Archives for November 2013

Auto Post to Posthaven via Email with Images (PHP)

posthaven_smash

If you were a fan of Posterous before it was bought out by Twitter, you will want to check out Posthaven. It is as of right now still in development but looks very promising, offering a more flexible and simpler blogging solution then with other sites.  This new blogging service isn’t free, but at $5 a month for 10 sub domain blogs it is extremely affordable.  If you want to lock in a wealth of prime real-estate on this upcoming service in the way of subdomain keywords, now is the time.

Like previous articles I have covered on automating blog posting, Posthaven works the same and is really easy. However there is a huge advantage using Posthaven over the other blog services and that is your automated posts can also get put right into Facebook page and Twitter account at the same time. That is cool! And it leverages your blogs big time.

Start by creating a Posthaven account, then login and create one or more site accounts.

To post to your account via email you need to then click on “Edit Your Account” and goto the section “Post by Email Settings”. Click on the checkbox next to ”Use a secret word to verify my emails” and enter a secret password in the field.

You also need to make sure that the email address you will be sending from is listed at the top where it says “Your Email Addresses”

For example lets say your secret is “mysecret” and your site account sub domain is “abc”. Then the email address you will send to post a new blog article would be post.mysecret@abc.posthaven.com

The subject of the email will be the articles title. The body will be the article itself and if you want to include an image then you send it with the email as an attachment. Lets see some code in PHP that will email post to your Posthaven blog. (We will use PHPMAILER found here.)

 

include('class.phpmailer.php');

$posthaven_account = "YOUR SUBDOMAIN NAME"; //Example "abc" NOT "abc.posthaven.com"
$posthaven_secret = "YOUR POSTHAVEN SECRET";

$gmail_your_name = "YOUR NAME";
$gmail_username = "YOUR GMAIL USERNAME";
$gmail_password = "YOUR GMAIL PASSWORD";
$gmail_email = "YOUR GMAIL EMAIL ADDRESS";
$image_location = 'C:/YOUR LOCATION OF IMAGE/IMAGE.JPG';
$email_title = "EMAIL TITLE";
$email_body = "EMAIL BODY"; // (LIMITED) HTML OK

$mail = new PHPMailer();
$mail->IsHTML(true);
$mail->IsSMTP();
$mail->SMTPAuth = true;
$mail->SMTPSecure = "ssl";
$mail->Host = "smtp.gmail.com";
$mail->Port = 465;
$mail->Username = $gmail_username;
$mail->Password = $gmail_password;
$fromname = $gmail_your_name;

$posthaven_blog_email = 'post.'.$posthaven_secret.'@'.$posthaven_account.'.posthaven.com';

$To = trim($posthaven_blog_email,"\r\n");

$mail->AddAttachment($image_location);
$mail->From = $gmail_email;
$mail->FromName = $fromname;
$mail->Subject = $email_title;
$mail->Body = $email_body;
$mail->AddAddress($To);
$mail->set('X-Priority', '3'); //Priority 1 = High, 3 = Normal, 5 = low
$mail->Send();

If you then want to capture the URL of the newly posted posthaven blog you can use the following code:

$posthaven_url = 'http://'.$posthaven_account.'.posthaven.com';
sleep(30); // give it enough time to receive and update the post (30 seconds)
$bf = file_get_contents(rtrim($posthaven_url,'/').'/posts.atom');
list($t,$b1) = explode("<updated>",$bf,2);
list($t,$b2) = explode('href="',$b1,2);
list($b3,$t) = explode('"',$b2,2);
$bb = trim(str_replace('"','',$b3));
$bb = trim(str_replace("'",'',$bb));
$bb = trim(str_replace(' ','',$bb));
echo '<li>LINK IS='.$bb;

Block All Internet Traffic from China/Russia/Nigeria on your Linux Server

blockchina

Every server connected to the internet is constantly being attacked with brute force login attempts, software exploits, email spam and more. It is the dirty laundry all IT Security or anyone who manages there own website or server knows. With the extent of dark nets, bot nets and abused proxies this activity runs amuck and pretty much unstoppable. The only thing we can really do is just make sure our software is up to date and passwords are strong.
Just the other day one of my reseller hosting servers located in Germany was terminated and another at Hostgator was suspended. I was told that my wordpress sites were using too much CPU from the server. Looking at the log snapshot sent by Hostgator indicated that all of the usage came from the wp-admin.php script. Was this not obvious to them? Someone was trying to brute force open the wordpress admin. After informing Hostgator that this was not my fault unless they didn’t think I should be using the most popular blog software they were quick to start blocking IP’s coming in. The German company (who I won’t name) said this was beyond the capabilities and that there policy was to take down any website that gets attacked…WTF? Ya I will be ditching them next week, any policy like that which penalizes the website owner for an attack rather than simply blocking the attacking IP’s is bullshit.
The German company told me as did Hostgator the attacks were all coming from China and the Ukraine. On my own managed dedicated boxes I have blocked these countries completely, along with other countries that have originated some scams and abuse such as Nigeria.
If you manage a linux server this is really easy here is how you can block nearly all the traffic from specific countries from coming into your website.
First get and install Advanced Policy Firewall (APF) https://www.rfxn.com/projects/advanced-policy-firewall/
Once you have that installed and configured properly according to the documentation login to your shell and find the apf folder usually at /etc/apf and edit the file deny_hosts.rules
Goto wizcrafts.net and find the APF IP lists for the desired countries. Here is some quick links
Nigeria: http://www.wizcrafts.net/nigerian-iptables-blocklist.html
China: http://www.wizcrafts.net/chinese-iptables-blocklist.html
Russia: http://www.wizcrafts.net/russian-iptables-blocklist.html
South America: http://www.wizcrafts.net/lacnic-iptables-blocklist.html
Other Exploited Networks: http://www.wizcrafts.net/exploited-servers-iptables-blocklist.html

Copy and paste these lists into the deny_hosts.rules and then save it.
Restart APF by #apf –r
That’s it.
If you find other IP’s in your logs that you want to block you can just edit this file and add those IP numbers to the list and restart APF.
These lists of IP’s change regularly so you may want to once a month go back and update it.
If your internet business for your server has nothing to do with these other countries there is no real reason not to block them using this or another method.

 

If you have an IP# and your not sure what country it is originating from, use http://www.infosniper.net/ to look it up.