MAMP apache freezing

I’ve switched to MacBook Pro Retina in November after repeating frustrations with different WiFi adapters in an HP ProBook 450 G1 on Ubuntu.

I always read that MAMP/WAMP/XAMP is for ‘less experienced’ developers, while native installation (via homebrew on Mac) of software is for ‘mature’ ones. Honestly, I don’t think it matters – it’s the same software after all. It just comes preconfigured differently, and I don’t really see why experienced people wouldn’t take advantage of (for example) switching a PHP version with couple of clicks, as long they are capable of modifying configurations appropriately.

So, a Joomla site, requiring PHP 5.2 for historical reasons worked and debugged perfectly out of the box.

However, with a rather heavy Symfony2 application and Xdebug turned on, browser just gets caught loading a page forever, in matter of minutes. This was never an issue on Ubuntu.

Googling for possible issues with mac, I found that .local tld is not favorable due to Bonjour conflict, so I’ve switched to .dev, with no luck. Also, I’ve decided to move the virtual host name resolution from /etc/hosts to dnsmasq (thanks to http://passingcuriosity.com/2013/dnsmasq-dev-osx/) – no luck again, despite both of hints being quite useful.

Finally, since the processor was idle during these mishaps, I’ve decided that it must have been apache that for some reason had become unable to process the requests.

I’ve decided to look into Ubuntu default apache configuration, and spotted 2 major differences right at the top. KeepAlive is never mentioned, and mpm_prefork_module (extra/httpd-mpm.conf) was commented out in MAMP apache configuration.

I’ve turned these on, and there we go! As I’m writing this, the page is loaded, and hits the server with a request each minute and everything still works :)

However, Xdebug is also confirmed to make a difference – when turned off, the benchmarked requests take below 1 second consistently. With Xdebug turned on, they take somewhere between 1.5 and 20 seconds. No breakpoints.

Posted in Infrastructure, Linux, Mac, Tools | Tagged , , , , | 2 Comments

Heartbleed OpenSSL bug and how to protect against it

The heartbleed bug was introduced in OpenSSL 1.0.1 and is present in

  • 1.0.1
  • 1.0.1a
  • 1.0.1b
  • 1.0.1c
  • 1.0.1d
  • 1.0.1e
  • 1.0.1f

The bug is not present in 1.0.1g, nor is it present in the 1.0.0 branch nor the 0.9.8 branch of OpenSSL some sources report 1.0.2-beta is also affected by this bug at the time of writing, however it is a beta product and I would really recommend not to use beta quality releases for something as fundamentally important as OpenSSL in production.

The bug itself is within the heartbeat extension of OpenSSL (RFC6520). The bug allows an attacker to leak the memory in up to 64k chunks, this is not to say the data being leaked is limited to 64k as the attacker can continually abuse this bug to leak data, until they are satisfied with what has been recovered.

At worst the attacker can retrieve the private keys, the implications for which is that the attacker now has the keys to decrypt the encrypted data, as such the only way to be 100% certain of protection against this bug is to first update OpenSSL (>= 1.0.1g) and then revoke and regenerate new keys and certificates, expect to see a tirade of revocations and re-issuing of CA certs and the like in the coming days.

You can find your version easily via your package manager for example:

  • rpm -q openssl
  • dpkg-query -W openssl

If you’re running a vulnerable installation of OpenSSL an update will be required.

  • update OpenSSL >= 1.0.1g
  1. 1.0.1e-2+deb7u5 is reported as patched on debian,
  2. 1.0.1e-16.el6_5.7 is reported as patched in RedHat and CentOS
  3. 1.0.1e-37.66 changelogs note this has been patched on Amazon AMI

You can read more about the heartbleed bug at heartbleed.com Redhat Bugzilla Mitre CVE filing Ubuntu Security Notice

 

Posted in Linux, Open Source | Tagged , , , , | Leave a comment

Poor sound from headphones on hp dock

Just a quick one on hardware. I got a super-cool EliteBook 8570p i7/SSD at work… I normally take it home in the evening, so I really prefer to keep the headphones @work attached to the dock. I was so disappointed to realize that the sound was totally unacceptable.

Tried reinstalling different drivers – no luck.

The ultimate solution was to go to SRS Audio Settings, and uncheck “Audio Enhancement” on “listening experience” tab.

Posted in Hardware | Leave a comment

Git – setup tracking properly

OK, there are a number of ways to setup tracking remote branches with git. We need that so we can use push and pull commands without long explaining what to push/pull where… I’d say that normally all we mortals need is to assume that the remote branch will be called the same as the local one, so with this assumption it really can be all easy and clean.

So we have 2 cases:

  1. Push new local branch to remote, and setup tracking:
    git push -u origin branchname
  2. Pull new remote branch, and setup tracking
    git checkout -b branchname --track origin/branchname
Posted in Software Development, Tools | Tagged | Leave a comment

Things that Meld doesn’t do

I took a minute to see if there is a viable Linux alternative to WinDiff. Surprisingly, the search results have shown that WinDiff 3 will have its Linux version, being built on Qt.

Also, Meld is repeatedly quoted to outsmart WinDiff. I knew I’ve installed it some time ago,  but couldn’t remember why it just didn’t stick.

Continue reading

Posted in Tools | Tagged , , , | 1 Comment

Digitalocean review

Being a web developer with clear lamp preference, I believe it was a trivial task for ad servers to target digitalocean.com ads at me. Those ads are just all over the net. In my gmail, on my basecamp account, my facebook wall… If I had a display on my fridge, I guess the ad would have been there, too.

Clearly, I think that $13.99 for .com domain and $107.88 for year worth of shared hosting account is, well, a bit more than I used to pay for the same thing couple of years ago. And yes, with so many new (software) platforms and tools to play with, it’s quite cool to have a VPS of my own.

I’ve tried partnering a colleague with a server, but I shortly found out that our expectations from a VPS were a bit different. I mean – besides all the cool stuff I could try on such VPS, I still believe that hosting this blog (with all the uptime in the world) shouldn’t be at risk.

That’s when the ads mentioned above started tickling my imagination. Imagine that! 512MB RAM 20GB SSD VPS for $5/month! First of all, I wanted to know if it’s just another fraud that just tries to steal your cc or whatever. I thought that result from http://www.scamadviser.com/is-digitalocean.com-safe.html was good enough to give it a try.

Continue reading

Posted in Hardware, Infrastructure, Software Development, Tools | 1 Comment

How to disable automatic upgrades on Ubuntu server?

One of the common arguments against using open source software in production is that it’s always changing, and you never know when an upgrade will break some feature or dependency. Despite the fact that Ubuntu people are trying to keep the stuff as stable as possible, this argument unfortunately holds.

That’s exactly why I decided to never run apt-get update followed by apt-get upgrade on this particular ubuntu server machine. It serves an intranet, and it’s hardly ever expected to be compromised by a security issue, either.

Unfortunately, this was not enough, and of course I’ve learned it when my Redmine started crashing with Internal Server Error 500. I just wanted a system that works. Not a system that I must continuously work on in order to keep it up and running. A quick research proved that a Ruby-related upgrade happened, and the only at the moment available workaround of restarting apache until Redmine works again was not good enough. Continue reading

Posted in Free Software, Infrastructure | Tagged , , , , | Leave a comment

Thread was being aborted / IIS Application Pool Idle Time-out (minutes) Setting

Idle Time-out (minutes)

[idleTimeout] Amount of time (in minutes) a worker process will remain idle before it shuts down. A worker process is idle if it is not processing requests and no new requests are received.

So, if you are after an architecture that collects and queues requests in order to process them in a separate thread, make sure this thread is not running past this setting.

Otherwise, you might get Thread was being aborted. error.

Solution: set Idle Time-out to zero (0), which disables feature that kills w3wp.exe process due to lack of web requests, or make sure that long running threads are kept at safe distance from IIS. The latter would also significantly improve the performance.

Posted in Infrastructure, Software Architecture, Software Development | Tagged , , | 2 Comments

NHibernate: undefined alias or unknown mapping

I must note that I’ve wasted considerable amount of time on this error message. When copy/pasting, I’ve failed to close a bracket in a HQL query, and even more – the bad expression exceeded the screen space and without an editor that would complain, once again (remember NHibernate “Could not find the dialect in the configuration” “Could not compile the mapping document”) – I was left alone with NHibernate error handling :(. And it did not only complain about query aliases – it complained even about the mostly used mapping names.

The good thing is that I revised my NHibernate mapping knowledge and querying capabilities which turned out to be a great confidence booster. However, I still can’t tell if this is only a problem with an oldish 2.0 NHibernate version or not.

Posted in Software Development, Tools | Tagged , , , | Leave a comment

Command line registry permissions

Yesterday I’ve done a small change in a deployment script that was supposed to “only” allow write permissions to a registry key values.  I’ve had little luck with regini.exe and cacls.exe, so I’ve quickly found a free replacement – setacl.exe. If you need to quickly do something with it – forget the docs – go straight to examples.

However, one thing got me even more – when dealing with windows security trying to support different languages, you’d better know about this (list): Well-known security identifiers in Windows operating systems.

You don’t want to rely on yourself remembering how administrator username is spelled in Spanish or French (or even care about that), do you?

Posted in Free Software, Software Development | Tagged , , | Leave a comment