Any good web host will secure the contents of website directories which don’t have an index page by not allowing the files or folders to be listed, instead you’ll get a 403 error page saying access is forbidden. Whilst this is good in practice, sometimes you might actually need to list the contents – and its simple to enable on an Apache web server – add one line to your .htaccess file and you’re done!
How it’s done
- If you have access you can edit your web server configuration and make it global
I used to be a customer of popular cloud backup service Livedrive. The upload and download speeds were nothing to shout about and one annoyance was having to pay extra to add a NAS drive to your account, but there is a workaround!
All you need to do is add a symbolic link to your NAS drive from your computer. Think of a symbolic link as a fancy shortcut, the only difference being it masks the destination instead of taking you straight there – you’ll see what I mean when you read on.
Imagine you have a Windows computer with your NAS drive with the root of the drive already mapped to Z:, you have a folder on your NAS called MyFiles and would be able to browse to Z:\MyFiles to see whatever is stored there. Next imagine we have a folder called C:\Backup which is already uploading to your Livedrive account, using the following command we will make C:\Backup\MyFiles lead to your NAS and in turn be included with your Livedrive backup.
mklink /d "C:\Backup\MyFiles" "Z:\MyFiles"
For me, this worked absolutely fine and I had a couple of TB uploaded without ever being caught out. I’ve since jumped ship to Amazon Drive, whilst it is more expensive per year I’ve got it running from multiple computers and the upload and download speed always tops out my connection, so I can’t complain!
- Use the above guide at your own risk – I won’t be held liable if anything happens to your Livedrive account, files or anything else because of this!
- This doesn’t work with Dropbox or Google Drive – sorry
- You only need to run the command once, after that the link will be remembered
- To remove the link just delete it as you would any other file or folder
Recently I created a script that uses the Bad Bots database where a list of bad bots is retrieved and then parsed into iptable firewall rules to prevent further access from known bad hosts.
More information can be found at GitHub here.
The Internet is an amazing place where we can expand our knowledge – or – just look pictures of animals with funny captions, but have you ever wondered to yourself who owns that domain, who took the time to build that amazing website, see if a business is legit or maybe you just want to learn a new nerdy skill?
A domain name can be registered by anyone so long as its available and not registered to anyone else, and can be bought at anytime through hundreds, thousands or maybe millions of companies known as domain registrars. The job of a domain registrar is to take money and convert it into domain registrations as they are essentially the middle men between the domain registries (the top dogs of the domain world, the owners of the bit after the dot) and ourselves.
When a domain is registered, regardless of the registrar used, contact details will always need to be provided. These details form what’s known as the legal registrant and can be either a company or an individual who will legally own the name for however long it has been registered for.
That’s great but what next? Well here comes the juicy bit! All that information is kept in a global database known as the WHOIS database (pronounced “who is”) which is free to browse and will give an insight into any domain registration.
The following guide will show you step by step how to query the WHOIS database for free with no special software required. To keep things simple I will be using a website that I created which has a built in WHOIS tool.
- First things first we need to head to the WHOIS tool, click onto the following link or type it into your address bar directly: http://www.nerdtools.co.uk/whois/
- Once the website loads you’ll see a box where it asks you to enter a domain name, enter the domain which you would like to query and press Enter or the “Let’s do this! >” button
- After a few seconds you’ll be redirected to a new page that shows the domain details in a similar format to one shown below:
- As you can see from the screenshot above a lot of information is returned, so much that it doesn’t all fit on screen without scrolling but once you read through you will easily see who owns the domain, when it was registered, when it expires and other useful information
- In the example above you can see no “Registrant’s address” is returned, this is because its a .UK domain and Nominet (the registry behind all .UK domains) allow the address to be hidden for any non-trading individuals, but with domains such as .COM, .NET, .ORG the information will always be available
- Depending on the domain name things may look a little different to the one in the example
- Any changes to a domains details can take up to 24 hours to show so things may not always be accurate
- There are strict terms that need to be followed when it comes to using the information returned from a lookup and these can be found usually be found at the bottom – It’s not shown in the screenshot as it was so big, to see them click here and scroll down
- Sometimes registrars offer a privacy package that will hide the registrants contact information and replace it with the registrars instead, if you see a domain like this that’s trading as a business stay well away as it could be up to no good!
There may come a time in your nerdy life where you want your computer to automatically log in at boot or whenever anybody signs out, this can be especially useful if you are running software that needs a user to be constantly logged in.
For example, I run CCTV software on my computer via a user called Console, the software displays live camera feeds on a second screen at my desk, the same signal is fed via a splitter through network cables eventually reaching various screens dotted around my house.
The setup requires my Console user to be constantly logged in, be it when the system boots or after I have finished checking my emails or being nerdy.
It is fairly straight forward to get going, in my case on Windows 10 Pro I ran the built-in netplwiz(.exe) utility and added one string value to the registry.
Part 1: Configuring automatic login at boot
- Run netplwiz(.exe) and uncheck the box saying Users must enter a username and password to use this computer.
- Press OK then enter the username and password you want the computer to automatically login as and press OK again
That’s the first part completed, so now whenever you boot your computer it will automatically sign in as the user account you have set.
Part 2: Configure automatic login when signing out/switching user
The next part involves adding a regsitry key with a string value, once this was done I found it worked straight away without having to reboot my machine.
- Open regedit(.exe) and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Right click on Winlogon and select New > String Value
- For the value name enter ForceAutoLogon, double click the line you just added and enter the value date to 1
That’s it! Now when you sign out it will automatically sign back in to the user account set in first step.
- If you want to log in as a different user, hold the shift key whilst locking your account, you’ll then see the normal Windows login screen
- You can do step 1 via the registry if you want, but why over complicate things!
The following commands can be used to install Webmin 1.610 on CentOS 5.8. Make sure you’re logged in as root and then follow the steps below.
Select a temporary directory to save the download to. We will only use the downloaded file once so it’s pointless keeping it.. free up space and put it in /tmp!
Begin the download of Webmin using wget:
Install Webmin by unpacking the archive:
rpm -Uvh webmin-1.610-1.noarch.rpm
Done! You can now login to your fresh installation of Webmin by heading to http://hostname-or-ipaddress:10000 using the root username and password.
- If you don’t have a server to try this on I’d recommend DigitalOcean hands down – virtual servers start from $5 a month
Recently I began to see an increase in malicious login attempts to my servers from bots (ie. automated attempts to login via FTP, POP/IMAP, SSH and so on) which gave me an idea for a new side-project on NerdTools known as the Bad Bots Intrusion & Spam Detection database.
After a few hours of developing a database was generating before my eyes of all the bad bots and their failed attempts, which then got me thinking, aside from using the database with a firewall can this be intergrated with WordPress to stop spam before its even posted?
A few more hours developing and I have now created two plugins which are listed in the WordPress extension directory. One is called NerdTools Bad Bots Spam Reporter which cleverly and annonymously reports the IP address of an author whenever a comment is classed as spam, and the other is called NerdTools Bad Bots Spam Defender which again annonymously screens every authors IP address against the database and if a match is found it won’t allow the comment to be saved.
Going a little deeper into the reporting plugin; when a comment is classed as spam the authors IP address is reported to the database but it won’t be entered straight away, our system will wait and see if any patterns form, if so it will then be entered and further comments will not be allowed.
It may seem madness having two seperate plugins to work as one but I didn’t want to force people into reporting comments if they don’t want to and vice versa with the defending plugin.
In terms of infrastructure the database is hosted on a high performance SSD server which has memcache enabled. Future plans include clustered servers for even greater performance.
Not bad for a few hours work!