bob's tech ramblings

where i ramble about technical things

Entries tagged "solaris".

4th July 2006

No, Not that one or indeed that one (thinking about it I stopped using IE at least 7 years ago). I've finally succumbed and installed Ubuntu on my laptop.

After several years of having OpenBSD as my desktop OS of choice I've decided to try something new. My work laptop has beenSolaris 10 for several months now given my previous incarnation as a Solaris Admin. However $work are a debian shop. So ive become more accustomed to linux and its annoyances and even started to like some of the features (iproute,apt). Also it was time for a reinstall anyway.

So I downloaded an iso and did the install dance. It all went smoothly. INstalling windowmaker and making it my session default was also easy. the choice of programs is overwhelming compared to what was in the openbsd ports collections. Then a bad thing happened. It ate my X config. I dont know why but it just did.Thankfully a reinstall fixed. Which was good thing since I had installed lots of crap anyway.

Im seriously tempted to install it on my work laptop to.


16th August 2009

On Thursday the Randomness Guide to London was probably the target of a ddos attack. The machine it was hosted on went to load of about 60. Which is fine since its solaris. The main problem was when the machine exhausted its memory and started to swap the machine would become unresponive.. To mitigate this I dropped the number of concurrent connections apache allowed. The machine suffered less but the website was still unusable because you were fighting to get one of the limited number of available connections.

Since I was in the pub the other administrator of the Randomness Guide to London was renaming the CGIs so that load would drop and she could get on to it. When I got back I whipped up some mod_rewrite rules such that we could see the site but everyone else got a holding page. 10 minutes after this the ddos stopped. So it was a bit late. However a holding page is still a useful thing to have.

The next morning I refined it a bit to be more intelligent and return a 503 which is the correct status code.

RewriteEngine On
RewriteCond %{REMOTE_ADDR} !AAA.BBB.CCC.DDD
RewriteCond %{DOCUMENT_ROOT}/holding.html -f
RewriteCond %{DOCUMENT_ROOT}/holding.enable -f
RewriteCond %{SCRIPT_FILENAME} !holding.html
RewriteRule ^.*$ /holding.html [R=503,L]
ErrorDocument 503 /holding.html

First turn on the rewrite engine. Then the conditions for which the RewriteRule applies
  • Don't match an IP address. So you can see the site.
  • Make sure holding.html exists
  • Check for the existence of a file called holding.enable. This is the means by which you turn holding page on and off.
  • Don't apply the rule when serving holding.html
Then the rule itself. Which basically redirects anything to the 503 error page. Which you then set as holding.html

That's all you really need although at work I add an extra line to help stupid web caches not keep on showing the error page after the site is back.

Header Set Cache-Control "max-age=0, no-store"