If you run WordPress in your webroot, it grabs all of the URLs and if it doesn’t recognize one, it returns a 404. So, you need to add this to your .htaccess, BEFORE the WordPress rewrite section to get to your DreamHost statistics page:
# For DreamHost stats
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^/(stats|failed_auth\.html).*$ [NC]
RewriteRule . - [L]
</IfModule>
I made a strong step forward in securing my remote admin of our proxy server by changing SSH to only work with an authorized RSA key. I followed the directions in several HOWTOs, but kept getting a “Server refused our key” error. Fortunately, I found Andre Molnar’s useful page on How to set up SSH keys: Frustration with “Server refused our key”
I followed the directions at the bottom of the page, designated the private key file in both PuTTY and WinSCP and away we went. Make sure to set PasswordAuthentication to “no” in /etc/ssh/sshd_config. This will force the use of an authorized key, and prevents normal username/password logins.
Oh, the other key point is to set the auto-login username in PuTTY. If this is set, PuTTY will pass that username and the key. If it is not set, PuTTY will try to use a normal username/password login which we disabled by setting PasswordAuthentication to no.
I use an old laptop for our proxy server / porn filter. Most of the time it’s just sitting there, especially during the day when we’re all at work/school (with a vicious guard dog in the house, in case any wise guys read this…) and at night when we’re asleep. So, I decided to see if there is a command-line bittorent client that I could run in the background to both get Ubuntu disks from the torrent, and then be a good netizen and serve them up in the torrent.
Thanks to K. Mandala for his useful rtorrent HOWTO that got me going. I still spent several hours working on this to get it going, so I thought I’d record it here for future repetition.
I settled on rtorrent for the client and dtach to allow it to run in the background. Both are available through the Ubuntu repositories, but dtach (as of this writing) version 0.7, which has a bug that prevents it from running if it’s not in an open terminal window. So, I ended up getting dtach version 0.8.1 from the Debian testing repository. I used wget and dpkg to get the file on the server and then install it:
wget http://http.us.debian.org/debian/pool/main/d/dtach/dtach_0.8-1_i386.deb
dpkg --install dtach_0.8-1_i386.deb
I made a “torrents” directory in my ksteffensen user home directory and then made two subdirectories, “session” and “watch.”
mkdir ~/torrents
cd ~/torrents
mkdir session
mkdir watch
Then I made a .rtorrent.rc file in my home directory and tweaked the values from the sample to get to my configuration:
touch ~/.rtorrent.rc
vim ~/.rtorrent.rc
Here is what I ended up with:
# Maximum and minimum number of peers to connect to per torrent.
min_peers = 40
max_peers = 100
# Same as above but for seeding completed torrents (-1 = same as downloading)
min_peers_seed = 10
max_peers_seed = 50
# Maximum number of simultanious uploads per torrent.
max_uploads = 20
# Global upload and download rate in KiB. "0" for unlimited.
download_rate = 600
upload_rate = 200
# Default directory to save the downloaded torrents.
directory = ~/torrents/
# Default session directory. Make sure you don't run multiple instance
# of rtorrent using the same session directory. Perhaps using a
# relative path?
session = ~/torrents/session
# Watch a directory for new torrents, and stop those that have been
# deleted.
schedule = watch_directory,5,60,load_start=~/torrents/watch/*.torrent
schedule = untied_directory,5,60,stop_untied=~/torrents/watch/*.torrent
# Close torrents when diskspace is low.
schedule = low_diskspace,60,60,close_low_diskspace=1000M
# Stop torrents when reaching upload ratio in percent,
# when also reaching total upload in bytes, or when
# reaching final upload ratio in percent.
# example: stop at ratio 2.0 with at least 200 MB uploaded, or else ratio 20.0
#schedule = ratio,60,60,"stop_on_ratio=200,200M,2000"
# The ip address reported to the tracker.
ip = steffensenfamily.net
# The ip address the listening socket and outgoing connections is
# bound to.
bind = 192.168.1.200
# Port range to use for listening.
port_range = 6890-6999
# Start opening ports at a random position within the port range.
#port_random = no
# Check hash for finished torrents. Might be usefull until the bug is
# fixed that causes lack of diskspace not to be properly reported.
#check_hash = no
# Set whetever the client should try to connect to UDP trackers.
use_udp_trackers = yes
# Alternative calls to bind and ip that should handle dynamic ip's.
#schedule = ip_tick,0,1800,ip=rakshasa
#schedule = bind_tick,0,1800,bind=rakshasa
# Encryption options, set to none (default) or any combination of the following:
# allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext
#
# The example value allows incoming encrypted connections, starts unencrypted
# outgoing connections but retries with encryption if they fail, preferring
# plaintext to RC4 encryption after the encrypted handshake
#
encryption = allow_incoming,try_outgoing,enable_retry
# Enable DHT support for trackerless torrents or when all trackers are down.
# May be set to "disable" (completely disable DHT), "off" (do not start DHT),
# "auto" (start and stop DHT as needed), or "on" (start DHT immediately).
# The default is "off". For DHT to work, a session directory must be defined.
#
dht = auto
# UDP port to use for DHT.
#
dht_port = 6881
# Enable peer exchange (for torrents not marked private)
#
peer_exchange = no
Now, if I save a .torrent file to ~/torrents/watch, rtorrent will automatically add it to its active list and start downloading it within a minute.
Finally, I used my ksteffensen crontab to automatically start rtorrent in a detached session on every reboot. The one catch that took me a long time to troubleshoot was that dtach needs to think it’s in an xterm terminal, so you have to add TERM=xterm to the crontab entry.
crontab -e
Then paste this into the crontab editor. @reboot tells it to run at every boot.
# Start rtorrent in a detached session
@reboot TERM=xterm dtach -n ~/torrents/rtorrent rtorrent
The -n mode for dtach tells it to start in a detached session using ~/torrents/rtorrent as the socket. To open the rtorrent screen, you use dtach with the -a mode:
dtach -a ~/torrents/rtorrent
To detach the session again while leaving it running, all you do is hit ctrl and backslash, ctrl-\
Once I got it all working, I set up my edge router to port forward ports 6881-6999 (both TCP and UDP, since I set use_udp_trackers to “yes”) to the proxy server. This keeps the proxy behind the firewall, but opens the bittorrent ports to allow other peers to coordinate with the server.
Here is another good HOWTO that I found after the fact, and here are the man pages for rtorrent and dtach.
I used James Wilson’s Google Reader Widget to add my shared items to the side bar. It wasn’t painless, though. I had to hack it to use curl per the installation instructions, since DreamHost doesn’t allow file_get_contents. I also had to hack one line about the cache time to get it to take the input from the widget configuration box.
Adding my Twitter feed to the sidebar was painless using Aaron Campbell’s Twitter Widget Pro.
My Twitter Feed