server Archives - MAD Blog

IOT Push Button (Like Amazon Dash)

Amazon Dash button is an incredible piece of hardware and another example of “applied engineering” in Amazon, just like Kindle.

The inspiration for this project isn’t directly derived from amazon dash, I wasn’t aware of it until I started digging the internet but at end, I had to set the performance goal to Amazon dash, because no other piece of hardware was up to mark. A detailed teardown of dash button can be found here.

So, Since “decades” I wanted to build some piece of hardware which I could dynamically program for any functionality like playing next youtube video, unlocking door, rebooting a machine, minimizing all open tabs or whatever with a push of a button. The button should be portable and independent of device for operation.

To meet my requirements I had to remove BLE or any other radio-based technology which needed a receiver or additional unit to operate. ESP-12F is power intensive and somewhat large if compared to esp-01. The end prototype looked like this and worked as expected.

Below is list of components I used.

1x LiPo Battery – 150mAh
1x ESP8266-01
1x 1k Register
1x Tactile Switch Button

You might require a soldering iron with fine tip, basic desoldering skills, access to 3d printer, FTDI board or similar setup.

The schematics of setup would look like below:

The functioning would be like – We turn on ESP using push button, but it would take time to log in to wifi, authenticate – so we need to keep it on for pretty long time – which could be done by using programming output pins, As soon as ESP turn on GPIO2 can be set to HIGH, Once operation is finished it can be set to low. Few challenges which I found on way (with fixes):

Power is very limited – So we need to remove LED’s from the esp, this would save a lot of power and would increase battery life by almost a fold!
You should use diode and transistor to limit current, since I am not an electronic nerd I would not comment on it.
You should set a timeout period, in case you are writing custom logic else battery will drain and you will never come to know why!

After soldering – You have to upload following code which need to be tweaked according to need, but it has basic logic code –

The code can set in hotspot mode if couldn’t connect to wifi and if could connect it would make a connection to mqtt server and make an announcement then shutdown.

#define DEVICE_ID         "YOUR_USERNAME"
#define DEVICE_NAME       "iot-" DEVICE_ID
#define WIFI_SSID         "mad-" DEVICE_ID
#define WIFI_PASSWORD     DEVICE_ID
#define MQTT_SERVER       "YOUR_SERVER"
#define MQTT_USERNAME     DEVICE_ID
#define MQTT_PASSWORD     "YOUR_PASSWORD"
#define MQTT_SEND_CHANNEL "pushbutton"
#define MQTT_RECV_CHANNEL DEVICE_NAME




#define BUTTON_MODE 1
#define USE_SSL 1
#define GPIO2 2
#define BUTTON_TIMEOUT 30000


#include <ESP8266WiFi.h>
#include <WiFiClient.h>
#include <ESP8266WebServer.h>
#include <ESP8266mDNS.h>
#include <PubSubClient.h>
#include <DNSServer.h>
#include <WiFiManager.h>
#include <ArduinoJson.h>
#include <stdarg.h>


#if USE_SSL
#   include <WiFiClientSecure.h>
//    WiFiClientSecure client;
#   define PORT 443
#else
// WiFiClient client;
#   define PORT 80
#endif


void reconnect();
void sendMessage(String action, String data, char* num = "", ...);
char* stringToChar(String str);

WiFiClient espClient;
PubSubClient client(espClient);
WiFiManager wifiManager;


long lastMsg = 0;
char msg[50];
int value = 0;
String DEVICE_FEATURES = "";

void setup() {

  DEVICE_FEATURES += "pushbutton;";
  pinMode(GPIO2, OUTPUT);
  digitalWrite(GPIO2, HIGH);


  //Serial.begin(9600);

  //  wifiManager.resetSettings();
  if (!wifiManager.autoConnect(WIFI_SSID, WIFI_PASSWORD)) {
    //Serial.println("failed to connect, we should reset as see if it connects");
    delay(1000);
    ESP.reset();
    delay(1000);
  }
  client.setServer(MQTT_SERVER, 1883);

}
void loop() {

  //if button mode, & time since start is greater than TIMEOUT close the time.
  if (millis() > BUTTON_TIMEOUT)
    digitalWrite(GPIO2, LOW);
  //if MQTT Client not connect connect it back.
  if (!client.connected())
    reconnect();
  client.loop();

}



/**
   Send message to server
   example: sendMessage("hello", DEVICE_NAME,"ksks","mac",getMacAddress(),"localIP",WiFi.localIP().toString());
   k for key
   d : double, f : float, s : string, l : long,
   No char type
*/
void sendMessage(String action, String data, char *types, ...) {
  StaticJsonBuffer<200> jsonBuffer;
  JsonObject& root = jsonBuffer.createObject();
  root["action"] = action;
  root["data"] = data;

  //find length
  int count = 0;
  while (types[count++] != '\0');
  --count;

  //if not even args
  if (count % 2 != 0)
    return;

  //for argument parsing.
  va_list arguments;
  va_start ( arguments, types );

  String key;

  //even length validated already
  for (int i = 0; types[i] != '\0'; i += 2) {
    //this is intentionally done, default key as type k can be used, but developer might mistake, causing lot of debugging
    if (types[i] != 'k')
      continue;
    key =  va_arg ( arguments, char *  );

    switch (types[i + 1])
    {
      case 'd': root[key] = (va_arg(arguments, int));
        break;
      case 'l': root[key] = (va_arg(arguments, long));
        break;
      case 'f': root[key] = (va_arg(arguments, double));
        break;
      case 's': root[key] = (va_arg(arguments, char *));
        break;
      default:  ;
    };
  }

  va_end ( arguments );                  // Cleans up the list

  char tmp[root.measureLength() + 2];
  root.printTo(tmp, sizeof(tmp));
  client.publish(MQTT_SEND_CHANNEL, tmp);
}



void reconnect() {
  // Loop until we're reconnected
  while (!client.connected()) {
    //Serial.print("Attempting MQTT connection...");
    // Attempt to connect
    if (client.connect(DEVICE_NAME, MQTT_USERNAME, MQTT_PASSWORD)) {
      //Serial.println("connected");
      // Once connected, publish an announcement...
      sendMessage("hello", DEVICE_NAME, "ksks", "features", (DEVICE_FEATURES).c_str() , "localIP", (WiFi.localIP().toString().c_str()));
      digitalWrite(GPIO2, LOW);
    } else {
      //Serial.print("failed, rc=");
      //Serial.print(client.state());
      //Serial.println(" try again in 5 seconds");
      // Wait 5 seconds before retrying
      delay(2000);
    }
  }
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

#define DEVICE_ID "YOUR_USERNAME"

#define DEVICE_NAME "iot-" DEVICE_ID

#define WIFI_SSID "mad-" DEVICE_ID

#define WIFI_PASSWORD DEVICE_ID

#define MQTT_SERVER "YOUR_SERVER"

#define MQTT_USERNAME DEVICE_ID

#define MQTT_PASSWORD "YOUR_PASSWORD"

#define MQTT_SEND_CHANNEL "pushbutton"

#define MQTT_RECV_CHANNEL DEVICE_NAME

#define BUTTON_MODE 1

#define USE_SSL 1

#define GPIO2 2

#define BUTTON_TIMEOUT 30000

#include <ESP8266WiFi.h>

#include <WiFiClient.h>

#include <ESP8266WebServer.h>

#include <ESP8266mDNS.h>

#include <PubSubClient.h>

#include <DNSServer.h>

#include <WiFiManager.h>

#include <ArduinoJson.h>

#include <stdarg.h>

#if USE_SSL

# include <WiFiClientSecure.h>

// WiFiClientSecure client;

# define PORT 443

#else

// WiFiClient client;

# define PORT 80

#endif

void reconnect();

void sendMessage(String action, String data, char* num = "", ...);

char* stringToChar(String str);

WiFiClient espClient;

PubSubClient client(espClient);

WiFiManager wifiManager;

long lastMsg = 0;

char msg[50];

int value = 0;

String DEVICE_FEATURES = "";

void setup() {

DEVICE_FEATURES += "pushbutton;";

pinMode(GPIO2, OUTPUT);

digitalWrite(GPIO2, HIGH);

//Serial.begin(9600);

// wifiManager.resetSettings();

if (!wifiManager.autoConnect(WIFI_SSID, WIFI_PASSWORD)) {

//Serial.println("failed to connect, we should reset as see if it connects");

delay(1000);

ESP.reset();

delay(1000);

}

client.setServer(MQTT_SERVER, 1883);

}

void loop() {

//if button mode, & time since start is greater than TIMEOUT close the time.

if (millis() > BUTTON_TIMEOUT)

digitalWrite(GPIO2, LOW);

//if MQTT Client not connect connect it back.

if (!client.connected())

reconnect();

client.loop();

}

/**

Send message to server

example: sendMessage("hello", DEVICE_NAME,"ksks","mac",getMacAddress(),"localIP",WiFi.localIP().toString());

k for key

d : double, f : float, s : string, l : long,

No char type

void sendMessage(String action, String data, char *types, ...) {

StaticJsonBuffer<200> jsonBuffer;

JsonObject& root = jsonBuffer.createObject();

root["action"] = action;

root["data"] = data;

//find length

int count = 0;

while (types[count++] != '\0');

--count;

//if not even args

if (count % 2 != 0)

return;

//for argument parsing.

va_list arguments;

va_start ( arguments, types );

String key;

//even length validated already

for (int i = 0; types[i] != '\0'; i += 2) {

//this is intentionally done, default key as type k can be used, but developer might mistake, causing lot of debugging

if (types[i] != 'k')

continue;

key = va_arg ( arguments, char * );

switch (types[i + 1])

{

case 'd': root[key] = (va_arg(arguments, int));

break;

case 'l': root[key] = (va_arg(arguments, long));

break;

case 'f': root[key] = (va_arg(arguments, double));

break;

case 's': root[key] = (va_arg(arguments, char *));

break;

default: ;

};

}

va_end ( arguments ); // Cleans up the list

char tmp[root.measureLength() + 2];

root.printTo(tmp, sizeof(tmp));

client.publish(MQTT_SEND_CHANNEL, tmp);

}

void reconnect() {

// Loop until we're reconnected

while (!client.connected()) {

//Serial.print("Attempting MQTT connection...");

// Attempt to connect

if (client.connect(DEVICE_NAME, MQTT_USERNAME, MQTT_PASSWORD)) {

//Serial.println("connected");

// Once connected, publish an announcement...

sendMessage("hello", DEVICE_NAME, "ksks", "features", (DEVICE_FEATURES).c_str() , "localIP", (WiFi.localIP().toString().c_str()));

digitalWrite(GPIO2, LOW);

} else {

//Serial.print("failed, rc=");

//Serial.print(client.state());

//Serial.println(" try again in 5 seconds");

// Wait 5 seconds before retrying

delay(2000);

}

I hope you enjoyed the article, it wasn’t a detailed writeup and I dropped many details – but if you have any questions you can comment or drop mail – I will surely help.

Adding a display over network !

You are doomed if your laptop has only one HDMI Port & you are running Linux in that box.

Unlike windows – where there are tons of easy to run solution, & there are still tons of solutions if you have big numbers in your pocket.

Certainly – I neither wish to spend money on external VGA/HDMI extender or docking station nor to change OS. So after googling a lot I discovered a solution which utilized a different machine to act as the streaming client. You can use RPI or an old p4 machine.

Below is how it works.

Adds a virtual display on your machine, usually all graphics card support at least one virtual display. You do all this using xrandr
Create a VNC Server to stream that display – but since you cannot each time run two commands just to connect display – we are running VNCViewer in listen mode
Connect to vnc viewer & keep running it in the background.

You Laptop —[Display Data]—> Network —-> VNCViewer

As suggested above you data is being streamed over the network – you cannot run 4k data. But if you have good Lan speed you won’t face any problem.

I have also optimized settings for best experience – so far I can use terminal, watch videos – the only drawback is you feel the lag when you use keyboard or mouse for realtime feedback.

In Client Machine, i.e. your laptop.

You will need to install x11vnc & screen

#!/bin/bash
#Run VNC server in remote device. 10.0.0.2 is my machine which has monitor connected.
ssh  root@10.0.0.2 "nohup /root/vncserver.sh > /dev/null 2>&1 &"
xrandr --addmode VIRTUAL1 1920x1080
xrandr --output VIRTUAL1 --mode 1920x1080 --right-of eDP1 # find your main display
screen -X -S vnc quit
killall x11vnc
# adjust postion 1920x1080+3511+180, i.e. 3511+180 accordingly
# i have different resultion display so had to move.
screen -dmS vnc  x11vnc -connect 10.0.0.2:5500  -display :0 -clip 1920x1080+3511+180 -wirecopyrect  -viewonly --nossl -ncache 10 -ncache_cr

#!/bin/bash

#Run VNC server in remote device. 10.0.0.2 is my machine which has monitor connected.

ssh root@10.0.0.2 "nohup /root/vncserver.sh > /dev/null 2>&1 &"

xrandr --addmode VIRTUAL1 1920x1080

xrandr --output VIRTUAL1 --mode 1920x1080 --right-of eDP1 # find your main display

screen -X -S vnc quit

killall x11vnc

# adjust postion 1920x1080+3511+180, i.e. 3511+180 accordingly

# i have different resultion display so had to move.

screen -dmS vnc x11vnc -connect 10.0.0.2:5500 -display :0 -clip 1920x1080+3511+180 -wirecopyrect -viewonly --nossl -ncache 10 -ncache_cr

In server Machine (LAN address 10.0.0.2)

if [[ $(ps -ef | grep -c vncviewer)  -ne 1 ]];
then
    echo "Running"
else
   export DISPLAY=:0.0;
    vncviewer -listen 0 -fullscreen -owncmap -viewonly;
fi

if [[ $(ps -ef | grep -c vncviewer) -ne 1 ]];

then

echo "Running"

else

export DISPLAY=:0.0;

vncviewer -listen 0 -fullscreen -owncmap -viewonly;

You will need to install VNC Viewer in client side.

Kindle Universal Dashboard

Kindle is Super awesome !

Because of its e-ink display. I wanted a display to present data which has – Least power consumption, Not painful to eyes & obviously one which doesn’t emit blue light.
E-Ink displays fit perfectly to my requirement – acquiring a display which can be driven using Raspberry Pi or Arduino is hard, size/cost ratio is much higher.

On googling I found some display modules which were more or near to 70-80$ – even smaller display – which impulsed me to get a Kindle Touch (8th Generation) at around 74$ approx.

Kindle comes with an experimental browser but it is narrowed version of WebKit, which is pretty useful if you want to display static content or just want to make a control panel, it can easily render normal websites which use js/CSS & works pretty well. But support for HTML5 is almost absent – so you can’t use WebSockets to push data, using long polling/fast polling is only solutions so far.

Moreover, there was another problem which I had to fix – Kindle has fixed timeout which sends it to sleep mode – for mine it was 10min, after digging I found you can use ~ds or similar but for me, nothing worked.

We can only hope that support to remove timeout or change timeout period will be added in future releases. I think old kindle supports.

If you can’t change timeout or you want to use few other features I suggest you to jailbreak. Follow steps mentioned here http://www.mobileread.com/forums/showthread.php?t=275877 , Don’t jump, It works for kindle touch 8th generation. Tried, tested, working ! For KT3 you will need to install MRPI along with KUAL. Once done your kindle is officially out of warranty 😀 . Post that you need to install USBNet – it will allow you to ssh to your kindle. All this will allow you to execute “lipc-set-prop com.lab126.powerd preventScreenSaver 1″ this on the kindle. It will simply disable screensaver. 🙂

Once you have your kindle whose screen doesn’t lock you can simply go & execute a simple nodejs script to push data.

Note : Kindle doesn’t support WebSocket & none of transport methods in socket.io except “polling”.

Below is nodejs server code :

var http = require('http'),
	fs = require('fs');
	//sanitize = require('validator').sanitize;
	
var app = http.createServer(function (request, response) {
	fs.readFile("client.html", 'utf-8', function (error, data) {
		response.writeHead(200, {'Content-Type': 'text/html'});
		response.write(data);
		response.end();
	});
}).listen(1337);

var io = require('socket.io')({
    "polling duration": 60,
    'log level' :1
}).listen(app);

io.set('transports', [ 'polling']);

io.sockets.on('connection', function(socket) { 
	socket.on('message_to_server', function(data) { 
		var escaped_message = (data["message"]);
		io.sockets.emit("message_to_client",{ message: escaped_message }); 
	});
});

var http = require('http'),

fs = require('fs');

//sanitize = require('validator').sanitize;

var app = http.createServer(function (request, response) {

fs.readFile("client.html", 'utf-8', function (error, data) {

response.writeHead(200, {'Content-Type': 'text/html'});

response.write(data);

response.end();

});

}).listen(1337);

var io = require('socket.io')({

"polling duration": 60,

'log level' :1

}).listen(app);

io.set('transports', [ 'polling']);

io.sockets.on('connection', function(socket) {

socket.on('message_to_server', function(data) {

var escaped_message = (data["message"]);

io.sockets.emit("message_to_client",{ message: escaped_message });

});

Below is code of client.html

<!DOCTYPE html>
<html>
	<head>
		<script src="/socket.io/socket.io.js"></script>
		<script type="text/javascript">
			var socketio = io.connect();

			socketio.on("message_to_client", function(data) {
				document.getElementById("chatlog").innerHTML = ("<hr/>" + data['message'] + document.getElementById("chatlog").innerHTML);
			});

			function sendMessage() {
				var msg = document.getElementById("message_input").value;
				socketio.emit("message_to_server", { message : msg});
			}
		</script>
	</head>
	<body>
		<input type="text" id="message_input"/>
		<button onclick="sendMessage()">send</button>
		<div id="chatlog"></div>
	</body>
</html>

<!DOCTYPE html>

<html>

<head>

var socketio = io.connect();

socketio.on("message_to_client", function(data) {

document.getElementById("chatlog").innerHTML = ("<hr/>" + data['message'] + document.getElementById("chatlog").innerHTML);

});

function sendMessage() {

var msg = document.getElementById("message_input").value;

socketio.emit("message_to_server", { message : msg});

}

</script>

</head>

<body>

</body>

</html>

Voila – It works !

Below is video of working in case you want to see demo before getting hands dirty 🙂

Warning & Update : This method might consume more power than expected, as experimental browser has loading status – which continuously refreshes a section of the screen. To overcome this problem I will be polling server with long interval difference – which will be adjustable by the server.

Note for nerds : Since this method uses browser – it’s more flexible – but if you are possessive about power consumption & screen space – You can use JAVA to develop kindlet application. Lightweight pub/sub protocols like MQTT should help you in the way.

Designing a wall holder : You can google for covers or design own or use some double sided foam tape. Since i had access to 3d printer i got two of http://www.thingiverse.com/thing:832273 printed & hung it on the wall – it just helped me in reading few books apart from using it only as display. SWAP!

Use it as :

Scoreboard
Notification
Weather system
Wallpaper slideshow
News/RSS feeds display
Home automation control
Anything
Book reader 🙂

At the end, even if you place it behind your monitor it won’t hurt or push the new data to your eyes & spoil the code castle you were building.

Custom Nginx with PageSpeed

Pulling nginx from source, customizing & auto updating across servers is a pain, We use pagespeed & custom header modules across all our servers, it autominifies resources & increases page performance without giving pain.

Below is script we use :

Continue reading Custom Nginx with PageSpeed

Offline Wikipedia with Elasticsearch and MediaWiki

Wikipedia is Awesome ! It’s open, its free – Yea. & its huge in size, millions of articles but as developer how to exploit the free knowledge.

I started digging internet just to find ways to exploit my fresh 9+ GB of XML Gzipped archive which seemed to me of no use as even a simple text editor can’t open it. (Just out of excitement what’s inside, how its structured, Schema ! )

Luckily people have already imported it. Elasticsearch is fast, reliable & its good for searching, so https://github.com/andrewvc/wikiparse was a saver.

Installed elastic search
Ran command to import

it took almost 48 hour in an i5, with 8gb ram – where mistake was i used same harddisk for data storage & database. Time might vary.

Data was imported but its still of no use ! Why ? Its in text/wiki format, parses is needed.

After doing search only solution i found was using mediawiki api, which is in PHP there were lots of things missing as its only for mediawiki but not for parsing plain text. (Though i didn’t spend much time in learning internal API)

I quickly downloaded mediawiki, ran nginx with php, installed it & used API.php.
it was good to see my offline API too, but still many things were missing, confusing, API has hard to modify structure. So i created a parse.php

<?PHP
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');  
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key');

function fixLink ($this, $nt, $section, $tooltip, &$result)  {
		$linkName = "editSection-$section"; // the span around the link
		$anchorName = "editSectionAnchor-$section"; // the actual link anchor, generated in Linker::makeHeadline
		$chromeName = "editSectionChrome-$section"; // the chrome that surrounds the anchor	
		$result = preg_replace('/(\D+)( title=)(\D+)/', '${1} class=\'editSectionLinkInactive\' id=\'' . $anchorName . '\' onmouseover="editSectionHighlightOn(' . $section . ')" onmouseout="editSectionHighlightOff(' . $section . ')" title=$3', $result);
		$result = preg_replace('/<\/span>/', '<span class="editSectionChromeInactive" id=\'' . $chromeName . '\'>&#8690;</span></span>', $result);
		// while resourceloader loads this extension's css pretty late, it's still
		// overriden by skins/common/shared.css.  to get around that, insert an explicit style here.
		// i'd welcome a better way to do this.
		$result ='';
		return true;
	}


require(dirname(__FILE__) . '/includes/WebStart.php');

$wgHooks['DoEditSectionLink'][] = 'fixLink';

//include("api.php");

$output = $wgParser->parse(
    $_POST['text'],
    Title::newFromText('Some page title'),
    new ParserOptions());
   
echo json_encode(array('html'=>$output->getText()));

<?PHP

header('Access-Control-Allow-Origin: *');

header('Access-Control-Allow-Methods: GET, POST');

header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Key');

function fixLink ($this, $nt, $section, $tooltip, &$result) {

$linkName = "editSection-$section"; // the span around the link

$anchorName = "editSectionAnchor-$section"; // the actual link anchor, generated in Linker::makeHeadline

$chromeName = "editSectionChrome-$section"; // the chrome that surrounds the anchor

$result = preg_replace('/(\D+)( title=)(\D+)/', '${1} class=\'editSectionLinkInactive\' id=\'' . $anchorName . '\' onmouseover="editSectionHighlightOn(' . $section . ')" onmouseout="editSectionHighlightOff(' . $section . ')" title=$3', $result);

$result = preg_replace('/<\/span>/', '<span class="editSectionChromeInactive" id=\'' . $chromeName . '\'>⇲</span></span>', $result);

// while resourceloader loads this extension's css pretty late, it's still

// overriden by skins/common/shared.css. to get around that, insert an explicit style here.

// i'd welcome a better way to do this.

$result ='';

return true;

}

require(dirname(__FILE__) . '/includes/WebStart.php');

$wgHooks['DoEditSectionLink'][] = 'fixLink';

//include("api.php");

$output = $wgParser->parse(

$_POST['text'],

Title::newFromText('Some page title'),

new ParserOptions());

echo json_encode(array('html'=>$output->getText()));

So all steps were :

Install elasticsearch – https://www.elastic.co/
Download Wikipedia – https://en.wikipedia.org/wiki/Wikipedia:Database_download, https://dumps.wikimedia.org/enwiki/latest/
Import it using existing method – https://github.com/andrewvc/wikiparse
Parse Using WikiMedia API – https://github.com/wikimedia/mediawiki

Email Spoofing – Why its dead !

There was a time, when mail spoofing was an art, was a thing to impress people, was a way to phish attack someone.
With increasing intelligence in spam filters – it became harder, you need good IP reputation to deliver mail to box.
But now it has become almost impossible to spoof address like [email protected] . Why ? Have computer turned intelligent ? No.

The problem of spam protection isn’t new to market. So people came up with DNS based solutions which can allow sender to list IP addresses authorized to send mails.
“Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail” – You can read rfc at https://www.ietf.org/rfc/rfc4408.txt (if you want to dig).

The standard was good, Not good it was best! It block all ways to prank people, but mails were still being delivered, because Network administrator weren’t smart enough to add all server. So as workaround big providers ran algorithms on top to make sure genuine mails which are failing spf are not delivered to spam.

This is all good – but for hardcore phishers it became little hard, people do check mails regularly & getting into network is just distributing malware.
Attacker can perform MITM alter content of mail while its being delivered.

There wasn’t any check.

Solution was DKIM – DomainKeys Identified Mail (DKIM) Signatures , it allows all mail servers to sign messages & certain header fields using defined hashing algorithms & verification using public/private key. Public key is published as DNS record, but private key is kept private.

Acquiring private key is little hard. Its hardest thing. You need to regulate keys to make sure that no one cracks it – if you keep key size 2048 it will make mail delivery slow, if you keep it 512bit with present computing its easy to crack.

DKIM provides way to authorize only certain application to send mail, but there was still no way to get reports on how effective is measure, how many mails are being spoofed & what to do with spoofed mails.

Mails were being delivered even after DKIM failure.

People came with DMARC standard – again it was published using DNS TXT record – it helps in getting reports & also blocking mails. Check the rfc at https://datatracker.ietf.org/doc/rfc7489/

Certainly as every security system comes with an overhead, These standard make mail processing resource intensive. There are many ways to reduce processing cost keeping security upto-date.

There were many spamming attacks originating on behalf of our site, post implementation of DMARC using DMARC Plus, they almost reduced 80% after few months.

One thing to note – if you make a single mistake in any of DNS record you can miss all your mails – So its better to take advice from someone who knows Standard well & can help you in deploying. Make sure you go Slow…

Website Optimization – Cache Cache Cache !

You must have heard about cache in web (caches are everywhere in computer science), most times you find it really buggy when changes aren’t reflected as soon as you make them.
For sites with small traffic these things are buggy – but they contribute a major in server traffic when you have a million hits even a thousand.

From server to browser what what we can cache ? & why to cache ?

Enabling code caching – if you are running nodejs server etc things are in your favour because process is running & its already using existing variables still you should make sure that you don’t fetch/store too much data – you should implement cache in your code AND if you are using php or similar scripting language – let me tell you things are really slow – each time you make a request if apache – php thread is spawned, nginx a new thread along with socket is created – PHP code is compiled to opcode & then executed, That’s a lot – You can use opcaches or APC for optimizing php script. Alternatives may follow other languages.
Caching static content – Since static content are not changing every other minute or day – most files are kept as it is for years!, you should tell your server that these contents are rarely changed – Check nginx cache config & Apache cache config
Setting cache expiry header – This one is definitely under you control doesn’t matter if you are in shared hosting or running own server. You should send cache expiry header with all static content. Basically cache expiry tells browser to keep the file for next n days – though it is not strict , browsers send head request to see if file is changed or not.
Offline Storage/WebSQL/Offline Application – Yes, You read it right – You can use offline storage to cache insensitive data on users browser only – this will reduce load on server & data transferred – you can even cache js & css.
CDN – Content delivery networks can also help you a lot in caching – since libraries like jquery, bootstrap etc are so common today if you use CDN your page might not need to load JS & CSS, This is because that file might already exists in browser cache when some other website requested it. You should Thank to other guy – someday other guy will thank you.

Website Optimization – Minfiying Output using PHP

Minification is technique used in which we remove all unnecessary Whitespaces Which include tab, space, newline, carriage return etc. This is done just to reduce data transfer.
Since not everyone is serving a million hits a seconds – minifying html doesn’t help much, Instead enabling GZIP compression is a better technique.

Apart from this – minifying css & js help in reducing number of requests – this reduces number of http connection created to serve a client hence reducing load on server.

These advantages are only a small part of web optimization process but still it is adopted widely – Why ? – Show off !, Make code unreadable, looks cool!.
Though server level optimizations ( like – GZIP, Cache proxy for static content, Apache vs Nginx, CDN, Server location, Number of DNS lookup, Serving content based on user device etc.) work better than just compressing code & uploading.
As an example – there is latency of 400+ ms from India to NY, while 100+ ms for Singapore from India – if we have 10 request per page using singapore server will save 3sec!.

I think i am diverging from main 0bj3ct!v3 of this article. Coming back to minification everyone wants their code to look cool. So recently i’ve been working on college fest site & had idea to minify the code. Did google search & finally came up with following code !

Just including the below code makes the html one-liner & cool.
This is just an application of output buffer, you can do really cool things by handling output buffer.

You can read more about ob_start here, its really interesting.

Note: This code has methods to minify css & js – They are just for reference. I suggest using Grunt with cleancss & uglifyjs, or either. Also you should not use this technique in sites with heavy traffic – it will increase load on server, reduce response time.

<?PHP

//buffer & process all the output using minify_html.
ob_start("minify_html");

function minify_html($input) {
    if(trim($input) === "") return $input;
    // Remove extra white-space(s) between HTML attribute(s)
    $input = preg_replace_callback('#<([^\/\s<>!]+)(?:\s+([^<>]*?)\s*|\s*)(\/?)>#s', function($matches) {
        return '<' . $matches[1] . preg_replace('#([^\s=]+)(\=([\'"]?)(.*?)\3)?(\s+|$)#s', ' $1$2', $matches[2]) . $matches[3] . '>';
    }, str_replace("\r", "", $input));
    
    // Minify inline CSS declaration(s)    
    if(strpos($input, ' style=') !== false) {
        $input = preg_replace_callback('#<([^<]+?)\s+style=([\'"])(.*?)\2(?=[\/\s>])#s', function($matches) {
            return '<' . $matches[1] . ' style=' . $matches[2] . minify_css($matches[3]) . $matches[2];
        }, $input);
    }
    return preg_replace(
        array(
            // t = text
            // o = tag open
            // c = tag close
            // Keep important white-space(s) after self-closing HTML tag(s)
            '#<(img|input)(>| .*?>)#s',
            // Remove a line break and two or more white-space(s) between tag(s)
            '#(<!--.*?-->)|(>)(?:\n*|\s{2,})(<)|^\s*|\s*$#s',
            '#(<!--.*?-->)|(?<!\>)\s+(<\/.*?>)|(<[^\/]*?>)\s+(?!\<)#s', // t+c || o+t
            '#(<!--.*?-->)|(<[^\/]*?>)\s+(<[^\/]*?>)|(<\/.*?>)\s+(<\/.*?>)#s', // o+o || c+c
            '#(<!--.*?-->)|(<\/.*?>)\s+(\s)(?!\<)|(?<!\>)\s+(\s)(<[^\/]*?\/?>)|(<[^\/]*?\/?>)\s+(\s)(?!\<)#s', // c+t || t+o || o+t -- separated by long white-space(s)
            '#(<!--.*?-->)|(<[^\/]*?>)\s+(<\/.*?>)#s', // empty tag
            '#<(img|input)(>| .*?>)<\/\1>#s', // reset previous fix
            '#(&nbsp;)&nbsp;(?![<\s])#', // clean up ...
            '#(?<=\>)(&nbsp;)(?=\<)#', // --ibid
            // Remove HTML comment(s) except IE comment(s)
            '#\s*<!--(?!\[if\s).*?-->\s*|(?<!\>)\n+(?=\<[^!])#s'
        ),
        array(
            '<$1$2</$1>',
            '$1$2$3',
            '$1$2$3',
            '$1$2$3$4$5',
            '$1$2$3$4$5$6$7',
            '$1$2$3',
            '<$1$2',
            '$1 ',
            '$1',
            ""
        ),
    $input);
}
// CSS Minifier => http://ideone.com/Q5USEF + improvement(s)
function minify_css($input) {
    if(trim($input) === "") return $input;
    return preg_replace(
        array(
            // Remove comment(s)
            '#("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\')|\/\*(?!\!)(?>.*?\*\/)|^\s*|\s*$#s',
            // Remove unused white-space(s)
            '#("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\'|\/\*(?>.*?\*\/))|\s*+;\s*+(})\s*+|\s*+([*$~^|]?+=|[{};,>~+]|\s*+-(?![0-9\.])|!important\b)\s*+|([[(:])\s++|\s++([])])|\s++(:)\s*+(?!(?>[^{}"\']++|"(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\')*+{)|^\s++|\s++\z|(\s)\s+#si',
            // Replace `0(cm|em|ex|in|mm|pc|pt|px|vh|vw|%)` with `0`
            '#(?<=[\s:])(0)(cm|em|ex|in|mm|pc|pt|px|vh|vw|%)#si',
            // Replace `:0 0 0 0` with `:0`
            '#:(0\s+0|0\s+0\s+0\s+0)(?=[;\}]|\!important)#i',
            // Replace `background-position:0` with `background-position:0 0`
            '#(background-position):0(?=[;\}])#si',
            // Replace `0.6` with `.6`, but only when preceded by `:`, `,`, `-` or a white-space
            '#(?<=[\s:,\-])0+\.(\d+)#s',
            // Minify string value
            '#(\/\*(?>.*?\*\/))|(?<!content\:)([\'"])([a-z_][a-z0-9\-_]*?)\2(?=[\s\{\}\];,])#si',
            '#(\/\*(?>.*?\*\/))|(\burl\()([\'"])([^\s]+?)\3(\))#si',
            // Minify HEX color code
            '#(?<=[\s:,\-]\#)([a-f0-6]+)\1([a-f0-6]+)\2([a-f0-6]+)\3#i',
            // Replace `(border|outline):none` with `(border|outline):0`
            '#(?<=[\{;])(border|outline):none(?=[;\}\!])#',
            // Remove empty selector(s)
            '#(\/\*(?>.*?\*\/))|(^|[\{\}])(?:[^\s\{\}]+)\{\}#s'
        ),
        array(
            '$1',
            '$1$2$3$4$5$6$7',
            '$1',
            ':0',
            '$1:0 0',
            '.$1',
            '$1$3',
            '$1$2$4$5',
            '$1$2$3',
            '$1:0',
            '$1$2'
        ),
    $input);
}
// JavaScript Minifier
function minify_js($input) {
    if(trim($input) === "") return $input;
    return preg_replace(
        array(
            // Remove comment(s)
            '#\s*("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\')\s*|\s*\/\*(?!\!|@cc_on)(?>[\s\S]*?\*\/)\s*|\s*(?<![\:\=])\/\/.*(?=[\n\r]|$)|^\s*|\s*$#',
            // Remove white-space(s) outside the string and regex
            '#("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\'|\/\*(?>.*?\*\/)|\/(?!\/)[^\n\r]*?\/(?=[\s.,;]|[gimuy]|$))|\s*([!%&*\(\)\-=+\[\]\{\}|;:,.<>?\/])\s*#s',
            // Remove the last semicolon
            '#;+\}#',
            // Minify object attribute(s) except JSON attribute(s). From `{'foo':'bar'}` to `{foo:'bar'}`
            '#([\{,])([\'])(\d+|[a-z_][a-z0-9_]*)\2(?=\:)#i',
            // --ibid. From `foo['bar']` to `foo.bar`
            '#([a-z0-9_\)\]])\[([\'"])([a-z_][a-z0-9_]*)\2\]#i'
        ),
        array(
            '$1',
            '$1$2',
            '}',
            '$1$3',
            '$1.$3'
        ),
    $input);
}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

<?PHP

//buffer & process all the output using minify_html.

ob_start("minify_html");

function minify_html($input) {

if(trim($input) === "") return $input;

// Remove extra white-space(s) between HTML attribute(s)

$input = preg_replace_callback('#<([^\/\s<>!]+)(?:\s+([^<>]*?)\s*|\s*)(\/?)>#s', function($matches) {

return '<' . $matches[1] . preg_replace('#([^\s=]+)(\=([\'"]?)(.*?)\3)?(\s+|$)#s', ' $1$2', $matches[2]) . $matches[3] . '>';

}, str_replace("\r", "", $input));

// Minify inline CSS declaration(s)

if(strpos($input, ' style=') !== false) {

$input = preg_replace_callback('#<([^<]+?)\s+style=([\'"])(.*?)\2(?=[\/\s>])#s', function($matches) {

return '<' . $matches[1] . ' style=' . $matches[2] . minify_css($matches[3]) . $matches[2];

}, $input);

}

return preg_replace(

array(

// t = text

// o = tag open

// c = tag close

// Keep important white-space(s) after self-closing HTML tag(s)

'#<(img|input)(>| .*?>)#s',

// Remove a line break and two or more white-space(s) between tag(s)

'#()|(>)(?:\n*|\s{2,})(<)|^\s*|\s*$#s',

'#()|(?<!\>)\s+(<\/.*?>)|(<[^\/]*?>)\s+(?!\<)#s', // t+c || o+t

'#()|(<[^\/]*?>)\s+(<[^\/]*?>)|(<\/.*?>)\s+(<\/.*?>)#s', // o+o || c+c

'#()|(<\/.*?>)\s+(\s)(?!\<)|(?<!\>)\s+(\s)(<[^\/]*?\/?>)|(<[^\/]*?\/?>)\s+(\s)(?!\<)#s', // c+t || t+o || o+t -- separated by long white-space(s)

'#()|(<[^\/]*?>)\s+(<\/.*?>)#s', // empty tag

'#<(img|input)(>| .*?>)<\/\1>#s', // reset previous fix

'#( ) (?![<\s])#', // clean up ...

'#(?<=\>)( )(?=\<)#', // --ibid

// Remove HTML comment(s) except IE comment(s)

'#\s*\s*|(?<!\>)\n+(?=\<[^!])#s'

array(

'<$1$2</$1>',

'$1$2$3',

'$1$2$3$4$5',

'$1$2$3$4$5$6$7',

'$1$2$3',

'<$1$2',

'$1 ',

'$1',

$input);

}

// CSS Minifier => http://ideone.com/Q5USEF + improvement(s)

function minify_css($input) {

if(trim($input) === "") return $input;

return preg_replace(

array(

// Remove comment(s)

'#("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\')|\/\*(?!\!)(?>.*?\*\/)|^\s*|\s*$#s',

// Remove unused white-space(s)

'#("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\'|\/\*(?>.*?\*\/))|\s*+;\s*+(})\s*+|\s*+([*$~^|]?+=|[{};,>~+]|\s*+-(?![0-9\.])|!important\b)\s*+|([[(:])\s++|\s++([])])|\s++(:)\s*+(?!(?>[^{}"\']++|"(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\')*+{)|^\s++|\s++\z|(\s)\s+#si',

// Replace `0(cm|em|ex|in|mm|pc|pt|px|vh|vw|%)` with `0`

'#(?<=[\s:])(0)(cm|em|ex|in|mm|pc|pt|px|vh|vw|%)#si',

// Replace `:0 0 0 0` with `:0`

'#:(0\s+0|0\s+0\s+0\s+0)(?=[;\}]|\!important)#i',

// Replace `background-position:0` with `background-position:0 0`

'#(background-position):0(?=[;\}])#si',

// Replace `0.6` with `.6`, but only when preceded by `:`, `,`, `-` or a white-space

'#(?<=[\s:,\-])0+\.(\d+)#s',

// Minify string value

'#(\/\*(?>.*?\*\/))|(?<!content\:)([\'"])([a-z_][a-z0-9\-_]*?)\2(?=[\s\{\}\];,])#si',

'#(\/\*(?>.*?\*\/))|(\burl$)([\'"])([^\s]+?)\3($)#si',

// Minify HEX color code

'#(?<=[\s:,\-]\#)([a-f0-6]+)\1([a-f0-6]+)\2([a-f0-6]+)\3#i',

// Replace `(border|outline):none` with `(border|outline):0`

'#(?<=[\{;])(border|outline):none(?=[;\}\!])#',

// Remove empty selector(s)

'#(\/\*(?>.*?\*\/))|(^|[\{\}])(?:[^\s\{\}]+)\{\}#s'

array(

'$1',

'$1$2$3$4$5$6$7',

'$1',

':0',

'$1:0 0',

'.$1',

'$1$3',

'$1$2$4$5',

'$1$2$3',

'$1:0',

'$1$2'

$input);

}

// JavaScript Minifier

function minify_js($input) {

if(trim($input) === "") return $input;

return preg_replace(

array(

// Remove comment(s)

'#\s*("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\')\s*|\s*\/\*(?!\!|@cc_on)(?>[\s\S]*?\*\/)\s*|\s*(?<![\:\=])\/\/.*(?=[\n\r]|$)|^\s*|\s*$#',

// Remove white-space(s) outside the string and regex

'#("(?:[^"\\\]++|\\\.)*+"|\'(?:[^\'\\\\]++|\\\.)*+\'|\/\*(?>.*?\*\/)|\/(?!\/)[^\n\r]*?\/(?=[\s.,;]|[gimuy]|$))|\s*([!%&*\-=+\[\]\{\}|;:,.<>?\/])\s*#s',

// Remove the last semicolon

'#;+\}#',

// Minify object attribute(s) except JSON attribute(s). From `{'foo':'bar'}` to `{foo:'bar'}`

'#([\{,])([\'])(\d+|[a-z_][a-z0-9_]*)\2(?=\:)#i',

// --ibid. From `foo['bar']` to `foo.bar`

'#([a-z0-9_\)\]])\[([\'"])([a-z_][a-z0-9_]*)\2\]#i'

array(

'$1',

'$1$2',

'}',

'$1$3',

'$1.$3'

$input);

}

Optimal way of scheduling long job – nodejs/js

If you are using nodejs for some backend stuff to schedule some-work, probably you will hate scheduling because of two factors

You can’t set long timeout
Timers are removed when process restart

You would probably favor cronjobs for scheduling – or may be polling database for regular interval. Loading nodejs script every 5min is a costly job – developers understand, so you can’t follow php/short interval scheduling.

First problem can be solved by of setting a recursive call to a function, with time out. Many solutions on web.
But there lies a problem – You can’t cancel the timeout if you needed to after a recursive call. To solve the recursive call problem i wrote few lines of code.

function setLongTimeout(callback, timeout_ms, updateTimerID) {
    //if timout is more than 32bit int
    var timer;
    if (timeout_ms > 2147483647) {
        //now wait until the max wait time passes then call this function again with
        timer = setTimeout(function () {
            var id = setLongTimeout(callback, (timeout_ms - 2147483647), updateTimerID);
            if (typeof updateTimerID ==='function')
                updateTimerID(id);
        }, 2147483647);
    } else {
        timer = setTimeout(callback, timeout_ms);
    }
    if (typeof updateTimerID ==='function')
        updateTimerID(timer);
    return timer;
}

function setLongTimeout(callback, timeout_ms, updateTimerID) {

//if timout is more than 32bit int

var timer;

if (timeout_ms > 2147483647) {

//now wait until the max wait time passes then call this function again with

timer = setTimeout(function () {

var id = setLongTimeout(callback, (timeout_ms - 2147483647), updateTimerID);

if (typeof updateTimerID ==='function')

updateTimerID(id);

}, 2147483647);

} else {

timer = setTimeout(callback, timeout_ms);

}

if (typeof updateTimerID ==='function')

updateTimerID(timer);

return timer;

}

Above code behaves same as setTimeout if you don’t need timer object updates, else you can register for that.

Second problem – Timers are removed when process are restarted. – That shouldn’t be hard – You can create a function to execute atomic functions,
Note atomic – atomic because if your setTimeout code will depend on variables state you will need to load those variables from database which will make job harder – better way is to schedule something like – send email to [email protected] instead of send message to currently loggedin users.

Solution of second problem really depends on your problem – but if you analyze your scheduled jobs closely you will find that they are really atomic, you made them non-atomic !.

if you really need that your jobs are never lost from memory better way is to run a stable nodeserver & use IPC. – but that would be practically hard to maintain.

Backup Server Configurations to Git

When you have multiple servers it pain to remember every configuration and it may take hours to configure servers again incase you need.
It is also impractical to copy each files.

There are few tools available but they come with overhead attached moreover its fun to write custom solutions 🙂

1. Create directory
2. cd into it.
3. Initialize git
4. Add a remote
5. Create branch specifically for that server
6. Check out branch
7. Add shell script
8. Make a commit and push to server.

mkdir backup
cd backup/  
git init
git remote add git@tikaj.com:tikaj/ConfigurationBackups.git
git branch $(hostname)
git checkout $(hostname)

#This file contains space delimited configuration file name and path relative to git.
touch ConfigurationFiles.list

vi backup.sh

mkdir backup

cd backup/

git init

git remote add git@tikaj.com:tikaj/ConfigurationBackups.git

git branch $(hostname)

git checkout $(hostname)

#This file contains space delimited configuration file name and path relative to git.

touch ConfigurationFiles.list

vi backup.sh

Content of backup.sh

#!/bin/bash
BASEDIR=$(dirname $0)

cd $BASEDIR

while read line; do 
 IFS=' ' read -a A <<< "$line"
 cp ${A[0]} $BASEDIR/${A[1]} 
done < ConfigurationFiles.list


#Add new files and commit changes
git add --all :/
git commit -m "Update configuration files."
git push origin  $(hostname)

#!/bin/bash

BASEDIR=$(dirname $0)

cd $BASEDIR

while read line; do

IFS=' ' read -a A <<< "$line"

cp ${A[0]} $BASEDIR/${A[1]}

done < ConfigurationFiles.list

#Add new files and commit changes

git add --all :/

git commit -m "Update configuration files."

git push origin $(hostname)

Then, Don’t forget to generate SSH key adding key to your git server.

git push -u origin  $(hostname)

1	git push -u origin $(hostname)

Now i can either setup a cron job or add command to daily backup script to update configuration files.
using

ssh mad@tikaj.com "bash /root/backup/backup.sh"

1	ssh mad@tikaj.com "bash /root/backup/backup.sh"

from remote.