Tag Archive for 'howto'

Twitter: Show Your Latest Entry On Your Blog

Published
by
Tyler
on March 10, 2007
in Internet, Noteworthy, PHP, Personal and WordPress
. 23 Comments Tags: , , , , , , , , , , .

Want to show your latest entry to Twitter on your WordPress blog or website? It’s really very simple. Don’t be scared off by the vague instructions for adding a badge at the Twitter Badge page. The Twitter Badge page has some Flash badges at the very top and some javascript badges immediately below the Flash badges.

We’re mostly interested in the javascript badges. I don’t give two shits about Flash and refuse to add something to this site that will cause unnecessary lag just because it’s “pretty”. I’m a pretty devout follower of the K.I.S.S. philosophy. And besides, all we’re covering here is how to show your latest Twitter entry, pretty basic. Take a look below to see how I display “My Latest Twitter” in my sidebar.

1. Open your themes sidebar.php file (probably in /wp-content/themes/theme_name/).

2. Determine where you would like your Recent Twitter Status to appear in your sidebar.

3. Copy the following code and paste it into sidebar.php in the location you chose in step 2.

<div class="sb-lasttwitter">
<h2><a href="http://twitter.com/yourTwitterUsername/"><?php _e('My Latest Twitter'); ?></a></h2>
<ul><li>
### insert javascript for Twitter Badge here ###
</li></ul>
</div>

4. Open your themes style.css file and add a class called sb-lasttwitter. You can expand on the styling for the sb-lasttwitter class all you want. The CSS I use is below, it should work for most people as-is.

/*- most recent twitter*/
.sb-lasttwitter ul li {
	list-style-type: none;
	}

5. After adding the sb-lasttwitter CSS class, save your style.css file and upload the newly modified file to your website.

6. Login to your Twitter account and click the “Badge” link at the top.

7. Click the first javascript badge, it should automatically select all of the code when you click on it. Copy the selected javascript code to your clipboard (right-click and copy).

8. After you’ve copied the badge javascript, go back to sidebar.php and find the line that reads: ### insert javascript for Twitter Badge here ###. Replace that line with the javascript you copied from step 7.

9. Save sidebar.php and upload it to your website, it goes in the same directory you uploaded style.css to.

10. Done! Visit your blog to (hopefully) see your latest twitter in the sidebar.

Once you’re done with that you should see “My Latest Twitter” in your sidebar. Immediately below that text you should see your most recent Twitter and how long ago it was entered.

You should also note that the code from step 2 may not work for every WordPress theme, in fact, it probably won’t. However, you should be able to make a few simple changes to make it fit perfectly with your blog’s theme. My point is, you may have to modify that code (and the CSS) to make this show properly with the rest of your blog theme.

Please be aware that the Twitter javascript badge breaks XHTML 1.0 Transitional validation. Fortunately, it’s an easy fix to get pages including the Twitter javascript badge to validate again. Remember, this is the javascript we copied in step 7.

Anyway, to make it pass XHTML 1.0 Transitional validation, have a look at the very last line of the javascript, towards the end of the line, should look similar to this:

?callback=twitterCallback&count=1"></script>

Replace the text above with the following text:

?callback=twitterCallback&amp;count=1"></script>

Modifying the last line of the javascript as described above will make your site/blog pass XHTML 1.0 Transitional validation, assuming nothing else in your site is broken. WDG has some good information on why this change will help your site pass validation.

If you have any problems with this, please let me know! I will try to help people as much as I can, no promises though. If there’s enough interest, I may end up throwing together a very simple wordpress plugin to do all this automatically. It would seem the only Twitter WordPress plugins currently available require the WordPress Widgets plugin, which I don’t use. I just want a simple plugin to include the basic javascript badge without the need for Widgets. If nothing pops up within the next few weeks I’ll probably get to work on a plugin of my own.

There are two full featured Twitter WordPress plugins currently in development, both should be fantastic. The first plugin is Twitter Tools from Alex King. Twitter Tools aims to provide full integration between Twitter and WordPress. The second plugin in development is Twitt-Twoo from Dean J. Robinson. Twitt-Twoo isn’t aiming to be a full integration plugin like Twitter Tools. Twitt-Twoo is much more basic, although I believe it will allow you to post to twitter right from the sidebar of your blog, provided you’re logged in. I’m not sure if that functionality will be included in Twitter Tools as well or not.

Popularity: 18% [?]

More SSH Brute Force Protection

Published
by
Tyler
on August 23, 2006
in Internet, Linux, Noteworthy, Personal and Security
. Comment Tags: , , , , , , , , , , , , .

Stopping SSH Brute Force Attacks resulted in some really great comments and suggestions from readers.

So, this is a follow up to the last SSH brute force post. I didn’t realize there was such a wide selection of applications for dealing with this, but there is! The two best looking options in my opinion are Fail2ban and DenyHosts.

I’ve actually started using DenyHosts on two machines now, and it’s working very well. I chose to go with DenyHosts for a very simple reason. Community stats. I love stats.

Anyway, if you’re looking for something to protect against ssh brute force attacks, go with Fail2ban or DenyHosts, they’re still being actively developed. I can’t say the same for Breakinguard, as it appears to have been abandoned about 1 year ago. And like I said, DenyHosts does it’s job extremely well, I couldn’t ask for anything more.

If you’re looking for another solution, try using cryptographic keys instead of passwords. A tutorial on configuring SSH to look for keys instead of passwords can be found here. This was suggested by commenter pwyll.

Oh, and this is the 700th post. yay!

Popularity: 7% [?]

Stopping SSH Brute Force Attacks

Published
by
Tyler
on August 21, 2006
in Internet, Linux, Noteworthy, Personal and Security
. Comments Tags: , , , , , , , , , , , .

A few weeks ago at work, I noticed a bunch of failed login attempts to one of our Linux servers. After doing some investigation, I found that no intrusion had actually been made, which is excellent. Lines similar to this were filling my /var/log/messages log file:

Aug 20 23:31:26 elixer sshd[22526]: Failed password for invalid user alias from 66.166.22.186 port 26217 ssh2

Notice they’re trying to login with the username “alias”, which doesn’t exist on that system. In fact, all the usernames attempted don’t exist, which makes me feel a little safer. Still, I don’t like seeing my boxes actively attacked. So, to stay on top of these breakin attempts, I installed Breakinguard.

Breakinguard basically watches your log file for any failed login attempts. You can set a pre-defined number of attempts that can be executed before breakinguard will block the IP.

The Package itself does a ‘tail -f’ of your syslog, and when it identifies a matching line within your logs, it logs this ‘attempt’. If more than the pre-defined number of attempts from the same IP address are received it triggers the iptables (or any other block method defined) block and also emails you notification.

I’ve never been able to get the configure script to work for me, simply because the perl module installation always fails. So, to get around that I simply installed these perl modules manually and commented out these lines in the configure script:

$PERL -MCPAN -e "install File::Tail"
$PERL -MCPAN -e "install IO::Socket"

Those two lines execute perl and try to install the File::Tail module and the IO::Socket module. After manually installing the perl modules below and commenting out the lines above in the configure script, the configure script should run and do it’s thing without error.

File::Tail
IO::Socket


After the configuration script has run, you should have a couple new files, /etc/breakinguard.conf and /etc/rc.d/breakinguard. Now, the /etc/breakinguard.conf file stores the breakinguard configuration. This is where you tell breakinguard which log file to monitor and how many incorrect login attempts are defined as a breakin.

I’m not going to bother going through all the options in breakinguard.conf, simply because they’re all explained pretty well within the conf file.

The other “new file”, /etc/rc.d/breakinguard is the script used to launch breakinguard. Run “/etc/rc.d/breakinguard start” to start breakinguard.

Once breakinguard is running, it will monitor whichever log file you specified in /etc/breakinguard.conf (/var/log/messages in my case). When it sees a failed login attempt, it will be noted. Now, when an IP fails a certain number of logins, iptables will be called to block all traffic from the IP.

Below is an example email that’s generated by Breakinguard when it blocks an IP:

BreakinGuard has blocked an IP based on suspicious activity
Please review this server.

Detail:
Hostname: elixer.hostname
IP Blocked: 202.82.16.180
Last log entry that caused the block:
Aug 22 06:17:05 elixer sshd[25591]: Failed password for invalid user alias from 202.82.16.180 port 45340 ssh2

Popularity: 7% [?]

Improved Permalink Redirection

Published
by
Tyler
on August 19, 2006
in Internet, Noteworthy, PHP, Personal and WordPress
. Comments Tags: , , , , , , , , , , , , , , , .

After a hard evenings work, I have a much better redirection method to replace the one I described in this post. Previously, I was simply guessing which post a searcher was looking for and displayed a link to that post.

That was all fine and dandy, but I have pretty good search ranking for various keywords. I’d like to keep it that way. After digging around a bit I came across the best method to keep my search rankings in place and manage to redirect the searcher to the desired post. Enter the 301 Permanent Redirect.

I found a nice simple PHP function to do redirection on any number of levels. This function has the ability to send specific HTTP/1.1 status codes based on the type of redirection desired. Since my old permalinks will never be valid again, I chose the 301 Permanent Redirect. A note, the function listed at the URL linked above doesn’t work as-is, you need to modify it. The modified function is below, plus some extra code. All of that code is in my themes header.php file.
Continue reading ‘Improved Permalink Redirection’

Popularity: 6% [?]

cheap xbox 360 games - buy from zavvi
cheap xbox 360 games - zavvi

mobile phones - Web Design - Vegas Hotel - Loans - Credit Card Consolidation - Best Credit Cards
Search Engine Optimisation - Mobile Phone - Bike Insurance - Landlords Insurance - Search Engine Marketing - Mobile Phone