Mr. Apache

31.5.08

Fast and Easy Custom WordPress User Registration

Alternative Registration form for WordPress Registers and Logs in a user immediately, no emailed password- user chooses.This is an insecure method due to no email validation, but still pretty sweet!

read more | digg story

Upgrading to DreamHost Private Servers

From:
Problems migrating to DreamHostPS

Here are some issues I experienced during migration and the solutions I’ve used.

During this process it is important to note how helpful the DreamHost Support Staff were in putting up with my sometimes overly technical and detailed support requests. Thanks John, Brian, and Robert R!

PHP and HTTPD processes hogging all memory

Unlike on shared hosting accounts, where DH technical people have set up a very robust system, it appears they are missing the expertise of a past employee or something because this new setup is not as robust.. YET!

For instance I started out my account CPU and memory at the MAX (2300 MB / 2300 Mhz) but my sites were all still taking forever to serve content, simply because instead of on the shared servers where user processes and HTTPD instances are more controlled, this account seems to not have very well-thought out limits on it. So if 100 people asked for a page on my site, this server loads up 100 HTTPD processes under dhapache user and loads up 100 processes for the custom-compiled php.cgi I am running. This sounds like a cool thing but in reality it takes up so much of my memory that my bash shell login under SSH runs out of memory and won’t even let me do a simple ps, and it just keeps serving 503’s to anyone else who requests something on my site. DH will have to fix this soon or someone will launch a DDOS attack that will cripple them, unless a googlebot does it first!

Solution
I contacted support and received a very friendly and prompt reply suggesting a bad script and offering to setup a process watcher and killer, which I accepted. Eventually I located the problem to be an ErrorDocument 500 directive in my .htaccess that was pointing to a php file instead of a static .html

No crontabs or cronjobs

None of my crontab files were moved to my new server and in fact I was receiving permission denied just to access my crontab.

Solution
I contacted support and they installed new crontabs for me and offered to copy my old ones.

Static IP Changed for site with non-DreamHost DNS

One site uses DNS from Network Solutions, so when my site was migrated and got a new static IP address, my site went down. It would have been nice and should be expected that in this situation DreamHost would alert you that the change is going to happen so you can update your DNS without your site going offline.

Solution
Logged into my Network Solutions account and updated the DNS for my site to point to the new Static IP.

SSH Hosts, Authorized Keys Broken

Some of my sites and user accounts use passwordless SSH to make some things work, and all of these were made useless when I moved to my new private server.

Solution

Logged into my user accounts with SSH
Deleted the old files in folder .ssh
Created new keys and added them to other accounts
Logged in to new accounts to add to host files

Old Server and Static IP References in Site Files

I have some pretty technical and complex cgi’s, .htaccess files, shell scripts run by cronjobs, php scripts, etc., on some sites and shell accounts, and many of my files contain code to the Static IP and/or dreamhost server, either for access control or for faster connects by connecting straight to an IP instead of having to perform a DNS lookup. So when both the Static IP’s and dreamhost server changed it broke all my files.

Solution
Basically I knew I had to search all of my files and replace the old IP with the new IP. I also had to search files relacing the old server with my new server. To make life simpler, I wrote a simple shell script that I run from my account while logged in using SSH that does this automatically with the added feature of asking me if I would like to make the replacement for each file it finds, which is nice because I don’t want to replace this for old log files and misc stuff.

dreamhostps migration shell script
#!/bin/bash
# Version 1.0 by AskApache 5/29/2008

shopt -s extglob
renice 19 $$

OLDSERVER=208.113.183.103
NEWSERVER=208.113.134.190

FIXFILES=$(grep -R -l -i $OLDSERVER $HOME/!(Maildir|logs|backups|source|tmp|doit|php5|php526|ip_abuse) 2>/dev/null)

for thefile in ${FIXFILES[@]}; do
if [ -f "$thefile" ]; then
  echo -e "\n\n\n\n"
  echo "___________________________________________________________________"
  echo "Name:  ${thefile}"
  echo "Type:  $(command file -b ${thefile})"
  echo "Size:  $(command du -hs ${thefile}|awk '{ print $1}')"
  echo "Matching Lines:"
  grep -i --color=auto $OLDSERVER $thefile
  echo -e "___________________________________________________________________\n"
  echo -en "Replace occurances of $OLDSERVER with $NEWSERVER? [y/N] " ; read -n 1 ans
  case "$ans" in
   n|N) echo -e "\nSKIPPING..."; ;;
   y|Y) echo -e "\nREPLACING..."
        cp $thefile $thefile.b1 &>/dev/null
        cat $thefile.b1 | sed "s/${OLDSERVER}/${NEWSERVER}/g" 1>$thefile
        rm $thefile.b1 &>/dev/null
        echo "DONE"; ;;
  esac
fi
done
exit 0

29.5.08

Advanced Unlimited Hosting - Share your files Anyware

SEO optimized robots.txt file free for download

15.5.08

Firefox popup- page redirected new location, resend form dat

If you see this message in Firefox."This web page is being redirected to a new location. Would you like to resend the form data you have typed to the new location?"

read more | digg story

9.5.08

Favorite .htaccess mod_rewrite examples

mod_rewrite rewrite examples for .htaccess

read more | digg story

SEO detailed Robots.txt

Very detailed tutorial dealing with the robots.txt file. Shows examples for google and other search engines. Wordpress robots.txt and phpBB robots.txt sample files.

read more | digg story

7.5.08

Add Akismet Anti-Spam to your php forms

How To Add Akismet Anti-spam protection to your php forms

read more | digg story

1.5.08

WordPress Plugin for Apache .htaccess Security

New Security features incorporated by the AskApache Password Protection WordPress Plugin

read more | digg story

29.4.08

Redirect all feeds to FeedBurner with .htaccess

Use .htaccess to Redirect Feeds to FeedBurner

read more | digg story

28.4.08

SEO Secrets of AskApache.com

Non-SEO related Server research has turned up some nice SEO techniquesAll websites are hosted on servers, mostly Apache, and that is the primary topic of this blog. During the past year of this blog, my research into non-seo areas has turned up some very valuable SEO techniques.

read more | digg story

User:Cduke250 - DreamHost

User:Cduke250 - DreamHost: "Favorite DreamHost Wiki Links

[edit] Favorite DreamHost Wiki Links

27.4.08

Apache Wicket - Home

Apache Wicket - Home: "Welcome to Apache Wicket

With proper mark-up/logic separation, a POJO data model, and a refreshing lack of XML, Apache Wicket makes developing web-apps simple and enjoyable again. Swap the boilerplate, complex debugging and brittle code for powerful, reusable components written with plain Java and HTML.

* Check the feature list
* Read some Wicket buzz, some Wicket blogs or Planet Wicket
* Find out why you should use Wicket
* Check out some selected examples in detail or see them and many more in live action
* Take a look at our live component reference
* Go and download Wicket.

Wicket is released under the Ap"

26.4.08

Introduction to Named Pipes

"A very useful Linux feature is named pipes which enable different processes to communicate. "

read more | digg story

Hiding WordPress Installation Files

Using the HTTP_REFERRAL tag and .htaccess to keep your files obfuscated

read more | digg story

Hardening Wordpress with Mod Rewrite and htaccess

not a perfect way to secure your wordpress installation (because of various reasons / factors), but at least it’s going to harden your wordpress better than anything else

read more | digg story

24.4.08

Mosaic User Authentication Tutorial

Mosaic User Authentication Tutorial: "http://hoohoo.ncsa.uiuc.edu/docs-1.5/tutorials/user.html
Mosaic User Authentication Tutorial
Introduction
This tutorial surveys the current methods in NCSA Mosaic and NCSA HTTPd for restricting access to documents. The tutorial also walks through setup and use of these methods.

Mosaic 2.0 and NCSA HTTPd allow access restriction based on several criteria:

* Username/password-level access authorization.
* Rejection or acceptance of connections based on Internet address of client.
* A combination of the above two methods.

This tutorial is based heavily on work done by Ari Luotonen at CERN and Rob McCool at NCSA. In particular, Ari wrote the client-side code currently in Mosaic 2.0, and Rob wrote NCSA HTTPd 1.3.

Tutorial Contents

* Introduction
* Getting Started
* General Information
* How Secure is it?
* Basic By-Password Authentication: Step By Step
* Multiple Usernames/Passwords
* More Examples
* For More Information

Getting Started
Before you can explore access authorization, you need to install NCSA HTTPd 1.0a5 or later on a Unix machine under your control, or get write access to one or more directories in a filespace already being served by NCSA HTTPd. Other HTTP Servers also support access authentication, and so"

gzip and cache your site with .htaccess

Speed up your site and save bandwidth gzipping your files and optimizing cache HTTP headers.

read more | digg story

23.4.08

Altaway Technologies, Inc : Mainframe-class virtual machines

Altaway Technologies, Inc : Mainframe-class virtual machines: "1 - Introduction to .htaccess files
2 - FileTypes
3 - Handlers
4 - URL Rewriting
5 - User authentication
6 - Host-based access control
7 - Directory indexing

Introduction to .htaccess files

Your Web directory and its subdirectories can contain per-directory configuration files called .htaccess files. Whenever Stronghold (our Web server) receives a request for a file, it first looks for a file called .htaccess in that directory and its parent directories. If one is present, Stronghold considers the configuration directives within it before responding to the request. A .htaccess file works like this:

* A .htaccess file must be a plain text file and contain no special formatting elements. Use a text editor to create your .htaccess file. If you create it with a word processor, be sure to save it as plain text.
* A .htaccess file contains a list of configuration directives and nothing else.
* If a .htaccess file contains any other information, it must be commented out in order to prevent errors
* A .htaccess file must be saved in the top directory to which you want it to apply. The directives apply to that directory and its subdirectories.
* If a subdirectory contains a .htaccess file, it overrides the .htaccess"

WordPress .htaccess

You can do many custom configurations for your site with the use of the .htaccess file. This is a plain text file that should be placed in your home directory on your site to achieve a variety of effects.

Included in this page are many directives you can use to do things like serve a custom .html page when a user types in a nonexistent page on your site rather than the default 404 error message.

To use these features, you will need to create a file named .htaccess in a plain ASCII editor, such as Windows notepad. Insert a line for the directive you wish to use from the list below. When you are finished, upload the file to your home directory. This is the root directory on your site (above the /www).

If you wish to password protect a directory, please use our web form under the 'password protection' link on http://help.mindspring.com /webhelp/

Apache directives

Action

Action

Syntax: Action mime-type cgi-script

This directive adds an action, which will activate cgi-script when a file of content type mime-type is requested. It sends the URL and file path of the requested document using the standard CGI PATH_INFO and PATH_TRANSLATED environment variables.

AddDescription

Syntax: AddDescription string file file...

This sets the description to display for a file, for FancyIndexing. File is a file extension, partial filename, wild-card expression or full filename for files to describe. String is enclosed in double quotes (").
Example:

AddDescription "The planet Mars" /web/pics/mars.gif

AddEncoding

Syntax: AddEncoding mime-enc extension extension...

The AddEncoding directive adds to the list of filename extensions which filenames may end in for the specified encoding type. Mime-enc is the mime encoding to use for documents ending in extension.
Examples:

AddEncoding x-gzip gz
AddEncoding x-compress Z

This will cause files ending in .gz to be marked as encoded using the x-gzip encoding, and .Z files to be marked as encoded with x-compress.

AddIcon

Syntax: AddIcon icon name name ...

This sets the icon to display next to a file ending in name for FancyIndexing. Icon is either a (%-escaped) relative URL to the icon, or of the format (alttext,url) where alttext is the text tag given for an icon for non-graphical browsers.

Name is either ^^DIRECTORY^^ for directories, ^^BLANKICON^^ for blank lines (to format the list correctly), a file extension, a wildcard expression, a partial filename or a complete filename.
Examples:

AddIcon (IMG,/icons/image.xbm) .gif .jpg .xbm
AddIcon /icons/dir.xbm ^^DIRECTORY^^
AddIcon /icons/backup.xbm *~

AddIconByType should be used in preference to AddIcon, when possible.

AddIconByEncoding

Syntax: AddIconByEncoding icon mime-encoding mime-encoding ...

This sets the icon to display next to files with mime-encoding for FancyIndexing. Icon is either a (%-escaped) relative URL to the icon, or of the format (alttext,url) where alttext is the text tag given for an icon for non-graphical browsers.

Mime-encoding is a wildcard expression matching required the content-encoding.
Example:

AddIconByEncoding /icons/compress.xbm x-compress

AddIconByType

Syntax: AddIconByType icon mime-type mime-type ...

This sets the icon to display next to files of type mime-type for FancyIndexing. Icon is either a (%-escaped) relative URL to the icon, or of the format (alttext,url) where alttext is the text tag given for an icon for non-graphical browsers.

Mime-type is a wildcard expression matching required the mime types.
Example:

AddIconByType (IMG,/icons/image.xbm) image/*

AddType

Syntax: AddType type ext
Context: .htaccess

The AddType directive allows you to add a mime type to your site.

Example:

AddType application/x-httpd-xx xx

AuthDBMUserFile

Syntax: AuthDBMUserFile filename

The AuthDBMUserFile directive sets the name of a DBM file containing the list of users and passwords for user authentication. Filename is the absolute path to the user file.

The user file is keyed on the username. The value for a user is the crypt() encrypted password, optionally followed by a colon and arbitrary data. The colon and the data following it will be ignored by the server.

Security: make sure that the AuthDBMUserFile is stored outside the document tree of the web-server; do not put it in the directory that it protects. Otherwise, clients will be able to download the AuthDBMUserFile.

Important compatibility note: The implementation of "dbmopen" in the apache modules reads the string length of the hashed values from the DBM data structures, rather than relying upon the string being NULL-appended. Some applications, such as the Netscape web server, rely upon the string being NULL-appended, so if you are having trouble using DBM files interchangeably between applications this may be a part of the problem.

ErrorDocument

Syntax: ErrorDocument error-code document

In the event of a problem or error, Apache can be configured to do one of four things,

behave like NCSA httpd 1.3

output a customized message

redirect to a local URL to handle the problem/error

redirect to an external URL to handle the problem/error

2-4 are configured using ErrorDocument, which is followed by the HTTP response code and a message or URL.

Messages in this context, begin with a single quote ("), which does not form part of the message itself. Apache will sometime offer additional information regarding the problem/error.

URLs will begin with a slash (/) for local URLs, or will be a full URL which the client can resolve.
Examples:

ErrorDocument 500 /cgi-bin/tester
ErrorDocument 404 /cgi-bin/bad_urls.pl
ErrorDocument 401 http://www2.foo.bar/subscription_info.html
ErrorDocument 403 "Sorry can't allow you access today

Syntax: ...

The directive provides for access control by filename. It is comparable to the directive and directives. It should be matched with a directive. Directives that apply to the filename given should be listed within. sections are processed in the order they appear in the configuration file, after the sections and .htaccess files are read, but before sections.

The filename argument should include a filename, or a wild-card string, where `?' matches any single character, and `*' matches any sequences of characters. Extended regular expressions can also be used, with the addition of the ~ character.
For example:

would match most common Internet graphics formats.

Note that unlike and sections, sections can be used inside .htaccess files. This allows users to control access to their own files, at a file-by-file level. When used in an .htaccess file, if the filename does not begin with a / character, the directory being applied will be prefixed automatically.

Redirect

Syntax: Redirect [ status ] url-path url

The status argument is only available in Apache 1.2 or later.

The Redirect directive maps an old URL into a new one. The new URL is returned to the client which attempts to fetch it again with the new address. Url-path a (%-decoded) path; any requests for documents beginning with this path will be returned a redirect error to a new (%-encoded) url beginning with url.
Example:

Redirect /service http://foo2.bar.com/service

If the client requests http://myserver/service/foo.txt, it will be told to access http://foo2.bar.com/service/foo.txt instead.

Note: Redirect directives take precedence over Alias and ScriptAlias directives, irrespective of their ordering in the configuration file. Also, Url-path must be an absolute path, not a relative path, even when used with .htaccess files or inside of sections.

If no status argument is given, the redirect will be "temporary" (HTTP status 302). This indicates to the client that the resources is has moved temporarily. The status argument can be used to return other HTTP status codes:

permanent: Returns a permanent redirect status (301) indicating that the resource has moved permanently.

temp: Returns a temporary redirect status (302). This is the default.

seeother: Returns a "See Other" status (303) indicating that the resource has been replaced.

gone: Returns a "Gone" status (410) indicating that the resource has been permanently removed. When this status is used the url argument should be omitted.

Other status codes can be returned by giving the numeric status code as the value of status. If the status is between 300 and 399, the url argument must be present, otherwise it must be omitted. Note that the status must be known to the Apache code (see the function send_error_response in http_protocol.c).

RedirectTemp

Syntax: RedirectTemp url-path url

This directive makes the client know that the Redirect is only temporary. (Status 302). Exactly equivalent to Redirect temporary

RedirectPermanent

Syntax: RedirectPermanent url-path url
Context: directory, .htaccess

This directive makes the client know that the Redirect is permanent. (Status 301). Exactly equivalent to Redirect permanent

16.4.08

Virgin & BT react to Internet revolt

Virgin tries to calm the Internet revolt against them since their CEO stated that "net neutrality is bollocks" while BT reacts by saying their view is radically different and they welcome all Virgin customers who left because of the issue for a 'neutral' service.

read more | digg story