Squid Web Caching Proxy configuration on Ubuntu or Linux Mint


Optimising Web Delivery

Squid is an excellent caching proxy for the Web. It supports HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems.

Installation

To install squid on Ubuntu or Linux mint, enter the following command in the terminal.

sudo apt-get install squid squid-common

Following command can be used to check the logs.

sudo tail -f /var/log/squid/access.log

Squid can also be used as an adblocker tool.

Disable ads using Squid

Squid has the ability to read a list of IPs from a text file and block those IPs from clients using the proxy. Your clients in turn will not have to be bothered with ads.

The following lines need to be added anywhere in your squid.conf file which is usually located in /etc/squid/ and you will be putting your list of ad servers called adBlock.txt in the same directory.

Please note: You can copy hosts from here and paste into your adBlock.txt file. Remove the IPs from the left side of the file and only keep the list of domain names.

## disable ads
acl blockAds dstdom_regex "/etc/squid/adBlock.txt"
http_access deny blockAds

Once it is done, restart the Squid service by entering following command:

sudo service squid restart

Now configure network setting in your browser to use the manual proxy. On Firefox, It will look like:

Squid-Proxy-Firefox-Setup

Remember that default port used by Squid is 3128. It can be configured and changed from the Squid.conf file.

Here is the official link for more details: http://www.squid-cache.org

Useful Features of ASP.NET


In this post, lets discuss about some of the useful features of ASP.NET

1. Faster compilation.

This configuration setting was introduced post .NET 3.5 SP1. Add it to web.config file.

<compilation optimizeCompilations="true">

Refer MSDN for details.

2. Retail mode at the machine.config

<configuration>
  <system.web>
    <deployment retail="true"/>
  </system.web>
</configuration>

It overrides the web.config settings to enforce debug to false, turns custom errors on and disables tracing. No more forgetting to change attributes before publishing – just leave them all configured for development or test environments and update the production retail setting.

3. Intellisense for MasterPages in the content pages

Most of the time you have to use the “findcontrol” method and cast the controls in master page from the content pages when you want to use them, the MasterType directive will enable intellisense in Visual Studio once you do this

Just add one more directive to the page

<%@ MasterType VirtualPath="~/Masters/MainMasterPage.master" %>

If you don’t want to use the Virtual Path and use the class name instead

<%@ MasterType TypeName="MainMasterPage" %>

4. Is Client Connected?

Check to see if the client is still connected, before starting a long-running task

if (this.Response.IsClientConnected)
{
   // long-running task
}

5. Server control properties based on target browser

<asp:Label runat="server" ID="labelText" ie:Text="This is IE text" mozilla:Text="This is Firefox text" Text="This is general text" />

6. Page.ViewStateUserKey to Counter One-Click Attacks

Consider using Page.ViewStateUserKey to counter one-click attacks. If you authenticate your callers and use ViewState, set the Page.ViewStateUserKey property in the Page_Init event handler to prevent one-click attacks.

void Page_Init (object sender, EventArgs e) {
ViewStateUserKey = Session.SessionID;
}

Set the property to a value you know is unique to each user, such as a session ID, user name, or user identifier.

A one-click attack occurs when an attacker creates a Web page (.htm or .aspx) that contains a hidden form field named __VIEWSTATE that is already filled with ViewState data. The ViewState can be generated from a page that the attacker had previously created, such as a shopping cart page with 100 items. The attacker lures an unsuspecting user into browsing to the page, and then the attacker causes the page to be sent to the server where the ViewState is valid. The server has no way of knowing that the ViewState originated from the attacker. ViewState validation and HMACs do not counter this attack because the ViewState is valid and the page is executed under the security context of the user.

By setting the ViewStateUserKey property, when the attacker browses to a page to create the ViewState, the property is initialized to his or her name. When the legitimate user submits the page to the server, it is initialized with the attacker’s name. As a result, the ViewState HMAC check fails and an exception is generated.

Check out this link for details.

7. Emails to local folder

While testing, you can have emails sent to a local folder on your computer instead of an SMTP server

 <system.net>
    <mailSettings>
        <smtp deliveryMethod="SpecifiedPickupDirectory">
            <specifiedPickupDirectory pickupDirectoryLocation="c:\EmailFolder\" />
        </smtp>
    </mailSettings>
</system.net>

This is not a complete list, but will keep adding and updating this.

Visual Studio extension – Codemaid


Many developers use Resharper tool for visual studio which is really a great productivity extension, but it’s a paid. If you are looking for open source and a free extension alternative to Resharper then Codemaid is for you.

CodeMaid

CodeMaid is an open source Visual Studio extension to cleanup and simplify our C#, C++, F#, VB, PHP, PowerShell, R, JSON, XAML, XML, ASP, HTML, CSS, LESS, SCSS, JavaScript and TypeScript coding.

http://www.codemaid.net/

CodeMaid is a great extensions that helps cleaning up and organizing the code. It can be used along with ReSharper. It is very easy to use. It has very nice documentation too.

Key features:

  1. Code Cleaning
  2. Code Digging
  3. Code Reorganizing
  4. Comment Formatting
  5. and Many more..

I would highly recommend it.

Internet Information Services (IIS) useful commands


In this article, lets take a look some of the IIS commands which are used quite often by the developers.

Apppool recycle
C:\Windows\System32\inetsrv\appcmd.exe recycle apppool WebsiteAppPoolName

where WebsiteAppPoolName is the name of application pool name

Website Start
C:\Windows\System32\inetsrv\appcmd.exe start site WebsiteName

where WebsiteName is the name of the site

Website Stop
C:\Windows\System32\inetsrv\appcmd.exe stop site WebsiteName

where WebsiteName is the name of the site

Tip:
If you need to frequently recycle apppool or start/stop the website(s) then I would suggest to create a powershell script and run it.

Sites to Check if your email has been compromised in a data breach


Have you heard about the data breach? Is data leaked online and public? Are you a member of the website and want to know that you are a part of a leak?

Then these sites will help you to know.

  1. haveibeenpwned.com

hibp

The site allows you to enter an email address to see if it is compromised in a data breach for free of charge. It is developed by Troy Hunt, a Microsoft MVP awardee for developer security, international speaker and the author on Pluralsight.

If your email is not compromised, then you will get such message.

hibp-check

No pwnage

Otherwise, you will see details of the pwnage.

hibp-check-fail.png

Pwnage found!

The site also provides a free notification service through email, if the future data breach occurs and your account is compromised.

hibp-notify.png

If you want to find emails on a particular domain, you need to go through the verification process.

hibp-domain

It also provides an API which allows the list of pwned accounts to be quickly searched via a RESTful service.

2. breachalarm.com

Breach-Alarm.png

The site provides a service that allows you to check if your email has been posted online, and sign up for email notifications about future password hacks that affect you.

Once you enter your email id, it will show you message on the screen saying they will record your IP for records.

Breach-Alarm-check.png

If your email is not found in the leaks then you will get an appropriate message.

Breach-Alarm-check-safe

Otherwise, you will see a generic message with the date of the recent breach.

Breach-Alarm-check-fail

The site provides “Email watchdog” service which falls in 2 categories.

Individuals and Families where they cover the number of email Id(s).

Breach-Alarm-paid

Business where they cover a domain. Companies that subscribe the service are notified when any of their email addresses appear in a data breach.Breach-Alarm-domain.png

They also provide API which enables third parties to check the breach status of email addresses or domain names. It is a paid service.

3. pwnedlist.com

pl-site.png

Before using the service, you need to do sign up.

pl-site-signup.png

Once you verify your email id, your email will be added into the watchlist. You can then monitor up to 3 email Ids at no charge.

pl-site-watchlist.png

There is no way to know whether you have been compromised in the existing data breaches.

Please comment down here if there are any similar services, I’ll review and add them to this post.

I’ll say that data breaches will happen, but you always try to secure from your side. I’ll recommend using strong and unmemorable password for each account. Use password managers like Keepass, Lastpass, 1password etc to keep track of all that information. Wherever possible turn on 2 step authentication. Use services like Abine to mask your email id and use it on the sites you don’t trust.

Preparing Microsoft Certification Exam 70-480 Programming in HTML5 with JavaScript and CSS3


It’s been a long time I was planning to go for Microsoft certification. Finally I have done it.

When I saw there was an offer from Microsoft where if you fail in the first attempt, you will get another shot for free. I thought this might be good opportunity to start with 😉 https://www.microsoft.com/learning/en-us/exam-70-480.aspx

Finally I booked exam and started preparing. Exam fee was $206. I am writing this blog post for the developers who are preparing for the exam. Hope my experience will help them preparing for the exam.

Preparation

There are lots of resources available on the internet which sometimes make difficult to decide what to read and what NOT to read. If have you minimun 2 to 3 years of experience in development, 1 month (1 hour daily) is sufficient to finish the studies required for this exam.

1. Before you start preparation, go through the “Skills Measured” section here. Make sure you understand the concepts and weightage for each topic.

2. Read book “Exam Ref 70-480 Programming in HTML5 with JavaScript and CSS3” You can buy it online from Microsoft press store. This is really good reference book for the exam.

3. Go through W3school online web tutorials. This really helps in exam as you can try code snippets and see the output right there on the screen. Specially following topics.

4. You can try Jsbin if you want to write and test your own code blocks.

5. If you have existing Pluralsight subscription or if you want to have it, you can go through variety of videos. Take a look at the pluralsight blog.

6. If you want to have real exam experience try Axiommanifold.com They provide the practice exams for free.

Exam experience

I struggled to find my exam center lol, jokes apart. I finished my exam in 130 Minutes. There were 59 questions. It was good experience to me and I enjoyed my exam. Result was joyful to me. I passed my exam with good score.

If you have any questions or doubts, add a comment.

Hope this helps. Good luck!

C# Extension Methods


In this article, let’s know about CSharp Extension methods. Basically this feature was introduced in C# 3.0

Introduction

Extension methods enable you to “add” methods to existing types. They are special kind of static method. They make it possible to extend existing types with additional methods.

Extension methods are declared by specifying this keyword on the first parameter of the methods. Extension methods can only be declared in non-generic, non-nested static classes.

Examples

1. Extend “int” datatype.


public static class MyExtensions
{

  public static bool IsEvenNumber(this int number)

  {
    if (number % 2 == 0)
    {
     return true;
    }
     return false;
  }
 }

To call “IsEvenNumber” extension method from main, consider following code snippet.


class Program
 {
 static void Main(string[] args)
 {
 int i = 45;

 Console.WriteLine(i.IsEvenNumber());
 Console.ReadLine();
 }
 }

 

int-Extension

So in the example above, “IsEvenNumber” has became part of  int datatype and is accessible via intellisense.

2. Extend “string” datatype.


public static class MyExtensions
 {
public static bool IsNullOrEmpty(this string input)
{
if (input == null || input == string.Empty)
{
return true;
}
return false;
}

}

To call “IsNullOrEmpty” extension method from main, consider following code snippet.


class Program
 {
static void Main(string[] args)
{
string str = "";

Console.WriteLine(str.IsNullOrEmpty());
Console.ReadLine();
}
 }

 

string-Extension

So in the example above, “IsNullOrEmpty” has became part of string datatype and is accessible via intellisense.

You can even include the namespance of the Extension methods and reuse them anywhere in your project.

Source Code Download:

Github [Repository Link]

Box.com [Direct Download Link]

Related articles

Step By Step Installing Kali Linux 1.0.6 in Virtualbox


Virtualization is great way to deal with multiple operating systems on a machine.

In this article, let’s see how to install Kali Linux 1.0.6 in Virtual Box. VirtualBox is an open source general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use.

Kali Linux can be downloaded from here and VirtualBox can be downloaded from here. In this article, I am using latest version 4.3.6 of virtualbox.

Steps:

1. After installing virtualbox, open it. Click on New to create a new virtual machine.

2. Enter the name “Kali Linux”, type and version was auto populated. Change version to Linux 2.6/3.x (64 bit) If you are installing 64 bit version of Kali linux. Click Next.

3. Select the memory size from the screen and click Next. Default is 256 MB.

4. From the next screen, you can either create a new virtual hard drive or use existing virtual drive. Default size is 8 GB, but I recommend to keep it to more than 10 GB. Click create button.

5. Now you need to select a hard drive file type. I recommend to keep it default to VDI. Click next.

6. From the “Storage on physical drive”, keep the default option which is “dynamic allocated” and click next.

7. From the “File location and size” window, set the virtual machine drive size to 12 GB and click create. It will create virtual machine.

Now it’s time to install Kali Linux.

8. From the main screen, right click on the newly created virtual machine “kali linux” and select “Settings..”. Click on System >> Processor and check the Enable PAE/NX setting and click OK as shown in the following screenshot. To know more about PAE and NX click here.

9. Then Select Storage >> Controller : IDE from the settings windows and browse for the ISO file for the Kali linux as shown below. Click OK.

10. From main screen, start your newly created virtual machine “Kali Linux”. Select “Graphical Install” from the following screen to start the installation.

11. Select the appropriate language.

12. Select your location.

13. Select your keyboard layout and click continue.

14. Installation will start loading the additional component.

15. Now enter the hostname for your system. Leave it default to “Kali” and click continue.

16. Enter the domain name, leave it blank if not using any specific domain.

17. By default Kali user is Root, so enter password for it and click continue.

18. Use the entire disk for installation, if you are advance user, you can try other options as well.

19. Select and continue the default virtual hard disk which we have created earlier.

20. If you are new user to Kali linux, select “All files in one partition” option, else you can try other options for advance users.

21. Confirm the virtual hard disk changes and click continue.

22. Confirm the changes, select “Yes” and click continue.

23. Installation will start now, it will take sometime around 5-10 minutes.

24. If you want to check newer versions of the software available then select Yes from “Network mirror” screen, else select No and click continue.

25. System will configure packages.

26. If we want to install grub loader then select Yes else select No option.

27. Once you get the “Installation Complete” screen, click continue.

28. Once it finishes, system will restart. Since the default is the right selection, enter to boot into Kali linux.

29. From the following screen, enter username and password.

30. Since you are into Virtualbox, from the device menu, click on “Install Virtualbox guest additions”, a drive is mounted automatically.

31. Copy the “VBoxLinuxAdditions.run” to the root directory using following command


cp VBoxLinuxAdditions.run /root/

32. Change the permissions of the file using command


chmod 755 /root/VBoxLinuxAdditions.run

33. Now, Navigate to the /root directory and execute the file using following command


./VBoxLinuxAdditions.run

34. After successfully installation reboot the system.

Hope this helps. For any queries / doubts, please comment below.

Book Review: “Nuget 2 Essentials” from Packt Publisher


In this post, I am going to review a book Nuget 2 Essentials from Packt Publisher.

Review

Recently I have gone through a book “Nuget to Essentials” and as a developer, I have found it to be a concise, interesting and very useful introduction to Nuget. Authors Damir Arh and Dejan Dakic have covered Nuget Package Manager and related topics very brilliantly.

It is so easy to read and the information is very interesting that each time you turn a page,
you want to learn and know more about Nuget! Every topic in this book is covered with examples. You can download the example code files for all Packt books you have purchased from your account. Since All the examples are written in C# language, only basic knowledge of the language is required to start reading this book.

Here is a list of the positive things, I found about the book:

  • Doesn’t require any prior knowledge about NuGet
  • Example source codes are written in C#
  • All the concepts on real-world examples step by step with a section that explain you the whole process each time in every topic
  • Very comprehensive writing. Authors explained almost everything which makes things clear!
  • Very informative, even if you are a beginner, an intermediate or an advanced user
  • Covers all aspects of using NuGet, from the basics to the advanced scenarios of creating packages and hosting an internal server

After you’ve read the book, you know how to easily find and refer third-party libraries from your projects, create packages from your class libraries for others to use and publish them to the official NuGet gallery and host your own internal NuGet server and publish packages to it.

One thing I have noticed about Packt Publisher is that they offer eBook versions of every book published with PDF and ePub files available, which is very great and added advantage.

Since everything is covered related to Nuget Package Manager along with simple and easily understandable examples, I strongly recommended this book to every .NET developer who wants to learn more about NuGet. A must have ‘Essential‘ book.

Book Details

Language : English
Paperback : 116 pages
Release Date : November 2013
ISBN / ISBN 13 : 178216586X / 9781782165866
Author(s) : Damir Arh, Dejan Dakic
Topics and Technologies : All Books, Open Source