Press enter to see results or esc to cancel.

Dear FinTech companies, be careful with external scripts

Just last week I installed a Chrome extension called Privacy Badger. It is supposed to protect you from third party scripts included on websites that might track you. It does that by checking content loaded from other third-party domains. The side effect of this extension was that you suddenly begin to notice which sites include external scripts. I’d say I am not surprised by them on social media sites and other sites where I mostly consume the content. They are used for videos hosted on on YouTube, Facebook Like buttons, Disqus comment sections and so on.

What horrified me was presence of third party scripts on e-banking services and other financial sites where I interact with my account and the interaction can have consequences. These scripts are a huge security risk! Any third-party JavaScript loaded on a website has the same execution privileges as the actual code of the website. This means that if only one of those third party scripts gets compromised, all users of your financial service are at risk. And it gets even worse. Among included third party scripts I didn’t find just well established addresses such as Bootstrap’s CDN. There were also links serving content directly from SVN repositories.

Dear companies, please serve all scripts from servers under your control. Saving some kilobytes of data traffic is not worth the risk of exposing your users to malicious code!

How to: Docker, Dnsmasq and nginx-proxy on Ubuntu 16.04

I like the dynamics of working on multiple project. However, there’s a caveat. One has to manage multiple development environments on one computer. Docker comes to the rescue with it’s ability to isolate different environments. There’s a lot literature about it on the internet. I hope you will find this tutorial useful as well.

We will set up a system where we can access many of our projects at the same time just by accessing a different address in the browser. To achieve this, we will use

  • https://github.com/jwilder/nginx-proxy
  • http://www.thekelleys.org.uk/dnsmasq/doc.html
  • Ubuntu 16.04 or derivative (Kubuntu, Mint…)

How it works?

When browser requests anything that ends with .loc, dnsmasq will resolve that to 127.0.0.1 which is your local computer. Browser will send HTTP request to nginx-proxy which is listening on port 80 of your computer and is automatically configured with several virtual hosts. Based on domain name it forwards request to either App1 or App2.

nginx-proxy-stack

How to prepare your system?

    1. Install dnsmasq by running the following command:
      sudo apt-get install dnsmasq
    2. Edit configuration in /etc/dnsmasq.conf. Add the following lines
      address=/.loc/127.0.0.1
      interface=docker0
      interface=lo
    3. Edit /etc/dhcp/dhclient.confAfter
      #supersede domain-name "fugue.com home.vix.com";

      add the following line:

      prepend domain-name-servers 127.0.0.1;
    4.  Restart dnsmasq by running
      sudo service dnsmasq restart
    5. Update firewall settings so that Docker containers can access dnsmasq
      sudo ufw allow in on docker0 to any port 53
    6. Update Docker settings by creating a file called /etc/systemd/system/docker.service.d/01-default-network.conf . Create necessary directories if they don’t exist. This should be the contents of 01-default-network.conf:
      [Service]
      ExecStart=
      ExecStart=/usr/bin/docker daemon -H fd:// --bip=172.17.42.1/16 --dns 172.17.42.1
    7. Restart Docker
      sudo service docker restart
    8. Setup nginx-proxy by running
      docker run -d -p 80:80 -v /var/run/docker.sock:/tmp/docker.sock:ro jwilder/nginx-proxy --restart always

      This command will ensure nginx-proxy is always running and is started also when you reboot your system.

Usage example

Let’s create a docker-compose.yml file in some folder:

dokuwiki:
 image: istepanov/dokuwiki:2.0
 environment:
 - VIRTUAL_HOST=dokuwiki.loc
 ports:
 - 80

After that run docker-compose up -d.

Now let’s create another project in different folder:

wekan:
  image: mquandalle/wekan
  links:
    - wekandb
  environment:
    - MONGO_URL=mongodb://wekandb/wekan
    - ROOT_URL=http://wekan.loc
    - MAIL_URL=smtp://user:[email protected]:25/
    - [email protected]
    - VIRTUAL_HOST=wekan.loc
  ports:
    - 80

wekandb:
  image: mongo

Again, run docker-compose up -d from this folder. Visiting http://dokuwiki.loc and http://wekan.loc will now take you to each of the applications.

Screenshot_20160714_174416

 

Slovenian hosting providers with PHP 7

PHP 7 has been released months ago. Increased performance makes upgrading a really attractive option. Some of us still remember the long transition that took place when PHP 5 has been released. That’s why it was interesting to see state of PHP 7 support today. I posted an email to the most popular shared hosting providers in Slovenia. I asked them about state of PHP support and their decision making process.

Most of them agree that decision making about upgrading software versions in based on customer demand and on compatibility with the sites they host. Among mentioned criteria was also support for particular PHP version in control panels (for example cPanel) and Linux distributions they use. Most of them allow customers to switch between versions themselves.

This is the list of hosting providers in Slovenia which provide PHP 7 support:
Domovanje.com
Domenca.com
G-server.com
Hitrost.com
Hostko.si
Prasicek.si
Presentia.si
Si-Shell.net
Spletnik.si
Zabec.net

These are without PHP 7 support:
gigaspark.com

Please note that criteria for including each provider in the survey was it’s position on Google. Thus it’s probable that there are more hosting providers without PHP 7 support.

Developer’s machine bootstrap for Raring Ringtail

Ubuntu 13.04 to be Named “Raring Ringtail” (source: http://www.thegeeksolutions.in )

It’s that time of the year when distributions from the Ubuntu family are publishing their release previews and because I like testing software when it’s still warm, I’ve been doing quite some reinstalls lately. What doesn’t change is the software that I usually install right after the first boot. That’s why I created this little snippet which does it all in one step without having to wonder whether I forgot to install something.

I’m sharing it with you by publishing it on GitHub.

The script installs the LAMP stack, Composer, Oracle Java 7 JDK, Qt development tools, Zsh (and sets it as the default shell), Google Chrome, Opera, Clementine, XChat, Filezilla, Sublime Text 2 and Virtualbox.

 

Enhanced by Zemanta

Backing up to Amazon S3

Even though you’re backing up your files on additional hard drive, optical media or something else that you store in a drawer of your desk you’re not quite safe yet. It’s essential to do backups to remote location once in a while. At a price of $0.095 per GB per month Amazon’s S3 storage seems quite an interesting option. To make things easier there is a command-line tool called ‘aws‘ which enables you to use Amazon’s Web Services simply by issuing a few commands.

To backup my development server with Git repositories  and stuff like that I’ve written a simple Bash script:

#!/bin/bash

EC2_ACCESS_KEY=YOUR_ACCESS_KEY
EC2_SECRET_KEY=YOUR_SECRET_ACCESS_KEY
BUCKET_NAME="NAME_OF_THE_BUCKET"
MYSQL_PASSWORD="MYSQL_ROOT_PASSWORD"
NOW=$(date +"%Y-%m-%d_%H-%M")
TMPDIR="/var/backups/$NOW/" #temporary directory for storing archives

add_md5_hash() {
  if [ -z "$1" ]
  then
    echo "You must pass filename."
    return -1
  fi
  echo "Calculating hash..."
  md5sum $1 >> "$1.md5"
  echo "Uploading hash..."
  s3put "$BUCKET_NAME/$1.md5" "$1.md5"
}

backup_dir() {
  if [ -z "$1" ]
  then
    echo "You must pass directory name."
    return -1
  fi
  DIR="$1"
  FILENAME="$NOW${1//\//_}.tar.gz"

  echo "Backing up $1"
  mkdir -p "$TMPDIR"
  cd "$TMPDIR"
  echo "Creating temporary archive $FILENAME"
  tar -zcf "$FILENAME" "$1"
  echo "Uploading to AWS ( $BUCKET_NAME )"
  s3put "$BUCKET_NAME/$FILENAME" "$FILENAME"
  add_md5_hash $FILENAME
}

backup_mysql_database() {
  mkdir -p "$TMPDIR"
  cd "$TMPDIR"
  FILENAME="${NOW}_db_$1.sql"
  echo "Creating temporary file $FILENAME"
  mysqldump -u root -p$MYSQL_PASSWORD --database $1 >> $FILENAME
  echo "Uploading to AWS ( $BUCKET_NAME )"
  s3put "$BUCKET_NAME/$FILENAME" "$FILENAME"
  add_md5_hash $FILENAME
}

backup_mysql_server() {
  mkdir -p "$TMPDIR"
  cd "$TMPDIR"
  FILENAME="${NOW}_localhost.sql"
  echo "Creating temporary file $FILENAME"
  mysqldump -u root -p$MYSQL_PASSWORD --all-databases >> $FILENAME
  echo "Uploading to AWS ( $BUCKET_NAME )"
  s3put "$BUCKET_NAME/$FILENAME" "$FILENAME"
  add_md5_hash $FILENAME
}

#Examples:
backup_dir "/PATH/TO/THE/DIRECTORY/YOU/WANT/TO/BACKUP"
backup_mysql_server #if you want to backup all databases
backup_mysql_database "DB_NAME" #if you want to backup single database

For this script to work you need to install aws. Before using this script you also have to adjust settings at the top and put appropriate backup commands at the end of file, for example:

backup_dir "/PATH/TO/THE/DIRECTORY/YOU/WANT/TO/BACKUP"

to backup a directory. Or

backup_mysql_server

to backup mysql server at localhost. Or

backup_mysql_database "DB_NAME"

to backup a single database.

Make sure that only appropriate users get read access to this file because of delicate information it contains. After initial configuration you can configure Cron to run this script at regular intervals.

I hope you find this post helpful. Now get back to coding.

Enhanced by Zemanta

Tweak your FullCalendar

FullCalendar is a very useful jQuery plugin that enables you to include full-sized calendar with drag and drop support into your page or application. It already offers plenty of options, however, sometimes you might want to tweak it a bit.

Here is an example how to tweak month view to hide past weeks in current month.

First insert this code after function MonthView(…) {… }:

fcViews.augmentedMonth = AugmentedMonthView;

/**
  * A view that doesn't show weeks before the current week when viewing current month
  */
function AugmentedMonthView(element, calendar) {
	var t = this;

	// exports
	t.render = render;

	// imports
	BasicView.call(t, element, calendar, 'month');
	var opt = t.opt;
	var renderBasic = t.renderBasic;
	var formatDate = calendar.formatDate;

	/**
	  * Customized render function that hides weeks before current week in the current month
	  */
	function render(date, delta) {
		if (delta) {
			addMonths(date, delta);
			date.setDate(1);
		}
		var start = cloneDate(date, true);
		var today = new Date();
		if(start.getMonth () == today.getMonth()) {
			start.setDate(today.getDate())
		}
		var end = addMonths(cloneDate(start), 1);
		end.setDate(1);
		var visStart = cloneDate(start);
		var visEnd = cloneDate(end);
		var firstDay = opt('firstDay');
		var nwe = opt('weekends') ? 0 : 1;
		if (nwe) {
			skipWeekend(visStart);
			skipWeekend(visEnd, -1, true);
		}
		addDays(visStart, -((visStart.getDay() - Math.max(firstDay, nwe) + 7) % 7));
		addDays(visEnd, (7 - visEnd.getDay() + Math.max(firstDay, nwe)) % 7);
		var rowCnt = Math.round((visEnd - visStart) / (DAY_MS * 7));
		if (opt('weekMode') == 'fixed') {
			addDays(visEnd, (6 - rowCnt) * 7);
			rowCnt = 6;
		}
		t.title = formatDate(start, opt('titleFormat'));
		t.start = start;
		t.end = end;
		t.visStart = visStart;
		t.visEnd = visEnd;
		renderBasic(6, rowCnt, nwe ? 5 : 7, true);
	}

}

Now you can simply set defaultView to ‘augmentedMonth’ and past weeks won’t appear any more when displaying current month.

By customizing render() function you can go ahead and add your own customizations.

 

New project: Units aware calculator

There’s a ton of software out there to do calculations for you on every platform possible. However there’s much less choice when it comes to calculation that takes into account units of your input. This is a problem especially when I’m writing reports for some courses of physics at the college. That’s why I decided to develop a plugin for LibreOffice Calc that does unit aware calculation. I intend doing so by implementing new types of cells and reimplementing commonly used formulas to operate in an unit aware fashion.

However, before digging into that massive project I’ve decided to port GNU Units to Java to get more experience with the Java itself and to get a grasp on how to do calculation with units. It’s easy to decompose every unit into the 7 base units but converting those back to a combined unit that makes sense in a particular context can be slightly trickier. That’s why this simple project might get quite interesting.

Current progress

I’ve already set up a repository at GitHub and added skeletons of some base classes.

Symfony with a new release process

Open source PHP frameworks souch as Symfony or Zend Framework can speed up development by much and enhance code quality by establishing some conventions and design patterns. In my opinion both of these frameworks are from the technical point of view more than ready for usage in almost every web application. However, the enterprise requires more than that. One of these additional requirements is reliable and predictable release cycle.

Symfony addressed this issue recently by defining a new release process. In the document they have defined very clearly when important points in the project lifecycle souch as new releases and backward compatibility breaks are going to happen. Now the companies using Symfony can plan upgrades of their own applications.

According to plans standard releases are going to be maintained for 8 months after release. More importantly, they are planning to release long term support versions with 3-year support enabling users of the framework to spend more time on developing their applications than on framework upgrades. The first long term support release is expected to be available in May 2013.

Enhanced by Zemanta