Twitter-Bots? April 14, 2008Posted by Lucanos in : Uncategorized , add a comment
I am not sure whether I am alone in this, but I have noticed a slow increase in the number of notifications I am getting from Twitter, advising me that another user is now following me on their system. Especially as I am anything but an active Twitter user (predominantly due to the limited number of my real-world contacts being on Twitter, and the seemingly addictive and one-sided nature of the beast).
Some are your regular “camgirl” robots – posting links masked by tinyurl (or similar) to try and pull suckers in. But a couple of them also seem to be genuine, if somewhat Twitter-focused, users. The most recent follower I gained is following almost 4,000 other users!
Now, for these few, real, users, I would have to assume that watching that many people on Twitter would have to be 1) draining (think Superman and his need for “The Fortress Of Solitude”), 2) confusing and 3) nearing that point of “information overload”. I have been subscribing to RSS feeds all over the place through the Google Reader application and even just managing them (when I am certainly watching less than 4K different sources) is a freight train which is getting away from me…
How many people actually, solidly, use Twitter? Or is it essentially a system made up of nothing but the “Friend Update” segment of Facebook?
Unlimited Bandwidth – The Aphrodisiac Of The Noughties April 10, 2008Posted by Lucanos in : Uncategorized , add a comment
Some time ago I wrote about rationalising my hosting accounts, and bundling the vast majority into MediaTemple as a result of their Grid-Server product and the 100 domains they allow hosted under the one account (with quite generous bandwidth limits). At that time, I had two “Unlimited” accounts with Precision-Media.net which I had purchased for the low, low price of US$10 a year. I made the note that something that is too good to be true, especially on the net, should be looked at very carefully. I wish I had listened to my own advice…
After requesting that they terminate my accounts (especially after being sent renewal notices quoting the regular price of US$120 a year), I was contacted by the company and offered the same package for the old price, should I wish to continue hosting with them. Ten dollars is pretty cheap, and as such, I agreed to this and decided to host a single domain on their servers – one which I was experimenting with, but did not yet consider “critical”. They provisioned an account for me on February 16th, 2008 and all was good… To start with…
On April 9th, 2008, I discovered that all traffic to the domain I had associated with that account (codeopsy.com) was returning DNS Error Messages. I retested this via OpenDNS’s CacheCheck tool, DIG Tools, my Domain-provider’s Control Panel, etc. All testing revealed that my domains were correctly provisioned and pointed at the DNS server for Precision-Media.net, however attempts to access any content or cPanel interface failed.
It was only when I visited their billing page, and later their main site that I saw the notice stating that they had suffered a “…harddrive failure and all data has been lost.” The site also stated “Please no further inquiries until site is fully operational.” … Fully operational? That may take a while…
The following day the page was updated to show that around 80 accounts had been recovered from backups up to a month old. My account was not mentioned as having been recovered. The page also noted that “If your account is not in this list, your backup was missed due to storage size, connection problem, new customer, custom packages.” and then had the audacity to remind us, as users to “Remember to take backups regularly!”
Seems that Precision-Media would be well advised to take that little tip to heart themselves.
I am lucky in that none of the content I had on this account was irreplaceable or invaluable – it was a project site and something that I may release to the world further down the track, but I will surely be wanting a more stable hosting provider when that happens.
This is the second time that I have suffered a major service interruption with Precision-Media in the 18 months I have been a customer of theirs. The initial interruption was due to the work of a hacker who attacked their system, and this time because of a hard drive failure and a lack of server-based backups.
The most frustrating aspect is that, whilst I can agree that taking backups is part of my responsibility as a customer, it seems that Precision-Media did not even have the foresight to have their own backups regarding their Customer accounts, subscription details, etc. as their website asks anyone who is not listed as a recovered account to email them with their domain, username, PayPal address and date of subscription. You would think that detail would, could and certainly should be retained, backed up and guarded with the life of the hosting provider.
We’ll wait and see whether they reprovision my account soon. The funny thing is that the US$10 is too little to worry about in demanding a refund – the time I wasted in just trying to find out what had happened to my account would easily be 10-20 times that amount.
33,000 hits and over 14Gb of traffic in two days? April 8, 2008Posted by Lucanos in : programming,wordpress , add a comment
How, you may ask? Simple, I say – I was Hacked. The logs I have managed to extract from my server are sketchy at best, but I was lucky enough to be assisted by Kevon of TailRank.com who was very generous with his time and clued me into why I was being crippled by bandwidth overheads when his servers were doing their normal polling activity. (NOTE: TailRank were NOT responsible in any nature for this attack.)
- Massive pagesize increase.
In my case a 61Kb page spooled into a 600Kb page due to the link insertion.
- Bandwidth load increase.
A 900% increase in pagesize, mixed with increased traffic as the spiders start falling for the trap, will blow your bandwidth quota away.
- Check your WordPress Template’s Footer and Header files (normally footer.php and header.php respectively). There will be a massive collection of dodgy links (all hosted on similarly compromised WordPress installations).
- Delete the links manually.
- Unless you are constantly tweaking your WordPress template, lock down the permissions.
In SSH run “chmod -R 644 wp-content/themes” (from your WordPress root folder).
This will allow the system to Execute and Read your Themes, but not to Write to them.
- When you have a chance, Upgrade your WordPress Installation.
- I have poked around some of the links which were inserted by the Hacker and found that the content being loaded points to Seo52 as the culprit (or at least, accomplice) of this hack.
AdSense? Nonsense July 31, 2007Posted by Lucanos in : Uncategorized , 1 comment so far
Just looked at my Google Adsense account for an update on whether the adverts I am showing here are making any income for me. Almost 5,000 impressions = $0.98 in my account.
Yep, they’re going to be removed rather promptly. Just not worth it when they are paying about US 20c for each 1,000 views.
Putting All My Eggs Into One Basket May 14, 2007Posted by Lucanos in : webserver , 3 comments
But, better one secure basket than 3 insecure ones!
Well, I have taken the leap of faith – I have finally decided to start consolidating alot of my internet real estate into a single, or at least as few as possible, providers.
The motivation for this was from a number of sources, and for a number of reasons:
Precision-Media.com, whom I had been using for a few months experienced some rather large service interruptions within a short period. I have only held an account with them for around about 2 months, but in that time they have only achieved an uptime around the 85% mark, which is not acceptable for critical sites.
MWS Media, whom I have had an account with for some time, recently started experiencing a few hiccups in their uptime as well – nowhere near as bad as Precision-Media.com, but notable all the same.
Precision-Media.com also experienced a hacking attack, which contributed to their downtime. The hacker managed to access their management account and deleted all the content of their customers’ accounts. This is especially concerning as it was not communicated to us, their customers, until I contacted them to enquire about the extended downtime, and I am not 100% sure that my billing details were not compromised (I am watching my Visa bill very closely…)
Whilst both MWS Media and Precision-Media.com responded to most of my emails rather promptly, their performance from a support perspective left a bit to be desired. MWS Media do not even provide a trouble-ticketing system, which they say is due to their efforts to try and keep the costs down (we’ll get to that later), and Precision-Media.com acknowledged a trouble-ticket requesting that the PHP GD Library be invoked on their new server, but took a considerable amount of time to action that request.
Whilst both MWS Media and Precision-Media.com provide the facility to host as many subdomains as you like, they are limiting in that you can only associate a single domain to each account. So if I owned “domain.net” and “domain.com”, I would have to maintain two accounts to be able to use these domains and any subdomains.
Whilst I must admit that the Precision-Media.com package, offering US$10 a year for Unlimited Storage and Unlimited Bandwidth is incredible, you can have all the capacity in the world, but if you have no way to access that capacity due to downtimes, or if you lose any content you upload due to hackers tearing the server apart, it’s useless.
MWS Media’s offering of 2Gb of Storage and 10Gb/mth of Bandwidth for US$50 a year is also good, it does show some limitations if you are planning on using the hosting page to hold content in the 10′s of Gbs.
Having to keep a number of different hosts all updated simultaneously was quite a drag on my time.
So, what have I done?
I managed to secure a package with (mt) MediaTemple, which offers 100Gb of Storage, 1,000Gb/mth of Bandwidth and up to 100 Domains/Subdomains. In addition, it allows me to manipulate the DNS Zones for any hosted domains, allowing me to spread some of my subdomains out onto other servers as required. Admittedly, it is US$240 a year, but when you look at the number of accounts that would equate to from other providers, and the fact that the GridServer package I have is supposed to offer 100% uptime through the use of redundant mirrored resources, it is worth it.
The end result?
MediaTemple is now my Primary Webhosting Provider – It houses my critical sites, as well as sites where the content is considered irreplaceable. I still have the hosting packages from Precision-Media.net, who I use to house my more bandwidth intense tools, as this way I am making the most of that “Unlimited” part of the deal.
In addition to rationalising my hosting, I also looked at my domain registration providers. MWS Media, again, was one of hy registrars, providing .NET and .COM addresses for US$18 a year. Compare that to my GoDaddy account, which offers yearly registrations for around US$8.95 (give or take, dependant on deals) and the choice was simple. So I am not in the process of transferring 6 domains over to GoDaddy, at the price of US$6.95 for the .COMs and US$5.00 for the .NETs, when you consider that the transfer fee also includes an additional 1 year extension on all affected domains, this is a great deal.
The short, short, version:
- If something is too good to be true (US$10 Unlimited Packages) it probably is.
- Supporting small business is all well and good, but when the big boys can undercut you by over 50%, you’d be stupid to throw your money away (I am, after all, a small businessman myself!)
- Making the most of the strengths, and avoiding the weaknesses of your providers is a key to milking everything you can out of the internet infrastructure market.
Is there anything I would change about MediaTemple? Yeah, of course there is…
- Inclusion of more web-based File Management options (such as those in cPanel), like extracting compressed files, compressing files, uploading multiple files simultaneously.
- Wiki-fication of the KnowledgeBase, so that users can share their techniques and tactics (moderated, of course, by the engineers of the company).
Basic Rules for Web Sites April 29, 2007Posted by Lucanos in : Uncategorized , add a comment
It’s surprising how far we have come with regards to web development in such a short amount of time. I can remember the good/bad old days of monochrome displays, bulletin-boards which you needed to know the phone number to dial into using your 9,600 baud rate modem, arrangements where you had to upload something onto the BBS before you were permitted to download anything.
I remember the first days of the web, with pages that started as nothing but links, then when someone found the wonders of animated GIFs, then all the way through until what we have today, with CSS, Flash, RSS, and a bunch of other acronyms which are thrown around more than understood.
But, with all this advancement, it seems that alot of sites have forgotten some of the simple design rules which helped the net to gain its widespread popularity and perceptions of ease of use which permeate most of the net-connected society today. So, in the interests of getting it clear in my mind as much as helping anyone else out there who have any doubts, I will try and detail some of, what I consider, the basic rules of webdesign for the modern web.
- Banner/Logo = Link to Home
It’s upsetting how many designers seem to forget this very simple rule. Whilst we all try and make our menus and navigation systems as easy to understand and use as possible, the over-ruling fact is that with most usable websites their homepage still forms the hub for the entire site – all of the major links are displayed there, as are links to the main categories or navigational streams available.
So, someone Googles you, or follows a Del.icio.us link to an article or page on your site, and they want to have a poke around – they instinctively click the Logo or Banner you have prominently displayed at the top of every page on your site… Nothing happens… Now they have a couple of choices – look for the “Home” link in one of your navigational panels, edit the URL in the address bar and try and backtrack that way, or walk away. Unless your product or service is really intriguing, the later will be their most likely choice.
So, for the cost of a simple … link, a visitor, and a potential user/customer is lost.
- Easy to Find Contact Details
Whilst PHP and Formmail, and a pile of other “enhancements” have been developed and are used in alot of websites, sometimes people like the familiarity and trackability of sending an email from their own mailbox. By all means, offer the fully automated and web-based options, but adding an email address which can be used at the reader’s pleasure, or in the case of the form system failing (as was a recent experience for one of my clients, who was unable to communicate with their customers for a number of hours – without knowing there was a problem!).
Again – a simple solution for a potentially costly problem.
- Graceful Degradation – Flash
Yes, Flash and other animated options are wonderful and allow for a more visceral option for your visitors to explore you, your products/services and your site, there are some instances where building everything in Flash will absolutely kill your site for some visitors. Especially with the expansion of mobile-based browsing (via GSM handsets, or the upcoming iPhone style devices), limiting your viewing audience to those who have an 800px by 600px screen and a Flash enabled browser is, again, cutting you off from a user/customer audience.
AJAX is lovely, and can do some truly wonderful things from a bandwidth and user interaction point of view, however any links which you write which trigger an AJAX action should initially be coded as an old skool link so that, worst come to worst, a user will see no interruption to their service. They may see slower loading times, and more bulky navigation, but at least they will see something.
- Licencing – Make It Easy To Use and It’ll Be Easy To Enforce
There has been some debate around the use of Creative Commons licencing on the internet, and some conflicts over it’s usability, legality and enforceability. The simple realisation is this – unless you have the time, energy and backing to chase after copyright violators who use your photos, content, plugins, etc. you are far better off distributing them under an Open Source licence such as the GNU GPL or a Creative Commons licence. The reason? These licences are pretty stock-standard, well know, well understood and very easy for people to comply with. Compare someone just downloading your content from your site and using it (with embedded linkbacks, etc.) to someone having to email you for a licencing discussion, negotiate a price or arrangement, then use your content/material.
To put it in a different light, if cars were $600,000 a piece, but didn’t have door locks, people would steal them left right and centre. If they cost $5 instead, we’d see no reason to steal them anymore.
- Statistics Are Nice, But Not At The Cost Of Speed
Now many times have you accessed a site only to see the loading indicator keep ticking over as your statusbar advises you that you are still loading content from Google Analytics, or a similar service. If you want to track your users, by all means, do it, but make sure that it does not slow down their use of your site. If it does (and they are geeky enough), they’ll often resort to using systems like “AdBlock Plus” to prevent the statistics material from ever being loaded.
OK, so maybe not as simple a set of rules as I may have started with, but some basic ideas all the same.
As they say – focus on the little things and the big things will take care of themselves.
Cyber-Squatters: A Waste Of (Web)Space November 16, 2006Posted by Lucanos in : Uncategorized , 1 comment so far
It’s incredibly frustrating – you have an idea for a site, and a product, and you are trying to figure out how marketable and “boomable” it is, so you start looking for domains. Something new, something simple – like a YouTube, or a MySpace, or something like that…
But, you’re months or years too late…
Someone, part cunning business person, part downright arsehole, has run through and snatched up all the good, or inventive names already. Some have just run scripts and bought up any domains which are close to an established name – “ipoa.com”,”ipob.com”… others you are sure have just started sprouting random conjoined words and reserved the lot “ipodlover.com”.
You try and find these domains, either through 502-Fishing (typing the URLs into the address bar and seeing whether you get an Error 502 “Bad Gateway”, which, essentially, means that a domain is not in use) or through trying to find domains using one of the hundreds of searching tools, many of which cover 80% of the net, especially when the site you are looking for is in the 20% they do not cover…
502-Fishing is flawed, as alot of these mongrels will register the domain name, but they won’t point it anywhere. Not even at a dodgy HTML page full of advertisements to at least let you know that you have been beaten.
And, even when you do find the Whois record for a domain you are interested, and you can see the name of the slimeball who is sitting on that domain and not using it, there is no obvious way available to approach them and try and negotiate a price for the domain. Not that I can really see a valid reason for parting with a few hundred, or thousand, dollars for a domain which may have cost then ten bucks in the first place.
But, therein lies the issue – a domain is cheap as hell. And with them costing $10, if a person registers a hundred of them and sells just one for $1,000 then they have just broken even and anything above that is gravy.
I wish there was a means test for domains – if you do not put something on that site within 12 months, your registration is forfeit, or… I dunno… something.
At the moment, and to use a realworld metaphor, it’s like someone buying up all of the innercity properties (for nothing) and then not using them, or leasing them, and just waiting for people to approach them and pay through the nose for something that cost the squatter a pittance to begin with.
I know it’s business, and if it makes money, it makes money… It’s just a scummy way to do business.
Bloody Spammers!! August 3, 2006Posted by Lucanos in : webserver , 1 comment so far
That’s It! Tired of it!
It really makes you wonder when, today, people still keep on spamming you with emails and blog comments trying to sell you medication or whatever… How the hell do they make enough money to survive? I know I have never bought anything I have been spammed about, and I am sure that anyone out there with more than three brain cells would say the same.
And yet they persist! At least 80% of the comments I have recieved on this blog? Spam. Selling Viagara or Xanax or any one of a million other pills which I have never heard of, and have never ever used!
The only solution? I’m starting to block IP addresses. Yes, I know that I will be running the risk of blocking legitimate visitors, but I am just tired of their crap.
At the moment I have 22 blocked address or address ranges. If you want to avoid copping their crap too, feel free to copy and past the following into your .htaccess file. It will block them from accessing your site altogether.
order allow,deny deny from 184.108.40.206 deny from 220.127.116.11 deny from 18.104.22.168 deny from 22.214.171.124 deny from 126.96.36.199 deny from 188.8.131.52 deny from 184.108.40.206 deny from 220.127.116.11 deny from 18.104.22.168 deny from 22.214.171.124 deny from 126.96.36.199 deny from 188.8.131.52 deny from 184.108.40.206 deny from 220.127.116.11 deny from 18.104.22.168 deny from 22.214.171.124 deny from 126.96.36.199 deny from 188.8.131.52 deny from 184.108.40.206 deny from 220.127.116.11 deny from 18.104.22.168 deny from 22.214.171.124 deny from 126.96.36.199 deny from 188.8.131.52 deny from 184.108.40.206 deny from 220.127.116.11 deny from 18.104.22.168 deny from 22.214.171.124 deny from 126.96.36.199 deny from 188.8.131.52 deny from 184.108.40.206 deny from 213.249.155. deny from 220.127.116.11 deny from 18.104.22.168 deny from 22.214.171.124 deny from 126.96.36.199 deny from 188.8.131.52 deny from 184.108.40.206 deny from 220.127.116.11 deny from 18.104.22.168 allow from all
And I am sure that list is going to grow.But, on the bright side, I have noticed quite a massive decrease in the amount of spammy comments since I started using this method. Finger crossed that trend continues.
UPDATE 09 Aug 2006
Added a pile of IP Addresses (Had 28 Spam Comments…)
Google Desktop Bloat July 5, 2006Posted by Lucanos in : Uncategorized , 1 comment so far
I recently installed the Google Desktop application. Why not? I mean, Google revolutionised the searching of the internet, I’m sure they could do wonderful things to help me manage and search my computer.
Well, the searching is pretty funky – when you search for a string through the Google webpage it returns a page with results both from the web as well as from your own emails, chat histories and files on your PC. This is only generated locally (GD seems to include a built in webserver application which allows both search results to be shown as well as preferences to be changed).
The problem I had? The time and resources the darn thing used up.
It took about 3 days to index my laptop, which has an 80Gb hard drive, which is about 3/4 full. Then, I found out, after contacting Google, that the application has a massive footprint on your disk.
1 Gb for the application itself,
4 Gb for the index!
It’s a nice toy, but I am not surrendering 5Gb out of 80Gb just to make searching easier.
I found a site which had a very good regular expression to test email addresses, at http://www.codetoad.com/asp_email_reg_exp.asp.
However, one slight modification to their original test, which has been annoying me a bit as of late, is the addition of the plus symbol “+” as an acceptable character in the middle of the username section.
A terrific tool to test Regular Expressions is available at http://www.cuneytyilmaz.com/prog/jrx/. Well worth a visit.
The reason I have been using the “+” symbol and been running into lesser validators, is because GMail allows you to tack on tags behind your username to help you sort and manage your email inbox.
So I can subscribe to a newsletter with the address “email@example.com” (as “lucanos” is my GMail username) and then setup my GMail inbox rules so those emails are handled in a specific way.
It’s also a good way to identify sites which are selling your address, or spamming/ all you do, if required to provide an email address, is create one in the format “GMailUsername+SiteDomain@gmail.com“. Then, if I get spam to that specific email address I know where they got it from, as the culprit’s name will be included in the destination address.
Pretty tricky, hey?