We Eat Bricks :: Web Development Blog

Recently I had the misfortune of installing Norton 360.

It was supposed to provide an all in one Antivirus, Antispyware , firewall solution and retails at $80. I installed it on a beast of a machine, plenty of memory, processor power exceeding stated requirements but Norton 360 managed to slow it down to a crawl rendering WinXP virtually unusable for up to 5 minutes after boot up and intermittently thereafter. I think it safe to say that up to that point we had not experienced a virus attack or security breach that caused as much chaos!

And ironically after installing Norton 360 the machine was promptly infected with the Netsky virus.

Thanks a bunch Norton!! What happened to that company?

Anyway bye bye Norton 360.

Why pay money for such shoddy software when you can get the most important elements free?

Try the following:

For your Antivirus software, download and install AVG Anti-Virus Free Edition.

For your firewall software, download and install ZoneAlarm® Free Firewall.

Lastly to handle Spyware download and install the Ad-Aware 2007 Free

I have used these for some time, they work great AND and work with WinXP, not against it. Are you listening Norton?

Summary

We need to provide HTTPS support to test your rails application on your local server. Sensitive data such as passwords are submitted during login and register stages and we want to encrypt the transmission of this data between the client browser and the server. The HTTPS protocol proves this security.

For developing we currently run the Mongrel server. To achieve HTTPS we need to put an Apache server in front of this Mongrel server. The Apache handles the SSL encryption, certificates etc and acts as a type of proxy to the Mongrel rails server.

The end result of the following steps is a Rails app that works with HTTPS.

Install SSL enabled Apache

Install an SSL enabled Apache. The fastest and most convenient method I’ve found is the XAMPP installer.

It’s a one click installer. Download and run. SSL enabled Apache is one of the programs installed that’s what we’re interested in. Ignore the rest (PHP etc).

WINXP

http://www.apachefriends.org/en/xampp-windows.html

MAC OSX

http://www.apachefriends.org/en/xampp-macosx.html

Or if you’re feeling brave install and configure an SSL enabled Apache yourself.

NOTE: mySQL is also installed with XAMPP. However if it causes confilict with your exisintg mySQL you can turn it off via the provided admin panel/command line and use your existing mySQL.

Configure Apache to work Mongrel

Having insalled the XAMPP you will have an Apache directory conf that contains the Apache configuration files.

Edit the Apache file conf/httpd.conf.

Uncomment the following lines:

LoadModule proxy_module modules/mod_proxy.so

and other proxy modules mentioned.

Also uncomment

LoadModule headers_module modules/mod_headers.so

In the Apache file conf/extra/httpd-vhosts.conf edit the following:

Make sure this line exists

NameVirtualHost *:80

Add the following vhost

<VirtualHost *:80>

ServerName Mydomain

ProxyPass / http://localhost:3002/

ProxyPassReverse / http://localhost:3002

</VirtualHost>

To make the above vhost work for us we also need to edit the hosts file in WinXP. Mydomain

WinXP

C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 Mydomain

And on the MacOSX, add the same to the /etc/hosts

Start the Apache server

At this point you will have Apache server set up. Start the Apache server.

Test your Apache is running, browse to http://localhost, you’ll get the Apache XAMPP page with some useful tools.

Start the mongrel server

At this point you will have Apache running so start Mongrel

ruby script/server -p 3002

Now browse to http://Mydomain

Browsing to the URL http://Mydomain takes you to localhost (127.0.0.1) via hosts file you edited and there an Apache vhost checks the URL, and sees that it is Mydomain then passes it onto the Mongrel server running http://localhost:3002

Enable HTTPS

Configure Apache to use SSL and configure Mongrel to know about it

Edit the Apache file conf/extra/httpd-ssl.conf

Inside the vhost <VirtualHost _default_:443>

Comment out

DocumentRoot “C:/xampp/htdocs”

Put in the following

ServerName Mydomain:443

ProxyPass / http://localhost:3002/

ProxyPassReverse / http://localhost:3002

RequestHeader set X_FORWARDED_PROTO “https”

At this stage start your development environment is set up. Just start Apache, and Mysql then run your rails app and browse to http://Mydomain to view it.

Now requests to https:// urls in Rails app should work.

Set up Rails to work with SSL protocol

The following steps were required to set up the rails app to work with the SSL protocol.

Make sure that the SSL plug-in for Rails is installed.

ruby script/plugin install ssl_requirement

Next edit the ApplicationController, add the line ‘include SslRequirement ‘

class ApplicationController < ActionController::Base

include SslRequirement

Now you can set policies for individual actions in each of the controllers.

EG

In the AuthController we want the login and the authenticate action accessible via SSL only.

class AuthController < ApplicationController

 

ssl_required :login, :authenticate

Now requests to http://Mydomain/login will redirect to https:// Mydomain/login

The End.

References

Mongrel and Rails behind Apache 2.2 and SSL

http://blog.innerewut.de/2006/06/21/mongrel-and-rails-behind-apache-2-2-and-ssl#comment-form

“Agile Web development with Rails”, Page 612

I recently posted on this topic.

OK forget that.

It will remove the quicktime player, but the audio will stay playing. Only in IE of course.

You’ll need to use Javascript to stop the quicktime movie.

The best guide I’ve found to do this.

Interesting article on how Netvibes can be configured into a ‘Blog Maintenance Start Page’,

Blog Tip: Creating a Blog Maintenance Start Page with Netvibes

Startpages are gaining in popularity with Netvibes boasting of the user base of 5 million. The concept reminds me in one sense of the ‘portal page’ concept of the late 90s. Damn that makes me sound old.

The idea being you could start your internet session at this page that provided a collection of stories and articles. At the time the content was company specific, the Eircom portal page offered some news but mainly pushed their services. But the usefulness of a portal is determined buy the relevancy of the content, the one size fits all portal approach the late 90s could not deliver to the individual on an individual basis. You start to search and Google become everyone’s start page.

These days the technology has come along way and utilising the aggregated web served by widgets, users can create ‘personalised’ startpages, the next generation in portals.

Interesting times ahead for the web industry.

Powered by ScribeFire.

This tip is specifc to Wordpress blog users. Install the following plugin, the All in One SEO Pack .

It is configured to add post/blog related data to the title, description and keyword meta tags in the HTML of your blog and posts. This should help in your quest for Search Engine Optimisation.

Surprisingly I didn’t have meta tags for description and keywords so I’ll keep an eye my blog stats and report back if the addition of said info does have an effect.

UPDATED please see this post.

Let’s say you have a quicktime movie, and it’s marked up in your HTML using the <object> tags.

In Firefox you can use the removeNode(id of your quicktime object tag) method to remove quicktime object. This works fine.

However in IE 6 and IE 7 this will not work. Surprise, surprise! The quicktime object/player will stay on the screen even though it does no longer exist in the DOM. You’ll need to refresh to get ride of it. Not very nice!

To properly remove a quicktime object using IE6 and Ie7 using javascript you’ll need to do one extra step.

What you’ll need to do is first set the css display property of the quicktime object to none.

Now you can use the normal removeNode(id of your quicktime object tag) to remove it.

So something like this

var e = document.getElementById(’id of your quicktime object’);
e.style.display = ‘none’;
document.body.removeChild(e);

A Google sitemap is a file on your website that lists your pages in a google friendly format. A google sitemap can help the Google search engine to index your site more successfully.

To create the sitemap I used the fantastic Google Sitemap Generator for WordPress Plugin.

It’s a great plugin, it will automatically update the sitemap when I add new posts or pages to my wordpress blog.

Nice!

Good luck.

Got an error while attempting to use the web browser on the Nokia N95.

“Web : unable to complete operation”

It only occurred on webpages with server side scripting, like login pages etc.

The only way I could get past this error was a hardware reset of the phone.

“Turn off the mobile device. Then press and hold “3?, the “Green button” and “*” - Turn on and keep holding the keys untill the mobile phone restarts and prompts you to enter details.”

Thanks to Abdul Aziz for reset commands.

Be warned though, a hardware reset will delete all your files on the mobile, your SMS messages, your saved preferences and any applications you’ve added fortunately. So use as a last resort.

Powered by ScribeFire.