Include PHP files or code in phpBB HTML templates

Adding php code in your phpBB templates using the classical <?php ?> tags won't work.

To make things possible first go to your Administration Control Panel -> General -> Security Settings and enable Allow php in templates option.

Then you can use the following syntax to add php code:

<!-- PHP --> echo "PHP Code!"; <!-- ENDPHP -->

To include php files:

<!-- PHP --> include("/path/to/file.php"); <!-- ENDPHP -->

The server www.xxxxxxx.com at Magic requires a username and password.

Recently one of my wordpress site was giving this message: The server www.xxxxxxx.com at Magic requires a username and password when I was trying to update or preview an old post.

After digging into this for a bit, I found that some files have been modified: ./wp-includes/vars.php and a couple of files in plugins directory like ./wp-content/plugins/akismet/akismet.php.

All these files have lines (usually first line) containing:
eval(gzinflate(base64_decode('1VVtT9swEP7 [...]

After removing these lines (manually via SSH or FTP), the wordpress site turned out to normal.
It seems like one of the wordpress administrator had some trojans on his computer, probably one of them modified the wordpress files through wordpress admin area after he logged in.

You can read more about people complaining about this issue here: http://wordpress.org/support/topic/295482?replies=44

E-gold rejects identification documents

I am an E-gold user since many years.
It looked as a very stable system so I decided to keep most of my funds in the system, as a gold investment. Last year they had some troubles with the feds and changed their policy. They requested me to send some docs, I did and now when I login I get:

Photo ID permanently rejected.
Reason previous document was rejected: Refuse Service
Proof of Residence permanently rejected.
Reason previous document was rejected: Refuse Service

I asked for explanation, and they cited from the Terms of service that they reserve the right to reject any user for any reason.
I have no idea now how could I recover my money. It's sad, because I trusted both E-gold and Moneybookers and they both let me down. I was always suspicious about Paypal, but in many years, Paypal was the most stable and I had almost no problems with it.

SSH brute force attack

Recently I bought a dedicated server. One of the provider's admin, which installed the system added an account called "admin1". First I wanted to remove it, but I thought it may be used for some checks and I let it stay. One month later there was some activity on that account from an IP in a "strange" country let's say. I asked the provider about it and they had no idea.
Luckily the box was not compromised since the user didn't got any root access, I killed his processes and removed the account, but I still needed an answer for this mess.
And here it was, after some hundreds sshd[3157]: (pam_unix) authentication failure; there was one sshd[12358]: Accepted password for admin1 from X.X.X.X

A classical brute force attack on a weak password, so make sure you change every password when you buy a new dedicated server.
And to be even safer, put the SSHD on some other port and add some iptables rules to deny ssh access for other IPs than yours.

ASP and other .NET APIs now on Linux

Although I didn't need to use it, I like this idea very much. It's called Mono and it is a cross platform, open source .NET development framework. You can find more here: http://www.mono-project.com/Main_Page.

DC++ for Linux

Over the last weeks I tried several DC++ applications for Linux and none of them worked well. It was either very annoying or impossible to use.
Now I found linuxdcpp which works like a charm.
To get it, on Debian you can simply apt-get install linuxdcpp, otherwise go to http://linuxdcpp.berlios.de.

RAR: GLIBC_2.4 not found

I just downloaded the latest version of RAR and couldn't get it started:

./rar: /lib/tls/i686/cmov/libc.so.6: version `GLIBC_2.4' not found (required by ./rar)

Of course first I tried to to install glibc 2.4, but then I looked into the rar directory I just downloaded and I found rar_static which worked like a charm!