This website is now in the Alexa Top Million

My little personal website has finally gotten a ranking in Alexa’s list of the top one million websites. 🎉🎊 I never expected my personal website to get so popular. It’s more like a dumping ground for my ideas, and a place to host some experimental stuff. My horribly hacked-together (read: don’t look at the source code) WOFFer font conversion tool is by far the most popular page on this website. It appears second in Google for searches like “ttf to woff” and vice-versa, and I hope to become the first. 😉 They’ve even awkwardly placed the instructions for the conversion tool in a featured snippet at the top of the search results, possibly driving even more traffic: I’m planning to write on this blog more often, perhaps about the architecture of the server this website runs on, which makes WordPress my fluffy bunnies run blazingly fast. It’s been a year since I’ve started working on it! You can download Alexa’s list of the top million websites (and find me in there!).

Sophos Anti-Virus is confused about its own identity

I might have disabled Sophos Anti-Virus accidentally on-purpose. Suddenly, it no longer knows who it is. However, it is true that in this state, it is protecting against zero threats. While this may be funny, it does call into question the reliability of its own “tamper protection,” which was easily disabled with a few launchctl commands.

Automatic Failover and Maintenance Pages with iptables

Using iptables for automatic failover or maintenance pages might seem like a strange choice, but it works! iptables has an obscure but useful feature, the socket filter. From the man page: socket This matches if an open socket can be found by doing a socket lookup on the packet. In other words, we can use this filter to redirect incoming connections to a “failover” server when the main server. This can be accomplished with a couple iptables commands: sudo iptables -A PREROUTING -t nat -i <interface> -p tcp –dport <server port> -m socket -j ACCEPT sudo iptables -A PREROUTING -t nat -i <interface> -p tcp –dport <server port> -j REDIRECT –to-port <failover port> What these rules do is let through a connection when there is a server listening on the port, otherwise, redirect it to a failover server listening on a separate port. The error message used by this website. I can think of a few ways to use this. For example, sometimes, I need to restart the nginx server that fronts this website, such as for configuration changes. During the few seconds when Docker is recreating the nginx container, users trying to visit the site get an ugly “connection refused” error. Instead of driving users away, the server can automatically show users a prettier error message using a small Node.js server telling them to refresh in a few seconds. While proxies like haproxy also work, I needed a quick and lightweight way to automatically display a maintenance page. iptables does the job beautifully. There might be many ways to use this iptables feature. Share your ideas in the comments below!

Hello World.

Welcome to the new redesigned home of Andrew Sun. I’ve been running this site for over 5 years already. The previous major redesign of the site was in 2013, and has since become harder to maintain and keep running. It’s time that I’ve redesigned everything, from the ground up. The new website features an elegant and clean design, along with major performance improvements. The old colorful logos and silly animations have been removed. The infrastructure serving the pages you see has been rebuilt from the ground up with performance in mind. There may be some issues that I may have not ironed out at this point. If you encounter any issues with the website, please tell me about it. Upcoming blog posts will discuss what I did to make this website. And yes, I promise to write on this blog more often, hopefully more than once a year. 😜