I was recently playing with Google’s webmaster tools and ran into a problem with my custom error page. Although I have had it set up for some time, it was apparently incorrectly configured. Google complained ‘We’ve detected that your 404 file (file not found) error page returns a status of 200 (Success) in the header. ” which means that the page was found and they’re not happy.

In order to troubleshoot this, I connected to my web server using telnet. This enabled me to see the exact data that Apache is delivering in reply to the request. This is what you need to do

1. Open a Command prompt window (run cmd.exe on a PC)
2. Connect to the web server (Apache) using telnet. If your web server does not run on port 80, then use the correct value. telnet mydomain.com 80
3. Ask for the header of a non existent page by typing HEAD invalidpage.html HTTP/1.0. Although the cursor moves, NO TEXT WILL APPEAR ON THE SCREEN.
4. Press the Enter key twice and wait for a reply

The reply you get should look something like this

HTTP/1.1 404 Not Found
Date: Fri, 30 Mar 2007 11:30:22 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Fri, 30 Mar 2007 09:56:45 GMT
ETag: “13148ae-4fd-e39fb140;741a7f80″
Accept-Ranges: bytes
Content-Length: 1277
Connection: close
Content-Type: text/html

Connection to host lost.

When I tested my site, I found that it was responding

HTTP/1.1 302 Found
Date: Fri, 30 Mar 2007 11:33:22 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b PHP/4.4.2
Location: http://xxx.xxx.xxx.xxx/404.html
Connection: close
Content-Type: text/html; charset=iso-8859-1

Connection to host lost.

So my server was returning a status code of 302 which is a temporary redirect. When Google followed this to the new location, it received the 200 status code as the ultimate file exists. I tried adding the line
<meta http-equiv="Status" content="404 Condition Intercepted" />
in the head section of my error file as suggested on another site, but it made no difference. The real problem was that I had failed to notice the comments in the Apache manual

Note that when you specify an ErrorDocument that points to a remote URL (ie. anything with a method such as http in front of it), Apache will send a redirect to the client to tell it where to find the document, even if the document ends up being on the same server. This has several implications, the most important being that the client will not receive the original error status code, but instead will receive a redirect status code. This in turn can confuse web robots and other clients which try to determine if a URL is valid using the status code.

I wanted to use the same error page for multiple domains hosted on my VPS and so had hardcoded the IP Address into the URL. The line in my Apache configuration file read ErrorDocument 404 http://xxx.xxx.xxx.xxx/404.html. I therefore changed it to ErrorDocument 404 /errorp/404.html and created an alias for /errorp/ Alias /errorp/ “/path/to/custom_errors/”. My custom error page now responds correctly

HTTP/1.1 404 Not Found
Date: Fri, 30 Mar 2007 12:43:22 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_gzip/1.3.26.1a mod_ssl/2.8.12 OpenSSL/0.9.6b PHP/4.4.2
Last-Modified: Fri, 30 Mar 2007 12:12:48 GMT
ETag: “2c6439c-261c-460d8b60;46a7f31a”
Accept-Ranges: bytes
Content-Length: 9756
Connection: close
Content-Type: text/html


If you have to use http: in your Custom Error Page's definition, then you are better off using a redirect in a local file. This will preserve the error status code. Your local error file should look something like this

<HTML><HEAD>
<META http-equiv=”refresh” content=”0; URL=http://www.example.com”>
</HEAD>
<div style=”visibility:hidden”>
;Lets insert some random text here in order to keep Microsoft Internet
;Explorer happy. In their wisdom, Microsoft have decided that any custom
;error page with less than five hundred and twelve characters of text
;in it will be totally ignored and they will display their Friendly HTTP Error
;message instead. This is detailed in knowledge base article Q294807
;at http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294807
;Well, I think that that is enough from me for now or maybe I should
;just type a little bit more to make sure that I have typed enough…
</div></BODY></HTML>

Add this article to your bookmarks

I had some problems achieving the expected throughput from my broadband supplier. I have a nominal 24 Mbps ADSL2+ connection and should be achieving downloads of 14 Mbps. These are the steps to follow to improve your downloads.

First, establish whether the problem is upstream or downstream of your router.

• Find out how far you are from your telephone exchange. The only way to get a true value is by running the line test facility, but BT have restricted this to authorised personnel. So, in the meantime raise a ticket with your provider and get them to find out. Alternately, you can get a rough idea by plugging your phone number and postcode into the Broadband Checker over at DSLZoneUK and you’ll get a pretty map. . I cannot find this on SamKnows anymore…
  Example: 460m
• Calculate the route using Multimap to drive it for you. This will give you a rough guide of your possible cable length; they don’t always follow the most logical routing and if you’re in a rural environment, the cables will cut across fields.
  Example: 700m
• Download and run DMT from http://dmt.mhilfe.de/. This page is in German, but just search for your modem and download the right version; this is v7.31 for the Speedtouch 780. You might be able to use this link for a Google translation of their site.
• Look in the bottom right of the third graph (Channel Characteristics). This will give you the estimated loop length. This should be similar to your twice the cable length.
  Example: 830m-2015m
• Go to router’s web interface and check what your current Sync speed and Line Attenuation are.
  Example: Bandwidth (Up/Down) [kbps/kbps]:394 / 18,106 —> 18106 kbps --> 17.7 Mbps (18106/1024)
  Line Attenuation (Up/Down) [dB]: 7.5 / 19.5 —> 19.5
• Look up your expected Sync speed using either this interactive tool or the graphs provided by afster or Internode graph. Take 10% off the figure provided by the interactive tool to get a realistic sync speed.
  Example: Approx 18.2 Mbits/sec according to average graph
• IF your sync speed is significantly lower than the expected value OR your Line Length is higher than predicted, THEN start looking at wiring issues. If not, then check OS parameters.

This graph shows the real life results from hundreds of users, relating their sync speed to the downstream attenuation reported by their router. Those above the green line are lucky

Next optimise your PC’s performance. You will need to be logged on as a user with Adminstrative privileges. If you only have one account, then you will have the required privileges.

• Download and run TCP Optimiser from SpeedGuide.net. Click on Optimal settings, Apply changes and exit.
• Reboot your computer.
• Verify that your Network card is configured for maximum throughput (100 Mbps Full Duplex). To do this, click on
  • Start
  • Control Panel
  • Network and Internet Connections
  • Network Connections
  • Select your network card and click on Change Settings of this Connection or right click on the card and select Properties…
  • Click on the Configure… button next to the Network card name
  • Click on the Advanced tab.
  • Set the appropriate property to 100 Mbps Full-Duplex. On my network card, this is called Media Type There are other tweaks that you can do here, such as disable Rx and Tx Checksum Offload. I am not sure of the advisability of doing this.
  • Click on OK
• Run Microsoft’s Guided Help to maximise your PC’s performance. WARNING! This will disable all themes and turn your PC into retro mode Further details can be found in this knowledgebase article
• Minimise the window during downloads where possible. It is possible that your graphics processor cannot keep up with the download
• Check CPU usage during downloads and investigate any processes which are consuming too much. Anti Virus packages such as Kaspersky have been known to cause problems during downloads, so try disabling them TEMPORARILY while running any download tests.
  • Right click on a blank area of the taskbar at the bottom of your screen
  • Click on Task Manager
  • Click on the Processes tab and then double click on the column labelled CPU. If the CPU column is not displayed, then click on View and Select columns… then enable the CPU Usage option.
  • The process using the most processor time should be at the bottom of the list
• Check your memory usage during downloads and investigate any processes which are consuming too much. If the Memory Usage column is not displayed in the task manager, then click on View then Select columns… and enable the Memory Usage option.

All speed checks should be run using a properly shielded Ethernet connection, even if your Wireless connection claims an ‘Excellent’ signal strength. If everything is OK, then we should be able to get download speeds at upto 80% of our sync speed.

NOTE: Speed Tests are to be used as a guideline only. As one commentator said

Add this article to your bookmarks

DRAFT POSTING

This post is very long, so I have broken it down into multiple pages.
Page 1 - Installing rsync daemon on your server
Page 2 - Installing rsync client on your PC
Page 3 - Scheduling rsync automatically
Page 4 - Errors I encountered and their solutions

Download and build rsync from source

• Start a SSH session to your server
• Download the source from samba wget http://samba.anu.edu.au/ftp/rsync/rsync-2.6.9.tar.gz
• Extract the source code gunzip -c rsync-2.6.9.tar.gz | tar x
• Change into the directory so that we can build the software cd rsync-2.6.9
• You will need the GCC compiler installed if you have not already done so.
• Run the auto configure script so that the server can work out if everything necessary is present ./configure --prefix=/usr/mylocal --with-included-popt >log.config 2>err.config
• Check that no errors were logged by the configure script less err.config
• Build the application make >log.make 2>err.make
• Check that no errors were logged during the build process less err.make
• Install the application make install >log.install 2>err.install
• Check that no errors were logged during the installation less err.install

Configure the rsync daemon

We cannot use the default port (873) on Westhost as this is used by Westhost’s own application for nightly backups. Nor can we use ports below 1024 as these require us to run as root. However, ports 8730-8732 are unassigned by IANA (Internet Assigned Numbers Authority), so we can use any of these.

• Create a directory for your configuration files. mkdir /etc/rsyncd
• Create a new configuration file pico /etc/rsyncd.conf. The configuration file consists of a general configuration section which applies to every module and one (or more) modules. Each module starts with its name in square brackets, for example [rsyncd_module].
  This sample configuration file will allow upto 3 rsync clients to read the contents of /ftp/pub/rsync PROVIDED that they authenticate themselves by providing the correct credentials AND their IP Address is in the range specified by hosts allow. The connection will close down after 5 minutes (300 seconds) of inactivity.

  #Global definitions
  #Message of the Day
  motd file = /etc/rsyncd/rsyncd.motd
  log file = /var/log/rsyncd.log
  pid file = /var/run/rsyncd.pid
  lock file = /var/run/rsyncd.lock
  port = 8730

  #Module Options begin here
  [rsyncd_module]
  path = /ftp/pub/rsyncd
  comment = My Very Own Rsync Server. This area is ReadOnly
  max connections = 3
  timeout = 300
  uid = myuserid
  gid = vuser
  read only = yes
  list = yes
  auth users = rsync_user
  secrets file = /etc/rsyncd/secrets
  hosts allow = xxx.xxx.xxx.xxx/xx
  hosts deny = *

  Replace the module name, myuserid, vuser and rsync_user as necessary for your system.
  If you want to limit those who have access to your rsync server, then specify the “auth users” and “secrets file”. If you want to restrict where they can access the rsync server from, then you will also need the “hosts allow” and “hosts deny” variables. The value for “hosts allow” should be set to your IP address if you use a static IP (example 10.0.0.1/32) or the range if you use a dynamic IP (example 10.0.0.1/16). Multiple possibilities can be separated by a space. If you don’t understand this bit, then leave “hosts allow” and “hosts deny” out of your configuration for now.

• Create the secrets file pico /etc/rsyncd/secrets. Format is username:password in plain text, one user per line. If you want to communicate over SSH, then ensure that one of the users is your account’s user id; it need not have the same password here as for logging in.
• The secrets file must not be readable by other users, so change the access rights by using the command chmod 600 /etc/rsyncd/secrets
• Create your Message Of the Day file pico /etc/rsyncd/rsyncd.motd. This text will be displayed when a connection is made to your server.

Add this article to your bookmarks

I have recently experienced some DNS problems and so decided to look into configuring an alternative or Secondary DNS for my domain. A secondary DNS server will copy the DNS settings from your primary DNS server on a regular basis, so there is no need to maintain two sets of data. If you use separate records, then browsers will have problems deciding which is up to date. There are several free services out there including Twisted for Life and Zone Edit. Other fee paying services you might consider are SecondaryDNS or EasyDNS.

Once you have signed up with your secondary DNS provider, you will need to submit a support ticket to your hosting provider (unless you have true root access) in order to modify your current DNS server’s configuration. Let's assume that your new nameserver is called ns1.alternativeDNS.com. On Westhost you will need to ask them to edit your BIND file (/var/named/db.yourdomain.com) and add a line similar to yourdomain.com. IN NS ns1.alternativeDNS.com. The trailing dot is important!. Your hosting provider may also have to add ns1.alternativeDNS.com to their nameserver to permit AXFR transfers of the information . If this does not work, try editiing /etc/named.conf.

Once this has been done, your secondary DNS provider will be able to mirror the details from your current provider. You can check that your secondary DNS provider has the correct information by retrieving the information from their nameserver. You need to type nslookup www.yourdomain.com ns1.alternativeDNS.com in Windows, or dig @ns1.alternativeDNS.com www.yourdomain.com in Linux.

The final step is to modify the nameserver entries with your registrar. Log in to your account with them and add this new nameserver to your existing list. This will take a while to propogate around the internet, so come back later and check that all your nameservers are listed when you use the command nslookup -type=NS yourdomain.com in Windows or dig -t NS yourdomain.com in Linux.

Check that everything is correct by going to DNSReport.com

Add this article to your bookmarks

This is a sendmail error and causes the header X-Authentication-Warning: to be added to your email. It occurs when sendmail is accessed without logging in and you have PrivacyOptions=authwarnings in your sendmail.cf file.

If you have access to your sendmail configuration, then simply remove authwarnings from the line beginning “O PrivacyOptions=” in /etc/mail/sendmail.cf. (I did not start to get this error until I enabled the genericstable feature).

If you do not have access to your sendmail setup, then all email you receive will probably have it added as a header. However, you may be able to avoid adding this header to your outgoing email by configuring your email client so that it logs in to sendmail first. Here is how to configure some common email clients

Outlook

Click on menu item Tools
Click on submenu item Options…
Click on Mail Setup tab
Click on E-mail Accounts… button
Select the option View or change existing e-mail accounts
Click on Next
Select the account you wish to change
Click on the Change… button
Click on the More Settings… button
Click on the Outgoing Server tab
Select My outgoing server (SMTP) requires authentication
Select the option Use same settings as my incoming mail server

Outlook Express

Click on menu item Tools
Click on submenu item Accounts…
Click on the Mail tab
Select the account you wish to edit
Click on the Properties button
Click on the Servers tab
Select My server requires authentication under Outgoing Mail Server
Click on the Settings button
Select the option Use same settings as my incoming mail server

Thunderbird v1.5

Click on menu item Tools
Click on Account Settings…
Select Outgoing Server (SMTP) in the left hand pane
Select the server you wish to edit in the right hand pane
Click on the Edit… button
Select Use name and password under Security and Authentication
Enter your User Name
Select option No for Use secure connection unless you have SSL installed.

Add this article to your bookmarks