the

Little Projects

of Shawn M. Jones

Lately I’ve been considering making this site more professional. No, this does not mean that I will be removing the photos. Anyone who has a problem with the fact that a geek like me watches Anime and goes to SciFi conventions is probably someone I don’t want to work for.

Also, the updates have been slowing down as my life has gotten more stable. This doesn’t lend itself to much blogging, and, for the most part, is the reason why there have not been as many posts lately.

Changes are coming. Some of you who read this site because of my personal life may not be happy, but I think I can offer the community more that “I broke up with my ex today” kind of posts.

Well, as I’m sure some of you know (and puppiluv told me; thanks!), the site has been down due to a MySQL error for the past week. As I’m no longer traveling for work and have changed positions within my organization, I’m still getting caught up on life and haven’t had a chance to post lately.

No posting means no checking on site.

No checking on site means I end up missing key moments like when it’s down.

I’m thinking I could script it to email me when that happens again.

It looks like Network Solutions is engaging in a process called “Front Running“. I found out about this last night when my girlfriend’s brother tried to register a domain name and wanted to see how much each registrar would charge him.

The process to register a domain name is rather simple:
1. Go to registrar’s web site
2. Use their web site to see if the domain name is available
3. Pay for the domain name
4. The registrar registers it

Steps 3 and 4 are rather atomic, happening almost simultaneously (the money gets to them and the name gets registered).

Unfortunately, Network Solutions has been engaging in “Front Running”, whereby the process goes a little differently:
1. Go to Network Solution’s web site
2. Use their web site to see if the domain name is available
3. Network Solutions registers the domain name
4. Now you can only buy the domain name from Network Solutions

This is a process called Front Running. If you decide that you’d rather go with a more honorable company like Register.com, but you have already completed step 2, it is too late. It’s over, you can not change your mind. No money has changed hands, but Network Solutions has trapped you into buying the domain name from them.

Shady!

ICANN has begun an investigation into the practice.

References:
http://www.webmasterworld.com/domain_names/3543456.htm
http://www.news.com/8301-10784_3-9846487-7.html
http://blog.domaintools.com/2007/03/stealing-domain-name-research/
http://www.circleid.com/posts/81082_network_solutions_front_running/
http://slashdot.org/article.pl?sid=08/01/08/1920215

Hi folks, it’s your friendly blogger here.

Check out the photos. I’m quite happy to have most of the ones up that were previously down. Unfortunately, I couldn’t maintain the pages made by the old HTML-based tool, BINS. Gallery 2 is a much better tool. One day I’ll get off my butt and make a decent template for it so that both parts of the web site, blog and photos, match.

You may have noticed problems with the site/mail server being down. I think we’ve fixed that now. I got a discount server several months ago, but I don’t think it came with enough RAM to support my needs. I was amazed at how I couldn’t squeeze a normal web server’s needs into such a tiny amount of RAM. Linux has gotten a bit more memory hungry in its later years. Now we should be good.

After this post I’m taking down the comments and trackers areas of the blog until I can find a better way of dealing with blog spammers. At the moment, I’ve got hundreds of comments/trackbacks waiting to be deleted that are from blog spammers. The solutions offered out of the box by this version of b2evolution are not sufficient for my dilemma, so I’m going to experiment a bit and find something better. So, sorry, no comments/trackbacks until I can fix that. There must be a solution out there somewhere.

Until then, you can email me at smj@littleprojects.org with anything questions or comments you may have.

Catch y’all later. I’ll keep plugging on the pics that haven’t been posted yet (rest of Hawaii, the Basilica at the Catholic University of America, etc.).

Update: The trackback/comment spam was much worse than I had thought. Not to mention that I now feel guilty that I had enabled trackbacks to be published by default. Again, I apologize if some of the trackback/comment spam offended anyone. It’s been cleaned out now.

Update to the Update: I’ve re-enabled comments as it was all trackback spam that was the problem. I turned off trackbacks entirely. Other discussions have led me to realize that my comment settings are ok the way they are and that they were driving the spammers toward the use of trackback spam. Bon appetite, feel free to comment!

I know many of you out there are saying “mod_security’s been around forever and you’re just reading about it now?”

The truth is that I’ve heard of it, but hadn’t had both the time and the reminder to implement it until now.

The module provides Apache with application-level firewalling, protecting it from all manner of web attacks.

It’s relatively easy to use these days.

Download it from: http://www.modsecurity.org/download/index.html
Install it as per the README

Then you have to do some stuff that’s not in the docs I found, hence I’m writing this blog post.

Edit /etc/httpd/conf/httpd.conf

Put the following directives in:

LoadFile /usr/lib/libxml2.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so

That mod_unique_id isn’t mentioned in the directions. Ergh!

Also, make sure you download the rules too.

You unzip/tar them into your /etc/httpd/conf.d directory (or make your own modsecurity directory and tell Apache to Include it).

Restart Apache.

Now you’ve got an application-level firewall on your web server. It took less than half an hour. Most of that was reading docs.