Articles

PHP Password Functions In 5.5

New in PHP 5.5 is a group of functions that deal with password hashing and verification. This is such a common thing for PHP applications to do that it was decided to include it into the core of PHP. They effectively solve the problem of hashing and comparing passwords that just about every PHP developer has implemented at one point or another.

There are only a few functions available but they provide all of the functionality needed to create a hash value from a password, check if the hash is valid and to check if the password hash needs to be recreated.

To create a hash value from a password use the password_hash() function. The first parameter is the password string and the second value is the hashing algorithm to use. The value PASSWORD_DEFAULT here is a PHP constant that is currently set to the bcrypt algorithm and will be changed to better algorithms when and if they are found in newer versions of PHP.

Adding iptables Rules With Ansible

Many systems and applications require certain access to certain ports and protocols. When installing these systems using Ansible it is necessary to also open up the needed ports so that the systems can function correctly. As there is no iptables module in Ansible the shell command is needed to add the iptables rules.

As an example, here is a task that adds a iptables rule to allow Apache to communicate on port 80.

- name: Apache | add apache iptable rule
  command: /sbin/iptables -I INPUT 1 -p tcp --dport http -j ACCEPT -m comment --comment "Apache"
  sudo: true

Once this is in place you might need to save and/or restart iptables in order to get the rule to be permanently saved. The following two rules will save the iptables rule and restart the iptables service. Note that these commands are specific to Ubuntu and so might not work on your system setup.

Installing sshpass On OSX Mavericks

When setting up a server for the first time with Ansible you will need to pass ssh credentials to Ansible directly to set up ssh keys. This is done by the use of the sshpass program which allows Ansible to pass your user credentials directly to ssh in order to open a connection to the server. The sshpass program is easily installed on Linux systems with the apt or yum package managers, but on OSX you will need to install it manually.

Vlad - The Vagrant LAMP Ansible Drupal development box

I’ve been using local development environments for years to work on websites. At one points I even setup some Phing scripts to create Apache hosts and databases locally so that I didn’t have to keep adding them myself. When I was first introduced to Vagrant I liked the idea of supplying a box with a project so that people could work on it without having to reconfigure their system for each project. What was missing was a good provisioning tool that wasn’t difficult to understand. I had looked at Puppet and Chef but they were just too complex and after a couple of hours of looking into each one I still wasn’t sure about how they worked.

Automatically List Directory Contents When Changing Directory In Linux

When navigating around a Linux box I tend to find I use the same two commands a lot. The first is 'cd' to change a directory, and the second is 'ls' in order to see what is in the new directory. Rather than do this over and over again I decided to look around for a good solution to automate this.

I found a variety of results on the internet, but some were simply creating a different alias that wrapped the same two commands. I found this example on superuser, which solves the problem quite nicely. Here is the example in full.

Ansible SSH Setup Playbook

It is best practice to use Ansible with SSH keys in order to create the SSH connections to the servers. This does require a little bit of extra setup before hand in order to ensure that the server can be reached by Ansible via SSH keys alone. As I have been doing this quite a lot recently I decided to package the setup steps into an Ansible playbook.

When you first set up a Linux server you will find that you are usually given root access, and it is up to you to configure it after the fact in order to have an administrator user with the correct access. With this root user we will use Ansible to log into the host, create a new user, setup SSH key access and then alter the sudoers file so that the new user can perform Ansible tasks.

Assuming that the host we want to configure has an IP address of 10.0.0.1 we can create an inventory file that looks like the following.

Vagrant: Development Environments Made Easy

Vagrant is a tool that allows the easy creation of virtual machines. It was originally developed for use with VirtualBox, but it has been extended to allow integration with other virtualisation tools. Using Vagrant you can create a particular setup that you can then share with other people without having to give them large virtual disk images.

I have to admit, when I first heard of Vagrant I didn't 'get it' and wasn't sure why I should be using it at all. Since then I have done lots of reading and talking with other developers and I am now wondering how I managed to work without it.

Ansible: The Automation Engine

Ansible is a automation and provisioning tool that makes it easy to configure systems with the needed software, configuration options and even content. It is a command line tool, written in Python, that uses SSH connections to run these actions. This means that all you need to do is have a viable SSH connection to a machine and Ansible will run any actions you want to run. Ansible can either run single commands or use what is called a playbook to run several commands. Ansible playbooks are written in YAML, which makes understanding them quite easy.

I have tried to use other provisioning tools like Puppet and Chef in the past, but these have always been difficult to get to grips with. When I started using Ansible it wasn't more than 20 minutes before I was installing and configuring software on a server. The YAML files that Ansible uses makes it easy to see what is going on and have enough features to allow for some quite complex configurations.

Drupal 7 Audit SQL Queries

When doing site audits on Drupal sites it’s always a good idea to get a feel of what sort of content types, users and taxonomy terms are available. Here are some SQL queries that I tend to use when starting out on a Drupal Audit.

Deleting Unapproved Comments In Drupal 7

I recently came under a spam attack that gave me a bit of a problem to sort out. Over the course of 24 hours my blog received over 50,000 comments, all of which were utterly useless. What was good was the fact that my tiny little VPS server managed to stay available for most of the attack.

Due to the vast number of comments the normal administration form in Drupal became a little useless. I could only delete 25 comments at a time, so after an hour of this I decided that I needed to run a few SQL statements to clear out all of the unwanted comments in the database. I thought I would write up the commands I used in a post.

The first thing to do was to delete any unapproved comments from the comments table.

DELETE FROM comment WHERE status = 0;

Next, the comment body fields in the field_data_comment_body table also need to be removed. This was done by also cross referencing any missing comments from the comment table.