2016-05-24 Updating the Electronic QSL collection for SWL reports 3 years ago
In the Electronic QSL received at PD4KH / PE4KH I have some SWL reports received via eQSL and I decided I should note these correctly. So I updated the script that generates this page and now NL12621, DL-SWL/DE1PCE, R4A-1227 and others are properly noted. I haven't found a conclusive list of all SWL 'callsigns' so I may miss some.
2016-04-29 Now available as TLS encrypted website 3 years ago
I consider it testing at the moment, but you can visit https://idefix.net/. The mixed-content warning will not go away soon since I partly depend on images and audiofiles from sources not (yet) available via https.
2016-04-28 First tries with letsencrypt certificates 3 years ago
A while ago I already pondered preparing links in my websites for https. With Let's Encrypt I can get free domain validating certificates for TLS encrypting my traffic. Even the subjectAltName extension is supported to get multiple domain names on one certificate. But it took me a while to really get around to implementing the rest and testing the results. The standard way of using letsencrypt is a bit too much 'for dummies' to my taste. The suggested and supported method for using Let's Encrypt uses the standard Let's Encrypt client which is very good at modifying apache configurations on it's own. I would like free certificates, but not at the price of letting that script do things to my webserver configuration. So I asked around and someone pointed me at letsencrypt-nosudo with the brilliant introduction:Read the rest of First tries with letsencrypt certificatesI love the Let's Encrypt devs dearly, but there's no way I'm going to trust their script to run on my server as root, be able to edit my server configs, and have access to my private keys. I'd just like the free ssl certificate, please.Exactly my thoughts. So I used that script, got my brain around what was happening and now I have a TLS certificate for a number of my private domains.
2016-03-31 Interesting report from pskreporter 3 years ago
Interesting report from pskreporter psk map today: a negative time at which the signal was reported. I guess the reported time is taken from the original spotter, I had EB4DDQ in the log at 18:12 UTC, he had me in the log at 19:12 UTC.
2016-02-02 Humor van nu.nl 3 years ago
In lynx krijg ik ook de melding over een adblocker van nu.nl. Nee, ik heb geen adblocker in lynx!
2016-01-20 Testing protocol-relative hyperlinks with letsencrypt in mind 3 years ago
I am pondering making my websites available via https using a Let's Encrypt certificate which are free and support multiple servernames. Currently I have one HTTPS site running with a certificate signed by my own CA which is only trusted by my own systems. Chances are that I will find lots of places where I will get mixed-content warnings and things that will break. So switching to https-only will have to wait. But the good news is that it's possible to omit the protocol from a hyperlink, leading to the following bit of HTML code in Nice APRS track this morning:<img src="//idefix.net/~koos/pics/aprs-PD4KH-20160108.png" alt="APRS track PD4KH 20160108" title="APRS track PD4KH 20160108"><br>This will keep working when idefix.net becomes reachable via https and will not give a mixed-content warning. I just have to make sure the http and https versions of idefix.net work exactly the same. At the moment this works fine, even when viewing the RSS feed using sage. According to Can I change all my http:// links to just //? on stackoverflow the number of browsers that don't support this is very small.
2015-11-08 Latest QSOs on my hamradio site 3 years ago
It's possible to get your 'most recent QSOs' (radio contacts) on a website using iframes/scripts from sites like www.qrz.com or www.hrdlog.net. I had to do my own thing and get the data from my logging application CQRLOG which has all my radio contacts logged. In a MySQL database. Which is not my preferred database, but it works with CQRLOG and I don't touch it otherwise. A bit of searching found me Accessing the MySQL server spawned by CQRlog - N0NB which had the right incantations. I used this to build a perl script which does an SQL query to extract the latest QSOs, like:SELECT callsign,band,mode,loc,rst_s,rst_r,qsodate FROM cqrlog_main ORDER BY qsodate DESC LIMIT 10Followed by some work to export the data to a format the webserver for my website can pick up even when the 'radio' desktop is not running. And the result is now visible at the top right of PD4KH Amateur radio - Koos van den Hout. Having the script really shut up when MySQL isn't running was a bit of work, but in the end this works in my crontab:./logtosite.pl 2>/dev/null
2015-07-24 Less flash but still playable audio 3 years ago
I like to sometimes add audio to items here on my homepage. In a format accessible for anyone with both download and play in browser options. Until now this was done using a flash-based player but lately flash has not been the secure option. With the latest browsers it is quite possible to have an html5 audio player, but to keep it accessible for every visitor I also want to keep the flash audio player available. So I looked up how to do that and found Using HTML5 audio and video. The linked audio is also available as attachments to the homepage RSS feed which is the standard for podcast feeds but since the recordings of satellite passes don't have an audio explanation or introduction they are not very usable as a podcast feed.
2015-05-04 Keeping PHP to a minimum 4 years ago
I noticed the recent upgrades left some PHP scripts non-working. The default is now to disable PHP in userdirs, via:# To re-enable php in user directories comment the following lines # (fromI decided I want some PHP in userdirs, but while I was working on this configuration I want to turn the default around: disable the PHP engine in the global configuration and only enable it on those sites where I need it for the site. So now /etc/php5/apache2/php.ini has:
to.) Do NOT set it to On as it # prevents .htaccess files from disabling it. <IfModule mod_userdir.c> <Directory /home/*/public_html> php_admin_value engine Off </Directory> </IfModule>; Enable the PHP scripting language engine under Apache. engine = OffAnd some sites that need it have in the VirtualHost config:# enable php php_flag engine 1 <FilesMatch "\.ph(p3?|tml)$"> SetHandler application/x-httpd-php </FilesMatch>
2015-03-27 Overly interested Amazon EC2 nodes 4 years ago
On Camp Wireless and The Virtual Bookcase I see the following pattern in the access logs:2620:108:700f::36bc:aade - - [27/Mar/2015:13:27:11 +0100] "GET / HTTP/1.1" 302 298 "-" "curl/7.36.0" 2406:da00:ff00::36e2:d963 - - [27/Mar/2015:13:27:38 +0100] "GET / HTTP/1.1" 302 298 "-" "curl/7.36.0"Constant requests, 2 or 3 per minute from Amazon EC2 IPv6 addresses just requesting the / using curl. Over the day I now see 1334 unique addresses with at most 5 requests from one url. The same pattern as described in Stange stream of HTTP GET requests in apache logs, from amazon ec2 instances - Server Fault with no real answer to the why. It's not a problematic amount of traffic, I'd just like to understand what is happenning!
2015-03-23 Meer mobiel geschikte pagina's 4 years ago
Recent gaf google me allemaal meldingen dat mijn websites niet goed zouden werken op mobiele apparaten (telefoons, tablets). Het gevolg is dan dat google bij zoeken vanaf mobiele apparaten de sites ook minder aantrekkelijk zou vinden. Mijn eerste gedachte was dat dat me niet zoveel uitmaakt omdat de gemiddelde bezoeker van mijn sites wel vanaf een desktop of laptop PC komt. Maar aan de andere kant doe ik simpele dingen ook vaker vanaf een tablet tegenwoordig en zag in ieder geval mijn homepage er daarop niet uit. En sites als Camp Wireless hebben zeker een mobiel publiek. Alleen liep mijn kennis wat achter. De laatste keer dat ik serieus keek naar sites voor mobiele devices was toen WAP de oplossing was. Dus maar eens de informatiepagina's gelezen die google aangaf, over viewport gebruik en media queries voor CSS. Voor de meeste sites is het een simpele CSS aanpassing om een en ander mogelijk te maken. Onder een bepaalde breedte hebben de 2 kolommen die ik vaak gebruik niet zoveel zin. Dus met de media query dit opgelost. Nu langzaam maar zeker sites aanpassen. En van sommige sites moeten echt dingen aangepast worden (juist camp-wireless..) omdat daar nog deels verouderde technieken gebruikt worden die aanpassingen voor mobiel moeilijk maken.
2015-02-23 Preparing for upgrades and testing speed improvements for my homepage 4 years ago
As part of a needed upgrade on my homeserver I will also have to deal with Apache 2.4 and the changes needed there. Because some other things will change completely like asterisk I used an old server with comparable packages to do the same upgrades and test the results. As keen visitors to my page may have noticed I am interested in the performance. This test-setup also gives me room to experiment with some possible new methods. I have to establish a baseline on that server first since it has different hardware.Read the rest of Preparing for upgrades and testing speed improvements for my homepage
2014-11-24 Updates to my homepage 4 years ago
With some newsitems here on my homepage getting longer I started to feel the need to make a more blog-like format possible with items with an introduction and longer text. And titles here and there to give a better title to newsitems that deserve it. So some changes to the database format, support scripts and all the scripts generating pages. The changes were big enough to update the version number so now it is 4.5.
2014-11-21 (#) 4 years ago
It seems I am a very special person for google: the 'Birthdays' calendar which should be filled with the birthdays of all people in your google+ circles had the option to remove it from the list of calendars or unsubscribe totally. After being on the receiving end of some rants about this it is clear a lot of people don't have the option to get rid of this calendar. I found a possible workaround: How to delete the Birthdays Calendar from your Google Calendar. Update 2014-11-28: I was happy too early: now the calendar is back (without me asking for it) and I can't disable it normally.
2014-09-02 (#) 4 years ago
Lag in DNS changes: I stopped hosting a domain for someone, the last 'regular' traffic was on 20 August 2012. But some web robots have a memory of their own, the last access by a search bot was 25 October 2013.
2014-08-04 IPv6 visitor stats 2014 4 years ago
Time to count IPv6 visitor percentage to different websites again:
Interesting numbers. Results for The Virtual Bookcase and Camp Wireless are totally skewed thanks to some IPv6 bot constantly checking the site from constantly changing IPv6 addresses .. but without privacy extensions enabled. Method: unique IPv6 addresses seen in the whole month / total unique addresses seen in the whole month.
Site July 2009 July 2010 July 2011 July 2012 July 2014 http://idefix.net/ my homepage 1% 2% 2% 3% 4% http://netwerk.pcgg.nl/ hcc!pcgg netwerkgroep 2% 2% 2% 3% 1% http://weather.idefix.net/ weather maps < 1% 5% 6% 7% 6% http://bbs.idefix.net/ BBS files 1% 1% 1% 3% http://webcam.idefix.net/ the webcam < 1% 1% < 1% 2% 2% http://www.virtualbookcase.com/ The Virtual Bookcase < 1% 1% 1% 4% 87% http://www.camp-wireless.org/ Camp Wireless < 1% 1% 1% 3% 70% http://weatherstation.idefix.net/ Weather station Utrecht Overvecht 1%
2014-07-28 (#) 4 years ago
Somebody at 22.214.171.124 was trying at a very high speed to brute-force /wp-login.php for one site on my server. The downside was that there was no /wp-login.php or any part of wordpress to brute-force, but that did not seem to deter the attacker. A temporary firewall rule now rejects all attempts. Update 2014-07-31: Next load of attempts from 126.96.36.199. And looking back in the logs shows other similar attempts.
2014-02-06 (#) 5 years ago
The webcam image at webcam.idefix.net is getting popular at the moment due to the use by nedWeer.nl peaking at 0.5 requests/second. Since the image is imported from a different server in a proxying setup this was causing quite some traffic on my adsl line. The image doesn't update every second, so I had a look into caching possibilities with apache 2.2. I wanted to use the memory cache for just this one object but I started with the disk cache because it's easier to debug and see the files on disk. This didn't work, and I could not figure out why. I followed the instructions found in apache2 - Apache Reverse Caching Proxy - why isn't it caching? - stackoverflow.com but still no caching happening. I set up a separate virtual server with the logging set to level 'debug' and found the following interesting line in the log:[Thu Feb 06 16:24:59 2014] [debug] mod_cache.c(370): (12)Cannot allocate memory: cache: Cache provider's store_body failed!This looked more like a memory cache problem than a disk cache problem. But the memory cache wasn't configured at all. I decided to remove the memory cache support completely and that fixed things with the disk cache. The debug log suddenly had the right messages:[Thu Feb 06 16:25:59 2014] [debug] mod_cache.c(633): cache: Caching url: /camwindow.jpgNow the webcam image is cached for 120 seconds. Which saves some traffic on the ADSL line. Update 2013-02-10: Requests still going at about 0.5 requests/second at busier times. The proxy reduces the impact on ADSL traffic and ping delays.
2014-01-31 (#) 5 years ago
Mooie tekst van Arnoud Engelfriet op Wat nou als jailbreaken mijn telefoon juist veiliger maakt? - Ius Mentis:Overigens erger ik me wezenloos aan de trend om dienstverlening ‘producten’ te noemen. Een product doet pijn als het op je tenen valt. Mobiel Bankieren (of gratis reizen buiten de spits) doet dat niet, dus is het geen product.
2013-12-18 (#) 5 years ago⇐ Newer news items for tag web Older news items for tag web ⇒
Using SSL should secure your services, but it needs to be configured correctly to avoid several attacks and keep the chances low that third parties can decrypt the traffic. With the SSL Server test from Qualys SSL Labs you can check the intimate details of your https SSL configuration. And when you wonder what to use to improve your score when using Apache mod_ssl, here is a configuration snippet shared by the right people at Tilburg University:SSLEngine on SSLProtocol all -SSLv2 # advies Wessel Dankers kub SSLHonorCipherOrder on SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:AES256-GCM-SHA384:AES256-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:AES256-SHA:AES128-SHA:DES-CBC3-SHA