Author Archives: admin

France, Spain and…seasickness it seems

Posted on by
Reply

Having been down through France (Paris for 5 nights and Bordeaux for 2) and having had a great time of it (my first time there so lots of sightseeing and bits of French food I’ve never tried), half a week ago we set off to Spain. This in itself would seem simple at first sight, with trains and such running in the direction we wanted, yet it managed to become a complicated mess. From Paris to Bordeaux wasn’t a problem, but from their it was rather fragmented. From Bordeaux we were informed that there were no tickets on any of the trains going into Spain for the next few days, yet a few minutes later, having ignored the advice of the ticket saleswoman, we managed to get tickets (from one of the machines) for a train to Irún for the next day. Arriving there it turned out that they should have been able to go one better, with tickets available from Irún to Madrid.

Having finished that day of travel we found ourselves in Madrid Chamartin station, knowing there were no more trains that day and quite happy just to sleep there. Seeing us sit down with some sandwiches from a machine a guard told us we had to be out of the station before it closed in half an hour, and that he didn’t recommend sitting outside as there were parties on nearby roofs and falling bottles weren’t uncommon. A short trip later and we were in Madrid Puerta Atocha station and quite happy to just sit outside until it opened at about 5:30 (which was only 5 hours away by then) since it was a lot less risky. We actually ended up staying in a fairly cheap room in an NH hotel (which are apparently a reasonably priced chain of hotels that I hadn’t previously heard of). The next morning we took a train to Granada and then a connection to Almería where I’m staying for the rest of the holiday.

A few things have come out of this journey for me:

1) No matter how bad things might seem there’s usually a solution.
2) Not knowing the layout and availability of the Spanish trains before your journey is a bad idea, as none of the people selling tickets were able to piece together a journey like this for us by using multiple trains.
3) Travelling like this is truly awesome, not knowing exactly what you’re going to end up doing is quite fun in itself.

So on to today, and I ended up going on a quick boat journey (8m long yacht) which was made even shorter by the fact that I had more seasickness today than I’ve ever experienced in my life. I guess in retrospect the wine last night and the beers I had on the boat were a bit of a mistake, but that’s life! Not sure what I’ll be up to for the last week and a bit, but the beach will probably be a main feature, with an overnight visit to another town on the cards.

Stopping the inevitable comment spam

Posted on by
Reply

While it remains to be seen if this works, I’ve just come across (well, more of a deliberate search) what seems to be a reasonable way to reduce comment spam. It adds a quick maths (not “math” as the plug-in author erroneously suggests) question to the Comments section which must be correctly answered in order for the comment to be posted. Akismet seemed reasonably good at catching spam, but I’m hoping this should properly keep the comments section clean.

http://www.herod.net/dypm/ to download it (comes with full setup instructions). Also yes, I am tempted to “sed s/math/maths/” the source. :P

EDIT 22/07/2009: Turns out it does something else to annoy me. The box moves itself about if you turn Javascript on/off, looks like someone decided it was okay to fix the layout with the *worst method  ever* (yes, this problem does override the Enlgish language pedantry from before).

WordPress with suPHP

Posted on by
3

Last week I noticed that I’d made a rather (un)hilarious security error and exposed my wp-config.php in my WordPress setup to the world. This is bad, as it contains database credentials and some secret keys from the setup (all of which I’ve had to change since sorting this out). I decided it might be nice to write a small guide on a better setup which while not complete might mean that you’re able to avoid the mistakes I’ve made and possibly to point out a flaw I haven’t seen in this new setup. I did look at a couple of other solutions but this one seemed pretty nice to me.

While playing around trying to make this work I did find out about the giant goodie bag of awesome that is the unix find utility. In this case I was using it to change permissions on certain groups of files/directories, and some useful examples are given below. I sense it might come into play a fair bit now and might have some uses I’ve not thought of.

Before I set off with this one I’m going to issue a few warnings:

  • Your distribution (if you are hosting this on a Linux machine) may have a package for WordPress which makes for a much easier install, and (going with the example of Debian) receives quick, convenient updates through the package manager.
  • You should be familiar with the Linux system including File Permissions, the Apache Web Server, and various other tools.
  • If you get the permissions wrong as I did you can end up letting the world see your config files which include your database credentials and the keys you generate during the setup.

Those issues aside the set up process is relatively simple. As I’m using Debian (stable, which is Lenny at the time of writing) I may make references to Debian specific things such as the package manager apt. Let’s get cracking then.

First, you’re going to want to install all the relevant modules (run this as root):

apt-get install apache2 php5 mysql-server libapache2-mod-suphp

With those installed you’re able to get going with your basic WordPress installation. I’m not going to duplicate WordPress’s installation guide as that would be completely pointless, so here it is:

http://codex.wordpress.org/Installing_WordPress#Detailed_Instructions

Once you’ve got WordPress unpacked (I personally chose to set it up in my home directory ~/wordpress/ and add a vhost config in Apache’s sites-available with the appropriate directory as the DocumentRoot, there are plenty of guides for this if you do a quick search) you should set about fixing its permissions. For this I chose to use the Linux find program. I don’t guarantee that this is the complete set of commands and you should probably check through the installation thoroughly in case I missed one out (I managed to do one of these quite incorrectly initially so I spent a while sorting out the mess I’d caused).

find ~/wordpress/ -type d -exec chmod 755 {} ;
find ~/wordpress/ -type f -exec chmod 644 {} ;
find ~/wordpress/ -type f -name "*.php" -exec chmod 600 {} ;

Having followed the WordPress installation guide you should have a working database (I sort of recommend phpmyadmin for this, especially if you want to do this in a GUI) and configuration. Now for the important part. You need to configure suPHP, and to be honest this is almost completely trivial.  First enable the module:

a2enmod suphp

Then edit the suphp config file at /etc/suphp/suphp.conf so that it contains either the line:

check_vhost_docroot=true

or the line:

docroot=/path/to/your/docroot/

The first will allow suPHP to run anywhere you define a DocumentRoot in your Apache vhost, the latter will allow you to point suPHP to a specified DocumentRoot.

Finally, you need to edit your apache2.conf (found in /etc/apache2/) to turn off the standard apache mod_php. I personally use the following config as I have no use for mod_php within /home (however if you do you may want to swap php_admin_flag for php_flag so that you can enable the module for other php sites you’re hosting):

<Directory /home>
 php_admin_flag engine off
</Directory>

<Directory /home>
AddHandler application/x-httpd-php .php .php3 .php4 .php5 .phtml
suPHP_AddHandler application/x-httpd-php
suPHP_Engine on
</Directory>

That should do the job! If I’ve missed any hilariously crucial stage out then please slap me in a comment so I can add it in.

EDIT (27/05/2009): I probably should have actually explained what suPHP does. All it means is that any PHP files are executed as their owner. In my case the main benefit of this is that the config file doesn’t need to be readable to anyone but myself. Possibly a greater advantage, and one which becomes immediately apparent in a shared hosting environment, is that the PHP files are only executed with the permissions of the user. This means that as long as you’ve got sensible limitations in place on the user anyway, they shouldn’t be able to cause any more damage than they could from their shell (and there you can probably see the advantage of the php_admin_flag which they cannot override).