(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.data-privacy-src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-68399380-1', 'auto'); ga('send', 'pageview');

Change your Twitter handle but KEEP your followers and links

Sometimes we outgrow our Twitter handles. I did.

At the same time, once we’re established, the thought of losing the possible thousands of followers we’ve already amassed can be quite daunting. Undeterred, I looked into this anyway.

It is actually possible to change your Twitter handle through your account settings in just a few clicks. Take a look at the screenshot below:

This ensures that you keep all your profile data (profile text, images, previous tweets, followers – essentially everything), just with a new name. Brilliant, right?

There’s a catch:

Your old name now becomes free. At best, it turns into a Twitter 404 page. See below:

twitter not found
At worst, some sneaky or malicious character can spot the existing link juice pointing to your old username and that it has now become available. They can use this to spam your followers or even impersonate you, damaging your image and potentially scamming your friends.

On top of that, you lose all the link juice you already built for your old profile!

There is a semi-fix, and that involves doing what a spammer might have otherwise done in your place:

  1. First change your username, as described above.
  2. Now register a new account with your old username.
  3. Give this new account with your old username an appropriate profile picture that clearly indicates your username has changed. See mine below:
    englishrose moved
  4. Put one tweet out on that new account to direct people to your new username. For emphasis, you could use that picture again.
  5. Add a link to your new username in the URL part and explain that this is an old username in the profile for the new account.
  6. Also consider following your new username (and following your old one from the new account) to highlight that it really is you and draw more attention to the new username.
  7. If you so wish, you can also change your background image. I didn’t bother, as I figure the profile image is enough.

Okay, I lied. Not exactly the same links, as there is no 301 redirect going on here – but it’s the next best thing.

Now you have no excuse for not changing your Twitter handle as your brand and business evolve!

Change your Twitter handle but KEEP your followers and links2020-02-02T01:16:00+01:00

CSF firewall to protect against DOS attacks

We all need to ensure our websites are accessible to legitimate visitors, don’t we? That’s why a DOS (denial of service) or DDOS (distributed denial of service) attack can cause such problems. For those who don’t know, this is when a server is maliciously overloaded with connection requests to render it inaccessible to legitimate visitors.

I recently had a problem with many DOS attacks on my server happening at once, going on for several hours. I don’t suspect that this was a true, large-scale DDOS attack (when multiple, different IPs coordinate the attack), since I still had some SSH-side connectivity and the number of very different IPs was still no more than a handful. That said, the number of new IPs coming in meant that it could no longer be dealt with manually. I needed something to automatically reject and ban suspicious IPs.

After speaking to an old developer friend who manages and hosts several websites on self-managed servers for his clients, it transpired that over all the years, he’d never actually had cause to look into this. This will be one of the other many ‘benefits’ of running a popular blog… My friend didn’t know of any quick solutions and had no time to help me out, either, so I decided to do some research and solve it for myself.

I did some research and came across CSF firewall: a Linux-based firewall that is not too much work to install on a VPS like mine. To install it, I largely followed the instructions at DigitalOcean – it says Ubuntu there, but it obviously works the same way for Debian Wheezy, for example. For the record, DigitalOcean is also the host my friend recommends for good self-managed VPS servers in the UK (I use a different host based in Germany for legal and data security reasons).

It was pretty easy to set up and there is a whole ‘host’ of options you can deploy to plug any holes in your existing security. For example, in a DOS attack, this firewall can be used to automatically ban any IP making more than X connections to a given port. You can also block any ports you know you don’t need to have open, for incoming and/or outgoing connections as required. There are lots of other useful settings, but that should give you an idea to start off with. If you search for “recommended CSF settings”, you’ll find a number of discussions and blog posts with different ideas for different circumstances.

A word of caution, though: CSF comes with a testing mode to minimise the risk of something going wrong, but it is possible to render your server inaccessible. The testing mode protects you in that it clears changes to the IP tables (blocked list) every five minutes, although you can extend this to a longer period if you are trying something especially innovative. I kept it on testing mode for a couple of hours to see what was happening and then made the change permanent.

I am very happy to say that I appear to have fixed the problem. See below for a screenshot of connections to port 80 (HTTP) both before and after the change on an otherwise quiet afternoon.

screenshot of a server during a DOS attack

My server before installing CSF firewall, during a DOS attack.

screenshot of a stable server with CSF successfully installed and configured

My server after installing CSF firewall, now properly protected against DOS attacks.

CSF firewall to protect against DOS attacks2019-09-18T13:26:42+01:00