Yesterday I disabled most insecure and outdated ciphers on my Jabber/XMPP server. Server to server and client to server communication is possible using encryption only. Forward secrecy is supported too. Currently I have only one cipher enabled, that does not support forward secrecy. That's because Pidgin seems not to support the other enabled ciphers. I will switch the XMPP client and will then disable this cipher too. You can see the result off a server check here:
This website forces HTTPS encryption from now on. All HTTP traffic will be redirected to HTTPS. I do this because I think every website should only be accessible via encypted data protocols.
Some time ago I thought about a concept for providing my public PGP key in a way, that makes it hard to compromise it. I decided to create a GitHub repository only for storing keys. I provide one key there and the same key also locally at hanez.org. You just can compare both keys and if they are the same it is very realistic that these keys are really mine. Take a look at the contact page to get my PGP key.
If you notice any problems, please contact me.
Some years ago I posted the Gentoo Zsh prompt to make it available to every Zsh user, not only Gentoo users. Some days ago I wanted some Git features in my shell. I saw some nice prompt features in the last years when using Git so I wanted that too. I didn't found a nice prompt so I decided to write my own. I installed oh-my-zsh and created my own theme. It is based on the original Gentoo Zsh prompt and the Kolo oh-my-zsh theme.
Below you see an example session interacting with a Git repository:
Nice, isn't it?
I love minimal prompts with all the information I need. Since I am using xterm it is compatible to it. I love colors... ;)
You can see here that the [master*] part is not shown when not in a Git managed directory. My $HOME is managed by Git so I always have the repository information available, but not as root.
The code is found in my fork of the oh-my-ssh repository. Take a look under themes/, there is a file named hanez.zsh-theme. You can add this file to any oh-my-zsh installation from the upstream repositories or just add the content of the file to your .zshrc file. I use this fork only for providing my theme.
All of my custom Zsh stuff is found in my $HOME repository at GitHub.
Update: I replaced the dots which are showing the Git status with some asterisk to make the prompt become compatible to more terminal emulators. Some bugs are fixed too.
I was asked some days ago how I am creating this website because it is very fast, seems not to be using WordPress and looks very custom. I will explain what is going on here.
- This website is static HTML.
- This website is WordPress.
- This website is very custom.
I am running a very hard modified version of a very old version of WordPress locally on my Notebook. I patched a lot of stuff for creating static HTML files from this installation. I afterwards are running a Shell script mostly using the mirror function of GNU wget (wget -m) for mirroring the local site http://hanez/ to a local directory and then sync it via rsync to my server. The local directory is a Git repository so I could always switch back to old versions of hanez.org.
So, this is WordPress but very hardly patched... What did I patched? I don't know all the modifications actually but most of it was patching all parts of the code to don't use the domainname in the URL's like href's or img sources spread around in the code. Locally my hostname is "hanez" in the web my hostname is "hanez.org" so that makes problems. I think it was mostly the RSS stuff where I needed to fix that. But that was very easy because the static content was created by following all links on the site. I am just using hanez.org as static string in all links in the RSS feed.
I also changed all path information so there is no "wp-admin", "wp-content" etc. URL part to some content anymore.
The photo gallery is completely written by myself. Many files are not created using WordPress, they are just plain HTML files. WordPress is including a head and a foot file provided by me and mostly don't uses the template directory. I think I modified and added some functions but I don't know them exactly anymore. It was mostly customizing the HTML output to be compatible to my CSS file and logical structure. I know there are some bugs but for me that is not important. I think it works very well and I am optimizing all the time. Maybe I will install a current version of WordPress in the future and create a patchset but I have no time for that now.
You think that sounds a little bit crazy because I am recreating all pages on every change on the site...? Yes, it is crazy but it takes nearly no time. This site is being generated and published in about 60 seconds (hasync0.81s user 0.45s system 2% cpu 56.384 total) without the photo gallery but this is a very special part. The photo gallery is using the Flickr API and this is very slow. Since I am uploading photos very rarely this is not a big problem to me and the gallery is only recreated when there are new files on Flickr.
I am syncing some directories to the server like "/images" or "/files" to make sure that files where I am linking to from other websites are still available in the net even if I am removing links to those files so "wget -m" will not mirror them anymore.
The most benefit for me releasing my website like this is, that my webserver is just a stupid copy of what I have running locally. There is no dynamic data creation on my server, there is no scripting language running and I don't need to make backups of /var/www. I also don't have to run a database on this server
Locally it is great to a have a simple interface for publishing information by still being totally free when integrating own stuff like the gallery. Even a mix of PHP and some small parts of Python code are running here... So, I am totally free when coding this site because I never will produce a monster running on a server and wasting CPU time just because everything is created dynamically but without sense...
One thing I shouldn't forget to mention is that I am running sometimes very crappy code in my WordPress installation but I don't need to care. I am the one and only person running this code. I know that's not a good practise but I am running PHP here and this could really make problems on public webservers. So security is in no way important when writing this website's code.... ;)
Greets from outer space... ;)
I switched from MySQL to MariaDB some time ago and now I read in the news that Wikipedia is switching too. I really recommend to give MariaDB a try. Nothing is changing to you if you are running Webapps like PHPMyAdmin, Wordpress etc. You are just switching to a 100% open source software that MySQL is not anymore.
I am using Gentoo and Sabayon Linux and switching was just installing MariaDB, MySQL was automatically removed. Restarting the service "mysql" was the only thing to do afterwards. All databases were up and running whithout any configuration. Make a dump of your databases before so you could import the data when something fails with the raw datafiles. Everything worked out of the box for me and even my backup scripts are working without any changes because of 100% MySQL compatibility.
I like to replace software on my workstation that is not 100% open source. It is great that MariaDB is on its way and we could feel like we felt the good old "MySQL" days... ;)
Dear hosting providers, please switch from MySQL to MariaDB. Everything is compatible and when you are doing the first step, web application developers will follow. MySQL is great but it is not freedem like MariaDB and we all used the freedom of MySQl in the late 90's to build up our hosting stuff... It was a benefit for the MySQL project but mostly for us. So let us now do the same and give MariaDB the chance for replacement. Then the develepment of the most succesfull open database management system can go on again. Thanks for that to all developers of MariaDB!
MySQL, Rest In Peace!