...well, at least as a security question.

This is not a new thing, and is the reason that most places allow you to define security questions other than that. With the prevalence of information available online, it really is not much of a stretch for a would-be attacker to determine; if you are connected to your mother via a social network like Facebook, where having a public maiden name is encouraged to help you be found, it becomes trivial.

If you still have “mother's maiden name” as a security question somewhere, there's no need to panic. There are two simple options. You can see if there is another question you can use in its place, and just use that one. If you can't (or don't want to) do that, lie make something up; there is no requirement that the answer is accurate, only that you can match the answer when challenged. What you should not do is demand that your mother remove that information from her profile. This is unnecessary, as the information has already been released; plus, “security through obscurity” is of limited benefit.

Just a quick tip to help keep you secure online…

After a nearly four-year run at version 2, the HCSB Verse of the Day plug-in has been updated to version 3. The latest version available is 3.0.1, which contains a quick fix that was found just after I had released version 3. When you see that “.0.1,” just think, “Oh, this was written by a human!”

Major changes in this version include:

• The addition of “(Plus)” to the name, as this version supports five different translations - in addition to the Holman Christian Standard Bible (HCSB), it now supports the English Standard Version (ESV), the New King James Version (NKJV), the New International Version (NIV), and the King James Version (KJV).
• A new settings page, where you can select the version.
• A widget, that will drop right in any widget zone.
• The replacement of several function calls that have been deprecated in the WordPress API over the past 3 years and 8 months.
• Formal dropping of support for PHP 4, following WordPress's lead in 3.2.

While a lot of the code is different, if you only used the template tags, you should notice nothing different with this release. You can download HCSB Verse of the Day (Plus) 3.0.1 at the WordPress Plug-In Directory, or upgrade on the WordPress Plug-In Administration Page in your blog.

After a little over a year running on Tech Blog 2.0, you are now viewing version 3.0. For this version, we've returned to WordPress from BlogEngine. There are several issues that colluded to drive this change, most of which surrounded PHP and its crazy behavior. (Geeky details follow - skip to the paragraph starting with “Bottom line:” if you don't want the geek stuff. I bolded it so it would be easy to spot.)

PHP's recommended configuration is to run under Apache using the pre-fork multi-processing module (MPM). The advantage to this is that Apache does not have to spin off another process to handle each request; it handles it in the same thread. However, this means that each instance of the server must have all enabled modules loaded. This means that each instance of the server (AKA “thread”) is very large, so the number of threads run is lower (typically 5-15 in a server the size we're on). Also, this means that each thread can only handle one request at a time; if you have 7 threads configured, each serving one of 7 requests, and an 8th request comes it, it has to wait for one to finish. If the requests are served quickly, this may not be a problem; however, the avalanche of request that follow the typical front-page mention on mega-blogs can easily overwhelm it.

To fix this problem, there is another MPM, this one called worker. In this scenario, there are spare thread waiting to fill requests, and these can spawn other threads to do further work if required. So, the Apache threads would realize that a request needs to be handled by PHP, and pass it off to that process to be completed. The Apache memory footprint is much smaller; it serves the images, scripts, and other static files, and passes off the requests that require heavy lifting. PHP, then, has a (FastCGI) process where it receives these requests, processes them, and returns the response to the caller. Because each of these threads only has to load the PHP requirements, they are smaller too, so you can have more threads processing at the same time; you just might survive that front-page mention! (This is the same technique applied by LightTPD and Nginx, two other servers I tried at various times.)

It is in this scenario where PHP fails to live up to its expectations. These PHP processes would simply stop responding, but the controller thinks they're still there. The end result to the user is a site that just sits and waits for output that will never come. Eventually, they may receive a Gateway Timeout or Bad Gateway error. The problem is worse on slower sites, but even popular sites seemed to fall victim to this from time to time. This was also a problem whether PHP controlled its threads, or Apache controlled them.

The one thing that really perturbs me is instability. If something is broken, I can fix it; if it works, I can fix it 'til it's broke. :) But something that works sometimes, and other times doesn't, simply won't fly. I was able to introduce some stability by restarting the server 4 times a day, but that's a band-aid, not a long term solution. I was tired of fighting.

Bottom line: the configuration required for a stable server is in opposition to a lean-and-mean configuration. So, I installed the required Apache modules, and will continue to run my PHP-serving server at a configuration twice as large as it needs to be. I'll eventually move the Mono (.NET) processes to another machine, where the fast configuration won't cause stability problems.

But, PHP isn't all bad. While I would still heartily recommend BlogEngine.NET to someone who was going to serve the blog from a Windows machine, but I had some issues getting upgrades to go smoothly under Mono. It also is optimized for fast serving, at the expense of RAM. At this point, that's not the tradeoff we need.

Finally, with this update, the blog has received its first new theme. It's a clean, clear theme that should serve the content well. Plus, the social media icons up in the corner are just too cool, IMO. I've also applied tags to all posts except the “My Linux Adventure” series, and this theme displays them. (Comments are not here now, but will be migrated shortly.)

So, there you have it. Enjoy!

Spring has sprung, the grass has riz; do you know where your HD space is? If you're running Windows Vista or Windows 7, you may have some unclaimed disk space waiting for you. (Disclaimer: I am not telling you to do anything to your computer, and I maintain no liability for the effects of the commands you enter. I'm sharing what worked for me.)

Windows Vista was a rewrite of Windows; as part of this, they developed Windows Side by Side (WinSxS) to deal with the conflicting/removed DLL issue that plagued Windows in the past. SxS maintains components, and programs continue to use their components unless they specifically ask to use a new one. This keeps upgrades from breaking older programs, and makes all upgrades reversible. With Vista currently at SP2, you probably have lots of versions of several of these components, and if you have a smaller drive, they can be pinching your disk space. If you're content with the way your computer is running, SP2 includes a utility called COMPCLN.EXE which will make these upgrades permanent by removing unused components. WinSxS knows which components are referenced by current software, so you can run this without worrying that you'll break an older program.

To run it, click the Windows icon on the bottom left of the task bar, type “cmd”, then press Enter. When the command prompt window opens, type “compcln” and press Enter. It will give you a y/n prompt, then clean the old components off your computer. Windows also makes restore points, which is a saved group of files and settings that exist before installing updates. If you're cleaning the components, you can also delete these as well. To run this, open the control panel and search for “disk cleanup”. Choose your C: drive, then click the “More Files” tab. The restore point button is in the middle of that page.

Finally, Microsoft has released Microsoft Security Essentials, an anti-virus/anti-malware program for Windows XP through 7. If you're tired of “buy the real version” nags or renewing subscriptions, this is the tool for you. It's a tool that many feel should have been included in Windows for a long time (though the reasons why it hasn't been are outside the scope of this how-to), it works well, and it's free.

The Ethics and Religious Liberty Commission of the Southern Baptist Convention is holding a “40/40 Prayer Vigil,” encouraging prayer through the end of October. While some of the prayer is focused on the upcoming elections, the focus is on national revival. They have produced a prayer guide, which details suggestions for prayer over the course of 40 days, beginning September 20th, and for 40 hours, beginning October 29th at 4pm.

We have created a web service to break this guide up into day and hour-sized chunks. The service is at this URL no longer active. There are several ways to retrieve this information.

• GetDay
  This gets one of the 40 days, by the day number. (September 20th is 1, September 21st is 2, etc.) The “day” parameter controls which day is returned.
• GetHour
  This gets one of the 40 hours, by the hour number (10/29 4pm is 1, 10/29 5pm is 2, etc.) The “hour” parameter controls which hour is returned.
• GetDate
  This gets one of the 40 days, by the current date. The “date” parameter controls which day is returned. (The time portion may be given, but it is ignored.)
• GetTime
  This gets one of the 40 hours, by the date/time. The “time” parameter controls which hour is returned.
• GetDayHTML, GetHourHTML, GetDateHTML, and GetTimeHTML
  This is the same as the above 4 calls, except what is returned is a formatted block of text that can be displayed on a web page.

In all cases, if the day/hour/date/time does not match a valid value for the vigil, a null is returned.

If you're not interested in consuming the web service, but you'd like to see the suggested prayer each day, the Hoffmantown Prayer site is displaying the days and hours on Mountain Time. This information is on the front page with no login required.

This web service will be discontinued at some point after December 31, 2010.

We've begun running Mono on some Bit Badger Solutions servers to enable us to support the .NET environment, in addition to the PHP environment most of our other applications use. While Ubuntu has nice packages (and Badgerports even brings brought them up to the latest release), one thing that we were missing was a “conf.d”-type of configuration; my “/applications=” clause of the command was getting really, really long. We decided to see if we could create something similar to Apache / Nginx's sites-available/sites-enabled paradigm, and we have succeeded!

To begin, you'll need to create the directories /etc/mono/fcgi/apps-available and /etc/mono/fcgi/apps-enabled. These directories will hold files that will be used define applications. The intent of these directories is to put the actual files in apps-available, then symlink the ones that are enabled from apps-enabled. These files have no name restrictions, but do not put an extra newline character in them. The script will concatenate the contents of that file to create the MONO_FCGI_APPLICATIONS environment variable, which tells the server what applications exist. (The syntax is the same as that for the “/applications=” clause - [domain]:[URL path]:[filesystem path].) Here's how the site you're reading now is configured (from the file djs-consulting.com.techblog.conf)…

techblog.djs-consulting.com:/:/path/to/install/base/for/this/site

Finally, what brings it all together is a shell script. This should be named “monoserve” and placed in /etc/init.d. (This borrows heavily from this script a script we found online, which we used until we wrote this one.) Note the group of variables surrounded by the “make changes here” notes - these are the values that are used in starting the server. They are at the top so that you can easily modify this for your own needs.

#/bin/bash

### BEGIN INIT INFO
# Provides:          monoserve.sh
# Required-Start:    $local_fs $syslog $remote_fs
# Required-Stop:     $local_fs $syslog $remote_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start FastCGI Mono server with hosts
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/bin/mono
NAME=monoserver
DESC=monoserver

## Begin -- MAKE CHANGES HERE --
PROGRAM=fastcgi-mono-server2 # The program which will be started
ADDRESS=127.0.0.1            # The address on which the server will listen
PORT=9001                    # The port on which the server will listen
USER=www-data                # The user under which the process will run
GROUP=$USER                  # The group under which the process will run
## End   -- MAKE CHANGES HERE --

# Determine the environment
MONOSERVER=$(which $PROGRAM)
MONOSERVER_PID=""
FCGI_CONFIG_DIR=/etc/mono/fcgi/apps-enabled

# Start up the Mono server
start_up() {
    get_pid
    if [ -z "$MONOSERVER_PID" ]; then
        echo "Configured Applications"
        echo "-----------------------"
        # Construct the application list if the configuration directory exists
        if [ -d $FCGI_CONFIG_DIR ]; then
            MONO_FCGI_APPLICATIONS=""
            for file in $( ls $FCGI_CONFIG_DIR ); do
                if [ "$MONO_FCGI_APPLICATIONS" != "" ]; then
                    MONO_FCGI_APPLICATIONS=$MONO_FCGI_APPLICATIONS,
                fi
                MONO_FCGI_APPLICATIONS=$MONO_FCGI_APPLICATIONS`cat $FCGI_CONFIG_DIR/$file`
            done
            export MONO_FCGI_APPLICATIONS
            echo -e ${MONO_FCGI_APPLICATIONS//,/"\n"}
        else
            echo "None (config directory $FCGI_CONFIG_DIR not found)"
        fi
        echo

        # Start the server
        start-stop-daemon -S -c $USER:$GROUP -x $MONOSERVER -- /socket=tcp:$ADDRESS:$PORT &
        echo "Mono FastCGI Server $PROGRAM started as $USER on $ADDRESS:$PORT"
    else
        echo "Mono FastCGI Server is already running - PID $MONOSERVER_PID"
    fi
}

# Shut down the Mono server
shut_down() {
    get_pid
    if [ -n "$MONOSERVER_PID" ]; then
        kill $MONOSERVER_PID
        echo "Mono FastCGI Server stopped"
    else
        echo "Mono FastCGI Server is not running"
    fi
}

# Refresh the PID
get_pid() {
    MONOSERVER_PID=$(ps auxf | grep $PROGRAM.exe | grep -v grep | awk '{print $2}')
}

case "$1" in
    start)
        start_up
    ;;
    stop)
        shut_down
    ;;
    restart|force-reload)
        shut_down
        start_up
    ;;
    status)
        get_pid
        if [ -z "$MONOSERVER_PID" ]; then
            echo "Mono FastCGI Server is not running"
        else
            echo "Mono FastCGI Server is running - PID $MONOSERVER_PID"
        fi
    ;;
    *)
        echo "Usage: monoserve (start|stop|restart|force-reload|status)"
    ;;
esac

exit 0

This needs to be owned by root and be executable (chmod +x monoserve). You can use update-rc.d monoserve defaults to set this to start at boot.