July 2004 Archives

July 3, 2004September 23, 2006

Movable Type Database Backups

I have finally got our database backups running here on Sunpig. Our site is made up of half a dozen Movable Type blogs and a couple of phpBB forums. There are a bunch of photos scattered around the site, but apart from that, most all of the text content resides in a single MySQL database. (Abi’s BookWeb is the notable exception.) Even if all of the pages on sunpig.com were accidentally deleted, we could regenerate about 90% of them by reinstalling the basic MT and phpBB applications, and restoring that master database. So it’s quite important that we keep it safe.

I’ve knocked together a little perl script that runs as a cron job every night. It produces a backup of the database, compresses it to save space, and then stores the file somewhere safe (i.e. not in our webroot). It tags the file with the weekday name (“mon”, “tue”, etc.), so these files only last seven days before they get overwritten with newer versions. They will mostly be useful in case the live database becomes corrupted, or if I do something stupid, like accidentally delete a blog. (It does happen, you know.)

Then, once a week, the script takes the backup file it has produced, and uses FTP to transfer a copy to a different server half-way around the world. The remote file gets tagged with the full date in YYYYMMDD format, so they don’t get overwritten. I’ve only got 30MB of space on this other server, and the gzipped backup files are about 2MB each, so I’ll have to do a manual download and archive of these files every three months or so. Still, this is a vast improvement over manual backups on a “whenever I remember” basis.

In case you’re interested, here is the script:

dbbackup.pl

#!/usr/bin/perl # Connection details for local database $dbhost = ‘aaa’; $dbuser = ‘bbb’; $dbpass = ‘ccc’; $dbname = ‘ddd’; # Get the day of the week $day = `date “+%a” | tr ‘A-Z’ ‘a-z’`; chomp $day; # Construct a file name consisting of the database name and the day of the week $localfilename = “/home/sunpig/sqldump/$dbname\_$day.sql.gz”; # Dump the database to file, and gzip it up system “/usr/local/bin/mysqldump –host=$dbhost –user=$dbuser –password=$dbpass $dbname | gzip > $localfilename”; # If today is friday, ftp the dump file to the remote server if ($day eq ‘fri’) { use Net::FTP; # Connection details for remote FTP server $ftpdest=’eee’; $ftpuser=’fff’; $ftppass=’ggg’; $date = `date “+%Y%m%d”`; chomp $date; $remotefilename = join “”, $dbname, “_”, $date, “.sql.gz”; # Connect to server and put the file $ftp=Net::FTP->new($ftpdest) or die “Couldn’t connect to host\n”; $ftp->login($ftpuser, $ftppass) or die “Couldn’t login\n”; $ftp->put($localfilename, $remotefilename) or die “Couldn’t put file\n”; $ftp->quit; }

July 2, 2004September 23, 2006

Comment spam and MT3

The only downside so far of moving to from Movable Type 2.6 to MT3 is the absence of MT-Blacklist for blocking spam comments. I’ve racked up 48 spam comments and trackbacks so far today. This is getting silly, so until I’ve implemented the new commenting registration and approval options in MT3, I’ve disabled comments and trackbacks on the whole of this blog.

July 2, 2004September 23, 2006

Crypto “Duh”

I’ve been developing web applications since 1998, but it was only a couple of weeks ago that one of the fundamental aspects of SSL (Secure Sockets Layer) really clicked into place for me: during an SSL session, the traffic is encrypted with a symmetric algorithm. SSL only uses an asymmetric (public key) algorithm during the session handshake in order to securely exchange the symmetric key for the rest of the session. The bulk of the SSL session is therefore optimised for speed, while the key exchange (the most vulnerable part) is optimized for security. Clever.

I can already see Spence shaking his head in disbelief that I hadn’t known this. My only excuse is that I’ve spent most of my time on inward-facing web apps, rather than public, internet-facing ones. (Not much of an excuse, though, I know.)

While I’m in a confessional mood, I might as well admit that the technique of salting hashes for increased security in storing passwords had passed me by until recently, too.

The real cleverness of salting hashes is not the technique itself, but the recognition of why it’s important. You could just take the attitude that if an attacker has got access to your database, then they can do whatever they like with it anyway, so why bother further encrypting the passwords you store in it? The problem with this is that most people re-use the same password in multiple places. So if an attacker gets hold of someone’s password for their blog, say, then chances are they can use it to also gain access to that person’s email or online banking account.

I’ll take this opportunity to recommend again the Password Safe tool, which removes the burden of having to memorize dozens of different passwords. Go get it, and start using it. If you’re not a computer expert, it’s difficult to spot where the weakest link is in any security chain. Password Safe, at least, will help to make sure it’s not you.

July 1, 2004September 23, 2006

They don’t stay young for long

It’s Alex’s last day in the Toddler Room at his nursery today. From next week, he’ll be in the Pre-School Room. He’s only three, and he won’t be starting primary school until 2006, but it still shows what a big boy he is, and how quickly he is growing up.

And as I carried Fiona into the Baby Room, she was holding herself almost upright in my arms, and looking from side to side like a startled meerkat. No more flopping against my chest because she lacks the muscle control to keep her head up. She can’t quite sit upright on her own yet, but she’s probably only a few weeks away from that milestone, too. And then she’ll be rolling and crawling and climbing up stairs…

July 1, 2004September 23, 2006

The consequences of driving to work

Since I managed to procure a parking space nearby my current contract, I’ve been driving to work instead of taking the bus. Even with rush hour traffic on the Edinburgh bypass, it cuts my commute down from an hour each way to half that. I do like getting home earlier in the evenings, and having a bit of extra sleep each morning, but I have also lost an hour of reading time from each day. If you have a look at my quick book reviews for 2004, you’ll see that in the first half of the year I’ve only managed to get through 14 books. Eek!

When I did my summing-up of 2003, I was terribly disappointed to find that I’d only read 37 books last year, and I was determined that I’d get through 50 this year. At my current rate I’ll be lucky if I crack 30. Damn.

However, aided by a postal DVD rental service (ScreenSelect), I’ve been burning through films like a wild thing: I’ve seen 39 new films this year already. That’s more than I watched in the whole of 2003. At least I’m not slacking off entirely in my consumption of entertainment.

Another side effect of driving to work is that I’m now a lot better informed about British current affairs than I have been in ages. I listen to the Today programme in the mornings, and to PM and the 6 o’clock news on the way back home. As a further consequence, I’m now less clued up about American politics than I used to be. I find that I can only cope with so much spin, double-talk, and outright lies in a single day, and I don’t need to supplement my daily dose with a helping of political blogs in the evening. The only American political blog I still read regularly is Talking Points Memo, and I usually catch up on it once a week.

Despite the usual stereotype of drivers being more stressed-out than non-drivers, I think that I’m actually more relaxed because of my drive. It’ll all have change when I next switch contracts, though.