Author Archives: David Goodwin
Automated twitter compilation up to 24 January 2012
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 24 January 2012
exim + spamassassin subject rewriting on symbiosis
One customer of mine has an Bytemark Symbiosis based exim mailserver which uses SpamAssassin. It works pretty well – however the : rewrite_header Subject *****SPAM***** directive in spamassassin (/etc/spamassassin/local.cf) seemed to be being ignored – and the only effect of the mail being classified as spam is/was a couple of additional headers added (X-Spam-Status: spam). … Continue reading
State of the union – sort of (my 2011).
Well, perhaps not quite a State of the Union Address, but here’s a random update on my life in general which perhaps sums up the last year (as we’re almost at the end of the year, it’s probably fitting I somehow, somewhere write something like this). My children (Rowan and Anya) are both growing up … Continue reading
SQL Injection with added magic_quotes assistance (the joys of legacy code maintenance)
Sometimes you really have to laugh (or shoot yourself) when you come across legacy code / the mess some other developer(s) left behind. (Names slightly changed to protect the innocent) class RocketShip { function rahrah() { $sql = “insert into foo (rah,rahrah,…) values ( ‘” . $this->escape_str($this->meh) . “‘, …… )”; mysqli_query($this->db_link, $sql) or … Continue reading
Solr and WordPress (instructions/howto)
This is for Tomcat5.5 (on Debian Lenny), WordPress 3.1 and Solr 3.4. The intention is to use the solr-for-wordpress plugin (see github ). Lenny does include a Solr package (v1.2) which is somewhat outdated (and not supported by the upstream solr-for-wordpress wordpress plugin, hence we can’t use it). Install Tomcat (and Java) apt-get install sun-java6-jre … Continue reading
netstat –tcp -lp output not showing a process id
I often use ‘netstat –tcp -lpn’ to display a list of open ports on a server – so i can check things aren’t listening where they shouldn’t be (e.g. MySQL accepting connections from the world) and so on. Obviously I firewall boxes; but I like to have a reasonable default incase the firewall decides to … Continue reading
Automated twitter compilation up to 04 November 2011
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 04 November 2011
Automated twitter compilation up to 11 September 2011
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 11 September 2011
wp-mobile-detector is insecure (wordpress plugin)
It seems installing the wp-mobile-detector plugin on your wordpress site is a bad idea {tm} A customer’s web server has the following requests in it : [24/Aug/2011:02:10:47 +0100] “HEAD /wp-content/plugins/wp-mobile-detector/timthumb.php?src=http://superflickr.com.nu/index.php HTTP/1.1″ 200 – “-” “Mozilla/5.0 (Windows; U; Windows NT 5.1; ru-RU; rv:1.7.12) Gecko/20050919 Firefox/1.0.7″ [24/Aug/2011:02:10:48 +0100] “GET /wp-content/plugins/wp-mobile-detector/cache/27a44a2d2bea4a693389c325a1125aa6.php HTTP/1.1″ 200 52 “-” “Mozilla/5.0 (Windows; U; … Continue reading
Automated twitter compilation up to 30 August 2011
Arbitrary tweets made by TheGingerDog (i.e. David Goodwin) up to 30 August 2011