How To Transfer Domain Registrar From Godaddy To Gandi.net

I was asked to take over managing a few domains for someone, part of this includes renewing the registrations. As they currently are on Godaddy and having to deal with that system would annoy me and waste my time I am transferring the registrar to Gandi.net.

As part of the transfer process you must make sure the domain is unlocked, which I did. Then you must send yourself the authorization code (for making a transfer). You need to provide this code to the new registrar. Not surprisingly Godaddy attempts to make this difficult. Then the email just says: prog_id=GoDaddy&isc=aaaa111 That will not work. I was able to find a way to download the code for all the domains (you have to create an export list, instead of just viewing it from the domain page). That method provided a 16 digit (alpha and numeric and very occasional special character) codes for all the domains.

Gandi.net makes the transfer process very nice and smooth with a easy to follow user interface. They do cost a bit more than others but they are well worth it in the time you save for most people (if you really want to save every last dollar you can find cheap registrars that are less annoying than Go Daddy).

Related: Overcoming Conflicts with Multiple WordPress Blog Networks on One ServerChecklist for Setting Up a New Domain on VPSSimple Process to Claim Authorship of Pages with Google

Setting Up 2 Factor Authentication for Gmail

Sadly there are significant risks to having valuable information accessible via the internet. Someone with access to your accounts is a huge risk and it can be a huge hassle to deal with what they can do with that access. Email is one of the most critical, there is tons of information you need, and often the email account can be used to get access to many other accounts (obviously financial sites are also critical, as are others). You should set up 2 factor authentication for critical sites.

2 factor authentication is made of up 1 thing you know, and 1 thing you have. So you know your password. The easiest other item is a smart phone (that is the default option for gmail and most places for the thing you have). Some banks and computer networks (intranet access) use security tokens. Either way they give you a code which you then enter after you enter in your username and password.

Gmail offers a app for smart phones that will generate these codes even if you don’t have cell phone service. Also, if you don’t have a smart phone, or lose yours there is a backup thing you can have (pre-printed codes). Make sure you print these and keep them somewhere you can access them (Google suggests your wallet).

With Gmail you will be prompted for your 2nd level authentication if you attempt to access with a computer that has not been authorized previously. If you are using a computer that you logged into your account with and told Google to authorize you will login normally. Every 30 days Google will then have you provide the 2nd level authentication (I think this is right, I might not have it exactly right for when Google asks for 2nd level authentication).

Whatever email account you have I would strongly recommend having 2 factor authentication setup. And you then must be sure that you can gain access. It is a bother but you need to make sure you understand the process and understand how to cope with issues (losing your smart phone, etc.).

Once you setup your account for 2 factor authentication make sure you add a secondary phone number backup (in case you lose your phone or it is stolen). And make sure you print out the backup code.

Process:

Continue reading

Very Simple Process to Claim Authorship of Pages with Google

Update: August 2014 Google abandoned this project so there is no point wasting your time on it. As I have stated elsewhere Google’s efforts are so unreliable (Google nearly always fails and then closes whatever you invested your time in) that you should careful consider if you bother with their stuff (much mores than any other company). This has been true since Larry Page became the CEO and means that I avoid Google initiatives. I also abandon, or at least don’t waste more of my time investing in anything Google buys. Without a strong extra case to justify bothering with something from an organization proven to be so unreliable it just isn’t sensible to treat Google efforts as reliable.

With authorship I figured the odds were that even with Google’s poor track record this was something worth bothering with. Oops. I have to recalibrate to assume even less chance of Google making something that won’t just be a waste of my time for future efforts.

There are lots of posts explaining how to claim authorship of pages with Google. I find them very complex, by and large.

I was able to use this simple process.

  1. Include by author text with a link to the author page using rel=”author” In WordPress you can just edit the theme page to have the author link include the rel=”author” tag.
  2. <a rel="author" href="http://johnhunter.com/">John Hunter</a>

    For WordPress blog with multiple authors here is the syntax to use (this pulls the author url from their profile. The author can update their web site url when logged into the blog.

    <a rel="author" href="<?php the_author_meta('user_url'); ?>"><?php the_author() ?></a>
  3. Then connect author page to Google+ profile. You can make this most any page (Google may exclude some free sites). Most people use the about page or author pages on the same blog they are trying to claim authorship of. But all that really matters is linking this page to your Google+ profile (obviously substitute your url), I have many sites with my material so my home page is what I used, I just added the following to that page.
    <a href="https://plus.google.com/u/0/123" rel="me">Google+</a>
  4. Then link your Google+ profile to the authorship page you want to use. You can add it under Other profiles or contributor to. This is the trickest part do to very bad UI of Google+ you have to go into edit mode and then click on the areas (there is no indication they are editable until you click – extremely bad UI, Google seems to very much like this hard to understand hidden UI elements lately, hopefully that will end soon). Likely Google will fix this at some point so this part will no longer matter.

To test out whether things are working you can go into Google webmaster tools to the rich snippets area. Test out a url you claimed authorship of and you should see something like:

search result with photo

Google can now use your Google+ profile to include a photo (from your Google+ profile) next to search results

With those simple changes over 1,000 posts on my blog were updated. It took far longer to search for and read a bunch more complex ways of accomplishing this than actually doing this once I was able to see what little had to be done. Writing this post took way longer. Now I just have to do step one for other sites and blogs and they will all be updated to show my authorship (for those I already had on my Google+ profile, if they were not listed there yet they have to be added).

There are many benefits to establishing authorship through Google.

  • Google can include your photo next to search results. Especially until people get tired of this, it will likely increase clicks on your links. And even after people are tired of it, if they notice your photo (and respect you) that may well increase clicks.
  • Builds your personal brand
  • Google can use authorship as an additional factor in calculating the worth of a page for a specific search.
  • Google can get a feel for what areas you are an expert in. First by just analyzing what your write about. But more importantly they will be able to use this extra layer of information to determine AuthorRank (similar idea to PageRank) by seeing links to your authored material.
  • Hopefully this can allow for RSS feeds by author (no matter where the content is published) eventually, if it doesn’t already.

Knowing authorship will allow Google to improve search result quality, so I can understand why they are pushing for it. It is a bit annoying how they keep pushing Google+ but this implementation seems tolerable. Some posts make it sound like you have to make your “authorship page” the Google+ profile, but really you can decide the authorship home page (for me johnhunter.com). They do pull your profile photo from Google+ to use, which is less than ideal.

Installing MySQL on Snow Leopard

I had all sorts of trouble installing MySQL on Snow Leopard. I never had any trouble installing mysql on Ubuntu.

Installing it normally on Snow Leopard would give me a success screen saying it had been installed but it seemed to have completely failed to install.

I then installed and used macports and that was the start of the solution. If I was trying to install MySQL on Lion or Mountain Lion I think I would try macports first.

You need to get xcode (to use macports) if you didn’t have it already you are going to have some challenges because I couldn’t find it in the Apple developer center (they removed it since I guess you shouldn’t be still using Snow Leopard in their opinion). Luckily I already had xcode installed.

To install mysql using macports

sudo port install mysql5

Then you will avoid a bunch of frustrating errors (though you may enjoy that process) if you realize you need the server msql also.

sudo port install mysql5-server

Pay attention to the messaging when you do that and you will see, suggestion to

sudo -u _mysql mysql_install_db5

See the instructions that show for lots more on how to deal with that failing, as it did for me. Or celebrate if it worked.

Go ahead and add mysql to the default path open your .bash_profile or .profile

vim ~/.profile

Then I tried sudo /opt/local/share/mysql5/mysql/mysql.server start but that failed. At which point I found that macports has its own version

sudo port load mysql5

Which worked.

To login to MySQL you can use (root is created with no password on install).

mysql5 -uroot -p

Go ahead and change the root password as the first thing you do.

Related: Getting Ruby on Rails & mysql setup on a Mac OSX Leopard clean installMacPorts doesn’t install org.macports.mysql5.plist with mysql5 +serverMySQL Performance Tuning TipsMySQL cli Syntax

Set the Web Server to Use the Domain Without www

The main reason to bother with this is to help search rankings. Sub-domains (for example, www.curiouscat.com and curiouscat.com) are treated as separate websites even if you have entirely the same content displayed for both. If 20% of the links to your site use the www and 80% don’t then your sites ranking by search engines is less than it would be if it was just treated as one site.

You can set the domain to use in Google webmaster tools. But that doesn’t do anything for all the other search engines. Also if you have both, some reports some will keep statistics separately for the non-www and www domain (Google Adsense does this, for example).

Using virtual hosts file (sites-enabled)

For Apache you can place the following code in your virtual hosts file (in the sites-available directory under Apache).

Replace curiouscat.com with your domain name.

<Directory /srv/www/curiouscat.com/public_html/>
  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www.curiouscat.com$ [NC]    
  RewriteRule ^(.*)$ http://curiouscat.com/$1 [R=301,L]
</Directory>

Then you need to capture the update and reload Apache.

Disable the site (in order to enable it with the updates)

sudo a2dissite curiouscat.com

Enable the site

sudo a2ensite curiouscat.com

Reload Apache (new way – Ubuntu 12.04)

sudo service apache2 reload

Old way to reload Apache was > sudo /etc/init.d/apache2 reload

If when you try to reload you get this error message:

“Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration” then enable modrewrite on apache:

sudo a2enmod rewrite

You should then be told to restart apache

sudo /etc/init.d/apache2 restart

Using .htaccess

Or you can include the following in your .htaccess file

  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www.curiouscat.com$ [NC]    
  RewriteRule ^(.*)$ http://curiouscat.com/$1 [R=301,L]

Related: Checklist for Setting Up a New Domain on VPSPhusion Passenger Tips and Troubleshooting Ideas

If you wanted to force www to be used instead just flip the regular expression around:

<Directory /srv/www/curiouscat.com/public_html/>
  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^curiouscat.com$ [NC]    
  RewriteRule ^(.*)$ http://www.curiouscat.com/$1 [R=301,L]
</Directory>

Customizing the Command Prompt for Terminal in Ubuntu

To customize the look of the command prompt for Terminal in Ubuntu you can insert code into .bashrc (if you are having trouble with updates in .bashrc not working you may want to see if it is set in .profile – thus overriding your .bashrc). Those files are found in your user directory /home/[username]

echo $PS1

will show you the current settings. You can make a change directly from the command line but it will only work for that session. For example:

PS1="\d\w $ "

This is the code I have in my .bashrc related to the terminal prompt

# set variable identifying the chroot you work in (used in the prompt below)
if [ -z "$debian_chroot" ] && [ -r /etc/debian_chroot ]; then
    debian_chroot=$(cat /etc/debian_chroot)
fi

# set a fancy prompt (non-color, unless we know we "want" color)
case "$TERM" in
    xterm-color) color_prompt=yes;;
esac

if [ -n "$force_color_prompt" ]; then
    if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
        color_prompt=yes
    else
        color_prompt=
    fi
fi

if [ "$color_prompt" = yes ]; then
    PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
else
    PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
fi
unset color_prompt force_color_prompt

Testing Email Using The Ubuntu CLI

For a Virtual Private Server (VPS) or any other web or other server you should have alerts sent by email for various things. So for example if you automate security updates for an Ubuntu web server you want to be notified if there is some issue with the automatic update.

In order to check and be sure email is setup and working on the sever there is simple command line code to use:

mail -s Test

you then get a prompt to enter

To: [enter the email and press return]

Cc: [press return]

then a blank where you can type in any text you want in the body of the message.

Then you send the message with by pressing CTRL-d

CTRL-d

If you don’t receive the email then you can troubleshoot what is going wrong.

Keeping Your Hosted Ubuntu Web Server Software Up to Date

To setup automatic security updates follow the instructions from Ubuntu.

To run security update manually

sudo unattended-upgrade

A full update of all packages can be done using the follow, remember this may create some issues is one update makes something else you have no longer work properly. You should test to make sure things all work after the updates (for production systems obviously you should test things before [first updating the staging server to make sure the updates don’t cause any problems] and after the updates).

First update the local package index (to find what needs to be upgraded).

sudo apt-get update

Then upgrade the software.

sudo apt-get upgrade

Using Git and Github

To download a repository hosted on github

git clone git@github.com:account_name/repo_name.git

The git@github.com:account_name/repo_name.git will be shown on the home page for the repository on github.com

To update your code from the master branch of the repo:

git pull origin master

To commit the changes you have made locally:

git commit -m "the message explaining what these code changes did"

To send your changes to the repo at github:

git push origin master

Managing Users in Ubuntu

add a user: sudo adduser [newuser]

sudo adduser john

then give password, and setup home folder,when prompted

edit the list of super users

visudo

list users

cat /etc/passwd

change password of a user – sudo passwd [username]

sudo passwd john

to change your password you can just use sudo passwd.

delete user

sudo deluser username

This will not delete the home folder (and subfolder) those must be dealt with separately. A new user created with the old user name would have access to those files.

temporarily lock a user account – Simply locking a user account will not prevent a user from logging into your server remotely if they have previously set up RSA public key authentication.

sudo passwd -l username

To unlock the account

sudo passwd -u username

Groups

Groups are used in to control permissions (see file permissions)
add user to a group
usermod -G [group-name] [username]

usermod -G basketball john

using the -G switch ads the group as a supplemental group. Using -g would make the group that users primary group.

see what groups a user is in

id john

add a new group: groupadd [new_group_name]

groupadd ruby_developers