And here comes another Christmas 
. For those of you visiting to get the holiday list, you should be here.
If you stopped by, found that list and then backed up to see just what happens here, you’ll be bored soon. Keep reading to see what I mean.
Christmas Time
Posted by M@
on November 26, 2007
No comments
Protecting WordPress’ Control Panel
Posted by M@
on October 10, 2007
No comments
Back when I started managing my own WordPress (WP) install, I was (and by was, I mean will always be) paranoid about letting just anyone with a ‘puter at my /wp-admin dir.
/wp-adminis where you go in WP to control the blog. It’s where you write to and post from, as well as perform administrative tasks.
I felt it prudent, so I took a few steps to protect the place. Firstly, I renamed the default admin account to something else. A task made fairly easy using your web host’s tools (phpmyadmin). Doing this will make it more difficult for fools to to make their way into the blog’s control panel. I also set up one helluvagood pass phrase for myself. Once that was done I took steps to limit just how many computers can hit that directory. This was done with a .htaccess file. Check out http://en.wikipedia.org/wiki/Htaccess for info on what else you can do with htaccess and some tutorials.
My file looks something like this:
AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName “MattSnell”
AuthType Basic
<LIMIT>
order deny,allow
deny from all
allow from 192.168.1.100
allow from 192.168.1.101
</LIMIT>
What it does is deny access to ALL IP addresses (order deny,allow and deny from all) and then selectively allows ONLY those in the allow from list.
Since I have two public IP addresses that almost never change, I just specify them in the allow list and upload the file to my /wp-admin directory using scp or ftp. If my IP address ever changes, I won’t be able to edit or otherwise admin the blog until I go in and update the file. No biggie, only takes a moment.
So there you have it, change the default admin username, set a good pass and limit how many IP addresses can access the control panel. Feeling better already
New blog, but not for me
Posted by M@
on September 27, 2007
No comments
So, looks like I’ve really been keeping up with this blogging thing. Last time was August 3rd…. Well, to be honest, that was the last time I posted. I see a draft here about a new laptop and Vista that is waiting for completion.. I’m gonna count that as a 75% complete blog session (my blog, my rules).
I just spent all of 10 minutes installing yet another WordPress blog, this time for my dad. I can’t get over just how easy it is to create one. All you need is the ability to create a MySQL user and database (cPanel on any Linux hosting provider gives you that), FTP or (preferably) shell access to the server and the ability to edit a text file.
WordPress has a famous 5 minute install that you can follow to do the job, the extra 5 minutes (in my case) is used up going back into cPanel and then phpMyAdmin to rename the default “admin” account to something else and to tweak the permalinks as I just can’t stand the default. Poof! You got yourself a new blog and you’re ready to share your opinions and inane blabber with the rest of the world!
Check out my Dad’s blog, he’ll be posting topics he covers on his weekly WATD radio show.
The Borked WSUS GPO Mystery
Posted by M@
on August 3, 2007
2 comments
So here’s a story, a crappy story. There’s no real explanation (at this time anyway) but the issue is resolved..
I was @ work yesterday, updating some software on some client machines. I started noticing that Windows Update wasn’t enabled on these boxes and I was damn sure that I had a GPO set up for turning it on. As a matter of fact, it was a fairly new policy (about a month old?) that was pointing the machines to a WSUS server on campus. I know little about WSUS and what it does in the background, I just know it’s a handy way to report on and approve updates for machines and not have to install whatever MS says you have to install. We have a very capable gentleman keeping his eyes on the updates and the vulnerability notices. Glad to have him dealing with this for us.
Anyway.. My machines just weren’t picking up the policy that enables Automatic Updates and points the client to the WSUS server. Whats funny is that when it was initially set up, it was working fine! I have no idea when it decided to jump the track, I just know that it did. I did everything I could think of, forcing group policy updates, googling, talking to other admins on campus, all of us stumped. We finally decided that somebody would come down and be a second pair of eyes on the clients in my area the next day. I still continued poking and prodding my boxes for the remainder of the afternoon.
Eventually the day ended, I was p*ssed about this problem and late leaving the office. I HATE knowing something is wrong and being unable to fix it. So I stomped about and sulked all night, wondering what other steps I could perform. I ended up just going to bed really early and hoping that some sleep would help. Riiiiiiiight.
So there I was, 3:45 in the morning, working out and cursing the millipedes trying to invade my house (another story). Still CRaZy angry and annoyed.. I just couldn’t figure out WTF was wrong.. I finished the workout, got ready and headed into work bright and early. I attempted all of the things I had done before, and got the same result.
I finally just decided to unlink the GPO, create a new one, mirror the settings and then force an update on the client machine. All the while my toes were crossed (fingers were busy).
Wouldn’t ya know it. It worked. No idea why, it just did. There aren’t any glaring diffs between the policies. One works, the other doesn’t. pffft. Hate crap like that.. I wouldn’t have minded (as much) if there was some freaking reason for problem..
So, it’s Friday, I don’t have to spend the weekend worrying about this and I’m leaving at noon (just over an hour from now). At least it ended well.
Ahhh, let the weekend begin.
Re-introduction
Posted by M@
on August 1, 2007
No comments
I’ve decided that in an effort to do more with things I enjoy that I’ll be picking up blogging here. I’ve pretty much let all of the fun geek stuff I do fall off of a cliff into oblivion. That of course leads to just being bored and uninterested in the “stuff” that I do. Time to change that
I hope to pick up on my Linux blogging over on my other site as well.. For now I just want to get started again. What you’ll find here is stuff that *I* find interesting. Crap about my life, my interests, whatever. That will most likely lead to some geeky things, some fun things, some really horrid gallows humor and other awful things. Just have to see where it leads to.
For now, check out this site: http://icanhascheezburger.com/. I like it because the kitteh comments crack me up. Sure there’s some cute animal stuff, but if you’ve ever spent any time reading IRC chat or watching the cool kids talk in 1337 speak, you’ll enjoy some of these. The wife and I have pretty much sat in the family room reading each and every one of these.