Day 1 of 365. Place your bets and sit down for the show. In no certain order I set forth the following degree of intents for the day:
- Upgrade MT from 2.5 to 2.51 – Done.
- Reapply / Recreate MT patches.
There are two things that bug me about MT in my situation.
I rewrite the URLs on this site to avoid page/language specific file names, make them easy to remember, and
make them more durable even if the page names change.
See “How to succeed with URLs” and
Slash Forward over at
A List Apart for more info.
/blog/perl.xsp. While all of the links on my site use the
/blog/perl/method, Trackback pings still send
/blog/perl.xspwhich means that if I ever change the file name
, all external Trackbacked links will be broken while all the others will work. I know. I know. I can add another rewrite to remap
.chl. But I’d prefer to just have control over the Trackback URL format to begin with.
So, it’s time to get all proper and patch the admin interface to allow me to change the Trackback URL before it get’s sent. Easier said than done.
I think the least intrusive way to do this is to add hooks into the
$MTEntryLink$tag handler to call or use plugins.
Ouch.. I just realized after all this time that my Trackback urls are completely bogus because an Entry’s
Trackback Id IS NOT the same as the Entry Id. To make matters worse, there is no
$MTEntryTrackbackID$tag. The only way to get the Trackback ID is via the
$MTCGIPath$. Even worse. If your CGIPath/Admin GUI is on a secure site, THAT is the url
used, not the url of the local site blog url. :-(
Outgoing HTTP Traffic
I love having MT send out pings to the “Recently Updated” list on the MovableType homepage.
I would also love to have MT send out pings to other sites in both Trackback and Updated form. However, this is where paranoia kicks in.
I’m a big proponent of Egress filtering on the firewall/servers.
In the unfortunate event that a server gets hacked or catches the viri of the week, the server will still not be allowed to initiate a
connection to an external server on it’s own; especially to common ports like port 80 to further spread the love. This cause a problem becuase
MT Trackback/Updated pings need to be allowed out from the server to anywhere using port 80. Bummer.
The solution? Well, in theory, the outgoing ping
code using the
LWPmodule could be told to bind itself to a different non-default ip/port on the server. The we can filter on the firewall/server to allow
port 80 from this special address out to the internet port 80. This would allow pings out from MT, but all normal outgoing port 80 traffic on the machine to still be blockedd.
We shall see.
Well, the good news is that I patched the docs and modules to add a new blog preference:
Now I can specifiy an alternate ip:port to bind to when sending out pings. Once I get my Trackback URLs fixed,
I’ll work up some patches and submit them to the MT crew. Hey, why not right?
If I get those two things done. I’ll be happy.