darkAsPitch's questions

I have an email verification script that looks like this:

http://example.com/v/index.php?t=TOKEN_EMAILED_TO_CLIENT

And I want it to look like this:

http://example.com/v/TOKEN_EMAILED_TO_CLIENT

Essentially just removing the index.php?t= portion of the URL, but still allowing the index.php file to process the token.

I have tried the following three settings and none of them have worked:

location /v/ {
    try_files index.php$args;
}

The above results in a failed nginx.conf file

location ^~ /v/ {
    try_files /v/index.php?q=$uri;
}

The above results in a failed nginx.conf file

location ^~ /v/ {
    rewrite ^/v/index.php?q=(.*)$ $1 permanent;
}

The above passes nginx.conf file requirements, but still does not do what I would like. It shows a 404 error when visiting http://example.com/v/TOKEN_EMAILED_TO_CLIENT

Any help would be greatly appreciated.

I have written a website that uses the PHP Pear Mail function to send a few email messages. Mainly to people who have lost their password and to me when somebody submits the "contact us" form.

My question is this: since I am sending the email from my own server's IP address to myself, do I use the client's email address in the From or Reply-To headers?

It would make sense to place it in the Reply-To header, because that is most definitely what I want to do.

However, many email clients seem to work best with the client's name and email info located in the "From:" headers.

Is it safe to "falsify" the From: headers in an email? Or am I even falsifying the sender?

I mean... technically... the client is sending the message, it's just originating from my server.

Sincerely, -somebody_who_knows_nothing_about_email_deployment_and_is_worried_about_having_his_IP_blacklisted

I have a growing online business and a dedicated server that I use to send out the occasional newsletter. As it grows past a few thousand customers, I wonder how I can send emails faster without being penalized?

I use PHP PEAR's SMTP Mailer module and began sending my newsletters with a "sleep" of 5 seconds. I did so because I was told basically that "if I send emails too fast, my IP will be banned and my host will be pissed".

First run of newsletters sent, no ban, great.

I lowered the "sleep" count to 2 seconds, 1 second, and now half a second using usleep.

But still, I want to post faster.

The reason being is I just realized usleep is killing my CPU levels on my dedicated server and forcing my PHPBB forums into displaying the error "Sorry but the board is temporarily unavailable, please try again in a few minutes" because of a CPU overload of some kind. The WHM load manager is reading over 1.0, not good!

So... how fast is too fast?

Can I send 100 emails per second? 1,000? If not, what or who is stopping me? Is the number of emails per second an old wives tale?

So I have followed Eric's wonderful article here: http://alestic.com/2009/12/ec2-ebs-boot-resize

This was the code basically that helped me increase the default size of the AMI:

 ec2-run-sintances ami-ID -n 1 --key keypair.pem --block-device-mapping "/dev/sda1=:250"

Running Ubuntu 11.10 I didn't even have to re-size the disk afterwards, it was immediately a 250GB drive.

How do I go about decreasing the default size of the AMI???

I tried:

 ec2-run-sintances ami-ID -n 1 --key keypair.pem --block-device-mapping "/dev/sda1=:100"

Obviously... but I was told:

Client.InvalidBlockDeviceMapping: Volume of size 100GB is smaller than snapshot ####### <250>

I want to do a complete server backup.

I already have my backup script copying all of the html/php files for the web app, and the mysql databases, placing them into a .tar.gz file.

How can I add the crontab files to that backup?

Whenever I save the crontab, it goes to /tmp folder.. and when I check that folder immediately afterwards, it is empty.

I modified a Canonical ubuntu image on a t1.micro sized instance, saved the EBS boot image, and am now trying to re-start it using a slightly larger instance.

The only instances available (for regular and spot requests) are:

• t1.micro
• m1.large
• etc...

Why can I not start an m1.small or m1.medium sized instance?

Micro instances are too weak, but a m1.large is too powerful...

I have managed to create a Counter for bytes/second on Windows 2008 R2.

How can I actually count the bandwidth for my machine (inbound and outbound)?

I am after the effects similar to DU meter.

I that possible to re-create using the Performance Monitor in Windows server?

When I was in grade 8, my entire class took a road trip to Quebec in order to "learn french". We basically just ran around Montreal speaking english and having a blast, but come night time, the chaperones would close our doors, and place a piece of masking tape across it so that any idiot who left his room at night would could be reprimanded (since the tape would be removed from it's original position) - still with me?

How can I do something like that on a windows box? Answers for linux machines appreciated as well, but my predicament is windows specific.

I am renting a server from a cheaper company at the moment, and don't entirely trust them to be honest.

How can I tell if/when said company accesses my dedicated server without my knowledge?

My business is... troublesome.

What I do is legal in every country on earth, but some people don't like it, and make it so tough on my poor ISPs that I am forced to go looking for new providers more often than I would like.

The only option I know of for somebody in my position is called "bulletproof hosting" (think wikileaks) and it isn't cheap.

The only thing that makes bulletproof hosting expensive, or anything different than typical hosting, is their legal stance when responding to "abuse" complaints via email. Your typical host will get fed-up after 5 or 10 no matter what the reason, and a bulletproof host will take the time to look through the legality of the matter and make a decision based on that.

As far as I know, these abuse emails are directly tied to the ip address on which their server sits, because they "own" that ip address and have the ability to lease it out to me on my expensive bulletproof server.

If I could answer them personally, I would save another company the trouble and hopefully save myself some money along the way.

How can I become the bulletproof host? Just rent out a room in my local DC and ask where to get the IPs from?

P.S. No... just because I know this will be the first question everyone asks - I am not some spammer or rule 34 pornographer, what I do is legal in every country. I said "think wikileaks"!

EDIT: Thank you once again for all of the amazing responses. Don't know why I've been lighting fires here recently. Thanks to everyone who saw through the smoke and provided me with meaningful answers.

I have MX records setup at mail.domain.com and my domain is visible through domain.com

I am sending email via PHP PEAR Mail package.

This page claims I can change:

The value to give when sending EHLO or HELO. Default is localhost

As of right now, my email headers look like this:

Received: from domain.com ([12.34.56.78] helo=localhost

What should they look like? I assume:

helo=domain.com

???

I am writing a web service that has a lot of vicious competitors. Vicious as in: people have been getting DDoS'd within hours of setting up shop in this arena.

The service will consist of:

1. a website that you can sign up to and check on stats/etc... (all of which is served using https)
2. a web service that runs in the port 8000+ range.

What (if any) port will be easiest to attack and/or bring down the server? The web server or the web service?

I know nginx has some pretty good DDoS protection so I am looking into that and load balancing for the website.

Any suggestions as to dynamic DDoS protection against various other ports with linux would be appreciated.

If I block traffic via a security group, I assume I don't have to pay for it.

But if I block traffic via iptables installed on my server then I assume it would be me that pays for any incoming traffic I blocked.

Are there things iptables can do that a security group cannot?

I am asking because I am looking into mitigating DDoS attacks on my web server. Thanks.

I started with a 64 bit version of Ubuntu 9.10 Karmic server edition. (using a micro instance on Amazon EC2, costing less than $0.01 per hour)

I added GNOME desktop to it and NX server.

I re-bundled the instance into a new AMI.

Now upon trying to start another instance of my freshly created AMI. I am unable to select a "micro"/cheap server format.

What have I done wrong? What triggered this limitation?

Is Amazon really smart enough to know which AMIs will work on which Servers? I had it running fine on a micro server while I re-bundled it..?

So I changed the nameservers for my domain name veeter.com about 5 days ago now - and the domain is still not resolving over the net.

It does intermittently, but then cuts out again every few hours.

I run 10+ other domains through the same dedicated server (running CentOS/WHM) and they are all up - so it has nothing to do with that.

I have asked my dedicated server support staff what the problem might be, they told me to "log into WHM and click on 'Add a DNS Zone' under the 'DNS Functions' section on the left hand side of the screen. Once you have done this and dns fully propagates it should resolve any intermittent dns issues you may be experiencing."

BUT there is already a DNS zone in place for the domain on my server - so what should I do?

My server host has gotten back to me finally stating it is most likely a problem with my ISP's caching mechanism and I should contact them - but somehow I doubt it - never noticed this problem before (and I migrate a lot of nameservers).

I simply have to use the latest cURL version (7.21.3) with PHP on my webserver. (Has to do with specific bug fixes)

It is not available by default on most current Linux variant repositories. (Natty Narwhal by Ubuntu is the only one and it's still in beta stages) - so I cannot simply run "aptitude install php5-curl" or similar to get it (the very latest version of cURL) installed.

How would one go about installing the very latest PHP + cURL packages?

Is it as simple as changing the to-download file for cURL in a repository somewhere? (ie. changing a text file's entry somewhere from http://curl.haxx.se/download/curl-7.21.0.tar.gz to http://curl.haxx.se/download/curl-7.21.3.tar.gz or something..?)

Basically I need the very latest cURL library running with PHP on Linux. How would you personally go about doing that?

How would one automatically shutdown an ubuntu OS 30 minutes after it was turned on? Or 15 minutes after it was turned on? Etc?

I tried creating an init.d script like so:

shutdown -h +5

But my box does not shut down after 5 minutes.

I want an NX or VNC session to start automatically when an Ubuntu server boots up - without a monitor connected - loading a certain user's desktop and keeping it loaded and ready until I log in via NX or VNC.

How would one accomplish that?

This code works via my terminal when I am logged in as the NX user, but not via root, and not in the init.d folder. No idea why?

/usr/NX/bin/nxclient --session /home/user/.nx/config/SavedSession.nxs

Please provide somewhat simplified instructions! I am certified linux newb.

How do I automatically run Firefox on an Ubuntu Server inside the Amazon EC2 cloud as soon as the server starts up?

I know how to create my own AMIs and all that jazz. I just need to know how to auto-start firefox.

The Ubuntu Edition is 8.04 Hardy. The server environment is Amazon EC2.

Exactly what the title says. I need to stop IE 8 from reloading the PAC file on every request the browser makes.

I only require it to load once per session.

How do I prevent Internet Explorer from reloading the PAC file? I need to stop IE8 from reloading the PAC file on every request the browser makes.

I only require it to load once per session.