7.21.2010

Dropbox in Debian Squeeze

I decided to give Debian Lenny +1 distribution, Squeeze a try on my work desktop. Things look really good and easy for one of my favorite cloud services, Dropbox. To install (instead of the old manual methods) just enable the non-free repository in your /etc/apt/sources.list:
deb http://mirrors.kernel.org/debian/ squeeze main contrib non-free
Then you can simply install Dropbox with:
apt-get install dropbox

7.12.2010

Finally a fix for home, end, page up and page down keys in Mac OS Terminal!

Thanks Mac Improved Blog man:

http://macimproved.wordpress.com/2010/01/04/fix-page-updown-home-end-in-terminal/

7.09.2010

lighttpd: whitelist some IPs while authenticating the rest

Here's the scenario: you have an office full of people that need access to a certain web app. Some of them probably have insecure passwords and you're too busy to worry about the latest security holes in your web-app. Slow down attackers by allowing your office IP addresses in while denying the open web access until they put in a simple group password.

In other words, this post walks you through having lighttpd allow some IP addresses in (and authenticating with your web app) and others to have to authenticate with mod_auth first, then the web app.

These instructions were tested on Debian Lenny:
  • First Enable the authentication module:
    lighttpd-enable-mod auth
  • Create the password file, the format is username:password
    vim /etc/lighttpd.user
    Make the password file owned by the webserver user:
    chown www-data:www-data /etc/lighttpd.user
  • Configure the auth module:
    vim /etc/lighttpd/conf-enabled/05-auth.conf
    * Comment out the auth.backend = "plain" line
    * Comment out the auth.backend.plain.userfile = .... line
    * Change the auth.backend.plain.userfile file to the one you created above, /etc/lighttpd.user
  • Finally, have all IPs authenticated, except for the IP1 and IP2 (add more separated by pipes) by adding the following to /etc/lighttpd/lighttpd.conf:

    $HTTP["remoteip"] !~ "IP1|IP2" {
    auth.require = ( "" =>
    (
    "method" => "basic",
    "realm" => "Employees Only!",
    "require" => "user=username"
    )
    )
    }

    Note: you can't use hostnames, only IPs
  • Reload lighttpd and you're done!