Announcing the Launch of Programming Classroom


So, I finally did it. My company Twin Roots has launched an actual product. Well, not a product exactly; more like a service. Along with my outside partner in crime, Rex Jaeschke, we planned a website where we are providing a service geared towards programmers.

Programming Classroom is the result of this effort.

Rex is well known throughout the programming community, especially in the standards world. He is also highly regarded for his live programming seminars where he teaches classes in C, C++, C# and more.

We thought it would be a great service to offer the seminars that Rex uses in his live classroom teachings to the general public in electronic format. These are the exact same materials from documentation to example source code. It is just that it is at a much lower cost than a classroom setting because it is self-paced learning. You will find seminars on C#, C++, Java, Visual Basic, and C. You will also find some freebies like sample chapters and tips.

So check out ProgrammingClassroom.com and let us know what you think. Needless to say, I am very excited while very nervous at the same time.


Please Help Me Choose a Worthy Computer Desk Chair

I am in the market for a good computer desk chair. I mean one like Chris Pirillo has in his office -- the Grahl Synchron 8, which apparently is not sold publicly anymore. I could do without that crazy price, though. ;)


I am looking for full body support to help keep my back as pain free as possible. My sciatic nerve is really irritating me. I am willing to spend a pretty fair amount for a chair that will keep me comfortable and pain free.

Some others I am considering are:

The Kneelsit



The Mirra


The Aeron



Any recommendations?

Thanks!


Installing LAMP and Wordpress on Slicehost (or elsewhere) Redux

[Disclaimer: I am not responsible for any mishaps that may occur by following these steps or advice because you follow them out of your own free will.] — I figure I better put that up-front, again.
:)

My original post on installing a LAMP (Linux, Apache, MySQL and PHP) server with Wordpress seems to have helped at least a few people.

I have since come up with a few more random, but I think helpful, tidbits since writing that post. I will list them here.

Basic Commands

'ls -alR' for a recursive look at all owners and groups, etc.

Transferring your Blog to Wordpress.org

If you are importing your blog from somewhere else and the upload doesn't seem to be working (e.g., when you click the "Import" button you see no screen changes and/or you the browser is just "spinning"):

  • create uploads directory in wp-content
  • you may have to set wp-content to chmod 777 permissions for import
    - first try 755 on uploads. If it doesn't work, then
    - then try 777 on uploads. If it doesn't work, then
    - then try 777 on wp-content
  • revert everything back to 755, or what you had it before

If you are moving from wordpress.com to wordpress.org and you need your blogroll, you need to export this separately (it is not included as part of the normal export from wordpress.com). You go to http://your-wordpressDOTcom-domain.com/wp-links-opml.php and save the XML you see and then import via the blogroll/import capability (or you can just enter the link to the opml I mentioned before right in the blogroll import). Note the export only seems to work in Firefox and IE. Safari gave me a blank page.

SSL

If you want SSL for Apache - sudo a2enmod SSL (see article)

If you want SSL for your Wordpress administration areas, enable SSL for wp-admin (See documentation)

For SSL resolution -- if you are only using SSL on one site and you have other sites, see this forum post.

Final Setup Steps for Wordpress

Make sure www-data has write access to the following --- Do a 'chmod -R g+w' on wp-content/themes,wp-content/uploads

For final permissions:

  • find public -type d | xargs chmod 0755
  • find public -type f | xargs chmod 0644 (files)
  • find public -type d | xargs chown username:www-data
  • find public -type f | xargs chown username:www-data

If testing your wordpress.org somewhere besides the live domain, make sure to remember this article before going live.

If you find images to be funky after going live -- like still pointing to your old domain or testbed site, you can manually do a search and replace in the database or use a plug in from here.

If file types should be working that aren't working (xsl, html), maybe add to the sites-available vhost the allowed file types for the certain directory in question. For example, I added xsl because of Google Sitemaps and wanting to view my sitemaps in the browser.

Google Analytics

Google Analytics code goes above the tag in the footer file of your Wordpress theme (see article)

WP Super Cache

If you are looking for a plugin that might speed up your blog by serving static, cached HTML instead of processing PHP constantly, then look to WP Super Cache. If you set up your LAMP server with Worpdress like I explained in my original post, then instead of using .htaccess, you will be putting any rules in the vhost -- especially in steps 7 and 8 in the installation instructions.

Exim

Maybe replace exim with an external smtp server.

'sudo /usr/sbin/exim4' to get access to exim commands (like seeing message queue -- exim4 -bp)

If exim4 is not working for Google Apps for some reason, check this out.


Why Backblaze Is My Choice For Online Backup Provider

I chose Backblaze as my online backup service provider for one year (possibly, longer).

It was actually a tough choice. I was weighing many options. Do I just go with the well-known leaders (by customer base), such as Mozy or Carbonite? Do I go with a provider that offers me a finite quantity of backup space per subscription, but allows me to backup unlimited computers, such as SpiderOak?

Obviously, the answers to these questions were "No"; so here is why I went with Backblaze:

  • Good communication -- Backblaze communicated with me via Twitter and answered my pre-sales questions via email. SpiderOak was also very good in its email communication with me. Carbonite, iDrive, Mozy, Safecopy also communicated with me satisfactorily as well.
  • Let me into the Mac beta trial -- While very late into the party (they publicly released for the Mac a week later), Backblaze gave me an invitation to try their Mac service before it went public.
  • Ease of Use / Function Offering Ratio Balance -- It was very easy to set up the client on my MacBook Pro and get to backing up. An icon sits in my menu bar and allows me quick access to see what and how much is being backed up. But just because it is easy to use, doesn't mean they skimped on the functionality. I can throttle my backup bandwidth; choose file types and folders to exclude; set my own encryption key; and set basic scheduling options.
  • Price -- My choice came down to BackBlaze and SpiderOak. At retail, SpiderOak would have cost me $100/yr. Backblaze $50/yr. Like many people, I am doing my best to try to conserve some money, make appropriate purchase decisions. And while I really believe SpiderOak is a player in this space, a lot of my decision, maybe sadly, was based upon cost. Backblaze is a legitimate player and the cost was right -- especially after the 10% Chris Pirillo discount, which sealed the deal for me. (To be fair, you can find 10% discounts for SpiderOak and there are even some 20% discounts out there if you are resourceful)
  • Allows me to backup external drives -- As I write this, I am backing up content on an external firewire drive connected to my MacBook Pro. This drive is partitioned 3 ways, holding my Time Machine backups, SuperDuper backups and data that I just didn't want taking up space on my primary 120GB MacBook Pro drive (e.g., videos). Backblaze does not allow you to backup your Time Machine data (seems reasonable), but I am backing up about 42 GB of data. I am 7GB into that process, which, probably expectedly, is taking just a tad longer than the primary hard drive.
  • Backup speed -- The throttling mechanism is very useful and seems to work. With various degrees of throttling used in the 8 days, average 12 hours/day time it took me to backup 42.5 GB of data on my MacBook Pro, I average about 0.45 GB (450 MB) per hour. That seems pretty good to me.
  • Restore -- I tested restore just a little bit. Seemed straightforward and easy. You log into the website. Enter your private encryption key if you decided to use it. Choose what directories/files you want. Then click Restore. An email comes to you really quickly saying a zip file with all the files you chose is ready to be downloaded. If you need a bunch of your stuff urgently, and can't wait for download, you can also order, at extra cost, an overnight shipped DVD or USB drive of your data (see below why this could be an issue, though).

All that said, I do not believe Backblaze is perfect. Here are some items I think need improvement:

  • Multiple Computer Support -- Backblaze would be near perfect if it allowed multiple computer support on one subscription a la SpiderOak and others. While 95% of my time is spent on my MacBook Pro (because I can run both OS X and Windows), I do have another HP laptop. It would be nice if I could just add that computer to current subscription. But, while I can add the HP to my current Backblaze account, I would have to pay another $50/yr. So instead, if I want to backup items from that machine, I use an intermediary like DropBox or SpiderOak (which both offers 2GB of space free) and then access those items from my MacBook Pro to be backed up on BackBlaze.
  • Unencrypted Data on Their Media Restore -- Sort of a good cop, bad cop here. It is actually very cool that Backblaze offers the option to get your data on hard media, overnight. But the problem is that your data comes to you *unencrypted*. Me, I would be a little bit apprehensive of FedEx having a drive that has all my data readily accessible. I believe BackBlaze is working on a solution to alleviate this issue, but nothing has been announced publicly. That said, most providers don't offer this capability anyway, so it is a nice-to-have feature. And most people restore their data through download anyway.

So in summary, I believe Backblaze, while imperfect and a relatively new service (especially on the Mac support front) provides a great service. It offers great functionality at a very good price. And I have seen no major issues with the service thus far. And, they seem willing to communicate with you if needed. I have signed up for a year commitment. SpiderOak was a very close second, and, in the end, primarily came down to financials as to why I chose Backblaze over them. I think they are pretty even on all other aspects as for what I require in an online backup provider.

Now I just hope that I am a paid user and they have lured me in, they still won't mind the occasional Tweet every now and then :)


MacBook Pro Battery Health Waning Quickly - But Why?

I usually leave my MacBook Pro sitting on my desk connected to a power adapter. Since I had the battery replaced back in October 2008, my guess is that I may have cycled through a power charge at the most 10-15 times.

However, this past week I had my MacBook Pro out and about around the house way more than usual. I would use the computer on battery a bit, then recharge it when I was done. Stuff like that. But, most of the time, even this week, I would still use the MacBook Pro connected to a power adapter.

So, yesterday (4 April 2009), I used iStatPro (highly recommended widget) to check the health of my battery. It was at around 96% after about 20 cycles. I didn't think this was too bad. Before I went to bed, I noticed my batter was down to about 35% as I had been using it untethered to my power adapter. So I shutdown the computer, plug it into the power adapter and then went to bed.

This morning (5 April 2009) I woke up to the strangest thing. I noticed the light to my power adapter was *off*. No green light to mean the battery was charged. No red (or is it orange?) light to mean that the battery was charging. Nothing. So I removed the adapter from the MacBook Pro and plugged it back in; then the light went on as to indicate it was charging.

When I booted the computer up, I noticed the battery still had only 35% charge. What the heck? I had it plugged in all night. So I brought up iStatPro again, and here is what I found :-( (except replace the 100% with a 35% because I just took this snapshot right now)


69% health after only 21 cycles!!!!! No way that is normal.

Then I opened up System Profiler and found corroborating evidence.


I tried resetting the SMC, but that didn't help.

So what is going on here? I must be doing something wrong, right?

Will calibrating the battery help me or am I just screwed and going to have to bring the battery back to the Apple Store again for replacement?


OnLive - Intel, AMD, Microsoft, Sony, Nintendo Had Better Be On High Alert

I was listening to Windows Weekly the other day, and the topic of OnLive came up. Maybe I live under a rock, but I had never heard of OnLive. Well, I have now. And if their vision comes to fruition, there better be some companies that better get in gear or start to s#%t in their pants.

OnLive, in a nutshell, is a "cloud" video game service. In other words, all video games live on their servers and you subscribe to the ones that you want to play. But you don't download the games to your machine and play them locally. You play them on *their* servers, and they push content back and forth to you through your web browser via your broadband connection. In other words, your computer now becomes a glorified dumb internet terminal that receives the images of the actions you perform in the video game; the OnLive servers do all of the heavy lifting of graphics processing.

So, the theory is that you can have a NetBook or an old Centrino laptop and you can play Crysis!! Crysis on a NetBook?!? I don't effing believe it. But that is their vision, and with the way the video game companies are signing up in droves to be a part of this service (can you say EA?), this vision may actually have legs.

And if it has legs, oh my, how that changes things for companies like:

Intel, AMD: Video games are the most processor intensive applications in the world. If OnLive is successful, that opens the flood gates for more processor-intensive subscription-type markets. People can buy less powerful machines, but still get top quality functionality. That could eat heavily into the Intel and AMD profit margins -- although, Intel and AMD should hope that OnLive buys their processors for the OnLive servers.

Sony, Microsoft, Nintendo: Well, this is simple. The video game console becomes obsolete. As Paul Thurrott alluded to in Windows Weekly - 'Microsoft just wasted $5 billion in their XBox investment'

Now, of course, broadband would need to be plentiful. Quality of Service would need to be guaranteed. As they alluded in the Windows Weekly show - hey, Comcast, are you listening? And, there are other hurdles to overcome. They were talking about Amazon buying this service being a good play. I am not 100% convinced right now of that being a smart move; but if this does what I think it might do, then yes, any company should buy OnLive if they had the resources.

This is definitely something I will be keeping tabs on because this could be a "game changer" (pun absolutely intended). And I don't say that often.


Conficker - Should Mac Users Be Worried?


So I was watching 60 Minutes last night (I can still hear that tick, tick, tick, tick, tick of the clock....and I am still amazed that Andy Rooney is still around!).

Their lead story was regarding internet viruses, particularly the Conficker virus that is supposedly just sitting dormant on many, many hosts waiting to be triggered.

There are rumors that this virus is going to be triggered on April 1st -- of course, April Fool's Day. Whether that happens or not remains to be seen. But it got me thinking......

Should Mac users be concerned?

From what Leslie Stahl was reporting on 60 minutes last night, all internet users should be freaking out about this virus. Maybe that is the case. I don't know, really. I thought this was primarily a Windows virus. But a Symantec VP in the 60 minutes piece thinks that Norton will be able to help all users.

So, are you Mac users running out and buying Norton AntiVirus for the Mac? Do you still think that Mac users don't need to be worried about anti-virus software?

I have a feeling I know where most people fall on this debate ;-)


Choosing an Online Backup Service - Revisited

[Update 3: After tweeting Backblaze about me not being able to use their service because of no Mac support -- I get a reply inviting me to their private beta. Thanks Backblaze! But now my decision is that much harder :-)]

[Update 2: I just realized that Backblaze does not currently have a publicly available Mac version. That rules them out, for now]

[Update: I have received two more candidate possibilities from Twitter of all places. ScottBourne of Mac fame recommended BackJack which looks interesting, but maybe a bit overkill for me. SpiderOak_Inc must have seen my posts and recommended SpiderOak, and, while I was wary and had never heard of them, their service is quite compelling, especially the zero knowledge policy. And here I thought I had almost made my decision].

Back in December, I wrote about my desire to choose an online backup service. Since then, I am still without a true service (I am doing some hodgepodge things right now to give me some semblance of offsite backup; but nothing very formal).

The desire to choose one is still there; and for whatever reason, I really wanting to choose one like right now.

I have narrowed my choices down to 4:

  • Carbonite (they finally have a Mac client; plus I can support Leo Laporte and TWiT since Carbonite sponsors Leo's awesome and free podcasts)
  • Backblaze (they are less known, but get great reviews; plus their front page "ad" is kinda cool :-) ---- Mac version currently closed to public, but I have beta invite)
  • SafeCopy (I believe they are quite new, but people have given them thumbs up; but are they too new??)
  • DropBox (There free service is actually quite compelling; I use it....but I think they are the costliest of the bunch here when it comes to getting more storage)

[Mozy -- you are out because you still cannot handle encrypted files from what I understand -- prove me wrong!]

Let me give you my current thought process:

Use the free version of DropBox to share files between my Windows laptop and my MacBook Pro, and then use Carbonite to backup offsite. I would need DropBox because Carbonite and many others only allow you to register one computer for backup, so I would use DropBox to move files I want backed up from my Windows computer over to the Mac (which will be my primary, registered computer). But, something like a SafeCopy would allow me to have unlimited computers registered because their pricing is based on storage.

So help me out. I would appreciate it. I would especially appreciate any representatives from the above companies coming by and selling me on their service.

Thanks!


Possibility of Bringing Down the Internet via a DNS Flaw and Security Hole

I read a wonderful article in Wired last night. I guess I was out of touch because I didn't even know this happened. Check out this quote from the article:

Kaminsky froze. This was far more serious than anything he could have imagined. It was the ultimate hack. He was looking at an error coded into the heart of the Internet's infrastructure. This was not a security hole in Windows or a software bug in a Cisco router. This would allow him to reassign any Web address, reroute anyone's email, take over banking sites, or simply scramble the entire global system. The question was: Should he try it?

The vulnerability gave him the power to transfer millions out of bank accounts worldwide. He lived in a barren one-bedroom apartment and owned almost nothing. He rented the bed he was lying on as well as the couch and table in the living room. The walls were bare. His refrigerator generally contained little more than a few forgotten slices of processed cheese and a couple of Rockstar energy drinks. Maybe it was time to upgrade his lifestyle.

Or, for the sheer geeky joy of it, he could reroute all of .com into his laptop, the digital equivalent of channeling the Mississippi into a bathtub. It was a moment hackers around the world dream of—a tool that could give them unimaginable power. But maybe it was best simply to close his laptop and forget it. He could pretend he hadn't just stumbled over a skeleton key to the Net. Life would certainly be less complicated. If he stole money, he'd risk prison. If he told the world, he'd be the messenger of doom, potentially triggering a collapse of Web-based commerce.

Can you imagine if he decided to actually go to the black market with this thing?!?! Unfathomable, really.

Luckily a patch was implemented, although not a foolproof one.

Though the Redmond group had agreed to act in concert, the patch—called the source port randomization solution—didn't satisfy everyone. It was only a short-term fix, turning what had been a 1-in-65,536 chance of success into a 1-in-4 billion shot.

Still, a hacker could use an automated system to flood a server with an endless stream of guesses. With a high-speed connection, a week of nonstop attacking would likely succeed. Observant network operators would see the spike in traffic and could easily block it. But, if overlooked, the attack could still work. The patch only papered over the fundamental flaw that Kaminsky had exposed.

I guess 1:4 billion is better than it was pre-patch ;-)

Installing a LAMP Server, with Wordpress, on Slicehost (and maybe elsewhere)

[UPDATE: April 19, 2009: I added a follow-up post to this article with some more tidbits]

[Disclaimer: I am not responsible for any mishaps that may occur by following these steps or advice because you follow them out of your own free will.] -- I figure I better put that up-front. :-)

Someone wrote me an email today asking me how to get a LAMP server up and running on a Slicehost VPS (...in Slicehost land, your VPS is called a "slice").

During the time when I was setting up my slice, I made a little personal document on how to set up a LAMP server with Wordpress (I used Ubuntu Hardy as my base Linux installation).

While this is by no means anything official or 100% complete, I figure when I need to set up a LAMP server again, it will serve as a great starting point for me.

Like I insinuated in my disclaimer, I cannot guarantee the accuracy  or the 100% "foolproof"-ness of these steps. I am by no means an expert at this stuff, but, hey, they worked for me.

Below are the contents of that document in its raw form. Feel free to ask any questions, although I cannot guarantee I will know the answer. Feel free to correct any mistakes in comments, although I cannot guarantee I will fix them.

Ubuntu Linux (Server): Setup @ Slicehost

Basic Commands and Instructions

  • sudo aptitude install <package1> [package2]
  • sudo aptitude purge|remove <package>
  • whereis <program> (to find out where something is located)
  • root shell: sudo –s (get out of the root shell by ctrl+d)
  • ps aux (to find out processes running) (ps aux | grep <process name> to narrow --- e.g., ps aux | grep httpd)
  • apache2ctl configtest (to make sure your Apache configurations are ok)
  • Apache logs are at /var/log/apache2 (Must be in a sudo shell -- see above)
  • sites-enabled is a symlink; make vhost changes to sites in /etc/apache2/sites-available
  • Don’t worry about .htaccess and httpd.conf files. Use vhost config files instead.

Server

  1. Get bare bones install
  2. Log on as root via ssh ( ssh root @ <ip address> )
  3. Use provided password and immediately change it via passwd.
  4. Change time zone
    • sudo ln –sf /usr/share/zoneinfo/US/Pacific /etc/localtime (replace US/Pacific with what your timezone is)
  5. Follow these instructions for security http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-1
  6. Backup the private (and public if you want, but especially private) key from your local machine! (preferably in a couple different places)
  7. Continue with these security instructions http://articles.slicehost.com/2008/4/25/ubuntu-hardy-setup-page-2 (add \u@\ before \h\ to add user name in front of hostname in PS1)
  8. A good package to install would be unzip for downloads (only tar is available at this point): sudo aptitude install unzip (http://codeghar.wordpress.com/2007/12/08/zip-files-in-ubuntu-cli/ )

Setup Domain via DNS Manager

  1. Log into the slice manager: https://manage.slicehost.com/
  2. To configure the DNS records for your domain, go here: http://articles.slicehost.com/2007/10/24/creating-dns-records
    • Make sure you have set the nameservers properly on your registrar (e.g. ns1.slicehost.net)

Setup Domain Email via DNS Manager

  1. I use Google Apps for email. The next steps are specific to that. If you don’t use Google Apps, just make sure you set the MX records properly in the Slicehost DNS manager, otherwise you may be without email if you have completed the “Setup Domain via DNS Manager” step.
  2. If you haven’t done so already, set up Google Apps for your domain (www.google.com/a)
    • For verification, you can use the HTML method since you can control your website
  3. Set up the MX records like described here: http://articles.slicehost.com/2007/10/25/creating-mx-records-for-google-apps

Apache/PHP

  1. Start here: http://articles.slicehost.com/2008/4/25/ubuntu-hardy-installing-apache-and-php5 (making sure you use your own server name and user names)
  2. Read http://articles.slicehost.com/2008/4/28/ubuntu-hardy-apache-config-layout to understand enabling/disabling sites and modules
  3. Follow these instructions: http://articles.slicehost.com/2008/4/28/ubuntu-hardy-apache-configuration-1, and at least change the Timeout and KeepAliveTimeout to something much lower.
  4. Follow these instructions: http://articles.slicehost.com/2008/4/28/ubuntu-hardy-apache-configuration-2
  5. Read these articles about virtual hosts before setting things up: http://articles.slicehost.com/2008/5/28/how-to-serve-multiple-domains, http://articles.slicehost.com/2007/9/17/introduction-to-virtual-hosts
  6. Read this article to understand how you are going to layout your directory structure for the domains you are going to host: http://articles.slicehost.com/2007/9/13/multiple-hosts-layout
  7. Secure virtual host permissions and create skeleton virtual host directory: http://articles.slicehost.com/2007/9/18/apache-virtual-hosts-permissions
    • For all new domains, just follow the following command:
      • cp –a /home/<user>/public_html/skeleton /home/<user>/public_html/<new domain>
  8. Create your first virtual host: http://articles.slicehost.com/2008/4/29/ubuntu-hardy-apache-virtual-hosts-1 (remember to change domain1.com, domain2.com to your own domains in the examples AND 'demo' to your username) (note: search and replace in nano is “ctrl-\”)
    • Remember that if they navigate to the IP Address, they will most likely get the “It Works!” message for the default Apache site. You can change this.
    • Change DirectoryIndex to “index.php index.html” if you are going to be using WordPress
  9. Change and add settings in your domain virtual hosts file: http://articles.slicehost.com/2008/4/29/ubuntu-hardy-apache-virtual-hosts-2
    • Make sure you set some directory options – one I would for sure do is turn off directory browsing

MySQL

  1. Follow the instructions here: http://articles.slicehost.com/2007/11/23/ubuntu-gutsy-mysql-and-ror. Only do the MySQL part and make sure you do not put the Ruby option in the install string (unless you want Ruby of course)
  2. Follow post setup instructions here: http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html to secure your initial mySQL accounts
  3. After I am done, I like to clear the mySQL console history. Exit mySQL and at the command prompt do 'rm ~/.mysql_history'
  4. Setup DNSUtils (for dig especially): sudo aptitude install dnsutils 

Set Up Sending Mail From Slice

  1. You need to change “exim” settings on server to send email from Wordpress
  2. For Google Apps, see this thread: http://wiki.debian.org/GmailAndExim4. Follow the instructions all the way down to Run # chown. I didn’t have to do this.
    • Also, accept all defaults for questions after the DNS-queries minimal question. There are more than the thread instructions let on.
  3. See this thread for more general info: http://ubuntuforums.org/showthread.php?t=196112 (don’t need sendmail after all, exim is already installed so try that first, see page 2 of thread for meat)
  4. Now for multiple email addresses (when you have more than one blog, for example, each representing a different domain), you will need to follow some different steps. This might be a good place to start: http://www.debuntu.org/2006/05/17/52-how-to-exim4-virtual-host-on-debian-etch.

WordPress

  1. Load mod_rewrite for Apache
    • Sudo a2enmod rewrite
    • Sudo /etc/init.d/apache2 reload
  2. Follow instructions here: http://codex.wordpress.org/Installing_WordPress (especially Detailed instructions)
    • DB Name: wordpress (or whatever)
    • DB UserName for wordpress: wordpress (or whatever)
    • Append table names if (1) you want more security (2) going to have more than one Wordpress blog using the same database
  3. Probably don’t want to put on google and technorati until you are done with the blog design
  4. Make sure to change admin password after first log in
  5. Change the “admin” user in MySQL to something else:
    • Mysql> use wordpress;
    • Mysql> UPDATE <wpTableName>users SET user_login=’admin’, user_login=’<new admin name>’;
  6. NOTE: Many instructions say to add things to “.htaccess” or “httpd.conf”. Since you have root access, don’t worry about these files. Make your configuration changes to the vhost file (or maybe, sometimes, the master apache2.conf file).
  7. Add Rewrite Log to vhost file
  8. Turn off directory in “public” browsing in the vhost
    • <Directory /home/<user>/public_html/<domain>/public>
      • Options –Indexes
    • </Directory>
  9. Put wp-config.php database and key info into another file and put that new file in /home/<user> (outside the public_html). Then put an include to hat file in wp-config.php. This is for security (http://danemorgan.com/blog/wordpress/wordpress-security-secure-your-wordpress-wp-config-info )
  10. Log into the Wordpress admin panel (http://<domain>/wp-admin/) and go to Settings/Permalinks. Set the permalinks to something like “Day and name” and click on Save Changes
    • Then, assuming you don’t have an .htaccess file, go to the bottom of the page and copy the code in the text area and paste in your vhost file (within the <Directory></Directory> for the top level directory (usually /home/<user>/public_html/<domain>/public)
  11. Do some security around the wp-content, wp-includes and wp-admin directories.
    • Only allow access to images and javascript to wp-includes and wp-content
      • <Directory /home/<user>/public_html/<domain>/public/wp-includes>
        • Options –Indexes
        • AllowOverride None
        • Order Allow, Deny
        • Deny from all
        • <Files ~ “.(css|jpg|jpeg|png|gif|js)$”>
          • Allow from all
        • </Files>
      • </Directory>
      • ….and do the same for wp-content
    • Either restrict access to wp-admin by adding a password layer or by IP address
    • You might also want to do the same as you did for wp-asmin for wp-login.php at the file level since going to http://<domain>/wp-admin redirects there (see: http://www.reaper-x.com/2007/09/01/hardening-wordpress-with-mod-rewrite-and-htaccess/
      • <Files /home/<user>/public_html/<domain>/public/wp-login.php>
        • …..
      • </Files>
  12. Install login plug-in @ http://www.bad-neighborhood.com/login-lockdown.html. Copy the download link and use ‘wget’ to get it from the command line (instead of FTP)
  13. Activate the akismet plugin in the admin panel.
    • You need a Wordpress.com account so you can get an API key. This key is found in Settings/Your Profile
  14. Install WP-Super-Cache plug-in

DIDN’T INSTALL

phpMyAdmin

This is a MySQL front-end that is more user friendly than the default mySQL client

  1. sudo aptitude install phpMyAdmin
    • IMPORTANT: Make sure you press the space bar when selecting the web server you are using
  2. Go to /etc/apache2/conf.d/ and edit phpmyadmin.conf
    • Change Alias from phpMyAdmin to something more obscure for security purposes
  3. Change the /etc/phpmyadmin/config.inc.php file to support https: http://forums.vpslink.com/security/2282-do-you-use-phpmyadmin-2.html#post11246
  4. Then go to https://domain.com/obscureToPhpMyAdmin

Boot Camp 2.1 Update Gave Me Hell!

image

I have a MacBook Pro, 2.2 Ghz Intel Core 2 Duo, 4 GB RAM laptop. I can dual boot either into Mac OS X Leopard or Windows Vista Ultimate 32-bit via the Boot Camp technology provided by Apple.

So here I am minding my own business in Windows Vista, when Apple's Software Update prompt appears saying a new version of Boot Camp is available, 2.1. I figure, cool, maybe it fixes a few problems and it is only a .1 release (I am currently running 2.0), let me go ahead and download it.

Well, that was mistake #1.

The update failed. I tried downloading in manually, and running it failed. Then I noticed some funky things going on with my current Boot Camp installation, like what happens when an installation gets 1/2 way through but didn't finish.

I was like "Oh no! That's not good"

So needless to say I spent the better half of the weekend reinstalling Windows Vista Ultimate from scratch and I am keeping Boot Camp 2.0 until Apple gets this whole installation thing figured out.

I am surprised Apple would release something that has had so many problems; I generally have had a good experience with them.

Please release Boot Camp 2.1.1 soon Apple!

I recommend staying with Boot Camp 2.0 until things stabilize a bit. I sure am.

Leaving Work With That Squeaky Clean Feeling

My last day with my current company is this Friday. I am going to follow Scott Hanselman's advice regarding leaving your job with a "good feeling". However, I am going to add a couple of things:

1. Change all your work-related passwords to something generic in case you need to tell your former employer some password. This includes such things as the password you use to login to the work network domain. I do this so I don't have to tell my employer password structures I normally use in everyday life.

2. If you have the means, create a generic administrator account for all of your computers, and tell your employer that account and password. That way they can log into your machines with that account instead of your domain account.

And, Scott, I am not really fond of my current employer's office supplies, so I will not be taking any of that with me ;-)

Gateway One, an IMac killer!

Ha! Just kidding. I just noticed this on the Gateway site:  http://www.gateway.com/programs/one/index.php

But, it does raise an interesting question. Are we seeing the end of the "box" computer as we know it? Is this new sleek, efficient design going to be the norm? Some will say, maybe justifiably, that the Gateway One is an Apple copycat (it wouldn't be the first time people have accused a company of copying Apple, and vice-versa). But maybe this design is becoming the new black. It may take a few years to get the design right for the ultimate productivity machine, for example, but that is what innovation and technology are for.

Would I buy a Gateway One? If we weren't going to buy an iMac, I would consider it. Maybe I am a schmuck, but I love these type of desktop computer designs.

Buying a Computer: New or Used?

For the business my spouse wants to start (I am not ready to give up what type of business it is just yet), she needs a new computer. The 4 year old, first generation Intel Centrino, Dell laptop, with 512 MB RAM is just not going to cut it. We have had a lot of discussion about the brand of computer we are going to buy. We are fairly confident that we are going to settle on an Apple iMac -- while the cost may be a little bit more than a <Dell, HP, Gateway, insert your favorite vendor here> PC, the fact it can run both Windows and OS X just makes it a no brainer. And with the business my spouse wants to start I can see her switching back and forth between operating systems. And, the new and previous generation iMacs are just sweet looking and designed so efficiently!

Now that the "What type of computer are we going to get" question has been answered, we are faced with another dilemma. Should we buy new or used? The fact is, the previous generation iMacs had Intel Core 2 Duo processors in them, etc., and would serve just fine for my spouse's business. And now that the new iMacs were announced back in August, these previous generation iMacs can be found "discounted" on eBay and other sites.

I have always leaned towards never buying a used computer. I like my computers "clean as a whistle", so to speak. So buying from an individual on eBay scares me a bit. There are reputable stores, like even Apple themselves, that sell refurbished computers. And notice above I put the word discounted in quotes -- I am not 100% convinced that the value you might be able to get from a used/refurbished computer will really outweigh having the latest generation and never touched machine. The new iMacs start at only about $1200; add another 1GB of RAM and you are looking at $1300 or so. Not too bad. Amazon has a $50 rebate too.

So what is your opinion? Would you buy a used/refurbished computer? If so, from where would you buy such a computer?