Categories
Web Youtube

The Reddit Thing

Yesterday I got a notification from Youtube stating that COPPA/Made for Kids was being forced come January. I’ve largely ignored these messages, as my channel is not that big, not very expansive, and not terribly interesting. However, when these settings apply to everyone, and I am a member of everyone, well, maybe it’d be worth paying attention to.

And boy, was it worth it! The Made for Kids deal coming through Youtube does a number of things to videos which I imagine more money-minded people will care about more:

  1. Only child-friendly ads/no ads
  2. No comments
  3. No watch later

I read a few articles and watched a few videos on what counts as “Made for Kids,” I realized a lot of my stuff actually does count, even if I didn’t actually make it for kids. What comes to mind are my old LEGO animations, Minecraft sessions, and a short Disney Christmas clip that was uploaded as a ‘check out this 30 second clip encouraging duck cannibalism’. My account isn’t largely going to drag the kiddies in by the bucketloads, but there are some things. Therefore, I’ve taken Youtube’s instruction to mark my channel as “NOT Made for Kids,” but will piecemeal the few videos that are, and deal with it.

Well, the ad-nerfing I don’t care about, as I don’t monetize my channel at all. But commenting? That’s the biggest deal to me. Since I don’t care as much with “view counts”, comments are really the biggest dopamine rush that Youtube will provide for me on my stuff. Namely that Donald Duck Christmas clip.

So what did I decide to try to do? I started a subreddit at reddit.com/r/ppsstudios!

Besides, I like to reserve my “brand” of PPSStudios anywhere I can. So why not just squat on that page if anything?

Right now, it’s marked as completely private, so nothing should be visible (even though 8 people were lurking around last I checked), but eventually my grand plan is to drop in a link and direct video viewers to that page via an end screen and video description on every Youtube video.

Or perhaps for my Dungeon World campaign on another Youtube channel, there can be some conversations there. I don’t know.

Is there a Reddit replacement for the WordPress Comments system? Sorta like Disqus?

I’ll have to think on this.

For now, though, feel free to check in sometime when I’ve got a little time to set it up!!

https://reddit.com/r/ppsstudios

Categories
Games Life Web Writing

Diplomacy

I just finished listening to NoDumbQuestionsEpisode 53 – What Would Happen Every Time You Restarted Earth? I have to say, the discussion definitely got me onto two things which I briefly mentioned in my comment on Reddit (I don’t know if my thoughts will take off at this point, but I wanted to put them out there).

Categories
Graphics Photoshop Web Writing

Christmas Again

So I guess I could say Merry Christmas. Then again, I WANT to say, “Hey it’s that time of year where I break out my Christmas theme for a blog!” I haven’t done this in a long while, and given that I’ve moved over to WordPress, I wonder if it’s possible.

Stay tuned for theme-like edits in the next day or two. As soon as I find time to break out my old copy of Photoshop and a few stupid photos of myself which I may already have somewhere on this server, I’ll drop in a new banner image of some sort!

Categories
Programming Web

Super Duper Status Update

It works! I was a bit annoyed that the wordpress atom feed was only XML based. However, I do consider myself pretty good at googling things, and so I found this PHP library called “SimpleXML” which solved a LOT of stuff for me.

I used to display the first five Blogger titles on the homepage in a simple list with links.

Categories
Web Writing

Blogger Migration

So you may be wondering: what’s up with all these blog redesigns, Daniel?

Well, I got sick of Blogger. A whole lot. And about a month ago, I decided to do something about it.

Categories
Computer Programming Web

Manual letsEncrypt for CPanel

Jump to Renewal Instructions

At work I recently collaborated with our hosting provider to move our company website to a version of cPanel. Up until this time, there has been no way of running our site on SSL/TLS, and it’s been quite frustrating, having discovered LetsEncrypt and its ease of use. Basically, with this certificate signer, I have no reason to actually figure out the handshaking and signing process as was required in old command-line versions of SSL.

Well, our hosting provider’s version of cPanel has not really been expanded to allow for LetsEncrypt, even though multiple people on the cPanel forums say there’s a plugin available. Seems they don’t mind forcing me to pay another fee on top of everything to get an annual signature from the two default signers they had enabled in the system.

This made me wonder, and think, well CertBot, which generates the certificates and private keys and runs the signing requests automatically, always talked about this “cert only” option, and here on their website, I see instructions for a “manual” option as well. I thought this may have been exactly what I was looking for, since my scenario is – I have a website on a host who does not have LetsEncrypt enabled, but does allow me to upload certificates and keys from an offline source.

Here is my process of installing a LetsEncrypt SSL/TLS DV certificate on a cPanel site not equipped to generate one automatically.

Create a new certificate with any subdomains we’d need using certbot certonly -d c-pwr.com,www.c-pwr.com –manual

Certbot warns you that the computer’s IP you’re generating the certificate on will be shared with them, even though it’s not the server on which the cert will be installed on in the end. Type Y.
Without any “challenges” option in the original command, certbot assumes you’re using the acme challenge which involves uploading a text file to your site. Using cPanel’s file manager I simply do this.
Once the first file in acme-challenges is created, certbot asks us to create another file in the same place with a different string as its contents.
Once both files are created and saved to this location, we probably should verify that the URLs certbot is pointing to are actually visible from the public web.
 
Knowing that I can access the challenge files from my browser, I assume certbot will also be able to access them, presumably from a curl command or something, so I let it continue.
 
If we get the standard certbot success message, we now see that it’s created our certificate, chain and private key files in certbot’s standard location (I’m using the PPA repository through aptitude, so certbot automatically installs the latest versions of my certificates to /etc/letsencrypt/live/c-pwr.com/ , which are actually symbolic links to /etc/letsencrypt/archive/c-pwr.com/ , as every time we renew, it will archive the old files and create new ones.
 
I now can copy the contents of both /etc/letsencrypt/live/c-pwr.com/cert.pem  and /etc/letsencrypt/live/c-pwr.com/privkey.pemup  to cPanel in their SSL interface.
 
After this, I head over to the Manage SSL Sites tool and install this certificate as-is. It automatically detects the domains I specified in the original certbot command and applies the certificate to them.

Renewal

At this point, I have no idea how the renew will work. Since LetsEncrypt issues certificate signatures for only 3 months, this will become an issue sometime in August. I HOPE the acme-challenges will remain the same, but if they don’t, it should be a simple task to recreate the files as above, then copy the files in manually, assuming certificates and private keys can be edited once created in cPanel.
Renewing is super simple, but with this method must be run differently from an automated certbot renew.

 

  1. Run certbot certonly -d c-pwr.com,www.c-pwr.com --manual again.
  2. I am asked to create new acme challenges on the webserver which I did.
  3. Since the cert already existed in the /etc/letsencrypt/live, it detected this as a renew, and did not prompt me to upload certificates a second time!!
  4. I logged into cPanel and created two text docs in the File Manager as instructed, hit enter in my local server command line and it did everything from there.
  5. 2018-08-01: I forgot that I also need to update and re-copy cert.pem and privkey.pem to CPanel SSL/TLS Status in order for it to actually update, as cPanel just emailed and said my cert was expiring in ten days.
    • cPanel > SSL/TLS > Install and Manage (Manage SSL Sites)
    • Scroll down and select the old domain in the dropdown.
    • sudo cat /etc/letsencrypt/live/c-pwr.com/cert.pem
    • sudo cat /etc/letsencrypt/live/c-pwr.com/privkey.pem
    • Copy the certificate and private key text to the crt and key fields in cPanel.
    • Click Install Certificate.
Additionally, I needed to manually set up my .htaccess  file to redirect any http requests to the https version. This is usually done automatically by certbot during an automatic installation, and is embedded in the /etc/apache2/sites-available/000-default.conf  file, but since I don’t have access to this, .htaccess  will have to do.
Categories
Computer Programming Web

A Fun Adventure in PGP

So I got curious about PGP keys and signing and encrypting using them. I managed to figure out how to use the semi-popular gpg4win (the standard windows port of GnuPG) with its built in Kleopatra GUI, Outlook add-ins and all the other fun stuff.

Categories
Computer Programming Web

PHP Access Control List

A quick little Access Control List (ACL) snippet I made for PHP/HTML. Enjoy!

<?php

$acl = array(
    // Populate with IP/Subnet Mask pairs.
    // Any zero bit in the subnet mask acts as a wildcard in the IP address check.
    array("192.168.10.24","255.255.255.255"),
);

$acl_allow = false;
for ($i = 0; $i < count($acl); $i++) {
    $ip2chk = (ip2long($acl[$i][0]) & ip2long($acl[$i][1]));

    if ((ip2long($_SERVER['REMOTE_ADDR']) & $ip2chk) == $ip2chk) {
        $acl_allow=true;
    }
}

if ($acl_allow) {
    // Put all test stuff here!! Only visible to ACL.
    phpInfo();
} else {
    echo "<a href='http://this-page-intentionally-left-blank.org/whythat.html' target='_blank'>This page intentionally left blank.</a>";
}

?>

 

Categories
Computer Web

Expired Domains – A Headache (but a learning experience)

Hey all! It’s been a few months, I know. But I wanted to share an experience I had with my recent domain name headache.

So as you may or may not know, I’ve owned ppsstudios.com since May 2013. I purchased it via Google Apps which in turn set my registrar to eNom. Both are useful services and work reasonably well. I was attracted mostly to the (back in 2013) $10/year with free ID protection deal that Google Apps offered. Since then they’ve gone up to $12/year, but that’s not really an issue.

Categories
Computer Web

Finally! An internal DNS server that works (for me)!

So it’s been much too long since I wanted to do this, but thankfully, I have finally discovered the solution for which I can serve up my own DNS server for internal LAN things, but still have an external host that administers my public website!

My scenario and quandry was this: