Undeleting images from an SD card

Last weekend my family went on a short vacation. We took some fun photos, and when we got home I moved them from my SD card to our external HD. And then I accidentally deleted a few of the photos from the HD. Yikes!

Luckily, there are tools to undelete files from an SD card. Unfortunately, most of them aren’t free or just plain suck.

After much searching and several failed attempts at recovering the images, I finally found TestDisk. It has an old fashioned interface (DOS) and took a few hours to run on my 32GB SD card, but it recovered all my images that I accidentally deleted, and many more that I intentionally deleted over the past year or so.

And best of all, it was free!

Read More

$10 off $10 at Pier 1 = $60 in free stuff!

$10 off $10 at Pier 1 = $60 in free stuff!

Pier 1 Imports is having a promotion on Facebook that gives you a $10 off $10 coupon, good 1 per person per store.

We have been trying to stretch our allowances as much as possible, so this was a great opportunity to get some shopping in without having to spend any money. We have three Pier 1 locations nearby, so we printed 6 coupons and headed out. We ended up getting $60 in stuff without even paying sales tax. $0 out of pocket.

The goodies:

  • A basket
  • An udderly cool cow mug
  • A kitchen timer
  • 4 large ramekins
  • 8 small ramekins
  • 5 flower bowls
  • 4 tea light holders

Yay for free stuff!

Read More

Zend Studio now free for Zend Certified Engineers

Just got the very good news that Zen Studio ($299) is now free for Zend Certified Engineers. Neat! I’ve been wanting to try it out for a while, but wasn’t willing to spend $299 for it.

Zend Studio is built on Eclipse (which is free for everybody), so it has a very small learning curve for those already familiar with Eclipse. My initial impression is that it is just an easier to use version of Eclipse, with more robust PHP tools than the free Eclipse PDT gives you.

I ran into a few quirks while using it that took a moment to figure out:

  1. By default, Zend Studio assumes you are using PHP 5.1/5.2. With the massive speed improvements and new functionality added in 5.3, I don’t know of anyone that chooses to use 5.1/5.2. Seems like a weird default option to set, and it caused my code to show a whole pile of errors that didn’t really exist.
  2. By default, Zend Studio uses PHP 5.2.14 to debug. Again, a really weird default.

Anyways, I’ll be playing around with it on my next website-of-the-month. Any tips from those already using it would be greatly appreciated!

Read More

Firefox 4 Beta Team

Firefox 4 Beta Team

I got home from a business trip yesterday and found an awesome Firefox 4 Beta Team t-shirt waiting for me. Very cool!

You may recall that I wrote a search engine add-on a few months ago. Well Mozilla offered free t-shirts to developers that got their add-ons ready for Firefox 4 by January 7, and since my add-on is just a search engine add-on it was already compatible. I filled out the form saying my add-on was compatible but didn’t really expect to get the t-shirt. Luckily whoever processed the t-shirt requests wasn’t very picky so I qualified for the shirt.

Anyways, I’m holding the t-shirt instead of wearing it because it still has nasty new unwashed t-shirt smell. Also, this is a picture of the back of the shirt. The front has a stylized Firefox logo on it. Also, I was super tired when this picture was taken, so I may look a little out of it.

Read More

CloudFlare Rocks!

CloudFlare Rocks!

I recently got invited to try out CloudFlare, a new free service in closed beta. I checked out the homepage and was greeted with a “Wouldn’t it be cool if your website were protected by ninjas?” header. Why, yes, that would be cool.

So, not really understanding exactly what it was, I signed up and configured it for the Fake Name Generator.

After some poking around and letting it do its thing for a few days, this is what I’ve discovered it does for me:

  • Provides a free DNS management. This is included for free with many registrars, but it just so happened that the domain I’m trying this out on didn’t come with DNS management so I’ve been paying $10 a year for it. This alone makes CloudFlare worth using for me.
  • Serves my content on a CDN-like intrastructure. This makes my site faster to some users, which is always a good thing.
  • Caches my static content (like images and JavaScript). This dramatically reduces my server load, and makes my site faster. My LAMP server with only 1GB of RAM is currently serving about 100,000 pageviews per day and running millions of queries in offline processes. With CloudFlare, my load average rarely goes above 0.10.
  • Blocks bad guys. This is a huge deal for me. Everyone and their mom thinks it is okay to scrape my site for data. Bots love to hit my site to try to find exploits. CloudFlare does a great job at identifying these people and blocking them for me, or providing a way for them to enter a captcha to prove they aren’t a bot.
  • Provides geolocation data on all visitors. I haven’t started using this yet, but CloudFlare adds a request header with the visitor’s geographic location. This makes it easier to target content to visitors from certain parts of the world.
  • Makes me more profitable. All around, CloudFlare has made my business more profitable. My site requires less server resources, which means I can keep my site running on my relatively cheap tiny server. Fewer bots are loading my ads, which means my click thru rates are higher, which means I get paid more. My pages respond faster, which means I’m ranked higher in the search engines, which means I get more visitors.

One problem I ran into, however, is occasionally a screen scraper gets through their blocks and starts hitting my site. In the past I would use iptables to block them, but the way CloudFlare works makes that impossible (at least with my limited knowledge of iptables). CloudFlare provides a way to block a specific IP, but it can take several minutes to go into effect.

The solution I came up with is to use Apache to give visitor’s from the offending IP a 403 error:

<VirtualHost *>

 SetEnvIf CF-Connecting-IP 98.17.241.185 GoAway=1

 <Directory "/path/to/your/website">
 Order allow,deny
 Allow from all
 Deny from env=GoAway
 </Directory>

</VirtualHost>

This snippet, properly placed in the Apache config file, will cause Apache to look at a header set by CloudFlare, and if it matches the offending IP (in this case 98.17.241.185), it denies access to the site. You can add a nearly unlimited number of SetEnvIf statements to block any number of IPs.

Anyways, if you get an invite to CloudFlare, check it out! It is definitely worth it!


	Read More
	

Protecting Your Server with DenyHosts

Yesterday I noticed my server’s load average was a bit higher than usual. Normally when this happens it mean someone is screen scraping the Fake Name Generator, so I went and started reviewing the logs trying to figure out who it was so I could block them.

Disappointingly, I couldn’t find anybody that was scraping my site, which means I had to dig deeper. The next step was to use top to figure out what processes are stealing all my resources. To my surprise (and exceedingly great alarm) I saw that there were about a dozen sshd processes running. For those that are not Linux server savvy, there should not be about a dozen sshd processes running.

SSH is the protocol that Linux server admins use to connect to their servers. When connecting, an sshd process will run. When a dozen are showing up, that means a dozen people are connected or trying to connect, which is very very disturbing for a server like mine where I’m the only one that should ever be on it.

I quickly turned to the logs and found thousands of failed login attempts. Someone was trying to hack my box. Yikes!

I quickly used iptables to block the most flagrantly offending IP, but I knew that wouldn’t hold back a committed attacker. Enter my hero: DenyHosts!

DenyHosts is a free chunk of code written in Python that periodically scans your log files, determines if someone looks like they are trying to break in, and blocks them. If you are really paranoid then you can even have it talk to other servers to find out who is trying to hack them, so you can preemptively block the bad guys.

Installation and configuration literally took about 3 minutes, and is even easier to setup if you are using Ubuntu or Linux Mint because it is in the repos. As soon as I started it all the bad guys were blocked and my load averages started to drop. I highly recommend it for anyone that administers Linux servers.

Read More