Brandon Checketts

Web Programming, Linux System Administation, and Entrepreneurship in Athens Georgia

Page 19 of 30

My list of essential FireFox plugins

November 12, 2007 / / 1 Comment

I just got a new laptop, which is a good chance to start over with a clean system configuration.   After trying to use FireFox without any of my normal plugins, I realized how much I’ve come to rely on these plugins:

ColorZilla:  Adds a button the the bottom left of the status bar.  When you click on it, you can then highlight anywhere on the page to get the HTML Color value.

FasterFox:  A couple very handy utilities for timing page loads, and speeding them up in general.  I find myself watching the page load timer all of the time.  It simply displays the amount of time that each page takes to load in the status bar.  It has a few advanced options to preload links on pages, to increase the number of simultaneous HTTP requests to a server that makes your browsing experience faster.

FireBug: Modify HTML and CSS in real time – incredibly handle for HTML development work and debugging

Google Toolbar: My main point in using this is just to see the PageRank of each page.

MeasureIt: Adds an icon to your status bar that, when clicked, turns your cursor into a crosshair so that you can measure the size of any elements on your current web page.

no-referrer: Adds an option on the context menu for links to open the link in the new tab without passing the HTTP Referrer field.   I use this when on any ‘private’ pages like my awstats pages, or blog admin pages, where I don’t want to tell the world about via the HTTP referrer.

ShowIP: Adds an item to the status bar with the IP Address of the server – This is very useful information to have when doing system administration tasks.   May not always be correct when changing DNS entries though.  That is probably Firefox caching though instead of this plugin’s.

Web Developer: Adds all kinds of options for looking at some HTML details.  The main one I use is for looking at the HTTP Response headers.

bcSpamBlock 1.2 for WordPress released

November 9, 2007 / / 6 Comments

I had a few users who have been using my bcSpamBlock WordPress plugin for blocking spam tell me that it also completely blocks trackbacks. Thanks to their input and specifically wlx who sent me a patch to have it skip validation on trackbacks and pingbacks.

I modified the WordPress component of the code so that it doesn’t check for the cryptographic signature for trackbacks, but instead makes sure that the remote host is the webserver for the site that it says it is. If that check passes, it also retrieves the page and verifies that it contains a link to your own blog.

I’ve updated the plugin and it is available for download on the bcSpamBlock wordpress page

Use Folderpane Tools to sort your accounts in Thunderbird

November 8, 2007 / / 0 Comments

I now have a bunch of email accounts each with their own IMAP folders.   It has been terribly annoying that they always show up in the order in which the accounts were added and there is no way to sort them.   I finally came across a Thunderbird plugin called ‘Folderpane Tools‘ which allows you to change the order of the accounts.

It still isn’t ideal.  Any changes have to be done through the little plugins window and require Thunderbird to be restarted.  Oh well, I guess its better than nothing.

The volatile Plesk / Apache relationship

November 4, 2007 / / 14 Comments

Plesk’s integration with Apache can be quite confusing for those used to manually modifying the Apache configuration files. It isn’t safe to modify most of the files, because Plesk rewrites them whenever a configuration change is made. Here’s a quick overview of how Plesk fits in with Apache:

The main Apache configuration in /etc/httpd/conf/httpd.conf (or /etc/apache2/apache2.conf on Debian/Ubuntu systems) is left unchanged. It includes /etc/httpd/conf.d/* (or /etc/apache2/conf.d/*). Plesk creates a file in that directory where it does most of its global configuration. That file is generally used for system-wide applications like webmail, mailman, etc. This file is overwritten when certain changes are made via Plesk. It also has an “Include” line for each virtual host like this:

Include /var/www/vhosts/mydomain.com/conf/httpd.include

These files contains the VirtualHost configuration for each domain. They also are overwritten whenever certain changes are made via Plesk (and sometimes just at random, it seems). When Plesk is recreating these files, it looks for a corrosponding ‘vhost.conf’ file in the same ‘conf’ directory. If it finds one, then the resulting httpd.include file Include’s that vhost.conf file. in it.

Therefore, if you want to manually make any changes to the Apache configuration for a website, you need to create a vhost.conf file for it, then re-save the domain’s configuration via plesk.

Also, if you’d like to bypass the whole plesk ordeal for a new domain, you can still create the Apache configuration manually in the original /etc/httpd/conf/httpd.conf file (or /etc/apache2/sites-available/* files).

Quick Perl Internal Server Error (HTTP 500) fix

November 3, 2007 / / 0 Comments

I’ve had a couple customers in the past month or so run into a problem where they were trying to run a simple Perl script, but kept getting HTTP 500 errors (Internal Server Error) despite double checking through their code, and simplifying it down to almost nothing. One had spent half a day troubleshooting a seemingly simple error. Apache would log something like this:

[Sat Nov 03 22:46:57 2007] [error] [client 11.22.33.44] (2)No such file or directory: exec of '/var/www/cgi-bin/hello.pl' failed
[Sat Nov 03 22:46:57 2007] [error] [client 11.22.33.44] Premature end of script headers: hello.pl

By time they contacted me, they were so frustrated, that it is hard to tell them how easy the fix is. In both cases, the users had created the files on a Windows machine and then uploaded them to a Linux server. Many windows applications happen to save text files in a slightly different format than Linux does. Specifically, windows uses the two characters CR and LF (Carriage Return, and Line Feed), where Linux simply uses just a LF.

Carriage Return is the ASCII character 13, and is also recognized as ‘\r’, or ‘^M’. The Line Feed character is ASCII code 10, and represented as ‘\n’, or ‘^J’.

An attempt to run this same ‘hello.pl’ script via a command line results in:

[root@host cgi-bin]# ./hello.pl
: bad interpreter: No such file or directory

To fix, simply convert the file to a Unix text file format. Your text editor may have an option to save the file in a Unix format. If you are stuck with the editor you have, you can use the ‘dos2unix‘ command which is available on pretty much any Linux box.

[root@host cgi-bin]# dos2unix hello.pl
dos2unix: converting file hello.pl to UNIX format ...

And now your script will magically work (You did remember to add the content-type header, right):

[root@flickerworks cgi-bin]# ./hello.pl
Content-type: text/html

Hello World

Use ProxyPassReverseCookieDomain with to maintain Tomcat sessions through mod_proxy_ajp

October 27, 2007 / / 3 Comments

I had a customer today who had problems using Tomcat sessions after configuring his application to run through mod_proxy_ajp. Everything worked correctly when hitting the application correctly on port 8080, but any attempts to hit the site through Apache and mod_proxy_ajp would result in the sessions not being saved, and a new session being created on every request.

The problem is that Tomcat is sending a Set-Cookie header with the Path that it knows about – which is different than what the browser is requesting.

The application is at https://www.mydomain.com/, and mod_proxy_ajp is redirecting that to https://localhost:8009/myapp/.

Here is the HTTP Response Headers that Tomcat is sending

HTTP/1.1 200 OK
Date: Sun, 28 Oct 2007 01:39:44 GMT
Set-Cookie: JSESSIONID=TOMCAT_SESSION_ID_HERE; Path=/myapp
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 11234
Connection: close

You can see in the Set-Cookie header that it is setting a cookie path of /myapp. The browser receives this and will only send that cookie back on requests sent for requests beginning with /myapp. Fortunately Apache 2.2 includes the ProxyPassReverseCookiePath directive to rewrite the Set-Cookie headers on these requests. You can configure a virtual host like this:

<VirtualHost *:80>
    ServerName www.realdomain.com
    ProxyRequests Off
    ProxyPass / ajp://127.0.0.1:8009/myapp/
    ProxyPassReverse / ajp://127.0.0.1:8009/myapp/
    ProxyPassReverseCookiePath /myapp /
</VirtualHost>

And now the HTTP Response headers look like this:

HTTP/1.1 200 OK
Date: Sun, 28 Oct 2007 01:39:44 GMT
Set-Cookie: JSESSIONID=TOMCAT_SESSION_ID_HERE; Path=/
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 11234
Connection: close

The browser now sees that the cookie is for / and will send the JSESSIONID cookie for all requests to this server.

Block comment spam with bcSpamBlock

October 10, 2007 / / 25 Comments

A while ago I installed Paul Butler’s JSSpamBlock on my WordPress blog here. His original idea is simple and brilliant: Spambots don’t (yet) execute Javascript. In fact, they usually post directly to the form without even displaying the form first. By having a hidden input field that is populated by javascript, you can verify that users are hitting the page without the user even noticing. For users with JavaScript disabled (are there any of you out there), they simply have to copy/paste a small string into a textbox for verification.

Since implementing a slightly modified version of it on this blog, I have gotten zero spam posts. Now, I wanted some way to implement the same logic on some of my own custom PHP sites to prevent spam on them as well.

While working on a way to re-implement Paul’s WordPress plugin in my own sites, I came up with something pretty clever. Instead of saving a row to a database every time that the form is displayed, you can use a little cryptography to make the client pass all of the data needed to validate the request back to you on its own. The idea is sortof merger between the JSSpamBlock plugin and TCP Syncookies, which use a similar method of having the client store the data for you.

Essentially, how it works, is that the function generates a Random ID. It then encrypts the current timestamp and the random ID using PHP’s crypt() function with some cryptographic salt that is unique to each server. All three of those values (the random ID, the timestamp, and the encrypted value) are then passed to the browser. The timestamp and the encrypted value are stored in hidden <input> fields, while the random ID displayed for the user to verification. If the user has JavaScript enabled, a few lines of JavaScript copy the random ID into another textbox, and then hide that prompt, so that it is never seen by the user. If the user doesn’t have JavaScript enabled, the would have to copy/paste that random ID into the textbox themselves, similar to a captcha.

When the form is submitted, it checks to make sure that the timestamp is not too old, and then re-encrypts the passed in timestamp and random ID using the same salt value to make sure it matches the crypted value passed in from the form. If everything matches, the comment is approved, otherwise an error is displayed to the user.

I wrote this up into a simple include file that can be used for any PHP application. I also implemented a quick WordPress plugin that uses the generic version. More information about it can be found on my new bcSpamBlock home page

Update 2024-10-01:

There are much better spam blocking plugins now, so this has been discontinued.

Get your Dell Service Tag number via the Linux command-line

October 2, 2007 / / 8 Comments

When your server is located in a data center far away, it makes it difficult to walk over to the box and read the service tag off of it. Fortunately, the Service Tag is stored somewhere in the system BIOS, and is accessible with the ‘dmidecode’ utility.

[root@host ~]# dmidecode|grep "Serial Number"
                Serial Number: 80NZV71

You’ll probably see several other serial numbers in there as well for things like your hard drives or other devices. The Dell shouldn’t be too difficult to pick out. I think they are always 7 digits and have letters in middle. There is lots of other interesting things in the ‘dmidecode’ output too, like the speed and type of each RAM module installed, and a description of all of the onboard devices (ie: video and network cards)

With Windows

Thanks to @kleinbaas who commented below how to do the same thing on a Windows machine:

  C:\Documents and Settings\brandon>wmic bios get serialnumber
  SerialNumber
  GX245D1

Fix for CentOS “Can’t do setuid (cannot exec sperl)”

October 1, 2007 / / 3 Comments

If you are running a Perl script with the setuid bit, it actually runs a slightly modified version of Perl so that it is a bit more cautious. On a CentOS box, you need to install the ‘perl-suidperl’ package to get the necessary files installed. Otherwise you get an error like this:

[root@host bin]# ls -al myscript.pl
-rws--S--- 1 mail mail 1218 Oct  1 13:09 myscript.pl

[root@host bin]# ./myscript.pl
Can't do setuid (cannot exec sperl)

Check DomainKeys, DKIM, SPF valiadity, and SpamAssassin score in one place

September 28, 2007 / / 8 Comments

I spent the whole day today stepping through DomainKeys, DKIM, and SPF for a customer to make sure that they were all set up and working properly. I found a couple of the existing tools available on the Internet didn’t test them properly and didn’t give enough explanation when they failed.

So, I went about creating some of my own tests using a bunch of Perl modules. I finally fixed a couple issues that I think were causing problems for this customer. Gmail and Yahoo are now delivering the messages anyway. Hotmail is still a mystery (no surprise since its from Microsoft). Their troubleshooting website is full of talk about how great their service is, but there is a huge lack of anything technical on the site.

Anyway, I made all of these nifty testers and figured that others might like to use them. So I created a way for others to send mail to it, and a web interface that you can view all of them results. I’ve added it as a link to the top of my website.

« Older posts Newer posts »

© 2026 Brandon Checketts

Theme by Anders NorenUp ↑