Dave Lachapelle

Recently came up against a bit of a tough nut to crack, so to speak, and thought I’d write up a quick blog about how I fixed it, in case anyone else has this problem. At MRX, we have several different hosting environments we use, one of which is a shared environment for our smaller clients. The problem being that one of those clients had a vulnerability on their site that was allowing spammers to send unauthorized e-mail through our servers, thereby getting us onto a whole bunch of blacklists.

After a bit of searching around, it seems as though its actually possible to completely disable the mail() function from PHP, however, that was only a temporary solution. This is simply a matter of adding

disable_functions "mail"

to the php.ini file and reloading the apache configs.

While I searched for an actual solution to the problem, I came up with the idea of attempting to use a php_admin_value flag value to disable e-mail for a specific virtual host inside the htaccess files until I was able to determine which was the offending site. Again – brick wall – PHP doesn’t support setting disable_functions in the php_admin_value flag.

So, after a bit of searching, I decided to just add the following to each site’s .htaccess files:

php_admin_value sendmail_path "/dev/null"

Essentially sending all e-mail to /dev/null for that particular site. Perhaps not the most elegant solution, but it was effective, as we are no longer sending e-mail through a broken form and I was able to alert the affected client that they had a problem.

So, big news of the week, Oracle just bought Sun Microsystems for some ridiculous amount of money ($7.4 billion in cash).  Aside from the obvious moanings of how I wish I had $7.4 billion in cash just sitting around so I can buy up companies like playing monopoly, this deal has me (and likely a number of other people) wondering about the future of MySQL now that its going to be owned by Oracle.

I’ve been reading up on the topic a lot, and it seems as though no one’s really talking about whats going to happen with Sun’s newest acquisition.  I can’t say I’m not just a little concerned, since all of our work here at MRX is powered by MySQL databases.  Thats not to say I’m afriad of Oracle, just its both expensive (as in not free) and complex.  I’d argue, so complex that not many people out there who know Oracle are looking for work.

One interesting point I did find when reading up on the topic that I didn’t really know, is that Oracle does own a number of other database systems including TimesTen, Berkeley DB open source, as well as InnoDB.  However, none of these directly competes with Oracle, whereas MySQL does.  So, the question is, do they monitize MySQL to a lesser degree than Oracle (while maintaining some form of stripped down free version), do they drop MySQL alltogether and provide some form of migration path to Oracle 11g, or do they simply let both co-exist and continue monitizing Oracle.

If I had to guess, I’d say they will likely monitize MySQL to a lesser degree than Oracle, probably in the form of support contracts mostly, and still continue to provide a free open source version of MySQL.  Obviously they would charge for any new features they decide to add to MySQL along the way.  Probably very similar to Redhat Enterprise’s business model – seems to be successful for them.

So, I just upgraded to Ubuntu Jaunty on two of my VMs here at the office.  I know its not set to come out in a final release for a few days, however, we’re in the process of migrating to a fully virtualized system, and unfortunately Intrepid has some issues with iSCSI connections.  Namely if you try and shut down the machine, it’ll hang because it tries to disconnect the drive before its unmounted and then just throws errors.

Anyway, as per usual, the upgrades went more or less flawlessly – minus a few symbolic links that needed to be re-created.  Since I don’t have GUIs on these machines (waste of resources on servers if you ask me), a quick:

sudo apt-get update
sudo apt-get install update-manager-core
sudo do-release-upgrade -d

And about half an hour later and I was all upgraded.  No more iSCSI disconnection problems, and one new feature I’ve found that actually changed my whole workflow when it comes to servers.  That being the inclusion of screen-profiles, a sort of profile manager for screen allowing you to create default screens that open when you log in, as well as status bars, clocks and notifiers.  If you haven’t heard of it, I’d highly recommend you check it out.

Ubuntu Jaunty Jackalope – Alpha 3 | Ubuntu.

So, I happened across this article today, written by a Scott Wallace, I’ve copied the text here in case his site goes down for whatever reason. Note, I haven’t tried this as of yet, but in the future when I fill up my drives, I’ll likely be able to just buy another 500 gig drive and convert my raid-1 array to a raid-5 array instead of having to buy another 3 whole drives.

Converting RAID1 to RAID5 with no data loss | scott.wallace.sh

(continue reading…)

Further to my previous postings about Ubuntu and VNC, which seems to have been the most popular page on my blog for a while, I happened across this post from Sam Lesher this morning on how to enable Ubuntu’s built-in remote desktop from the command line. The built-in remote desktop uses VNC, and so kind of eliminates the need for any form of VNC Server setup.

Sam Lesher » Ubuntu 7.04 – Enable/Disable Remote Desktop from the Command Line

To enable remote desktop from the command line, issue this command:

$ gconftool-2 -s -t bool /desktop/gnome/remote_access/enabled true

To disable remote desktop from the command line, issue this command:

$ gconftool-2 -s -t bool /desktop/gnome/remote_access/enabled false

Unfortunately, this only works if you have previously configured remote desktop with a password, which would in theory require physical access to the machine.  That being said though, I want to set it up remotely, and so to add to Sam’s guide, I’d like to add that you can X-Forward a gnome session through SSH which will allow you to change this option.  I’m working on a how-to which I will post shortly.

So, I’ve been insanely busy the last few weeks, and haven’t taken any time out of my busy schedule to write anything of interest here. I’ve been really busy with work and life, but I won’t bore you with the details of that…

I will however, take a few seconds to introduce a project I’ve decided to work on (as if I wasn’t busy enough already). As you know, I play WoW fairly regularly (World of Warcraft for those un-educated). There are many resources for the game, and a LOT of addons amongst various sites. Keeping your addons up-to-date unfortunately can be quite the chore, and so some wonderful people over at WoWAce (www.wowace.com), have written a small program to search through their site and find updated addons. Unfortunately, they wrote it in .Net, which obviously doesn’t help us Mac users out there. In comes the Java WoWUpdater: http://sourceforge.net/projects/javawowupdater a small project I’ve taken on, to port the WoWAce Updater to Java allowing it to be truly cross-platform.

I’ll keep you all posted on my progress, but for now there isn’t much to show or tell. If anyone’s interested in helping me out on this project, and knows anything about UI design or Swing, I’d be most appreciative of the help.

Well thats it for now, have fun everyone!

J.

I have to start off by apologizing, I had intended on posting this last week, but got tied up with a lot of work stuff. Our Windows server decided to throw a hissy fit, and I really hate windows. Somehow the permissions got all messed up and IIS wouldn’t read any of the web files, we spent almost three full days trying to get the permissions set back up. Finally we just gave up and decided to back up the system and re-install it.

Anyway, continuing on the theme of system optimizations, I thought I’d talk a little bit about a simple optimization you can make to MySQL, that will greatly increase your server performance. In comes MySQL’s Query Cache or qCache for short. Its already built into MySQL, all you need to do is enable it. “But caching data is bad” or, “My boss says we update our data too much to make it worth caching”. Both of these ideals are in fact wrong. I used to hold to the one that said that caching data is bad, yes, it generally is a bad idea if done improperly, but if done properly it’ll save you a lot of time.

(continue reading…)

And no, thats not APC as in American Power Conversion, thats APC as in Alternative PHP Cache. At the office, we host a fair number of high traffic websites, sites that routinely push a few gigs of traffic a day each. Obviously, thats a lot of web traffic, and we do have to keep our servers running fairly well. We also have a few, what we refer to as “seasonal” sites, where traffic for the sites spikes during certain parts of the year.

(continue reading…)

You must know these commands to make it in Linux/UNIX. The following contains a list of commands as well as descriptions and examples of each command.

read more | digg story