Category Archives: programming

WordPress and Mail-icious Logs

mariusz_mail

 

Remember a couple months back when I wrote about my ridiculous error log woes? Well, I must be the Queen of Crappy Logs because all that fun slammed back into my life in the form of mail log overload. So what gives!? I’ve cleaned my code on older CakePHP installations, added a new WordPress installation for a new project, swapped out any standard wp_mail() functionality for Mandrill API fun, and followed my usual routines for new websites. WHY IS MY SERVER ON FIRE!?

Apparently this hosting-space-savvy developer needed a lesson in managing a server on her own. I got to see first-hand what happens when you disregard any anti-spam precautions when firing up a new WordPress site. I’ve known about Akismet or Mollom, but never thought they were super necessary. I rarely see the deep admin side of my hosted servers so out of sight out of mind, right? NOT ANYMORE! This is now my server I need to protect; I can’t just turn a blind eye while the mail log file grows 1GB/half hour and crunches all CPU. MUST. SAVE. THE WORLD. THE SERVER!

At first, I didn’t realize this was spam. I naturally thought back to my error fun from weeks ago and approached this instance as another flare-up. I start by referencing my friend cat /dev/null >mail.log to help clear some space. This moment of clarity lasts seconds, as the spam attempts continue to overflow the screen. I figure, “Hey, I have Mandrill hooked up. Why is Postfix even trying to work without an active local mail server?” This thought leads me to turning off/stopping Postfix.

Nothing.

OKAY! I’ll completely unload Postfix so HA! Won’t even be an option for ya now, server. Take THAT. Wait…what’s it doing? It’s using a DIFFERENT mail option!? Ninety-two kill PID attempts later and holy hell I’ll put back Postfix. Cripes.

::spam logs continue and I swear they’re even faster/angrier::

WHY WON'T YOU DIE

 

…ugh okay. Now what!? Why is this thing so angry! I start to wonder if it’s in fact the WordPress installation. Maybe if I turn off the site for a moment? I flip the switch — silence. Mk, so it’s definitely this WordPress site. This pause gives me a moment to actually read the lines in this out-of-control log stream. That’s when I notice a bunch of phony email addresses using our WordPress site as a domain name. I definitely don’t have any emails listed for that domain name so finally the spam lightbulb goes off. Great! At least I have a clue!

Time to bust out the anti-spam guns. The most popular solution is Akismet so I went there and got a key. Back in my day ::shakes a cane::, Akismet was free to anyone. I can understand that their popularity and success has resulted in them asking for some maintenance help. Anything would be worth a quiet mail log at this point. I snag a key and pop it into place in my WordPress installation. I also decide to shove a Captcha plugin even though I disabled all commenting for good measure. It’s amazing how resilient these spam bots are even when all commenting/pinging functionality is turned off.

Welp! It’s not complete log silence, but I can see a shift in the log messages. Instead of trying to send these spam mails through a dormant mail server, I see Akismet doing it’s job of double-checking each one and rejecting accordingly. Lovely! I may still be racking up a sizable log file over time, but at least my server CPU is back to normal and free again. Hooray!

Now that I have some time to consider alternative measures, I can’t help but question if Akismet is the best solution for WordPress spam protection. They are very robust now and provide a great third-party check, but is that server-to-server jump so necessary for the sake of some phony email? For now, I believe it is. I can see myself shifting my stance once I get my feet wet and more familiarized with the whole spam front. There are many alternatives out there that can keep you within your own server; privacy-crazed developers rejoice! Be sure to check them out for yourself and save yourself from this chaotic, spammy mess!

That’s all for now! Happy coding :)

 

Back to Stack Dog

My Partner Can’t Hang…

Oh, ya know…just staying up rather late because I’m fixated on a dynamic functionality for my [beloved] pet project when I noticed my REAL pet/partner-in-dev-crime can’t hang:

late_night_fail_1

Seriously?! How do dogs sleep this way?!

Perhaps I’ll need to get a human dev partner one of these days. Or crack the whip on the boy! Just kidding, just kidding; he’s too friggin’ adorable.

Can’t wait to release a glimpse of this project! Hint: a clue lies in my “about” blurb at Stack Dog Solutions …oh, and :P

K, so that’s probably a crappy hint, but I just need a bit more time to ‘get it right.’ This site is something I’ve envisioned for a long time and I hope I can pull off what I’ve had in my head.  So far I’ve pushed myself to new levels, created some fun features, and streamlined a lot of my everyday dev processes. Not too shabby. Worst case, I keep it in dev and continue to learn from it. Though, I can assure you that I’m trying hard to make sure I have at least a few friends or my parents (inadvertently the best site testers) taking it for a spin in the near future!

Time to put my head to rest for a bit. Happy coding!

 

Back to Stack Dog

MySQL a.k.a. MyHEADACHE

Okay, I’m subjecting myself to developer shame and scrutiny, but I’m tired of hitting these little snarls. In other words, this post is more for myself than anyone else. Plus, the other point of this blog is to document my trials and solutions so brace yourself.

I’m simply trying to get a new installation of MySQL up and running on a Mavericks-based server. There are 20,398,430,284 (maybe fewer) articles regarding the process, but I somehow manage to slam into walls. Part of me believes it’s the fact that there ARE too many articles and it’s so easy to get on a wrong track vs. following one installation process. Either way, I think I have the combo that did it for me once and for all.

Credit to these folks:

Originally, I followed one guy’s take on it all and ended up with no mysql database and completely locked out of the root user (with or without password attempts; cute, I know). So! I decided to start over. But nooOOooo you need to COMPLETELY removed all MySQL fun from your drive before trying again. That uninstallation link above was the key to that. I missed a few files and especially the logged history notes. Time to put the Joe Schmoe blogs aside and stick to basics. (I know, I know — KISS). I stuck to the walkthrough suggestions and simply downloaded from MySQL dev site and followed those steps. To immediately avoid the root battles, I decided to try the “mysqladmin -u root -p ‘PASSWORD'” immediately. SEEMED to work from there, but I wasn’t convinced thanks to my earlier walls. I ran the mysql_secure_installation script in order verify my user settings and to get things locked down and cleaned up from the start. I was able to update the root password at this point if I’d like, which was NICE. This little process (much like CakePHP bake) helps you clean up your testing databases/usernames to prep for production. Given that I’m simply transferring servers, I’m all about getting the production replica in place and nixing the test gear. Sweet success!

Now I can finally put things back into place. Again, I’m fully aware that this isn’t something ‘hard’; it’s just finicky and my attention span can be rough. I found solace in the fact that most walkthroughs reference the notorious 2002 socket fix, which reminds me that there are still nuances in this whole MySQL process. I’m sure Oracle is battling to make it even tougher to fork out in the future, too. Apple always had MySQL in their Server Admin services list until the recent OS releases. I see a pattern! ::sigh:: Hello, MariaDB!

Well that’s all for now. Happy coding (now that you can)!

Back to Stack Dog

The Neverending Text Edi-Tour

I hope you read that title and immediately started singing like I did. No? Oooookay…

Eh hem…I was unexpectedly persuaded into trying a new text editor, Sublime Text 2, despite having downloaded the newly-released and highly-anticipated Coda 2 this year. While Sublime was downloading, I began to recap the “text edi-tour” that I inadvertently traveled throughout my career and debated whether or not an ideal editor actually exists for me. Yes, there are so many out there that can fit any particular niche, but I can’t help but notice that many editors are extremely gimmicky or bloated. “Look! This one fills in your pages with lines from Nicolas Cage movies!”, “Awesome!! This one visually renders any move or change you make!”, “OMG this one plays the entire Rocky theme song every time your function fires without an error!”

I realize that some folks love the extra bells and whistles, but I see them as a distraction from actually, ya know, writing code. Perhaps I’m just a creature of habit; why stop using the tool that lets me get right to the point? Why give that up to endure the learning curve in a new software that potentially sucks? Well, today I found out why it pays off to keep an open mind with editors.

I was going “oooOooo” within fifteen minutes of using Sublime Text 2. Despite using the spanking new Coda 2, I was still doing happy dances due to the subtle features and streamlined feel of Sublime. You mean I can add any sort of open-sourced package to my editor by using a shortcut and a quick download?! I can find designed themes that soothe my screen-squinting headaches!? You mean it writes big chunks of code in place of a simple word trigger?! Okay, I’m even going to get granular here and mention how happy I was to see that it would simply open a file on a single click, but would tab the file for further use if double-clicked. SO good! No more ongoing tabs of files that I barely edited.

Before I get ahead of myself, I will stay fair and mention the excessive number of questionable [hilarious] packages available to us. One in particular caught my eye and perfectly fits in with the “super unproductive” scenarios I listed: Hipster Ipsum

Yup! You read that right. “Hipster w/ a shot of Latin.” Ah yes. Just what the dev world needs. But I have to say that sometimes a grueling project full of boring content and repetitive functions could take a shot of this kind of nonsense. Dare I say I might use Hipster Ipsum someday? Eh, doubtful.

So from a pen and paper to Notepad, Dreamweaver, jEdit, BBEdit, TextWrangler, Vim, vi, Eclipse, Coda, and now Sublime — have I found my ideal text editor? I’m thinking yes! Seriously, I encourage any developer to try it out. I was very skeptical, but Sublime is truly a simplified yet super powerful means of streamlining your workflow. We may never reach the end of the edi-tour, but at least keep an open mind and help yourself find a decent resting spot along the way :)

Happy coding!

 

 

 

Back to Stack Dog

Open-Source Gone Bad

I stand by (and blog on) open-source languages. They’re customizable yet robust and come with an extensive library of public documentation. More often than not, a quick Google search can help you get through that epic wall you’ve been bashing for hours. Feeling innovative? You can always see the “what if” attempts made by other programmers across the web. This open collaboration is key to pushing the envelop and finding new means of development. Sounds so lovely, right? Well, I’m feeling obligated to note the downside due to the nuances battled in a recent project.

Here’s the thing with open source — You’re making yourself wide open to dealing with inconsistencies and, even worse, blatantly incorrect code. Logic, though primarily 0/1 or TRUE/FALSE, can easily conform to a programmer’s style. There may be one right answer, but many ways of getting there. That said, you may have immediate access to great code and ideas, but you’re likely to spend some time getting that programmer’s style to conform to your own within your projects. Oh, and the whole “this isn’t even right” portion of this example.

I downloaded a new installation of CakePHP and found some great Bootstrap/ACL plugins and helpers to get the site to be super responsive and equally secure. Yet, I kept hitting walls with some of my forms; they would not validate properly despite using the same code as in other, working projects. Let the debugging begin.

Hours later, I realize the issue derives from the improperly formatted parameters in an example created by the plugin developer. ::sigh:: So much time assuming it’s a database or structural issue. Nope! Just a simple inclusion that hoses the entire functionality. Moments like that are a key reminder that open source has its fair share of nuances and disadvantages. Be sure to always weigh the pros and cons of a priced solution, as time can quickly cost more than an upfront payment.

Mid-project realization: double-check all browser validation capabilities before destroying the validation in your project. More browsers are intervening with front-end validation (HTML5) so be sure to add the “novalidate” parameter to your forms to maintain your own error message:

<form method="post" action="/foo" novalidate>

Otherwise, you will see a generic alert with browser-oriented colors and text. Still debating if I appreciate this feature or not. Front-end validation = good. Browser-controlled styling and text = not so hot. Baby steps.

Happy coding!

Back to Stack Dog