My Github page

Finally got my sh** sorted out, I can now focus on this blog and some of the projects I want to do.

  • back to coding possibly relearn stuff (C Language, Java/Javascript) and learn new stuff (frameworks, new languages)
  • continue studying ruby and ruby on rails, python and maybe some HTML/CSS advanced stuff.

I’ve set my Github page and plan to use Jekyll on it. On next couple of weeks I may be able to put some content, develop the page a little more.

 

Continue Reading

Fun with CSS – Color Changing Webpage on mouse hover

I happen to stumble on a post while I was refreshing and trying to relearn creating websites.  I’m learning through codeschool and theodinproject which I haven’t touched in a while.

The fun part is when I’m experimenting on stuff that would be implemented on future projects.

Like how to Create a Color Changing Website Using CSS3 from DesignShack, followed their easy to follow instruction and even picked up a knowledge on my #relearncode adventure.

hovercss

You can click on this link to see it in action.   Color Changing Webpage on mouse hover

I’ll be playing with these in a little bit.

I’ll be back with my progress.

Continue Reading

Github, Twitter, and other sites Down

I thought it was my connection but it seems that was having an issue.

It seems that a couple of hours ago, a DDOS attack happened.
You can check more from this site : https://www.hackread.com/ddos-attack-dns-sites-suffer-outage/

Twitter has been up and down for the last hour that I’ve checked. Github seems to be down I haven’t checked most of the sites yet.

Continue Reading

Email Generator Project

I’m creating a simple email generator and I’m stuck with generating possible email combinations that I have provided.

I already got to the part where I could generate possible combinations with the given fname, lname and domain.

Example :

var ec1 = firstname + “@” + domain;
var ec2 = firstname + lastname + “@” + domain;
var ec3 = firstname + “.” + lastname + “@” + domain;
var ec4 = firstname.charAt(0) + lastname + “@” + domain;
var ec5 = firstname.charAt(0) + “.” + lastname + “@” + domain;
var ec6 = lastname + “@” + domain;
var ec7 = firstname + lastname.charAt(0) + “@” + domain;
var ec8 = firstname + “.” + lastname.charAt(0) + “@” + domain;
var ec9 = firstname.charAt(0) + lastname.charAt(0) + “@” + domain;
var ec10 = firstname + “_” + lastname + “@” + domain;
var ec11 = firstname.charAt(0) + “_” + lastname + “@” + domain;
var ec12 = lastname + “_” + firstname + “@” + domain;

var combinations= ec1 + ec2 + ec3 + ec4 + ec5 + ec6 + ec7 + ec8 + ec9 + ec10 + ec11 + ec12;

document.getElementById(“theresult”).innerHTML= combinations

The question is, how can I do it with the options I have below

Firstname
Lastname
Emails [“gmail.com”, “yahoo.com”, “hotmail.com” ,”aol.com”, …]

It would be something like

var a1 = firstname + “@” + emails;
var a2 = firstname + lastname + “@” + emails;
var a3 = firstname + “.” + lastname + “@” + emails;

and the result would be

firstname@gmail.com, firstname@yahoo.com, firstname@hotmail.com, …

Update 10/18 5:40am.

Using the following code :

var domain=[“gmail.com”,”yahoo.com”,”hotmail.com”,”outlook.com”,”me.com”,”mac.com”,”aol.com”,”live.com”];

for(var i=0; i<domain.length; i++) {

var p1 = firstname + “@” + domain[i] + “, “;
var p2 = firstname + lastname + “@” + domain[i] + “, “;

This only displays the last one which is always “live.com”.. back to the drawing board, and time for more coffee.

1/29/2017 : Stopped this project for a while , tried it earlier, still stumped.

Went to ask a question on stackoverflow for some guidance.

 

HA!!! solved with this ” arr.push(addresses)”. Thank you StackOverflow User LaughU for the solution.

Continue Reading

New Theme, New Adventure

Now that I changed my theme.. opted for a responsive minimalist theme.

I may have to focus more on what I need to accomplish. Since this blog has not been updated for quite sometime. Last year, I posted that I’m back but have not gotten to it. I got buried at work, got tired of all the crap I had to put up with at work. Mostly asshole co-workers, less pay, ever increasing workloads, politics in the office but enough is enough.

Time for a change of pace, change of scenery, and a change of profession. I’m going back to coding probably go back to studying Ruby, Ruby on Rails, Java, Javascript, and Python. Add in some HTML5 and CSS3.

Continue Reading

My WordPress .htaccess file

Here is what my .htaccess file looks like, Also with a brief rundown on what it does. Since this is a WordPress multisite installed in a subdomain, most of which I got from the WordPress Codex.

The default WordPress Multisite .htaccess for Subdomains

RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ – [L]

# uploaded files
RewriteRule ^([_0-9a-zA-Z-]+/)?files/(.+) wp-includes/ms-files.php?file=$2 [L]

# add a trailing slash to /wp-admin
RewriteRule ^([_0-9a-zA-Z-]+/)?wp-admin$ $1wp-admin/ [R=301,L]
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ – [L]
RewriteRule  ^[_0-9a-zA-Z-]+/(wp-(content|admin|includes).*) $1 [L]
RewriteRule  ^[_0-9a-zA-Z-]+/(.*\.php)$ $1 [L]
RewriteRule . index.php [L]

This protects your .htaccess/htpasswds, wp-config.php, error_log, php.ini

<FilesMatch “^.*(error_log|wp-config\.php|php.ini|\.[hH][tT][aApP].*)$”>
Order deny,allow
Deny from all
</FilesMatch>

This prevents directory browsing. Typing jaren.cudilla.net/wp-includes would lead you to a 404 page.

#Disable directory browsing
Options All -Indexes

Expires headers to reduce server load and Increase page load time, it tells the browser to load a cached version of the page

<IfModule mod_expires.c>
# Enable expirations
ExpiresActive On
# Default directive
ExpiresDefault “access plus 1 month”
# My favicon
ExpiresByType image/x-icon “access plus 1 year”
# Images
ExpiresByType image/gif “access plus 1 month”
ExpiresByType image/png “access plus 1 month”
ExpiresByType image/jpg “access plus 1 month”
ExpiresByType image/jpeg “access plus 1 month”
# CSS
ExpiresByType text/css “access plus 1 month”
# Javascript
ExpiresByType application/javascript “access plus 1 year”
</IfModule>

This is for leverage browser caching, according to GTmetrix, “browser caching is important because it reduces the load on your web server, which ultimately reducing the load time for your users.”

## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg “access plus 1 year”
ExpiresByType image/jpeg “access plus 1 year”
ExpiresByType image/gif “access plus 1 year”
ExpiresByType image/png “access plus 1 year”
ExpiresByType text/css “access plus 1 month”
ExpiresByType application/pdf “access plus 1 month”
ExpiresByType text/x-javascript “access plus 1 month”
ExpiresByType application/x-shockwave-flash “access plus 1 month”
ExpiresByType image/x-icon “access plus 1 year”
ExpiresDefault “access plus 2 days”
</IfModule>
## EXPIRES CACHING ##

To Enable Gzip Compression, plus compressing static data.

<IfModule mod_deflate.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml

# Remove browser bugs + Reduce pages weight by compressing static data
AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/javascript text/css application/x-javascript
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
</IfModule>

This tells the browser to actually serve a cached version or the actual page. “Cache-Control directives control who can cache the response, under which conditions, and for how long” snippet from the tldr version on Google Developers.

# BEGIN Cache-Control Headers
Header set Cache-Control “public”
Header set Cache-Control “private”
Header set Cache-Control “private, must-revalidate”
# END Cache-Control Headers

To save more bandwidth

# BEGIN Turn ETags Off
Header unset ETag
FileETag None
# END Turn ETags Off

I could still add this. According to Smashing Magazine‘s 10 Useful WordPress Security Tweaks will protect from script injections. In the light of my recent post Cleaning a defaced WordPress site. This maybe useful, extremely useful.

Options +FollowSymLinks
RewriteEngine On
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2}) [OR]
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
RewriteRule ^(.*)$ index.php [F,L]

Cool Links

Other Fine reads

 

Continue Reading

Cleaning a Defaced WordPress Site

If you have recently experienced your WordPress site defaced or hacked. You may have found the urge to call your webhost and give their customer service hell. But fixing/cleaning this is fairly simple, you can lessen your stress and lower your heart rate by fixing the website first. Then if all else fails, GO BUG YOUR WEBHOST!

Depends on the level of defacing, other hacks would just overwrite the index.php on your root folder, others would be theme-based hacks/defacing, it could be the theme’s header files or other files or a plugin with a  known exploit like revslider there would also be new files uploaded to your webserver (i.e. malicious scripts, upload scripts etc.), while the page is defaced, it also affects your .htaccess file with a redirect to let’s say a pharmacy site, a russian dating site, a michael kors online shop.

Couple of things needed

  • SSH/Shell access – PuTTy  If your webhost allows shell access, For cloud hosted websites,that’s 2 less tools needed for the repair. For cPanel hosted sites, I always stick to either cPanel’s file manager and editor or I use the following tools below.
  • FTP client – I use Filezilla, free download easy to use, fast, stable. What more can you ask for?
  • Notepad / text editor – I suggest Notepad++, better than the normal notepad as it displays scripts color coded and display line numbers for easy debugging.
  • backups (website files / database) this can be either done manually, dumping your mysql db and copying your public_html/www folder to your local computer or through cPanel’s backup wizard or if your webhost has set backups automatically through WHM. For cloud hosted websites, depends on your host if they have automatic backups.

Sites you can check :

You can check phpxref for cross referencing default wordpress files to your modified index.php file. For the default wordpress .htaccess you can check the wordpress codex. This site has saved me a couple of times, Sucuri.net’s Sitecheck gives you information regarding what type of infection your site has.

Important things to check :

  • File and directory permissions – CHMOD 755 for directories and CHMOD 644 for Files
  • Timestamps – If you have not recently modified your WordPress site, any change in the file’s timestamp “last modified date” is cause for suspicion.

If your index.php file is different from what is typed here chances are your index.php file has already been modified. All you have to do is to copy this code delete everything on your current index.php file and paste the code below.

<?php
/**
* Front to the WordPress application. This file doesn’t do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/

/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define(‘WP_USE_THEMES’, true);

/** Loads the WordPress Environment and Template */
require( dirname( __FILE__ ) . ‘/wp-blog-header.php’ );

Save the file, and reload your website. If it shows your WordPress main page, then you’re done. Otherwise you have to check you current theme’s files or better yet get a new theme.

If you are using shell access you can setdomain or setuser (if allowed by your webhost). To find hacked websites/malwares – malwares, script injections has similarities which we can easily find by searching every php file on the server

On PuTTy
You can setdomain [domain] my setdomain command does not work that is why I use setuser [domain ftp username]
copy/paste on putty or type it if your feeling lucky.
find . -type f -name ‘*.php’ | xargs egrep -i “(eval|base64_decode) *\(” > hackdwscheck.txt
This will find and check every .php file with the words “eval base64_decode” and writes it on hackdwscheck.txt (this will show a couple of php files with the searched criteria “eval base64_decode”) but you will notice that a hacked file will display something like “<?php eval(base64_decode(“ZDERagfsfdg455aRSgt565GERH656htgpOwpp…” that would be around 5000 to around 50000 characters long.
You can view and specifically modify or remove that entry on the file listed.
A more detailed article will be written next using SSH, troubleshooting cPanel hosted websites, etc.
Another tip, you may want to keep WordPress and it’s plugins updated to patch those security loopholes.
Got Other TIPS, share it on the comment area below.
You may also want to read this …
Continue Reading

Fix PS3 YLOD with a Heat Gun and Toothpaste+Vaseline

My beloved PS3 (CECHG01) died a couple months ago and I had no time, no cash to have it fixed. Browsing through the internet, I watched a couple of videos about quick fixes (towel+hair dryer trick) but I’m not sure about that fix as I’ve also read horror stories about it. Mine’s a 40gb ,heck I still have Assassin’s Creed 3 that I was unable to remove when it YLOD’ed on me. I managed to remove the disk first by turning off the main power then holding the eject button and turning the main power back to start the fan test then ejected the disk. Yey!

And I came across these videos from Youtube

  These videos are very easy to follow. Watch them first If you are doing this for the first time. I’m ready to bury my PS3 so if does work or not it’s ok.

 What got me convinced to open my PS3 and resurrect it is this video with explanations that are very practical and believable.

  PS3 how to open your Playstation 3 and get it ready for repair

 After opening up my PS3 cleaned it, removed the dried out thermal paste with rubbing alcohol. I went to look for my thermal paste which I later realized that I haven’t got any, now I don’t have the time to go to the store and buy one. So I opted for the alternative Toothpaste+Vaseline (check out the post on how to do it : Toothpaste+vaseline Adventures!!!), I’ll try the diaper rash cream (As seen on this post : Homemade Thermal Grease) next until I can buy a thermal paste if I have time. Although this fix is temporary, it’s fun to macgyver something and make it work. If my PS3 dies on me again. I’ll just buy a PS4!!!

But in the meantime, it’s time to play Sleeping Dogs and Watchdog again, baby!

Continue Reading

Troubleshooting Checklist (Downed Websites)

Troubleshooting a downed website? Here’s a simple checklist to get you started.

Try another site. Check sites such as google.com, yahoo.com or any other site? If you can’t view/access any  of those sites, then it is likely a problem internet connection. If other sites work and yours doesn’t, go to ISUP.me and see if it’s “just you” or if the site is “really down.” By knowing if the site is not showing just for you, you can isolate the cause of the issue (internet connection, browser issue)

Clear the Cache and Temporary internet files – Clearing cookies and history files can really help your browser work at optimum level.

Restart your browser – Depending on your settings) this will auto-clear your cache, history, and cookies.

    • Try a different device – Use another computer, a laptop and tablet, and even your phone.

Do a Reboot – If you’re at your home computer,  Rebooting your computer as well as your modem and router can work wonders. Sometimes stubborn OS’es tend to keep a faulty driver/software running. A quick reboot can force those malfunctioning software/drivers to close.

 

Helpful Online Tools.

    • Pingdom, a website downtime monitoring service, that can point out possible issues that may cause errors in the long run.

 

    • GTmetrix, a website speed and performance optimization service, more details on how to speed up and check for possible issues that may lead to a slow loading website and even to a downed website.

 

 

If the site displays an error message, take a screenshot, or copy the error message so you can search for the cause and fix, maybe you’re not the only one experiencing this.

Check the DNS and Zone records – you can do a quick DIG for A records, Name servers etc via this online tool Web-based Dig from ringofsaturn.com. If you are maybe pointing it to the correct host, if all seem to check out correct that it may possibly be a problem with your host.

Do a quick WHOIS – As it maybe a possible account related issue go to Who.is . Upon doing a WHOIS, if the result is anything but active then it may possibly be a reason why the site is down. (expired domain name registration, domain locked, etc)

It may possibly be a CMS issue. – Popular CMS like WordPress, Joomla, Drupal have their strengths and weaknesses and also their vulnerabilities. To detect what CMS your domain has go to WhatCMS.org. Once you know what CMS you have you can better troubleshoot your issue as there are CMS specific hacks and exploits.

  • Database Issue –  either it’s a wrong database username or password, or your database host is down.
  • Coding Issue – faulty plugins, irresponsible coding can lead to many problems make sure to update to the newset version of plugins and CMS.
    • Malware, SQL injection, defacing – are but examples of why a website can be down, this all boils down to unsecure web files, make sure that permissions are set CHMOD 644 for files and CHMOD 755 for directories. Also securing your .htaccess is a must . Check out my post regarding Cracking down on SPAM it’s regarding WordPress but it points out nifty details about securing your .htaccess file.

 

What’s your troubleshooting checklist? Care to share? comment below.

 

Continue Reading

Back In Action

Wow, I haven’t updated this blog for months now. I have been busy at work and with my baby girl. But now it’s time to revive this blog and continue with my passion: Writing.

I have lined up a couple of topics mostly based on what I do everyday at work, I might throw a couple of random topics like gaming and such.

  • Domain/Website troubleshooting
  • Database connection issues
  • htaccess tips
  • WordPress Troubleshooting
  • Common WordPress Errors
  • Troubleshooting Checklist
  • Common Email Errors
  • Blogging stuff, Tips and Tricks
  • Nifty time-wasting stuff
  • Cool games, Apps
  • Neat Gadgets and stuff
  • Awesome toys

I will try to post everyday but I will start with 3 times a week. Check out my new posts every Monday, Wednesday, and Friday.

Continue Reading

Increasing Max File Uploads for WordPress (Media Uploads)

You are blogging, your mind set on crunching all of those ideas wandering in your head, after finishing your final draft, you attempt to add pictures, videos but you get stopped by this.

wp-go-jaren-upload-new-media

Your maximum upload file size set to 1MB which for me works fine, but in case I need to upload a MP3, or a video file that would be a problem. As we know by default, most shared servers allow up to 8 or 16 MB. There’s no reason to upload an image greater than 1 – 2 MB in size. But some of still want to be bad and bend/break the rules to our advantage.

There are a couple of ways to achieve this:

 

  • Functions.php – On WP-admin dashboard, go to Themes > Editor then look for Theme Functions (functions.php)
    • @ini_set( ‘upload_max_size’ , ’32M’ );
    • @ini_set( ‘post_max_size’, ’32M’);
    • @ini_set( ‘max_execution_time’, ‘300’ );
  • .htaccess (you can check out my recent post on .htaccess modification)
    • php_value upload_max_filesize 32M
    • php_value post_max_size 32M
    • php_value max_execution_time 300
    • php_value max_input_time 300
  • PHP.INI – either you create or edit a PHP.INI file

If you are on a shared host, a php.ini file may not be in your directory. If that’s the case then we need to create a file called php.ini and upload it in the root folder. In that file add the following code:

    • upload_max_filesize = 32M (you can try 200M, even more like 1024m which is overkill)
    • post_max_size = 32M
    • max_execution_time = 300 (maximum time in seconds a script is allowed)

Keep in mind that file upload is not set by WordPress that’s why some would have a default size of 2MB, 8MB even 64MB it’s set by your webhost

You may also want to create/upload a PHPINFO.PHP file to check, to do that create a file named PHPINFO.PHP and add the following lines of code

<?php

echo phpinfo();

Save the file. upload to the directory you have your WordPress installed.  Call the script from your browser.

yourwebsite.com/phpinfo.php

 

Enhanced by Zemanta
Continue Reading
1 2 3 6