Hungerford Web Design Blog

By default, SSH runs on port 22. This leads to thousands of automatic scans and scripted attacks being launched.

No reason not to change your port exists to the best of my knowledge. Get it changed!

Add a line in the file /etc/ssh/sshd_config:

Port 6969

Reload sshd

#/etc/rc.d/sshd reload
OR
service sshd restart

A couple of simple things here will ensure you of success:

• Check that whichever port you choose is not already in use
• After restarting ssh, do not close that window. Instead, open a new connection leaving the existing connection open. If anything has gone wrong and you wish to revert your changes back, you can do so in your existing window.

Technorati Tags: Leads, Port 22, Reason, Ssh Port

Using SSH as a login method for *NIX boxes is pretty common. One thing I am regularly asked by our dedicated server users is how to add messages that can be viewed when a user is accessing the system. Keep in mind that it would be well worth restricting root login and running SSH on a non-standard port

There are two methods for doing this, you can use just one or both depending on the desired effect.

Firstly (in time order) there is the banner which appears after a username has been typed. This is normally used to provide a warning against unauthorised access as follows:

login as: user
************************NOTICE***********************
This system is optimised and configured with security and logging as a
priority. All user activity is logged and streamed offsite. Individuals
or groups using this system in excess of their authorisation will have
all access terminated. Illegal access of this system or attempts to
limit or restrict access to authorised users (such as DoS attacks) will
be reported to national and international law enforcement bodies. We
will prosecute to the fullest extent of the law regardless of the funds
required. Anyone using this system consents to these terms and the laws
of the United Kingdom and United States respectively.
************************NOTICE***********************

To add this to your server, you will need to edit your ssh config file (/etc/ssh/sshd_config) and uncomment/add the following line: Banner /etc/banner

You will then want to create/edit the banner you have just referenced: ( pico /etc/banner)

You will need to restart the ssh daemon for this to work: ( service sshd restart)

When you login, you should now see your message displayed after you have entered a username.

The second method is MOTD (Message of the day). The difference here is that this is displayed after login has completed. Some of the most common uses depending of the numbers of users with access:
Rules for accessing files/services
A message for the next sysadmin due to monitor the box
A list of common commands and how to execute them
Anything else of use

To add a MOTD, you will need to edit the motd file : ( pico /etc/motd ), add your message and save the file, it should now be displayed on successful login. If you were to use both it would display something like this:

login as: user

************************NOTICE***********************
This system is optimised and configured with security and logging as a
priority. All user activity is logged and streamed offsite. Individuals
or groups using this system in excess of their authorisation will have
all access terminated. Illegal access of this system or attempts to
limit or restrict access to authorised users (such as DoS attacks) will
be reported to national and international law enforcement bodies. We
will prosecute to the fullest extent of the law regardless of the funds
required. Anyone using this system consents to these terms and the laws
of the United Kingdom and United States respectively.
************************NOTICE***********************

user@domain.com’s password:
Last login: Sun Apr 27 14:37:24 2008 from user-22222222.domain.com

You have somehow managed to login….We are now monitoring your access,
our systems administrators have received a page to alert them of your
presense. If you are not a fully authorised user acting within your
rights then logoff immediately to prevent further action.

Technorati Tags: Authorisation, Boxes, Dedicated Server, Desired Effect, Dos Attacks, Extent, Firstly, International Law Enforcement, Law Enforcement Bodies, Line Banner, Login Method, Message Of The Day, One Thing, Priority, Root Login, Server Users, Ssh Daemon, System Consents, United Kingdom, United States

It’s beta, let me point that out for those who don’t know. Hopefully my comments will be null when the final release version arrives (I’ll not be betting my house on it though, or my car, or a fiver).

There are numerous posts elsewhere regarding the individual supported/unsupported tags and features of IE8 so I won’t go over old ground.

What I want to do is moan, why? To tell you the truth it is purely down to the amount of work that IE costs me on a daily basis. I develop a site, I test it in firefox - everything renders as expected, I test it in opera - everything renders as expected, I test it in safari (guess what) - everything renders as expected…..now - I go to IE:
I have to test in three different versions as they are all different……
IE6 - Moves all my nicely centred divs to the left of the page
IE7 - Except for the extra spacing in linebreaks it’s not too bad - useable
IE8b - WTF! - My two lowest divs (my footer and lower section) are both moved and set infront/behind other divs.

My code all validates, my css validates, my design appears as I want in every other browser I have but IE - OH NO! Then I head to a company which use a very large intranet, I try to login with firefox but I get a blank page…I ring their internal support, only to be told that it’s all developed for IE as are all their internal systems, it doesn’t work with anything else.

IMHO IE is such a cut-and-shut that instead of all of these half-hearted attempts, it should just be scrapped! If my site is standards compliant and every other browser displays it a certain way then what on earth gives MS the right to decide that my site should look different in IE?

Ok, a bit of a deep breath and step back for a sec…I am shouting and pointing the finger at MS, but for all I know, I could have a terrible code syntax which IE doesn’t know how to interpret. Perhaps the other browsers are all being more forgiving and IE is sticking to the rules…. Problem is, I have no way of finding out, every method I have for checking my code says it’s fine. Testing shows it’s fine and I taught myself HTML before MS (and most of the world) knew what standards were……thanks microsoft, rather than reduce the browser footprint to allow developers to develop ONCE….you have just introduced yet another browser with yet more differences. I’ll be adding the firefox download button to my site shortly!

If for any reason you want the heathen software, you can download IE8 Beta

If you are a developer and have found that your site displays poorly in IE8, you can consider adding the following meta tag:

<META http-equiv=”X-UA-Compatible” content=”IE=7″> Which will revert the rendering to that of IE7 (which has it’s own issues), good luck.

Technorati Tags: Attempts, Beta, Blank Page, Compliant, Daily Basis, Deep Breath, Divs, Drawing Board, Firefox, Fiver, Footer, Ie7, Ie8, Infront, Intranet, Opera, Pointing The Finger, Safari, Syntax, What On Earth

Firstly why would you pre-load images on your page?
My primary reason is normally because I want to use rollover images in my navigation. I want it to be a grey icon when there isn’t a mouse hovering over it and I want it to spring to life with colour when there is.
The downside of me wanting to do this is that my original grey image will load with the rest of the page but my mouseover images will only load when they are called (ie when the mouse hovers over them). If my images are not tiny, they may take a fraction of a second to load which could cause the user to think that my images are disappearing when they hover over them.

I want to pre-load my images once the rest of the work has gone on and the user has the ability to view and use my site.

The most simple way of doing this is as follows:

<script language=”JavaScript”>
function preloader()
{
// counter
var i = 0;
// create object
imageObj = new Image();
// set image list
images = new Array();
images[0]=”image1.png”
images[1]=”image2.jpeg”
images[2]=”image3.gif”
images[3]=”image4.jpg”
// start preloading
for(i=0; i<=3; i++)
{
imageObj.src=images[i];
}
}
</script>

Technorati Tags: Array, Downside, Fraction, Gif Images, Image List, Image Set, Image1, Images Gif, Jpeg Gif, Jpeg Images, Language Javascript, Load Images, Loading Images, Lt, Mouseover Images, New Image, Png Images, Rollover Images, Script Language, Set Image

We talked about using php includes to reduce the repetition of code and standardise features here:

One of the things we have looked at recently concerns our headers. Let’s say for example that our header looks like this:

<html>
<head>
<meta name=”keywords” content=”keyword1, keyword2″ />
<meta name=”description” content=”the description of my site” />
<title>This is my page</title>
……..

Great. Now, we want to cut down on how many headers we have (in case we want to change a line later) so that we only update one page instead of all of them. So we create a new page using the code above and we call it include_header.html.

There is just one problem with this scenario, we don’t want all of our pages to have the same title, keywords and description so what do we do? We could seperate it all out into individual headers for each page again but if we wish to add a new line (perhaps for an RSS feed) later, we would have to do so to every one of our pages. So we use strings.

In our include_header.html we change our code to look like this:

<html>
<head>
<meta name=”keywords” content=”<?php echo $keywords; ?>” />
<meta name=”description” content=”<?php echo $description; ?>” />
<title><?php echo $title; ?></title>

……..

Then in each page we declare what each of our strings contain, so for our index, it may look something like this:

<?php $keywords = “keyword1, keyword2″;
$title=”This is my page”;
$description=”the description of my site” ?>
<?php include(’/includes/include_header.html’); ?>
<!–anything else you want in the header of only this page can be added here –>
</head>
<body>
<h1>Welcome <?php echo $title; ?> and here is a description of it <br />
<?php echo $description; ?>
</body>
<html>

So, we now have:
A single header for all pages
Unique variables we can change for each page
A set of strings we can re-use on our pages (and we can change all references on that page by changing one string).

Technorati Tags: Br, H1, Keyword2, Lt, Meta, Page Description, Php Echo, Repetition, SEO, Title Keywords, Variables

We have launched the beta of a new site design (version 3).

Please do take a look around and let us know if there is anything you find which isn’t working. It is a beta (which means pre-release), as has become the norm, we have launched it as the final part of our testing.

I hope you enjoy it

The design is based on the Jet30 template (released under the creative commons licence) and has been heavily modified to suit our style, thinking and technologies. Some of the main points are:

AJAX
PHP
CSS
Live server status (using the script we posted here)
Mailing list signup
RSS *2
ROR sitemaps
XML sitemaps (standard and g’zipped)
We are also setting our titles using strings now so that we can use includes for the headers successfully. I’ll post more about that shortly. Have a good one

Technorati Tags: Ajax, Beta, Creative Commons, Design Version, New Site Design, Norm, Server Status, Xml