Archive

Archive for the ‘Applications & Tools’ Category

Which Process Holds My File? Tools on Linux and Windows

May 28th, 2014 3 comments

Once in a while, I got into issues that my build failed because the IDE could not clean certain folder or file. The root cause was that they were opened by another application/process. If the application is known, just closed it and the build worked well. Some times I had no clue which application held the file. To find out quickly without guessing, right tools are needed.

On Linux, it’s quite easy with a command called lsof as follows:

Categories: Applications & Tools Tags: ,

Nginx: How to Fix Timeout Issues and More

March 2nd, 2014 5 comments

If you’ve followed my blog, you’ve read several articles on Nginx. This is the last article of the series, and also an interesting one. While troubleshooting a system I helped to build, I found a very challenging problem that I think is worthwhile to share. The system consists of a client and a server, between which is a Nginx server as reversed proxy. This is a typical setting for flexibility and control. Somehow, the client got disconnected pretty consistently but the back end work went through successfully. It’s really a false alarm but not good for a product.

Categories: Applications & Tools Tags: , ,

Authenticating Users in Nginx Using Both User Password and Client Certificates

February 5th, 2014 No comments

In some use cases, you want to protect different parts of a Web application with different approaches. For example, the admin related resources normally require stronger mechanism than the user related ones. The following I will show how to use Nginx with client side certificate for the resources under /admin namespace for admins, and user/name for normal users.

Generating Certificates and Keys

MultiSSH: Productivity Multiplier for Managing Multiple Servers like ESXi

January 28th, 2014 1 comment

As I develop software, I rarely need to manage several servers using SSH at same time. If I do, I just manually connect to each server and type same commands over and over. Of course, it takes much time for the repeated work. More importantly, it’s very hard to repeat the steps consistently across multiple servers especially when there are more than 4 servers.

Categories: Applications & Tools Tags:

Apache Thrift Hello World Sample

January 15th, 2014 No comments

Thrift is one of the RPC frameworks that are widely used nowadays. It’s originally developed at Facebook and then open sourced under Apache Foundataion. It’s supported by major programming or scripting languages like Java, C++, Python, Ruby, etc. The typical use case is for building distributed systems, mostly in house.

Categories: Applications & Tools Tags: ,

Tomcat Behind Proxy: How to Block Direct Access

January 14th, 2014 1 comment

As discussed in my last post, after installing and configuring Nginx as the reversed proxy server for Tomcat, it’s necessary to block remote access to the original port served by Tomcat. To achieve this, iptables should be a good solution. Simpler solution is to change one line in the Tomcat server configuration file so that Tomcat accepts only requests from local host.

With Tomcat 7 on Ubuntu, the configuration file is /var/lib/tomcat7/conf/server.xml. Just add address=”127.0.0.1″ into the related Connector section as follows:

Linux Firewall with iptables Command

January 12th, 2014 1 comment

After proxying a service with Nginx, it’s always a good idea to block the service from direct remote access. For example, you have a tomcat server running on port 8080, and you’ve configured Nginx to proxy requests from port 80 to port 8080. The port 8080 should then be blocked from any host except localhost.

To do this on Linux, one of the ways is to just install iptables. On Ubuntu, issue the following commands to install and add rules:

Nginx with PAM Authentication

January 7th, 2014 6 comments

As I introduced in last article, Nginx is a lightweight Web and reversed proxy server that is gaining momentum. If you have URLs to be accessed only by authenticated users, you can have many options. In this article, I just introduce a very easy way for the Nginx to leverage the PAM (Pluggable Authentication Module) for user authentication. We will use OS user for authentication (there are many more methods supported by PAM). If you have a valid user with the Linux on which Nginx runs, your request will pass through; otherwise, it would be blocked.

Categories: Applications & Tools Tags: , , ,

Configuring Nginx as Reversed Proxy Server for HTTPS

January 6th, 2014 No comments

Nginx (pronounced as ‘engine x’) is a light-weight HTTP/reverse proxy/mail proxy server written by Igor Sysoe. It is flexible, lightweight compared, and high-performant with Apache. The official nginx site is here. The beginner guide is a very good starting point. The following is based on my hands-on experience with Nginx. If you have similar requirement, you can copy over the scripts and configuration for your environment.

Installing and running Nginx

Categories: Applications & Tools Tags: , ,

Tools That Enhance PuTTY Experience

November 3rd, 2013 1 comment

PuTTY is a very popular tool on Windows for connecting to remote server using SSH. As I used it a lot recently, I tried several tools that enhance the user experience. You may be interested in them too.

Desert Color Theme to Better Highlight Information

My experience with PuTTY has been pretty good except that the default color scheme does not highlight key information well, for example, the dark blue color for directory names on black background makes it hard for my eyes.

Categories: Applications & Tools Tags: ,