JConsole / JMX broken on Ubuntu

By , 11 February 2008

How annoying. I have just spent the last three hours trying to connect to Tomcat remotely using JConsole/JMX. It worked fine for one server, but not the other which was started with exactly the same settings. Eventually I found the problem: Ubuntu maps the hostname to in /etc/hosts by default and this breaks the JMX protocol. It seems that JMX opens a separate socket stream for data (like FTP) and needs to provide the host's network address to do this.

Actually, my problem was already documented in the FAQ:

On a side note, I also had problems with Netbeans 6.0 being dog slow on Ubuntu. It seems to have had something to do with the GTK look and feel, because I fixed it by adding --laf javax.swing.plaf.metal.MetalLookAndFeel to the startup options in ${nbhome}/etc/netbeans.conf. It runs great now.

2 comments, post a comment!

Making The www Part Optional

By , 28 August 2007

I always get a surprise when I try to visit a well known company's website (e.g http://harveynorman.com.au) and get a 404 error. The problem here is that I get lazy and often don't bother putting in the www part of the hostname. I guess the sysadmins must be even lazier than me, because adding a mod_rewrite rule to allow this shortcut is very easy. Here's what it looks like:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain1\.com\.au$ [OR]
RewriteCond %{HTTP_HOST} ^domain2\.net$ [OR]
RewriteCond %{HTTP_HOST} ^domain3\.com$ 
RewriteRule ^(.*) http://www.%{HTTP_HOST}$1 [R=permanent]

No comments yet, be the first to comment!

Identifying Comment Spammers

By , 3 July 2007

Today I've been having a closer look at the Apache log files to try and sort out a problem we've been having with comment spam. It was surprisingly easy to find the log entries for comment spam. The pattern is basically:

  • A POST without a Referer header or preceding GET, and/or
  • The text 'User-Agent' in the User-Agent identifier

I was surprised that the spammer(s) made the mistake of beginning their fake User-Agent identifier with the words 'User-Agent'. That made it very simple for me to find the relevant log entries.


4 comments, post a comment!

Easy VERP in Exim

By , 1 May 2007

Variable Envelope Return Path (VERP) [1] is a method of sending mail such that the recipients address is encoded into the bounce return path. It is typically used by automatic bounce management software since standard mailing methods don't reliably maintain the original recipient's address.

To support very large mailing lists, you almost certainly want the VERP expansion of addresses to be handled by the MTA. Both the Exim manual and the Mailman HOWTO include a section on VERP expansion [2,3], however the methods described in these documents are more complicated than necessary. Here is a very simple way to do VERP expansion using the Exim MTA.


No comments yet, be the first to comment!

Internet Explorer meets the Vary: header

By , 23 March 2007

So you've just installed mod_gzip and you're ready to watch you bandwidth usage drop by 50-75%. Problem is, instead of seeing your bandwidth usage go down it actually goes... well.. up. What's going on here? The chances are your problem is caused by yet another obscure bug in Microsoft Internet Explorer. This one prevents the browser caching responses with anything but a mindlessly simple Vary: header.

Let's first have a look at the Vary: header, and what function it is supposed to perform. This header is described in RFC 2616 [1] which describes HTTP 1.1:

A server SHOULD use the Vary header field to inform a cache of what
request-header fields were used to select among multiple
representations of a cacheable response subject to server-driven


2 comments, post a comment!

TCP Connection Limiting on Sarge

By , 1 March 2007

One of the reasons Debian is such a great operating system is because of the huge amount of software tested, ready and available with apt-get. Every now and then though, you have to get your hands dirty and build something yourself and installing connlimit was one of these cases. Here's how I got connlimit working on Sarge.

connlimit, or more correctly ipt_connlimit, is a netfilter module which allows you to add rules to your firewall based on the number of connections a client has made to your server. It's very handy when you get some defective client program making hundreds of requests and unintentionally sapping your server's resources.


Monitoring the JVM with SNMP

By , 21 January 2007

Since Java 1.5, Sun's JVM has included an SNMP agent which is quite handy for keeping an eye on your Java apps using your existing monitoring toolset. Here's how to set up OpenNMS to monitor an app server and produce pretty graphs such as the one below, alongside your other SNMP collected metrics like CPU load and memory usage.


18 comments, post a comment!

< Prev1 2 3 Next >