I discontinue a lot of shit. I'm pretty bad at that, but I tend to keep things like embeddable images and JavaScript in tact so I don't break the websites that rely on them. I often switch URLs around, hence the need for redirecting.

I was using my NearlyFreeSpeech.NET account to handle all of my redirecting, but I was serving about 12MB of redirect data a month; a bit of a waste of money when I could employ my Linode to deal with it.

So, nginx. Love it. It's not to complicated to set up, nor is it feature lacking. I use the http Host header to decipher where traffic should be sent by use of an if statement on a catch-all server, example config (for inside the http block) below:

server {
       listen 80 default;
       server_name _;
       if ( $HOST = 'aelabs.net' ) {
           rewrite ^/(.*)$ http://www.aelabs.net/$1 permanent;
       }
       if ( $HOST = 'alanedwardes.com' ) {
           rewrite ^/(.*)$ http://www.alanedwardes.com/$1 permanent;
       }
       if ( $HOST = 'posts.alanedwardes.com' ) {
           rewrite ^/(.*)$ http://www.alanedwardes.com/posts/$1 permanent;
       }
}

As you can see, it's extremely simple to serve a redirect, and this is just written in the nginx config language. I'm not touching any web-specific languages like PHP, which would incur a longer response turnaround and higher resource usage per request. (Note that I have to redirect the "www" for my domain because the Google App Engine doesn't like naked domains, this isn't some crazy vendetta I've got against "naked" domain use.)

So, if you visit linode.alanedwardes.com, you get a 404, while alanedwardes.com sends a 301, and you get gracefully dumped (no oxymoron intended) at the www-ed up counterpart.

I started using nginx on my Linode on the 4th of July, and at the time of writing (10th of July) have served 35,124 redirects, and because I'm using nginx it hasn't impacted RAM or CPU at all.

Since I switched my comment system that tells the user if their comment is spam (documented in this extremely boring post), I've not had any spam comments.

None. Not a sausage. Nil. Null. Spam_Comments = False.

I have noticed something odd in my Google App Engine visit logs though. There are bots that keep trying to access my site via URLs such as /index2.php?option=com_myblog&Itemid=1&task=../../../../../../../../../proc/self/environ, which is nice for them. Trying to hack my Python site with an attack that looks like it would only work with an arbitrary PHP CMS (Joomla??). Neat.

Then there's this, which was seemingly sent in the POST data to a URL similar to the one above. I'm not willing to prettify it to see exactly what it does, but clearly it's not going to be good.

The way I see it, I can't mitigate these kind of attacks. The IP addresses used are only used twice before a new IP is used. Right now there are only a few of these requests popping up daily, but it's a little worrying that my site has been identified as attackable; it's a blog, there's nothing at all to gain. Sucks for me.

Being the avid tech-news collector I am, I streamed the Microsoft E3 event as they officially launched the controller-free motion sensor Kinect. The future of video-games is here, but you still look like an idiot using it.

The controller and voice control working with the Xbox 360 dashboard were demoed, then it was straight into some pretty awful Kinect-title demos played by prozac-enhanced Microsoft drones who repeatedly shouted overzealous catch phrases such as "awesome!" and "good job!". People that happy should be lined up and tasered, then forced to see themselves doing a full-body muscle spasm as the current rages through them until they see the error of their ways.

There was a demo of a children's game in which a child used gestures to control an on-screen animal. It was quite a cool demo until I realized that the child was just talking to a screen. No human or animal interaction, just cogs and gears. It scared me.

They also demoed a Skype-like online video chat in which a Microsoft engineer chatted with her sister over Xbox live using Kinect, which sounded so scripted I began to start doubting whether this entire release was just an elaborate drama inside my head. It sadly wasn't, and I was left cringing behind my hands for the remainder of the demo.

From what I've seen though, I think it's cool, and I want one. Fun like the Wii, but it won't have many of the patronising elements the Wii games have that I utterly despise. And, as a bonus, you get a camera, microphone, voice recognition and controller-less play. A win for Microsoft in this respect — they won't be suffering from lawsuits like Nintendo did regarding smashed windows and pets. Unless those same people decide that Kinect is a free pass to have-at the furniture with no further repercussions, I think Microsoft are fairly safe on the legal side of things.

Ultimately though, whatever features Kinect it toots, it won't beat the Wii on price. That's still one area that Microsoft can't easily gain market share; not if their product doesn't enable you to piss the money back that you could've saved buying a Wii.

Typically, I deal with comment spam the way I was trained to because of CMS software such as WordPress:

But, this leaves you with a database full of spam comments, along with a load of junk to sift through when trying to find false positives. It also means that some people get too reliant on the intelligence of the spam software and assume it has correctly identified the comment correctly as spam, so simply purge the spam queue. False positives just get lost.

How is my system different? I got fed up of the moderation queue side of things, so figured it would be much easier to provide the commenter with feedback if their comment is marked as spam and allow them to reduce the number of links they've used.

It's not such a crazy notion:

• The spam bot can't read the feedback; it would just assume it has been submitted successfully
• The spammer could interface directly with Akismet API and find a comment structure that gets through the system
• The user gets immediate feedback; if they've spent a long time on a comment that is put in moderation it could fall victim to a spam queue purge
• No moderation queue

I added an IP address check as an extra prevention against any kind of trial-and-error approach at spamming; the comment form can only be submitted 5 times every 2 minutes (excluding for validation).

Not a lot different, much simpler from the administrative perspective, and more transparent from an end-user's perspective.

Valve's first downloadable content for Left 4 Dead 2 was The Passing; an extra campaign to link the first Left 4 Dead game with the second. It features the old characters and a mix of the L4D1 and L4D2 graphical style to create a believable bridge between the games. The DLC is free for PC owners, but it costs 560 MS points for the Xbox 360.

I was excited about this when it was announced; being one to enjoy the story as much as the mass zombie killing I welcomed a link between the characters that I'd played previously and the newly introduced cast.

The actual result is a pretty mediocre story, with (as the name suggests) a brief meeting with the old characters, but a fresh gameplay experience with 3 large levels and varied environments.

The last level is a little tedious; a simple gas-can collection like the end of the first campaign, but the other two levels make up for that.

New achievements, a weekly "mutation" game mode and new uncommon-common infected along with a load of new dialogue and general story tidbits. Overall, this is a great new addition to the game.