I had two goals:

• Find a way to disable all fcgi for the specific vhost.
• Find a way to disable a specific fcgi for the specific vhost. (eg: disable php but allow perl)

The first way is to disable all fcgi for a vhost. It is possible by adding the following snippet inside the vhost (the $HTTP["host"] == "domain.td" {} block):

static-file.exclude-extensions = ()
fastcgi.server = ()
fastcgi.map-extensions = ()

The second way, and most likely the best way since you can have per-fcgi control, is to match on the file name by adding this snippet in the vhost configuration:

$HTTP["url"] =~ ".php$" {
static-file.exclude-extensions = ()
fastcgi.server = ()
}

The last method I tried was using a UUID to declare the fcgi, and then map it to its extension. The main problem with this, it's that if your client see your configuration file somehow, he will be able to run a script by renaming it to the UUID.

First, use a UUID instead of an extension to declare your fcgi servers:

fastcgi.server = ( "034343-43423423-php-342423" => ((
"max-procs" => 1,
"bin-path" => "/usr/bin/php-cgi",
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "3",
"PHP_FCGI_MAX_REQUESTS" => "250"
),
"socket" => "/tmp/php.socket"
)),
"034343-43423423-ruby-342423" => ((
"max-procs" => 1,
"bin-path" => "/usr/bin/custom-fcgi",
"bin-copy-environment" => ("LANG", "TERM"),
"socket" => "/tmp/ruby.socket"
))
)
fastcgi.map-extensions = (".php" => "034343-43423423-php-342423", ".rb" => "034343-43423423-ruby-342423" )

And then redeclare the map-extensions inside the vhost configuration according to what you want to allow:
Eg, to disable php:

fastcgi.map-extensions = (".rb" => "034343-43423423-ruby-342423" )

I hope that one of those methods will help you!

What it does:

• It serves a cache file only if the user is not logged in.
• If no cache exists, the 404 handler loads index.php which will either find the correct page (and generate missing cache), or return a true 404.
• It does not mess with /wp-admin or /wp-content or any file that exists outside the cache.

What might not work:

• I did not test if logging works properly in lighttpd when the hit use the 404 handler. Although it should be trivial to fix

In green are the values that you will have to edit

	$HTTP["host"] == "blog.alexou.net" {
		server.document-root = "/var/www/wordpress"
		server.error-handler-404 = "index.php"
		$HTTP["cookie"] !~ "^.*(comment_author_|wordpress_logged_in|wp-postpass_).*$" {
			url.rewrite-once = ( "^/wp-admin(.*)(?:\?(.*))?$" => "wp-admin$1?$2" )
			url.rewrite-if-not-file = ("^/(.*)$" => "wp-content/cache/supercache/blog.alexou.net/$1" )
		}
	}

Note: You need lighttpd >= 1.4.24, since earlier versions do not have rewrite-if-not-file.

YES I DID CLICK THAT FILE, WHY DO YOU ASK ME, AGAIN? Open it already. I know you care about my security dear microsoft software engineer, but i’ll manage it from here, mk?

Sure, one could uncheck the checkbox, but the checkbox applies only to the specific file being executed, not all exes.

Enough blah blah, here’s the fix:

Fire up the group policy editor (Run -> gpedit.msc) .

And go to User -> Admin Templates -> Windows Components -> Attachment Manager -> Inclusion list for low risk file types.

Click Enable and add .exe;.msi to the list. (See picture)

Me: Having nothing to hide does not mean having something to share. I’m doing nothing illegal. But I hide it anyway. That’s called privacy.

People working for the government (Police, Politician) should have no privacy AT ALL while on duty. Citizens should have a right to privacy.

The idea that if “I do nothing wrong, I won’t mind being watched” assumes that the government is full of good people that will not abuse their power, ever. Anything taken out of context can appear wrong. Can you assure me that nobody with power will never watch me for their own profit? No business competitor? No mad ex wife? No policemen trying to cover its own mistakes? You will never be at the wrong place at the wrong time? Can you assure me that something will never be made illegal? If sex outside wedlock is made illegal, would you still be happy to have all that footage of you raping these thai prostitutes?

Every information about a citizen should be his own property. Sadly, in our world, major corporations and government are above the law.

Just because I’m paranoid doesn’t mean that they’re not out to get you.

Those crappy drivers with their so-called virtual scrolling create a fake window below the cursor to display their custom scrolling icon.

That window interfere with the signal sent to the application under, and GTK for some reason can’t detect that (most likely the devs don’t care about us).

The result is being unable to scroll in popular GTK apps like Wireshark or Pidgin.

After playing with Spy++ and Procmon for some time, I found an interesting registry key that solved my problem.

This setting will disable the custom cursor when you scroll, effectively fixing the scrolling problem in GTK apps.

First you have to open regedit. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Synaptics\SynTPEnh and create a new DWORD called UseScrollCursor with a value of 0.

Restart SynTPEh (or reboot).

Scrolling should work in GTK apps now, but you won’t see the scrolling cursor anymore.

Update: If that does not work, you can try to run

Source: http://forums.mozillazine.org/viewtopic.php?f=38&t=1524405
Thanks to pieter for that link!

Happy scrolling!

1. 1and1.com 1and1.fr: They will charge your credit card without any good reason. They also like to renew products which were set to NOT auto renew. Their customer service is not of any help. The best part is that they will send your debt to a collecting agency as little as 15 days after the invoice date, ruining your credit mark for a couple of years. BBB link
2. Wordans.com: Bad customer support. Pain in the ass to get a refund. More stories
3. Allopass.com: Unfriendly customer support. No matter how hard you try, they WILL steal a part of your money. Until recently, the telephone number in the contact section was 1-800-555-1212, which is directory assistance. It seems to be fixed now, two years late.
4. Rogers: Billing irregularities, hidden fees, technical support located in morocco, telemarketing harassment (even if you’re not a customer, thanks to their auto dialers) are among the fabulous advantages of being a client.
5. Bell Canada: Take the description of “Rogers” above, and add an even poorer customer support. Even though the customer support is located in Canada, they LOVE to piss you off. And with their unreliable services, you WILL have to call them one day or the other. Ask google or JF
6. Lexmark: Their printers are piece of trash. They love suing every after-market ink sellers. Their drivers are worthless, barely work on Linux or Mac.
7. Paypal : Let’s avoid them for God’s sakes. They do not have to justify any action, therefore they can (and will) close/suspend/block your account and keep your money.

All these companies have been confirmed to be scam. You can google their name + scam and find a lot of results. I guess it is possible to do business with them without getting scammed. But is it worth the risk?

This list does NOT includes McDonalds or Dunkin Donuts because they are all 24 hours and can be found easily in most major streets of Montreal.

Update: I found a 24hr Subway!
Update: I found a 24hr Lafleur restaurant!
Restaurants

Groceries

Gas

Drugstore

Pour l'exemple on va prendre pour acquis que la sauvegarde se fait tous les jours, mais ça pourrait aussi bien être toutes les semaines, tous les deux jours, etc... Cette méthode permet donc de garder une sauvegarde des trois derniers jours mais sans utiliser trois fois l'espace.

Quelques avantages de cette méthode:

• On ne copie que les fichiers qui ont changés donc utilisation moindre d'espace et un backup beaucoup plus rapide.
• On peut remonter trois jours en arrière sans se casser la tête (Souvent les backups incrémentaux garde juste les fichiers qui ont changé, donc pour restaurer un backup on doit tout reconstruire en partant du backup le plus ancien au plus récent.... Nous on va tricher, on va faire semblant que chaque backup est une image complète du dossier source )

Tout d'abord voici de quoi aurait l'air le script bash:

#!/bin/sh
TARGET=/mnt/sda2/backups
SOURCE=/home/
/bin/rm -Rf $TARGET/backup.2
/bin/mv $TARGET/backup.1 $TARGET/backup.2
/bin/mv $TARGET/backup.0 $TARGET/backup.1
/usr/bin/rsync -a --no-o --delete --safe-links --link-dest=$TARGET/backup.1 $SOURCE $TARGET/backup.0/

Explication:

SOURCE est le dossier que vous désirez sauvegarder.

TARGET est la destination des sauvegardes (de préférence un disquedur différent ou, au moins, une partition différente).

Dans le dossier $TARGET vous devez créer trois dossiers: backup.0, backup.1 et backup.2. Ceux si contiendront vos sauvegardes d'aujourd'hui, d'hier et d'avant hier respectivement.

Le script commence par supprimer le dossier backup.2 qui est le plus ancien backup. Il décale les autres dossiers afin de pouvoir créé un nouveau backup.0, c'est à dire le plus récent (aujourd'hui).

La magie se passe dans la dernière ligne. Rsync va scanner le dossier source en le comparant avec la sauvegarde du jour précédent (--link-dest=$TARGET/backup.1). Il va vérifier tous les fichiers trouvés dans le répertoire source et les comparer avec ceux du jour précédent, backup.1. Lorsqu'il trouve un fichier qui a changé depuis la dernière sauvegarde, il le copie dans backup.0. Par contre, et c'est là toute la beauté de la chose, si le fichier n'a PAS changé, il va créé un lien dur vers le fichier se trouvant dans la sauvegarde d'hier.

De cette façon chaque dossier de sauvegarde backup.0, backup.1 et backup.2 seront des images "complètes" de votre dossier source, mais les fichiers identiques entre les sauvegardes seront stoqués une seule fois sur le disque !

Et voila c'est tout, vous n'avez plus qu'à planifier un cron pour que le script se lance tous les jours à la même heure ! La prochaine fois je vous expliquerai comment faire ça mais en stockant le backup sur un serveur distant, parce que après tout, c'est pour ça que rsync a été conçu au départ

Note: Si vous utilisez une vielle version de rsync, il se peut que l'argument --link-dest n'existe pas ou soit brisé, voici donc une version alternative. Cette version va dupliquer la journée d'hier (en créant des liens durs, pas des copies) et ensuite rsync va simplement synchroniser ça avec la version actuelle. Ça revient exactement au même résultat que l'autre script, mais beaucoup moins efficace en terme de vitesse:

#!/bin/sh
TARGET=/mnt/sda2/backups
SOURCE=/home/
/bin/rm -Rf $TARGET/backup.2
/bin/mv $TARGET/backup.1 $TARGET/backup.2
cp -al $TARGET/backup.0 $TARGET/backup.1
/usr/bin/rsync -a --no-o --delete --safe-links $SOURCE $TARGET/backup.0/

Ce message sert générallement à afficher une notice de bienvenue, des avertissements ou des nouvelles.

1. Connectez vous en tant qu’administrateur sur votre serveur à l’aide de remote desktop.
2. Cliquez sur “Start” -> “Administrative Tools” ->  “Local Security Policy.”
   
3. Allez dans “Local Policies”->”Security Options”. Dans le panneau de droite recherchez les lignes “Interactive logon: Message text for users attempting to log on” et “Interactive logon: Title for users attempting to log on”.
   
4. Double cliquez sur les lignes afin de changer le titre et le message de sécurité qui apparaîtra.
   
5. C’est déjà tout !