Changing of the Guard: NAS!

1 Comment

After 12 years of faithful service, through 3 power supplies and several disks, I have officially retired my “basement server”, mooch.  Mooch was  a Pentium-4 machine running CentOS 6 used to backup stuff on my real servers, as well stuff from my desktop, and to provide a common file sharing point for systems in the house.

Enter the NAS

That system has been replaced by a five year old Dell, which has been upgraded to 8 GB of memory and a pair of 4TB drives, running the NAS (Network Attached Storage) system FreeNAS.  The total cost of this transformation from an old Windows desktop to a shiny storage engine was $200 for two 4GB Seagate Drives, $35 for the additional memory, and $15 to replace a failing 100 mbps switch with a new gigabit model.  The FreeNas software is free.

Using FreeNAS, I’m still providing a central git repository, server backup, and in-house file sharing.  FreeNAS also supports Apple’s AFP protocol, so it’s acting as a network attached Time Machine for backing up the Macs.  In addition, FreeNAS supports some nice plugins including the Plex media server, so I’m now able to play all my videos and music through the Plex app on our Roku boxes.

Was it hard to set up?  Not really. The second time I did it, it took maybe an hour to get the OS loaded, disks mirrored, storage containers defined, and all the other little things configured.  I kicked off the tasks to transfer data to it before going to bed and by mid-afternoon the next day, about 500GB of stuff had been transferred.

That was fun… now on to the next project, either a gitlab server or replacing the toilet in the upstairs bathroom.

Chrome Dev Tools

Leave a comment

How do I change the font size? Why is the background blue?  These are questions easily answered through the Chrome Developer Tools. Anyone wanting to do any customization of a web site needs to be familiar with them.

Updated April 30, 2017:  This is the presentation given at WordCamp Chicago.  Thanks to the many people who came to the presentation and offered comments and compliments!

View this full size in your browser from Google Docs  or download Fun with Chrome Developer Tools as a PDF.

 

Five questions to ask when picking a WordPress plugin

Leave a comment

liftarn-plug-and-outlet-800pxThere are lots of support forum threads and IRC conversations in the WordPress community about how to pick the right plugin. Here’s my unsolicited advice.

#1 Is it really relevant to what you want?

Plugins can do many things. Some plugins do more than one thing. Some are close to what you want done. So, first thing first. Understand clearly what you want to accomplish.

#2 Is it well supported?

Many people start by looking at a plugin’s reviews. I look at the support threads for the plugin. It tells me whether the author is engaged, active, accepting feedback, and fixing bugs.

#3 Do updates appear at regular intervals or is there long time between them?

There are good reasons why a plugin might not get updated frequently. If you see lots of issues and bugs in the support queue and infrequent updates, it gets back to whether the author is engaged.

#4 Are there enough people using it to cover “edge case” bugs?

Ideally, someone else finds a bug before you do. The more users, the wider the variety of environments the plugin lives in. Does that mean you won’t find a bug?  No, but reduced the likelihood that you’ll be alone.

#5 What else have the authors done?

Does the author have other plugins? How are those supported?

What about you? What are your rules?

What’s the deal with the red shoe?

1 Comment

shoe-onlyI get asked that a lot. “Steve, what’s the deal with the red sneaker?”  It’s a story — not a long one, but it is a story.

When I first found myself out in the job market, my wife and I took advantage of not having to go to work on weekdays to go up to the outlet mall in Pleasant Prairie, WI where, after first stopping at Culver’s for a burger, rings, and shake, we spent a few hours shopping.  There was a sale at the Converse store and I bought a pair of red Chuck Taylor’s.

Fast forward to a meeting of the Executive Network Group.  I felt the need to dress like a grown-up, so I put on a sport coat, but I also felt the need to act out a bit, so I wore my Chucks.  I did the networking thing.  At the next meeting, I wore them again and someone came up to me, telling me he had been referred by someone else in the group. He said something like “Bob didn’t remember your name, but said you’d be wearing red sneakers.”  And with that, I realized that I had developed a brand!

I made a point of wearing those Chucks to every networking event, despite the fact that they’re just as uncomfortable as they were when I wore them for gym 50 years ago. People remembered me (in a good way, I think), and that’s one of the big points of networking.  As I developed my website, it made sense to carry that brand onto the web, business cards, etc.

And that’s the story.

Thanks to Iris B for the graphic!

Protecting Your Image

1 Comment

Well, not so much your image as protecting yourself from images. Where do you get the images for your website?

If you just grab them from other sites, you could wind up with a nasty Cease and Desist letter with an hefty invoice attached.  When you get images, make sure you have a license to use them.

Here are some generally safe places to find images:

  1. Wikimedia Commons
    https://commons.wikimedia.org/wiki/Commons:Welcome
  2. Free Stock Photos
    http://www.dreamstime.com/free-photos
  3. Kaboom Pics
    http://kaboompics.com/
  4. Open Clip Art
    https://openclipart.org/
  5. UnSplash
    https://unsplash.com/
  6. ISO Republic
    http://isorepublic.com/
  7. Stock Snap
    https://stocksnap.io/

Be sure to read the terms and conditions for each site carefully. If attribution is required, be sure to do so.

If you grab images from Flikr, understand that not all images carry the “use it for free, dude” license. Read the terms for each image.  https://www.flickr.com/creativecommons/

 

CentOS, mod_ruid2, and PHP sessions

5 Comments

qwandor-PadlockI ran into a small problem after installing mod_ruid2 on my CentOS 7 development server.

mod_ruid2 allows the web server process, httpd, to run as a different user when accessing different websites on the same server. Why is this important? By default, the web server runs as the user apache and all files are owned by the user apache.  If there’s a vulnerability in one component of a web site that gives an attacker access to the server’s file system, it has access to any and all files owned by apache.  And that’s all she wrote.

When using mod_ruid2, each host on the server is owned by a different user account, so any file system access is limited to just that site.  It’s a way to limit the damage

Anyhow, I ran into  problem. Some of my sites use session cookies. I was getting strange errors on those sites that I tracked to problems related to session cookies.  On CentOS 7, session cookies are stored as files in /var/lib/php/session.  That directory has permissions of 770 for the user/group root:apache.  The new users assigned to the httpd process by mod_ruid2 are not able to access this directory.  The solution was to create new group, webruid, and add each user that is used as a mod_ruid2 user to that group.

Before:
ll -d /var/lib/php/session
drwxrwx--- 2 root apache

After:
ll -d /var/lib/php/session
drwxrwx--- 2 root webruid

After making those changes, I stopped the httpd process, deleted all saved session cookies and restarted httpd.

Sweet Home (Page, that is)

Leave a comment

web-search-greyWhat should be the on front page of your website?

If your focus is your blog, then make the blog the front page. If, however, you’re not posting regularly and frequently, go for a “static” front page. It doesn’t make much of a difference, SEO-wise, but when people visit your site and see an 6 month old post as the first thing on the home page, they will probably just bounce off — unless you have incredibly compelling content.

People get all wrapped up in Search Engine Optimization. How can I get to be #1 on Google? (Hint: You can’t.)  How do I “own” a keyword across the internet?

Focusing on SEO is the wrong place to start.  Good content is the basis of a good website. Focus on what it takes to attract an audience and use SEO to reinforce that.