Category Archives: Web Development

Basic Firewall Rules for Rackspace Cloud

Posted on by
Reply

Create new file in /etc/iptables.test

* filter
:INPUT DROP [1:48]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [129:20352]

# Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn’t
-A INPUT -i lo -j ACCEPT

#Accept SSH connections
#-A INPUT -p tcp -m state –state NEW –dport 22 -j ACCEPT
-A INPUT -s 1.2.3.4/32 -p tcp -m tcp –dport 22 -j ACCEPT
-A INPUT -s 2.3.4.5 -p tcp -m tcp –dport 22 -j ACCEPT

#Accept Established connections
-A INPUT -m state –state RELATED,ESTABLISH -j ACCEPT

#Accept HTTP connections
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp –dport 8080 -j ACCEPT

#Accept MySQL requests
-A INPUT -s 1.2.3.4/32 -p tcp -m tcp –dport 3306 -j ACCEPT
-A INPUT -s 2.3.4.5/32 -p tcp -m tcp –dport 3306 -j ACCEPT

#Accept all radius requests
-A INPUT -p udp -m udp –dport 1812 -j ACCEPT
-A INPUT -p udp -m udp –dport 1813 -j ACCEPT

#Accept all PING requests on ICMP
-A INPUT -p icmp -j ACCEPT

# Reject all other inbound – default deny unless explicitly allowed policy

-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

Test your commands work:

iptables-restore < /etc/iptables.test

Make sure you can login from another terminal session.

Save out rules:

iptables-save > /etc/iptables.rules

Add to network interface start up script:

auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.rules

Reboot your server….

Making the move from Centos 5 to Ubuntu Server

Posted on by
Reply

24 hours to move all our web applications and service onto Ubuntu 10.04 TLS server from Centos 5.4. The move was stupidly fast and what’s more, Ubuntu’s got more cutting edge applications built in as standard – no more faffing with extra repositories just to get php5.3 installed…

Our core servers still run on Centos 5 – mainly because that’s what the DB and Application server are supported on (well, RedHat but there’s not much difference).

Our multiple web, application, database and monitoring servers are all now hosted on Amazon’s Elastic Cloud (EC2). EC2 gives us greater capacity and control than standard hosting, it’s cheaper, faster and more scalable. We no longer worry about hardware failures, disk space, memory, back-ups, electricity bills or bandwidth.

Centos 5.4 has done us proud for our secondary systems too (websites, hosting, mysql databases, monitoring) but I’ve been spending more and more time trying to get the latest versions of everyday programs installed, like php 5.3. The Centos 5 repositories don’t always include the latest versions for security / stability reasons so we were frequently compiling from source. Not ideal when you need to upgrade.

The switch to Ubnutu 10.04 TLS took only a few minutes. It took 5 minutes to fire up an instance in the cloud, update it and get the databases and files over from the previous server. Here are the steps I followed:

Launch Ubuntu Instance on EC2

There’s an Amazon AMI already setup and ready to go, pretty much out of the box. Using the command line tools, I started an instance, added a security group and added security credentials.

Once started, I quickly updated the software using aptitude, installed mysql server 5, php5.3, a few libraries and dependancies and rebooted.

Move MYSQL Databases and Websites

A simple mysqldump and import took care of the databases. I scp’d the dump and a tar of our sites over, untarred in the right place and went on to modify the http configuration files. Apache2 on Ubuntu’s slightly different to Centos but simpler to manage and faster (I think). I needed to strip out my virtual hosts from a single configuration file and create separate files in the ‘sites-available’ folder.

The a2ensite command makes enabling and disabling sites a blast – much easier than commenting out in the httpd.conf file.

Testing the sites, I found Apache’s mod_rewrite wasn’t enabled by default so ran:

a2enmod rewrite

I’d also forgotten to flush the priviledges on the MySQL db after importing so none of the sites could connect. Again, another simple fix.

Nearly 100 databases and websites (mostly WordPress these days) moved in 20 minutes.

Move IP address to new server

Amazon use Elastic IP addresses so I didn’t have to change all our dns entries. I simply disassociated the existing server and associated with the new one. A 10 second migration.

Checking through the log files for the first few minutes, I could see the following error appearing

Fatal error: Call to undefined function imagetypes()

A quick search revealed the GD library was required for WordPress and was missing. All I needed to do was run:

apt-get install php5-gd

Moving Webalizer History

Installed webalizer using apt-get again, moved history over from previous server and then merged the log files using:

cat newlog oldlog > log

I found our stats were out until I deleted the history files after merging the log files and then ran the command again.

Installing Request Tracker

Our support team use Request Tracker (RT) which is often a pain to install. The process was significantly faster on Ubuntu but I still had to wait for about an hour while it went off and found all required dependancies.

It didn’t take long to get it configured once installed and within two hours of firing the server up, we were in business.

Nagios and Cacti

Nagios took moments to install and all I needed to do was scp the /etc directory over to the new server. Although I could see all the servers and services we monitored, there were some strange errors appearing because of the plugins.

I wasn’t worried about moving the history files over because we use it as realtime monitoring rather than to provide historical data.

Getting Cacti installed was just as fast as Nagios – getting the latest version to run on Centos was a pain in the neck.

Then, moved the database over from another Ubuntu server (office based) as well as the /var/lib/rra folder.

Quickly realised that there were significant problems and we were losing data. Looking through the logs, I could see a couple of errors – mostly with depreciated functions because of the php version (5.3) we were running. There’s a fix coming in Cacti 0.88 so I supressed the errors in my php.ini file for the time being:

error_reporting = E_ALL & ~E_DEPRECATED

The issue with graphs not appearing was due to the x86 architecuture on the latest machine – we were migrating for a i386 non-server Ubuntu release.

In order to get this error sorted, I needed to export and import using the rrdtool. There’s a great command on this site for processing multiple files.

Graphs were in but strangely not collecting new data… Will get sorted.

Amanda Backup

As well as our webserver, this machine also deals with our nightly backups to s3 using Amanda. I thought this would be the hardest part of the migration but it was also quite straightforward. I downloaded the amanda server dpkg here, copied the configuration files over, ran amcheck, sorted firewall rules and was sorted in 15 minutes.

Daily Snapshots

One of the best parts of EC2 is their snapshot facility which allows you to create an instant snapshot of a server and then store out on s3. If there’s ever an issue with a machine, you can rollback in seconds. The only problem is that there’s no automation tools for creating and deleting these.

Using the ec2 command line tools, I wrote a simple bash script to create a snapshot of all our volumes twice a day. I wasn’t able to create one to automatically delete them after X days however. Digging around, I found one written in php that did the job and built this into my script. Thanks to Oren Solomianik’s for this one although it needed modification to support the eu-west region. In the end, I plumped for a modified version of the code found here.

That’s it…

Still need to sort Cacti out but it’s sucking in data at least.

Cacti Server Monitoring

Posted on by
Reply

Yesterday was spent fine tuning our Nagios monitoring server so we could see the load on our Wireless Hotspots, servers and services.

Today’s been spent sorting our Cacti graphical monitoring solution. See screenshot below.

Not particularly difficult to setup, although a couple of hours were wasted adding the wrong information in – hence no graphs for traffic…

Now there’s no excuse for errors or downtime…

What am I working on now

Posted on by
Reply

Other than the standard PolkaSpots Supafly Wi-Fi jobs, I seem to be immersed in a number of reasonably exciting design projects right now.

Can’t complain either, it’s always a pleasure working on something creative not just writing code.

Current Websites Include:

Wild Swans – London based Scandinavian Fashion Retailer

Wild Swans – the UK’s leading Scandinavian fashion store. I’ve been tasked to modernise their existing site and integrate with a high-end commercial shopping cart.

  • Created a custom WordPress integration so the owners can quickly edit pages without having to faff with html or code. Good lesson in php, custom widgets etc.
  • Importing the blog from blogger ensuring pages titles etc. are preserved.
  • Setting up a monthly newsletter campaign using our spanking new system.
  • Integrating with commercial shopping cart.

Go live’s due at the end of the month.

Once Was England – In Memory of a Vanished Land

Once Was England –  a highly regarded lifestyle blog covering all things from a vanished land. The site’s being moved to a WordPress blog and a sub-site created around the popular page, previously held on Tumblr.com

  • Another custom WordPress integration designed to mimic the existing simple style. Once Was England has grown up and a larger site is now required.
  • Importing the blogs, images and comments from Tumblr to WordPress – no easy task…
  • Setting up an online shop from where OWE will sell fine English wares.

Go live’s set for this week…fingers crossed.

PolkaSpots Supafly Wi-Fi – The UK’s Leading Wi-Fi Hotspot Company

Ok, a bit of a cheat this one but still important… I’ve just redone the existing site moving it from our previous CMS (Business Catalyst) into yet another WordPress blog.

Live 11th Jan 2011. Check it out here

Other stuff:

  • Getting back on the bike after breaking my foot in November 2010. Got to lose some Christmas pounds.
  • Organising my 30th birthday which looms closer everyday.
  • Lusting after bike porn and spending too much time reading bikesnobnyc.blogspot.com
  • Enjoying the Boris Bikes
  • Missing my cat who ran away on Friday…

Which Social Media Tools Should You Use

Posted on by
Reply

There are now so many new social networking websites popping up every day, it’s impossible to keep up and even harder to choose which ones to use.

My advice to you is: use only the ones you understand and feel absolutely comfortable with. And, if you don’t feel happy with any, go find someone who does.

Right now, I write a couple of blogs, am reasonably active on Linkedin and pretty popular on Twitter (1,422 followers and counting). We also have a company Facebook account and I’m playing with a lot of others including Posterous, Tumblr, Hunch and Foursquare.

I’m totally ignoring the rest right now as there’s a limit to what I can ingest.

Facebook is a tool I don’t agree with but it works for Public Wi-Fi. Being a Facebook idiot, there’s someone in the office that deals with all this. Don’t be scared to delegate.

You should also be realistic when choosing your weapons. For example, estate agents have to be one of the least liked people on the planet (sorry but it’s true). If you own an estate agent, do not put it on Facebook and expect to get a lot of mates, unless of course, you are pasting interesting facts about housing (maybe).

Persuading your customers to buy online

Posted on by
Reply

Google Analytics is an amazing tool but sometimes there’s too much information. How do you make sense of it all?

I’ve been working on the Google Adwords account for a client whose site went live a month ago. Their keywords are hugely competitive and budget is tight – no room for mistakes. That’s why they were using us.

In the first week of July, they’d got 800+ visits at a cost of £108. Bounce rate was running at 21% and the average time per visit was over 2 minutes. Click-through-rate (CTR) also OK at 5%. Looking good.

Still, no-one was buying anything.

Our first issue was site design. Sadly, we don’t always have control over the actual site – their layout was badly structured and text difficult to read (both colour and size). The cart was confusing and even we couldn’t work out how to checkout…

A few long emails to the web designer later, we were getting there. Not perfect, just closer.

We use Google Analytics everyday and there’s a lot to take in. Where do you start? You need to work out what you actually need first. For this site, navigation was most important. What were the customers clicking on, where were they going?

I thought it would be a good idea to brush up on the Google Navigation Summary report as I’ve always found it confusing…

There’s an excellent article here that explains it in more detail:

http://seo.blogs.webucator.com/2010/07/07/how-to-use-the-google-analytics-navigation-summary-report/

I was starting to realise that our buyers were going round in circles. They were never clicking the actual products.

How are we going to make them buy something?

  • Clutter – remove as much clutter and text from the site as possible.
  • Consolidate – try and write shorter, snappier sentences.
  • Call to action – ‘Click here’ always works.
  • Your Important aspects – most people don’t scroll down. Place important things at the top.
  • Don’t assume – give them some choice, especially on the landing pages, you don’t know what they want, they do.
  • Blinded by choice – remove unnecessary products and experiment.
  • Make product images bigger – fancy jquery rollovers are nice but customers want to see large images.
  • Streamline your checkout – again, make it simple.

I’ll let you know how they get on in a week or so when they’ve made these changes.