So, since I last a piece I have actually been doing things.

One of these things is making a list of topics to write about on this very blog. Which involves a lot of thinking about doing and, in my case, not a lot of actual doing. Here we are to rectify this for today. Side note: the "w" key on my keyboard has got a bit wonky. I should probably fix it (ie clean it) as this is by far the best typing keyboard I have ever used, and didn't cost me anything. The wonders of Macalester IT throwouts.

Also on a further diversion, I've been listening to the Spring 2014 playlist from Off Kilter, a Macalester acapella group that I was fortunate enough to be a part of for all of my four years at the college. The Spring 2014 concert was an especially good one and features excellent and entertaining singers. Please listen to the entire concert here as it really is worth your time. You can find more acapella goodness their Youtube channel.

Stuff I've Been Learning

My brain hasn't been standing still in the past week. Hobbling slowly, perhaps, but moving nonetheless. Since I've got this blog now, and a Virtual Private Server (VPS) that I'm hosting it on, I've started to learn some HTML and CSS to write my own website. I'm learning from a combination of this website and a book from the library called Sams Teach Yourself HTML and CSS in 24 Hours, published by Sams Teach Yourself. It seems to be a good layout and easy to follow along, but progresses slowly. The tutorials from move at a faster clip but skip over a bit that the author assumes you know. Which I don't, so it's helpful to learn from both.

I've also been pretending to keep practicing Portuguese and Chinese, but neither are getting much attention at the moment. The focus remains squarely on whatever I find interesting right now.

Technical Nonsense

One item that I've been working on with some regularity is this blog and how to screw it up intentionally and un-. Or maybe that's just a side effect of my fascination with tinkering and trying to break it and put it all back together.


This blog, as I have mentioned before, runs on the blogging platform Ghost. The blogging software is then proxied with Nginx to the correct port on the server, 80, so that you and I can see it with our web browsers. Ghost has an admin page so I can log in to write these long-winded posts. However, as I am setting all this up myself, the admin page doesn't have encryption set up by default, which means that when I am sending my username and password to the server to log in, those credentials are in plain text. That is, if someone can intercept the password between my computer at home and the server somewhere in the cloud, or even just read it as it flies through the intertubes, they don't have to do any work to figure out what it is. They can just see what the password is. Thus the need to encrypt the traffic so that if someone can intercept the credentials, they can't read them. Because they are encrypted. This is where SSL steps in.

Without wanting to dive into how SSL works, because I'm not sure I understand myself, it allows web traffic to be encrypted between the sender (the person with the web browser) and the server (the computer with all the web pages and blog posts). One can obtain an SSL certificate by purchasing one from companies that are authorized to sell them, and there are many different kinds of certificates for different use cases at various prices. Or one can create their own certificate, which is really only useful when you don't care about a big scary browser warning about how the certificate is untrusted, which is appropriate for my use. I may end up purchasing a certificate, but right now I am fine with just using my own.

I realize that I'm not doing a particularly good job describing these technical things. Perhaps I am simply writing for myself. That seems like a good bet.

Nginx and Fail2ban

I use Nginx to handle the proxying for Ghost to port 80 for the URL which is a subdomain of the main website I'm in the process of writing the first basic webpage for so soon that might be functional. To do so, I'll have to use Nginx to essentially host two websites, and Fortunately this seems easy to do, at least with Nginx.

To connect to the server this blog is hosted on I use a service called Secure SHell (SSH). Because this is the most common way to connect to a Linux server over the internet, once script kiddies and bots learn your Ip address they fall over themselves trying to kick the door in and eat all your cookies. Or so it seems. One small step I've learn to use to help deal with this problem is the software Fail2ban. Fail2ban tracks all login attempts, and if an IP fails trying to login more than a certain number of times (my limit is 3) they are banned from trying again for a certain amount of time (my limit was 30 min but I recently raised it significantly). This is only one step of a security strategy, bit its a neat first step.

I was planning to talk about stuff I've been reading about, but I've already rambled a lot and the things I've been reading about deserve a lot of discussion. That'll be another post. Also, I plan on having actual discussion about football (football, not handegg) soon. And comments! Soon there will be a place for one and all to vent their spleen.