Half-Elf on Tech

Thoughts From a Professional Lesbian

Author: Ipstenu (Mika Epstein)

  • phpMyAdmin vs CMS

    By ‘CMS’ I mean WordPress, Drupal, whatever.

    So here’s a funny. I moved my DreamHost site to a VPS, so I could learn nginx (I’m still a newb) and suddenly I couldn’t get to my phpMyAdmin anymore! Before someone says it’s DreamHost’s fault, this is actually due to how I installed subdomains (which I don’t recommend) and configured nginx (still optomizing). That said, not every CMS is flexible enough for this, so if you have this problem too, here’s a work-around.

    As you know, you’re supposed to go to http://mysql.elftest.net which then sends you to http://elftest.net/dh_phpmyadmin/mysql.elftest.net/ to get to your phpMyAdmin page. Except it gives you a 404 styled like your site instead.

    Solution? Make a fake subdomain.

    I made db.elftest.net (which has nothing), but now I can go to http://db.elftest.net/dh_phpmyadmin/mysql.elftest.net/ and log in!

    How I buggered my subdomains, and how I fixed it, is another post.

  • Encrypted Search Terms

    Encrypted Search Terms

    A recent stats viewing, with search terms high-lighted.I haven’t seen a lot of people kvetching about this, which surprises me.

    If you like to look at JetPack’s stats and happen to giggle over your search terms, you may have noticed encrypted_search_terms showing up. Your search terms are what other people use in order to find you. So for example, someone found my blog by typing “forever alone” (which doesn’t make any sense to me, but okay).

    About a year ago, Google made search more secure, by letting you search via https. If you’re logged in to Google anything, you will be searching via https, which means no one knows what you searched for. Jetpack sees it as ‘encrypted search terms’ and Google Analytics sees it as ‘not provided.’ This is all great for the user, and the tin-foil hat me loves it! Except that now all we users see is encrypted search terms, instead of anything of value.

    As the number of people who use Google whatevers grows, the value for my search terms is going to plummet. In fact, taking a look at things, my ‘not provided’ numbers have doubled. It used to be that maybe 1% of searches showed up like this. I was around 13% for an average month in January, and now I’m looking at 30%. I am losing the ability to see what search terms are good for my site, and this makes it hard to manage my SEO.

    Oh. SEO. I hate you.

    I laud Google for doing this and at the same time decry them. Yes, having users protected while they search is awesome, it means my data is safe and it’s less easy for people to mess with me. As a user, I think this is good. As a website guru, I wince a lot. Without the feedback of users’ search terms, it’s very hard to know what does and doesn’t work. And the worst part is the majority of your users don’t even know they’re doing this. They know they’ve signed in to Google email, and they’ve signed in to Google+, and that’s it. They don’t know the ramifications.

    I don’t pretend to be an SEO expert, but what I do claim is to have common sense, and to valiantly fight against the will to be stupid. It’s pretty obvious to me that encrypting my results rips out my ability to, for free and with no cost to my users, be able to determine what works and what doesn’t on the fly. Many times, when I tweak a site, I follow the stats and see what pages are hit more often, by whom, and when. Now there are work arounds to loosing that immediate feedback, but when you think about it, almost all involve you having to pester your users.

    A/B testing is the least intrusive way about it, but for a lot of people, it’s complicated to do on a small, simple website. The basic idea is to ‘draw’ users to two different versions of the same site, and see which one gets more traffic. Max A/B is a good WordPress plugin for that. That said, your users may notice that the site one of them sees isn’t the same as another, and it means you have to up-keep two versions for a while.

    Google Is WatchingGoogle, naturally, isn’t very consistent here. They generate their live traffic information via your cellphones. Whenever an Android user opts into location tracking, Google constantly monitors their location. If a whole mess of users are slowing down on the 405, guess what? Traffic. Now, arguably your data is ‘safe in their hands’, but that’s impossible to prove. If you haven’t yet, read Cory Doctorow’s “With A Little Help”, especially the story “Scroogled.”

    Basically what Google’s saying is ‘You can’t use their data, but we can. Trust us.’ Nothing makes me start to trust someone less.

  • Command Line Mac Trash Tricks

    Command Line Mac Trash Tricks

    RM TrashWarning! I’m going to talk about the ‘rm’ command which is a super-deadly command in the linux world. No matter what, never ever ever consider running it unless you’re certain you know what it does!

    I review a lot of plugins, which means I download them all to my laptop, review all the code, possibly install them, and then delete. This means, on any given week, I have 5000 items in my trash. And this is without unzipping! (Yes, we get a lot of plugins, and TextWrangler lets me review most of them in their zips.)

    When I forget to empty my trash every day, I end up waiting hours for the GUI empty to run unless I use rm -rf from inside the ~/.Trash/ folder. The real command is this:

    $ rm -rf ~/.Trash/*

    I like this because it’s crazy fast compared to the GUI, and

    But sometimes I actually just want to commandline my trash. I’ll be banging on things in Terminal and a very simple ’empty trash’ command would be nice, right? OSX Trash lets me type trash -l to see what’s in my trash, and trash -e to run the normal empty command. It’s better than a lot of other scripts, because if I type trash filename and there’s already a file with that name in the trash, it behaves like Mac Norm. That is, it’ll rename my second file ‘filename date’ and I won’t have file conflicts!

    The only thing it’s missing is a ‘trash -p’ command, which would let me run the force rm and just dump it all. Yes, I know rm works, but if you’ve ever typed it in the wrong window, you know why it’s a terrifying command. Still, back to the age old rm commands, what happens when you have that annoying locked file error? Like me, you probably kvetch about quitting everything to delete.

    More command line magic!

    $ cd ~/.Trash
$ chflags -R nouchg *
$ rm -rf *

    Finally, to make this full circle, I made a dead simple alias to prevent me from fat fingering the rm too much:

    alias trashdump='rm -rf ~/.Trash/*'

    Fast, efficient, and potentially deadly, but less than manually typing it in all the time. Deleted 2000 files in seconds, versus minutes.

  • Passwordless SSH

    Passwordless SSH

    I’m incurably lazy, and as we all know, lazy techs like to automate (ltla?).

    I ssh a lot into my personal servers, and I get tired of having to type ssh account@server.com, and then enter my password. So I got smart.

    iTerm ProfilesSince I’m on a Mac, the first thing I did was grab iTerm2. This lets me create simple profiles so with a click, I can log in to any of my servers. When I was using Windows, I used PuTTY and the add-on for Connection Manager.(The real PuTTY CM site is gone, and binarysludge just keeps a copy on hand for the same reasons I do. You never know when you need it. Mine’s in my Dropbox storage.)

    What I really loved about PuTTY CM was that I could fill the pref file with my accounts and passwords, and then one-click connect to any of my servers. This was as The Bank Job, where I had a couple hundred servers to do this with, and when I had to change my password, I could search/replace that file. I know, it’s not secure. At DreamHost, I had the same, but they scripted it so I can sudo in with a handy call that I’m in love with. As long as I remember my password, I’m fine. But see, I told you, I’m horribly lazy and I hate having to log in with my password, then sudo again with my password.

    The first step for this is to make an rsa key pair. This is a fancy way of telling both computers to trust each other, so on your personal computer (we’re assuming linux here), go to your home folder and type this:

    [Laptop] $ ssh-keygen -t rsa

    You’ll be presented with a series of informative notes and questions. Accept all the defaults, and keep your passphrase empty.

    Generating public/private rsa key pair.
Enter file in which to save the key (/home/ipstenu/.ssh/id_rsa): 
Created directory '/home/ipstenu/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /home/ipstenu/.ssh/id_rsa.
Your public key has been saved in /home/ipstenu/.ssh/id_rsa.pub.
The key fingerprint is:
3e:4f:05:79:3a:9f:96:7c:3b:ad:e9:58:37:bc:37:e4 ipstenu@[Laptop]

    This saves your public ‘key’ in the .ssh folder (yes, it’s a folder)

    Now we have to setup the server (halfelf.org for example):

    [Laptop] $ ssh myaccount@halfelf.org mkdir -p .ssh
myaccount@halfelf.org's password:

    This will SSH into halfelf as ‘myaccount’ and create a folder called .ssh. You only need to do this once, so after you set up the key for one computer, you can skip this the next time.

    Finally we’re going to append the public key from my laptop over to HalfElf, so it trusts me:

    [Laptop] $ cat .ssh/id_rsa.pub | ssh myaccount@halfelf.org 'cat >> .ssh/authorized_keys'
myaccount@halfelf.org's password:

    The reason we’re appending is so that if I decide I want to add my Work Laptop, I can just make the key, and then repeat that last command and it will add it to the bottom, trusting both.

    There’s a caveat here, which caught me last week. I set everything up for my new server, ElfTest, and then moved the server to a VPS. The IP changed, so the trusted key was invalid. You see, every time you connect to a server for the first time, it asks you to trust it. If anything in that fingerprint changes, you have to re-trust. This is annoying:

    The authenticity of host 'elftest.net (111.222.333.444)' can't be established.
RSA key fingerprint is f3:cf:58:ae:71:0b:c8:04:6f:34:a3:b2:e4:1e:0c:8b.
Are you sure you want to continue connecting (yes/no)?

    After you respond “yes” the host gets stored in ~/.ssh/known_hosts and you won’t get prompted the next time you connect. When it became invalid, I had to go edit that file and delete the entry for elftest (it’s partly human readable, so it wasn’t too bad).

    If you hate this as much as I do, and you feel you’re immune to man-in-the-middle attacks, there’s a nifty command:

    ssh -o "StrictHostKeyChecking no" user@host

    This turns off the key check. Generally speaking? Don’t do this. I’ve actually only done it once. (This was at the bank, where I was behind so many firewalls, if you’d gotten to my computer, I was in trouble anyway.)

  • WordPress Multisite Subdomains Without Wildcards

    The easiest way to run a Multisite network with subdomains is to use wildcard subdomains, because they’ll automagically map anything.yourdomain.com to yourdomain.com and WordPress will in turn translate that for you.

    When you’re on shared hosting, you can’t do that. But don’t worry! If you’re willing to do it manually, every time you have a new subdomain, you can still have subdomains! This is really easy, if weird.

    Go to manage domains on your Panel and click on ‘Add New Domain / Sub-Domain’

    Add your subdomain as ‘mysub.yourdomain.com’ and check the box to remove www (it’s a subdomain, you don’t need it, and it causes weird issues with some plugins).

    Set the Web Directory to where you have your main domain installed (normally this will be /home/username/yourdomain.com ) – yes, I really mean exactly the same. This is what wildcards do for you, but since you don’t have it, you need to do this. It should look like this:

    That’s it! Now you just scroll down and press Fully Host This Domain and wait till it’s provisioned. Once that’s done, you can go to mysub.yourdomain.com and it will take you to yourdomain.com! Add in a subdomain within WordPress called ‘mysub’ and everything will work exactly like it should.

  • Subdomains, WordPress and nginx

    This should be obvious, but I’m not familiar with nginx, so it wasn’t.

    I added trunk.elftest.net as a separate subdomain (rather than Multisite) because I wanted it to run trunk and not impact anyone else.

    The way that DreamHost works, is you have a separate folder for your nginx configurations, called nginx, and it lives off your home directory. This is commonly referenced as ~/nginx/ and yes, if you type in cd ~/nginx/ you’ll jump right there.

    To make WordPress work, I had to create ~/nginx/trunk.elftest.net and add a wordpress.conf file there, with the standard DreamHost nginx config for WP.

    ######################
 # Permalinks
if (!-e $request_filename) {
 rewrite ^.*$ /index.php last;
 }

    Magic.