Twitter, Tumblr, and WordPress. Generally speaking, the drafts themselves almost always follow a certain path, first to Day One then to WordPress because then WordPress sends links to Twitter, Facebook, and Tumblr on my behalf with the publicize feature. But sometimes I write things that don’t go to my blog, in that case I can send to Day One and Facebook. I have configured the apps representation in Facebook to conform to my “Sharing” security group, so even if I tap the Facebook option I don’t have to worry about my private sharing thoughts leaking out where they don’t belong.

The only thing (yes, there is one of these for every user) that I would really love is a Drafts app for Mac OSX. That would let me hack away on Drafts entries on my iMac without having to clear off workplace desktop space to set up my iPad. I think it’ll just be a matter of time before we see those options start to become available. I would pay $15 for an app like that without even batting an eye.

WordPress Jetpack and Post By Email

Leave a reply

Several days ago, when I had all that trouble working with Jetpack for my WordPress.org blog I couldn’t get stats to work. I sent a support ticket to the developer of Jetpack and it turned out that it was a problem with my web host, iPage. Once they fixed the problem on their side, the stats worked again. There was another problem, one that hasn’t worked for a very long time and I gave up hope almost. There is a feature of Jetpack called “Post By Email” and this feature should work, but never has. I once again opened a support ticket with the developer of Jetpack and told them what was wrong.

Late last night I got an email from a WordPress.org Forum [Post](http://wordpress.org/support/topic/jetpack-post-by-email?replies=13#post-3952121) that I’ve been commenting on stating that the issue is solved if you upgrade your installation of PHP to 5.3 on your web host. So I logged into iPage, found the PHP settings, pushed them to 5.3 and then tried again. My test post worked like a charm!

So much so that I am sending this post via email. It should arrive in moments and then I’ll publish it. Hooray! I love a fix. What a great way to start the day!

For the want of pgrep on Mac OSX

Leave a reply

I’ve got an issue at work, of course. I’ve got a Mac OSX xServer that has grown crotchety and so I’ve gotten to making things better by using killall on various running processes in order to “clean up the mess”. This is all fine and good and these processes respawn and the world goes back to normal and everything is fine, however I also want to renice this pesky command and give it a lower priority. While killall can do a search by name, renice requires a pid. The way you get pids is to run the ‘ps’ command, but this gives you a big pile of data and really all you want is just the pid itself, so you can pass that to renice.

So here’s how to get your cake and eat it too on Mac OSX Leopard Server:

1) First, change your shell – the default for root is /bin/sh, do this by issuing this command:

chsh -s /bin/bash root

2) Then you’ll need to give bash a profile, create a new file call it .bash_profile and fill it with this text:

[[ -s ~/.bashrc ]] && source ~/.bashrc

3) Next you’ll need to fill out that .bashrc because that contains the function you need to replicate pgrep:

pgrep() for arg; do ps aux|grep $1|grep -v grep|awk '{print $2}';done;

4) Log out and log back in and you’ll end up in bash, not sh, and you’ll have a new command at your disposal, pgrep. You can then use pgrep CommandName and it’ll spit out the pid related to what you are after.

5) Then you can use this new function with renice this way:

renice 20 `pgrep CommandName`

One thing to note here is that the ` character is the backtick character. You’ll find this hiding out in the upper left corner of your keyboard, it’s the unshifted tilde button.