Category Archives: Uncategorized

Review: Modsecurity Handbook, by Ivan Ristic

mod_security Handbook

I’ve finally finished reading Ivan Ristic’s new book, mod_security handbook, published by Feisty Duck. Ivan is the brain behind mod_security. By the way, if you’re not using mod_security on your Apache server, you should be. And this is the book to tell you how to use it.

Ivan sent me a few early releases of the book, and about a month ago I received the first print edition.

This book is what you’ve been waiting for if you use mod_security. (And, as I mentioned, if you’re not using it, you should be.) The documentation for mod_security has long been frustrating. Even where it was complete and informative, you just didn’t know where to start.

This book is where to start.

The first 2/3 of the book is written in tutorial fashion, walking you through tasks from installation to complex scripting. Chapter 6 gives a great description of writing rules, and Chapter 9 gives numerous practical examples which flesh out what goes before. I always learn best by example, so these examples and the accompanying explanations make the earlier academic learning more meaningful to me.

Chapter 8 is about persistent storage of data. I’ve long been interested in this area of mod_security, and have had many times when I needed it and didn’t understand the docs on it. Ivan makes it much clearer than I’ve seen it presented before. I’ll be looking back at this the next time the need arises to do this kind of thing.

The last third of the book is the reference manual. I’m a big fan of having the reference manual in printed format, although it does run the risk of being out of date quickly.

This book is constantly updated, so you can always obtain the latest version. However, it’s unlikely that I’ll be buying a new paper book each time there’s a new release of mod_security. This book is also available in electronic format, and if you buy the ebook, you get updates to it as part of your purchase price. That’s pretty cool.

On the whole, this book is a long-awaited resource, and is very well written, by the person who knows the topic best. Highly recommended. You should go get a copy right away.

Pride and Prejudice and Zombies

Through a rather odd series of events, someone thought that we’d like Pride and Prejudice and Zombies.

I can’t honestly say I enjoyed Jane Austen’s original. It was one of those books that I read because it’s a classic, and everyone should read it. Much like War and Peace, and Anna Karenina, both of which I slogged through, and finished, although it was mostly work.

Well, I think that I may have discovered a way to enjoy Jane Austen, although I seriously question whether it would make any sense to anyone who hadn’t read the original. I *might* even consider reading some of the others.

The books were clearly written by taking a copy of the original, and going through it replacing various boring sections with zombie attacks and discussions of the Bennet sisters’ skills with the oriental arts of killing. While there are indeed many hundreds of boring parts, there are also lengthy parts that are left almost untouched, with the occasional mention of trips to China, training with zen masters, and Japanese food.

In all, very odd.

It was very hard to get into, but once I caught the cadence, it was a quick read, and mostly enjoyable if you can put aside the fact that it’s exceedingly silly.

Recommended. A little. If you like that sort of thing.

Bloglines and Google Reader

I’ve been using beta.bloglines.com for several years now – since Paul worked there. It’s a great product, but remains designated “Beta” despite being vastly better than their main product. Why? I can’t imagine.

But lately, I’ve been seeing 500 Internal Server Errors more often than I’ve seen the actual UI. And they’re still running Apache 2.2.9, which seems to indicate to me that they haven’t touched those servers since Paul left.

So I’ve finally moved over to Google Reader, which is vastly improved over the last time I looked at it, apparently borrowing ideas from beta.bloglines. And there’s a wide variety of iPhone apps for it, so that I don’t have to mark things read two different places. That’s pretty sweet.

Don’t Postpone Joy

For several weeks before Elise was born, I had been writing her short letters, and compiling them in a book for her to have when she is old enough to appreciate it. This one is a response to the Sunday Scribblings post from a few weeks, ago, “Mantra”.

Letters to Elise

June 12, 2010

XV. Don’t Postpone Joy
(“Mantra” – SundayScribblings.blogspot.com)

Your great aunt,
for whom you were named,
my beloved daisy,
adjured us daily
by her actions and her smile:
Don’t postpone joy.

And so I pass on to you
this wisdom,
and will show you every day:
Don’t postpone joy.

There is joy in everything,
if you just look, expecting to find.
Not that we close our eyes
to suffering and sorrow,
but that even there, we search
for the joy.

War Games

I just read GeekDad’s review of the new Karate Kid. We’re looking forward to seeing it, and in preparation, we FORCED the kids to see the original, which they declared to be a waste of their precious time. The Gril, in particular, claimed that she just couldn’t relate to a movie that was set *SO LONG AGO*.

Oy.

Speaking of not being able to relate, last night we watched War Games on NetFlix. Everything about it is outdated, from the technology, to the political situation, to the lack of security at NORAD, where folks can crash a Jeep through the front gate, run into the facility, and not be immediately either shot or thrown into custody, and then permitted to take the reins of a major international crisis. Nice.

I remember seeing this movie in the theater when it came out and being absolutely horrified by the language. I believe I was 12 at the time, and I believe it was the first or second movie that I had seen in a theater in the USA. I went with my parents. I can just imagine, in retrospect, how they must have wanted to crawl out of their skin as I was exposed to foul language that I had probably never heard before outside of whispered giggled conversations in the dorm room late at night.

The notion that a teenager could simply dial a phone number and enter a single-word password, and get into NORAD is … well, actually pretty plausible. Except now it’s even easier, since you don’t need a modem, and you don’t need to spend all day test-dialing numbers. It’s really a marvel that nothing of this scale has happened in real life. That we know of.

What I like about War Games, the second time around, is how the hacker aspects of it are presented realistically, and the tools of the trade aren’t over-geekified, but just presented as they actually were at the time.

Um. No. I never broke into any computers. At least, not that I’m willing to tell you about. Except that one in Australia. Once.

Elise Marguerite

Elise Marguerite was born at about 2:30 this morning. She is 6lbs 3oz, 22 inches, and perfect. She had some trouble breathing at first, but that cleared up quickly.

I’m sure that I will write more about this event later, since the joy was mixed with a considerable dose of frustrations, but for now I’m trying to get a little sleep and spend some time with her.

Photos forthcoming shortly, I’m sure.

Having a baby

We had planned to have our baby at home, but this morning my Beloved’s water broke, so we’re at St. Joe East, in the new Women’s Hospital, to have Elise Marguerite.

Everything is perfectly fine, we’re just here because it’s just 35 weeks, and the midwife won’t do it before 36 weeks.

Updates as we go along.

Daily

I participate in a dozen different “daily” websites. And by “participate”, I mean that I get a daily reminder and wish fervently that I had time to actually do something about it.

There’s 750words.com which taunts me with my inability to write something every day. I signed up for the June challenge – write 750 words every day in June. I missed June 1, and so the incentive has largely evaporated.

There’s http://dailyshoot.com/ which gives me great ideas for photos I’ll never take, and shows me photos by hundreds of other photographers that I’ll never be able to measure up to, due at least in part to their willingness to spend thousands of dollars on a hobby that is, to me, well, just a hobby.

There’s http://www.dailymugshot.com/ which is a neat idea, but usually by the time I remember to do it, my laptop is already “docked” and connected to the large screen, and so the laptop camera is no longer accessible. So I get maybe 2 photos a week on that site. It’s fascinating to watch your face change over the course of a few months. Fascinating, and a little eerie. Am I really getting old that fast?

There are a plethora of daily/weekly/whatever poetry sites or general writing sites that give a prompt and encourage you to write something based on that prompt. I even run one of these sites – http://weekendwordsmith.blogspot.com/ – and haven’t posted anything to it in months.

Most mornings I have two hours between getting up and going to work. I get up that early because we have to get our son to the bus stop. Today, however, is the last day of school, and I’ll probably not be getting up quite that early during the summer. But even then, that time seems to vanish into nothing. That nothing consists largely of reading the news, blogs, twitter, facebook, and other things that I could probably do just fine without. And a lot of email. Email is the largest time-sink in my life. I get hundreds of email messages a day. And that’s way down from the thousands of messages a day I used to get. I’ve jettisoned dozens of mailing lists that I never so much as looked at. I’ve retained only the ones that I thing that I really should be on – mostly relating to various aspects of the Apache Software Foundation – and I still can’t read even as much as a quarter of the email that I receive. I frankly don’t know how anybody manages to read all the traffic on the the board and members and incubator mailing lists, much less respond to so much of it. Do they not have jobs? Do they never sleep?

Then there are the more passive daily things. Word of the day. The other word of the day. Yet another word of the day. The day’s comic strips. The day’s FailBlog, The daily Sci Fi at http://www.365tomorrows.com/ and the daily (or twice-daily, or thrice-daily) posting at http://www.wired.com/geekdad/.

And by the time 9 rolls around, I’ve accomplished nothing of consequence. I’ve consumed another two hours of drivel, and produced nothing.

I’ve really got to stop this.

Of course, what I’ve done in writing this is probably grossly counter-productive – I’ve introduced you, my loyal reader, to more sites that will suck your time away. On the other hand, I wrote it on the 750 Words website, so I at least wrote my 750 words for today.

This summer, I intend to cut back on my input, and increase my output. I’m going to drop some of the sites that I try frantically to follow, but don’t get much out of, and devote more time to producing – whether that’s finally writing the novel I’ve been working on for five years, or finishing the project to rewrite the mod_rewrite documentation, or get around to writing my book on Open Source documentation, I’ve got to stop wasting quite so much time drinking in worthless drivel – or even valuable drivel – and more time creating.

If I might be forgiven for quoting something from one of my own poems – completely out of context, I might add:

All we can do to combat this idiocy
is to create as much beauty
as we possibly can in the brief moment we are here,

So, in the hour I have before work, I need to try to write something worthwhile, even if nobody ever reads it.

Until you can, and thereafter

In response to Until I Can by my beautiful, and very pregnant, Beloved. (Go read that first.)

Until you can, and thereafter

May 27, 2010

I’ve gotten used to him
unfinished
with his hat labeled “Brown” and  “Dark Brown” in pencil.
I think of myself that way, sometimes,
wearing a hat marked to fill in later,
and a face contently hiding in the shadows
beneath the broad brown-not-brown brim.

Is he asleep?
He smiles enigmatically,
dares you to guess.

I’m sure you’ll finish some day,
but until you can,
I kind of like him this way.

And, even when you can,
I think this is how I’ll remember him.