Hawaii – Going To

I flew with family on Southwest. We took three flights. The first was from Tulsa International Airport in Tulsa, Oklahoma, to McCarran International Airport in Las Vegas, Nevada. The airport actually is in Paradise, Nevada. Flight SWA1746 was 2 hours and 40 minutes long. The second was from McCarran to Norman Y. Mineta San Jose International Airport in San Jose, California. Flight SWA974 was 1 hour and 15 minutes long. We picked up the last party member in San Jose. Then we flew from San Jose to Ellison Onizuka Kona International Airport at Keahole. Flight SWA768 was 5 hours and 43 minutes long.

The planes were a Boeing 737 Max 8, a Boeing 737-700, and a Boeing 737-800. Of the three planes, the 737-700 is too small. The 737-800 was too small for the five-hour flight to Hawaii. All of the flights were full or nearly full.

Photos will be in a separate post.

Reasonable Options for Backing Up A NAS in 2021

What are your reasonable options for backing up a 16TB NAS in 2021?

External Hard Drive?


  • Interface Portability. You do not need any new software or hardware.
  • Ability to reuse older hardware: Assuming you have a used drive large enough to hold all your backups.


  • Interface instability: USB3 drives especially are bad at this. The adapters are usually not designed to handle the multiple hours of uptime necessary to complete backing up multiple terabytes of data.
  • Transfer speeds: Most USB3 drives are not designed for performance. Even custom enclosures with reasonable drives in them usually struggle to keep a sustained write speed of 100MB/s.



  • Very reliable: Most tapes will probably outlast the drives that created them.


  • Expensive: LTO-4 drives are several grand apiece, including used models. LTO-5 or LTO-6 is even more expensive, and LTO-5 or LTO-6 will be needed for most users with a NAS.

Matomo: Impressive and Useful

I discussed migrating from Google Analytics and Jetpack to Matomo in a previous post. However, I haven’t used it for a significant amount of time. I am finding it very useful.

There are two ways you can self-host Matomo. As a plugin for WordPress or as an independent web application. The WordPress plugin is the most accessible and most straightforward option for analytics on one WordPress installation. However, if you administer more than one website, the dedicated web application is a better option.

The only real difficulty I ran into was getting GeoIP working. That is due primarily to a lack of Debian packages for the correct PHP extension and no clear subheadings for system managed updates of the GeoIP databases.

#Assuming Matomo installed at /var/www/html/matomo
#Assuming geoipupdate places the databases in /usr/share/GeoIP/
cd /var/www/html/matomo/misc/
for DB in `ls /usr/share/GeoIP/*.mmdb`
ln -s /usr/share/GeoIP/$DB ./
#All .mmdb databases are now linked to the system databases updated by geoipupdate.


Categorized as Short

Automatically Starting Exactly One ssh-agent

I use SSH keys to protect all of my SSH logins. The following shell code starts only one ssh-agent and adds all ssh-keys to that agent. I recommend adding it to your ~/.bashrc file, so the proper environment variables are set up.

if [ `ps -C ssh-agent | wc -l` -ne 2 ]; then
  ssh-agent -a $HOME/.ssh/agent.sock > $HOME/.ssh/agent.env
  source $HOME/.ssh/agent.env
  for key in $HOME/.ssh/*.pub; do
    pkey=`basename -s .pub $key`
    ssh-add $HOME/.ssh/$pkey

Upgrade WordPress’ Password Hashing

WordPress and several other pieces of web software written in PHP are notorious for using old and broken algorithms for securing passwords. If you are using a PHP version of 5.5 or newer, you should get okay security by default. However, even phpass’ developers recommend not using their software if you can use PHP 5.5 or newer. I strongly suggest installing and enabling the PHP Native password hash plugin, especially if your WordPress install was ever run on any of the PHP 5 family. The plugin’s two most significant advantages are it actually gets updated to include new, more robust algorithms, and it automatically migrates passwords to the newer algorithms on login.

Categorized as Short

Update to TLS 1.3 with Apache

I moved this site to TLS 1.3 a few weeks ago. So far, it has been working great if I use a web browser. Unfortunately, no one has updated Curl to work with TLS 1.3. The second issue is that Curl is the HTTP client library du jour for C or languages that use C’s Foreign Function Interface. Unfortunately, TLS 1.3 only breaks nearly all applications that use a web callback or WordPress’ APIs.

To add TLS 1.2 back as an option

#Add below the SSLCipherSuite for TLSv1.3

#Add +TLSv1.2 to the end of the SSLProtocol line
SSLProtocol -all +TLSv1.3 +TLSv1.2
Categorized as Short Tagged

Use Apache’s mod_usertrack to get analytics without sharing data

First a major caveat, I still have Jetpack installed to simplify a few tasks like reducing comment spam. Until I have a replacement for everything it does, it will still track visitors.

You need to know how many people are interacting with your site and where they are interacting with it. Without some form of visitor tracking, I couldn’t be sure what my most visited post types are.

However, right now, website analytics is dominated by a group of companies that view everyone as a product, not the customer. Google, Facebook, and others all offer analytics for site owners, but you, the site owner, don’t control the data, they do. So how do you respect your visitors’ privacy and get useful analytical data for your website? The answer is to host your own. I haven’t made the full jump to a self-hosted analytics software yet, but I am choosing to log some extra data that will make that move easier in the future.

The most basic information I use for analytics is the access logs that Apache makes. The “combined” log format logs the remote IP address, the timestamp of the request, the final response code, the size of its response, the referer, and the user-agent. Apache also includes a couple of extra items for backward compatibility. There are two pieces of information that would complete the analytics picture, which vhost responded, and a cookie to tell if one client made multiple requests.

Apache’s mod_usertrack adds the cookie and adding the vhost is simple. I also decided to add mod_unique_id as well.

To make these changes, you need to enable those modules. For Ubuntu version 18.04 and later sudo a2enmod unique_id usertrack; sudo systemctl reload apache2 will do the trick and reload Apache, so the changes take effect. If you aren’t using Ubuntu, double-check how to enable Apache modules on the Linux distribution that you are using.

After mod_usertrack and mod_unique_id are enabled, they need to be activated and attached to the logs. The following configuration snippet will do that.

#Add configuration for user tracking to the log file
<IfModule mod_usertrack.c>
	CookieDomain .www.rrbrussell.com
	CookieExpires "2 weeks"
	#Requires >=2.4.42
	#CookieHTTPOnly on
	#CookieSameSite Strict
	#CookieSecure On
	CookieName Apache
	CookieTracking on
	LogFormat "%v:%{Apache}C %r %t %{UNIQUE_ID}e" usertrack
	CustomLog "${APACHE_LOG_DIR}/clicktracker.log" usertrack

You will need to modify the CookieDomain, CookieExpires, and log destination to suit your system but this basic config will get you started. It outputs something like the following.

vhost             :tracking cookie        the request                              Timestamp                    Unique request identifier                                 
www.rrbrussell.com:689e322a.5adf4e2bd2d78 GET /2020/07/openwrt-on-x86-64/ HTTP/2.0 [28/Aug/2020:14:17:29 -0500] [email protected]@qQAAAAE

I will write more on this topic in another few days. Until then.


Another Quick Cash Grab In Blog Writing

I do not have any other copies or formats of this book to compare the audiobook against. There are a lot of word choice and usage problems in this audiobook. Most Americans would call someone who reads websites, books, or other forms of written language a reader. She consistently uses words like perusers instead of readers or subscribers.

Another example that stood out to me was. “Attempt to think of a lot of thoughts consistently and store them in an article schedule, spreadsheet, or some other spot you can catch notes.” (I had to go over that sentence about four or five times myself just typing it out here because I kept subconsciously correcting the phrasing.)

The author did an adequate job of laying each chapter’s content out in a reasonable way. However, I am worried about the overall order in the book.

If I only look at the chapter titles, the book appears to be laid out reasonably. However, I didn’t get a good sense of connection between the chapters. I noticed this problem more in the later chapters.

This book is not a howto book. It varies widely in the number of pieces a topic gets broken down into. None of the issues get covered in any suitable depth, though.

My overall score is shoddy. I do not suggest getting this book.


SSH Clients For Windows

Here is a listing of my preferred SSH clients for Windows.

Windows has included a copy of OpenSSH enable by default since the April 2018 Update to Windows 10. The only downside to using it is the very basic default terminal in Windows. If we use Windows Terminal then it is an acceptable option though I prefer using one of the WSL distributions.

Bitvise SSH is a free, but not opensource, SSH client that was previously my default SSH client for Windows.

Putty is the old standard that I abandoned shortly after I found out about Bitvise.

There are a couple of other SSH options on the Microsoft store that I haven’t tried.

Categorized as Short