Kudos Apache

     I believe in giving credit where credit is due.

     I recently installed the http2 apache module to provide http2 support on our web server.  After installation I would see processes get stuck in graceful restart after the nightly graceful restart for log rotation.

     I submitted a bug report on bugzilla.

     Two days later I got e-mail with an explanation of what caused the problem and a fix.  I compiled and installed the new http2 module today and it indeed did fix it.

     This is on an Open Source project where people are doing this work gratis.  I’d never see that kind of support from Microsoft or Apple where hundreds of people are getting paid to develop.

 

Anonymous FTP Directories

     I corrected two problems with anonymous ftp that caused directories not to show with the ‘dir’ command, and some directories not to show even with ‘ls’.

     The former was a compile time option, ‘enable-ls’, necessary on Ubuntu, and the latter was old paths in /etc/ftpaccess that have been wrong for many moons (probably since I changed directory structures back in 2012).

Google Page Rank

     If you are trying to generate business with your website, then you want as much traffic as you can get.  Google drives the majority of search engine traffic to your site.  Like ’em or hate ’em, if Google ranks you poorly your traffic will suffer.

     Today Google factors in several things when it ranks your site.  As always quality contents and relevant links to your site remain important.

     But these days, about 40% of your traffic will come from mobile devices IF and only if your site is mobile friendly or responsive.  Google will no longer send mobile traffic to non-mobile friendly sites.

     Also important in Google ranking is SSL.  Google will rank your site higher if it is SSL capable.

     Lastly, speed!  A very recent study plotted a large number of sites with Google ranking on one axis and response time on the other and there was an almost linear relationship between page speed and Google ranking across the board.

     I do everything I can to make the hardware and software infrastructure as fast as it can be without sacrificing security, including support for HTTP2.  In order to take advantage of SSL and HTTP2 support, an SSL certificate is required.  I recommend Comodo as they are widely recognized by many browsers and if anything ever happens, like your key being compromised, they provide excellent support, re-issued a compromised certificate for me at no charge.  But I will install, at no charge, any certificate you provide.

     If you need help generating a CSR, e-mail support@eskimo.com, use the ticket system, Support->Tickets, or phone 206-812-0051 and I will be happy to assist you.

Infocom Games

     A variety of Infocom games are playable on ubuntu.eskimo.com.

     To play them, add /usr/games and /usr/games/infocom to your $PATH, or you can type the full path name to the game.

     To see which Infocom games are available, type “ls /usr/games/infocom“.  Then if you’ve added the above to your $PATH you can just type the game name, else /usr/games/infocom/game, for example /usr/games/infocom/zork_1 to start Zork 1.

Web Outage

     The web outage today from about 17:01 – 17:15 was caused by an Ubuntu upgrade overwriting apachectl and a few other files.  I do not use the Ubuntu supplied Apache but rather compile from source in order to include some features not provided by Ubuntu as well as some optimizations.  But I have to let Ubuntu think it has it’s version installed in order to satisfy dependencies.  I tell it not to upgrade these things but once in a while it ignores me and does anyway.  Because I’ve done things differently it breaks things when this happens.

HTTP2

     In the interest of making things go even faster, I’ve enabled HTTP2 in our web server.

     Please note that all current browsers supporting HTTP2 require encryption.

     If you have a domain hosted here and would like to take advantage of http2, an SSL certificate is required.  There is no charge for installation, you just need to provide us with a certificate, we will install it, and then your site will be capable of http2.

 

Brief Denial of Service Attack

      We received a brief denial of service attack today, not a distributed type, just a single IP address rapidly requesting Your IP which increased the load on our server enough for forums to stop serving pages.  I blocked the offending IP which was a Road Runner cable modem and sent a complaint to Road Runner, not that I actually expect any action from them.

 

Brief Interruptions in Web Service

     I apologize for the brief interruptions in web service.  I was attempting to troubleshoot a problem with the start up scripts sometimes failing to mount NFS shares.  Right now I have a work-around in place but I really want to find the root cause.

MySQL

     Since we replaced our web server, MySQL under Ubuntu will not authenticate on any remote machine.

     I changed the bind-address from 127.0.0.1, to 0.0.0.0, nmap shows that it is listening to port 3306, however it still will not authenticate.

     I verified that what is in the grant tables, and it’s the same tables as were used on the old server, is correct and it still will not authenticate except from the localhost IP address or the socket.

     I checked the source code and there is an argument that will make it behave this way.  I suspect Ubuntu developers may have done this for security but really it should be up to the individual site how they want to configure it.

     I have filed a bug report on Launch Pad since this functionality is not documented and it is documented that setting the bind-address to 0.0.0.0 will make it listen on all interfaces.

     If this is the intended behavior, fine, they just need to correct the documentation and I will need to compile from source to get the behavior I want, but if not, hopefully they will fix it.

     I prefer to have it work from the shell servers so people can use the standard mysql client to manipulate their databases.  It is far more secure than phpMyAdmin and in my view less painful.

     For now you will need to use phpMyAdmin to administer your database.