Saotn.org

Sysadmins of the North, a technical blog in English and Dutch

All you need to do to install the WebSockets feature in IIS, is executing the following PowerShell command:

Read More

Whenever you need to test the MySQL database connectivity from a website or server, it’s handy to have various test scripts nearby. Whether it is because you are setting up a new website or you have just installed a new server and are running your tests. Nowadays, many websites depend on a MySQL or MariaDB database because CMS systems like WordPress, Joomla and Drupal are so popular, and Umbraco too. You want your webserver to connect to MySQL fast and properly :)

Throughout the examples, we always use “mysql.example.com” as our database hostname, “example_db” as databasename and username, “password” is our password.

Read More

How to hide file extensions, such as .php or .asp, with URL Rewrite.

Sometimes it’s important to hide the file extension of scripts you use. Security by obscurity might be one of those reasons, if you don’t want others to know what script language you are using. Or you just want to hide the file extension for no apparent reason. In this example, we hide the .php extension using the IIS URL Rewrite module, in a ready to use rule example.

Read More

How to redirect HTTP traffic to HTTPS with IIS URL Rewrite is a question that keeps popping up, just about everywhere. Here you find a ready to use URL Rewrite rule.

Read More


Google PageSpeed Insights recommends optimizing or compressing images such as PNGs, and to minify Javascript and CSS. Minifying resources refers to eliminating unnecessary bytes, such as extra spaces, line breaks, and indentation. Compacting HTML, CSS, and JavaScript can speed up downloading, parsing, and execution time. In addition, for CSS and JavaScript, it is possible to further reduce the file size by renaming variable names as long as the HTML is updated appropriately to ensure the selectors continue working (Source: Google PageSpeed Insights – Minify Resources).

How to accomplish this the easy, and fast way?

Read More

While investigating SMTP authentication issues, over an Transport Layer Security (TLS) encrypted connection, it’s always handy if you are able to test the SMTP authentication and StartTLS connection from the command line. SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol whereby an SMTP client may log in using an authentication mechanism chosen among those supported by the SMTP server.

Most problems come forth from the fact that either the username and password log in combination is wrong, or the server doesn’t support StartTLS or the authentication mechanism used. Here, we address and verify them all. Being able to verify (Start)TLS encrypted connections and SMTP AUTH options is ideal for when you’re having problems with website forms (scripts) that send emails from a website using authenticated SMTP over an TLS encrypted connection.

Read More

On StrongLoop we find an interesting article on scaling Node.js with proxies and clusters:

Node apps essentially run single-threaded, even though file and network events could leverage multiple threads. This architecture thereby binds the performance of each application instance/process to one logical CPU core that the thread it’s attached to. To a J2EE architect like me, this highlights immaturity in Node as an enterprise ready technology. Application servers like JBoss or Weblogic already solved this 10 years back using server core multi-threading and parallelism. Little did I realize that context switching between threads ate up my memory and I still had a blocking IO problem.

In a way, discovering the lack of threading prepares the Node developer to write scalable asynchronous code and use libraries like web-sockets from the get-go rather than worry about scalability later in the application life cycle. But this code optimization is still capped to the scaling limits of a single CPU core. So, how is production scaling achieved in the Node world today?

Read on at Node.js Performance Tip of the Week: Scaling with Proxies and Clusters

Brandon Cannadya – the CTO of Modulus, a Node.js application hosting platform – wrote an absolute beginner’s guide to node.js.

There’s no shortage of Node.js tutorials out there, but most of them cover specific use cases or topics that only apply when you’ve already got Node up and running. I see comments every once and awhile that sound something like, “I’ve downloaded Node, now what?” This tutorial answers that question and explains how to get started from the very beginning.

What is Node.js?
A lot of the confusion for newcomers to Node is misunderstanding exactly what it is. The description on nodejs.org definitely doesn’t help.

An important thing to realize is that Node is not a webserver. By itself it doesn’t do anything. It doesn’t work like Apache. There is no config file where you point it to you HTML files. If you want it to be a HTTP server, you have to write an HTTP server (with the help of its built-in libraries). Node.js is just another way to execute code on your computer. It is simply a JavaScript runtime.

Read on at An Absolute Beginner’s Guide To Node.js

Saotn.org uses IIS Outbound Rewrite Rules to offload content from a different server and/or host name. This should improve website performance. Just recently I noticed these Outbound Rules confliced with compressed (gzip) content. I started noticing HTTP 500 errors with the error message:

Outbound rewrite rules cannot be applied when the content of the HTTP response is encoded (“gzip”).

This is how I resolved this error.

Read More

Gary Pendergast writes on Make WordPress Core:

In WordPress 3.9, we added an extra layer to WPDB, causing it to switch to using the mysqli PHP library, when using PHP 5.5 or higher.

For plugin developers, this means that you absolutely shouldn’t be using PHP’s mysql_*() functions any more – you can use the equivalent WPDB functions instead.

Great! :-)

This evening, after tweeting about preventing cross site scripting vulnerabilities, I received a reply from Olivier Beg. His reply to my tweet contained an image, as you can see below. He alerted me that Saotn.org was vulnerable to a DOM based XSS vulnerability, hidden in prettyPhoto used by my WordPress theme. Whoops!

Read More

Maximiliano Curia posted a call for help from the KDE team to the debian-devel mailinglist:

For quite a while now the KDE team has been severely understaffed. We maintain
a lot of packages, with many different kinds of bugs, but we don’t have enough
people to do all the work that needs to be done. We have tools that help us
automate the update to new upstream releases, but that’s just the tip of the
iceberg of our work and so we are writing to invite more people to get
involved in the team and help us get KDE software in Debian into better shape.

Some of the tasks that we need help with are:

Read the entire post at lists.debian.org:
Subject: Call for help from KDE Team.
 

This probably isn’t a big issue, but today I noticed a slow MySQL query coming from a WordPress database (wp_options table). This made my decide to investigate and optimize the WordPress wp_options autoload feature. The autoload feature loads and caches all autoloaded options, if available or all options. The default option is to autoload, and over time when the wp_options table grows and becomes big, this might drain performance (a bit).

Read More

MySQL’s mysqlcheck is a command line table maintenance program: it checks, repairs, optimizes, or analyzes tables. Very handy for automated performance optimizations of MySQL databases and tables.

Read More

Microsoft released a fix for the recently discovered remote code execution vulnerability in Internet Explorer. This remote code execution vulnerability affects all Internet Explorer versions from IE 6 through IE 11. The security update is also known as KB2964358 and Microsoft also published Security Bulletin MS14-021.

It surprised me the update was marked as Important in Windows Update, not critical.


1 2 3 4 5 6 24
Search & find

Custom Search
About Sysadmins of the North

Hi and welcome to Sysadmins of the North!
Sysadmins of the North is just another technical blog. Just like so many others out there. Most posts are written in English, some in Dutch. On Saotn.org you can find all kinds of computer, server, web, sysadmin, database and security related stuff.

About me: My name is Jan Reilink. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing his daily thing at Vevida Services in the Netherlands. Living in the north of the Netherlands, so hence the name Sysadmins of the North :-)
Drop me a comment somewhere or send an email to say hi, or discuss about security, website or WordPress, performance, Windows or IIS topics.

Support Saotn.org

If you feel that Sysadmins of the North has helped solve your problem, saved you time, or you just simply like Saotn.org, then please consider making a donation. Thanks! :)

IT Books & WP Themes

Windows PowerShell Cookbook: The Complete Guide to Scripting Microsoft\'s Command Shell
DNS and BIND - 5th Edition
DNSSEC Mastery: Securing the Domain Name System with BIND
Windows Server 2012 Unleashed
Enfold - Responsive Multi-Purpose WordPress Theme
Striking MultiFlex & Ecommerce Responsive WordPress Theme

 

The Sysadmins of the North network

Just for the fun of it, Sysadmins of the North is hosted on mulitple servers:

  1. one (shared) Windows Server 2012, IIS 8.0 webserver running PHP 5.5
  2. one (shared) MySQL database server, running MariaDB 5.5
  3. one Varnish Cache HTTP reverse proxy with Nginx Droplet, for offloaded static content, running Debian 7.0 @ DigitalOcean
Easy share

Be social and share posts if you like them. Thanks!
RSS feed
If you like Saotn.org:
donate to Sysadmins of the North
Twitter Feed

What's happening, right now, around Saotn.org?


Bad Authentication data
Copyright © 2007-2014 Saotn.org . Design by OrangeIdea