• Posted by admin

Introduction

I would have to say that mod_rewrite is probably one of the most powerful features of an Apache web server.  It allows you to have an incoming http request:

frozen_apples.html

to be re-written as

index.php?p=frozen_apples

This is a powerful additional level of security for your web site, as visitors will not be able to see the inner workings of your web server through the query string or page headers.  It can even hide the scripting engine that your website is running on.

In this example, I will be using PHP as the scripting language.

Setup

httpd.conf

mod_rewrite is a module that is by default, enabled in an apache web server installation.  You will want to check that the line:

load module mod_rewrite

is uncommented.

You’ll need your web server that you are hosting your site on to be able to allow overrides to Apache’s main settings.  You will have to edit your httpd.conf file.  For brevity, I only list the settings that are important to setting up mod_rewrite.

<VirtualHost *>

AllowOverride All

</VirtualHost>

This tells the Apache web server, that for this particular virtual host, allow overrides to the default apache settings as specified in httpd.conf.

.htaccess

You will have to create a .htaccess file (if you haven’t already) in your website’s root (/) directory.  The .htaccess file is where all the magic happens with mod_rewrite.

Example code to get things working…

RewriteEngine on

RewriteRule ^old(regular_expression).html$  new.php?id=$1

Regular expressions

Regular expressions play an important part in mod_rewrite.  They allow you to specify the exact format of the document name request.  This is incredibly powerful and important for web sites and appications that have a database backend.  A common web server attack called SQL Injection, attempts to insert database commands via page headers or a query string into the database.  If proper security and form validation isn’t implemented on the site, the results of this attack can be disasterous.  Using mod_rewrite to modify query strings, and obstruficate the user’s ability to see what technology is on the server, highly improves a security risk like SQL Injection.

On a form submitted to the web server which interacts with a database - the intruder tacks on SQL code to one of the form fields using ‘;’.

By filtering the form submission using mod_rewrite, we can disallow at the server level, what is an acceptable character and what is not. 

Another important point in our example here is mod_rewrite’s ability to filter and copy string data from the first url we specify to the next.

In the first filename, the regular expression sub-string that is contained between the brackets will transfer to the variable value $1 in the second string.

e.g.

RewriteRule ^([a-z]+).html$ index.php?article=$1

new.html would become index.php?article=new

Further Reading:

This tutorial only scratches the surface with mod_rewrite.  Here are some links to further your study with mod_rewrite.

mod_rewrite

apache official module documentation

regular expressions

Regular Expression Library





  • Posted by admin

In the life of a computer system (or computer systems), you will have failure.  It is inevitable.  No operating system is perfect, and will provide 100% uptime.  You can get very close, but inevitably, the chain will break at its weakest link.

This post is about that ‘getting very close’.

Designing your network / system

Don’t base your network completely on one operating system.

Diversity is truly the key to making a system more secure.  If you have a virus, or perhaps a piece of buggy software on multiple identical systems, it will fall like dominoes.  While it is somewhat easier to manage computers that all use the same operating system, a network is considerably more robust with multiple systems.

Consider a component stereo system vs a ghetto blaster.   If one component like the DVD player, speakers, or the cassette player (yes, admit it, you still have one) goes on the fritz - the other components still function.  A broken ghetto blaster?  Might as well buy a new one, and this is where the metaphor breaks down, because computers are great deal more expensive and time consuming to set up, than a portable stereo system.

US Army finds security in the Mac

- use operating systems to their strengths and your budget

- if you do use multiple operating systems in your work (or play) consider a dual or triple boot system.  This can also be a lifesaver if something goes wrong with one of your OSes.

What is becoming more popular these days in the software development is the use of virtual machine software to run multiple ‘virtual’ computers on a single machine.  You now have the option of running multiple operating systems on your WIndows, Mac or Linux machine without all the hardware.  You can test multiple environments for your application (or website), or run all your favorite server software all on one machine.

VM Ware

Each virtual machine has an image of itself - sort of like taking a picture of its hard drive and hardware setup.  The great part about a virtual machine is, if the image ever gets corrupted, all you do is re-install the original backup image of the computer, and you are off and running again.

Have a backup plan

No, not just a piece of backup software - an actual plan.

If you have one computer:

- back up at least once a week, to a removable hard drive, or flash drive

- make incremental backups using a DVD burner as well

There are a number of affordable (and automatic) consumer backup systems out like Apple’s Time Machine and HP’s Media Server.  Find the one right for you and your computers.

if you have multiple computers on a network:

- back up all important files on each computer, to a central storage server

- use two removable hard drives for backup

- use one hard drive for backup one week, and the other next week

- keep one hard drive off site at all times.

- on your computer’s hard drives, split it up into ’system’, ‘programs’ and ‘data’ partitions

We all have the nasty habit of filling up our hard drives with clutter, and we don’t pay attention, until that fateful day our computer says our hard drive is too full.  Having your hard drive broken up across multiple partitions, (and not saving on the ’system’ partition) allows you to be able to still run your computer, if the ‘data’ partition gets full.

- install anti-virus software and schedule it to run a full system scan once a week (on each computer)

- if you do computer programming, use a version control system (and back that up as well)

Security

- get a router/firewall

Preferably both a hardware-based firewall, and a software-based firewall for all your computers.

- use strong passwords for all your systems

Crackers (people who break into computer systems) use an automated program which rifles through commonly used passwords to break into systems.  I used to have a linux server at my house, and on occassion I would see these long lists of ‘dictionary words’ that they use to try to get ‘root’ access to my system.  Not once did anyone get in.  My secret?  Strong passwords.

Use upper and lowercase letters in your password, as well as punctuation and numbers.  If you have trouble remembering complex passwords, use a l33t-like password (the letter ‘E’ is replaced by the number 3).   These passwords are more random in nature and thus harder to figure out.

If you run Windows, have a knowledgeable technical person go through a security checklist to plug the security leaks, and shutdown programs that run in the background that you may not actually need running.

Summary

I’ve listed a few of the ways here to get your system (or systems) setup for the long haul.  Diversity is a good defense against failure.  Plan your strategy to backup your computers.  Have firewalls in place.  Don’t use ‘admin’ or ‘god’ for a password.  And keep your stick on the ice. ;-)





  • Posted by admin

Background

The Inner Workings of Linux

What is X Server?

A breakdown of the sections in the xorg.conf file

Configuring xorg.conf for your system

Setting up xorg.conf for multiple monitors in Linux

Using the nVidia nv driver - using TwinView

Troubleshooting

Links for graphics drivers and Linux

Other useful links

So I was skyping my son the other day and much to my delight he had installed Linux on his desktop system.  He was having a devil of time trying to get the dual monitor set up installed.  First it was two monitors that had exactly the same picture, and then *poof* nothing on either.  How very frustrating.  I am writing this post in an effort help my son figure out his monitor situation, and in turn provide some valuable information out to those who have experienced the same frustration and have had mixed results in finding any solutions.

I will try to attempt to explain the technical terms as succinctly as possible. A geek for the ungeeky if you will.  As there are many distros of Linux as there are stars, I will discuss my experience and the distro that I am familiar with.   There are always a great deal of posts out on the ‘ Net dealing with the technical intricacies (and frustrations) of setting up dual monitors using X.  My intention in writing this post is that this is a primer (for the unprimed) to understand how X is set up at the configuration file level.  So, if this article doesn’t help you solve your problem, it at least sends you on the right path to fixing it.

You will need access to your Linux command prompt.

I will update this as I get more information from time to time.   I’m only human.

Background

Back in 2000, when I first was introduced to Linux and the world of open source software, I spent many a night trying to configure ‘this piece of hardware with this piece of software’.  This was back when Red Hat 7.1 was out, there wasn’t any Fedoras or Ubuntus lying around.   For those stubborn enough to try and fiddle with the configuration settings, and read many cryptic postings about the inner workings of the software, there were many a reward.  For those that did not, and just wanted Linux to work - there was a number of choices

1) Go back to Microsoft Windows

2) Run Linux at the command prompt

3) Buy a computer system that has hardware that has been documented on the ‘net to work with Linux

4) Try a different distribution of Linux that has drivers for your specific hardware

I was part of the stubborn bunch at that time - I often dreamed of a day when I had my Linux configuration at it’s utmost ideal and I was able to be productive in my computing without too much software configuration.  I am always interested in learning about stuff, and simply giving up denied me that opportunity.

My experience with finding a solution to the dual monitor Linux quandry…The Inner Workings of Linux

Now the point of this post isn’t about my history with Linux, or whether you should be chucking Linux to the dustbin ( I’m OS neutral - I run all of them - for me each has it’s qualities and merits that I enjoy, as well as each having their faults)

One of the configurations that was a bit of headache was setting up the X Server on my HP 7140US laptop.  This was in 2003, and I was running Red Hat Fedora 3.  I found a few articles regarding the setup of an additional monitor but I wasn’t quite getting the answers that I really needed.  The GNOME and KDE GUI setup wizards weren’t helping much either.  This latter portion of this post describes my findings in this quandry and starts off with brief bits of history to help us with our quest to run dual monitors in Linux.

If you’ve ever run Windows before, you will know that if a program you are running shuts down, it has the potential to take down the whole computer with it.  You might have to, at the very least, reboot.   Or something worse.  If something within the programs that run the Windows operating system crashes, it is more than likely that your system will have to be shutdown and/or rebooted.  Processes that display icons and start menus, open and close windows, display the toolbar, and update the time in the corner of the screen.  Even if these processes crashed, you might at the very least have to restart.

In contrast to Windows, Linux is architecturally set up different that Windows.  Rather than having all the processes tightly integrated into the operating system, Linux runs each process as a seperate process unto its own.

My point would be that at the design level - Linux is designed to be compartimentalized, such that, not one process that crashes takes down the whole operating system.  Or at the very least, it is very difficult for one process to take down the entire system.

What is X Server?

There are three pieces to running a GUI in Linux

  • The X Server

  • Windows manager (Sawfish and others)

  • the GUI (Gnome, KDE, or others)

I’m not going to cover the Windows manager or the GUI in this post.  They are concerned with the graphical interface and styles of the windows that are available. For this tutorial I will assume to use gdm (gnome display manager) as the preferred windows manager.

The X Server is the process which runs the GUI of the Linux operating system.  It talks to the hardware and allows Linux to run a graphical user interface for the user.

It has a configuration file that contains the information about your hardware and how you want your GUI to be set up.  The file is called xorg.conf.   The location varies from Linux distribution to distribution.  On Red Hat distros (short term for ‘distribution’ amongst Linux advocates) you can find it at /etc/X11/xorg.conf.  If you are unable to find it, you can type the command:

> locate xorg.conf

to find it.

For our purposes, you will need root access to edit this.

A breakdown of the sections in the xorg.conf file

There are 6 possible sections to any xorg.conf file

The format goes something like this:

Section "SectionName"
Attribute "Value"
EndSection

ServerLayout

Section "ServerLayout"
Identifier "Default Layout"
Screen 0 "Screen0" 0 0
InputDevice "Mouse0" "CorePointer"
InputDevice "Keyboard0" "CoreKeyboard"
InputDevice "Synaptics" "AlwaysCore"
EndSection

This defines “layouts” within the configuration of your X Server.  If you have a laptop you could have two layouts depending on whether you’ve hooked up your external monitor or not.  One with the monitor, and one without.  More on this later…

Files

Section "Files"
RgbPath "/usr/X11R6/lib/X11/rgb" FontPath "unix/:7100"
EndSection

This sets up the paths to the files that you would like X server to use.  Files like fonts, for example.

Module

Section "Module"
Load "dbe"
Load "extmod"
Load "fbdevhw"
Load "glx"
Load "record"
Load "freetype"
Load "type1"
Load "synaptics"
EndSection

This specifies the modules within Linux that you want loaded when you start X.  Modules like:

freetype - the font server which provides fonts to X

This is also the place to specify certain specific modules to X if you have a hardware accelerated video card.  Check your manufacturers’ documentation for more info.

InputDevice

Describes the model of your input devices -  like a keyboard and/or mouse

Section "InputDevice"
Identifier "Mouse0"
Driver "mouse"
Option "Protocol" "IMPS/2"
Option "Device" "/dev/input/mice"
Option "ZAxisMapping" "4 5"
Option "Emulate3Buttons" "yes"
EndSection

Monitor

Describes the model of your monitor, and specific information about configuration settings.

Section "Monitor"
Identifier "Monitor0"
VendorName "hp pavilion"
ModelName "LCD Panel 1440x900"
HorizSync 30 - 64 VertRefresh 50 - 100 Modeline "1440x900" 97.54 1440 1472 1840 1872 900 919 927 946
Option "dpms"
EndSection

Device

Section "Device"
Identifier "Videocard0"
Driver "nvidia"
VendorName "NVIDIA"
BoardName "GeForce FX 5700"
Option "MetaModes" "1440x900"
Option "NoLogo" "true"
EndSection

Describes the model of your video display adapter (graphics card) and its settings

Screen

Section "Screen"
Identifier "Screen0"
Device "Videocard0"
Monitor "Monitor0"
DefaultDepth 24
SubSection "Display"
Viewport 0 0
Depth 24
Modes "1440x900"
EndSubSection
EndSection

This describes how each component works together to form a “screen”.  It is important to state in this configuration file, that a “screen” is not defined a physical “monitor”.

DRI

Direct Rendering Infrastructure

This section has to do with settings for applications that wish to directly access the graphics hardware rather than having to go through the X server (as the middle man).  In any case, the default value here is acceptable and should not be changed.

Configuring xorg.conf for your system

In xorg.conf:

1) You define your layouts.  Which includes input devices, monitors, graphics cards, and “screens”.  Where your monitors are physically to each other (e.g. is “monitor1″ on top or to the right of “monitor2″?)

2) You define the files and modules that is required for your configuration to run.  E.g. setting font paths and such.

3) You define your input devices, such as a keyboard and mouse.

4) You define the hardware that you want X to use - that is, your monitor(s) and your graphics card(s)

5) You then define the “screens”.  That is to say - what graphics card goes with what monitor to define a “viewport” for your system.

This is a very powerful way to configure a pc-graphics card-monitor setup, as you can have multiple layouts to suit many different situations that you might have. (e.g. if you have a laptop, you can have a single screen layout for when you are on the go and are not hooked up to your second monitor)

Setting up xorg.conf for multiple monitors in Linux

  1. Review this article so that you have a high level understanding of how to get your set up working

  2. For each of the critical hardware pieces (your graphics card(s), and your monitors) refer to your manuals (paper or online) for specs

Specifically:

For your monitors, the acceptable display resolutions and the vertical and horizontal sync values

For your graphics card(s) the display resolutions (1440×990, 1024×768, etc.)

These values are important, as if you don’t have the correct value for these you will not see anything. Keep these numbers on hand.

Google your monitor and graphics card to see if there is someone else out there who has the same graphics card and/or monitor and has made them work in Linux. Seeing as how you’ve arrived at this article you’ve probably done this already. It will be a bonus at this point if they list their xorg.conf file, even if they don’t have exactly the same display setup as yours.

What kind of graphics card chip do you have in your cards? There are a number of different routes to setting up displays in X, and some graphics chip manufacturers allow you to set this up easily in the xorg.conf file. If you have a nVidia or ATI card, there are specific attributes in the xorg.conf file to accomplish dual (or multiple) monitors in Linux.  Be sure to see if your graphics card (or chip for laptop owners) is compatible with the driver that you are trying to install.

3. Make a backup copy of your xorg.conf (something like xorg.conf.backup).  Make multiple backups for every successful change you make to xorg.conf.  You won’t have to go all the way back to the original if you do fail.

4. If you haven’t done this already, get your one main monitor configured first.  Have a configuration you can fall back on while you are setting up your multiple monitor system.  Gradually ‘grow’ the xorg.conf file until you have your full system configured.

5.  The hardware setup you have will determine how you write your screen configuration in xorg.conf.  Let’s take a look at two examples (code is purely theoretical at this point):

If you have a laptop, you will only have one graphics device that is running two monitors.  This is the same for PCI type graphics cards with more than one display output.

 

Section "Monitor"
Identifier “Monitor0″
VendorName “hp pavilion”
ModelName “LCD Panel 1440×900″
HorizSync 30 - 64
VertRefresh 50 - 100
Modeline “1440×900″ 97.54 1440 1472 1840 1872 900 919 927 946
Option “dpms”
EndSection this is your second monitor…
Section “Monitor”
Identifier “Monitor0″
VendorName “hp pavilion”
ModelName “LCD Panel 1440×900″
HorizSync 30 - 64
VertRefresh 50 - 100
Modeline “1440×900″ 97.54 1440 1472 1840 1872 900 919 927 946
Option “dpms”
EndSection

Section “Device”
Identifier “device0″
Driver “nv”
VendorName “NVIDIA”
BoardName “GeForce FX 5700″
Option “MetaModes” “640×480″
Option “NoLogo” “true”
EndSection

Section “Screen”
Identifier “Screen0″
Device “device0″
Monitor “Monitor0″
DefaultDepth 24
SubSection “Display”
Viewport 0 0
Depth 24
Modes “640×480″
EndSubSection
EndSection

Section “Screen”
Identifier “Screen1″
Device “device0″
Monitor “Monitor1″
DefaultDepth 24
SubSection “Display”
Viewport 0 0
Depth 24
Modes “640×480″
EndSubSection
EndSection

 

 

If you have a desktop system with multiple graphics cards, you will have a system that defines two devices and two monitors.

 

Section "Monitor"
Identifier “Monitor0″
VendorName “hp pavilion”
ModelName “LCD Panel 1440×900″
HorizSync 30 - 64
VertRefresh 50 - 100
Modeline “1440×900″ 97.54 1440 1472 1840 1872 900 919 927 946
Option “dpms”
EndSection  
# this is your second monitor…

Section “Monitor”
Identifier “Monitor1″
VendorName “hp pavilion”
ModelName “LCD Panel 1440×900″
HorizSync 30 - 64
VertRefresh 50 - 100
Modeline “1440×900″ 97.54 1440 1472 1840 1872 900 919 927 946
Option “dpms”
EndSection

Section “Device”
Identifier “device0″
Driver “nv”
VendorName “NVIDIA”
BoardName “GeForce FX 5700″
Option “MetaModes” “640×480″
Option “NoLogo” “true”
EndSection

Section “Device”
Identifier “device1″
Driver “nv”
VendorName “NVIDIA”
BoardName “GeForce FX 5700″
Option “MetaModes” “640×480″
Option “NoLogo” “true”
EndSection

Section “Screen”
Identifier “Screen0″
Device “device0″
Monitor “Monitor0″
DefaultDepth 24
SubSection “Display”
Viewport 0 0
Depth 24
Modes “640×480″
EndSubSection
EndSection

Section “Screen”
Identifier “Screen1″
Device “device1″
Monitor “Monitor1″
DefaultDepth 24
SubSection “Display”
Viewport 0 0
Depth 24
Modes “640×480″
EndSubSection
EndSection

 It is best to start your multiple monitor configurations with 640 x 480 as the resolution for both monitors.  This is pretty much the lowest common denominator and if you can get this setup, you can try to increase the resolution as you test your xorg.conf file.  Once you have completed these sections you can go back up to the top of the file to your ServerLayout.

Section "ServerLayout"
Identifier "Default Layout"
Screen 0 “Screen0″ 0 0
Screen 0 “Screen1″ 0 0
InputDevice “Mouse0″ “CorePointer”
InputDevice “Keyboard0″ “CoreKeyboard”
InputDevice “Synaptics” “AlwaysCore”
EndSection

This will define the layout for the screens you defined further down in the file.

Personally, when I was setting up my laptop with this, I was fortunate enough to have an nVidia graphics chip. This made the setup pretty easy.  For now, this will be the focus of this post - more config info on the other systems later…

Using the nVidia nv driver - using TwinView

 The documentation for the nVidia drivers and it’s custom options for xorg.conf is done pretty well.  Setting up the proprietary TwinView option for laptops and single PCI/dual out graphics cards is a snap.

Add these lines to the device section:

Option "TwinView" "True"
Option "TwinViewOrientation" "RightOf"

The TwinViewOrientation option describes the physical relationship between the main display and the secondary display

 

TwinViewOrientation options - Clone not shown

TwinViewOrientation options - "Clone" not shown

“RightOf”  (the default)
“LeftOf”
“Above”
“Below”
“Clone” - mimics the view that is displayed on the main monitor

I’m not sure what the setup would be if you had multiple graphics cards.  I’ll have more information here in the future. 

You may still have to add a few more options depending on your configuration.  It’s best to consult the docs that come with nVidia driver, as they go into detail regarding each of the options that come with the driver. 

Troubleshooting

If you are still having trouble (blank screens, incorrect resolutions, etc.)

1) Refer to my post regarding Shutting down the X Server

2) Examine the Linux console log for X:

> cd /var/log/gdm/ [ENTER]

> ls [ENTER]

:0.log  :0.log.1  :0.log.2  :0.log.3  :0.log.4

Where 0.log is the most recent log available

Use the more command to list the contents of the log file…

> more :0.log [ENTER]

Links for graphics drivers and Linux:

An overview:

nVidia display driver archive

Downloading the ATI driver

Xinerama (an extension to the X system to allow for multiple monitors)

Other useful links

HP zd7000 laptops forums (with info for setting up Linux on these machines)

http://www.zd7000forums.com/

An old how-to on installing Fedora Core 3 on an HP zd7000 laptop, including a sample xorg.conf

(Thanks www.archive.org !)

Wikipedia entry on DRI