Last week I finally had some courage to update my Macbook to Mojave. The latest version of the MacOS family. The only thing I was really looking forward was the security updates and Dark Mode. Aside from that, it was unappealing to me.
Today, I downloaded some videos and wanted to fire up my minidlna local install only to find out that service was not working. None of my devices was able to see the DLNA service so I couldn’t stream to any TV.
I started investigating. I did the basics, tried to restart, and services were launching fine.
➜ ~ brew services restart minidlna Stopping `minidlna`... (might take a while) ==> Successfully stopped `minidlna` (label: homebrew.mxcl.minidlna) ==> Successfully started `minidlna` (label: homebrew.mxcl.minidlna)
Since everything seem fine, and still I couldn’t see the DLNA media. I went to the logs.
➜ ~ tail -100 /usr/local/var/log/minidlnad.log
I saw some errors which caught my attention. So I decided to remove it completely.
➜ ~ brew remove minidlna xcrun: error: invalid active developer path (/Library/Developer/CommandLineTools), missing xcrun at: /Library/Developer/CommandLineTools/usr/bin/xcrun Uninstalling /usr/local/Cellar/minidlna/1.2.1_1... (11 files, 307.6KB)
And I saw the xcrun error, invalid active developer path? After quickly reviewing in Google this was due to the X Code Command Line tools that needed to be installed. It seems when Mojave was installed, the old X Code Command line tools were removed. Ok now we are getting somewhere. Now I would install that package. Again I went to my terminal and:
➜ ~ xcode-select --install
The package started downloading. It was about 130MB. Once it was installed I went and installed minidlna again.
➜ ~ brew install minidlna ==> Installing dependencies for minidlna: ffmpeg ==> Installing minidlna dependency: ffmpeg ==> Downloading https://homebrew.bintray.com/bottles/ffmpeg-4.1.mojave.bottle.tar.gz ######################################################################## 100.0% ==> Pouring ffmpeg-4.1.mojave.bottle.tar.gz 🍺 /usr/local/Cellar/ffmpeg/4.1: 282 files, 55.4MB ==> Installing minidlna ==> Downloading https://homebrew.bintray.com/bottles/minidlna-1.2.1_1.mojave.bottle.tar.gz ######################################################################## 100.0% ==> Pouring minidlna-1.2.1_1.mojave.bottle.tar.gz ==> Caveats Simple single-user configuration: mkdir -p ~/.config/minidlna cp /usr/local/opt/minidlna/share/minidlna/minidlna.conf ~/.config/minidlna/minidlna.conf ln -s YOUR_MEDIA_DIR ~/.config/minidlna/media minidlnad -f ~/.config/minidlna/minidlna.conf -P ~/.config/minidlna/minidlna.pid To have launchd start minidlna now and restart at login: brew services start minidlna Or, if you don't want/need a background service you can just run: minidlna ==> Summary 🍺 /usr/local/Cellar/minidlna/1.2.1_1: 11 files, 307.9KB ==> Caveats ==> minidlna Simple single-user configuration: mkdir -p ~/.config/minidlna cp /usr/local/opt/minidlna/share/minidlna/minidlna.conf ~/.config/minidlna/minidlna.conf ln -s YOUR_MEDIA_DIR ~/.config/minidlna/media minidlnad -f ~/.config/minidlna/minidlna.conf -P ~/.config/minidlna/minidlna.pid To have launchd start minidlna now and restart at login: brew services start minidlna Or, if you don't want/need a background service you can just run: minidlna
Once it was re-installed. I tried to launch it once more.
➜ minidlna brew services start minidlna ==> Successfully started `minidlna` (label: homebrew.mxcl.minidlna)
It launched, again, with no error but still it wouldn’t work. Sighs. We have to keep digging. So I went to the logs again, on a bug hunting mission and found this:
[2018/11/13 20:04:46] minidlna.c:1048: warn: Starting MiniDLNA version 1.2.1. [2018/11/13 20:04:46] minissdp.c:131: error: bind(udp): Address already in use [2018/11/13 20:04:46] minidlna.c:1080: info: Failed to open socket for receiving SSDP. Trying to use MiniSSDPd [2018/11/13 20:04:46] minissdp.c:84: error: setsockopt(udp, IP_ADD_MEMBERSHIP): Bad file descriptor [2018/11/13 20:04:46] minissdp.c:189: warn: Failed to add multicast membership for address 192.168.1.137 [2018/11/13 20:04:46] getifaddr.c:338: info: Enabling interface 192.168.1.137/255.255.255.0 [2018/11/13 20:04:46] minissdp.c:830: error: connect("/var/run/minissdpd.sock"): No such file or directory[2018/11/13 20:04:46] minidlna.c:1083: fatal: Failed to connect to MiniSSDPd. EXITING%
Reviewing online on the minidlna site, they do suggest to try to install such software.
Funny enough I found a link to my article on that link.
Right now I will keep reviewing and will come back later with an answer.
El día de ayer, Domingo 22 de Julio del 2018, me uní a más de 700 personas para ser parte del tercer WordCamp de Costa Rica. El evento estuvo super concurrido y con asistentes de Argentina, España, Estados Unidos, Guatemala, El Salvador y siempre miembros de la Comunidad WordPress de Nicaragua.
En esta última edición me tocó hablar sobre las diferencias entre el WordPress Administrado y el Alojamiento Compartido, abajo les dejo mi presentación
Security on websites and mostly on WordPress which is on more than 29% of the entire internet, its crucial, preventive security is 10 times cheaper than proactive security.
Below is an amazing and easy to follow infographic about WordPress Security by my favorite Website Security provider: Sucuri
See the full infographic here: https://sucuri.net/infographics/intro-to-wordpress-security
If you do not know what HTTP Headers are, let me run a quick introduction, and if you do, then it would be just a refreshment.
What is HTTP anyways?
HTTP stands for Hyper Text Transfer Protocol, which is the protocol that we use on our browsers and to visit web pages and similar services. Since HTTP is part of the TCP, stack than it means that the flow works just like PING PONG. Below a simple graphic to explain it:
More about HTTP
HTTP is a protocol and it has several methods. The most used methods are:
The HTTP GET method is used to request a specific URL or file, some examples below:
HTTP GET http://domain.com/file.txt HTTP GET domain.com/contact-form/ HTTP GET https://www.domain.com/secure-file.html
This is basically what happens when you put a domain on the browser bar and click enter, or when you click on a link within a website. Your browser then generates an HTTP GET request to the server asking for that URL.
Its basically a request from the visitor to a server asking the server to send information.
The HTTP POST method is used on the opposite way. The POST is used when the visitor sends information to the server to process. Some examples can be:
- Filling out a contact form and clicking SEND. The POST method that the visitor sends, it will contain all the information of the contact form, and the server will receive the info and process it accordingly.
- Filling out any form.
- Adding products to shopping cart.
- Doing a checkout process on any e-commerce website.
HTTP POST www.domain.com/contact-form/?filled=yes&name=John%20Doeemail@example.com&phone=1234567&comments=no
We do not usually see the POST contents on the browsers unless you use your browser’s Developer Tools to check on what is happening on the background.
Now that we’ve covered the basics, let’s talk about HTTP HEADERS!
What are the HTTP HEADERS?
HTTP Headers is all the extra values that are added to the HTTP GET & POST requests. Below a quick example:
First we do the request
HTTP GET salrocks.com
Then the server answered this:
HTTP/1.1 301 Moved Permanently Server: nginx Date: Sat, 27 Jan 2018 01:08:18 GMT Content-Type: text/html Content-Length: 178 Connection: keep-alive Location: https://salrocks.com/
What does that mean?
Let’s break it down shall we?
HTTP/1.1 301 Moved Permanently
The HTTP 301, is a what is called a permanent redirect. This will tell your browser to load a different page, it will get the value from the LOCATION header.
The SERVER header, it will tell you what software is the web server using to serve websites. On this case the web server used is NGINX. Other values could be Apache, LiteSpeed, ISS, etc.
Date: Sat, 27 Jan 2018 01:08:18 GMT
The DATE header provides a timestamp of the time the request was served.
The CONTENT header will tell you what type of media file is, if its a text, media file or binary file. It will depend on the MIME TYPES setup on the server.
This one, the CONTENT-LENGTH header will simply tell you the size of the file requested.
As discussed on the HTTP 301 header, the Location will tell the server what URL it should load instead of the http://salrocks.com that was requested initially.
Ok so that’s simple right? Let’s move on. Let’s now try to load the https://salrocks.com to see what happens. Let’s go!
HTTP GET https://salrocks.com
And now the server answer was this:
HTTP/2 200 server: nginx date: Sat, 27 Jan 2018 00:18:39 GMT content-type: text/html; charset=UTF-8 strict-transport-security: max-age=86400 vary: Accept-Encoding vary: Cookie link: <https://wp.me/5zKS6>; rel=shortlink
Let’s break the answer now, since there are new values and new headers there. We are just getting started.
content-type: text/html; charset=UTF-8
As you can see the CONTENT-TYPE header now included a charset setting besides the MIME TYPE.
The STRICT-TRANSPORT-SECURITY header is related to HSTS and the policy that tells your browser how long to cache the request.
vary: Accept-Encoding vary: Cookie
The VARY header tells the other proxies if they should cache a similar request or if they should request a new one..
link: <https://wp.me/5zKS6>; rel=shortlink
The LINK header provides a relationship of the present request to the link provided on this header and the relationship. On this case it tells you that https://wp.me/5zKS6 is a SHORTLINK to https://salrocks.com
How do you use HTTP HEADERS to troubleshoot issues?
Checking the HTTP Headers of your website it can help you solve all of the following issues:
- Too Many Redirects.
- Failure in forms. The POST event might have gotten a HTTP 404, 403 or 500 error.
- SEO issues with 302 or 301 redirects.
- Caching issues (if an URL is cached, missed or expired).
- Media expiration status.
- CDN cluster from which the asset is served.
Soon I will be writing about HTTP HEADERS for Sucuri, CloudFlare and Kinsta.
It’s called HOMEBREW and it brings the sweetness and ease of installing packages just like APT or YUM does on Linux.
How do you install HOMEBREW?
Open your favorite terminal app, either the one that comes with MacOS or my favorite iTerm2 and execute this command:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Now you should update Homebrew and you do it with this command:
And you can install any program/software. On this example I’m going to install Apache, PHP 7, MySQL:
brew install apache2 php70 mysql
This will proceed to install all the required dependencies for each of the software we are installing and that are NOT currently installed on the server.
After it is installed all software is saved the following directory:
Below is a snapshot of how my HomeBrew directory is currently:
So start experimenting with HomeBrew today, and let me know if you need a hand!
Tweet at me @RipeR81
If you are a developer, coder, sysadmin or IT Pro I assume that you have used the terminal either on your Unix, Linux, Mac o Windows. And the shell that usually comes as default is the good old faithful BASH shell, which is nice but not cool.
What is Oh-My-Zsh?
Below are some facts about it:
- More than 200 plugins. Enhance your productivity with plugins that integrate into git, google, youtube, sublime and much more.
- More than 1000 contributors. Since its Open Source, the code is available for free on GitHub and you can add your modifications, plugins and themes. Just submit your pull request!
- More than 140. Don’t be a dull bird using the old BASH simple theme. Add colors and other functionalities by using any of the themes.
Still not convinced?
Check this screen captures:
And these are just some of the ways your terminal or console can look like. Pretty awesome right?
Now, how do I install Oh My ZSH on my Mac?
Dude, its a piece of cake. Just go to your Terminal or iTerm2
sh -c "$(curl -fsSL https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
This will do the entire process of installing all the required pieces to make it work. Once it finishes you can go ahead and customize the themes & plugins.
Picking a different theme
As default, Oh-My-ZSH comes with the theme default which is robbyrussell. But if you want to choose a different please go to the Themes page in GitHub. Choose the one you like the most and then use your favorite text editor (nano, vim, emacs, sublimetext or even textedit) to edit the file .zshrc located on your home folder. Below are the commands to open such file on nano & vim:
Then you will have to locate the string:
And change it to the theme that you selected, on this case I chose the theme called Blinks, so I went ahead and edited the .zshrc file and put this string instead of the one above:
Then save the file and exit the editor. Please note that you will NOT see an immediate change on your current session. You would have to start a new terminal session to see the new theme applied there.
Now if you are a free soul like me, then you might want to set the value to random, that way each time you open the terminal you will experience a new theme until you find the one that you love the most. To enable this awesomeness simply use this string instead of the two previous ones:
Cool? Dude you know it is cool!
So, what about plugins?
Just like Themes, enabling and disabling plugins is done thru a text editor and your file .zshrc. You will need to look for the string:
Where xxxx can be anything.
Since you are on Mac, I suggest all these plugins to be enabled:
plugins=(brew rails git ruby terminalapp sublime screen rvm perms osx history github encode64)
But there are several more, just go to the Plugins page on GitHub to learn about them all.
Please note that the same rule of the themes applies here, you will need to save the file and open a new session to see the plugins enabled.
So that is all folks. Start experimenting with Oh-My-ZSH and help the creator of this awesome shell by buying some swag for you and your friends!
Comment below if I missed anything! Thanks!
For those who are not familiar let me explain what CloudProxy is. CloudProxy is the Web Application Firewall & Caching service from my employer, Sucuri.net. This service is setup at the DNS level and helps filtering all the HTTP requests that get to your website and speeding the performance a the same time.
Below is a simple graphic to explains how it works:
How can I clear CloudProxy Cache?
It’s simple there are two ways:
- Via CloudProxy‘s dashboard on Sucuri’s website
- Using the API
Clearing the cache via the dashboard
Just follow this steps:
- Login to your account via https://login.sucuri.net
- Then go to CloudProxy (check your left menu) or simply type this: https://waf.sucuri.net on your browser address bar.
- Once on the CloudProxy Dashboard, click on settings and select the website you want to clear the cache for.
- Once there click on Performance, and then simply on the button to clear the cache. And in less than 2 minutes the cache will be trashed from all the CDN servers.
You can also check their tutorial on their Knowledge Base: CloudProxy – Clearing Cache
This is convenient when you are not making that many changes into your website. However if you are pushing changes everyday or building an webapp, then you need something easier.
Clearing the cache via PHP
I am currently building a web app with some friends and we faced the issue that after deploying each change, I needed to login to my account and clear the cache manually. This becomes tediously when you are committing changes several times a day 5 days a week. So I had to come up with a simple solution to get the job done.
That is why I turned to CloudProxy’s API, which offers me the ability to clear the cache by calling a simple string. You can see the basic code below:
<?php /** * Simple Script in PHP to clear sucuri's cloudproxy cache via php * * Author: Salvador Aguilar * Email: firstname.lastname@example.org * Web: salrocks.com */ $curl = curl_init(); curl_setopt_array($curl, array( CURLOPT_RETURNTRANSFER => 1, CURLOPT_URL => 'https://waf.sucuri.net/api?v2', CURLOPT_POST => 1, CURLOPT_POSTFIELDS => array( // this is the Sucuri CloudProxy API key for this website k => 'your-cloudproxy-api-key-goes-here', // this is the Sucuri CloudProxy API secret for this website s => 'your-cloudproxy-api-secret-goes-here', // this is the Sucuri CloudProxy API action for this website a => 'clear_cache' ) )); // Send the request & save response to $resp $resp = curl_exec($curl); echo '<pre>' . $resp . '</re>'; // Close request to clear up some resources curl_close($curl);
That is the initial version of the script, if you want other features or to fork it you can get it from GitHub: https://github.com/riper81/clear_cache_cloudproxy_php
Once you have the file, you simply put it on your website root and you edit with the proper values from your Sucuri account and then simply run it via a web browser or command line and you cache will be cleared.
I added this script into my deployment script so I can update from my git repo and then clear the cache from Sucuri. Making things easy for us 🙂
If you have an idea, hit me up!
Both my business partner and co-founder of SenorCoders.com and myself gave talks. While I talked about How Websites get Hacked, Kharron talked about Developing a Mobile App using WordPress as the backend.
My presentation was based out of the work that I do each day as part of the Remediation team in Sucuri. You can find my presentation here:
Special thanks to:
- Daniel Gordon & Steven Hansen from Rain for sponsoring the venue, sodas and pizzas.
- Tom Sepper @ Site5 for sponsoring the web hosting accounts
After an overwhelming traffic to my previous post 2 Alternatives to Paypal in Nicaragua, I was asked to expand my comments on each case, so today I am bringing you more information about using Paypal in Nicaragua, and yes its thru our southern neighbor country, Costa Rica.
As many of you already know, we can receive payments but we can’t cash them out locally. So after research online and conversations with many friends, such as Hosmel Quintana, an awesome Nicaraguan Developer working on UpWork and making a living.
So let’s now get straight to the point. The how-to begins now.
How this works?
Simple, Paypal works in Costa Rica, for both making and receiving payments and cashing them out. But there is a trick, it ONLY works with Banco Nacional but you will be able to transfer your money from Paypal to your Savings Account, which is what we want access to our money!!!
What do you need?
- Go to Costa Rica with a valid passport.
- Go to any branch of Banco Nacional.
- Open a Savings account with your passport. Do not explicitly state that you only want it for Paypal.
- Be sure to get the token that they give you to access BN Internet Banking, you will need it afterwards when enabling Paypal.
- Once your account is activated. You would need to open a new Paypal account and provide address of Costa Rica. You can look online and even use any address listed here. You can check out this guide for step by step guidance.
- Once your costa rican Paypal account is activated, you would need to link the bank account using the information of your Savings Account from Banco Nacional. Upon activation it will ask you for the token, which you will use to finish the setup.
- You are done!
Restrictions and warnings: its not that simple
- You can NOT transfer from Paypal to Banco Nacional USD999 or more. This will raise red flags and would probably be forced to legally open a business in Costa Rica pay all the according taxes.
- If you want to cash out USD1,000 or more you would have to legally open a company, and open a business account with them. You would have a limit of USD10,000 per transaction and USD50,000 per day. That is a LOT if you ask me. These are the requirements for the business account.
- You need to use an email that was not previously activated on Paypal. Be sure to follow the proper instructions listed here.
- The commissions,
the ugly part, are these:
- Banco Nacional will charge you 0.5% if its more than USD 2,200.
- Banco Nacional will charge you USD 11 if its less than USD 2,200.
Getting the cash: How to transfer from Paypal to Banco Nacional?
- Login to your BN Internet Banking with your username and password.
- Once inside, look for PAGOS and then select PAYPAL.
- On the left menu, you should see the following option: Retirar fondos de cuenta PayPal. Click there.
- You will then have to type the number that was generated on your Token.
- Banco Nacional will now list the terms and conditions, which you have to accept if you want to continue.
- You will then select the Paypal account to which you want to perform the transfer to.
- Next step is to define how much money you want to transfer.
- Then you will have to confirm the transaction. Be sure to review the amount.
- Once confirmed, the transfer takes up to 5 business days to hit your account.
- After 5 days you should have your money ready. Awesome!
Even though is not the best option, it’s an option if you want to be able to cash out your Paypal funds on any ATM. I am still not sure about the specific ATM withdrawals fee, but that is something I am working on currently. If any one has already done it, I would appreciate you share the fees so I can include them here, and give you the proper credits on this article as well.
Thanks for reading and feel free to contact me for questions or suggestions. Jokes are welcomed too!