# shutdown -h now

I’ve just shutdown the beige box that was home to this blog for just over a year and a half until I started renting a VPS.

I had intended to shutdown this machine since the start of the year but never got around to it and after a techie chat on IM with Dave Dripps earlier in the day decided to just “pull the finger out” and do the needful.

I archived the contents of /var/www/htdocs and my home directory for safe keeping, copying them over to my file server, and dumped all the MySQL databases I still hadn’t migrated.

Self-hosting a site was a great learning opportunity but not something a business could be built up upon and comparing the energy cost of running a machine 24×7 versus renting a VPS priced in American Dollars the choice wasn’t hard to make, it’s just a shame it took me half a year to finally flick the switch.

Goodnight substance!

Updating WordPress via Subversion

I read a few months back that Stuart Langridge was using Subversion to keep his WordPress up-to-date and I thought: “that’s clever” and didn’t do anything about it.

Today I was talking to Matt and he mentioned updating one of his WordPress installations and I noticed I was due an update myself. I downloaded the latest release and was having a quick skim through the upgrade procedure to make sure I wasn’t forgetting about anything and I spotted a link to the Subversion update instructions… I’m off work sick today and have the time so I decided to give it a go.

I backed up my database and checked out the latest stable version:

steve@decaf~$ cd /var/www/sickbiscuit.com
steve@decaf:/var/www/sickbiscuit.com$ svn co http://svn.automattic.com/wordpress/tags/2.3.3/

I copied over my database config file, theme, plugins and uploads and ran the wp-admin/upgrade.php script via my browser. The final act was to modify the symlink pointing to the WordPress directory and it worked first time. Profit!

Hopefully whenever I need to update in the future all I’ll have to do is use the following:

svn sw http://svn.automattic.com/wordpress/tags/NEW_VERSION/

followed by running the database upgrade script again. Quick and painless.

New site theme at last

I finally got around to replacing the default WordPress theme. Now it doesn’t look like I don’t care about my site :)

With so many freely available themes I found it difficult to choose but I stumbled upon plaintxt.org and my mind was made up: I needed one of those minimalist themes and I opted for the Barthelme which I am liking very much.

For posterity I took a screenshot of my old, hand-crafted design:

sickbiscuit.com - screenshot - old design - scaled

Site migration

I’ve just finished migrating sickbiscuit.com from my home development machine to my new VPS.

DNS records have been updated and decaf is now handling mail and web traffic for the domain allow the only thing I’ve copied over is this blog.

Hopefully this will give me the motivation needed to spruce things up a bit as the last iteration of sickbiscuit.com looked like it was designed by a programmer ;)

Google Analytics

I got speaking to Matt this morning when I arrived in the office and he demonstrated to me the wealth of information provided by Google Analytics. It was really interesting stuff and I could see why he was so excited about it.

I recently upgraded to Apache 2.2 on my development machine, substance, to “easily” get TLS working so I could use AjaxTerm and I haven’t had the time yet to play about getting awstats up and running again.

I wouldn’t call myself a blogger and my site doesn’t draw huge traffic but it’s still nice to look at the statistics every once in a while so I decided to give it a go.

Signing up was effortless as with all things Google and the only modification required at my end was to add a reference to the urchin Javascript in my site footer.

All I have to do now is to let the numbers crunch :)

MySQL upgrade

I finally got sick of not being able to use SQL subqueries and decided to upgrade my MySQL installation from 4.0.x to 5.0.x.

I had wanted to do this previously but was afraid I’d end up breaking something and be left without a working development environment or a website either, for that matter, so I resorted to complicating my custom queries in CakePHP with JOIN statements :(

I couldn’t find a 5.0.x package for Slackware 10.0 in the package browser, so I bit the bullet and downloaded the source archive…

I extracted the files, issued the immortal ./configure && make commands, left things for a while and was pleasantly surprised when the compilation succeeded. removepkg got rid of the old package, a new one was easily produced using checkinstall and installpkg installed it for me.

The only problem I had was when I went to fire up the daemon and nothing happened. It turned out that the startup script was expecting mysqld_safe to be found in /usr/bin instead of /usr/local/bin where it had been installed to: that was quickly remedied with the creation of a symbolic link. From there it was plain sailing, all my databases were functional.

But enough techno-gibberish. The point of the matter is that I managed to build a package from source, get it up and running and the system as a whole still worked! Linux administration definitely appears to coming more natural to me. Bob be praised :)

Site update

Over the past bunch of days I’ve been back into web-development land and seeing as I was staring at code for prolonged periods I decided I might as well “enhance” this site a bit too.

I started with tweaking the frontpage: I rearranged things a bit and instead of displaying my latest blog entry in its entirety I now have excerpts from the previous 4 entries. I initially tried using the built-in the_excerpt() WordPress template tag to achieve this but I wasn’t too fussed with the result and after some brief searching I found a plugin called the-exceprt-reloaded which seems to do the job better.

It was only a month ago that I upgraded my WordPress installation to version 2.0.5 and I was aware that 2 other point releases had been since published which I ignored: I just couldn’t be bothered with the hassle of upgrading and I knew that the next minor release was upcoming and was in fact released 8 days ago.

I began the upgrade to 2.1 by packing the full site into a tarball and using the backup plugin to create a copy of the blog database. I deactivated the installed plugins, unpacked latest.tar.gz and replaced all the old files apart from .htacces and wp-config.php and wp-content/. After running wp-admin/upgrade.php the blog was up and running without any problems and I could easily reactivate my plugins.

The rest of my site wasn’t so lucky: the require_once() statement on my frontpage responsible for pulling in wp-blog-header.php was throwing a fatal error which I eventually solved by moving the statement into /index.php from its previous location.

So far the things I like about this upgrade are auto-saving of drafts and having the ability to switch between the WYSIWYG and code views smoothly which makes entering XHTML character entities and CSS classes etc much easier. The spellchecker will also come in handy when I’m blogging from my home desktop which doesn’t yet have the benefit of the Firefox 2.0 spellchecker.

Security Enhancements for Dummies

I read a thread over on linuxquestions.org recently about server “hardening” and got thinking about my own security measures and the lack there of. Here’s an example of the content of /var/log/auth on the machine this site is hosted on:

Jan 24 13:43:33 substance sshd[14182]: Invalid user test from 203.242.160.193
Jan 24 13:43:33 substance sshd[14182]: error: Could not get shadow information for NOUSER
Jan 24 13:43:33 substance sshd[14182]: Failed password for invalid user test from 203.242.160.193 port 37298 ssh2

The first time I checked the likes of that file and /var/log/secure it really disturbed me to see the megabytes-worth of failed login notifications. I felt the same way when I first started playing with Apache and saw the number of attempted FrontPage Extensions exploits logged in /var/log/apache/access_log!

That thread led me to a more detailed article which gave me much food for thought. Measures I had already taken included disabling root login via ssh by specifying PermitRootLogin no in /etc/ssh/sshd_config and I’d spent a bit of time turning off unneeded network services. When I setup the MTA on this machine I fully intended to encrypt the traffic via TLS but I’ve never gotten in the practice of using public-key cryptography and don’t personally know anyone who is so that hasn’t seen fruition yet. The consequence of this was plain-text traffic (including username/password!) which I put up with for a while but solved the problem by closing port 143 in my router and tunneling the IMAP connection through ssh.

Since grokking that info I’ve configured SSHD to only use the SSH2 protocol by specifying Protocol 2 in /etc/ssh/sshd_config and decided to see what would happen if I changed the port used to connect via ssh. Instead of changing the sshd configuration I took the lazy man’s approach and closed port 22 in my router and forwarded a differently numbered port to port 22 on this machine. I didn’t know if this would be effective but the logs have been unsullied since, take that script kiddies!

Future plans include only permitting login authentication via private keys, implementing packet filtering with iptables and scanning my home network with nmap. Be paranoid!

WordPress 2.0.5

I’ve been spending the festive period with my family and have almost enjoyed not having a computer, online and logged in, within eyesight for the majority of my waking hours. I’ve read and responded to my email and forums and was checking my blog when I noticed I wasn’t running the latest version of WordPress, so I thought I get back in the saddle and upgrade.

I started by backing up the database using the handy Backup Plugin and creating a copy of the entire blog directory using cp -R. I then downloaded and extracted the latest version of WordPress.

I deleted the wp-admin and wp-includes directorie as well as the files in the blog’s root directory, saving wp-config.php and .htaccess, and set about moving over the new files and replacing the default theme and bundled plugins. All that was left to do was log on as admin and click through the upgrade process and viola, version 2.0.5 up and running and using my site’s theme. Quick and painless, job’s a good ‘un.