If you manage a DNS master, and push zones to several slaves / secondaries, you may have found that over time — as configuration files and firewall rules change — one or more slaves may have lost its ability to update its zone files. Perhaps the slave is no longer being notified, or it may have lost the necessary zone transfer permissions from the master. In a large distributed environment where DNS changes are frequent, checking the SOA serial number for all the NS servers in a zone can be quite helpful — a quick way to eliminate the DNS as a possible source of a problem. Here is a perl script I wrote a few years back to retrieve the SOA serial number for a given domain.
Pinterest Rich Pins have adopted the Open Graph standard, except for the ‘article:author’ meta tag value. The Open Graph standard expects the ‘article:author’ to be a profile URL or profile ID, where-as Pinterest expects a person’s name instead (and ignores any URL values). To correct this incompatibility, a new Pinterest publisher settings tab has been added to the Open Graph+ General settings page, with an option to include an author’s name specifically for the Pinterest crawler. The default value includes the author’s ‘Display Name’, but you may also choose the author’s ‘First and Last Names’ or ‘Nickname’ instead.
If you use a full-page caching front-end or plugin (Quick Cache, etc.), see the Performance Tuning notes about caches and Pinterest meta tags.
Recently, I needed to sync several directories on a backup / fail-over server with the same directories on a production server. Rsync over SSH takes care of this, but if you want to tighten security, you must use the “command” restriction in the SSH authorized_keys file — This restricts the authenticated key to running a single command, with a specific set of arguments. For example, let’s look at a typical command that might be run from a backup server to rsync daily database dumps:
backup$ rsync -av --delete -e "ssh -i $HOME/.ssh/prod-rsync-key" \
Nginx Inc. provides access to the nginx-plus package and repository using SSL certificates. Their instructions cover the configuration of apt for Ubuntu, but for people using apt-mirror and Puppet to manage their internal servers, additional custom configurations are required.
The standard apt configuration for nginx-plus might look like this:
$ cat /etc/apt/apt.conf.d/90nginx
The connection to the nginx-plus repository must be made using HTTPS and authentication is handled by client certificates. As provided, apt-mirror is not able to manage SSL certificates, so two sections in the apt-mirror script must be modified. The
%config_variables array defines the settings read from its configuration files. We will add the ‘certificate’, ‘private_key’, and ‘ca_certificate’ settings to the array.
If you are concerned about the quality of your NextGEN Gallery v2.x resized images, this should be of particular interest to you.
Some months ago I contacted Photocrati to ask them how, in version 2.x, developers could retrieve the “actual” dimensions of a resized image. In the past, after resizing an image we could use PHP’s getimagesize() function on the resulting file, but in v2.x image resizing is dynamic and those resized images may not be available on disk. I had some concerns between the expected / calculated image dimensions, those returned by NGG v2.x’s methods / functions, and the actual image retrieved by the URL. All 3 dimensions were different! A resized uncropped image which should have been 300x200px, was reported as being 300x199px by the NGG methods / functions, and the image retrieved by URL was 298x199px!
This may not sound like much, but a few pixels here and there can lead to image distortion when rendered by browsers, alignment issues in page layouts, and failures when working with minimum image dimensions (for example, Facebook ignores images smaller than 200x200px).