As I expected in the previous post, all the shouts of the journalists that people downloading tons of video will overload bandwidth capacities of Internet Service Providers are ungrounded.
IBM presented a new fiber optical chipset that allows to transfer 160 Gigabits (20 Gbytes) per second.
There is also a nice article from Reuters about Web 2.0 startups funding.
They writes that investments in web 2.0 startups are not high, but doubled last year: $844.4 million for 167 firms in 2006, up from 95 companies year before and just 35 in 2004.
Mar 28, 2007
Mar 18, 2007
new york times for lamers
A customer of mine sent me an article from New York times: "Popularity Might Not Be Enough". Along 3 screens of text they chew that life is hard, internet is not a place where money fall for doing nothing, and "for a general-interest site to generate $50 million" per month the site has to have "billions page views a month". Did I miss something or they are just comedians?
Especially I laughed over "new technologies that could allow I.S.P.’s to identify the biggest bandwidth users". Technologies to track statistics of traffic consumed per user is something new?
If ISP sells "unlimited traffic" package - it is not bound to bandiwidth. If it's "to identify the biggest bandwidth" - it is not "unlimited". In the worst case unlimited packages will become more expensive and ISPs will offer the "per-GB" packages again.
Why do people waste so much time for freebie hunting and fake fears ... infantility?
Especially I laughed over "new technologies that could allow I.S.P.’s to identify the biggest bandwidth users". Technologies to track statistics of traffic consumed per user is something new?
If ISP sells "unlimited traffic" package - it is not bound to bandiwidth. If it's "to identify the biggest bandwidth" - it is not "unlimited". In the worst case unlimited packages will become more expensive and ISPs will offer the "per-GB" packages again.
Why do people waste so much time for freebie hunting and fake fears ... infantility?
Mar 15, 2007
Agile Software Development Toolbox
I like the humor of this kind!
The Agile Software Development Toolbox
The Agile Software Development Toolbox
Mar 11, 2007
PHP security settings
Sometimes there is a need to set up a 3rd party script, like a forum, on the dedicated server I am responsible for.
Maybe you remember, a couple years ago a serious security issue was discovered in PHPBB, a very popular forum software at that time, and hundreds of thousands of servers all over the world got infected by a worm. I do remember that case.
So there is a question - how to use a 3rd party script that you don't trust in full?
There are several options I recommend to use upon compilation of PHP, in php.ini and in the VirtualHost section (for some sites).
Here are some settings I personally use in VirtualHost (configuration of Apache web server) to run the potentially unsecure application:
<VirtualHost *>
...
php_admin_value upload_tmp_dir "/path/to/upload_tmp"
php_admin_value open_basedir "/ path/to/forum:/usr/local/lib/php"
php_admin_value disable_functions "shell_exec,exec,system,
passthru,proc_open,popen,curl_exec,pcntl_exec, socket_create,socket_create_listen"
</VirtualHost>
(Note: I have the disable_functions value written in one line without spaces)
There are some security-related settings I have in php.ini on the production servers (PHP 5.2).
;turn on for the sites I need in the per-host config
register_globals = Off
;does not really safe, but too restrictive IMHO
safe_mode = Off
;notices almost always tell about more serious problems
error_reporting = E_ALL
;it doesn't save from the SQL injections anyway
magic_quotes_gpc = Off
;don't allow to execute arbitrary code as a loaded module
enable_dl = Off
;Anti-DOS settings
max_execution_time = 30
memory_limit = 16M
post_max_size = 8M
upload_max_filesize = 6M
;before PHP 5.2 (when allow_url_include was not available) I had it "off"
allow_url_fopen = On
allow_url_include=Off
;Never use /tmp, critical projects may need a completely separate storage
session.save_path = "/home/www/sessions"
;I don't allow session id in URLs
session.use_only_cookies = 1
When I set up (compile) PHP on the server, I compile the web server module and the CLI module separately with the different options of the ./configure command.
For the web server module I add "--disable-posix --disable-sockets --disable-ftp --disable-sysvsem --disable-sysvshm --disable-shmop --disable-pcntl"
For the CLI module I have these options "--enable"d.
These settings provide me with almost unlimited flexibility of the the dedicated server environment and good security while running my code (not recommended for the public hosting).
The untrusted code I run as the separate sites, adding the "disable_functions" setting you can see above in the VirtualHost section.
Maybe you remember, a couple years ago a serious security issue was discovered in PHPBB, a very popular forum software at that time, and hundreds of thousands of servers all over the world got infected by a worm. I do remember that case.
So there is a question - how to use a 3rd party script that you don't trust in full?
There are several options I recommend to use upon compilation of PHP, in php.ini and in the VirtualHost section (for some sites).
Here are some settings I personally use in VirtualHost (configuration of Apache web server) to run the potentially unsecure application:
...
php_admin_value upload_tmp_dir "/path/to/upload_tmp"
php_admin_value open_basedir "/
php_admin_value disable_functions "shell_exec,exec,system,
passthru,proc_open,popen,curl_exec,pcntl_exec, socket_create,socket_create_listen"
</VirtualHost>
(Note: I have the disable_functions value written in one line without spaces)
There are some security-related settings I have in php.ini on the production servers (PHP 5.2).
;turn on for the sites I need in the per-host config
register_globals = Off
;does not really safe, but too restrictive IMHO
safe_mode = Off
;notices almost always tell about more serious problems
error_reporting = E_ALL
;it doesn't save from the SQL injections anyway
magic_quotes_gpc = Off
;don't allow to execute arbitrary code as a loaded module
enable_dl = Off
;Anti-DOS settings
max_execution_time = 30
memory_limit = 16M
post_max_size = 8M
upload_max_filesize = 6M
;before PHP 5.2 (when allow_url_include was not available) I had it "off"
allow_url_fopen = On
allow_url_include=Off
;Never use /tmp, critical projects may need a completely separate storage
session.save_path = "/home/www/sessions"
;I don't allow session id in URLs
session.use_only_cookies = 1
When I set up (compile) PHP on the server, I compile the web server module and the CLI module separately with the different options of the ./configure command.
For the web server module I add "--disable-posix --disable-sockets --disable-ftp --disable-sysvsem --disable-sysvshm --disable-shmop --disable-pcntl"
For the CLI module I have these options "--enable"d.
These settings provide me with almost unlimited flexibility of the the dedicated server environment and good security while running my code (not recommended for the public hosting).
The untrusted code I run as the separate sites, adding the "disable_functions" setting you can see above in the VirtualHost section.
Mar 5, 2007
spring flowers
Today I bought flowers! It is unusual - yet very exciting :)
Here they are - images of a web cam quality, but I enjoy them!
Here they are - images of a web cam quality, but I enjoy them!
Subscribe to:
Posts (Atom)
