Archive for the ‘apache’ Category

Simple Erply and Magento integration plugin

Tuesday, April 1st, 2014

Recently I helped a company to build e-commerce website with Magento. She had existing shops already and she uses Erply with almost 10000 items which she wanted to import into e-shop.

Even though Erply and Magento both are market leaders then importing the data from Erply to Magento was poorly supported. I took existing github project, forked it, upgraded to magento connect version and fixed many issues in it. It is still not fully stable but usable, expert help is still advised. You download the plugin from here

Simplest way to integrate Erply and magento is to:

  1. Install Erply plugin from Magento Connect service
  2. Download source of fixed plugin from
  3. Copy/merge folders design, code and etc from magento-integration-master/erply/app/ to app folder in your magento installatation. This overwrites old broken files.
  4. Enjoy

Issues fixed are:

  1. Missing price, description and some other fields import
  2. Fixed big number of product import
  3. Fixed category import
  4. Many more small things

Issue with large number of product import was that it takes very long time. PHP script execution may time out and process never finishes. (more…)

But really, why java is enterprise and PHP is not.

Monday, January 21st, 2013

I have a lot of experience with Java and until this was only language I knew well I could not say out the real answer. Now recently I have been working with PHP + Laravel and finally I know the answer.

PHP by itself is not bad. Programmer can quickly hack all kinds of great things, deploy it just by copying new files to webroot and done. In that sence PHP is easy to learn and use, it is flexible and in that sense great tool for beginners.

Java, however, is more cumbersome. It requires more setup and compiling. All the data types must be strict, all kinds of places have to try catch Exceptions. It feel like a lot of extra work for nothing.

Now when we look how enterprise projects looks like. There are thousands or even millions lines of code, huge number of files, classes etc. Stack traces traces are tens and hundreds of rows. Maintaining such a projects must not leave any room for error. Making simple typecasting mistake or typing method for object that is not supported is not an option.

So the answer is:  Java is more refained, it forces you to think harder and make it more right on first try. IDE-s allow you to traverse code much more easily, leaving out all possible confusion with data types in inheritance.

Application code deployment from SVN with fast and simple rollback

Wednesday, November 28th, 2012

Most important thing in every new release is the rollback procedure. Once you discover issues in new version then you need to be able to swithc back to previous version until you work on a fix. I have developed shell script to handle the automated deployment process and which allows quick and simple rollbacks if there are no database changes that dont allow easy rollback. Main idea is to

  • download code from SVN, GIT or similar
  • copy all code to new folder
  • replace all configuration with environment related conf
  • use symlink to switch between code versions

Here is example script that handles the automated deployment for you  (more…)

Run Apache2 as specific user, non-root

Tuesday, November 13th, 2012

It is very easy but hard to find exact syntax. None of the current google top searches bring it out. You have to use mpm_itk module and exact example of syntax is here, enjoy!

<VirtualHost *:80>
    DocumentRoot /var/www/
    <IfModule mpm_itk_module>
        AssignUserId username groupname

In case you see error like this

Invalid command 'AssignUserId', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.
The Apache error log may have more information.!

Then install the mpm_itk module in ubuntu like this

sudo apt-get install apache2-mpm-itk

Error: redirect_uri_mismatch – Reset google authentication oauth api secret

Sunday, October 28th, 2012

I have a few webapps where I am using google login.  When you are running the app in different domain then you will get error like

The redirect URI in request: did not match registered redirect URI.

Also  you might want to create new app for google oauth2 login. Anyway it is for some reason very difficult to find the correct url, I always tend to end up in google apps page.

Here is the secret link  that solves all of your troubles

Observations of Roboo usability and effectiveness agains DDOS

Thursday, October 20th, 2011

Before taking Roboo into use for protection against DDOS it is needed to take a look into cons and pros of it.

Firstly nothing comes without drawbacks and sideeffects. Here are some that you need to consider.

  • Searchengine crawlers have trouble indexing site. You never want that.
  • Webservice clients have issues. Api calls might breaks and SVN server over https does not work well.
  • Developers website by itself is not using the Roboo.

Good whitelisting plan must be developed to combat valid non-browser interactions.

I did some quick bruteforce analysis of performance  with 3 virtualmachines on vmware. Target was simple vulnerable web application WackoPicko used to test web application vulnerability scanners 1 core 1GB RAM. Roboo machine was ubuntu server 1 core, 1GB RAM. Third was more powerful server where httperf was run. All of these machines were run inside one physical server on vmware ESXi.

Here are the testing results: (more…)

Configure Apache to support multiple SSL sites on a single IP

Wednesday, September 14th, 2011

You can host unlimited NameVirtualHost-s with http protocol. But how can you have many virtual hosts in vhost file over https? Not possible ????

Most of websites have some sort of CMS which has admin passwords and these must not be sent over plaintext, little security warning for admins is not a big problem. When using apache default conf and defining many VirtualHost-s for port *:443 you still see only one when you open any of these sites.

Problem can be located from error_log like this.

[Wed Sep 14 10:05:28 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Wed Sep 14 16:06:28 2011] [warn] _default_ VirtualHost overlap on port 443, the first has precedence

Solution is to explicitly tell apache to host NameVirutalHost also for port 443 in addition to 80 which is default. Make sure you have something like htis in ports.conf or similar httpd configuration file.

<IfModule mod_ssl.c>
    NameVirtualHost *:443
    Listen 443