Current Location: Home / Archives for Apache

Checkout the O’Reilly Answers Social Network

November 4, 2009 By 2 Comments

Image2 I am typically not one to recommend a social network to my clients w/ the exception, of course, of the already established networks such as Facebook, Twitter, LinkedIn, Tumblr, etc.  My whole philosophy regarding social networking at this stage of the game is that if you want to build a community, build upon what’s already out there as much as possible (Facebook API, Twitter API) and don’t try to re-invent the wheel. 

However, I have always felt that strong, reputable Niche networks could exist externally if they were packaged correctly.  A good example of such a network that is currently in Beta right now is O’Reilly Answers.  O’Reilly has a good vision with this network, and of course they have some really positive things in their favor already such as Awesome Reputation, an Established Following, and a Trusted Name, what more could you ask for?

You can also look at the Network and tell that there were some clear objectives put into place while developing this solution.  They obviously wanted it to be user friendly, functional, and interactive.  There are basically three ways you can interact inside O’Reilly Answers:

Share Your Knowledge    

You can actually enter in blog posts and tag them according to your subject matter and other users can comment you on your posts.  This is one area that I think they could have done a little differently.  We all manage our own blogs externally, why would we want to post our content on their website as well and have 2 comment systems running at the same time to follow up w/ readers?  My thoughts on this part are that they could have put into place some sort of RSS option where you could aggregate your content from your blog and have your friends inside the network click out to read your posts.  Maybe I am not seeing the big picture on this, but as a workaround I posted about 3/4 of 2 blog posts into their network along w/ a link at the bottom to get to the remainder of my post on my blog.

Ask A Question

Since O’Reilly has been catering to the Technically Minded community for so long, you can rest assured that some pretty sharp folks are going to be hanging around in this community.  Well, let’s say you have a question about a project you are working on, you can post that question to the community, tag it, and before you know it some of the sharpest minds in the world are answering your question.  This is an area where I really see this network having value for a lot of us…

Answer a Question

Let’s say someone asks a question and you know the answer, you can provide them w/ your insight w/ ease.  I think that this networking model is going to speed up the “obstacle to solution process” once the network get’s off the ground.

———————————————-

Also, just a few notes regarding the Network as it is right now.  There are obviously some bugs, I had a couple of errors pop up on me when I was setting up my profile, this is to be expected w/ a new release like this.  Give them time, I am sure that O’Reilly will iron out all of the kinks very soon.  Here’s some basic information that was forwarded to me today from our Account Rep at O’Reilly…

We’re launching the beta of O’Reilly Answers, and I’m inviting you to be part of it. In brief, O’Reilly Answers is a community site for sharing knowledge, asking questions, and providing answers that brings together our customers, authors, editors, conference speakers, and Foo (Friends of O’Reilly).

Why Answers, and why now?
O’Reilly is at the center of an amazing exchange of knowledge sharing and idea generation. We’ve created the usual means of facilitating communication between customers, O’Reilly folks, and the outside experts we call "alpha geeks" who contribute to O’Reilly books, conferences, and websites. We can connect through reader reviews, errata submissions, book forums, blog comments, Get Satisfaction, our customer service department, and more. But too much of this conversation is siloed, and not enough is public (e.g., discussions on our internal mailing list for editors, or personal responses to customer questions). O’Reilly Answers will be the place where much of that communication happens from this point forward.

Why participate?
The lofty reason: Like O’Reilly, you want to "change the world by spreading the knowledge of innovators." That’s our mission, and we’ve been fortunate enough to build a community of passionate, committed people who love to learn and share their knowledge as they work towards a better world for us all.

The "nice, but what’s in it for me" reasons: reputation, recognition, and rewards.

Get Recognized: "Find interesting people" is a core activity at O’Reilly, and an important component of our success. We see Answers as an important way to discover and connect with our next authors, online instructors, videographers, and speakers.

Build Your Reputation: You’ve learned a lot, why not get credit for all that knowledge? As your submissions to Answers are voted up, your personal reputation on the site increases. At launch, your reputation will be based solely on your participation in O’Reilly Answers. Soon, we’re expanding across oreilly.com, so the book errata and book reviews you’ve submitted, books you’ve registered, and conferences you’ve attended, will add reputation points. You’ll also earn badges to mark accomplishments and milestones.

Earn Rewards: Glory is great, but discounts and deals are nice, too. We want to reward your contributions to the O’Reilly community. Shortly we’ll have a point-based system in place that you can redeem for books, training, courses, and conferences. Details soon, but in the meantime, any actions you take now will count towards your total points.

This is just v.1: The best part of any project on the web is watching it take on a life of its own. With that in mind, we’re looking forward to *your* suggestions about where O’Reilly Answers should go, what features should be added, and what benefits and rewards we can offer all of you.

I’d like to acknowledge the projects that have proceeded Answers and inspired us, such as SitePoint Forums (we distribute their books), StackOverflow, Yahoo! Answers, Knol, and many others. They’re great resources, and we think the O’Reilly community can create a useful site that’s, well, a different kind of animal.

One last thing: O’Reilly Answers is in beta and you may encounter bugs. We’re still working on many improvements to the site, such as feeds for each tag, but would love to hear your suggestions for features and improvements. Please send any suggestions/questions/bug reports to answers@oreilly.com.

Until next time–
Marsee Henon

Also, if you should signup, be sure to add me as a friend, http://people.oreilly.com/cotton

Filed Under: Apache, Book Reviews, Central Arkansas Refresh, Domain Registration, E-Commerce, Email Solutions, MODx CMS, Monetization, Search Engines, Social Media / Web 2.0, Web Development, Web Hosting, Wireless, Wordpress™ Tagged With: , , , , , , , ,

Critch on ModSecurity…

May 28, 2009 By Leave a Comment

Matt Critcher, our server admin, posted this on his blog the other day about ModSecurity and I thought that it was worthwhile to repost.  We implemented ModSecurity a while back and hardened all of our servers to help guard us against a lot of the threats that are out there today.  Looking back it was probably one of the smartest things we ever did.  Over the years I have worked with a lot of server administrators, but I have never worked with one that has as good a grasp of ModSecurity as Matt.

From a Developers perspective ModSecurity can be a little frustrating on the front end because it will by nature shutdown or cause some elements of your applications to “break” until you get ModSecurity configured correctly and all of these core functions added as includes, but trust me, once you get everything configured correctly it sure does help you sleep better at night knowing that some hacker in India isn’t setting up a rootkit on your server through a hole in one of your applications.

Like Matt says in his post, Security is an ongoing thing, and part of that ongoing process also has to include keeping all of your open source software patched and up to date.  Here’s Matt’s post:

Since I’m back, I’ve got a few days worth of log files to dig through. A couple of years ago an old legacy PHP script Pleth was running wasn’t very secure, but was critical to the operations of a particular customer. It got hacked (well, they used it to upload a C99Shell) a couple of times before the vendor released an update. Scouring the internet for a solution, I learned of Mod Mod Security, an application firewall of sorts. It runs as a module in your Apache configuration and uses a set of user-configurable rules files to detect and prevent a number of attacks against a website. The rules list has a huge community backing, and people have written rules for about every vulnerability out there. Open Source is good no? Anyway, as I was digging through those files today it kinda shocked me to see just how much stuff mod_sec blocked. The internet is a dangerous place…..

Among the same lines, you can further protect your server by making a few small php.ini changes as well. Look for the line in yours that says 

   1: disable_functions = "........

and make sure you add

   1: shell_exec,escapeshellarg

to the list there. This will prevent PHP from operating as a shell, which you really don’t need anyway (well, you shouldn’t in my opinion). There’s about a million different things you can actually disable, but some of them are needed.

Another PHP trick is open_basedir, which is a php configuration directive that sorta "jails" the scripts to whatever directories are listed in the open_basedir directive for that particular domain.

From the manual page:

When a script tries to open a file with, for example, fopen() or gzopen(), the location of the file is checked. When the file is outside the specified directory-tree, PHP will refuse to open it. All symbolic links are resolved, so it’s not possible to avoid this restriction with a symlink.

It’s not the most friendly option on the planet, but it does work and takes a bit of careful configuration to get it working right. For a site that might be considered risky, it’s worth the effort.

Just don’t be fooled into thinking that these fixes are the end-all-do-all. Security is a never-ending process. PHP is just one aspect of it.

Mod Security is good for you! | www.mcritch.com

Filed Under: Apache, Web Hosting Tagged With:

Using ModRewrite

November 13, 2008 By 1 Comment

Let’s say you have just re-designed a website and during the process you were forced to change some filenames in the new site from what they were in the existing website.  For example, about.htm is now called about.php in the new site structure.  Normally you would be forced to endure having a dead link in Google until your new filename get’s crawled or updated from your sitemap.xml.  This can sometimes take weeks if not longer.

A quick way around this is to use the ModReWrite Engine to “re-route” filenames to new filenames.  This also comes in handy if you have a lot of external websites or clients that link back to specific pages in your website.  To setup ModRewrite Engine, simply create or edit your .htaccess file to have the following sample code: (of course change this to match your filenames, etc.)

 

   1:  Options +FollowSymLinks
   2:  RewriteEngine On
   3:  RewriteRule ^index.html http://www.yourwebsite.com/index.php
   4:  RewriteRule ^directory_name/index.html http://www.yourwebsite.com/directory_name/index.php
Filed Under: Apache Tagged With: ,

Apache 301 Redirect

November 13, 2008 By Leave a Comment

I could have sworn I had posted some basic Apache Functions and Mod Rewrite’s on here a long time ago but today when I actually drew a blank and couldn’t remember how to do a 301 they were nowhere to be found so I am going to create a new category on here for Apache and re-post a few that I use frequently so that I can refer back to them.

This is a simple 301 redirect.  Let’s say you build a new website inside a new directory such as <cms> and you are now ready to go live w/ the website but you don’t want to lose your SEO benefit or be penalized for restructuring your site, you can use a 301 redirect to accomplish this.  It’s very simple, see sample code below:

   1:  Redirect 301 /index.htm http://www.yourwebsite.com/directory/filename.htm

Filed Under: Apache Tagged With: