Gentoo Compiler Caching

I really should learn to be more patient and read the docs. Today I stumbled across Gentoo compiler caching. From the About ccache section:

ccache is a fast compiler cache. When you compile a program, it will cache intermediate results so that, whenever you recompile the same program, the compilation time is greatly reduced. In common compilations this can result in 5 to 10 times faster compilation times.

Sheesh. How much time have I wasted sitting around drooling on myself waiting for portage to build package XYZ?

In addition to learning to read the docs I should also probably learn to stop drooling on myself.

Visual editor broken in WordPress 1.3.2

Seems there is a bug in the latest WordPress check for gzip support which breaks visual editing. I’m not sure which condition below is causing the confusion

but if you modify the $supportsGzip variable to always return false as above, the problem goes away.

Alternative authentication methods with Apache 2.2

Quick note on how to make alternative authentication modules work with Apache 2.2.

mod_auth_imap kept complaining about a missing password file:

(9)Bad file descriptor: Could not open password file: (null)

Turns out with Apache 2.2 you have to explicitly turn off Basic authentication even when you are using an alternative module. So a proper Apache 2.2 mod_auth_imap configuration would look something like this:

Auth_IMAP_Enabled On
AuthBasicAuthoritative Off
AuthType Basic
Require valid-user
Auth_IMAP_Authoritative On
Auth_IMAP_Server mail.server.com
Auth_IMAP_Port 143
Auth_IMAP_Log On

Turning off AuthBasicAuthoritative forces Apache to ignore the standard password file authentication.

When in doubt, upgrade the firmware

I’ve had an old D-Link DI-614+ Wireless Broadband Router since 2003 or so. Its ticked along perfectly for the last five years, though since last week has started to show signs of wanting to go kaput. It had occasionally cut out on me in the past, but never so persistently.

Just before heading out the door to Best Buy to pick up a new one I figured I’d check D-Link to see if there were any firmware updates. Sure enough the last update was in 2006. Dowload to desktop, upload to router, reboot, and.. suddenly, no more problems. In fact, I seem to be getting better throughput than before. And the router’s clock now works. And signal strength is suddenly 100% everywhere in the house.

Sheesh, if I had thought to do this before I never would have wasted money on the Hawking Range Extender (which also required its own firmware upgrade).

So, fifty bucks saved and lesson learned. When in doubt, upgrade the firmware.

How to print multiple calendars at once in the Calendar Printing Assistant

I was recently asked how to print multiple calendars side-by-side in the 2007 CPA. Since this had also originally befuddled me, I figure its worth a post. The problem is that the interface is a bit confusing.

Here’s how to do it:

  1. Load up both Outlook and the CPA. Select a multi-calendar template from the View Templates panel on the right-hand side of the interface:day-templates.PNG
  2. You’ll notice that the View Templates title is actually a select list. Toggle this to Calendars and Tasks:calendars-and-tasks.PNG
  3. Click on the calendars you want to see. They will appear in the Calendars and Tasks bar on the left-hand side of the interface:calendar-bar.PNG
  4. Check the calendars you want to see and, voila, they appear in the template!combined-calendar.PNG

MJ12Bot Virus Robot

There seems to be a “virus bot” out there just now starting to attack servers in Japan. It spoofs the distributed open source search engine Majestic 12 with a user agent string of MJ12bot/v1.0.8 (http://majestic12.co.uk/bot.php?+. (The real Majestic 12 is up to version 1.2.x.)

Use mod_rewrite in Apache to block it:

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^MJ12bot/v1\.0\.8.*$
RewriteRule .* - [F]

Add the above to either httpd.conf or a local .htaccess config file. See the Majestic 12 FAQ for more information.

Note that the way the virus has been hitting some of our sites appears as though it actually attempts to coordinate DOS attacks from multiple servers. Scary if true. And it seems to be smart enough to stop attacking as soon as it realizes that access has been denied.

Update: If you run mod_security, consider appending evil MJ12’s user agent string to the rogue web crawler portion of the bad robots conf file modsecurity_crs_35_bad_robots.conf:

SecRule REQUEST_HEADERS:User-Agent "(?:e(?:mail(?:(?:collec|harves|magne)t|(?: extracto|reape)r|siphon|wolf)|(?:collecto|irgrabbe)r|xtractorpro\
|o browse)|m(?:ozilla\/4\.0 \(compatible; advanced email extractor|ailto:craftbot\@yahoo\.com)|a(?:t(?:tache|hens)|utoemailspider|dsarobot)|w(?\
:eb(?:emailextrac| by mail)|3mir)|f(?:astlwspider|loodgate)|p(?:cbrowser|ackrat|surf)|(?:digout4uagen|takeou)t|\bdatacha0s\b|hhjhj@yahoo|chinac\
law|rsync|shai|zeus|mj12bot/v1\.0\.8)" \
"deny,log,auditlog,status:404,msg:'Rogue web site crawler',id:'990012',severity:'2'"

mod_security returns a 404 Not Found error instead of Access Denied which should further help to confound the virus.

Run svnserve, run!

More notes to self.

Fancy shmancy init scripts aside, this is the fastest way to get a Subversion server up and running:

/usr/bin/svnserve --daemon --root /var/svn

root is the directory housing one’s repositories; looks something like this:

/var/svn/
conf/
project1/
project2/
repos/

Make sure the svn port 3690 is open.

Running Windows commands from PHP over IIS

In order to run Windows commands via PHP functions such as open_proc(), apparently one has to grant read/execute permissions to the account under which IIS is running (usually IUSR_<servername>) on C:\WINDOWS\System32\cmd.exe. Be sure to do this for web apps that rely on external commands.

This of course took me an eternity to figure out. I was only able to piece together WebSVN‘s bizarre Windows mis-behavior after scouring through the remnants of forum posts limboed in Google cache. PHP.net of course has no proper details on this, though I do now better understand what proc_open‘s obscure and undocumented bypass_shell parameter might be about.

Ah yes, PHP on Windows. Obscure and irritating.

Kind of like me. Not that that makes it any better.