Back to PHP

Posted on 11 August 2018 in Asides • Tagged with drupal, php

A few months back I started a new job with a much greater focus on development work over IT systems management. Unfortunately this has led to a pretty big drop off in amount of time spent on personal side projects, but happily my new employer is fully supportive of open source and I am able to release much of what I work on to the wider community.

I have recently pushed three projects out:

  1. Views Contextual Range Validator: A very simple Drupal 8 module adding a Views contextual filter for range validation, descriptively named.
  2. PBS Passport: An OAuth2-based authorization system for Drupal 7 and accounts.
  3. Lightbox Campaigns: A Drupal 7 and 8 module for running custom, targeted "campaigns" using full screen "lightbox" displays.

It has been interesting returning to the world of PHP after focusing so heavily on free time personal projects in Python. I am saddened to find myself away from the (much) less verbose syntax of Python, but happy to be back in the language that I grew up hacking on.

This has also given me the opportunity to work more with custom module development in Drupal 8 and I'm excited to do more of that …

Continue reading

Examining the Remnants of a Small DDoS Attack

Posted on 03 December 2016 in Technology • Tagged with apache, botnets, ddos, drupal, ip, logs, sqlite

On Sunday (27 November 2016) a small website that I advise on was the victim of a DDoS attack that managed to knock the site offline. I received notice on Monday that the website was not working. I was able to ssh to the web server and quickly found that the database service was stopped. After a brief examination of the database logs (nothing too out of the ordinary), I started the service back up and sure enough the website came back online. As the website runs on Drupal, I logged in to take a peak at the Recent log messages and found hundreds of records of log in attempts from a lot of different IP addresses. User accounts on the website are only used by administrators to update content, so it was clear that the site was hit by a DDoS attack!

After getting things back online, I poked around the various log files to try to get an idea of what happened. The Drupal watchdog logs seemed to indicate that the attack started around 15:22 EST and overloaded the server's memory around 15:42 EST. The Apache server's access logs, however, revealed that the attack started closer …

Continue reading