Nigerian Money Scam

Posted on March 23, 2009 by Patrick

Here’s an interesting (and funny) post from Mike Nash (of Online-Armor) on the old “Nigerian Money Scam.” Remember, sending money to strangers (especially strangers in another country) is bad.

The post.

And an excerpt:

So, I’m sitting there today working on something for a client when I received an unsolicted Skype Message with an “Important Business Proposal”.

I normally mess with these guys a little, just to waste their time , but as I was on the phone to a client I just decided to get rid of him quickly.

As you can see – he was suprisingly honest about his ultimate intentions.

Windows Web Application Gallery

Posted on March 18, 2009 by Patrick

I stumbled across something today I think is pretty cool: the Windows Web Application Gallery. From iis.net:

The Windows Web Application Gallery makes it easy to explore, discover and install popular community ASP.Net and PHP applications on Windows. Users can browse and view applications for different types of Web sites, ranging from photo galleries to blogs to ecommerce sites.

The Web Application Gallery integrates with the Web Platform Installer 2.0, so that when a user clicks “Install” for an application, the Web Platform Installer 2.0 launches with context set on the user’s selection. This powerful combination of application discovery and simplified installation makes it easier than ever for community-based applications to run on Windows.

This has some neat implications. For one, developers can have their stuff put out for the whole world to see – and install in a few clicks. Another, if you run a web server (like me) that has several blogs on it, this could streamline installing, say, WordPress. Or Gallery for your users.

I don’t get terribly excited about some stuff Microsoft does, but this is pretty cool. That is, if it takes off.

Self Signed SSL Certificates

Posted on March 16, 2009 by Patrick

I’ve been trying to figure out how to get an SSL certificate on the cheap. I mean, 300+ dollars per year is a little ridiculous to get an encrypted pipe between client and server. You see, I don’t really care if my identity is confirmed. I know what server I’m connecting to (that is, unless you hack me because I just told you that).

Anyway, there is an open source project called (go figure) OpenSSL. OpenSSL is an SSL toolkit – that happens to be free for commercial and non-commercial uses. While they offer a self signing feature, it’s not generally recommended for production applications (you’ve been warned). For me, however, it works perfectly. And there’s even a version for Windows. Now, the cool thing about this is it will create a private key in a variety of encryption protocols, it will create your certificate request (if you’re well-to-do and can afford a real one), and it will even create a “test” certificate (which is what I wanted).

So, I downloaded the 64-bit version for Windows. When you’re done (use the defaults – they work just fine), open a command prompt, browse to your OpenSSL installation folder (C:\OpenSSL be default) and type:

openssl

You’ll be at a prompt that looks like “OpenSSL>”. Once you’re here, you’re ready to create your private key and your certificate. In my case, the following command works perfectly. It creates a private key and a certificate all at once. If you’re going to buy a certificate, you’ll need to Google the procedure for creating a private key and a certificate request, then do whatever you need to do to install the certificate from that company into your program(s) that require it. But, I digress – the command:

OpenSSL> req -new -newkey rsa:1024 -days [DAYS] -nodes -x509 -keyout www.example.com.pem -out www.example.com.pem

You’ll need to follow the following prompts (asking for your country, name, email, etc.). The above command will create a 1024-bit RSA private key, then create a certificate (I think it does the certificate request in the background). The certificate will expire in the number of days you set via the [DAYS] variable. The -keyout tells OpenSSL to export your private key to a file called “www.example.com.pem” and the -out switch tells it to export your certificate to “www.example.com.pem.” Now, I’ll state the obvious and recommend that you change the file names (ie, examplekey.com.pem and examplecert.com.pem). The key and certificate are both created in the same folder (C:\OpenSSL by default).

Now, the one caveat I will offer is this: this self-signed certificate is not trusted by anyone. Internet Explorer, Firefox, Outlook, Safari, etc. will all reject this certificate as “identity unknown.” For me, that’s okay. For someone else, think about it first. You can get around the constant “this certificate is not valid” prompts by adding the certificate to the Trusted Root Certification Authorities in Windows’s Certificates Manager.

Now you know.

ActivityTimeout

Posted on March 12, 2009 by Patrick

I’ve been trying to get another website I manage to allow me to upload files (usually around 40MB) via the browser so I don’t have to open up FTP. The problem, I’ve been having is something has been going wrong and the upload fails. Naturally, no real or useful error message is given.

Here’s my setup: IIS7, PHP 5 (using FastCGI). When I would click the “Upload” button from the webpage, things would chug along and eventually fail. The only thing the browser would say is that the connection had been reset – which tells me nothing. Did my ISP have a hiccup? Did the server shutdown? Pretty useful, eh?

After trying everything I could find on Google, I tried the simple thing: I changed the ActivityTimeout under FastCGI Settings. This is defaulted to 120. Basically, this says that if the php-cgi.exe process doesn’t talk to IIS for two minutes, timeout. Well, while the PHP process is processing my upload (the verb IIS uses is “POST”), it seems that it doesn’t talk to IIS, so IIS times it out. Well, you try uploading a 40MB file from some DSL site in the world and see if you can do it in two minutes. I know I can’t. I changed the timeout to 600 seconds, and now I’m happily uploading files.

I suppose this could be dangerous if PHP hangs and the process gets stuck. It might make users wait 10 minutes if something screws up. I suppose I’ll tackle that issue if it comes up.

Wassup

Posted on March 10, 2009 by Patrick

So, it seems (after much trial and error) that one of my plugins was the cause of my speed issues. Wassup is a statistics plugin, and was causing major performance issues.

I like Wassup because it provides good data, but I’m sad to say that I have deleted it. Now, you can enjoy my blog without waiting 15 minutes for a post to load.

Speedup WordPress on IIS 7.0

Posted on March 10, 2009 by Patrick

Here is a nifty article on speeding up WordPress. I’m still not terribly thrilled with the performace on IIS. I’m not sure if it’s the PHP Engine or the database backend now. I’ve noticed that php-cgi.exe spikes at 100% when viewing some pages.

Anyway, here it is.

It gives two options for “speeding” things up: IIS’s Output Caching and WP Super Cache. Each have their downsides, but maybe one will work for you (and me).

Disable Hibernation

Posted on March 9, 2009 by Patrick

If you’re in need of disabling hibernation on your 2008 servers (or your Vista desktop, as the case may be), open a command line and type this:

powercfg.exe /hibernate off

To turn it back on, replace “off” with “on”.

This will do away with that annoying file (hiberfil.sys) at the root of C:\ (or whatever your system volume’s drive letter may be) that is the size of your physical RAM – thus freeing up much space.

Keep in mind, however, that hibernation cannot be turned on if you have Hyper-V installed. I’m curious, though, why would you hibernate a server? And before those of you that use 2008 as a workstation complain, why would hibernation be enabled by default?

Create a Service in Windows

Posted on March 8, 2009 by Patrick

There are only a few things I hate more than SPAM. Only a few.

Anyway, I’ve been migrating to my new server and with that comes email. And, of course, with email comes SPAM filtering. So, I’ve been trying to run SpamAssassin. Luckily, someone ported SA to Windows. But, in this case, you have to run the executable or the filtering doesn’t happen.

Now, any self-respecting admin won’t stay logged into his server 24 hours a day, seven days a week. That’s where services come in. Here’s a nice little (easy) write up for creating your own service in Windows. Best of all, it was written by Microsoft.

A note: this article says it’s for 2003 and below (and does mention anything about 64-bit). I’ve just finished installing spamd.exe as a service on my machine and it works fine. That said, I offer no warranties or gaurantees this will work for everyone. Alternatively, there is this from Microsoft’s K nowledgebase – I just didn’t have access to the resource kit at the time. Happy spamming.

MyISAM vs. InnoDB

Posted on March 7, 2009 by Patrick

So, recently, I’ve switched my blog (and the whole domain, consequently) to IIS. I used to have my domain hosted over at Host Gator (highly recommended if you don’t have the resources to host your own content), but recently have switched to IIS running 2008 x64 on a virtual guest at work. So far, I like it.

However, I was disappointed to find that WordPress performed poorly at first. Then, in my tinkering, I figured out (dumb luck, eh?) that if I switch the tables in the WP database from InnoDB to MyISAM, performance increased noticeably. I’m not sure if this was the “real” reason WordPress was sucking it up, but it seemed to fix it immediately.

Edit March 10, 2008:

I’m not sure how much of a performance boost this gave me. I’m noticing a slowdown again, so I’m not sure if this did anything at all. It looked like it was helping when I first made the change, but now I can’t be so sure. Anyway… Continue reading →

Microcode Levels

Posted on February 10, 2009 by Patrick

I was configuring our twelfth virtual host this afternoon and ran across a weird issue. You see, we buy IBM Blade servers that go through integration, which means someone else configures the hardware for us. Unfortunately, I don’t think they turn the hardware on and check things. Case in point: we had Blades with processors running two different microcode levels (think firmware for a processor).

Little did I know anything was wrong when I got a big fat blue STOP error. MULTIPROCESSOR_CONFIGURATION_NOT_SUPPORTED was staring me in the face.

Remember, check your microcode levels if you see STOP 0x0000003E. It could save your life.

Tales from the Datacenter