Cleaning the /tmp partition

If you have a server running Centos or most other flavours of Linux or you use cPanel/WHM for your box, you will often find that the /tmp partition slowly gets full over time and will eventually get clogged up. The net result of this is a reduction in the performance of your sites and in some cases, the server will grind to a halt.

It is good practice then to keep on top of this usage on a regular basis. Now before you dive in and just bin everything in the /tmp partition, be careful as often the mysql.sock file is in there if you run MySQL on the box and deleting that can cause you some fun.

The command below will safely clean your /tmp partition:

find /tmp -type f -mtime +5 -exec rm -f {} \;

Now just to break this down, the command is basically looking at the /tmp partition for files that are older than 5 days. The rm -f section means to force the removal of the file/directory (in this instance the file).

Stick the above command in a cron and run it say once a week and your /tmp partition should behave itself.

Open Mind Commerce Featured as Cart of the Week by Practical eCommerce

For Immediate Release

Open Mind Commerce, an established eCommerce solution provider based in the UK, today announced that the product has been featured as “Cart of the Week” by Practical eCommerce. (http://www.practicalecommerce.com/articles/1449-Cart-of-the-Week-Open-Mind-Commerce)

During an in-depth interview, MD Phil Williams gives an insight into the system as well as describes plans for the future of the software.

Phil Williams commented “Being featured on Practical eCommerce is big news for us as they are a highly respected organisation and it gave us a perfect platform to talk about our product as well as spread the word about the system.”

In addition, the company also announced that v1.4.1 of it’s software is released today and advanced development is in place for v2.0, codenamed The Novus Project, which will feature a complete rewrite of the system making it one of the most flexible and powerful commercial eCommerce platforms on the market.

About Open Mind Commerce
Open Mind Commerce is a trading division of Open Minded Solutions Limited. We are a full service ISP established since 2004 and we are based in Edinburgh, Scotland. Open Mind Commerce is our flagship product and allows SMEs to quickly and easily trade online.

Web: http://www.openmindcommerce.co.uk
Tel: 08456 445 789

About Practical eCommerce
Practical eCommerce was launched in July 2005 by Kerry and Joy Murdock in Grand Junction, Colorado, USA. Its mission from the start has been to provide down-to-earth articles and advice to help smaller businesses succeed online.

Web: http://www.practicalecommerce.com

Exporting SSL certificates from cPanel/Apache

I was quite surprised today to find that there is no built in facility to export a SSL certificate through WHM/cPanel. We needed to move the certificate to our Windows network from our Linux box and it wasn’t as straightforward as you may think.

Still after a bot of googling we came up with the following steps to create a pfx file which is simple to import into IIS on Windows:

Step 1 – Get the key/crt files
You can grab these two files by going to cPanel > Manage SSL hosts. Just select the domain you are exporting and cPanel will then display the key and certificate (crt) files

Step 2 – Create the files through SSH
Now this part may be un-required but I couldn’t locate the path to the files so I simply logged into SSH as root and entered the following:

[root@host ~]#nano domain.key

Save and exit (CTRL+X confirm save)

Now you need to repeat this for the certificate file as well.

Step 3 – Create the PFX file for export
OK now you have your crt and key files you need to create a pfx file for the export. For this we just use OpenSSL with the command:

[root@host ~]#openssl pkcs12 -export -out /home/pathtodomain/yourdomain.pfx -inkey yourdomain.key -in yourdomain.crt

You will be asked to set a password and also confirm that password. This will create the pfx file in the domain root.

You can download the generated pfx file and import into IIS.

Installing ColdFusion MX7 on Windows 7 Professional

OK this stumped me for a while but if you are trying to install ColdFusion MX7 on Windows 7 Professional and the installer is constantly quitting with the error “javaw.exe has stopped working” then try the following:

1) Extra all the content of the CF MX7 installation to a spare folder on your drive
2) Right-click the CFMX7Installer.exe file
3) Select “Troubleshoot Compatibility” from the context menu
3) Select “Try recommended settings” on the next screen

This should force the installer to run in Windows XP mode and will allow it to continue.

It’s geeky but still very cool…

Now being the geek that I am, unashamedly so as well I might add, I was looking around for an application for my HTC touch that would tell me how far I was walking when I took Bert the staffie out.

She who must be obeyed looked doubtful the other day when I reckoned I was walking about 20 miles per week so I needed proof dammit!

Anyway I came across this rather natty application called TrackMyRun which has been developed by a chap who runs quicker than I walk to log his training schedule.

It’s in Alpha/Beta at the moment but works really well on Windows Mobile 6 although I did have to upgrade the .NET Compact framework from 2.0 to 3.5 to get the beast started.

Basically it will use GPS to track your walk/run/drive/aeroplane/whatever journey, calculate the distance travelled, average speed, calories burnt etc and will also give you a rather cool map of your route using Google maps as the base.

A nice find I thought and ideal for anyone who enjoys anything more exertion than sitting on a chair reading blogs 😉

Domains and where to purchase…

A subject I see coming up quite a bit on business forums is never buy domains from the same company as your host. Now for the “kiddie” hosts who answer support tickets when they get home from school this may be true but for other business like ourselves this doesn’t hold water..

You know just as a test I have just been to Godaddy to make a trial purchase of a .com and what a faff on it is!

The checkout is very confusing and they do an almighty job of trying to add additional extras onto you.

When you finally get to the end, the price comes in at £6.59 for a one year .com registration. Obviously there is no VAT as they are a US company but this price will fluctuate with the exchange rate so you will not know how much it’s going to cost you to renew.

Now ours are registered through eNom which is the second largest registrar in the world for £7.99/year which ex-vat (if you’re vat registered) is £6.94 so 35p difference and you register with a UK company that actually have a good customer service record

In addition they charge for transfers in, we don’t…

I know domains are one of those point and forget things but what about when something goes wrong such as the domain not being renewed or worse still, being hijacked; which has happened to GoDaddy customers in the past.

Turning to 123reg for UK domains, they proudly state domains are £2.99 per year and don’t obviously advertise the facts that the price is subject to VAT and is also a two year registration. So a full registration would cost £6.88 inc vat whereas we are £7.98 a whopping £1.10 over two years more expensive

They, as we are, are members of Nominet so they get charged exactly the same for UK domains as we do. Interestingly their .com is £9.99 + vat

So onto protection…

Lets say we go bust today. There is more chance of me giving birth to twin headed alligators but I digress..

For all non-uk domains, eNom would be able to step in and allow you to manage the domain, move to another provide just by contacting them. Their response time is about 4 hours which for a multi-national is unheard of.

For UK domains, Nominet would be able to update the IPS tag in about ten minutes after a phone call allowing you again to move the domain.

Protection all round…

So to summarise, for the sake of a few pence per year you are going to a multi-national company, both of whom do not have a crystal customer service record and there is absolutely no risk whatsoever from buying from the “little guy” as long as you have done your research.

Domain name registration

Installing PHP on IIS6

OK I’m replicating this article on our blog here as it is the only guide I have come across that works flawlessly every time.

Full credit goes to the author for the original article which can be found here:

http://blog.tjitjing.com/index.php/2006/05/php5-with-iis6-on-windows-server-2003.html

PHP5 with IIS6 on Windows Server 2003 in five easy steps

I thought installing PHP would be as easy as just using the install program. Well it wasn’t… But by learning from my mistakes it can be almost that easy.

Just follow these five easy steps on how to install and configure PHP 5 on a Windows Server 2003 running IIS – after trying the manual and several guides and tutorials found on the net (of which some were very long and very complicated and some were short and easy but partially incorrect) this is what it all came down to. Enjoy.

This is tested on PHP 5.0.4, IIS6 on Windows Server 2003 SP1. Be aware that IIS is not automatically installed with all editions of Windows Server 2003, this guide assumes that IIS 6 and Windows Server 2003 is already up and running on your server.

1. Download PHP at http://www.php.net/downloads.php. Make sure you dowload the “zip package”, the installer package won’t work.

2. Extract the downloaded zip file to a directory of choice on your harddrive. The rest of this guide will assume you are using C:\PHP

3. Add C:\PHP to your path. From the Start menu, right click My Computer and select Properties. From the Advanced tab click the Environment Variables button. Under System Variable find Path and click Edit. At the end of what is already present in Variable Value add a semicolon (;) and then C:\PHP.

4. Configure IIS. Open the Internet Information Services (IIS) Manager from Administrative Tools (found directly in the Start menu or in the Control Panel)

a) Web Service Extension. Click down to the Web Service Extension folder. Right click the folder and select Add New Web Service Extension. Set Extension Name to .PHP and add C:\PHP\PHP5ISAPI.DLL to Required Files . Check Set Extension Status To Allowed.

b) Web Sites. Click down to Web Sites. Right click the folder and select Properties. From the Home Directory tab click the Configuration button. Click Add to add an Application Extension. Enter C:\PHP\PHP5ISAPI.DLL as Executable and PHP as Extension. Leave the rest as default and click Ok.

5. All set! To test your PHP installation simply create text a file with the php extension, eg. test.php. Add the following three lines of text to it and then save it to your web site directory, eg. C:\INETPUB\WWWROOT. Then use your browser to read the file, eg. http://localhost/test.php

< ?php phpinfo(); ?>

Other things you might want to consider:

– Some tutorials state that you need to restart the World Wide Web Publishing Service after having installed and configured php. I haven’t needed to (ie everything worked fine without restarting the service) but if you do it is found under Services in the Control Panel.

– As you start using PHP, in the not too distant future you will probably need to make some changes to php.ini. PHP works fine without the php.ini file but you really should have one and it should be in your Windows directory. Copy C:\PHP\PHP.INI-RECOMMENDED to C:\WINDOWS\PHP.INI

– If you are going to use MySQL you will need to make sure to uncomment the line “extension=php_mysql.dll” in php.ini and copy C:\PHP\LIBMYSQL.DLL to C:\WINDOWS\SYSTEM32 (Simply setting the PATH won’t work as this is apparently hard coded in PHP5). If you don’t follow these steps you will get an error message similar to this: “Call to undefined function mysql_connect”

– Read the manual at http://www.php.net/manual/en/install.windows.php

Unlimited and unmetered hosting, what’s the difference?

Simple, one exists and one doesn’t…

Every day I come across web hosting companies who offer unlimited bandwidth and/or disk space and to this day I have never found one of these unlimited hosts that doesn’t have a fair usage clause in their terms of service but before we look at this situation, we really need to define these two words:

Definition of Unlimited

1. not limited; unrestricted; unconfined: unlimited trade.
2. boundless; infinite; vast: the unlimited skies.
3. without any qualification or exception; unconditional.

Source: dictionary.com

Definition of Unmetered

Not metered, not charged on a meter (as Internet bandwidth).

Source: wikipedia.org

The key thing to point out here is that unlimited means with restrictions of any kind whereas unmetered is simply a value that is not measured.

Now, if a host is offering unlimited bandwidth but has a clause in their fair usage terms that says something like “we reserve the right to suspend your site if you have an impact on other users” then it is not unlimited as it is restricted. Hence it is a lie, an untruth, a porkie…

But if a host says it is unmetered bandwidth then they are saying that they don’t actually measure the bandwidth you use.

From a geek point of view, the technical difference is that all servers are connected to the outside world via a network card attached to a router. These cards are only physically capable of carrying a certain amount of bandwidth as they are limited in the speed of transfer.

For example, if you have a 100MBit card, there is a limit to the amount of bandwidth the card can carry. You can, if the connection is unmetered, max out the capacity of that card each day, every day as you have reached the limit that it can handle.

As for disk space, the only companies that can offer “true” unlimited space are the Googles and Amazons of this world. Between these megaliths, they actually own the capacity to offer this level of storage. That why when you see “bobs best hosting” offering unlimited bandwidth/storage for 2p per year you should run away, quickly…

These hosts are basically overselling their servers. Overselling is simply where they will load as many accounts onto a server in the assumption that not everyone will use the available resources. They will also boot off users who use too much under their fair usage clauses…

So in conclusion, view the word unlimited with caution. Unmetered might not sound as sexy but at least it’s the truth…

EKM Powershop and PCI compliance.

Recently news surfaced that one of our main competitors, EKM powershop, have had to dramatically change the way their software works as it was revealed during a PCI audit that some store owners had been storing sensitive credit card information within their store database and then not removing the data after it had been processed via an offline terminal.

Now for quite some time Visa and Mastercard have been pushing the regulatory standards behind PCI compliance for the simple reason it is there to protect cardholder data from fraud and misuse.  In addition, it has been the case for a long while that storing the full card details including the CV2 code for longer than is necessary to complete the transaction was a practice to be avoided at all costs.

The net result of the EKM powershop audit was that their own proprietary gatway allowed store owners to obtain card details and then process the transaction offline through a terminal. They also advised customers to immediately delete card details after they had been processed.

Now there are two separate issues at play here…

Firstly the very fact that the software allowed card details to be stored in the first place is not a great practice to follow.  EKM powershop are not alone in this scenario as there are a number of eCommerce software packages out there which allow store owners to do this.  The crux of the matter is that the practice renders the software users in possible breach of PCI guidelines.

Secondly EKM powershop had to act swiftly to remove this gateway as it had transpired that certain customers were not removing card details after they had been processed.  This is in breach of the PCI guidelines and these merchants were leaving themselves open to fines and possible withdrawal of their merchant service.

Personally I feel that the store owners have been cut a raw deal here. The fact that the software allowed them to store card information in the first place simply should not have been available as an option.  Granted that the merchants were putting themselves in the firing line by not deleting the card details but software vendors such as EKM powershop and ourselves have a responsibility to their users that the software does the job required without raising possible security issues. There has obviously been a failure here…

For the record, our eCommerce software does not nor ever will store any kind of card information within its database or files.  This is simply to protect the cardholder and the store owner from this type of situation. With all this in mind I am willing to make the following offer to any EKM powershop store owner affected by this issue.,..

If you are considering changing to an alternative software provider I am willing to offer a 20% discount on our license fees and design services plus import as much data as possible from your current EKM powershop store.

If anyone wishes to take up this offer I will need clear tangible evidence that you are an EKM powershop store owner. For more information or to claim the discount voucher, please contact us through our support help desk

I don’t normally do this with competitors but on this occasion I personally feel the situation is quite shocking and a lot of people have been let down for a variety of reasons hence the offer of support…

Phil Williams
MD – Open Mind Commerce

Multiple VPN connections and Windows Server 2003

This one had me totally stumped for a couple of hours…

OK I’d setup a VPN server on Windows Server 2003 Web Edition which is something I’ve done before a number of times using RRAS (Remote Routing and Access Services), set my VPN user up and allowed them access to the server…

Went to the client computer, set the VPN connection up and tested. Bingo, connects straight away, I could map the drives etc all without a problem…

Now I then setup a second user on the VPN server for access and setup a separate computer to connect to it.

Erm… No dice. I kept getting a vague 651 or 800 error message being sent back which indicated that I couldn’t connect to the server.

I found then that if I disconnected the first client and tried connecting with the second client all was hunky dory so it was only allowing one connection at a time. After several hours googling and a chat with the data centre we established something that I (nor they) had come across before in that Windows Server 2003 web edition only allows one incoming VPN connection! The solution is to upgrade to Standard edition when the limit is raised to 1,000….

This little nugget of info is buried deep amongst the tech notes and is not really the first place you would check.

Now had I got an error along the lines of “Error code: xxx. You can only have one VPN connection to Windows Server 2003 Web Edition (you dumbass)” that would have been more helpful! Ok lose the dumbass bit but at least it would have been entertaining…

Vague error messages and response codes seem to be the hallmark of Microsoft at times so hopefully this post will help someone else out.