Web Outage

     The web outage today from about 17:01 – 17:15 was caused by an Ubuntu upgrade overwriting apachectl and a few other files.  I do not use the Ubuntu supplied Apache but rather compile from source in order to include some features not provided by Ubuntu as well as some optimizations.  But I have to let Ubuntu think it has it’s version installed in order to satisfy dependencies.  I tell it not to upgrade these things but once in a while it ignores me and does anyway.  Because I’ve done things differently it breaks things when this happens.

HTTP2

     In the interest of making things go even faster, I’ve enabled HTTP2 in our web server.

     Please note that all current browsers supporting HTTP2 require encryption.

     If you have a domain hosted here and would like to take advantage of http2, an SSL certificate is required.  There is no charge for installation, you just need to provide us with a certificate, we will install it, and then your site will be capable of http2.

 

Brief Denial of Service Attack

      We received a brief denial of service attack today, not a distributed type, just a single IP address rapidly requesting Your IP which increased the load on our server enough for forums to stop serving pages.  I blocked the offending IP which was a Road Runner cable modem and sent a complaint to Road Runner, not that I actually expect any action from them.

 

Brief Interruptions in Web Service

     I apologize for the brief interruptions in web service.  I was attempting to troubleshoot a problem with the start up scripts sometimes failing to mount NFS shares.  Right now I have a work-around in place but I really want to find the root cause.

MySQL

     Since we replaced our web server, MySQL under Ubuntu will not authenticate on any remote machine.

     I changed the bind-address from 127.0.0.1, to 0.0.0.0, nmap shows that it is listening to port 3306, however it still will not authenticate.

     I verified that what is in the grant tables, and it’s the same tables as were used on the old server, is correct and it still will not authenticate except from the localhost IP address or the socket.

     I checked the source code and there is an argument that will make it behave this way.  I suspect Ubuntu developers may have done this for security but really it should be up to the individual site how they want to configure it.

     I have filed a bug report on Launch Pad since this functionality is not documented and it is documented that setting the bind-address to 0.0.0.0 will make it listen on all interfaces.

     If this is the intended behavior, fine, they just need to correct the documentation and I will need to compile from source to get the behavior I want, but if not, hopefully they will fix it.

     I prefer to have it work from the shell servers so people can use the standard mysql client to manipulate their databases.  It is far more secure than phpMyAdmin and in my view less painful.

     For now you will need to use phpMyAdmin to administer your database.

It Gets Better

     After battling this machine until 3AM, I went to bed, but had some chest pain.  It continued through the night preventing me from sleeping so went into the doctors to have myself checked out.

     EKG is good, heart sounded good, no immediate threats there, most likely GERD, which can be a problem when I get stressed and last night I definitely was.  But at some point I’m going to have to nap today.

Running Behind

     I’m running behind on e-mail and various customers requests.  I’m working on getting caught up but my workstation decided to throw a monkey wrench into the gear-works by eating it’s drive.  Thus I spent most of the evening restoring to a new drive.  I am back up and running at 3AM which means I’ll be in late this morning.

sshfs

     I’ve had customers who wanted to use the shared folders capability of x2go but were unsuccessful.  I talked to one customer who successfully shared folders between two machines at home but suggested sshfs is easier.

     With either of these, if I attempt to share a directory from my home directory on our servers, it will show the underlying physical disks but not the NFS mounted home directories.

     So far I haven’t found any work-around.  This situation is so common, campus systems for example in which workstation clusters mount home directories via NFS, and then students who want to share to their laptops, etc, that I would think there would be a fix but so far I’ve found none.

     If anybody has gotten this to work, please do share your secret.