technorama.co.uk

I've recently been working with Amazon S3 - our videos are served from there as the CDN aspect helps with delivery times. Unfortunately, securing access to them is not a straight forward process as the ACL's are written in JSON. Took me a while to work out, so I thought I'd post my example online for you to use - it allows access to users referred from your domain and blocks anyone whose HTTP_Referer is null.

{
"Version":"2008-10-17",
"Id": "Deny no referer",
"Statement": [
{
"Sid": "Allow access from our domain",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3::CDPlayback/*",
"Condition": {
"StringLike": {
"aws:Referer": [
" http://www.my.domain/*",
" http://my.domain/*"
]
}
}
},
{
"Sid": "Block access where referrer is null",
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3::CDPlayback/*",
"Condition": {
"Null": {
"aws:Referer": true
}
}
}
]
}

Over the past couple of days I have been tasked with migrating our student intranet from an internal virtual host to an external hosting provider. With this in mind, I now present my guide to moving Joomla. Hope it helps!

Step 1: Backup everything!

The first thing you want to do is backup all files within your Joomla installation. Create a folder on your local system, and download all files to that folder using your ftp client application.

Step 2: Export your database

The easiest thing to do is use PHP admin to generate scripts via the Export function - this should create an SQL file that you can simply upload in to your new installation. The other, more complex way is to copy the Joomla database files from your mySQL instance and copy them up to your new server. This does imply that you have access to the relevant directories on both hosts. This is unlikely on a shared host. You can normally find the database files in /var/lib/mysql

Step 3: Modify configuration.php

This step is very important. Go to the folder on your local system to which you downloaded all of your Joomla files. In the first level folder, you will find the file named "configuration.php". Open this file with a text editor and make the necessary changes. At the very least, you will probably need to change the following parameters:

* $mosConfig_absolute_path: This is the absolute server path to your new Joomla! installation. It will probably look something like "/path/to/joomla/installation".
* $mosConfig_cachepath: This is the absolute server path to the cache for your Joomla! installation. It will probably look something like "/path/to/joomla/installation/cache".
* $mosConfig_live_site: This is your website's url. It will be something like "http://www.yoursite.com".
* $mosConfig_host: This is the location of the server that hosts your MySQL database. For most instances, this value will be "localhost". If you are unsure, ask your hosting provider.
* $mosConfig_db: This is the name of your MySQL database.
* $mosConfig_user: This is the database user name. Make sure this user has all privileges on your database.
* $mosConfig_password: This is the password for your MySQL database user.

Step 4: Upload all of your files to your new server

Using an ftp client application (like FileZilla), upload all of your files to the location on your new server where you want to install Joomla.

Step 5: Import your database to your new MySQL server

Using phpMyAdmin (or console commands if you know mySQL and have SSH access) and the SQL file you generated in step 2, import your old database into your new database. Alternatively, as mentioned, upload your Joomla database files.

Step 6: Test your new installation

Everything should be pretty much working - it's always worth making sure that the PHP and Apache configurations of both servers are identical. mod_rewrite in particular can cause issues if you have SEF links.

For my sins, I act as our Moodle admin. For those of you that don't know Moodle, it's a virtual learning environment. We use it to present a number of courses and it generates about 250k hits a month.

Well, this morning the server ran out of space. I am in Cornwall and could hear the panic from here! Thanks to the fact the, bizarrely, I have HSDPA access with my T-Mobile 3G broadband on the edge of nowhere, I was able to SSH in and take a look. Main issue is to get the site up and running again, which means clearing down any unnecessary data. That means logs and temp files. But how do you find them without a GUI?

The easiest way I have found is to navigate to a likely directory (in this case /var/www/moodledata) and run the following:

This'll give you a list of the 50 largest files (and directories) in the current tree. In my case, it appears that the cron job had not been clearing down the backups correctly. Checking that they'd been moved to tape, a quick delete and we've got 4GB back - enough for the weekend and more importantly enough for me to get back to doing nothing in peace!

A couple of months ago, I was interviewed in my capacity as Systems DBA at Milton Keynes College about some of the challenges that we face as an organisation. You can read the resulting article, Defence Mechanisms, here.

After a nasty attack of Conficker, one of our Windows 2003 boxes refused to start the DHCP service, giving the following message:

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7023
Date: Date
Time: Time
User: N/A
Computer: ServerName
Description: The DHCP Client service terminated with the following error: Access is denied.

The problem appears to be with permissions on a couple of registry keys, namely:

HKLM\SYSTEM\CurrentControlSet\Services\Dhcp
and
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip

To fix the error (comes from Service Control Manager with a code of 7023), set the permissions for the Network Service account on the two keys above to Full Control. Make sure that the permissions are cascaded down to sub-keys by going to Advanced Permissions and ticking the box which states "Replace permission entries on all child objects with entries shown here that apply to child objects".

This should fix the issue