Tag Archives: perl

Making the Correct Insanely Difficult

tl;dr

If you’re trying to configure nginx on Elastic Beanstalk to redirect http requests to https, here’s what I learned.

  • During deployment, the nginx configuration for your app is located at this file path: /tmp/deployment/config/#etc#nginx#conf.d#00_elastic_beanstalk_proxy.conf via
  • Using a container command, you can edit that nginx configuration file right before it gets deployed.
  • I used a little perl one-liner to insert the redirect.

Background

So... we're using Amazon Web Services Elastic Beanstalk for one of the apps I'm working on. It's pretty easy to get started, but it's also really easy to find that you’re fighting Elastic Beanstalk to get it to stop doing something stupid.

I was fighting one of those "stupid" things the other day: http-to-https redirect.

Let's say you have a web application that requires users to login with a name and a password. You don't want users' passwords getting sent over the internet without being encrypted, of course. So you enable SSL and serve content over https.

But sometimes, users type your domain name (like, “google.com”) into the address bar, which defaults to http. Or they follow a link to your app that mistakenly uses http instead of https. In any event, you don’t want users who are trying to get to your app to get an error message telling them there’s nothing listening on the other end of the line, so you need to be listening for http requests but redirecting them to https for security.

Now, our app is written in Node.js, and we’ve configured Elastic Beanstalk to point internet traffic to an Elastic Load Balancer, which terminates SSL and proxies traffic to the backing servers, which are running our app behind nginx. This might sound like too many levels of indirection, but nginx is optimized for serving static content, while Node.js is optimized for dynamic content, so this is a pretty common setup.

And this is where Elastic Beanstalk gets stupid.

When we configured our app to listen for both http and https traffic, Elastic Beanstalk directed all of that traffic to nginx — and configured nginx to direct all of that traffic to our app — without giving us any way to redirect http traffic to https.

I imagine lots of apps want to respond to both http and https traffic while redirecting insecure http requests to secure https requests. Maybe I’m wrong.

Anyway, I want to do that. And I found it insanely difficult to accomplish.

HOWTO: Create a Perl Shortcut That Acts Like a Drop Target In Windows

UPDATE: I recently installed ActivePerl 5.6.1.638 on a new Windows XP system, and I did not need to take any special actions to make perl scripts into drop targets. YMMV.

If you use perl on Windows, you've probably got at least one script that you'd like to be able to put on your Desktop and drag-and-drop files onto to perform some function on the dropped files. There are at least two ways to accomplish this.

  1. If you've installed Active State Perl, every perl script with the ".pl" file extension on your system is associated with perl. You can make every one of these perl scripts a drop target by creating a Drop Handler as follows: Create a new registry key "shellex" under the "HKEY_CLASSES_ROOT -> Perl" key with a default value of {86C86720-42A0-1069-A2E8-08002B30309D}. You can do this manually, or save and run this .REG file to modify your registry automatically.
  2. Alternatively (or in addition), you could create a shortcut to Perl and add the path to the perl script as an argument, e.g., in the "Target" field of the shortcut properties, type "C:\Perl\bin\perl.exe" "\PATH_TO_YOURSCRIPT\YOURSCRIPT.pl". The shortcut will automatically be a drop target whether or not you implemented the registry change above. (You could also create a shortcut to wperl.exe, rather than perl.exe, and eliminate the DOS box.)

Trackback Spam

As of its most recent version, b2evolution has a problem with trackback spam. Several b2e users (including Whoo and Graham) have suggested renaming the directory that contains (among other things) the trackback script. In theory, this should eliminate spam from bots but should not effect legitimate commenters and pingers.

Here's a perl script I wrote to automate Whoo and Graham's suggestion: hidehtsrv.pl. I suggest creating a cron job to run hidehtsrv.pl periodically. Note: this script requires another of my perl scripts, randpass.pl, a pseudo-random string generator.

Here's a b2evolution forum thread about trackback spam, and here's a b2evolution forum thread about why renaming is effective.

See also my post about comment and referrer spam and my b2evolution forums post about this solution.