14. Dec. 2008

Sometimes we have to place content on our webserver we want to protect and only accessed by privileged users.

A basic security can be established by a password restricted folder access, enforced by the Apache Webserver itself.

This can be done by some simple instructions added to our .htaccess file:
(In case you haven’t already a .htaccess file, just create a new file calling it .htaccess and locating it in the folder you want to protect.)

AuthType Basic
AuthName "Protected Area"
AuthUserFile FILE
require valid-user

These commands will tell the Apache webserver that the folder in question (and all below) are now protected and it needs a valid combination of username/password to access it.

  • AuthName is some free form text you can specify, telling the visitor what you are asking for and Apache Webserver will show in it’s dialog box.
  • AuthUserFile is the reference to the stored .htpasswd file containing all valid username/password combinations to access the folder in question (ususally and best located out of the protected directory tree).

Having that done we now need to create the necessary .htpasswd file which we can do interactive on our server with the command:

htpasswd2 -c FILE USER

Assuming html is your webroot, a valid example, for protecting a folder called images below our webroot and using demouser/demopassword as user credentials, would be:

.htaccess:
(Locate this file within the folder images and be aware to use an absolute path for AuthUserFile, as for www.domain.com would be wrong!)

AuthUserFile /home/username/html/.htpasswd
AuthType Basic
AuthName "Login for Secure Area"
require valid-user

.htpasswd
(Create a new file called .htpasswd and locate this file within the folder you’ve specified within AuthUserFile path.)

demouser:$1$OHq3K5v3$pvFrGsHjWwYjpkZhc70T9.

10. Dec. 2008

Since Oracle Version 10G ist is possible to transfer tablespaces no longer only between platforms of the same architecture. Now in 10G it also possible to transport from any platform to any platform, provided the platforms belong to the list below:

SQL>  select * from v$transportable_platform;

   PLATFORM_ID PLATFORM_NAME                    ENDIAN_FORMAT
  
             1 Solaris[tm] OE (32-bit)          Big
             2 Solaris[tm] OE (64-bit)          Big
             7 Microsoft Windows NT             Little
            10 Linux IA (32-bit)                Little
             6 AIX-Based Systems (64-bit)       Big
             3 HP-UX (64-bit)                   Big
             5 HP Tru64 UNIX                    Little
             4 HP-UX IA (64-bit)                Big
            11 Linux IA (64-bit)                Little
            15 HP Open VMS                      Little
             8 Microsoft Windows IA (64-bit)    Little
             9 IBM zSeries Based Linux          Big
            13 Linux 64-bit for AMD             Little
            16 Apple Mac OS                     Big
            12 Microsoft Windows 64-bit for AMD Little

But be aware that depending on which plattforms we deal with there might be some converting necessary or not!

To help you with that, I have carried together the little cook book about "How to do" below:

1. Set the tablespace to READ ONLY

SQL> alter tablespace USERS read only;
Tablespace altered.
 

2. Export metadata

exp userid=\’/ as sysdba\’ transport_tablespace=y
tablespaces=users
file=users_tts.dmp log=exp_users_tts.log
statistics=none

3. Converting tablespace if necessary

Depending on we have to convert the file between endianness Little and endianness Big (forward or backward) we can do that with RMAN:

rman target=/

Recovery Manager: Release 10.2.0.3.0 – Production on Wed Dec 10 13:10:57 2008
connected to target database: orav10 (DBID=1953618181)

RMAN> convert tablespace ‘USERS’
2>  to platform="Linux IA (32-bit)"
3>  db_file_name_convert=’/database/orav10/datafiles/users.dbf’,
4>  ‘/tmp/users.dbf’;

4. Move datafiles and export dump file

$ftp users_tts.dmp

and /database/orav10/datafiles/users.dbf (no conversion)
or /tmp/users.dbf (converted file if conversion had been required)

5. Import metadata

imp userid=\’/ as sysdba\’ TRANSPORT_TABLESPACE=Y
datafiles=
/database/orav10/datafiles/users.dbf
(or
/tmp/users.dbf )
file=users_tts.dmp log=imp_users_tts.log

6. Set the tablespace to READ WRITE

SQL> alter tablespace USERS read write;
Tablespace altered.

23. Nov. 2008

Being forced to work with MySQL Databases, not every Web Developer is familiar with databases in general.

Now the good news is that when working in a LAMP (Linux, Apache, MySQL and PHP) environment you do not really need to have deep knowledge about relational databases to succeed.

Most tools like CMS do a full automated setup for you and the only knowledge it needs to have starting with them, is the server and database name and finally the login credentials (username/password) to access it.

Just later on the one or other maintenance work will occur and you will feel the need of having some nice and neat database interface to work with. Knowing about this need today I will recommend you a few tools and you should feel free to choose one or each of them based on your platform and taste.

The first tool I will recommend you is called phpMyAdmin. It is written in PHP and as a so called browser tool it works platform independent and flawless in all common browsers. Very often being offered by hosting providers it is mostly already part of your hosting package and easy to access and use. Coming along with all necessary options like browsing and navigating through your databases, it also offers a SQL interface and the often necessary export/import options. Personally it is my favorite tool to work with.

Once you are familiar with phpMyAdmin, phpMyBackupPro is another very similar tool you might find it worth to look at. Also browser based it is mainly written for interactive exports and imports, but can get also use for scheduled automatic backups.

For Windows platform only I would like to recommend you a tool called MyDB Studio. Coming along with a well designed interface it offers all features you need and the license it needs is given away for free in case you only use it for private and non commercial interests. It just needs you to give them a valid email address and the key is emailed to you quickly after.

And now finally and last in case you are such a Macintosh guru, I would like to recommend you CocoaMySQL. It does a similar great job like the others and can get used right away after the installation has taken place. What I like is the console view of is, showing you all command issued during the past and looking at it you might even learn some SQL (Structured Query Language).