Firefox 4 Beta Team

Firefox 4 Beta Team

I got home from a business trip yesterday and found an awesome Firefox 4 Beta Team t-shirt waiting for me. Very cool!

You may recall that I wrote a search engine add-on a few months ago. Well Mozilla offered free t-shirts to developers that got their add-ons ready for Firefox 4 by January 7, and since my add-on is just a search engine add-on it was already compatible. I filled out the form saying my add-on was compatible but didn’t really expect to get the t-shirt. Luckily whoever processed the t-shirt requests wasn’t very picky so I qualified for the shirt.

Anyways, I’m holding the t-shirt instead of wearing it because it still has nasty new unwashed t-shirt smell. Also, this is a picture of the back of the shirt. The front has a stylized Firefox logo on it. Also, I was super tired when this picture was taken, so I may look a little out of it.

Read More

CloudFlare Rocks!

CloudFlare Rocks!

I recently got invited to try out CloudFlare, a new free service in closed beta. I checked out the homepage and was greeted with a “Wouldn’t it be cool if your website were protected by ninjas?” header. Why, yes, that would be cool.

So, not really understanding exactly what it was, I signed up and configured it for the Fake Name Generator.

After some poking around and letting it do its thing for a few days, this is what I’ve discovered it does for me:

  • Provides a free DNS management. This is included for free with many registrars, but it just so happened that the domain I’m trying this out on didn’t come with DNS management so I’ve been paying $10 a year for it. This alone makes CloudFlare worth using for me.
  • Serves my content on a CDN-like intrastructure. This makes my site faster to some users, which is always a good thing.
  • Caches my static content (like images and JavaScript). This dramatically reduces my server load, and makes my site faster. My LAMP server with only 1GB of RAM is currently serving about 100,000 pageviews per day and running millions of queries in offline processes. With CloudFlare, my load average rarely goes above 0.10.
  • Blocks bad guys. This is a huge deal for me. Everyone and their mom thinks it is okay to scrape my site for data. Bots love to hit my site to try to find exploits. CloudFlare does a great job at identifying these people and blocking them for me, or providing a way for them to enter a captcha to prove they aren’t a bot.
  • Provides geolocation data on all visitors. I haven’t started using this yet, but CloudFlare adds a request header with the visitor’s geographic location. This makes it easier to target content to visitors from certain parts of the world.
  • Makes me more profitable. All around, CloudFlare has made my business more profitable. My site requires less server resources, which means I can keep my site running on my relatively cheap tiny server. Fewer bots are loading my ads, which means my click thru rates are higher, which means I get paid more. My pages respond faster, which means I’m ranked higher in the search engines, which means I get more visitors.

One problem I ran into, however, is occasionally a screen scraper gets through their blocks and starts hitting my site. In the past I would use iptables to block them, but the way CloudFlare works makes that impossible (at least with my limited knowledge of iptables). CloudFlare provides a way to block a specific IP, but it can take several minutes to go into effect.

The solution I came up with is to use Apache to give visitor’s from the offending IP a 403 error:

<VirtualHost *>

 SetEnvIf CF-Connecting-IP 98.17.241.185 GoAway=1

 <Directory "/path/to/your/website">
 Order allow,deny
 Allow from all
 Deny from env=GoAway
 </Directory>

</VirtualHost>

This snippet, properly placed in the Apache config file, will cause Apache to look at a header set by CloudFlare, and if it matches the offending IP (in this case 98.17.241.185), it denies access to the site. You can add a nearly unlimited number of SetEnvIf statements to block any number of IPs.

Anyways, if you get an invite to CloudFlare, check it out! It is definitely worth it!


	Read More
	

Protecting Your Server with DenyHosts

Yesterday I noticed my server’s load average was a bit higher than usual. Normally when this happens it mean someone is screen scraping the Fake Name Generator, so I went and started reviewing the logs trying to figure out who it was so I could block them.

Disappointingly, I couldn’t find anybody that was scraping my site, which means I had to dig deeper. The next step was to use top to figure out what processes are stealing all my resources. To my surprise (and exceedingly great alarm) I saw that there were about a dozen sshd processes running. For those that are not Linux server savvy, there should not be about a dozen sshd processes running.

SSH is the protocol that Linux server admins use to connect to their servers. When connecting, an sshd process will run. When a dozen are showing up, that means a dozen people are connected or trying to connect, which is very very disturbing for a server like mine where I’m the only one that should ever be on it.

I quickly turned to the logs and found thousands of failed login attempts. Someone was trying to hack my box. Yikes!

I quickly used iptables to block the most flagrantly offending IP, but I knew that wouldn’t hold back a committed attacker. Enter my hero: DenyHosts!

DenyHosts is a free chunk of code written in Python that periodically scans your log files, determines if someone looks like they are trying to break in, and blocks them. If you are really paranoid then you can even have it talk to other servers to find out who is trying to hack them, so you can preemptively block the bad guys.

Installation and configuration literally took about 3 minutes, and is even easier to setup if you are using Ubuntu or Linux Mint because it is in the repos. As soon as I started it all the bad guys were blocked and my load averages started to drop. I highly recommend it for anyone that administers Linux servers.

Read More

Open Atrium

I’ve recently discovered Open Atrium. I love it!

Built on Drupal, this “intranet in a box” is the perfect solution for my company.

These are the things I love about it:

  1. Works without a lot of configuration, but is still highly configurable in case you need it to do something special.
  2. Allows you to define groups and limit access to each group. This means I can have a “The Awkward Turtle” group and only allow myself and my wife (we’re the only ones working on it) to even know the group exists, and I can also have a “Creative Barcodes” group and allow myself, my wife, and our graphic designer Anthony to see it.
  3. Gives you a dashboard with all of the pertinent information from all of the groups that you are a member of. You also have a group dashboard that only shows you the important information for that specific group.
  4. You can, on a group-by-group basis, enable several awesome included features:
    1. A blog
    2. A notebook (sort of like a wiki)
    3. A calendar (even supports iCal)
    4. A case tracker (for keeping track of feature requests and bugs)
    5. A shoutbox (good for microblogging)
  5. It looks great and is very easy for an end-user (or an admin) to figure it out.

There are, however, a few things I’m not terribly excited about:

  1. Documentation is a bit lacking, but that isn’t unexpected for beta software.
  2. Doesn’t work on PHP 5.3. I had to setup Apache to run both 5.3 and 5.2 to get it working. This wasn’t really surprising though, as a lot of Drupal stuff has problems with PHP 5.3.

Is it perfect? Not yet, but I think someday soon it will be.

For an example Open Atrium site, check out their own community pages.

Read More

Oracle rocks!

Oracle rocks!

Curtis, an Oracle employee, contacted me a week or two ago to ask for permission to use data from the Fake Name Generator at Oracle. I freely license the data under both a Creative Commons license and the GPLv3. While these licenses are wonderful licenses for people working on open projects, they leave a bit to be desired for closed-source commercial projects.

Because I like Oracle and I know they aren’t going to do anything nefarious with my data, I promptly gave Curtis and Oracle permission to use the data from the Fake Name Generator under the CC license without the “Share Alike” condition. This basically gives them permission to use it however they want as long as they give me credit.

As a “thank you”, Curtis sent me a couple fun goodies: an Oracle pen, hat, t-shirt, and coffee hot cocoa mug. I’m looking forward to the next casual Friday at work!

Just one more reason I love Oracle. :)

Read More

Songbird

I have recently become a huge fan of Songbird, a free multi-platform media player based on Mozilla’s XULRunner.

If you are anything like me, you may be asking yourself what makes Songbird special or worth your time. Why not just keep using iTunes, VLC, or Windows Media Player? Here are my reasons for choosing Songbird over the competition:

  • It runs on my Windows 7 and Ubuntu 9.10 computers with the exact same interface and feature set.
  • Highly configurable playlists. For example, I can make a dynamic playlist that only shows songs that: have been rated 3 or more stars, haven’t been skipped more than 5 times, are at least 3.5 minutes long, and were produced between 1990 and 2000.
  • With a minor tweak, Songbird will save my song ratings in the MP3 file itself. This means I can put a song in my Dropbox, rate it at work, and by the time I get home the rating will be there, too.
  • Speaking of tweaks, Songbird is as tweakable and configurable as Firefox. You can get extensions, themes, adjust internal settings that most people don’t care about, change how the title bar works.
  • Has an internal web browser that knows when you’re on a page with music. This means you can quickly and easily download free music from places like Last.fm and have your new songs instantly imported into your music library.
  • Also because it has an internal web browser, I can open Slacker or Pandora in Songbird and save myself having an extra tab in Firefox. (Bonus: If Flash starts acting up in Ubuntu, I just have to restart Songbird and not my whole browser)
Read More