Having your site hacked sucks!
I had noticed that some sites I admin were showing blocks of nefarious code, if you’ve never been hacked it kinda looks something like this:
echo eval(base64_decode("BAD CODES HERE"));
I was then lucky enough to dig through the sites and find all instances of the bad/offensive code. Here are some Linux CLI commands to make that much easier:
grep "((eval.*(base64_decode|gzinflate))|r57|c99|sh(3(ll|11)))" . -roE --include=*.php*
Run this at your hosting root and it will give you some standard output for each file that has the bad code. Update all those files and lock the sites down, that is, make them read only so the bad codes can no longer spread.
Now to find out where they got in. Here’s one to help read through the logs:
grep --color=auto -n 'POST' ~/PATH/TO/HTTP/LOGS/* > ~/post_hack.txt
Update the command with the path to your HTTP logs, but be sure to leave the asterisk, since you will want to search all log files. That one will print standard output into the post_hack.txt file so you can do some light reading to figure out where the intrusion originated. Most likely there will be some gibberish PHP file making a bunch of POST requests.
Good luck.
Published on September 18, 2012CSS3 I barely know you…border images are awesome!
Working on a site for a client and the design requires lots of hand drawn looking flourishes in the UI. The one that has been vexing me in laying out the markup is that of the input form field border. Enter the css3 property border-image See here for reference.
I have an image that is the height of the input elements and is the width of the max-width of the container it could appear in. So I just add this to my css file:
input[type=text] {
-moz-border-image:url("bg-input.png") 2 2 2 round;
-webkit-border-image:url("bg-input.png") 2 2 2 round;
-o-border-image:url("bg-input.png") 2 2 2 round;
border-image:url("bg-input.png") 2 2 2 round;
}
Here’s the image:
Google Maps IFRAME tricks
When doing sites I usually use the Google Maps IFRAME to drop a map onto the contact page or whatnot. I know the JS API is way cooler, but time is of the essence more often than never. So, anyway…The problem with using the copy-and-paste code from the Google Maps website is that it zooms to center on the map point, often leaving the balloon with the address outside the bounds of the iframe. What is more desirable is to have the map point and balloon zoom to fit. Well, here’s my solution to make that happen.
<iframe width="100%" height="400" frameborder="0" scrolling="yes" marginheight="0" marginwidth="0" src="http://maps.google.com/maps?f=q&iwd=1&iwloc=addr&source=s_q&hl=en&geocode=&t=m&q=The+White+House&sll=&sspn=&ie=UTF8&hq=&hnear=1600+Pennsylvania+Ave,+Washington+DC&ll=&spn=0.035898,0.055189&z=16&output=embed"></iframe>
Adaptive Images
Interesting take on adaptive images for responsive design web sites.
Published on June 28, 2012IMAP copy
I have a client that recently wanted to move onto their own hosting account. Web files were no problem, tar and gzip’d their directory’s contents in one shell window, wget’d in another, decompressed files. Done. Dump database from one phpmyadmin window, then import into another. Done. This was the easy part.
Hard part was they also wanted to move their entire email configuration. These clients are very organized, which means that there are lots of nested IMAP folders. Tried a few tools out but they either timed out, couldn’t authenticate src and dest in a single connection, or didn’t read recursively into the folder structure. Finally found IMAPcopy, a project that hasn’t had an update in six years and was still alive on the interwebs. And guess what? It worked.
Download linux binary here and source here. In case the original project page ever goes down, I have it saved here for posterity’s sake.
Since my clients are so organized they nested folders without any messages in either the parent, grandparent or great-grandparent folders. Great for organization, not so much in looking for messages, so the program skipped the first one that didn’t contain a message even if the rest of that branch contained messages. So, I simply needed to run the program, once configured with a “-e” flag, which included empty folders in its operation. Sweet!
Client keeps highly organized IMAP folders and I learned something new.
UPDATE 2018-05-08:
To simplify this whole process I now use imapsync from the command line. So just apt-get install imapsync or dnf install imapsync depending on your distro.
UPDATE 2020-01-24:
To simplify this whole process even further I recommend mbsync. I switched hosts so this made transferring multiple mailbox accounts less painful since it allows config via a file.
Removing those bothersome Facebook Canvas app scrollbars
Just did my first app since Facebook has forced timeline on everyone.
PROS: Full width page tabs.
CONS: Can’t make the page open on a page tab (AFAIK). Scrollbars if your page tab markup extends to 810px.
To fix the scrollbar issue you have to load the FB SDK and make a call to the FB.Canvas.setAutoGrow() function. This will push the iframe to the bounds of your markup, which if sized correctly, will make the scrollbars disappear.
Here’s the code:
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : 'YOUR_APP_ID', // App ID
channelUrl : 'YOUR_APP_URL/channel.php', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
// Additional initialization code here
// FB.Canvas.setAutoResize();
FB.Canvas.setAutoGrow();
};
// Load the SDK Asynchronously
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
</script>
Include the code above just after the opening body tag. You’ll also need to setup a channel file, as referenced in the code above via the “channelUrl” option. According to the FB docs you want this to cache and it’s very important that the protocols match, so make them protocol independent. Eg. “//www.website.com/channel.php”.
Here’s the code for the channel file:
<?php
$cache_expire = 60*60*24*365;
header("Pragma: public");
header("Cache-Control: max-age=".$cache_expire);
header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$cache_expire) . ' GMT');
?>
<script src="//connect.facebook.net/en_US/all.js"></script>
Also include overflow:hidden; in your CSS for the body tag so that there is no flash of scroll bars while we are waiting for things to happen when the page loads.
Reference: Facebook JavaScript SDK
Published on June 12, 2012When it all began
When it all began: 173370780
Published on May 16, 2012DD-WRT Internal Routing Hack/Fix/Mod
This hack/repair is well documented in the DD-WRT Forums but I’m including it here so I can easily find it for future reference.
I’m pointing a subdomain back to my local network which resolves to a server running apache. This works great outside the network, but internally … no dice. So the following rule needs to be applied to get things working:
Save the following commands to the Firewall Script on the Administration->Commands page to fix loopback.
insmod ipt_mark insmod xt_mark iptables -t mangle -A PREROUTING -i ! `get_wanface` -d `nvram get wan_ipaddr` -j MARK --set-mark 0xd001 iptables -t nat -A POSTROUTING -m mark --mark 0xd001 -j MASQUERADE
UPDATE: NAT loopback is once again working since build 19969. This fix should only be needed for builds between 15760-19969.
Published on May 14, 2012Yeah, what he said.
Published on May 7, 2012
Stop WordPress from wrapping <img> up with <p>
Img: “WordPress, why you wanna wrap me up?”
WordPress: “You looked cold.”
Img: “Well I’m not.”
WordPress: “Oh.”
Here’s how to stop that from happening:
// stop wordpress from wrapping images in <p> tags
function filter_ptags_on_images($content) {
// do a regular expression replace...
// find all p tags that have just
// <p>maybe some white space<img all stuff up to /> then maybe whitespace </p>
// replace it with just the image tag...
return preg_replace('/<p>\s*(<a .*>)?\s*(<img .* \/>)\s*(<\/a>)?\s*<\/p>/iU', '\1\2\3', $content);
}
// we want it to be run after the autop stuff... 10 is default.
add_filter('the_content', 'filter_ptags_on_images');
Published on April 20, 2012