Tech Stuff

Over the last couple of weeks I have started having some problems with spam showing up on various pages where I allow the a visitor to post comments. The message is always the same across all the pages. To help prevent this type of spam the visitor must register with the site and have their email address validated by clicking an activate link in an email sent to them. In the registration form there is also a Captcha. Not sure why they are choosing to spam this site as I remove any html from the comments. The IP the requests originate from were are all in Africa. My quick solution is that I am blocking traffic from in the offending IP ranges. This is only a temporary solution as eventually I figure I will start having problems with IPs originating in the US.

The other day I started searching Google for possible solutions. One option was to find a Captcha library that was more difficult to crack than the one I am currently using. In the search I came across a list of the Top 10 Worst Captchas. These are were all a little extreme, but would definitely do the job. I doubt I would get any comments with some of these.

After searching for a while I settled on reCaptcha which is a project at Carnegie Mellon University. They have libraries for the popular web languages and some plugins for applications. One of them is for WordPress which I installed earlier today. A quick blurb about reCaptcha project:

Over 60 million CAPTCHAs are solved every day by people around the world. reCAPTCHA channels this human effort into helping to digitize books from the Internet Archive. When you solve a reCAPTCHA, you help preserve literature by deciphering a word that was not readable by computers.

I’ll let you know if I have any issues with the PHP version. From the documentation it is pretty straight forward and I don’t have to deal with the image libraries anymore like I had to with my previous Captcha library.

Today VeriSign announced that it is raising the wholesale cost of .com domains from $6.42 to $6.86 a year and .net from $3.85 to $4.23.  This change is effective 10-1-2008.  This will most likely case the discount domain registrars to raise their prices roughly the same.   The cost is said to help with the costs associated with maintaining the main DNS servers.  In the announcement it mentions that “VeriSign processes a peak of more than 33 billion DNS queries per day under normal traffic conditions”.

Amazon announces the creation of availability zones for the EC2 system. Amazon describes them as “distinct locations that are engineered to be insulated from failures in other availability zones and provide inexpensive, low latency network connectivity to other availability zones in the same region”. With new web service calls you can choose what zone your instances are created in. In the past when you created a new instance you had no control over where the instance really lived.  Here is part of the email that I received this morning about it:

Availability Zones give you the ability to easily and inexpensively operate a highly available internet application. Each Amazon EC2 Availability Zone is a distinct location that is engineered to be insulated from failures in other Availability Zones. Previously, only very large companies had the scale to be able to distribute an application across multiple locations, but now it is as easy as changing a parameter in an API call. You can choose to run your application across multiple Availability Zones to be prepared for unexpected events such as power failures or network connectivity issues, or you can place instances in the same Availability Zone to take advantage of free data transfer and the lowest latency communication.

One of the problems with Amazon EC2 was the dynamic nature of the IP address that you received for each instance you started up.  For development it isn’t a big problem, but for a production system you can see the problems this can cause if you instance fails for some reason.  This morning Amazon announced the ability to have a static IP that is associated with your AWS account.  By default a user can have up to 5 static IP addresses.  The IP addresses are free of charge as long as the IP address is associated with a running instance.  If the IP isn’t then there is a charge of $.01/hr.  You can read more about this on the Amazon Web Services Developer site.

Several months ago I finally got a second monitor. After a couple days I don’t know how I ever did it with just one. I believe I have become much more productive especially as I usually have remote desktop open on one of them. If you need some proof that it can help your productivity to help convince your boss to get you a second or even a 3rd monitor I came across the a blog entry by Jeff Atwood at Coding Horror. In the post he references a study at the University of Utah.

Researchers at the University of Utah tested how quickly people performed tasks like editing a document and copying numbers between spreadsheets while using three different computer configurations:

1. single 18-inch monitor
2. single 24-inch monitor
3. two 20-inch monitors

Here’s what they found:

• People using the 24-inch screen completed the tasks 52% faster than people who used the 18-inch monitor
• People who used the two 20-inch monitors were 44% faster than those with the 18-inch ones.
• Productivity dropped off again when people used a 26-inch screen.

I came across an interesting article on the New York Times site that talks about how they used Amazon EC2 and S3 to help make their articles from 1851 -1922 available to the public online.  There was a total of 11 million articles.  They had to take sometimes several TIFF images and scale and glue them together to create one PDF version of the article.  They used 100 EC2 instances to complete the job in just under 24 hours.  They started with 4TB of data that was uploaded into S3 and through the conversion process created another 1.5TB.

One of the things I like about Firefox is that there are many people out there writing some pretty cool extensions. Below is the list of the extensions I am using and I am always looking for new ones that can improve the user experience or make my time surfing the Net easier.

DOM Inspector
Domain Lookup
DownThemAll
EC2 UI
FireShot
Live HTTP Headers
Meebo
RefControl
ScribeFire
SEO For Firefox
ShowIP
YSlow

You can find more information about the above extensions by going here.  Domain Lookup hasn’t been added to Mozilla yet so you can find it by going here.

What is your favorite extension?

Over the last week I evaluated some different online backup products to figure out which was the best for me. I ended up going with Carbonite.  Carbonite offers a 15 day free trial. After that it is only $49.95 for a year of service per computer. There is no limit on the amount of backup capacity. After the initial backup of all your files that you have chosen to protect, the software runs in the background and automatically backs up your new files and changes to existing files. The system will store different versions of files for up to 90 days and seems like only the last 5 versions.  One of the things I liked most about the software is the ability to easily tell what files and folders are being backed up. A green dot on the file/folder icon means that it is backed up, a yellow dot means it is pending backup and not dot means it is isn’t backed up. If you find a file that isn’t being backed up and you need it to, you simply right click on the file and select Carbonite on the sub-menu and then tell it to back up the file. The other big plus for the software is that it shows up as a drive under your “My Computer” and you just have to click through the folders to restore a file. The software is very intuitive to use and I will have no problem recommending it to others that are a little computer challenged.

I have been using Instant Messaging (IM) software for a long time. I started out on AIM and was able to just stick with that client for many years. Then I had some friends that only used YIM so I started running it too. Then a couple years ago I started using MSN and Google chat. I started having way too many IM programs running. Frustration set in rather quickly and I was introduced to Trillian which helped reduce it. However, soon after some offices location that I was working in started blocking IM traffic. This got frustrating as I had to start sending emails like it were IMs. I believe IM can be a very valuable tool for communication. This is assuming you are using it to be more productive and you are not busy chatting with your friends all day. About a year ago I was introduced to a web based IM program that tied many IM networks together into one client. The site is Meebo.com. Meebo supports AOL (AIM), Yahoo (YIM), Google Talk, MSN, ICQ, and Jabber. Since it is browser based and running over http protocol I can chat behind many firewalls that block the instant messaging client.  This assumes the network admin didn’t decide to block the Meebo site entirely.  Another advantage is I don’t have a need for all the different IM clients and can jump on IM on any computer with internet access and not have to worry about setting up any additional software on someone else’s computer. As an extra benefit for some is that Meebo allows you to put a widget on your website that will allow your website visitors to chat with you without them even needing an IM account.

After publishing Part I and doing some more searching on Google I came across the WordPress Automatic Upgrade plugin. The plugin will keep your WordPress installation updated to the newest version available. Reading through the comments it looks like a pretty good plugin and I’ll be recommending it to my friends who have problems keeping their versions up to date.

Previously I mentioned that you can use the .htaccess file to block access by IP address. If this is too much trouble or you don’t feel comfortable setting it, then there is another option that provides similar security. The AskApache plugin will create the .htaccess file with a username and password that is controlled at the Apache level to help secure the admin section of your blog.

A final plugin is Login LockDown which will disable the login function automatically lock out an IP range for an hour after 3 failed login attempts in 5 minutes. The plugin can be configured with different options. This will help stop the brute force password discovery.