Category Archives: Web

WordPress Advanced Course

I have just attended Mike Little’s?advanced??Wordpress course which was organised by MAD Lab. I have been using WordPress for many years and am quite confident in using the framework. This course was just what I needed to re-inspire me to do more “web-work”.

I would recomend anyone with an existing interest in WordPress or a need to create a manageable website to keep an eye out for Mikes courses.

Quick nagios host config generator

Here is a quick script I have cobbled to generate nagios host configs it may need to be changed for template etc but you get the gist.

It includes support for padding of hostname numbers e.g. padding of 3 = web001, web002….web045…web999.

#!/bin/bash
# Nagios host config generater.
# Bruce Tonge
#
#If you need to gen a config for a large number of sequentialy numbered hosts
#just run:
#nagios.sh web example.com 1 50 3
#
#This will create host entries for machines 1-50 but named web001 - web050
#The output should be redirected to a file.

if [ “$#” -lt “4” ]
then
echo “usage: $0 <hostprefix> <fqdn> <first node number> <last node number> <host number padding>”
exit 0
fi

host_str=$1 #host prefix
fqdn_str=$2 #domain name
fnode_num=$3 #first node number
lnode_num=$4 #last node number
pad_num=$5 #charicters to pad

for hostnum in `seq -f”%0$5g” $3 $4`;
do
shorthostname=$host_str$hostnum
longhostname=$host_str$hostnum.$fqdn_str
printf “#Host Entry for Node $shorthostname.\n”
printf “define host{\n”
printf “\tuse\tbasic-host\n”
printf “\thost_name\t$shorthostname\n”
printf “\talias\t$shorthostname\n”
printf “\taddress\t$longhostname\n”
printf “\t}\n”
printf “\n”;
done
exit 0

PSN Email

I have just tonight received the email I have been waiting for from Sony in regard to there PSN “Outage”. As you are all probably aware the PSN has been down for a week now and looks like it will be down for at least another week. It would appear that Sony have managed to loose there entire user database to an intruder. the only think they seem to have protected is the security code for credit cards though they are not finished investigating the breach so there is time yet…

The one thing that has struck me is that they have lost all the users passwords… Now this is quite alarming in a number of ways. Firstly let me note the two options I see there being for the loss of passwords as described by Sony (which is vague at best):

1. The passwords were stored in the clear (not protected by a hash) and were in the same databases that have been taken. Or.

2.The passwords were stored in a database that was compromised but they were hashed password.

Now if option 2 is the case I can only guess that there is some worry that the hashing method used is not very strong I.E. a known algorithm with no salt. This would be bad but excusable.

I fear however that Sony have kept the passwords in the clear. This is inexcusable. IF this turns out to be the case I dare say the protection of the credit card security codes will be as equally poor.

I will await the full disclosure of this incident before I decide weather to leave the PlayStation platform for good.

My Single Line WordPress Upgrade

Here is my take on the single line word press upgrade I saw at hack a day.
The bellow will download the latest version and unpack it. IT then removes the new plugins and themes as to not over wright your installed ones. IT then copies the new install over the old one and resets the permissions on the files.
wget http://wordpress.org/latest.zip && unzip latest.zip && rm -rf ./wordpress/wp-content/ && cp -r ./wordpress/* ../

You may need to change the paths for your installation but this should work quite well.
As allways take a backup before you run this just in case.

MacRumours Hacked

The live feed for the MacWorld keynote from MacRumours was hacked today. This hack also took down there regular site. From the text that was in replacement to the keynote info (provided by thoes that had hacked the site) it seems that access to the server controle pannel was hacked allowing access to the hole system. It also apeared that more than one hacker had had ago at the system as conversations emerged in the streem. At one point it seemed that other users of the site were also able to contribute as requests to stop were also included in the streem as well as info from other streem providers. Not a good day for MacRumours.