Lev's personal webpage

Ukranians, WordPress and xmlrpc.php

On this sunny day of February 28, 2016, the year of our Lord, I woke up with a bunch of emails telling me MySQL db on this fine server has been going down a whole number of times.

SSH didn't work, until it did.  At which point I could not execute any command because OS could not fork anything due to the lack of free memory.

Once the top command managed to work I saw that everything was dominated by a big array of apache2 processes, which indicated some sort of DOS attack.

After a nice reboot (and a backup in between, of course!) I took a look at the logs and discovered a whole bunch of accesses like such:


185.93.185.249 - - [28/Feb/2016:21:40:49 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.247 - - [28/Feb/2016:21:41:10 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.249 - - [28/Feb/2016:21:41:35 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.247 - - [28/Feb/2016:21:42:22 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.253 - - [28/Feb/2016:21:42:30 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.253 - - [28/Feb/2016:21:42:36 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.253 - - [28/Feb/2016:21:42:52 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.254 - - [28/Feb/2016:21:42:55 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"
185.93.185.254 - - [28/Feb/2016:21:44:01 +0000] "POST /xmlrpc.php HTTP/1.1" 500 607 "-" "-"

As first order of business, I moved xmlrpc.php somewhere out of sight (who needs it anyway? I can post shit just fine!) then minimized the number of processes apache can spawn and added some golden rules to iptables:


# block ukranians
iptables -I INPUT -m iprange --src-range 185.93.185.1-185.93.185.254 -j DROP

And now you can read this!

Making PHP / WordPress send email using custom sendmail

Recently I have had the pleasure of migrating a WordPress website which resulted in a peculiar problem - sending email functionality on the new server no longer worked.  After some digging around I found out that PHP has this mail function which uses the sendmail program to actually send your email.

Well after messing around with real sendmail for a good while and still not really understanding how to configure it properly, I decided to write my own sendmail.py script that uses my gmail and its app password to send out an email to whoever PHP/Wordpress wants to send an email to on my behalf.

After script was done I had to tell php to use it via sendmail_path = path to sendmail.py line inside php.ini which was located /etc/php5/apache2/php.ini on my Debian server. Then I just restarted apache server and voila, sending email worked!

Here is sendmail.py in all of its hacky glory:


#!/usr/bin/python

#this is replacement for sendmail that php can use to send its goddamn emails

import smtplib
import sys

def findToAddress(lines):
  for i, val in enumerate(lines):
  j = val.index("To: ")
  if j != -1:
    return val[j+4:]
  return ""

fromaddr = 'whatever@example.com'
lines = sys.stdin.readlines()
toaddrs = findToAddress(lines)
msg = ''.join(lines)

username = 'you@gmail.com'
password = 'your app password'

# The actual mail send
server = smtplib.SMTP('smtp.gmail.com:25')
server.starttls()
server.login(username,password)
server.sendmail(fromaddr,toaddrs, msg)
server.quit()
Filed under: Programs, tutorial No Comments

My super secure password scheme

For the longest time in my life I have only used a single password for all the online services until I realized how much of a bad idea that is.

However I still didn't want to start memorizing a huge set of different passwords for each service so I came up with a following scheme which allows me to remember a single master password while still providing different password for each service. The key is in using a scheme that combines a master password plus the username and name of an online service then running resulting combination through a hash function output of which is what actually ends up being used as a password.

Treebe Universe!

Treebe is a program I have made a while ago, sometime in 2006, for a computer graphics class. I was learning OpenGL and relative coordinate system, so as an exercise I decided to write a screen-saver type program that would display a lot of objects in a recursive pattern utilizing relative coordinates via OpenGL's modelview matrix stack. I chose a pretty basic pattern of a parent object surrounded by 6 smaller children on each side. By changing relative position between parent and children I added animation.

I have also created a simple polymorphic scene-graph API to make the code more generalized and somewhat elegant. This scene graph is actually a tree (here is where Treebe name originated) where each child inherits from a base class - ANode, that represents a node in the scene. ANode has enough information to link to children and to describe their relative size, position and rotation to the parent. It also has a field for a display list (which made displaying lots of object a LOT faster) and a default virtual render() method that calls display list (unless it is overridden by a child class).

Simple pre-order traversal of the tree (call render() of each node before going to children) renders the whole scene. To animate Treebe specifically I only needed to make another tree traversal function that added same offset to each node which is a sinusoidal function (thus the whole thing expands and shrinks). As you can see from screenshot, several geometric objects can be used for each node which is done by another traversal that sets the display list id for each node. By twiddling with the default relative size of child to parent it is also possible to achieve different looking "orbits" (as example compare 2nd and 3rd screenshots).

Windows executable download

Controls:

1-8 Change display list.
q, e Increase/decrease relative scale between parents and children.
-, shift + Decrease/increase recursion depth.
space Pause animation. Press again to step through it.
n Continue animation.

Screenshots:

Filed under: Programs No Comments