Category Archives: SDLC

Software Development LifeCycle

Installing a secure Apache webserver to run Perl

So, you want to run Perl on the web, because it’s the 90s all over again. You want HTTPS, because… no, there’s no because.  You want HTTPS.  Who wouldn’t?  Here’s what you do on a Debian Linux such as Ubuntu:
sudo apt-get install apache2 libapache2-mod-perl2
mod-perl is an Apache module that allows Perl programs to be executed from Apache.

Our goal is to get /var/www/html/ running at

print "Hello World"

Disable the default Apache virtual host:

sudo a2dissite 000-default.conf

Create an file in /etc/apache2/sites-available with your text editor, replacing instances of with your own domain name in both the configuration file and in the file name /etc/apache2/sites-available/

<VirtualHost *:80>
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
     <Directory /var/www/>
              Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
              AllowOverride None
              AddHandler cgi-script .pl
              Require all granted

<IfModule mod_ssl.c>
<VirtualHost *:443>
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
     <Directory /var/www/>
              Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
              AllowOverride None
              AddHandler cgi-script .pl
              Require all granted

If you have multiple sites, you’ll want to do things with DocumentRoot to isolate them from each other. But that’s for another post.

You might add in DirectoryIndex / to make execute your program.

The Directory section above allows you to isolate executable code from served code, which is good practice. For this example we’re dumping the executable in with everything else, which is questionable.

Repeat this process for any other domains you host.

sudo a2ensite
sudo ln -r -s /etc/apache2/sites-available/ /etc/apache2/sites-enabled/
sudo service apache2 restart

Punch holes in your firewall for ports 80 and 443.  Navigate to to check all is okay. You ought to see Hello World displayed for your website.

Having security used to be a pain.  SSL certificates signed by a recognised CA cost money, and then you’d have to keep them up to date, and there wasn’t process automation, so you’d do all that stuff by hand.  LetsEncrypt address all these problems, handing out free certificates and scripted everything.

Now it’s time for the S part of HTTPS:
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache
sudo certbot --apache

certbot renew
If that works, we’ll automatically renew our 90-day certificates every month:
echo '@monthly root /usr/bin/certbot renew >> /var/log/letsencrypt/letsencrypt-auto-update.log' | sudo tee --append /etc/crontab

Done.  You’ll never have to worry about certificates again. Now alter your Apache sites-available file (look in /etc/apache2/sites-available/) to include the (optional) redirect HTTP to HTTPS and the mandatory location of the SSL certificates:

<VirtualHost *:80>
# Only allow HTTPS
RewriteEngine on
RewriteCond %{SERVER_NAME} =
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

<IfModule mod_ssl.c>
<VirtualHost *:443>
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf

Now make the secure version live, and in the process the insecure one… shy? When a request is made for a http page, like, the response will be “Here’s where what you asked for has moved to… forever!”:
sudo service apache2 restart
Now requesting ought to deliver you to

Pointless choices

This seems to be common on store finder applications on the web: After entering the postcode, you’re asked to enter the suburb as well.


It makes zero difference what you choose, because the suburbs aren’t huge. The Store Locator shows you stores within at least 5 kilometres, but the suburbs are much smaller than that.

In fact it’s worse in the case of the Coles Catalogue, because it ends up giving you a catalogue which is clearly marked “Vic Metro” – which applies to the entirety of scores of postcodes.

Is there anywhere in the country that has suburbs big enough that it would matter? I haven’t found any.

Making people make this choice is pointless. It’s just another barrier to them getting to your information.

Test Driven Bug-cases

What if every bug report, valid or invalid, required a test case, per Test Driven Development?

Banshee: please, pick a version

Banshee is a cross-platform audio player built using Mono.

If you go to the official website and install Banshee for Windows, you’re offered version 2.4.0 with warnings about it being alpha and all (as of April 16, 2013 the latest version is 2.6.1). Once you’ve downloaded it, when you then run it up, you get the following dialog:

Infuriating.  Why wasn’t I offered that one by the website? Naturally, one selects “Hell yes, give me the current (actually, still behind the main branch, but more current than what I’ve got) release!”, which is then followed by

and no freaking explanation of what went wrong. How am I meant to fix this? Given that the project is built for a VM, why am I offered one version, then offered the chance to update to a different version, and both of these versions are behind the current release?


Thunderbird does error message wrong

Thunderbird discovered that yahoo have changed their mail server’s POP3 behaviour, meaning you can’t leave mail on their server and download it locally. So it pops up the following message box:
POP3 has failed
This message box is app-modal. You can’t just fix the problem, you’ve got to take notes (a screenshot suffices) and then fix the problem. A bunch of faffing around, when it could have just said “Do you want your Server Settings automatically changed so that your mail can be fetched? Yes/No”. Or you could have this pile of technical information in a non-modal dialog box, and bring up the settings dialog for the user to solve the problem. Or just have this pile of technical information in a non-modal dialog box, so a screenshot isn’t necessary.

Or you could just make people angry, that works too.

Netbook won’t run video-editing software: film at eleven

So apparently some of the computers bought with Digital Education Revolution money are underpowered for the software suite loaded on by state education departments.

The Lenovo netbooks handed out to NSW students in 2009 and 2010 sport a 1.66MHz Intel Atom N450 processor, 2GB of RAM, 160GB hard drive and 10-inch screen

A rig with these spacs this is my primary Windows machine, and for a while was the most powerful machine in my house.  It’s fine for not playing HD video or anything that challenging, although operating without the (maximum) 2 gig of RAM is a weedy beast (the raw boot memory consumption is 640 meg, leaving plenty of space to run Notepad or perhaps Windows Performance Monitor).  With 2 gig it runs browsers, spreadsheets and word processors without complaint, but:

A NSW education department spokesperson, in response to complaints from students that their free netbooks don’t have the performance to run Photoshop, said

“Slow performance has not been highlighted as a major issue with the laptops … As with all computers, after time they can slow down. The department regularly upgrades the versions of software and performs a tidy up to ensure smooth running of the devices. This helps avoid slow boot and operating times.”

A. Why are these kids whining about free computers?
B. What the hell do school kids need Photoshop for?
C. Why would the passing of time cause a computer to slow down?
D. How does upgrading software versions improve boot times or even operating times?

Maybe the “tidy up” is the important bit.

Windows Media Center Edition 2005 doesn’t need wmlauch.exe

For those of you installing Windows Media Center Edition 2005 off MSDN disk 2429.4 (November 2005) and freaked out by it asking for a Windows XP Service Pack 2 (Windows XP SP2) disk, don’t worry: Just select the “skip this file and continue anyway” option because the install doesn’t need wmlauch.ex_ or wmlauch.exe – and I’m lead to believe that Windows XP SP3 will add it, or if not, Automatic Updates will. Just relax, and go with the flow.

I think that’s enough keywords, searching ought to find this now. Oh, hang on: Windows MCE 2005.

BTW, your XP Professional disk with integrated SP2 doesn’t hold the requested file, so don’t bother looking.

Cheap hardware fails: film at eleven

I was wandering through my local Coles supermarket last night and found a $40 M-TV brand SD Set-top box. I figured that sounded like a good deal so bought it. It plugged in, tuned up, worked well and supported my 16:9 TV. It proved that the digital reception issues I’ve been having are not the fault of the TV cards.

This morning the sound had almost died. Very quiet, and with popping and such overlaid.

In the hardware industry, this is called “infant mortality“. If the cost of handling returns is high, you try to catch the early failures by running a burn in test. We did that at my first job, because we were experiencing massive infant mortality rates – they all worked fine right out of the box, but run ’em for a day and poof! they were dead. So we built a rig to have them scan a barcode over and over again, and software to capture the results and check for accuracy. Shipped a bunch of duds back to the manufacturer, who smartened their game up, and stopped pissing off our customers.

I guess STBs sold by supermarkets don’t have high return handling costs.

This Is Broken is broken

This Is Broken used to be a terrific blog — simultaneously entertaining and educational (at least for those of us who have anything to do with building or implementing interfaces of any kind).

But now it’s broken. It’s all migrated into the Good Experience Blog, which might be okay in principle, but it dilutes all the Broken stuff that was the most fun. I don’t want to read job offers for North America. Nor am I particularly interested in many of the articles. And while you can view just the Broken articles on the web, there’s no RSS feed for just those posts.

(I’d leave a comment to this effect on the This Is Broken post that announced the change, but comments are closed. Which is also broken. Someone else left the same comment, anyway.)

So I’ve unsubscribed to the Good Experience RSS feed. There is a Flickr group that is still dedicated to broken stuff, though its attached RSS feed appears to link to an inactive discussion forum.

The Project

I started The Project primarily so I could learn PHP. I’ve been using ASP (classic and .Net) for a while now, but wanted to try another web development language, preferably one that would be compatible with my dirt cheap web hosting. The way I envisaged it, it would be straight HTML/CSS, no fancy AJAX, using PHP and database lookups.

For development, I set up a Virtual PC with Win2K on it (quickest, best, easiest basic Windows version I had an unused licence for) and put IIS and PHP and MySQL on it. All reasonably easy. For database admin I put on PhpMyAdmin; it’s what runs on my web ISP, and is reasonably easy to use. For the IDE I looked around at Zend and some of the other paid tools, but decided to try DevPHP, a freeware thing, until I figured out if this project was going to fly.

It was all going well until I wanted to do some mod_rewrite fiddling with .htaccess. There are a few things around the place that purport to make mod_rewrite (or an approximation of it) work in IIS, but nothing seemed to do it well. In a fit of rage I ended up removing IIS and going the whole hog and installing Apache instead. It actually runs very well on Windows, and (after re-installing PHP and doing some config fiddling) matches my web ISP much better than any version of IIS could.

After using it for a bit, I also got a bit fed-up with PhpMyAdmin, which is particularly laborious for entering data. It’ll only do two records at a time, and semi-regularly seemed to ignore the second. Then I found the MySql GUI tools, which by comparison are an absolute Godsend. Why did nobody tell me about this before? (Actually it looks like I found a bit of it some time ago, but hadn’t used it properly until now.)

The coding has been coming along nicely, and the basic functionality is ready. I’ve got a couple more enhancements I’d like to do before it goes public.

So what is The Project? Not telling. But it’s aimed at non-geeks, going to be free for users, with Google Adsense to try and pull in some income (and get it indexed quickly). Maybe it’ll pay for itself, maybe not. But even if not, it’s already been successful as a way for me to learn some PHP.

Update 2007-04-19: The Project is now live.