Protected: test

This content is password protected. To view it please enter your password below:

WordPress, wget, http authentication and requests with 401 status code

I’ve installed wordpress and got an idea to use cron to periodically call wordpress wp-cron.php.
And i’ve added user wp-cron to htpasswd file.
So I’ve added something like
/usr/bin/wget --http-user=wp-cron --http-password=the_password -O - -q https://example.com/wp-cron.php
to the crontab.

It worked.

But in the access log I’ve saw something like that:
1.2.3.4 - - [13/Dec/2013:19:00:03 +0100] "GET /wp-cron.php HTTP/1.1" 401 188 "-" "Wget/1.13.4 (linux-gnu)"
1.2.3.4 - wp-cron [13/Dec/2013:19:00:04 +0100] "GET /wp-cron.php HTTP/1.1" 200 5 "-" "Wget/1.13.4 (linux-gnu)
"

First line: wget tries to access the server without sending name and password and is asked by the server for creditials.
Second line: wp-cron.php is actually called.

To force wget to send unasked for creditials in the first attempt one has to use --auth-no-challenge option.
Now there are no double lines in log and wget is run only once.

find . -name ‘*.py’ | xargs rm

Trying to remove any doubt which Django Python code I’m using I wrote:

find . -name ‘*.py’ | xargs rm

And as the result I lost all python source files from current directory and all directories below.

I should use:

find . -name ‘*.pyc’ | xargs rm

One small ‘c’ letter makes the difference between intended removal of compiled Python code
and the removal all source Python files in current directory and all directories inside it.

The lesson is to think before pressing enter one might think.

Well, it is one of lessons but there is more here.

I’ve restored all lost files using mercurial.

Debugging init scripts: set -x

Init script does not behave correctly. How to debug init script?

Use set -x right after #!/bin/sh in init script.

From man set:

-x

The shell shall write to standard error a trace for each command
after it expands the command and before it executes  it.  It  is
unspecified  whether  the  command  that  turns  tracing  off is
traced.

New security requirements for industrial control systems

The times had changed. We live in the future now.

Are you responsible for running of the industrial plant?

So read, please, about security of industrial control systems in post Stuxnet world.

Webapps and static html pages – friends or enemies?

Is the clash of the rich internet applications and static html pages unevitable?

It depends on the main function of the page or web application. If main purpose is one way communication aimed at delivering content then there is little point in using excessive amounts of javascript. If, on the other hand, there is two way interaction between the man and machine one should consider using web applictaion techniques.

So it looks like the initial question is flawed.

There is a place for mainly static web page and for web application.

More, there are instances where both approaches can be mixed.

Mysql gui data editing

To edit mysql table data (not table definition but data stored in the table) using

mysql-administrator (part of mysql-gui-tools) one has to install

mysql-query-browser package.

Strange?

For me – yes.

What “fuzzy” means – python, django, gettext.

A django application is in process of adding support for second language. During adding translations to the django.po file after next .po file compilation some of previously translated texts were displayed on target site in their original, untranslated form.

Afert usual digging in google’s search results the answer was found: a “#, fuzzy” flag was responsible for not translating my strings.

Fuzzy flag description. In short words: if you are sure that “fuzzy” marked translation is correct simply remove “fuzzy” flag, compile the .po file and you are done.