To all you sexy programmers out there…

I got a tip from my contact form the other day about a “Super Sexy Mortgage Calculator Contest” going on at the Virginia Mortgage Research Center.  They’re holding a contest for the sexiest mortgage calculator, and shoveling out $10,000 to the winner.  You can get complete details here:

http://www.mortgageloanplace.com/mortgage-calculator.php

I’m too busy nowadays so I’m not going to be participating in this one, but the referring party does get $1000…that for me would buy a lot of alcohol and porn school books.  So if you feel like participating and want to win an additional $1k for me so that you can own me for the rest of my life, make sure you mention v-nessa.net as your referrer.

To check this out to make sure it’s not a scam, you can check them out at the BBB site:

http://www.bbb.org/stlouis/business-reviews/mortgages/va-mortgage-centercom-in-columbia-mo-310024839

I was looking around for some web data scraping software and came across Mozenda.com, which is a [paid] Web Scraper and web data mining software that parses web data in a variety of formats, like CSV, RSS, and XML.  I signed up for the trial and the software really did do what it claimed to, and was really easy to use.  The guy that heads the service offers a cool demo here:

http://www.youtube.com/watch?v=kKrdFiilqXM

Only real downside is the pricing…most code gurus can probably come up with a more basic yet less costly way of doing the same thing.  Pricing starts at $49.95/mo and goes up to $1995/mo, but also has an option to pay as you go.  For  a business this would probably be petty cash and worth the expense, but for the average blogger like me, it’s a little out of the price range.  However, I probably could never code an application or service as feature-rich as the product that Mozenda provides which is why I was considering them.

For those of you wondering WTF I’m talking about, data mining is simply the process of collecting and organizing data, in my case, from other websites.  When you have a handful of 100+ sites, it’s more efficient to have a bot do it for you, kind of like what search engines use to index millions of sites on the Internet.

So I now know what happens when you don’t upgrade Wordpress for half a year.  Yes, I admit that my site’s theme was hacked with some nasty Javascript inserts that ended up getting me tagged by Google for the second time now.  Luckily nothing was that much out of place,but a couple of my posts were altered to become permanent stickies, and the dates were changed. No worries, everything is should be back to normal now.

…But…my Twitter account was suspended for “strange activity” and has yet to be reinstated by the Twitter staff.  I also found out that my roommate hates me because I party with his ex-girlfriend who happens to have been a friend of mine since high school.   To top off the week, I finally get to the beach today only to find out that there are no wave. This week has just been full of fun.

In case anyone out there was wondering what we at InMotion Hosting do here in the east coast office when the sun goes down:

A lot of people don’t realize how easy it is to write an API with PHP. It really is as easy as having a simple PHP script accepting GET variables, and when you add in some security, you can pretty much do anything you want with a single script that accepts variables from any authenticated source.  So a little while ago I posted about the new cPanel XML API and how to integrate that with your own scripts – well now, I’ll use that as an example to show you how to write an API for their API, a.k.a, an API connector.   Though in real applications you wouldn’t need an API, all you’d need is a PHP script that accepts GET or POST input to perform some kind of action. In this example, we’ll have a script that automatically adds DNS zones to a nameserver that runs cPanel as well.

Most APIs do the same thing – you have a script, then that script accepts post/get variables, then does something.

The Interface (addzone.php):

You guy remember the one I posted a while back – well, we’ll use the same one only a tad different.  This is the script that runs statically on the server, which accepts the variables passed through the URL:


<?php
// API for adding a DNS zone to ns cluster
$isinclude = “1″; // specifies $isinclude for xmlapi.php
// GET & POST definitions

$key = “098f6bcd4621d373cade4e832627b4f6″;
$domain = $_GET['domain'];
$ip = $_GET['ip'];

// Validation – make sure that we have the right information

if($_POST['key'] != $key){ echo “Invalid key!!”; die(); }
if(empty($domain)){ echo “Domain value missing!!”; die(); }
if(empty($ip)){ echo “IP Value missing!!”; die(); }

$theServer = “ns1.v-nessa.net”; // the server to connect to
$apiPath = “/xml-api/adddns?domain=$domain&ip=$ip”; // the xml api path

$user = “root”; // use to connect to whm as

// ns1 hash (whm > remote access)

$rhash = “e9917f16b3fda69137192725a06b68e7
230e99fd445473807e33d637878641a5
–edited out for sake of length–
f673567ab443acedc77f9aec62ff953f”;

// Include the API connector
include(”xmlapi.php”);

// Output XML Result
$xmlObject=simplexml_load_string($xmlresult);

echo $xmlObject->result->statusmsg . “\n”;

?>

The file that is called via include() is the basic xml function file which constructs all of the variables from the outser script (shown above).  You can get a copy of of xmlapi.php from here, but for this example you need to comment out the output.

Now all we need to do is pass the variables that the script needs in order to know what information to process, which is $ip and $domain.  Therefore, in order to successfully call this API, you would enter the following in a browser:

http://v-nessa.net/api/addzone.php?domain=test.v-nessa.net&ip=205.134.252.71

This will pass the ‘domain’ and ‘ip’ variables to addzone.php, which uses the XML API to connect to WHM and add a dns zone on the nameserver ns1.v-nessa.net.  This is a problem though – what’s to keep outsiders from finding this and abusing it?  Well, there are several forms of non-interactive authentication you can use, such as:

• Have an allow list of ips that can access the script (look up environmental variables at php.net)
• Requiring a key or token

I generally use a key, though there are better ways to do this.  The way I’m about to show you is simple and secure, but slightly limits the way your API can be called.

First, I generated an md5 hash and defined it in the scipt (remember $key = “098f6bcd4621d373cade4e832627b4f6″; ?).  Then all I need to do is make sure that key is used whenever I call the API. Notice that in addzone.php it’s defined as a POST variable?  That is mainly for preference but you can just as easily make it a GET variable and just add it to your URL line.  Here I want it to be posted, so I can call the API through cURL as follows:

curl -k http://v-nessa.net/api/addzone.php?domain=test.v-nessa.net&ip=205.134.252.71 -d key = “098f6bcd4621d373cade4e832627b4f6

And there you have it! A very simple way to write an API using POST and GET.

So if you read my post a little while back about my lasting suspicion that my roommates and I are giving room and board to a few unwanted furry little bastards, I can now confirm that my suspicion is correct. On Christmas eve I was doing some dishes and I noticed that Capone was staring blankly at a cabinet by the refrigerator. After Harley joined him and they both sat and stared at one for a good 10 minutes, I figured they just wanted something in the cabinet so I opened it up to see what was so appealing. I swear as soon as I did that Capone stuck his face in there and Harley pushed him aside and just dove in, pulling out something in her mouth as well as a shelf full of vases that came crashing to the floor.

It was about then that I heard this squeaking noise like what you hear in dog toys, and realized that she was carrying a big stinkin’ rat in her mouth. Though the thing had just gotten caught in a rat trap that our exterminator put in and was well alive and dangling out between Harley’s teeth, the entire kitchen started to smell like someone microwaved a dead fish wrapped inside a tortilla filled with pickles.

You can thank my sister Torie for wanting to document this experience by taking pictures:

So what do blood-hungry puppies do after catching furry intruders? Well, Capone says, “Please sir may I have another” :

Then they both pass out from a hard night’s work:

I can think of a few things that are wrong with that title but in all seriousness…don’t you ever wonder where cPanel stores the config changes that you make in WHM?  Automation is the key nowadays, and lately that’s required me to get a little down and dirty with cPanel to find its deepest secrets. *This information is not official documentation, nor is it backed up by cPanel or set in stone.  In other words, don’t blame me if you mess up your server.

These are files that store the information read and used by WHM (as of 11.23.6)

• IP addresses: /etc/ips
• Reserved IPs: /etc/reservedips
• Reserved IP reasons: /etc/reservedipreasons
• IP address pool: /etc/ipaddrpool
• Access hash (WHM remote access key): /home/user/.accesshash or /root/.accesshash
• cPanel update preferences: /etc/cpupdate.conf
• Basic cPanel/WHM setup:  /etc/wwwacct.conf
• System mail preferences: /etc/localaliases
• Exim open relay list: /etc/alwaysrelay
• Server-wide max emails per hour: /var/cpanel/maxemailsperhour
• Tweak settings: /var/cpanel/cpanel.config
• Packages: /var/cpanel/packages/
• Features: /var/cpanel/features/
• User data: /var/cpanel/users/ and /var/cpanel/userdata
• Apache templates: /var/cpanel/templates/apache(1,2)
• Exim config template: /etc/exim.conf.localopts
• Exim mail IPs: /etc/mailips
• rDNS for mail ips: /etc/mail_reverse_dns
• Clustering: /var/cpanel/cluster/root/config
• Service manager: /etc/chkserv.d
• Users and their domains: /etc/userdomains
• Users and their main domains: /etc/trueuserdomains
• Users and their owners: /etc/trueuserowners
• Main cPanel IP: /var/cpanel/mainip
• cPanel version: /usr/local/cpanel/version
• Resellers: /var/cpanel/resellers
• Reseller nameservers: /var/cpanel/resellers-nameservers

These are a few scripst that you can use to achieve the same  results of their WHM equivalents:

• Initialize quotes: /scripts/initquotas
• Compile Apache: /scripts/easyapache  (you can pass additional options – see EasyApache 2 docs)
• Update cPanel: /scripts/upcp
• Enable/disable tweak settings: /scripts/smtpmailgidonly on|off
• Change PHP API and suExec settings: /usr/local/cpanel/bin/rebuild_phpconf
• Suspend an account: /scripts/suspendacct <user> <reason>
• Terminate an account: /scripts/killacct <user>

Obviously there are a ton more, and just about anything done in WHM can be done directly on the server.  The main things to remember:

Scripts are mainly stored in /scripts and /usr/local/cpanel/bin

Data files are in /var/cpanel

Config files are in /etc/ and /usr/local/cpanel

This is definately something I couldn’t pass up the opportunity to blog about.  This site that one of my coworkers came across (that we also happen to host) allows you to virtually give yourself a boob job:

http://tryonanewbody.com

If you go to the demo section you’ll have a little picture of a petite blonde and a choice of your cup size ( A – D ).  Of course we’ll leave it to Brad to take is a step further:

So people at work have been nagging me to get a Twitter account — why?  So they know everything I’m doing all the time?  Finally I just decided to go with the flow and so far it hasn’t been that bad — as soon as I joined and started “watching” my boss, I had like 6 co-workers join as watchers.  I think the idea of Twitter is great, but it kind of seems like a stalking tool.  I mean, anyone can “watch” you and know exactly what you’re doing.  Good thing they at least have a block tool to keep the creeps out, eh?

Anywho, you can see my status at any time on my side bar.  And if you’re not a creepy pervert, feel free to watch me as well =)

It’s been about a while since cPanel 11.1 came out and the proxy script from cpanelproxy.net that we all know and love stopped working. Well, the cPanel devs came through for us again and incorporated an Apache-based proxy feature to natively allow users behind firewalls to connect to cPanel over port 80, similar to the way the previous php-based cpanel proxy worked. This was a peace of cake on new server setups, where all you had to do was check on the proxy options in WHM “Tweak Settings” and include mod_proxy in your Apache build. However, I had a very difficult time getting this to work on previous servers that did not already have those features. After bringing this up to Mr. Ken from cPanel (who, by the way, is the most awesomest person in the cpanel bunch), I was finally able to come up with a procedure for getting this to work without having to completely recompile Apache which is a no-no on more mature production servers.

First, if you haven’t already, run a cpanel update to the latest version which at the time of my writing is 11.23. Once the update is complete, log into WHM > Tweak Settings and check off these options (only the first is required):


Add proxy VirtualHost to httpd.conf to automatically redirect unconfigured cpanel, webmail, webdisk and whm subdomains to the correct port

Automatically create cpanel, webmail, webdisk and whm proxy subdomain DNS entries for new accounts.

Allow users to create cpanel, webmail, webdisk and whm subdomains that override automatically generated proxy subdomains

Now, to install mod_proxy (for Apache 1.3 and 2.x)

Download the source for your Apache version. If you’re not sure what that is, you can find out from your phpinfo file or in some cases by typing ‘httpd -v’ from command line.

wget http://apache.mirrors.tds.net/httpd/apache_1.3.41.tar.gz
tar -xvzf apache_1.3.41.tar.gz
cd apache_1.3.41/src/modules/proxy (will just be /modules/proxy for Apache 2 sources)

You need to compile the mod_proxy module with apxs to add it to httpd.conf. For Apache 1.3.x:

/usr/local/apache/bin/apxs -i -a -c mod_proxy.c

For Apache 2.2 (not sure about 2.0 since we don’t run that version on any of our systems) I found that you have to compile mod_proxy with two of its submodules in order for the proxy feature in cpanel to work:

/usr/local/apache/bin/apxs -i -a -c mod_proxy.c proxy_util.c
/usr/local/apache/bin/apxs -i -a -c mod_proxy_http.c

The restart Apache and verify that it is able to start. In my case, when I just compiled the mod_proxy module I got some error about ap_proxy_lb_workers, but when I added proxy_util that fixed the problem. Then I wasn’t able to get the cpanel proxy feature to work without mod_proxy_http. There is one last step with Apache, where you need to add the proxy virtualhost entries in. cPanel has this set up as one virtualhost entry for all the subdomains as well as https, which didn’t quite work in my case because we have shared SSL certificates on the main IP. So I added the following lines between the <VirtualHost> tags for the main hostname and shared ssl hostname:

ServerAlias cpanel.* webmail.*
RewriteEngine On
RewriteCond %{HTTP_HOST} ^cpanel\.
RewriteRule ^/(.*) http://127.0.0.1:2082/$1 [P]
RewriteCond %{HTTP_HOST} ^webmail\.
RewriteRule ^/(.*) http://127.0.0.1:2095/$1 [P]
UseCanonicalName Off

These are just the ones for webmail and cpanel, but webdisk and whm ones can be added as well.

All you need to do now is setup the subdomains so that customers can access them. The best way to do this is to specify the username:

/scripts/proxydomains --user=username add

To do all accounts on the server (which can take a while):

/scripts/proxydomains add

To list all the options for this script simply type /scripts/proxydomains .