Articles written by: George Boobyer

Exploiting backup copies of settings

We have all done it at some point; a quick change in production to some settings in your CMS configuration, probably in a panic reacting to some ongoing issue, and made a temporary backup of wp-config.php or settings.php with a bak or similar extension. Tested the fix and then probably forgotten to remove the backup - no problem? Big problem! - Putting the issues of such bad practice aside for a moment (fixing production directly and 'reacting' in this way), in this post I want to explore in greater depth why this is a serious issue, how it leads to compromised web sites, who is exploiting such scenarios and how to defend against them.

MacOS Sierra SSH (and other) Issues

Upgrading to the latest macOS Sierra was relatively painless - but a few SSH and other issues arose. SSH now wants a passphrase or complains about an error in your ssh config file and Homebrew complains about file permissions and your local development web sites start displaying It Works! only. These are common issues and the solutions are simple.

BOM disposal

Occassionally when you get files from someone else or use a new text editor you encounter an issue with hidden characters or incorrect encoding that can be a pain to track down.

A common one of these that I haven't encountered for ages, (since we moved from Windows to OSX for development) is the Byte Order Mark (BOM).

This is a simple marker that indicates the encoding order of UTF-8 files and should in itself be no problem. It does however cause an issue when the file is included within other files (by PHP as *.inc files for example) such as in template files.

Drupal 8 Release

On the 19th November 2015 a new version of the Drupal content management system (CMS) will be released - Drupal 8.

This new version has been over four years in development and has seen contributions from over three thousand people. It contains well over 200 new features, uses object orientated code and is probably the most significant release to date.

Compiling Varnish modules

Varnish is a great performance boost for web sites. Sometimes however you may need to configure authentication so that your cached pages are not visible to the public. Basic authentication needs to be mirrored from the webserver to the Varnish VCL.

To do this you need to use a Varnish module and to use that you need to compile them against the Varnish source - not for the faint hearted - here are some remedies to problems you may face.

Ansible - Sublime Text

I recently moved from Text Wrangler to Sublime Text for editing YAML files for Ansible. Getting it set up right involves very little and now with Ansible syntax highlighting it offers a light weight editor for your plays. In this post I note down some of the steps to get it setup the way I like it.

Ansible filters for taming lists (part 1)

In this article I look at a very simple example of how to convert complex variable structures to simple lists using Jinja2 filters within an Ansible task.

YAML Death by non-breaking spaces

Working on a long Ansible play today - I was tripped up by a hidden unicode character inadvertently entered in to a YAML file - resulting in a UnicodeDecodeError: 'ascii' codec can't decode byte 0xc2 in position 0: ordinal not in range(128) slap in the face. Here is how to deal with that!

Jinja errors when running Ansible tasks

One of the great things about Ansible is being able to use Jinja filters both in templates and in yaml files.
I came across a not so great thing today though. Running a play I got the following error: "template error while templating string: expected token 'end of print statement', got ':'"
But the error was 'thrown' by a task I haven't changed in ages. It appears it actually related to a jinja filter error in a subsequent task.

Testing configuration files before they go live - with Ansible

I came across a great Ansible tip recently that showed how to use the validate option of the template module in Ansible. A great solution for testing configuration before it goes live. However it doesn't work with Apache (apachectl -t -f) - you get a validation error like "Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration" for syntax that is perfectly valid. A bit of investigation shows though that this is expected and you have to go a bit further - but I came up with a solution.

Using Ansible to protect against 'Connection attempts using mod_proxy'

I regularly encounter issues that arise from reviews of server security, log reviews etc that provide good examples of how Ansible can be used to respond to an issue.
If you are using a utility like Logwatch to keep an eye on activity on your servers you may occasionally see an entry such as 'Connection attempts using mod_proxy' - Addressing this with Ansible is simple, and maintains the state of your security measures.

Apache: Better blocking with common rules

This is a follow on post to the 'Using Apache to block Spammers' post.
It shows how to use Includes in your Apache configuration to re-use useful rules.

Support Rules development for Drupal 8

We have pledged support to get Rules 8 ready for Drupal 8.
Rules is a key part of a lot of developments we have done in the past and certainly will be in the future so we are happy to pledge support to get the development ready for Drupal 8. This is a small contribution back to such a key module and we encourage others do do the same!
#d8rules - Let's support the Rules module for Drupal 8

A web site to support the Reforestation of the Atlantic Forest

The Royal Botanical Gardens at Kew engaged us to convert an existing MS Access desktop database into a multilingual CMS based web site. The site is a responsive mobile and tablet friendly CMS based web site that enables the management of a database of tree data for conservation purposes. The data relate to trees native to the Atlantic Forests of Brazil that could be used for reforestation - The South Eastern Bahia Atlantic forest database.

Dickies Workwear - Online Catalogue responsive web site

The internationally renowned manufacture of hard wearing and fashionable workwear - Dickies - engaged us to create a web site for their workwear range.
The web site presents their range of workwear and links through to a network of online distributors and retail shops. The site is presented in 10 languages, is responsive and optimised for multilingual SEO.
The site also provides access to corporate information and enables the ordering of custom workwear, embroidery and access to the extensive image library of Dickies products.

Drupal Form API - Reset Button

I have come across a lot of discussions about how to add a reset button to a form in Drupal 7. Also it would be nice if when we added a reset button it didn't get a class of 'form-submit'. To get around this, rather than using standard method of adding a button to the render array of the form, most solutions opt for using #markup.

Simple command line tips for Drupal development

I gave a presentation at Drupal Somerset the other night on some simple tips for using the command line to help with your Drupal development.
I have included the slides here. I have annotated the slides since they don't have the verbal explanations!

Excluding common requests from your apache logs

Log files can get filled up with repeated calls to files such as favicon, robots.txt, images, css js etc
This can be a pain when you need to scan the logs for issues and they are full of unimportant requests.
This is especially so if you use Ultimate Cron in Drupal and run cron every minute - the logs get swamped with the cron calls.
Mostly you want to log the initial request for a page and not all of the resources subsequently requested.
Troubleshooting other issues may mean you would log files such as favicon, images etc - but generally they needlessly fill up your logs.

Apache rewrites to control access to PHP files

There are certain PHP files that you want access to but don't want to make public.
Common examples of these are:

  • PHPInfo.php
  • APC.php
  • memcache.php

You also don't really want to deploy these on all of your sites on a server nor have them in your git repositories for sites.

A neat way of dealing with this is to use rewriting in your web server config files (e.g. Apache, NGINX, IIS etc) to do the following:

Drupal Commerce - Best selling products

Having created a Drupal Commerce site it is likely you may need to have a mechanism to list the best sellers / a count of orders by product or similar.
Her's a quick solution that will help you.
Even if you are familiar with the structure of the commerce model this is still a complex task; linking line items, orders, products, product displays etc.

There is some background discussion here: https://drupal.org/node/1292104

Contact