It’s something to do with using PHP FPM / Fast CGI, and auth headers being disable for that.
So we add this to the directory entry of the .htaccess:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
You now have your missing header back!
Category: Servers
Devving on Windows is a PITA.
Anyway, ever seen a message like this?
warning: LF will be replaced by CRLF in tests/unit/Del/Console/CommandTest.php. The file will have its original line endings in your working directory. warning: LF will be replaced by CRLF in tests/unit/Del/Console/CommandTest.php. The file will have its original line endings in your working directory.
We only want LF. To squelch this crap, run the following:
git config core.autocrlf false
Yay.
Today I had the mammoth task of checking through 512 git commits to find a piece of code that broke something.
Usually i would git log, look back however many commits, and then do a git reset –hard COMMIT_NUMBER, then check if it worked. If it did, I would git pull back to the HEAD again, and try a resetting back to a more recent commit, until I found the bad code.
Never again! Git bisect to the rescue!
Find any good commit in the past, and note the commit number. Find any bad commit where the code is broken, and note the commit number.
Now, do the following:
git bisect start git bisect good 514d83c git bisect bad b27f38e
Git checks out the middle commit between the good and bad ones. At this point I reloaded my page to see if the code was working or not. The code was working, so I then told git that it was good:
git bisect good
Again the code was working, so as you can see I ran it again. Each time, git bisect jumps half way, iterating and narrowing down the options. Keep doing this and checking your code until it breaks, then say:
git bisect bad
Here’s the rest of the output:
Now we have the exact commit number, and can do a git diff to find out what you did wrong! 🙂
Once you have the commit in question, tell git bisect that you are finished:
git bisect reset
I am amazed that I’m only just finding out about this awesome feature of Git! I’m sure you’ll love it too, try it!
Have fun!
As you readers probably know, I can’t stand XAMPP and MAMP, being two steaming piles of crap, and have long advocated that you set up VirtualBox & Vagrant, then head over to http://www.puphpet.com, fill in the forms to configure your VM, generate the config.yaml, and then unzip it and run ‘vagrant up’ to install it. Brilliant so far.
Yesterday I had a total downer of a day, trying to run an old legacy PHP 5.3 app. PuPHPet doesn’t have the EOL PHP 5.3, so at first I settled as a one off for MAMP, but it was slow and horrible.
Then I thought, wait! If I don’t configure Apache or PHP in puphpet, I could get a box up and install 5.3 myself. That’s when I discovered the awesomeness of the puphpet/files folder.
The only thing I used in there was the ssh keys. But there are empty folders waiting for .sh files (shell scripts) to be dropped in.
So for this box, I created exec-once/install-stuff.sh which contained the following:
#!/bin/bash yum -y install httpd php yum -y install php-mysql php-devel php-gd php-pecl-memcache php-pspell php-snmp php-xmlrpc php-xml
Then upon running vagrant provision, it not only looked for changes in config.yaml, but it checks for changes in these files too!
I then made set-vhosts.sh, and import-database.sh, which look like these:
#!/bin/bash echo " =========================================== Adding vhosts to /etc/httpd/conf/httpd.conf =========================================== " echo " <VirtualHost *:80> DocumentRoot /var/www/fife/web ServerName fife ErrorLog /var/www/fife/log/error.log <Directory "/var/www/fife"> Options -Indexes +FollowSymLinks Order allow,deny Allow from all AllowOverride All </Directory> </VirtualHost> " >> /etc/httpd/conf/httpd.conf
And …
#!/bin/bash mysql -u root --password=123 --database=fortdev < /var/www/fife/data/sql_scripts/symf_fortdev.sql
I take it by now you get the idea! So now you can totally destroy your VM, and put any customisations in these shell scripts, so your full setup can be back up in 5 minutes flat with a vagrant up and vagrant provision!!!
You can then also start thinking about using puPHPet for deploying your setup to your production server 🙂 There’s a vagrant plugin called Vagrant Managed Servers, which will take care of that for you. https://github.com/tknerr/vagrant-managed-servers . I haven’t looked at it yet, but of course you can expect a blog post on it here when I figure it all out!!
Easy. Create an alias:
git config --global alias.tree "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset%n' --abbrev-commit --date=relative —branches”
then just run
git tree
cat ~/.ssh/id_rsa.pub | ssh user@host ‘cat >> .ssh/authorized_keys’
If you’ve ever used a self signed SSL certificate, you’ll know that although the connection is secure, you don’t get the full green padlock in the browser. You’re about to fix that, and speed your website up at the same time.
The secret is to pump your DNS through Cloudflare! http://www.cloudflare.com. If you visit there and sign up, you can add your domain names and point them to your server. By setting up Cloudflare, your site will improve in speed due to cacheing, and be more secure from DDOS attacks.
The first step is to create your SSL certificate. Log in to your server, and run the following commands as the root user:
➜ mcleandigital openssl genrsa -out "/home/mcleandigital/ssl.key" 2048 Generating RSA private key, 2048 bit long modulus ................................................................+++ ...............................................+++ e is 65537 (0x10001) ➜ mcleandigital openssl req -new -key "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.csr" You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:GB State or Province Name (full name) [Some-State]:Scotland Locality Name (eg, city) []:Glasgow Organization Name (eg, company) [Internet Widgits Pty Ltd]:McLean Digital Limited Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:*.mcleandigital.co.uk Email Address []:derek@mcleandigital.co.uk Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:McLean Digital Limited ➜ mcleandigital openssl x509 -req -days 1095 -in "/home/mcleandigital/ssl.csr" -signkey "/home/mcleandigital/ssl.key" -out "/home/mcleandigital/ssl.crt" Signature ok subject=/C=GB/ST=Scotland/L=Glasgow/O=McLean Digital Limited/CN=*.mcleandigital.co.uk/emailAddress=derek@mcleandigital.co.uk Getting Private key
The above output has generated the SSL certificate. Next step is to set your virtual hosts:
<VirtualHost *:80>
ServerName mcleandigital.co.uk
RedirectPermanent / https://mcleandigital.co.uk
</VirtualHost>
<VirtualHost *:443>
ServerName mcleandigital.co.uk
ServerAdmin webmaster@mcleandigital.co.uk
DocumentRoot /var/www/mcleandigital.co.uk/public
SSLEngine on
SSLCertificateKeyFile /home/mcleandigital/ssl.key
SSLCertificateFile /home/mcleandigital/ssl.crt
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory "/var/www/mcleandigital.co.uk/">
Options -Indexes +FollowSymLinks
Order allow,deny
Allow from all
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
The above configuration redirects all port 80 traffic to port 443. Now if you restart the server, you will be able to access your website securely, however, the green padlock is not showing. This is expected as usually you would pay for a certificate from a certificate authority (CA) .
Now the fun part. Sign in to cloudflare.com, and add your website.They give you instructions, and it’s pretty easy to setup.
If your site is hosted on a different server than your hosting company, you need to change the DNS on the domain name hosting provider to point to cloudflare, and not directly to your server. So a request will hit the domain company, which DNS sends to cloudflare, and the DNS on cloudflare points to the IP of your server.
Lastly, in cloudflare, click on the crypto tab, and set SSL to full. The great thing is, you get the cloudflare certificate presented to the end user, and our self signed certificate is hidden away behind cloudflare!
It turns out domain validated SSL’s will be free from December 3rd anyway (checkout https://letsencrypt.org/), however, this may still be the better option due to all the nice free features cloudflare offers! As always, have fun!
I’m making some Apache redirects from an old domain to a new domain. I need the old domains blog posts to redirect to the new domain. So I need the WordPress permalinks.
In MySQL, you can say the following to get your permalinks.
SELECT wpp.post_title, wpp.guid,wpp.post_date, CONCAT(wpo_su.option_value, REPLACE(REPLACE(REPLACE(REPLACE(REPLACE(REPLACE( wpo.option_value,'%year%', date_format(wpp.post_date,'%Y')) ,'%monthnum%',date_format(wpp.post_date,'%m')) ,'%day%',date_format(wpp.post_date,'%d')) ,'%postname%',wpp.post_name ) ,'%category%',wpc.slug ) ,'%post_id%', wpp.id) ) as permalink FROM wp_posts wpp INNER JOIN wp_options wpo ON wpo.option_name='permalink_structure' INNER JOIN wp_options wpo_su ON wpo_su.option_name='siteurl' INNER JOIN ( SELECT wtr.object_id ID, max(wpt.slug) slug FROM wp_term_relationships wtr INNER JOIN wp_term_taxonomy wtt ON wtt.term_taxonomy_id=wtr.term_taxonomy_id AND wtt.taxonomy='category' INNER JOIN wp_terms wpt on wpt.term_id=wtt.term_id GROUP BY wtr.object_id ) wpc ON wpc.ID=wpp.ID WHERE wpp.post_type = 'post' AND wpp.post_status = 'publish' ORDER BY wpp.post_date DESC
If you aren’t using the built in php server for development, and like me you are using a vagrant box configured by puPHPet, this will save you a lot of wasted time wondering why you get 401s and 403s when you aren’t expecting them.
In your vhost section , under the setenv option, we add a new setenvif option:
setenvif: - 'Authorization "(.*)" HTTP_AUTHORIZATION=$1'
Without this option, the Authorization header is being stripped! Run vagrant provision, and suddenly everything should be working correctly. Now get on with building that API!
This is remarkably simple! First, BACK UP YOUR DB.
Backed up? Good. You dont need to back your web files up if they are being mounted from a shared folder.
Open your puPHPet config.yml, scroll down to the php section, and change version from ’55’ to ’56’, and save it.
Next, type vagrant destroy, to remove the old stuff, and then vagrant up, which will re-initialise the server with your shiny new PHP version!
