My Technophilic Musings

If you have ever had these errors or just want to be prepared in case they pop up somtime (and they surely will), then read on as I discuss various situations that lead to them and also their solutions.

I generally use desktop clients (mostly blogjet, but also Windows Live Writer and Scribe Fire sometimes) to blog to my WordPress based blogs. Some months ago, I started getting "Http 406: Not Acceptable" error while posting a particular post. Tried posting through the WordPress inbuilt TinyMCE editor, but got the same result. A little bit of research told me that this was because the post contained some words that were considered harmful by the "mod_security" plugin for apache that had been installed by my host to prevent hacking attempts. The quick resolution was to include the following lines in my .htaccess:

Sure enough, I put them in, published the post, and it worked. But since this meant opening up my site to the real hacking attempts, I commented them out and went about my work, occassionally turning them on as and when required.

But, a few days ago, after a server upgrade, the problem reared its head again, and in a more vicious manner. I started getting the dreaded 406 error again, and this time for any post, even a blank post, and through all clients. But this time, TinyMCE was working without issues. A little bit of looking around my site told me that the problem was that my desktop clients were not able to connect to my "x mlrpc.php" file which is responsible for taking care of all the remote api provided by WordPress. Trying to access it through any means provided the 406 error. My site's error log was filled with:

An appropriate representation of the requested resource /x mlrpc.php could not be found on this server.

Now, the xml rpc methods are used not just by WordPress but many other CMS's (like drupal, joomla, etc) and sure enough a quick search resulted in many similar reports for all the platforms. Enabling my previous mod_security options resulted in "503: Server misconfiguration" errors, complicating things further.

On seeing the error logs, I found that the server could not understand the options, and then I discovered that the mod_security had been upgraded to and it wasn't backward compatible with old options. Modifying the options to their latest counterparts also didn't work, as further wading through mod_security manual told me that now, its options cannot be overridden through .htaccess and can only be changed by the web admin.

I found that my host has basically blocked the x mlrpc.php file from being accessed at all instead of using proper rules for blocking only the attacks while allowing valid accesses. This was the problem that a huge number of people are also having and moreover they (like me) are not able to convince their hosts to switch to proper rules.

However, not all hope is lost. I have "fixed" this issue with a workaround for now. It is pretty simple really. Just rename your x mlrpc.php to something else (e.g. myrpc123.php) and also replace all references to it in your CMS with your new file name. You can use sed to automate this task. I used perl however:

Now, the 406 errors should be gone. If this worked for you, or you had any issues let me know. Also, if you have any other workarounds/fixes of your own, do drop me a word.

Note: In the above article, please ignore the space between "x" and "mlrpc" as the mod_security rules prevent them from being in content also. Moreover, use some unique name for rpc file.

written by Shantanu Goel \\ tags: Drupal, Hack, http 406 error, Joomla, not acceptable, wordpress

Situation: You are migrating your WordPress blog from PHP4 to PHP5 (intentionally or being forced to as you web host won’t support PHP4 anymore). Most of the times, this is as simple as adding some simple lines to .htaccess (e.g. AddHandler application/x-httpd-php5 .php ). And you might not notice any issues. But many of you still do. The issues range from weird page layouts, to some controls not working, to some errors popping up here and there, and probably your blog not even displaying. This occurs because even though WordPress is PHP5 compatible, some of the plugins you are using might not be. But even if you ensure that all your plugins are PHP5 compatible, there is still one more problem that I just saw today.

Problem: My host supports both PHP4 and PHP5. I decided to migrate my personal blog to PHP5 today by adding the aforementioned line to my .htaccess. Immediately, my blog disappeared, and in its place, all that was left was a few errors:

[07-Apr-2008 12:11:49] PHP Warning:  flock() expects parameter 1 to be resource, boolean given in /…/wp-cache-phase2.php on line 105
[07-Apr-2008 12:11:49] PHP Warning:  fopen/…/wp-cache-e3ba4b7161eb59d50c5e976a0b66782a.meta) [<a href='function.fopen'>function.fopen</a>]: failed to open stream: Permission denied in /…/wp-cache-phase2.php on line 240
[07-Apr-2008 12:11:49] PHP Warning:  fputs(): supplied argument is not a valid stream resource in /…/wp-cache-phase2.php on line 241

Note: I’ve deleted the exact file paths above for security reasons.

It gave me an idea that it had something to do with wp-cache. When I tried to open the settings for wp-cache, it again gve error that web server doesn’t have the permissions to write the file wp-cache-config.php, wp_cache_mutex.lock etc.

Continue reading »

written by Shantanu Goel \\ tags: errors, migrating from PHP4 to PHP5, permissions, PHP4, PHP5, plugins, web-server, wordpress, WP-Cache

Microsoft is doling out a lot of free stuff today. If you have a Live ID, or have the patience of 5 minutes to fill up a small form to create a new one, you can get free domain name as well as free webhosting from then for one complete year. Cool, huh? All you need to do is click here.

A word of caution: Unless you are creating a new website just for kicks, you might want to check out the terms and conditions properly because I’m not sure whether you can transfer the domain name to some other provider after the one year is over.

written by Shantanu Goel \\ tags: Free Domain Name, Free Webhosting, Live ID, Microsoft, Microsoft Office Live

If you had a dream of starting your own website, your online abode, and you wanted to see whether the pretty little name for your dream house is available or not, what do you do? Check its availability on one of the many domain sellers’ sites. And if you picked “Network Solutions” to do the search, then you have just been scammed my dear friend.

Did you wonder, that though Network Solutions showed the domain name as available, but yet when you searched and found a cheaper registrar, the domain name was suddenly…GONE..What about the second one you had searched for at NetSol? Gone. Third One? Gone. Now, what is the probability of all 3 names being registered within 5 minutes of you searching for them? Probably one in a billion. No, its one in one (100%) if you searched on Network Solutions, as a friend of mine found out the hard way.

Donning the detective cap, if you do a whois for all those domains, they will undoubtedly be registered with Network Solutions. And you are now in there clutches, to buy it for their exhorbitant prices, almost 4–5 times the normal prices.

Actually, its not that bad as of now, because NetSol doesn’t really “buy” all those domain names (otherwise it’ll take less than a day for them to go bankrupt). They register it with ICANN but are allowed to cancel it within 5 days so they don’t have to pay any money. This clause was made to protect registrars from Credit Card fraud, but NetSol is using it to create their own fraud. As now, they can block the site for 5 days for free and people panic and buy it from them for their higher prices. They say that they do it to “protect” their customers. Hell, all they are protecting is the customers from buying it from their “cheaper” competitors as NetSol will sell it to anyone who pays and not just the guy who searched for it.

So, if you have become a victim of this and can wait for 5 days, then do that instead of paying through your nose. I call for a boycott of all services of Network Solutions and not just the domain whois, so that they can learn a lesson.

written by Shantanu Goel \\ tags: domain blocked for 5 days, domain name registration, domain name scam, fraud, ICANN, Network Solutions, whois

The question that we will be answering today is: Q2: Cron? Using tar, making up the script file is enough command line for me. Isn’t there an easy way? Cron is a tool that can schedule any kind of tasks for you, and here we are using it to run our backup script automatically, so that we can concentrate on blogging. Now, most of us are phobic of anything that has anything to do with command line. And we already have enough of command line stuff in this series. So, you can breathe a sigh of relief for a few moments because atleast the cron part can be made Web/GUI based for you (The command line method for cron was given in the first part). The details that I’m going to present here are relevant for cpanel but it might differ for you (very minor to very major) as your webhost might have a different panel for you (e.g. vdeck) or even your cpanel might look very different. But the basic concept remains the same and with a bit of common sense, you can apply this concept to your site easily.

Continue reading »

written by Shantanu Goel \\ tags: attachment, automate site backup, automate website backup, automated backup, automatically e-mail site backup, backup, cpanel, cron, cron job, crontab, e-mail limit, gui, site backup, tar, vdeck, web, Webhosting, webhosting tip, website backup, webspace limit

Last time, I had told you about how to reduce the backup size. Well, this is a short note further developing on the approaches discussed there. Basically, telling tar to backup only those files which have changed. For this, Linux has a command “find” which I am very fond of. You can give it a option “-newer” followed by a f”filename” and it will return the names of the files that are newer than filename.

So, the command given above will find all the files that have changed since you took the backup “backup_x.tgz” and store those filenames and paths into “files.txt”. The “-type f” option makes sure that only filenames are listed and not directory names, because tar creates a lot of issues when presented with directory names (Explore yourself about this).

Now, all we have to do is give this “files.txt” to tar as an input to tell it which files to archive.

Continue reading »

written by Shantanu Goel \\ tags: attachment, automate site backup, automate website backup, automated backup, automatically e-mail site backup, backup, cron, crontab, e-mail limit, find, incremental backup, mtime, newer, site backup, tar, Webhosting, webhosting tip, website backup, webspace limit

Last week I had written a short guide on “Automating Website Backups”. I received some good comments/suggestions about it from Jasvinder through e-mail about other aspects that should be addressed. So, thought of doing a few follow ups to that post. This is done in more of a FAQ fashion, so as to answer some of the questions that may arise after reading the first post. Each post will answer one of the questions listed below in detail

Questions to be answered:

Q1: I have strict limits on webspace/email attachment etc. Can anything be done to reduce the backup size?

Q2: Cron? Using tar, making up the script file is enough command line for me. Isn’t there an easy way?

Q3: Well, backup is all hunky-dory. Now, how do I restore?

Want the answers? Read on.

Continue reading »

written by Shantanu Goel \\ tags: attachment, automate site backup, automate website backup, automated backup, automatically e-mail site backup, backup, cron, crontab, e-mail limit, site backup, tar, Webhosting, webhosting tip, website backup, webspace limit

What can go wrong with your wonderfully running website / blog? Everything..

Your online abode is so difficult to keep secured. It can get hacked, you may install something wrong, a wrong configuration can wreak havoc, the server hard disk might crash, natural calamities, and what not. Your best option to secure yourself against all this is summarized in just one word “BACKUP”.

Now, a backup involves two most important things: “Database Backup” and “Files Backup”. Most webhosts give you the options to back these up for you but with a few catches:

• You can backup but only through your control panel manually. No automation/scheduling of backups.
• Automated Backing up is not free
• Automated Backing up is free but restoring is not as they give you the backed up data only on request.

There are many plugins available for most CMS and blogging sw for backing up databases. But what about the files? Especially if you have more than one sites on one hosting account. Well, here I’ll tell you how to automate file backups in three simple steps.

Continue reading »

written by Shantanu Goel \\ tags: automate site backup, automate website backup, automated backup, automatically e-mail site backup, backup, cron, crontab, site backup, tar, Webhosting, webhosting tip, website backup

One thing that is most difficult to choose (after a dress for your girlfriend that doesn't make her "look" fat) is choosing a webhost. A google search is going to even confuse you further. As you wade into this enormous ocean, you will be wowed by the offers given by some of these hosts, throwing away 100's of GBs (no less) of disk space and bandwidth running into terrabytes. Almost every software on earth in your one-click fantastico arsenal. (plus they promise to do your dishes after you are through with the dinner too). All this and more for a measly 3.99, 4.99, 5.99 and such price. Your jaw already touching the floor, you make a quick dash for your wallet, flip out your credit card, and sign up for that "limited time" offer for unlimited webspace before it expires. You then laugh at your friend who got a measly 100mb for the same price. But, what gives? Even a 100 GB hdd costs me close to 40-50 bucks, then how come they are able to do it?

Continue reading »

written by Shantanu Goel \\ tags: available disk space, bandwidth, fantastico, GBs, google, legal jargon, limited time offer, offer, terrabytes, unlimited webspace, webhost, webspace