Monthly Archives: June 2012

i dreamt of running

I guess it’s bound to happen sometime. Last night I dreamt of running in the fields and playing basketball right after. The dream seemed so real – I felt the stones under my feet, felt sweat run down my face, heard the heavy breathing from my chest, experienced the joy of competing again. It’s been almost seven years since I’ve done that. Damn, I miss playing.

learning to read apache logs

So we have something like this line on one of our apache logs. - - [22/Jun/2012:04:05:55 +0000] "GET /this-is-something.html HTTP/1.1" 200 47452 "-" "rogerbot/1.0 (http

Let’s break it down parameter by parameter. The log in question uses a custom log format defined as:

 LogFormat "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %h" mylog
 CustomLog /mnt/pharmdaily/log/pharmdaily-access.log mylog env=!dontlog

There are 10 “parameters” in this log format. The first line below is a hint, the actual values are marked a-j.

 (#) parameter, sample-value
 (a) %{X-Forwarded-For}i,
 (b) %l, -
 (c) %u, -
 (d) %t, [22/Jun/2012:04:05:55 +0000]
 (e) "%r", "GET /dentaloral/regular-teeth-cleanings-could-cut-heart-attack-risk-study.html HTTP/1.1"
 (f) %>s, 200
 (g) %b, 47452
 (h) "%{Referer}i", "-"
 (i) "%{User-Agent}i", "rogerbot/1.0 (,"
 (j) %h,

Tying this all together with the apache documentation for mod_log, we get the following descriptions for these parameters:

 (a) The contents of X-Forwarded-For header line in the request sent to the server
 (b) Remote logname (from identd, if supplied). This will return a dash unless IdentityCheck is set On.
 (c) Remote user (from auth; may be bogus if return status (%s) is 401)
 (d) Time the request was received (standard english format)
 (e) First line of request
 (f) Status. For requests that got internally redirected, this is the status of the *original* request --- %...>s for the last.
 (g) Size of response in bytes, excluding HTTP headers. In CLF format, i.e. a '-' rather than a 0 when no bytes are sent.
 (h) The contents of Referrer header line in the request sent to the server
 (i) The contents of User-Agent header line in the request sent to the server
 (j) Remote host

pci compliant nginx ssl

Something to ensure website’s SSL is PCI compliant using nginx.

 server {
 ssl on;
 ssl_certificate domain.chained.crt;
 ssl_certificate_key domain.key;
 ssl_session_timeout 5m;
 ssl_protocols SSLv3 TLSv1;
 ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;
 ssl_prefer_server_ciphers on;

personal reminder about taking notes

I should really start taking notes more. Lots of things I do are not documented and KM-wise, that’s a big fat red exclamation point. If I got hit by the proverbial bus or I suddenly done a bunk, somebody’s going to be in trouble and that somebody is not necessarily me. Likewise, the practice of writing down thoughts should head off any future mental illness and it’s really cathartic. Forces you to have a clear and organized mind.