Posts Tagged ‘long time’

How to renew self signed QMAIL toaster and QMAIL rocks expired SSL pem certificate

Friday, September 2nd, 2011

qmail_toaster_logo-fix-qmail-rocks-expired-ssl-pem-certificate

One of the QMAIL server installs, I have installed very long time ago. I've been notified by clients, that the certificate of the mail server has expired and therefore I had to quickly renew the certificate.

This qmail installation, SSL certificates were located in /var/qmail/control under the names servercert.key and cervercert.pem

Renewing the certificates with a new self signed ones is pretty straight forward, to renew them I had to issue the following commands:

1. Generate servercert encoded key with 1024 bit encoding

debian:~# cd /var/qmail/control
debian:/var/qmail/control# openssl genrsa -des3 -out servercert.key.enc 1024
Generating RSA private key, 1024 bit long modulus
...........++++++
.........++++++
e is 65537 (0x10001)
Enter pass phrase for servercert.key.enc:
Verifying - Enter pass phrase for servercert.key.enc:

In the Enter pass phrase for servercert.key.enc I typed twice my encoded key password, any password is good, here though using a stronger one is better.

2. Generate the servercert.key file

debian:/var/qmail/control# openssl rsa -in servercert.key.enc -out servercert.key
Enter pass phrase for servercert.key.enc:
writing RSA key

3. Generate the certificate request

debian:/var/qmail/control# openssl req -new -key servercert.key -out servercert.csr
debian:/var/qmail/control# openssl rsa -in servercert.key.enc -out servercert.key
Enter pass phrase for servercert.key.enc:writing RSA key
root@soccerfame:/var/qmail/control# openssl req -new -key servercert.key -out servercert.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:UK
State or Province Name (full name) [Some-State]:London
Locality Name (eg, city) []:London
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
Organizational Unit Name (eg, section) []:My Org
Common Name (eg, YOUR name) []:
Email Address []:admin@adminmail.com

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

In the above prompts its necessery to fill in the company name and location, as each of the prompts clearly states.

4. Sign the just generated certificate request

debian:/var/qmail/control# openssl x509 -req -days 9999 -in servercert.csr -signkey servercert.key -out servercert.crt

Notice the option -days 9999 this option instructs the newly generated self signed certificate to be valid for 9999 days which is quite a long time, the reason why the previous generated self signed certificate expired was that it was built for only 365 days

5. Fix the newly generated servercert.pem permissions debian:~# cd /var/qmail/control
debian:/var/qmail/control# chmod 640 servercert.pem
debian:/var/qmail/control# chown vpopmail:vchkpw servercert.pem
debian:/var/qmail/control# cp -f servercert.pem clientcert.pem
debian:/var/qmail/control# chown root:qmail clientcert.pem
debian:/var/qmail/control# chmod 640 clientcert.pem

Finally to load the new certificate, restart of qmail is required:

6. Restart qmail server

debian:/var/qmail/control# qmailctl restart
Restarting qmail:
* Stopping qmail-smtpd.
* Sending qmail-send SIGTERM and restarting.
* Restarting qmail-smtpd.

Test the newly installed certificate

To test the newly installed SSL certificate use the following commands:

debian:~# openssl s_client -crlf -connect localhost:465 -quiet
depth=0 /C=UK/ST=London/L=London/O=My Org/OU=My Company/emailAddress=admin@adminmail.com
verify error:num=18:self signed certificate
verify return:1
...
debian:~# openssl s_client -starttls smtp -crlf -connect localhost:25 -quiet
depth=0 /C=UK/ST=London/L=London/O=My Org/OU=My Company/emailAddress=admin@adminmail.com
verify error:num=18:self signed certificate
verify return:1
250 AUTH LOGIN PLAIN CRAM-MD5
...

If an error is returned like 32943:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:607: this means that SSL variable in the qmail-smtpdssl/run script is set to 0.

To solve this error, change SSL=0 to SSL=1 in /var/qmail/supervise/qmail-smtpdssl/run and do qmailctl restart

The error verify return:1 displayed is perfectly fine and it's more of a warning than an error as it just reports the certificate is self signed.

Some of the most important Symbols for Orthodox Christians in The Eastern Orthodox Church – Symbols in the Eastern Orthodox Christian Faith (Eastern Orthodox Symbolism) and Christian Symbolism in the Roman Catholic Church (Symbolism in Western Catholicism)

Tuesday, April 13th, 2010

Some-of-the-most-important-symbols-for-orthodox-christiains-in-the-eastern-orthodox-church-symbols-in-eastern-orthodox-faith.

Yesterday, while browsing randomly I came across an interesting Roman Catholic webpage.
The website is created by Catholics with the idea to better explain the Catholic religion and Symbolism.
Though as an Orthodox Christian, my interest towards Roman Catholicism is only scientific, it's really interesting to see the common symbolism surrounding Roman Catholicism and compare with the Orthodox Christian symbolism. Many of the Roman Catholic Symbols are equal symbol with the one we nowadays used in the orthodox church.
I presume this common symbolism between Orthodox and Roman Catholic church,has stayed the same from the time before Roman Catholics split from the Only Holy Apostolic Church  to become the Church of the West Roman Empire, that's how the naming Roman Catholic came forward.

To find out more about Roman Catholic symbolism please see the following links I've mirrored the information from Fisheater's website which is btw is a great website targeting Roman Catholic layman. Everything on the website is explained in a simple everyday language without too much terminology which makes it a great resource for Roman Catholic Christians and people like me who who like to take a look in Roman Catholicism.

It's really a strange and intriguing fact let's call it a "co-incidence" that the inverted cross (upside-down) cross,also called "Peter's cross" on which saint Peter was crucified is also a symbol of Papacy .
It's a popular fact that nowadays Satanist use a similar inverted cross to the one said to be symbol of papacy for their "Black Masses" (Satanic Masses). Maybe some Roman Catholic priest or Cardinal has to explain, how comes that the Roman Catholics ended with such a significant symbol used nowdays in anti-christian satanic religion to be also a symbol of their beloved Pope??

I will skip forward to the heart of this article, which is to explain the Christian Symbolism which is important for us the Eastern Orthodox Christians. Many of the symbols might have in common, also with other Christian early Churches like the Coptic Oriental Orthodox Church, the Armenian Apostolic Orthodox Churches and other Chruches which somehow are closer to the One Holy and Apostolic Church – the Orthodox Church but officially are not in communion with us the Orthodox Christians.

Here I'll share only the most notable Christian Symbolism which is also used in the Eastern Orthodox Church.

Many of this symbolism was always bothering me while in Churches or Monasteries and was always pushing me to more and more questions without answers, thus I finally did some research on this symbols in get a better understanding on my Orthodox Christian faith.

Since I don't have a Theologian education and many of us the ordinary layman's in the church doesn't have such education I hope this orthodox Christian symbolism shared here and it's meanings will be of interest and will help you fortify your good faith in God and our Orthodox Christian faith.

Lamb of God Christian Symbol
Lamb

Lamb: symbol of Christ as the Paschal Lamb and also a symbol for Christians (as Christ is our Shepherd and Peter was told to feed His sheep).

This symbol is also presented in Bulgaria on the little yellow book they sell in our Bulgarian Orthodox Churches.
This tiny book contains the Divine Liturgy compiled by God's inspiration by st. John Chrysostom
If you're coming from an Catholic Background and you hold interest for Orthodox Christianity, as historically East Orthodox Christianity Symbol of Faith as well as basic doctrines were kept untouched, you might consider reading online here The Divine Liturgy by St. John Chrysostom
It's really important to say that the Divine Liturgy by St. John Chrysostom is the "backbone" of the church life, since it's the main and most served Liturgy in the eastern Orthodox Churches around the world.

Dove and Russian Patriarch
Dove: symbol of the The Holy Spirit and used especially in representations of our Lord's Baptism and the Pentecost. It is also used to recall Noe's dove, a harbinger of hope.

Chirchoao, Chi-Rho Sigla
"Chi-Rho" or "sigla": the letters "X" and "P," representing the first letters of the title "Christos," were eventually put together to form this symbol for Christ ("Chi" is pronounced "Kie"). It is this form of the Cross that the Emperor of Byzantia Constantine saw in his vision along with the Greek words, TOUTO NIKA, and which mean "in this sign thou shalt conquer.

Orthodox Tau Cross
"thau" or "tau": the T-shaped cross is mentioned in the Old Testament and is seen as a foreshadowing of the Cross of Christ.
Ezechiel 9:4:
"And the Lord said to him: Go through the midst of the city, through the midst of Jerusalem: and mark Thau upon the foreheads of the men that sigh, and
mourn for all the abominations that are committed in the midst thereof."
I've noticed that the tau_cross is often worn by Orthodox Monks as "a badge" on their clothes somewhere in the right of their chest

Greek Orthodox Cross
The Greek Orthodox Cross This symbol is one of the earliest Christian symbols which emerged right after Christ's resurrection.
The Greek Cross has all fours members the same shape and form (crux quadrata) and usually suggests the Christian church rather than a symbol of Christ's suffering.

Jerusalem Cross
Jerusalem Cross: also called the "Crusaders' Cross," it is made up of 5 Greek Crosses which are said to symbolize a) the 5 Wounds of Christ; and/or b) the 4 Gospels and the 4 corners of the earth (the 4 smaller crosses) and Christ Himself (the large Cross). This Cross was a common symbol used during the wars against Islamic aggression. (see less stylized version at right)

Baptismal Cross
Baptismal Cross: consisting of the Greek Cross with the Greek letter "X", the first initial of the title "Christ," this Cross is a symbol of regeneration, hence, its association with Baptism. Usually the Orthodox priest dress is decorated with a sign like this.

Red Orthodox Egg
The Scarlet red Egg:
Church tradition has it that St. Mary Magdalen went to Rome and met with the Emperor Tiberius to tell him about the Resurrection of Jesus. She held out an egg to him as a symbol of this, and he scoffed, saying that a man could no more rise from the dead than that egg that she held could turn scarlet. The egg turned deep red in her hands, and this is the origin of Easter eggs, and the reason why Mary Magdalen is often portrayed holding a scarlet egg.

Ichthus an early Christian Symbol
Ichtus (Ichthys) – The Fish:
Fish: the fish — ever-watchful with its unblinking eyes — was one of the most important symbols of Christ to the early Christians. In Greek, the phrase, "Jesus Christ, Son of God Savior," is "Iesous Christos Theou Yios Soter." The first letters of each of these Greek words, when put together, spell "ichthys," the Greek word for "fish" (ICQUS ). This symbol can be seen in the Sacraments Chapel of the Catacombs of St. Callistus. Because of the story of the miracle of the loaves and fishes, the fish symbolized, too, the Eucharist (see stylized fish symbol at right). Important note to make, here is that nowdays this sign's variations is not too often to be seen in Orthodox Churches. It's highly adopted by protestant Christians, seeing this sign on somebody's car or inside his home is a sure sign that probably he adhere's to Christian teachings different from orthodoxy.

Alpha Omega orthodox symbol
The Alpha-Omega symbol
Alpha, the first letter of the Greek alphabet, and Omega, the last letter of the Greek alphabet, became a symbol for Christ due to His being called "the First and the Last." The roots of symbolizing these attributes of God go back further, all the way to the Old Testament where, in Exodus 34:6, God is said to be "full of Goodness and Truth." The Hebrew spelling of the word "Truth" consists of the 3 letters "Aleph," "Mem," and "Thaw" — and because "Aleph" and "Thaw" are the first and last letters of the Hebrew alphabet, the ancients saw mystical relevance in God's being referred to as "Truth." At any rate, the Greek Alpha and Omega as a symbol for Christ has been found in the Catacombs, Christian signet rings, post-Constantine coins, and the frescoes and mosaics of ancient churches.

IC XC Nika Orthodox Symbol
The "IC XC Nika":
comes from Ancient Greek and was a widespread ancient Christian Symbol which is nowadays still present in the Eastern Orthodox Churches. IC XC Nika literally translated to english means "IC XC = Jesus Christ, NIKA = Glory to". In other words translated to modern english IC XC NIKA means Glory be to Jesus Christ!

Many Protestant Christians, nowdays falsely believe and claims this fish Christian symbol preceded the Crucifix as a symbol of veneration of Jesus and his Cross sufferings in the Church. This kind of belief is a falsely spread along many Protestant or "Evangelical" Christian denominations and Methodists. to be seen in many ancient Christian Church buildings is a Christian symbol. Today, some ancient Orthodox Churches still contain the "Christian fish" symbol. The reason why this symbol was used by early Christians is as a remembrance of the great miracle of Jesus to feed 5000 with 2 fishes and seven breads.

Holy Eucharist Cup, Bread and Wine

The Holy Eucharist vessels used by Orthodox Priests This is the cup of salvation as also called during the Divine Liturgy each time, the Wine and the Blood that the priest prepares in that Holy Cup is transformed by The Holy Spirit into a veracious flesh and blood of our Lord Jesus Christ.

Orthodox Byzantine Coat of Arms
The byzantine coat of arms
is an ancient Christian symbol used in the early Byzantine Church, nowadays it can be observed only in the Orthodox Churches.
It symbolizes the power of the Byzantian empire under the guidance of the the Holy Lord and the Gospel Truths.

Orthodox Bishop Crown
The Orthodox Bishop Crown is only worn by Bishops in the Orthodox Church. This crown indicates the Bishop's Church and spiritual (rank) and dignity.

Byzantine Orthodox Cross
Byzantine Orthodox or Russian Orthodox Cross
Is used most often by Eastern Catholics and Russian Orthodox, this Cross is the Byzantine Cross with the footrest at a diagonal. This slant is said to represent one of a few things:
– the footrest wrenched loose from the Christ's writhing in intense physical suffering; lower side representing "down," the fate of sinners, while the elevated side represents Heaven;
– the lower side represents the bad thief (known to us as Gestas through the apocryphal "Acts of Pilate" ("Gospel of Nicodemus") while the elevated side to Christ's right represents the thief who would be with Him in Paradise (St. Dismas);
– the "X" shape of the slanted "footrest" against the post symbolizes the cross on which St. Andrew was crucified.

Megaloschema a dress of a schimonk
The Megaloschema is a dress worn by schimonks. This monk rank is actually the highest possible rank an orthodox Christian monk can achieve. The symbolism on the dress is a brief form of:

  • IC XC (IECOYC XPICTOC) "Jesus Christ"
  • IC XC NIKA ("IECOYC XPICTOC NIKA") meaning: "Jesus Christ is Victorious"

The letters below IC XC Nika has a meaning – The Light of Christ shines on all.

  • XX. X.X letters. – means "Christ bestows grace on Christians"
  • The 4 Thitha (called) signs are a symbol for: Vision of God Divine wonder

Then the

  • T. K. P. G – Means "The Place of the Skull becomes Paradise"
  • The text placed in the lowest translated to English is "AdamThe First Man" and also is a symbol for the Place of the Skull (Golgotha).
  • In the Orthodox Church and the Church fathers teaches us that Golgotha or the Place of the Skull is the Place where the first man (Adam) was buried, and by God's divine providence coincides with the place where our Saviour Jesus Christ was crucified.

Orthodox Bishop Dress
Orthodox Priest dress / robe
This dress is only worn by Orthodox Christian Bishops.

Bulgarian Orthodox cross with 4 lights
The Cross with four lights emitating near the center of the cross This cross is actually used in more modern times as a Christian Orthodox symbol, The four lights coming out of the cross are added,
as the gospels speak that Christ is the Sun of righteousness
I've had quite a long time trying to figure out why exactly this cross is made with this 4 lights. It was a real joy when one time a priesttold me the meaning.
It's interesting fact that most of the Roman Catholic's crosses nowdays have the four lights radiating from Christ's Crucifix or the Cross symbolizing the Crucifix.

This is all I will say for symbolism for now. I hope this Christian symbolism will shed some light on the matters of Symbolism in both the Orthodox and the Catholoic eastern Church. I'll be glad if somebody out there more literate on the subject comment on my post and correct me if I'm wrong with smething.

Free Software in Balkans 2010 (A free software conference on the Balkanies is approaching)

Tuesday, August 24th, 2010

Richard Stallman on a Free Software Conference

Today when I was reviewing my daily visited websites I come across an interesting news.
This kind of meeting is quite a news because it is the first in line where Free software users and developmers fromall around the balkanies will meet to discuss,test,share and continue the free software code and ideals.
The first Free Software conference in the Balkanies is about to be hosted in Vlora University Albania .

The conference Free Software in Balkans (FreeSB2010) is an annual meeting of the free software users, developpers and supporters in the Balkan countries. It will travel from country to country, year to year to different locations. The Conference will gather professionals, academics and enthusiasts who share the vision that software should be free and open for the community to develop and customize to its needs, and that knowledge is a communal property and free and open to everyone.

This kind of event will build up the social network between free software fans and developers and will further help in the general spread of free software on the balkanies.
This kind of meeting are already for a long time a tradition in many states in America, so having it in the balkanies is quite a development.

You can read a bit more about the exact focus of Free Software in Balkans 2010 conference here

Pitily right now there is no published scheduled list of presentations which are about to be given in the conference, but I guess the conference schedule would be out in a few days time.
I’m not yet sure if I’ll have the time and opportunity to attend the conference, however I do hope that somebody of my balkan readers will got interested into the “fabulous” Free Software event and will support the event’s initiative by visiting it 🙂

Joomla 1.5 fix news css problem partial text (article text not completely showing in Joomla – Category Blog Layout problem)

Monday, October 20th, 2014

joomla-fix-weird-news-blog-article-text-incompletely-shown-category-blog-website-layout-problem

I’m still administrating some old archaic Joomla website built on top of Joomla 1.5. Recently there were some security issues with the website so I first tried using jupgrade (Upgrade Joomla 1.5 to Joomla 2.5) plugin to try to resolve the issues. As there were issues with the upgrade, because of used template was not available for Joomla 2.5, I decided to continue using Joomla 1.5 and applied the Joomla 1.5 Security Patch. I also had to disable a couple of unused joomla components and the contact form in order to prevent spammers of randomly spamming through the joomla … the Joomla Security Scanner was mostly useful in order to fix the Joomla security holes ..

So far so good this Joomla solved security but just recently I was asked to add a new article the Joomla News section – (the news section is configure to serve as a mini site blog as there are only few articles added every few months). For my surprise all of a sudden the new joomla article text started displaying text and pictures partially. The weirdly looking newly added news looked very much like some kind of template or css problem. I tried debugging the html code but unfortunately my knowledge in CSS is not so much, so as a next step I tried to temper some settings from Joomla Administrator in hope that this would resolve the text which was appearing from article used to be cut even though the text I’ve placed in artcle seemed correctly formatted. I finally pissed off trying to solve the news section layout problem so looked online too see if anyone else didn’t stick out to same error and I stumbled on Joomla’s forum explaining the Category Blog Layout Problem

The solution to the Joomla incomplete text showing in article is – To go to Joomla administrator menus:

1. Menus -> Main Menu -> (Click on Menu Item(s) – Edit Menu Item(s)) button
2. Click on News (section)
In Parameters section (on the botton right) of screen you will see #Leading set to some low number for example it will be something like 8 or 9. The whole issue in my case was that I was trying to add more than 8 articles and I had a Leading set to 8 and in order to add more articles and keep proper leading I had to raise it to more. To prevent recent leading errors, I’ve raised the Leading to 100 like shown in below screenshot
joomla-blog-layout-basic-parameters-screenshot-fix-joomla-news-cut-text-problem-screenshot

After raising to some high number click Apply and you’re done your problem is solved 🙂
For those curious what the above settings from screenshot mean:

# Leading Articles -> This refers to the number of articles that are to be shown to the full width
# Intro Articles -> This refers to the number of articles that are not to be shown to full width
# Columns -> This refers to the number of columns in which the articles will be shown that are identified as #Intro. If #Intro is zero this setting has no effect
# Links -> Number of articles that are to be shown as links. The number of articles should exceed #leading + #Intro

N.B. Solving this issue took me quite a long time and it caused me a lot of attempts to resolve it. I tried creating the article from scratch, making copy from an old article etc. I even messed few of the news articles one time so badly that I had to recreate them from scratch, before doing any changes to obsolete joomlas always make database and file content backup otherwise you will end up like me in situation loosing 10 hours of your time ..

The bitter experiences once again with Joomla convinced me when I have time I have to migrate this Joomla CMS to WordPress. My so far experience with Joomla prooved to me just for one time the time and nerves spend to learn joomla and built a multi-lingual website with it as well as to administer it with joomla obscure and hard to cryptic interfaces and multiple security issues., makes this CMS completely unworthy to study or use, its hardness to upgrade from release to release, besides its much slow and its less plugins if compared to WordPress makes wordpress much better (and easier to build use platform than Joomla).
So if you happen to be in doubt where to use Joomla or a WordPress to build a new company / community website or a blog my humbe advise is – choose WordPress!

Improve Websites SEO: Optimize images to Increase website loading performance on Linux server – Image Compress tools

Friday, December 5th, 2014

Optimize-website-images-pictures-to-Increase-website-loading-performance-on-Linux-server_Image_Compress_tools-Improve-Websites_SEO
Part of our daily life as Web hosting system adminstrators is to constantly strive to better utilize our Linux / Windows hosting servers hardware.
Therefore it is our constant task to look for new better ways to optimize our Apache Sites and Webservers in order to return served application content light fast to keep the Boss and customers happy 🙂

There are things to tune up for better server performance and better CPU / memory utilization on both server Application server side as well as the website programming code backend, html and pictures / images

Thus it is critically important to not only keep the Webserver / PHP engine optimized but keep hosted sites  stored images and source code clean and efficient.

We as admins usually couldn't directly interfere with clearning the source code and often we have to host a crappy written sites with picture upload forms with un-optimized Image files that was  produced on old Photo Cameras, "Ancient" Mobile Mobiles, Win XP MS Paint, various versions Photoshop, Gimp etc.).

It is a well known fact that a big part from a Website User Experience is how fast the user loads a page, thus if HTML / CSS loaded images loads slow has a negative impact on user look & feel about website

Therefore by optimizing the size of hosted sites Images, you Save Network bandwidth and in some cases when Large Gallery sites HDD disk space.

On Linux, there are already a many command line tools to inspect and optimize (compress) the size of PNG, JPEG, GIF, BMP, PNM, Tiff Images, most famous ones are:

  • optipng – PNG optimizer that recompresses image files to a smaller size, without losing any information.
  • jpegoptim –   lossless JPEG optimization (based on optimizing the Huffman tables) and "lossy" optimization based on setting a maximum quality factor.
  • pngcrush – Recommended tool to use by Stoyan Stefanov (Yahoo Yslow Developer)
  • jpegtran – Recommended to use by Google 
  • gifsicle –  command-line tool for creating, editing, and getting information about GIF images and animations. 

It is hence useful to first run manually availale Linux image optimization tools (to get an idea what they do) and later automate them to run as scripts to optimize server stored images size and make pictures load faster on websites and thus improve End Users Experience and speed up Image content delivery to GoogleBot / YahooBot / Bing Crawlers which will make Search Engines to position server hosted sites better (more SEO Friendly).

 

  • How much percents of  space (Mega / Gigabytes ) Pictures compress can save you?

If you run it on 500MB image directory, you can probably save about 20 to 50MB of size, so don't expect extraordinary file reduce, however 5% to 10% reduce in size is not bad too. If you host 100 sites each with half gigas of data this would mean saving of 5GB of data and some 5GB from backups 🙂 At extraordinary cases you can expect 20% to 30% of storage reduce. For even better image compression you can try out GIMP's – Save for Web option.
 

  • Installing jpegtran, optpng, jpegoptim, pngcrush gifsicle on Debian / Ubuntu (deb based) Linux
     

apt-get install –yes libjpeg-progs optipng jpegoptim pngcrush gifsicle

 

  • Installing  jpegtran, optpng, jpegoptim, pngcrush, gifsicle on Fedora / CentOS / RHEL (RPM based distros)
     

yum -y install pngcrush libjpeg-turbo-utils opt-jpg opt-png opt-gif


gifsicle is not availale by default on Redhacks 🙂 but there is a RPM package for fedora from http://pkgs.repoforge.org/gifsicle/

 

Some examples of running image compression on GNU / Linux

  • optipng and jpegoptim optimize for all files in directory
     

cd /home/sites/

find . -iname '*.png' -print0 | xargs -0 optipng -o7 -preserve
find . -iname '*.jpg' -print0 |
 xargs -0 jpegoptim –max=90 –strip-all –preserve –totals


In jpegoptim command, the option –strip-all will strip any metadata including Exif data from images. For websites JPEG metadata is usually not needed, so usually its ok to strip them.

Above jpegoptim example will decrease slightly JPEG image quality to 90%. quality level of 90 is still high enough and website visitors are unlikely to spot any visible quality reduction / defects in the image.

 

  • pngcrush all files in a directory example
     

cd /home/sites/

for png in `find $IMG_DIR -iname "*.png"`; do
    echo "crushing $png …"
        pngcrush -rem alla -reduce -brute "$png" temp.png

 

    # preserve original on error
    if [ $? = 0 ]; then
        mv -f temp.png $png
        else
        rm temp.png
        fi
done

  • Run jpegtran on sites directory
     

find /home/sites -name "*.jpg" -type f -exec jpegtran -copy none -optimize -outfile {} {} ;

 

  • Set a script to compress / reduce size of Sites Images


Here is a basic optimize_images.sh which I used earlier before and was reducing the overall images size just 5 to 10%, then I found the much improved version of optimize images shell script  (useful to  clear up EXIF picture data / And Comments from JPG / PNG files). The script execution could take very long time on large image directories and thus could cause a high HDD disk I/O, however if ran once a week at night time its not such a big deal. 

To set it to run on your server as a cronjob:
 

cd /usr/sbin/
wget -q https://www.pc-freak.net/bshscr/optimize_images2.sh
crontab -u root -e 


Sample cron job to run once a month on 10th and 27th in 3 o'clock AM:
 

 00 3 10,27 * * /usr/sbin/optimize_images2.sh 2>&1 >/dev/null


Also if you need to further optimize million of tiny sized PNG files Yahoo Smush.it service could be helpful. For compression maniacs its worthy to check out also TinyPNG Service (however be awre that this service compresses files with significant quality loss) making picture quality visibly deteriorated.

Besides optimizing server stored Pictures, here are some other stuff that helps in increasing server utilization / lower webpages loading time.

Starting up with the installation (when site is to use Apache + PHP) for its backend, the first thing to on the freshlyinstalled Linux server is to implement the following list of Apache common Timeout variables that help better scale the webserver for the CMS-es hosted, enable Webserver caching with (mod_deflate), enable eAccelerator tune PHP common php variable etc.

Other thing  I sometimes use to speed-up performance of Apache child responce time up to 20-30  is to Include into Virtualhost / httpd.conf Apache configuration any htacces mod_rewrite rules.

On too heavily loaded sites On-line stores / Large Company website portals with more than 60 000 – 100 000 unique IP visitors a day it is useful tip to disable completely Apache logging in access.log / error.log.

Often when old architecture websites are moved from older Linux OS version to a newer one with newer versions of Apache / PHP often sites are working without major code rework, but use many functions which are already obsolete and thus many WARNING messages crap is logged into php_error.log / error.log. Thus to save disk space and decrease hard disk I/O operations it is good to Disable PHP Notices and Warnings messages
 

Fixing Clamav error: “WARNING: Can’t download daily.cvd from database.clamav.net”

Thursday, June 6th, 2013

On one of the Debian Squeeze Servers, where I have Running QMAIL Server, I haven't checked logs for a long time. Cause Qmail is configured and all runs smoothly. Just today while checking logs, I've noticed in /var/log/clamav/clamav.log, clamav database fails to be updated with an error, e.g.:

qmail:~# tail -n 28 /var/log/clamav/clamav.log

ClamAV update process started at Thu Jun 6 20:47:14 2013
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
WARNING: getpatch: Can't download daily-16682.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from db.local.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from db.local.clamav.net
ERROR: getpatch: Can't download daily-16682.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
ERROR: Can't download daily.cvd from db.local.clamav.net
Giving up on db.local.clamav.net…
ClamAV update process started at Thu Jun 6 20:47:15 2013
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: Can't download daily.cvd from database.clamav.net
Trying again in 5 secs…
ClamAV update process started at Thu Jun 6 20:47:20 2013
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
WARNING: Can't download daily.cvd from database.clamav.net

On host Freshclam is configured to run in background as a service i.e.:

qmail:~#
 ps ax|grep -i fresh|grep -v grep
13615 ? Ss 0:02 /usr/bin/freshclam -d –quiet
 

I stopped clamav and tried running it manually through its script: qmail:~# /etc/init.d/clamav-freshclam restart

The error was reoccuring, so I decided to kill it and try running freshclam manually:

qmail:~# kill -9 freshclam

qmail:~# freshclam
I got same error again:
 

Thu Jun 6 16:46:20 2013 -> ClamAV update process started at Thu Jun 6 16:46:20 2013 Thu Jun 6 16:46:20 2013 -> main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) Thu Jun 6 16:46:20 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net Thu Jun 6 16:46:20 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net Thu Jun 6 16:46:20 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net Thu Jun 6 16:46:20 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net Thu Jun 6 16:46:20 2013 -> ERROR: getpatch: Can't download daily-16682.cdiff from database.clamav.net Thu Jun 6 16:46:20 2013 -> WARNING: Incremental update failed, trying to download daily.cvd Thu Jun 6 16:46:20 2013 -> ERROR: Can't download daily.cvd from database.clamav.net Thu Jun 6 16:46:20 2013 -> Giving up on database.clamav.net… Thu Jun 6 16:46:20 2013 -> Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.

The solution was to delete clamav database filedaily.cvd and then run another freshclam Clamav DB virus update:

qmail:~# rm -f /var/lib/clamav/daily.cvd
qmail:~# freshclam
root@pcfreak:/etc/init.d# freshclam ClamAV update process started at Thu Jun 6 22:07:21 2013
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
Downloading daily.cvd [100%]
daily.cvd updated (version: 17309, sigs: 1302714, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)
Database updated (2347142 signatures) from db.local.clamav.net (IP: 195.222.33.229)

Finally, to make freshclam work as daemon, restarted init script:

qmail:~# /etc/init.d/clamav-freshclam restart
[ ok ] Stopping ClamAV virus database updater: freshclam.
[ ok ] Starting ClamAV virus database updater: freshclam.

 

Create ASCII Art Text banners in GNU / Linux console and terminal with figlet and toilet

Tuesday, January 15th, 2013

Create fun and colorful text ASCII art banner logos on Linux (figlet and toilet)

As an old school hobbyist, I'm a kind of ASCII art freak. Free Software is just great for this text / console maniacs like me, who spend their youth years in a DOS (Disk Opearting System) command prompt.
For long time, I'm researching the cool programs which has to do somehow with ASCII Art, in that relation I decided to write few ones of figlet and toilettwo nice programs capable of generating ASCII art text beautiful banners based on a typed in text string. Obviously toilet developer Sam Hocevar had a great sense of humor 🙂

To play with figlet and toilet install them, according to (rpm or deb based package manager on distro) with yum / apt-get.

yum -y install toilet figlet
....

apt-get --yes install toilet figlet
....

There are no native tool packages for Slackware, so Slackaware Linux users need to compile figlet from source code – available on figlet's home page figlet.org

Once figlet and toilet are installed, here is few sample use cases;
 

hipo@noah:~/Desktop$ figlet hello world!             

figlet ascii art banner hello world
 

hipo@noah:~/Desktop$ figlet -f script Merrcy Christmas

figlet merry christmas text in ascii art with script font linux

Plenty of figlet font examples are available on Figlet's website example section – very cool stuff btw 🙂 To take a quick look on all fonts available for toilet – ascii art banner creation. Type in your console tty or terminal; for i in $(dpkg -L toilet-fonts|grep -i /usr/share/figlet); do toilet -f $(echo $i|sed -e "s#.tlf##g" -e "s#/usr/share/figlet/##g") test; done

On below picture, I made a screenshot of my gnome terminal with most fonts installed by toilet-fonts (fonts package).

ascii art banner create generate program linux figlet toilet with fonts on debian linux screenshot pic - how to create ascii banners linux

There are about 150 fonts, most of which needs to be downloaded and installed manually. A quick search online led me to a fonts collection of 263 figlet ascii art fonts – you can download a mirror of the file figletfonts40.zip here. To aid up toilet and  with those 263 extra fonts (on Debian) do; wget https://www.pc-freak.net/files/figletfonts40.zip cd /usr/share/figlets unzip figletfonts40.zip Note: you have to have installed unzip in advance, unzip is not in default install, so if you don't have it fetch it with; apt-get install --yes unzip toilet and figlet are partially compatible, between each other so most fonts should work okay on both.

figlet supports, also simple formatting of ASCII art banner, here is few examples with formatting; a.) format to center  

$ figlet -c bla bla

figlet centered ascii art text bla bla screenshot

b.) format to left


figlet ascii art banner left formatted text debian gnu linux

c. right formatting


figlet ascii art banner right formatted ascii art text debian linux generator

d. format to terminal width By default text that figlet generates is to suit for 80 rows terminals, normally on higher resolution in gnome-terminal and other Linux environments, terminals are not dimensioned 80×25, thus it is useful for longer sentences text to display text in accordance to terminal size;

figlet ascii art banner sentence phrase to terminal width banner debian gnu linux

The cool thing and advantage of toilet over figlet is toilet can print out ASCII art banners in colors – very very cool stuff; To quickly test all filters issue; for i in $(toilet -F list|awk '{ print $1 }'|grep -v Available|sed -e 's#"##g'); do toilet -F $i pC-fREAK; done Change text pC-fREAK with whatever you like;

> using toilet to create funny ascii-art banners linux pc-freak logo pictures

Very nice use of toilet or figlet, can be if it is placed to produce some nice message in ASCII banner on each user login. Other nice fun applications  is together with cowsay.

apt-cache show cowsay|grep -i description -A 5 Description: A configurable talking cow Cowsay (or cowthink) will turn text into happy ASCII cows, with speech (or thought) balloons. If you don't like cows, ASCII art is available to replace it with some other creatures (Tux, the BSD daemon, dragons, and a plethora of animals, from a turkey to an elephant in a snake).

In case interested in using cowsay on system logins, I suggest you check out my tiny cowrand script which uses cowsay and shows random cow ASCII art picture on each user login.

Also a good use if you're Christian is to combine, some nice Holy Scriptures  verse in text ascii with  some encouraging daily bible phrase from verse or fortune.

Apart from fun, common use of ASCII art slogans is in e-mail or blog comments ASCII art signatures, also they are certainly good for creating unusual (text) advertisements and even can be used to save printer ink:) cause text generated in ASCII art logo is not massive like most text fonts are 🙂 Last but not least  ASCII art banners are useful in generation of ASCII slogans as an art; after all ASCII art is one of innovative arts of 21st century 🙂

Editting binary files in console and GUI on FreeBSD and Linux

Thursday, April 26th, 2012

I’ve recently wanted to edit one binary file because there was compiled in the binary a text string with a word I didn’t liked and therefore I wanted to delete. I know I can dig in the source of the proggie with grep and directly substitute my “unwatned text” there but I wanted to experiment, and see what kind of hex binary text editors are for Free OSes.
All those who lived the DOS OS computer era should certainly remember the DOS hex editors was very enjoyable. It was not rare case, where in this good old days, one could simply use the hex editor to “hack” the game and add extra player lives or modify some vital game parameter like put himself first in the top scores list. I even remember some DOS programs and games was possible to be cracked with a text editor … Well it was times, now back to current situation as a Free Software user for the last 12 years it was interesting to see what is the DOS hexeditor like alternatives for FreeBSD and Linux and hence in this article I will present my findings:

A quick search in FreeBSD ports tree and Debian installable packages list, I’ve found a number of programs allowing one to edit in console and GUI binary files.

Here is a list of the hex editors I will in short review in this article:

  • hexedit
  • dhex
  • chexedit
  • hte
  • hexer
  • hexcurse
  • ghex
  • shed
  • okteta
  • bless
  • lfhex

1. hexedit on Linux and BSD – basic hex editor

I’ve used hexedit already on Linux so I’ve used it some long time ago.

My previou experience in using hexedit is not too pinky, I found it difficult to use on Redhat and Debian Linux back in the day. hexedit is definitely not a choice of people who are not “initiated” with hex editting.
Anyways if you want to give it a try you can install it on FreeBSD with:

freebsd# cd /usr/ports/editors/hexedit
freebsd# make install clean

On Debian the hexedit, install package is named the same so installation is with apt:

debian:~# apt-get –yes install hexedit

hexedit screenshot Debian Linux Squeeze

2. Hex editting with chexedit

I’ve installed chexedit the usual way from ports:

freebsd# cd /usr/ports/editors/chexedit
freebsd# make install clean

chexedit is using the ncurses text console library, so the interface is very similar to midnight commander (mc) as you see from below’s screenshot:

Chexeditor FreeBSD 7.2 OS Screenshot

Editting the binary compiled in string was an easy task with chexedit as most of the commands are clearly visible, anyways changing a certain text string contained within the binary file with some other is not easy with chexedit as you need to know the corresponding binary binary value representing each text string character.
I’m not a low level programmer, so I don’t know the binary values of each keyboard character and hence my competence came to the point where I can substitute the text string I wanted with some unreadable characters by simply filling all my text string with AA AA AA AA values…

chexedit on Debian is packaged under a deb ncurses-hexedit. Hence to install it on Deb run:

debian:~# apt-get –yes install ncurses-hexedit

Further on the binary to run chexedit on binary contained within ncurses-hexedit is:

debian:~# hexeeditor

3. Hex Editting on BSD and Linux with hte

Just after trying out chexedit, I’ve found about the existence of one even more sophisticated hexeditor console program available across both FreeBSD and Linux.
The program is called hte (sounds to me a bit like the Indian word for Elephant “Hatti” :))

hte is installable on Debian with cmd:

debian:~# apt-get install ht

On FreeBSD the port name is identical, so to install it I execed:

freebsd# cd /usr/ports/editors/hte
freebsd# make install clean

hte is started on Debian Linux (and presumably other Linux distros) with:

$ hte

On FreeBSD you need to run it with ht command:

freebsd# ht

You see how hte looks like in below screenshot:

ht has the look & feel like midnight commander and I found it easier to use than chexedit and hexeditor
4. hexer VI like interface for Linux

As I was looking through the available packages ready to install, I’ve tried hexer

debian:~# apt-get install –yes hexer

hexer does follow the same standard commands like VIM, e.g. i for insert, a for append etc.

Hexer Debian Linux vim like binary editor screenshot

It was interesting to find out hexer was written by a Bulgarian fellow Petar Penchev 🙂
(Proud to be Bulgarian)

http://people.freebsd.org/~roam/ – Petar Penchev has his own page on FreeBSD.org

As a vim user I really liked the idea, the only thing I didn’t liked is there is no easy way to just substitute a string within the binary with another string.

5. hexcurse another ncurses library based hex editor

On Deb install and run via:

debian:~# apt-get –yes install hexcurse
debian:~# hexcurse /usr/bin/mc

Hexcurse Debian Linux text binary editor screenshot

hexcurse is also available on FreeBSD to install it use cmd:

freebsd# cd /usr/ports/editors/hexcurse
freebsd# make install clean
….

To access the editor functions press CTRL+the first letter of the word in the bottom menu, CTRL+H, CTRL+S etc.
Something I disliked about it is the program search is always in hex, so I cannot look for a text string within the binaries with it.

6. ghex – Editting binary files in graphical environment

If you’re running a graphical environment, take a look at ghex. ghex is a gnome (graphical hex) editor.Installing ghex on Debian is with:

debian:~# apt-get –yes install ghex
….

To run ghex from terminal type:

debian:~# ghex2

GHex2 GNOME hex binary editor screenshot

To install ghex on FreeBSD (and I assume other BSDs), install via port:

freebsd# cd /usr/ports/editors/ghex
freebsd# make install clean

Gnome hex editor have plenty of tools, useful for developers to debug binary files.

Some nice tools one can find are under the the menus:

Windows -> Character Table

This will show a complete list of each keyboard sent character in ASCII, Hex, Decimal, Octal and Binary

Screenshot ghex Character table Debian Linux

Another useful embedded tool in ghex is:

Windows -> Type Convertion Dialog

Ghex type convertion dialog screenshot

Note that if you want to use the Type Convertion Dialog tool to find the representing binary values of a text string you will have to type in the letters one by one and save the output within a text file and later you can go and use the same editor to edit the text string within the binary file you like.

I’m not a programmer but surely for programmers or people who want to learn some binary counting, this 2 ghex edmebbed tools are surely valuable.

To conclude even though there are plenty of softwares for hex editting in Linux and BSD, none of them is not so easy to use as the old DOS hexdedit tool, maybe it will be a nice idea if someone actually rewrites the DOS tool and they package it for various free operating systems, I’m sure many people will find it helpful to have a 1:1 equivalent to the DOS tool.

7. Shed pico like interfaced hex editor

For people, who use pico / nano as a default text editor in Linux shed will probably be the editor of choice as it follows the command shortcuts of picoOn Deb based distros to install it run:

debian:~# apt-get install –yes shed

shed pico like hex binary editor Linux

Shed has no BSD port as of time of writting.8. Okteta a KDE GUI hex editor

For KDE users, I found a program called okteta. It is available for Deb based Linuxes as deb to install it:

debian:~# apt-get –yes install okteta

Screenshot Okteta Debian GNU / Linux Squeeze

As of time of writting this article there is no okteta port for BSDs.
Okteta has plenty of functions and even has more of a functions than ghexedit. Something distinctive for it is it supports opening multiple files in tabs.

9. lfhex a large file text editor

lfhex is said to be a large (binary) file text editor, I have not tested it myself but just run it to see how it looks like. I don’t have a need to edit large binary files too, but I guess there are people with such requirements too 🙂

lfhex - Linux The Large file hex editor

To install lfhex on Debian:

debian:~# apt-get install –yes lfhex

lfhex has also a FreeBSD port installable via:

freebsd# cd /usr/ports/editors/lfhex
freebsd# make install clean

10. Bless a GUI tool for editting large hex (binary) files

Here is the description directly taken from the BSD port /usr/ports/editors/bless

Bless is a binary (hex) editor, a program that enables you to edit files asa sequence of bytes. It is written in C# and uses the Gtk# bindings for theGTK+ toolkit.

To install and use ot on deb based Linuxes:

debian:~# apt-get install –yes bless
….

On BSD installation is again from port:

freebsd# cd /usr/ports/editors/bless
freebsd# make install clean
….

Something that makes bless, maybe more desirable choice for GUI users than ghex is its availability of tabs. Opening multiple binaries in tabs will be useful only to few heavy debuggers.

Bless GUI hex editor Debian Linux tabs opened screenshot

11. Ghextris – an ultra hard hacker tetris game 🙂

For absolute, hacker / (geeks), there is a tetris game called ghextris. The game is the hardest tetris game I ever played in my life. It requires more than regular IQ and a lot of practice if you want to become really good in this game.

To enjoy it:

debian:~# apt-get –yes install ghextris

Ultra hrad hardcore hackers game ghextris screenshot

Unfortunately there is no native port of ghextris for BSD (yet). Anyhow, it can be probably run using the Linux emulation or even compiled from source.
Well that’s all I found for hexedit-ing, I’ll be happy to hear if someone can give me some feedback on his favourite editor.

Fix Null error in WordPress comment reply with wordpress-threaded-comments plugin enabled

Friday, April 6th, 2012

I'm running WordPress for already 3 years or so now. Since some very long time. The first wordpress install, I can hardly remember but it something like wordpress 2.5 or wordpress 2.4

Since quite a long time my wordpress blog is powered by a number of plugins, which I regularly update, whenever new plugins pops up …
I haven't noticed most of the time problems during major WordPress platform updates or the update of the installed extensions. However, today while I tried to reply back to one of my blog comments, I've been shocked that, I couldn't.
Pointing at the the Comment Reply box and typing inside was impossible and a null message was stayed filled in the form:

To catch what was causing this weird misbehaving with the reply comments functionality, I grepped through my /var/www/blog/wp-content/plugins/* for the movecfm(null,0,1,null):

# cd /var/www/blog/wp-content/plugins
# grep -rli 'movecfm(null,0,1,null)' */*.php
wordpress-thread-comment/wp-thread-comment.php

I've taken the string movecfm(null,0,1,null) from the browser page source in in my Firefox by pressing – Ctrl+U).

Once I knew of the problem, I first tried commenting the occurances of the null fields in wp-thread-comment.php, but as there, were other troubles in commenting this and I was lazy to read the whole code, checked online if some other fellows experienced the same shitty null void javascript error and already someone pointed at a solution. In the few minutes search I was unable to find anyone who reported for this bug, but what I found is some user threads on wordpress.org mentioning since WordPress 2.7+ the wordpress-threaded-comments is obsolete and the functionality provided by the plugin is already provided by default in newer WPinstalls.

Hence in order to enable the threaded comments WordPress (embedded) reply functionality from within the wp-admin panel used:

Settings -> Discussions -> Enable Threaded (nested) comments (Tick)

Enable Nested Comments WordPress default wp comments enable reply functionality screenshot

You see there is also an option to define how many nested comments subcomments, can be placed per comment, the default was 5, but I thought 5 is a bit low so increased it to 10 comments reply possible per comment.

Finally, to prevent the default threaded comments to interfere with the WordPress Threaded Comments plugin, disabled the plugin through menus:

Plugins -> Active -> WordPress Thread Comments (Deactivate)

This solved the weird javascript null "bug" caused by wordpress-threaded-comments once and for all.
Hopefully onwards, my blog readers will not have issues with threaded Reply Comments.