Posts tagged: website

Won’t someone think of the children?

Let’s do a quick show of hands of parents who think that the internet is a safe place for children to spend their time on? If you’ve got your hands up you haven’t been on the internet for very long.

kid-in-shockTo be completely honest, the internet scares me. Or better, the amount of scary stuff that is on it, scares me. So now that my son is old enough to have his own PC in his bedroom, I looked around to see what was available to make sure that he doesn’t get exposed to material that is well above his age. They grow up quick enough anyway.

Now as someone who runs Ubuntu on his server, and OS X on his MacBook, I am already one step ahead of most parents, who have to deal with a Microsoft Windows environment of some sort. Good luck to you. This blog post depends on a Linux server of some sort, and although the client can be any operating system, I strongly advice you to stick to a *nix based desktop.

After dismissing most options available (things like OpenDNS, and a variety of dedicated applications to block any harmful content), I decided that however I was going to implement it, it would have to be by using a whitelist, rather than the normal practice of a blacklist. The reasoning behind this is that the amount of harmful content changes every minute, and no amount of blacklisting will catch 100% of it. With a whitelist, everything has to be vetted by me, but it ensures total control over their web experience. I also wanted to be able to approve/deny new websites as my son requests them, with little effort required on my side.

Something that sits between the client and the internet would be the perfect solution, and I quickly stumbled upon TinyProxy. As the name implies, the application is small, efficient, easy to manage and it supports blacklisting and whitelisting. Perfect.




Requirements

  • A server running your favourite Linux distribution. I personally use Ubuntu, but for the purpose of this guide, it doesn’t matter.
  • TinyProxy as installed by your favourite package manager. For Ubuntu that’s as easy as apt-get install tinyproxy, but obviously that will be different if you run something else. Make a note of the version number of TinyProxy though, as we’ll need version 1.6.5 or later.
  • A webserver running on your server. Apache2 is what I use, but as long as it supports PHP, then it doesn’t matter. What does matter though, is that the webserver should be able to access your TinyProxy whitelist file, which if you have both TinyProxy and the webserver running on the same server will be the case.
  • A client configured to use TinyProxy. This can be Firefox, Internet Explorer, Chrome, Opera, or any other browser you like to use. Be aware though that as soon as your child learns what a proxy is and how to remove it from his PC/laptop, the whole plan falls apart.

Before you continue with the next section, make sure that your webserver is able to serve some pages, and that you have confirmed that TinyProxy is working correctly for you.

Installation

Grab the tinyproxy-admin.tar.gz package and unpack it somewhere on your server. There are a number of files in there, each of them I will describe below.

tinyproxy.32
tinyproxy.64 – These two binaries are the 1.6.5 binary patched with a small change to allow TinyProxy’s child processes to refresh their filter list when the parent receives a SIGHUP signal and when the whitelist file is changed. These changes have also been submitted to the development version of TinyProxy, but because apt-get on my Ubuntu system installs 1.6.5, I have used that code base. Eventually these patches will appear in the Ubuntu package manager, but until then, these will do. The extension indicates whether the binary is for 32-bit, or 64-bit *nix.

tinyproxy – This is the TinyProxy start file (usually found in /etc/init.d), which contains a couple of changed lines. The permission on the tinyproxy.log files is by default set to restrictive. It needs to be read by the webserver’s user, which means that setting it to 644 everytime we start TinyProxy is required.

The files below need to be put in your TinyProxy configuration directory, usually /etc/tinyproxy.

tinyproxy.conf – This contains only the required changes to your distribution’s version. The ErrorFile, PidFile and Filter locations need to match your installation, and to switch from blacklisting to whitelisting, the FilterDefaultDeny parameter needs to be set to Yes.

whitelist – This contains just a single line; localhost. You need to whitelist the domain that your webserver runs on, otherwise it won’t work. If your local webserver can be reached through a proper domain name, then change localhost to that instead.

403.html – This is the file referred to by the ErrorFile directive in the tinyproxy.conf file. It contains two variables which need to be changed to match your system.

The following files are part of the administration interface and will need to be put in a directory that can be served by your local webserver. For instance, if your webserver uses /var/www as the root directory, put these in a new directory called /var/www/tinyproxy. The pages should then be able to be accessible by navigating to the http://your.webserver.domain/tinyproxy url.

config.php – This is the configuration for the administration interface. Make sure that the variables match your configuration, and if you want it to notify you by Twitter each time a new domain approval request is made, enter your details in there too.

style.css
filter.html
admin.html
filter.php
img (dir) – These are the remaining files which do not require any modification.

How it all works

Whenever a client is requesting a webpage from a domain, the request is done through TinyProxy. If it finds a line in the whitelist file for the domain, it lets the request pass through, but if it doesn’t, an error 403 occurs (Forbidden) and the 403.html page is served to the client. The included 403.html file calls the filter.html file internally and passes it the website that the client is trying to access.

tinyproxy-filter

When the request is made, the domain gets added to the whitelist file, but with a prefix of M|, therefore still not matching a proper whitelisted domain name. And it is this mechanism which allows me to approve or deny domains whilst keeping the whitelists all in one place. The admin interface simply drops the M| prefix if the domain gets approved, or changes it to D| if it remains denied. Easy peasy :o)




I appreciate that the above is all a bit long and winded, so I’ll do a small summary/checklist below for those who are keen to get going.

  • Install TinyProxy using package manager
  • Install webserver
  • Confirm the above are working
  • Download tinyproxy-admin.tar.gz
  • Amend config.php
  • Move config.php, style.css, filter.html, admin.html, filter.php and the img directory to a subdirectory beneath your webserver
  • Amend TinyProxy startup script: tinyproxy
  • Amend TinyProxy configuration file: tinyproxy.conf
  • Amend whitelist and move it to the TinyProxy configuration directory
  • Amend 403.html and move it to the TinyProxy configuration directory
  • Replace tinyproxy binary with patched version
  • Restart TinyProxy
  • Breath out ;o)

Server moved

Just a quick message to say that I’ve had to move servers (still with the same host), so if you discover some problems, drop me a message please :)

Say Tweet! Say What?!?!

Reading downloadsquad last week, I came across a new Twitter based service, called SayTweet. It immediately caught my imagination and since the US elections are now going into full swing (it’s got nothing to do with me, I can’t even vote here in the UK, even though I pay my taxes and everything), I thought I do one myself :)


Spam, spam, bacon and ham

I’m doing a little experimenting at the moment and I need some help. I need spam. Why? Well, that will be revealed in time, but for now, all you need to do is send your spam (leaving the subject line in tact, this is essential!) to spammers@uijldert.org

Thanks!

Update 26.7.2008

I’ve updated a bit in my script on the receiving side, so that subjects are stripped from their Fwd: (as mail forwarded from Google Mail) tag. This should make it a bit easier to send me the spam… lot’s of it, please :)

Tags: ,

categories blog

iBlog by iPhone

Two weeks into my iPhone ownership, I am still adapting to a new way of online life. Today they released the WordPress plugin in the App Store, something I was very keen on trying out myself… So here it is, my first entry written on the tiny keyboard of my 3G :)

WordPress on the iPhone

Fckd off?!?

Then get yourself the domain name to go with it ;)

Ebay auction for FCKD.net

No more www

Following a link in the WordPress Dashboard, I stumbled upon the No WWW website, which explains why we should all drop the prefix www. on domain names. As I had a mixture of both, I went through all my posts/pages and updated them to reflect that philosophy. If you come across something that stopped working, I would very much appreciate that you contact me and tell me about it.

Revamp

A change for the better? I think so :)

Mr Popular

And then to think I never had any friends at school ;)

Seems that some MAKE users have finally found my website, and in the space of three weeks have discovered my old TiVo project (as reported on MAKE: Blog) and the digital picture frame laptop (as reported on MAKE: Blog). Won’t be long before they discover the Xbox IR mod too and break my bandwidth limit for this month :D

Packed up and left

Yup, it’s another one of those I have moved posts… Will I ever find myself a permanent home?

Tags: ,

categories blog

Moving again

Just a quick note to say that the website is going to be wrapped up and moved again sometime in the next couple of weeks. Colin has ordered a brand spanking new server and tomorrow we’ll make the first steps towards the installation of it. I’m very tempted to ditch the whole Mambo, uhm Joomla installation and go for WordPress. I’m using WordPress on another site already, and it is slightly less difficult to maintain… or I may just leave it as it is. Can you tell I haven’t decided yet?

The TiVo LCD Project

Flash of the past alert! It was way back in 2003 that I did a small modding project involving my favourite gadget of all time the TiVo and a small character LCD and created a mini How-To for it. I thought I lost the article forever when I accidentally deleted the web pages in one of my (many) server moves. Not so! A certain BobBlueUK knew his way around The Wayback Machine (unlike me) and digged up the original archived copy!

So in all its glory, here it is again :D




Ever wanted to find out what the TiVo is doing? Look no further :) On this page I will describe a way for you to display the program information on a small LCD display. It is only to be taken as a proof of concept, I’ll leave the actual mounting and cosmetics up to someone else.

Components

  1. A warranty voided TiVo
  2. A serial LCD. Mine is a 2×20 LCD pre-fitted with a BPK driver board from Milford Instruments, part number 6-121 @ £30.00
  3. A bit of cable with 3 wires (like cat5)
  4. A 3.5mm stereo jack plug with plastic barrel and strain relief sleeve from Maplin Electronics, part number HF98G @ £0.79
  5. A Futaba Servo Connector from Maplin Electronics, part number GZ94C @ £1.49
  6. 2x 4-Pin 5.08mm (0.2in.) Spacing Polarised Power Connectors (one male, one female) from Maplin Electronics, part numbers JW64U and JW65V @ £0.79 each. These things are better known as molex connectors
  7. A patient SWMBO

TiVo LCD Project

Instructions

The most tricky part of this project is opening up the TiVo, so best invite Stuart Booth over who can do it blindfolded using only his nose to guide him ;-) If he’s not available you will have no choice but to do it yourself, so get a Torx T10 screwdriver and remove the 3 screws at the back of the TiVo. THIS WILL VOID YOUR WARRANTY, but I guess you did that already when you installed the Turbonet card and added a nice big hard disk, right? ;-)

TiVo LCD ProjectWith the TiVo opened, you need to put the 2 molex connectors (item 6) to work by making up a splitter which is put in between the hard disk and the power supply. BE VERY CAREFUL AROUND THE POWER SUPPLY! That thing is lethal as it maintains the charge even after it has been switched off for several hours/days. Anyway, the thing you have to bear in mind is that you need to connect all wires on the molex connectors, and on to the +5V and GND (Ground) add two wires which you need to feed to the outside of the TiVo. I used the same space as where my cat5 cable is going out of the TiVo (the one connected to the Turbonet card), just underneath the fan.

Then it is soldering time… Take the 3.5mm stereo jack and connect a wire to the tip of the connector. That was soldering time :-)

TiVo LCD ProjectNow take all 3 wires (and make sure you have them appropriate coloured, like red for +5V, black for ground and any other colour for the TX (transmit), and connect them to the Servo connector, making sure that you do them in the same order as there are pins on the LCD. My LCD has 3 pins, labelled +5V, GND and Recv (receive), which makes it pretty obvious which wire goes where. Your mileage may vary of course.

Time to test it methinks :-) Close the TiVo and hook it up in your AV setup and power it up again. The LCD display should now be powered, and depending on what model/type you are using it might display something (like garbage or a version number) or in my case, a blank screen with just the backlight on.

Pat yourself on the back, the hard work has been done. Now it is back to the good old computer and open up a telnet and ftp session to the TiVo as you need to install a small .tcl script written by a TiVo community user called Demark. He posted it to this thread and all I had to do was modify it slightly to output the lines correctly. You can find my copy here.

TiVo LCD Project

Install the .tcl file in /var/hack and run it with the ‘&’ to detach it from your shell, otherwise you will reboot your TiVo when you try to interrupt it. To stop the script you simply do a ‘touch /tmp/vfd.stop’ and within a minute the script will stop. Make sure you remove the /tmp/vfd.stop file before you start it again though.




It is quite possible that I’ve skimmed over something which I think is trivial to do, but proves a real nightmare for you, so if you got any questions, please don’t hesitate to contact me. Good luck modding!

Please hold

Not that anyone noticed, but we moved servers. Hosted in the UK by Captiv, run by my good friend Colin (him of BRISKODA fame), and as fast as it is gonna get over here in good old blighty

Famous

In the future everyone will be world-famous for 15 minutesAndy Warhol

So here are a few of the sites linking to Awooga!!!:

Digg.com (where it all started)
Automated Home UK
eHomeUpgrade
Nordic Hardware (Swedish!)
LiveCD News
TousPourUn (French!)
Paul’s Blog

Awooga!!!

a·woo·ga
interj.

QuoteExpression used when one is in panic.

Abandon ship! Black Hole approaching. Abandon ship… (The siren stops) Oh, God, now the siren’s broken. Awooga, awooga. Abandon ship!

Tags: ,

categories blog