Flux RSS des billets

DotMG's joblog

Work hard at whatever you do! (Ecc. 9. 10a)
L'archive pour le mois de Février 2013 a 8 Billets
Publié le 6 Fév 2013, 7:45 am dans cms, html

Today I changed the configuration of this blog to dofollow. For my point of view, the web is a space of sharing and if a visitor adds a valuable comment to something like a blog, the least that the blog owner have to give in return as a gratification is an ounce of Googlejuice.

Nofollow attribute is, in my humble opinion, the worst way to discourage spammers. Except your satisfaction that the spammer didn't get any value in his activity,there is no other advantage. It doesn't discourage spammers and doesn't stop spams in your blog.

So, I am deactivating the nofollow attribute, and will monitor manually the comments. I will be removing comments which don't bring any value, especially those with an hyperlink. I am also planning to make a sort of blogspam.net proxy, to fight spam my way. This proxy will act as an URL blacklist checker, so I will be logging any domain mentioned in a spam comment and reject any further attempt to link to this domain. If the spam passes my check, then this module will forward checking to blogspam.net, before accepting the comment. A final manual review will be performed and possible spams will be deleted again.

Publié le 3 Fév 2013, 3:17 am dans cms, nginx

Yesterday I talked about installing WikkaWiki. I didn't mention it was about installing WikkaWiki on nginx. Wikkawiki is a CMS designed to function with Apache. Pretty URLS were achieved by using Apache's RewriteModule. Like for many other PHP CMS, URLs like http://example.com/wikka.php?wakka=HomePage are shortened like http://example.com/HomePage, so the Rewrite Engine translates /HomePage to /wikka.php?wakka=HomePage

Rewrite Rules can be translated into nginx statement configurations, and WikkaWiki Rewrite Rules are rather simple. The nginx rule is as simple as :

try_files $uri $uri/ @wikka;
location @wikka {
 rewrite (.*) /wikka.php?wakka=$1;
 fastcgi_pass 127.0.0.1:9000;
 fastcgi_index index.php;
 include /etc/nginx/fastcgi_params;
}

The try_files line is used to select rewriting only for non existent files. If file exists ($uri) or if we access a directory ($uri/), then they are served as is. In other words, resources like CSS, JS, Images, ... won't be redirected into wikka.php. However, if these conditions are not met (file doesn't exist), then location will fallback to @wikka, where rewriting happens.

The rewrite line is the actual rewriting rule. It's straightforward to understand. However, it is not sufficient because the try_files seems to short-circuit the execution of the page as PHP script, and without the fastcgi_pass, fastcgi_index and include below, the page just returns as an attachment to download. What you should do is to search in your nginx configuration how php files are executed. Search something like location ~ \.php$ { in your nginx configuration files, e.g. by grepping in /etc/nginx/. Copy everything inside the location php block into your location @wikka and restart nginx; that should do the trick. Don't forget to edit manually wikka.config.php and change rewrite_mode to '1'.

Another thing you must keep in mind is that with this trick, if the URI exists, it will not be rewritten. It is a slight difference with Apache where only some folders were specifically served without rewriting. If someone accesses http://example.com/wikka.config.php, this file will be executed. In Apache, it will be redirected to /wikka.php?wakka=wikka.config.php. In general, this is a non-issue, because with WikkaWiki, php files accessed directly don't do any harm, outputting a blank page in most cases. But it IS a security issue if you rely on RewriteEngine to forbid access to some sensitive directory. For example, if you allow visitors to upload files on your server, there is a risk that this file is served (or executed) by nginx.

Publié le 2 Fév 2013, 5:36 pm dans mysql

I installed WikkaWiki on a server with MySQL 5.5.29 and it failed to create all the needed tables, without any more information on screen. After checking the authorization and finding no issue, I recopied the create table statement in PHPMyAdmin and found "an error near Type=MyISAM".

It appears that TYPE keyword in CREATE TABLE was deprecated long ago, and should be replaced with ENGINE. The statement should be

CREATE TABLE tablename (
 fieldname INT )
 ENGINE=MyISAM

However, MySQL documentation says that it is unnecessary to use ENGINE to specify the MyISAM storage engine because MyISAM is the default engine anyway. Fortunately, WikkaWiki tables are all MyISAM, so the best option was to simply remove it.

Pages: 1 2