So … you may notice the site disappeared for some time, and now it’s back all images are missing. This is down to three things:
server admin
26 posts
WordPress had a critical update recently, and I got tonnes of emails (one from each blog I run) demanding I upgrade NOW. So I did, and upgraded Apache to latest while I was at it. Oh dear. All sites offline. First: Unable to connect …then, when I fixed Apache, I […]
Transferring server to new home. Allowed it to install latest versions of core software. Turns out … the lovely people at Apache have made major site-breaking changes to their config system, so that upgrading WILL break existing sites. Took an hour to discover that :(.
2015 UPDATE: I discovered that dovecot now uses MUCH longer passwords than it used to, and the database tables I’d found online WILL FAIL to authenticate (they truncate your passwords!). Fixed below 95% of linux configuration on Debian servers is simple, well-documented, well-designed, easy to do, with only a tiny […]
Like half the planet, I use WordPress as a blogging platform. There are many good things about it. One of those used to be Akismet (if you ignore the slightly unpleasant sales strategy: it’s free, if you give WordPress some personal details) – but today I hit a very serious […]
I’m not sure why, but out-of-the-box, WordPress’s excellent TwentyTwelve theme prevents you from putting anything in the (empty!) top-right area of the page. It’s a great place for a “contact” link or similar (and check out the Suffusion theme to see how many widget areas a good WP theme ought […]
The most popular hit for “unity gitignore” is a post on the official Unity forums that was written by someone who doesn’t seem to fully understand how git works. Which was a little disappointing. Before you commit anything to git, you MUST go into Unity’s menus and enable the “metadata” […]
Two things here: if you run any Rails site, check out the security hole ASAP if you haven’t already. You might be safe – but given that even GitHub wasn’t, I’d double check if I were you. (The Rails community seemingly isn’t patching it – and there’s nothing recent on […]
Response from ImageMagick folks, when I asked them to either re-instate the working binaries, … or stop building as Lion-only: “We only host and maintain current versions of ImageMagick on one OS release level. We have a small development team and do not have the time to support multiple releases […]
The IM maintainers seem to be taking a leaf out of Apple’s book: if you don’t purchase the latest Apple OS upgrade (that most people don’t need), you can no longer use their software. If you follow their 4-line install instructions, you’ll get: dyld: Library not loaded: /usr/X11/lib/libpng15.15.dylib Referenced from: […]
I’ve setup a dedicated twitter account that will auto-tweet the most interesting posts from the blog: http://twitter.com/tmachineorg …when I get time, I’ll see if I can configure it to auto-tweet particular tags (i.e. “games industry”, “entity systems”, and “startup advice”). Until then, it’ll be most/all the posts. (this is for […]
Spotted this (the notion “DevOps”) courtesy of Matthew Weigel, a term I’d fortunately missed-out on. It seems to come down to: Software Developers (programmers who write apps that a company sells) and Ops people (sysadmins who manage servers) don’t talk enough and don’t respect each other; this cause problems when […]
Notes to advertisers: checking the author’s name, email address, and what the blog is about, and acknowledging how odd their advertising attempt is – these are all good things. You’d be surprised (or depressed) how often people cold-contact me without doing any of the above. I almost feel sorry that […]
After a little tweaking, my rule is growing, and proving extremely effective: # bad websites: domains which regularly or overwhelmingly feature spam SecRule REQUEST_HEADERS:REFERER “http://[^/]*(yijiezi|yourhcg|lukejaten|squidoo|answerbag|jvlai|chaohuis|cledit|bait|lukejaten)” “t:lowercase,deny,nolog,status:500” # porn and gambling: they make much cash out of random visitors SecRule REQUEST_HEADERS:REFERER “http://[^/]*(holdem|poker|casino|porn|girlz|pussy|penis|babe|exposed|sex)” “t:lowercase,deny,nolog,status:500” # fake / illegal designer clothing and luxury […]
I like computer security to be EASY and SECURE. I hate passwords, and I use them rarely if at all. Instead, I use digital keys as much as possible (i.e. something based on a physical key stored on a removable USB drive that I take with me wherever I go). […]
UPDATE: there were several bugs in my original version – by Debian standards, ModSecurity is damn hard to configure correctly, mainly because the Debian packager has left out so much that’s essential! This version is fully tested and working… Mod Security is an awesome, open-source product for Apache that will […]
We’re starting a new client project, and the client uses Mercurial exclusively, all through BitBucket. BitBucket has a stupid user-accounts system, that demands you invent a globally-unique username. Oh dear lord – how amateurish are you guys? Aha! BUT! … they have a (very subtle) link to let you use […]
Gah. The world of PHP modules is a horrid mess. And sites going OAuth-compulsory are highlighting of late just how much so… I just had a plugin fail, with no error message, even though I had it all installed correctly, and all pre-requisites. After much messing about (much wasted time), […]
One great achievement of the web is the huge reduction in barriers to publishing. But the flipside is that we now see extremely low incentives for publishers to keep content “live”. Back when it cost money to publish info, you had good reasons to *keep* your content live once it […]
A year or so ago I did a roundup of the major free Web Analytics services. I was interested to see how Google Analytics had affected the market: was there a market left any more? One of the trials I signed up for I found so useful I carried on […]