Twitter IPO closes at $44.90 a share, up 73%, on its first day of trading – via @AP

If your running across this error in your error logs, there may be a simple solution for you.

This 403 error is usually caused by having AllowOverride set to All.

You can either fix this by Chmod’ding all your files to 644 (not very elegant) or paste the following into your apache conf file, replacing your “AllowOverride all” rule:

Just a quick tip, but hope this can save you some time!

Last night all severs running Windows 2003 R2, IIS6 and ColdFusion/ASP.Net were sabotaged! Actually, any windows based web application making use of the IIS6 application pool was affected and guess who killed them… Havoc is consuming the inter-webs while non-technical users are asking the question; “who killed my web site”?

The answer, It was the boys over in Redmond, WA. Quite the debacle ( Fail Whale ) for Microsoft.

After installation of the following updates:

  • Security Update for Windows Server 2003 (KB974318)
  • Windows Malicious Software Removal Tool – December 2009 (KB890830)
  • Security Update for Windows Server 2003 (KB973904)
  • Update for Windows Server 2003 (KB971737)
  • Update for Windows Server 2003 (KB973917)
  • Security Update for Windows Server 2003 (KB974392)
  • Cumulative Security Update for Internet Explorer 8 for Windows Server 2003 (KB976325)

We noticed multiple occurrences  the following warnings in the System event viewer:

A process serving application pool ‘DefaultAppPool’ terminated unexpectedly. The process id was ’3524′. The process exit code was ’0xffffffff’.

These warnings were immediately followed by a lovely error:

Application pool ‘DefaultAppPool’ is being automatically disabled due to a series of failures in the process(es) serving that application pool.

With these messages at hand it became apparent that one of the Windows Security Updates was to blame. Looking into the specifics of each of the updates I had concluded that the suspect was “Update for Windows Server 2003 (KB973917)“.

While I am still working to identify possible solutions for affected servers independently, removing Update 973917 has restored service temporarily for a number of my clients.

Anyone else see the Humor in this?

Take a lesson from this; Windows Automatic Update is kind of like a friend who secretly wants to cause you problems, because its fun….

Updated on December, 9 2009 at 1:59pm

The official response… get this; Microsoft wants us to reinstall Service Pack 2 for Windows Server 2003 on the affected installations to bring all IIS6.0 components up to date. Seems like a Cop out to me. Sure it would fix the issue but this is going to cause a lot of man hours for a number of companies.

Anyone who has spent time with FFmpeg and its plethora of compile flags and dependencies I’m sure would tell you “its a real pain in the ass!”.

Although its not available through the default yum libraries you can save yourself a huge amount of time by using the FFmpeg install available through the DAG repository.

First you will need to add DAG to your YUM repo by adding the latest RPM Forge release if you do not already have it on your system, I like to use the RHEL RPM:

rpm -Uhv

Now all you will need to do to get FFmpeg running is one line through shell:

yum install ffmpeg

To test your install type:

ffmpeg --help

If you need to access the binary from a script, it should be located in /usr/bin/ffmpeg by default.

Apple is nice enough to shield its users from the clutter of hidden files on our systems. However, any web developer who works with those files I am sure could tell you what a pain it is to not have those files available though finder.

Anyone ever tried to publish a web app to production only to forget about the .htaccess?

Open a Terminal windows and type to show hidden files:

defaults write AppleShowAllFiles TRUE

 killall Finder

Open a Terminal windows and type to hide hidden files:

defaults write AppleShowAllFiles FALSE

 killall Finder

What do these lines do? The first will update the Finder setting that controls the view option for hidden files. The second line will force finder to restart so the setting can take effect. Do note however if you have any finder windows open; they will close!

Geek 1.0 vs 2.0

Comscore as well as Nielsen Netratings estimated Google’s U.S. search engine market at more than 60% in July. While the market research firms have come up with substantially different numbers for their July report, both agree that Google now runs more than three times the numbers of searches of its closest rival and more than twice the searches of Yahoo and Microsoft combined. Comscore and Nielsen Netratings posted market share numbers for Google at greater than 60% for the second time this year. However, while the April result could have been considered as a blip, the July result fits the pattern of Google chipping away market share from its rivals, bit by bit.

Nielsen Netratings estimates that Google was used for 60.2% or more than 4.8 billion of 8.0 billion searches started by U.S. users during the month of July. Comcast came up with a 61.9% share for Google and 7.3 billion searches of a total of a total of 11.8 billion. Both Yahoo and Microsoft keep losing ground: Nielsen puts the two companies at 17.4% and 11.9%, Comscore at 20.5% and 8.9%. Google’s market share gains appear to have accelerated in 2008, with much stronger growth than in previous years. According to Nielsen Netratings, Google had a market share of 46.2% in July 2005, 49.2% in July 2006 and 53.3% in July 2007. Over the past year, Google was able to increase its market share by almost seven percentage points – more than in any other 12-month period before.

Source: TG Daily

In partnership with Mozilla Labs, as part of the Labs’ browser concept series, the user experience gurus over at Adaptive Path are attempting to conceptualize a possible path of evolution for the future of the Mozilla web browser; code named Aurora.

Aurora (Part 1) from Adaptive Path on Vimeo.

Aurora presents a number of very interesting visual approches; however, it also — to me, highlights the current state of data overload that users experience with today’s web. Although this browser interface and its control mechanisms are fairly effective ways to navigate through massive amounts of data it almost seems to highlight a much larger problem.

Is our appetite for data on the web out growing the “Browser”?

I eagerly await the future installments of the Aurora videos. Especially Part 4, which would look to be a touch interface to the browser.

Keep in mind this is a collaborative effort. If any of this type of work interests you I would urge you to meet Mozilla Labs’ call for participation and weigh in on the conversation.

To secure your CFML it is recommended that you use the cfqueryparam tag within every cfquery tag. You can optimize this process by specifying the CFSQLType attribute. But what about when you want to use a MySQL Database?

The LiveDocs cfqueryparam topic does not include the mapping of ColdFusion SQL data types for MySQL in the usage table, but a helpful comment attached to the doc gives some insight.

ColdFusion Data Type Mappings to MySQL Data Type(s):

CF_SQL_BIGINT | bigint
 CF_SQL_BINARY | binary
 CF_SQL_BIT | bit (MySQL 5)
 CF_SQL_BLOB | blob, tinyblob, mediumblob
 CF_SQL_CJAR | char
 CF_SQL_DATE | date
 CF_SQL_DECIMAL | decimal
 CF_SQL_DOUBLE | double
 CF_SQL_FLOAT | float
 CF_SQL_INTEGER | mediumint, int
 CF_SQL_REAL | real
 CF_SQL_SMALLINT | smallint
 CF_SQL_TIME | time
 CF_SQL_TIMESTAMP | datetime, timestamp
 CF_SQL_TINYINT | tinyint
 CF_SQL_VARBINARY | varbinary
 CF_SQL_VARCHAR | varchar, text, longtext, mediumtext

Sure you can protect against SQL injection attacks at the code layer, but what happens when hackers find something you missed? With Rewrite Rules, using mod_rewrite on apache or ISAPI_Rewrite for IIS, you can add rules to ignore URL based SQL Injection all together. Below is and example of some basic protection you can add.

In ISAPI_Rewrite

RewriteRule .*DECLARE.* /security-violation.htm [I]
RewriteRule .*NVARCHAR.* /security-violation.htm [I]
RewriteRule .*INSERT .* /security-violation.htm [I]
RewriteRule .*INSERT %20.* /security-violation.htm [I]
RewriteRule .* xp_.* /security-violation.htm [I]
RewriteRule .*%20xp_.* /security-violation.htm [I]
RewriteRule .*%20@.* /security-violation.htm [I]
RewriteRule .* @.* /security-violation.htm [I]
RewriteRule .*@%20.* /security-violation.htm [I]
RewriteRule .*@ .* /security-violation.htm [I]
RewriteRule .*';* /security-violation.htm [I]
RewriteRule .*EXEC\(@.* /security-violation.htm [I]
RewriteRule .*sp_password.* /security-violation.htm [I]
RewriteRule /security-violation.htm /security.cfm[I,L]

In mod_rewrite

RewriteRule .*DECLARE.* /security-violation.htm [NC]
RewriteRule .*NVARCHAR.* /security-violation.htm [NC]
RewriteRule .*INSERT .* /security-violation.htm [NC]
RewriteRule .*INSERT %20.* /security-violation.htm [NC]
RewriteRule .* xp_.* /security-violation.htm [NC]
RewriteRule .*%20xp_.* /security-violation.htm [NC]
RewriteRule .*%20@.* /security-violation.htm [NC]
RewriteRule .* @.* /security-violation.htm [NC]
RewriteRule .*@%20.* /security-violation.htm [NC]
RewriteRule .*@ .* /security-violation.htm [NC]
RewriteRule .*';* /security-violation.htm [NC]
RewriteRule .*EXEC\(@.* /security-violation.htm [NC]
RewriteRule .*sp_password.* /security-violation.htm [NC]
RewriteRule /security-violation.htm /security.cfm[NC,L]

Add security.cfm in your webroot: