by ·0 Comments

After an update to Apache 2.4, my Chiliproject (served by Phusion Passenger) instance did not run anymore. The problem was twofold:

Firstly, I used passenger 3.0.19, which is not compatible with Apache 2.4:

apache2: Syntax error on line 140 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/passenger.load: Cannot load /home/roland/.rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19/ext/apache2/mod_passenger.so into server: /home/roland/.rvm/gems/ruby-1.9.3-p392/gems/passenger-3.0.19/ext/apache2/mod_passenger.so: undefined symbol: unixd_config

This happens because Apache 2.4 has changed the symbol unixd_config to ap_unixd_config. The issue can quickly be solved by installing a more recent version of passenger:

gem install passenger –version 4.0.20

Afterwards, we need to cd to ~/.rvm/gems/ruby-1.9.3-p392/gems/passenger-4.0.20  and execute:

./bin/passenger-install-apache2-module

and follow the instructions. You may consider to specify a user and group under which Passenger will run. This is useful, if you have an rvm in your home directory. In my case these lines look like:

PassengerDefaultUser roland
PassengerDefaultGroup www-data

After this, Apache starts again without problems (sudo service apache2 restart), but instead of the web application we see the raw directory contents. This is because the access control mechanism blocks an execution of Passenger.
Open up the sites configuration (default: /etc/apache2/sites-available/www.conf) and add the following line to the <Directory> section that applies to your Chiliproject:

Require all granted

Afterwards, restart Apache once more.

References

  • [1] New API for Apache 2.4

by ·0 Comments

Simple-to-configure and -use access control is a very versatile feature of the Apache webserver. This article summarizes the basic steps for securing your website with such a login facility. Access control is enabled in the .htaccess file contained in the topmost folder to which it shall be applied (typically the root of your site). All directory levels below this will inherit the settings from this file (as explained here). Add the following lines to your .htaccess file:

# absolute or relative
AuthUserFile <path-to-document-root>/.htpasswd
AuthName "This message appears in the login dialog"
AuthType Basic # not very safe, but OK for temporary access control
Require valid-user # requires a user that is listed in the .htpasswd file
DirectoryIndex index.html #only necessary to show the test site

In order to test your access control settings, create an index.html in your site’s root directory:

<html><body><h1>You are allowed to see this :-)</h1></body></html>

In the same directory, create an .htpasswd file with initial user horst:

htpasswd -c .htpasswd horst
 # Afterwards, type and re-type horst's password

You may add more users as follows:

htpasswd .htpasswd bianca
htpasswd .htpasswd bernhar

Each line of .htpasswd contains a user name, followed by his/her MD5-encrypted password. If you see the passwords in plain text, delete .htpasswd and re-issue all of the above commands with option -m.

A number of online tools for generating .htpasswd and the directives in .htaccess exit, such as that on dynamicdrive.com.

Links

  • [1] htaccess documentation
  • [2] Online htaccess and htpasswd generator (one in a “million”)

by ·0 Comments

Currently (July 2013) 1 &1 uses PHP version 4.4.9 as default PHP version on its shared hosted servers as can be tested with php -v. Many content management systems like Joomla or Drupal need more advanced PHP versions. In order for those platforms to run/install, add this to your .htaccess:

AddType x-mapp-php6 .php
AddHandler x-mapp-php6 .php

These directives tell the webserver to use the newer PHP version – php6 -v yields 5.4.17 – for processing php files.

by ·0 Comments

The Apache Webserver is normally clever enough to tell which PHP/HTML/… file to use as the landing page of an URL. For instance, if you type http://blog.roland-kluge.de in your URL bar, the Webserver knows that you actually want to see http://blog.roland-kluge.de/index.php. Default files to redirect to are index.html, index.php and some more. However, sometimes the webserver may be hindered from finding the correct redirect and produces an appropriate HTML error code.

You may tell Apache which file to redirect to with the following directive in the web site’s root .htaccess:

DirectoryIndex index.html

You may even specify multiple sites which will be probed in the given sequence:

DirectoryIndex index.html somethingWentWrong.html

Links

  • [1] mod_dir reference providing the DirectoryIndex directive

by ·0 Comments

What is Reblogging?

  • …mechanism which allows users to repost the content of another user’s post with an indication that the content originates from another user.
  • Invented in an R&D project at Eyebeam Art and Technology Center (before 2005) and made public as open source software.
  • First used/adapted by Tumblr (2007), aftwards by Twitter (2008, “Retweet”) and Facebook (“Share”/Re-Sharing)
  • Reblogs may be seen as a virtual currency, where somebody who reblogs your content increases your virtual account (Wikipedia – Attention Economy, Wikipedia – Whuffie).
  • Source: Wikipedia – Reblogging

What is Pingback?

  • … method to notify authors when their content is cited on another platform, i.e., author A writes an article, author B cites the URL to this article and author A gets notified.
  • Supported by blog plattforms (e.g. WordPress) and some Content Management Systems (e.g. Drupal, Joomla)
  • Related: Trackback, Refback, Linkback
  • Source: Wikipedia – Pingback

by ·0 Comments

The social network SchülerVZ which is targeted at young students is going down on April 30, 2013. I wanted to save some of my friends’ photos and searched the web for some appropriate tool.

I tried the Bilderdownload v2 from svz-styles.com and a Fotoalbum Download für StudiVZ, SchuelerVZ & MeinVZ 1.09 from userscripts.org both  of which did not work for me. So I needed to create a solution on my own.

Custom-Made Approach

The following description is only tested with the Altes SchülerVZ  theme. When I took a look at the HTML code around photos (<div class=”photo”>), I recognized that it is not possible to right-click a photo in Firefox and select Save Image As… because the context menu has been disabled:

<img id="photoDetailBig" oncontextmenu="return false;" 
alt="" src="http://img-a5.pe.imagevz.net/[...].jpg" 
onload="imageWrapperResizer();">[...]</img>

While it is perfectly reasonable that the SchülerVZ guys want to protect their users’ personal rights, in the current circumstances, I personally find it legitimate to circumvent this restriction. Disclaimer: You are responsible for your doings. Ask your friends first, if you may download their photos.

Preparations: Install GreaseMonkey

For Firefox there exists a nice add-on called Greasemonkey which allows you to execute arbitrary JavaScript code on sites of your choice. The add-on can be downloaded from the official Firefox add-on site. (Click here for immediate installation).

Installing the Userscript

After the  installation of Greasemonkey is complete, you still need the script which unlocks the context menu for photos. I uploaded the script to userscripts.org. If the automatic installation does not work for you, you may manually install the script:

  1. Select Tools -> Greasemonkey -> New User Script…
  2. Set the name to Enable SchülerVZ Photo Download (Altes schülerVZ theme)
  3. Set the namespace to http://userscripts.org/scripts/show/165246
  4. Set the includes to http://www.schuelervz.net/Photos/View/*
  5. Confirm with OK.
  6. Copy the whole code into the editor which pops up and save it.

When you now open up a photo, you will be able to open the context menu and save the image.

Links