04 Jun 2014
When a large scale spam run was sent through your mail servers, you need to clean up and remove those spam messages. Doing so guarantees normal, valid email messages being sent quickly and the spam messages never leave your queue. In Postfix, there are various similar commands to delete messages from the Postfix mail queue. Based on the Message-ID and/or email address.
02 Jun 2014
Malware Must Die! has done a great, and extensive write-up on the subject of hacked and abused FTP sites (accounts). This topic fits well within my daily routine investigating and closing down hacked websites, for which I have to use various techniques for finding those hacked sites. As you might know, website security is one of the major themes of this site.
Test MySQL database connectivity with ASP.NET, PHP, ASP
Whenever you need to test the MySQL database connectivity from a website or server, it’s handy to have various test scripts nearby. Whether it is because you are setting up a new website or you have just installed a new server and are running your tests. Nowadays, many websites depend on a MySQL or MariaDB database because CMS systems like WordPress, Joomla and Drupal are so popular, and Umbraco too. You want your webserver to connect to MySQL fast and properly
23 May 2014
How to hide file extensions, such as .php or .asp, with URL Rewrite.
Sometimes it’s important to hide the file extension of scripts you use. Security by obscurity might be one of those reasons, if you don’t want others to know what script language you are using. Or you just want to hide the file extension for no apparent reason. In this example, we hide the
.php extension using the IIS URL Rewrite module, in a ready to use rule example.
While investigating SMTP authentication issues, over an Transport Layer Security (TLS) encrypted connection, it’s always handy if you are able to test the SMTP authentication and StartTLS connection from the command line. SMTP Authentication, often abbreviated SMTP AUTH, is an extension of the Simple Mail Transfer Protocol whereby an SMTP client may log in using an authentication mechanism chosen among those supported by the SMTP server.
Most problems come forth from the fact that either the username and password log in combination is wrong, or the server doesn’t support StartTLS or the authentication mechanism used. Here, we address and verify them all. Being able to verify (Start)TLS encrypted connections and SMTP AUTH options is ideal for when you’re having problems with website forms (scripts) that send emails from a website using authenticated SMTP over an TLS encrypted connection.
On StrongLoop we find an interesting article on scaling Node.js with proxies and clusters:
Node apps essentially run single-threaded, even though file and network events could leverage multiple threads. This architecture thereby binds the performance of each application instance/process to one logical CPU core that the thread it’s attached to. To a J2EE architect like me, this highlights immaturity in Node as an enterprise ready technology. Application servers like JBoss or Weblogic already solved this 10 years back using server core multi-threading and parallelism. Little did I realize that context switching between threads ate up my memory and I still had a blocking IO problem.
In a way, discovering the lack of threading prepares the Node developer to write scalable asynchronous code and use libraries like web-sockets from the get-go rather than worry about scalability later in the application life cycle. But this code optimization is still capped to the scaling limits of a single CPU core. So, how is production scaling achieved in the Node world today?