WWW posts

Web development, my site, server, career, programming, the world wide web, and related topics

In Mac OS Sonoma, browsers now require and the OS will ask for the “Local Network” permission to access local websites. I didn’t know why it was asking and didn’t allow it, but then couldn’t access my sites. I had to go to “System Settings”, the “Privacy & Security” pane, select “Local Network” and turn on for my browser(s) to get access again.

If it matters, my local dev setup uses domains set in /etc/hosts pointing to IPs of VMs run by VirtualBox, managed by Vagrant, set up like web.vm.network 'private_network', ip: '192.168.56.1'.


Site partially static

I am pleased to say that most of the non-blog parts of my site are now served from static files. I have been working toward making a static version of my site for a while. I have created a PHP static web task that can crawl a site and turn the responses into an Apache friendly directory structure. Those pages now can be served extra fast, without going through PHP, and could be served on a free static host if I wanted. To go static, I not only had to write the code to build the static files, but also had to modify my site code to have the desired output when called from that context and modify my Apache configuration to respond correctly and add some headers that were being added by PHP before.

Continue reading post "Site partially static"

Compact about:profiles in Firefox

Firefox allows us to create multiple browser profiles to separate our activities, such as work, personal, finance, etc. It has an about:profiles page to manage and launch these. The page has not gotten much UX love and does not make very good use of space. On load, I can’t see the full second profile on my laptop (Macbook) screen. After living with this a long time, I decided to use userContent.css to customize the appearance so everything fits on one screen and I can quickly and easily find the two things I need most of the time: Each profile’s name, and the button to launch it with.

Continue reading post "Compact about:profiles in Firefox"

Readable query output in MySQL CLI

I tend to prefer a GUI like Sequel Pro for looking at database data, but since Sequel Pro doesn’t support MySQL 8+ and I haven’t settled on an alternative, I found myself needing to use the CLI. It also can just be faster to use for new or rarely accessed servers or whatever, and is nice and lightweight. However, it wraps query output by default, and with many or wide columns, it can become very hard to read and figure out which data is in which column. Recently, I went looking for something better, and found a StackOverflow question with a couple ways: outputting vertically, and using a pager with a nowrap option set.

Continue reading post "Readable query output in MySQL CLI"

xz backdoor

Reading this weekend about a backdoor introduced to the open source xz project. It doesn’t appear to affect my Ubuntu servers, so I had assumed it wasn’t relevant to me. However, the homebrew version on my Mac was “vulnerable”. It sounds like the exploit would only work on some versions of Linux, but if it does work on Macs, that could be bad. I do a lot of stuff on this computer, including banking, email, coding, etc. They know about it backdooring ssh, but if there’s something they don’t yet know about, it might be a problem.

I have a Fedora install as well. I haven’t checked it yet, but Fedora is usually on the bleeding edge, so if it’s on there, I’ll probably wipe and reinstall. I’ve been considering anyway. Luckily, I don’t do anything important on there.

Even if it didn’t actually do anything bad on the Mac, it may have done something. I had noticed some weeks or months ago (I can’t remember when) that running PHP on the command line was going slow. Running anything would take a minimum of about five seconds, including something simple like php -r 'echo "hello\n";'. I know when I had been making scripts in the past they hadn’t been taking long at all. I did some searches on the web for anybody mentioning something like that and couldn’t find anything. So I kinda just figured maybe it had something to do with the new opcode / whatever cacheing newer versions do or something, like it takes some initial setup that the server can reuse but not the command line. I assumed I was stuck with it and even started moving some scripts to bash partly because of it. When I downgraded xz via homebrew though, I decided to test it. time says the simple php -r line took 0.092 seconds. Nice and snappy. So maybe xz was doing some checks to see if the device was exploitable. It was in the dependency graph of PHP through curl and gd. Can’t say for sure that it just sped up though and if the xz change was what caused it.

I’m glad my scripts finally run quickly again, but hope that nothing was exploited here. I’ll keep an eye on the web to see if anything comes up about Macs being exploitable, and if so I’ll probably reinstall the OS to be safe.

Note: If you have used homewbrew to install PHP, curl, or anything else that might depend on xz, run brew update; brew upgrade to be safe. The dangers of being on the bleeding edge I guess.


Vim terminal mode config

Vim has a couple ways to run terminal commands from the editor. From ex command mode, :! will allow running a single command before breaking back to Vim, while :term will open a new terminal window within Vim, by default in a split, to run as many commands as you want. There are several settings in my vimrc that I add to make working with these terminal modes easier and nicer. I will share some of them below.

Continue reading post "Vim terminal mode config"

SSH to directory

I have been using SSH configuration a lot to make short hostname aliases for sites I SSH into frequently, but I recently figured out how to use it to change to a certain directory by default when logging in. At work, our sites each have their own user with their own site project directory. Most of the time when I log in, I want to go to the project directory instead of the default, the home directory. I cded manually each time for a long time, but decided to look up a better option, and found a config option on ServerFault.

Continue reading post "SSH to directory"