You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Louis LeBlanc <le...@keyslapper.org> on 2001/10/29 02:51:27 UTC
New mod_perl hacker wannabe . . .
Hey all.
Just looking for a little direction here.
I'm just getting started learning perl and mod_perl (might as well
jump in with both feet, right?). I am mostly just doing my own thing
and trying to solve interesting little problems as they come up.
A while back, I modified the Apache::CodeRed module on CPAN, written
by Reuven Lerner to create Apache::Nimda. Now the CodeRed module
hasn't had a single hit in almost 3 weeks, but Nimda still handles a
good hundred or so each day.
Well, I know that even Nimda won't last forever, and that module might
need to be rewritten to handle general web based virii requesting Win
based files, but that's minor. I'd eventually like to improve its
configurability.
Just today, I finished a new module - my first from scratch - for
handling 404 errors. I know Apache::404 isn't a real imaginative
name, but it works.
Anyway, I'd like to know if it is customary for any schmuck who has
deluded himself into thinking his module is the cat's ass to submit it
to CPAN and put up a tile as a mod_perl hacker?
Probably not, but I'd sure be happy to see some ideas and comments,
slurs against my coding abilities . . .
Well, try to go easy on the slurs :)
If you care to check out the couple of little things I've done, and
tell me what a dope I am for thinking anyone gives a cr@p, check out
my little dinky page at http://www.keyslapper.org/modules/.
Feeling a bit wierd lately, so rest assured, I'm not always this self
depricating :) And I'm not gonna freak out with a little constructive
criticism.
Thanks all.
Lou
--
Louis LeBlanc leblanc@keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org Ô¿Ô¬
Patageometry, n.:
The study of those mathematical properties that are invariant
under brain transplants.
[OT] Nimda etc (was Re: New mod_perl hacker wannabe . . .)
Posted by Nick Tonkin <ni...@rlnt.net>.
Er, you might look at http://www.tonkinresolutions.com/MSIISProbes.pm.html
...
Always a good idea to search the mod_perl list archives, as well as put
out ideas in the present tense :)
Nick
~~~~~~~~~~~
Nick Tonkin
On Mon, 29 Oct 2001, Louis LeBlanc wrote:
> On 10/28/01 08:29 PM, Jeremy Rusnak sat at the `puter and typed:
> > > Just today, I finished a new module - my first from scratch - for
> > > handling 404 errors. I know Apache::404 isn't a real imaginative
> > > name, but it works.
> >
> > I took a look at this, it's a good idea for smaller sites. I would
> > suggest that you figure out a way to put a rate limit on the number
> > of E-mails that are sent warning the admin, though. On my site
> > we receive over a million page views a day...When something gets
> > broken I don't want to have 10,000 E-mails in my inbox.
> >
> > In addition, there are many black hats out there who might be
> > tempted to use this an exploit. I once had a script that told the
> > user "Error blah blah...An E-mail has been sent to our support
> > staff to notify them of the problem." Of course some people
> > decided to call the script thousands of times and fill up the
> > hard drive on our mail server.
> >
> > Of course, not all sites are going to have issues like this...But
> > I think if you're going to be releasing modules it might be a
> > good idea to include some notes for sites that MIGHT.
>
> Very good point. The CodeRed and Nimda modules have a cache mechanism
> (File::Cache, IIRC) that prevents repeat reports within a 24 hour
> period. Definitely a good idea.
>
> This would also help with the likes of the Nimda and CodeRed hits, so
> you would only get one per day of any of the unique URIs generating
> reports.
>
> Now I DO see the value of opening discussion *prior* to just throwing
> a module out! :)
>
> Look for V1.01 in the next week :)
>
> Thanks!
> Lou
> --
> Louis LeBlanc leblanc@keyslapper.org
> Fully Funded Hobbyist, KeySlapper Extrordinaire :)
> http://www.keyslapper.org ԿԬ
>
> Second Law of Final Exams:
> In your toughest final -- for the first time all year -- the most
> distractingly attractive student in the class will sit next to you.
>
>
Re: New mod_perl hacker wannabe . . .
Posted by Louis LeBlanc <le...@keyslapper.org>.
On 10/28/01 08:29 PM, Jeremy Rusnak sat at the `puter and typed:
> > Just today, I finished a new module - my first from scratch - for
> > handling 404 errors. I know Apache::404 isn't a real imaginative
> > name, but it works.
>
> I took a look at this, it's a good idea for smaller sites. I would
> suggest that you figure out a way to put a rate limit on the number
> of E-mails that are sent warning the admin, though. On my site
> we receive over a million page views a day...When something gets
> broken I don't want to have 10,000 E-mails in my inbox.
>
> In addition, there are many black hats out there who might be
> tempted to use this an exploit. I once had a script that told the
> user "Error blah blah...An E-mail has been sent to our support
> staff to notify them of the problem." Of course some people
> decided to call the script thousands of times and fill up the
> hard drive on our mail server.
>
> Of course, not all sites are going to have issues like this...But
> I think if you're going to be releasing modules it might be a
> good idea to include some notes for sites that MIGHT.
Very good point. The CodeRed and Nimda modules have a cache mechanism
(File::Cache, IIRC) that prevents repeat reports within a 24 hour
period. Definitely a good idea.
This would also help with the likes of the Nimda and CodeRed hits, so
you would only get one per day of any of the unique URIs generating
reports.
Now I DO see the value of opening discussion *prior* to just throwing
a module out! :)
Look for V1.01 in the next week :)
Thanks!
Lou
--
Louis LeBlanc leblanc@keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org Ô¿Ô¬
Second Law of Final Exams:
In your toughest final -- for the first time all year -- the most
distractingly attractive student in the class will sit next to you.
Re: New mod_perl hacker wannabe . . .
Posted by Louis LeBlanc <le...@keyslapper.org>.
On 10/28/01 08:27 PM, John Michael sat at the `puter and typed:
> I'm new to the list and have very little experience writing modules but have
> one concern because I have written quite a few perl scripts that send email
> alerts and I also ran a perl script that picked up 404 error through the doc
> error directive and know what kind of output is possible.
> Here it is.
> My server is constantly getting scanned by various hacking robots. I will
> get hundreds of these a day or more sometimes.
>
> [Sun Oct 28 18:51:00 2001] [error] [client 64.81.175.236] File does not
> exist: /home/usr1/digital/html/scripts/root.exe
> [Sun Oct 28 18:51:01 2001] [error] [client 64.81.175.236] File does not
> exist: /home/usr1/digital/html/MSADC/root.exe
> [Sun Oct 28 19:28:29 2001] [error] [client 64.81.41.2] File does not exist:
> /home/usr1/digital/html/scripts/root.exe
Yeah. Looks like a new stage of Nimda. These are the original 16
urls that were requested by Nimda:
/scripts/root.exe?/c+dir
/MSADC/root.exe?/c+dir
/c/winnt/system32/cmd.exe?/c+dir
/d/winnt/system32/cmd.exe?/c+dir
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir
I suppose it is possible that you are just seeing a sort of
translation of these in your logs, but I have been seeing one more
lately (sneaking by the handler directive somehow because of a special
char):
/scripts/..À/../winnt/system32/cmd.exe
The accented A seems to sneak by the Apache LocationMatch regexp I
have, which should catch ALL */cmd.exe, */root.exe, etc.
Anyway, I also get hundreds of these, but Apache::Nimda keeps them
outta my hair pretty well. There's a few pointers as to how to just
throw these out at http://www.keyslapper.org/Nimda/index.shtml
> I'm not even on an nt machine and they are scanning for windows files. I
> think these have something to do with a virus going around right now. You
> can't block the ips, because they are constantly changing. Your server
> would stressed to check the long list of blocked ips after a while.
Yup. Nimda doesn't seem to be intelligent enough to recognize a non
exploitable system and avoid it. Seems it woulda done a lot more
damage if that were the case. None of us *nix nutz woulda been
reporting the infected systems, so it woulda been left to the Windoze
admins to do something. I don't have to tell you how that woulda
gone.
> The problem is that your script will be possible sending out hundreds of
> emails or more a day of useless information.. You would need some kind of
> intellegent way to determine if it was a legitimate request for a seemingly
> legitimate document. Is that possible?
Yes, but if you install a handler to deal with Nimda, these are
reduced phenomenally. I guestimate anywhere from 60 to 6000
individual requests per day coming from Nimda infected systems, but I
can't be any more accurate than that because I just don't see them.
With the Nimda handler in place, those hits *don't* cause a 404.
Well, most don't. So far, the one with the accented A does, and the
one with the %c0%2f does too, but I filter those explicitly thru
procmail, so problem solved with another tool.
The only reason these slide thru is that for some reason the Apache
regexp implementation gets fuddled by the %2f and the accented A.
Maybe in 1.3.21 it will be fixed. Not that big a deal though.
> Hope this doesn't discourage you.
Naahhh. Just one more problem to solve :)
I love perl!
I'm starting to see why it is referred to as the Swiss Army chainsaw
of computing!
Cheers
Lou
--
Louis LeBlanc leblanc@keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org Ô¿Ô¬
Is knowledge knowable? If not, how do we know that?
Re: [OT] Nimda, etc (was: New mod_perl hacker wannabe . . .)
Posted by Stas Bekman <st...@stason.org>.
John Michael wrote:
> I tried
> PerlPostReadRequestHandler Apache::DONE
> and apache would not start
>
> I changed it to:
> <LocationMatch "\.(ida|exe)$">
> SetHandler perl-script
> PerlInitHandler Apache::DONE
> </LocationMatch>
>
> Apache then started
> And it looks for the module DONE.pm
My bad, should have tested and not send things off my head :(
Try this:
PerlModule Apache::Constants
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlInitHandler Apache::Constants::DONE
</LocationMatch>
% HEAD http://127.0.0.1:8000/foo.exe
500 unexpected EOF before status line seen
Client-Date: Mon, 29 Oct 2001 06:48:10 GMT
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:stas@stason.org http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
Re: [OT] Nimda, etc (was: New mod_perl hacker wannabe . . .)
Posted by John Michael <jo...@acadiacom.net>.
I tried
PerlPostReadRequestHandler Apache::DONE
and apache would not start
I changed it to:
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlInitHandler Apache::DONE
</LocationMatch>
Apache then started
And it looks for the module DONE.pm
So I guess you have to write the module for it to work.
I then changed it to:
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlInitHandler "sub { return OK; }"
</LocationMatch>
and got this in the error log.
Argument "OK" isn't numeric. => tried changeing it from OK to 200 and
still did not work.
It did get rid of the file not found error.
So I changed the OK to 200 in this version and it does work.
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlHandler "sub { return 200; }"
</LocationMatch>
I'm guessing this is because apache::constants have not been loaded at this
point.
Thanks
JM
> David Young wrote:
>
> > FWIW, Apache::CodeRed seemed like a good idea for a while, and then
Nimbda
> > showed up, and it was apparent no one was actually doing anything about
the
> > infected machines. I got sick of the notifications and the junk in my
error
> > log, so I resorted to this handler:
> >
> > <LocationMatch "\.(ida|exe)$">
> > SetHandler perl-script
> > PerlHandler "sub { return OK; }"
> > </LocationMatch>
>
>
> And the most effective would be to use PerlPostReadRequestHandler
> (or PerlInitHandler, which is an alias to PerlPostReadRequestHandler)
>
> <LocationMatch "\.(ida|exe)$">
> SetHandler perl-script
>
> PerlPostReadRequestHandler Apache::DONE
>
> </LocationMatch>
>
> since it returns at the earliest possible request phase. And you don't
> need the sub {}, just Apache::* will do.
>
> Apache::DONE tells Apache to immediately jumps out of the request
> loop, log the transaction and close the client connection. This is
> one way to halt the transaction without generating an error status.
>
> _____________________________________________________________________
> Stas Bekman JAm_pH -- Just Another mod_perl Hacker
> http://stason.org/ mod_perl Guide http://perl.apache.org/guide
> mailto:stas@stason.org http://ticketmaster.com http://apacheweek.com
> http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
>
Re: [OT] Nimda, etc (was: New mod_perl hacker wannabe . . .)
Posted by John Michael <jo...@acadiacom.net>.
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlPostReadRequestHandler Apache::DONE
</LocationMatch>
I tried adding the above code to my perl.conf file. and got this error on
restart.
Syntax error on line 31 of /etc/httpd/conf/conf/perl.conf:
PerlPostReadRequestHandler not allowed here
JM
----- Original Message -----
From: "Stas Bekman" <st...@stason.org>
To: "David Young" <dy...@nettonettech.com>
Cc: <mo...@apache.org>
Sent: Sunday, October 28, 2001 11:45 PM
Subject: Re: [OT] Nimda, etc (was: New mod_perl hacker wannabe . . .)
> David Young wrote:
>
> > FWIW, Apache::CodeRed seemed like a good idea for a while, and then
Nimbda
> > showed up, and it was apparent no one was actually doing anything about
the
> > infected machines. I got sick of the notifications and the junk in my
error
> > log, so I resorted to this handler:
> >
> > <LocationMatch "\.(ida|exe)$">
> > SetHandler perl-script
> > PerlHandler "sub { return OK; }"
> > </LocationMatch>
>
>
> And the most effective would be to use PerlPostReadRequestHandler
> (or PerlInitHandler, which is an alias to PerlPostReadRequestHandler)
>
> <LocationMatch "\.(ida|exe)$">
> SetHandler perl-script
>
> PerlPostReadRequestHandler Apache::DONE
>
> </LocationMatch>
>
> since it returns at the earliest possible request phase. And you don't
> need the sub {}, just Apache::* will do.
>
> Apache::DONE tells Apache to immediately jumps out of the request
> loop, log the transaction and close the client connection. This is
> one way to halt the transaction without generating an error status.
>
> _____________________________________________________________________
> Stas Bekman JAm_pH -- Just Another mod_perl Hacker
> http://stason.org/ mod_perl Guide http://perl.apache.org/guide
> mailto:stas@stason.org http://ticketmaster.com http://apacheweek.com
> http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
>
Re: [OT] Nimda, etc (was: New mod_perl hacker wannabe . . .)
Posted by Stas Bekman <st...@stason.org>.
David Young wrote:
> FWIW, Apache::CodeRed seemed like a good idea for a while, and then Nimbda
> showed up, and it was apparent no one was actually doing anything about the
> infected machines. I got sick of the notifications and the junk in my error
> log, so I resorted to this handler:
>
> <LocationMatch "\.(ida|exe)$">
> SetHandler perl-script
> PerlHandler "sub { return OK; }"
> </LocationMatch>
And the most effective would be to use PerlPostReadRequestHandler
(or PerlInitHandler, which is an alias to PerlPostReadRequestHandler)
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlPostReadRequestHandler Apache::DONE
</LocationMatch>
since it returns at the earliest possible request phase. And you don't
need the sub {}, just Apache::* will do.
Apache::DONE tells Apache to immediately jumps out of the request
loop, log the transaction and close the client connection. This is
one way to halt the transaction without generating an error status.
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:stas@stason.org http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/
[OT] Nimda, etc (was: New mod_perl hacker wannabe . . .)
Posted by David Young <dy...@nettonettech.com>.
FWIW, Apache::CodeRed seemed like a good idea for a while, and then Nimbda
showed up, and it was apparent no one was actually doing anything about the
infected machines. I got sick of the notifications and the junk in my error
log, so I resorted to this handler:
<LocationMatch "\.(ida|exe)$">
SetHandler perl-script
PerlHandler "sub { return OK; }"
</LocationMatch>
> From: "John Michael" <jo...@acadiacom.net>
> Date: Sun, 28 Oct 2001 20:27:03 -0600
> To: <mo...@apache.org>
> Subject: Re: New mod_perl hacker wannabe . . .
>
> My server is constantly getting scanned by various hacking robots. I will
> get hundreds of these a day or more sometimes.
>
> [Sun Oct 28 18:51:00 2001] [error] [client 64.81.175.236] File does not
> exist: /home/usr1/digital/html/scripts/root.exe
> [Sun Oct 28 18:51:01 2001] [error] [client 64.81.175.236] File does not
> exist: /home/usr1/digital/html/MSADC/root.exe
> [Sun Oct 28 19:28:29 2001] [error] [client 64.81.41.2] File does not exist:
> /home/usr1/digital/html/scripts/root.exe
RE: New mod_perl hacker wannabe . . .
Posted by Jeremy Rusnak <jr...@igl.net>.
> Just today, I finished a new module - my first from scratch - for
> handling 404 errors. I know Apache::404 isn't a real imaginative
> name, but it works.
I took a look at this, it's a good idea for smaller sites. I would
suggest that you figure out a way to put a rate limit on the number
of E-mails that are sent warning the admin, though. On my site
we receive over a million page views a day...When something gets
broken I don't want to have 10,000 E-mails in my inbox.
In addition, there are many black hats out there who might be
tempted to use this an exploit. I once had a script that told the
user "Error blah blah...An E-mail has been sent to our support
staff to notify them of the problem." Of course some people
decided to call the script thousands of times and fill up the
hard drive on our mail server.
Of course, not all sites are going to have issues like this...But
I think if you're going to be releasing modules it might be a
good idea to include some notes for sites that MIGHT.
Jeremy
Re: New mod_perl hacker wannabe . . .
Posted by John Michael <jo...@acadiacom.net>.
I'm new to the list and have very little experience writing modules but have
one concern because I have written quite a few perl scripts that send email
alerts and I also ran a perl script that picked up 404 error through the doc
error directive and know what kind of output is possible.
Here it is.
My server is constantly getting scanned by various hacking robots. I will
get hundreds of these a day or more sometimes.
[Sun Oct 28 18:51:00 2001] [error] [client 64.81.175.236] File does not
exist: /home/usr1/digital/html/scripts/root.exe
[Sun Oct 28 18:51:01 2001] [error] [client 64.81.175.236] File does not
exist: /home/usr1/digital/html/MSADC/root.exe
[Sun Oct 28 19:28:29 2001] [error] [client 64.81.41.2] File does not exist:
/home/usr1/digital/html/scripts/root.exe
I'm not even on an nt machine and they are scanning for windows files. I
think these have something to do with a virus going around right now. You
can't block the ips, because they are constantly changing. Your server
would stressed to check the long list of blocked ips after a while.
The problem is that your script will be possible sending out hundreds of
emails or more a day of useless information.. You would need some kind of
intellegent way to determine if it was a legitimate request for a seemingly
legitimate document. Is that possible?
Hope this doesn't discourage you.
Cya
John Michael
----- Original Message -----
From: "Louis LeBlanc" <le...@keyslapper.org>
To: <mo...@apache.org>
Sent: Sunday, October 28, 2001 7:51 PM
Subject: New mod_perl hacker wannabe . . .
> Hey all.
> Just looking for a little direction here.
>
> I'm just getting started learning perl and mod_perl (might as well
> jump in with both feet, right?). I am mostly just doing my own thing
> and trying to solve interesting little problems as they come up.
>
> A while back, I modified the Apache::CodeRed module on CPAN, written
> by Reuven Lerner to create Apache::Nimda. Now the CodeRed module
> hasn't had a single hit in almost 3 weeks, but Nimda still handles a
> good hundred or so each day.
>
> Well, I know that even Nimda won't last forever, and that module might
> need to be rewritten to handle general web based virii requesting Win
> based files, but that's minor. I'd eventually like to improve its
> configurability.
>
> Just today, I finished a new module - my first from scratch - for
> handling 404 errors. I know Apache::404 isn't a real imaginative
> name, but it works.
>
> Anyway, I'd like to know if it is customary for any schmuck who has
> deluded himself into thinking his module is the cat's ass to submit it
> to CPAN and put up a tile as a mod_perl hacker?
>
> Probably not, but I'd sure be happy to see some ideas and comments,
> slurs against my coding abilities . . .
> Well, try to go easy on the slurs :)
>
> If you care to check out the couple of little things I've done, and
> tell me what a dope I am for thinking anyone gives a cr@p, check out
> my little dinky page at http://www.keyslapper.org/modules/.
>
> Feeling a bit wierd lately, so rest assured, I'm not always this self
> depricating :) And I'm not gonna freak out with a little constructive
> criticism.
>
> Thanks all.
> Lou
> --
> Louis LeBlanc leblanc@keyslapper.org
> Fully Funded Hobbyist, KeySlapper Extrordinaire :)
> http://www.keyslapper.org Ô¿Ô¬
>
> Patageometry, n.:
> The study of those mathematical properties that are invariant
> under brain transplants.
>
Re: New mod_perl hacker wannabe . . .
Posted by Louis LeBlanc <le...@keyslapper.org>.
On 10/29/01 10:39 AM, Stas Bekman sat at the `puter and typed:
> [snip]
>
>
> The truth is that it doesn't matter how many modules you have submitted
> to CPAN. You become a mod_perl hacker by being an *active* contributor.
> And you can contribute in many direct and subtle ways. Some of the
> mod_perl contributors don't have a single module on CPAN, while they
> made their name by helping a lot on this and other lists, helping out
> with documentation or simply submitting patches bug fixes. Eventually
> you may want to subscribe to the developer mailing list and see if you
> can help there.
Cool.
> [snip]
>
> > If you care to check out the couple of little things I've done, and
> > tell me what a dope I am for thinking anyone gives a cr@p, check out
> > my little dinky page at http://www.keyslapper.org/modules/.
>
> This usually works another way around. When you have a proposal for a
> new Apache:: module (either just an idea or a full blown module) you
> submit it to this list with the description *inline* so people can
> respond to the portions of your proposal. After a while you will know
> whether your module seem to be useful and you should proceed with its
> submission. Nobody will stop you from submitting your module even if
> nobody likes it, but that's up to you. Usually, members of the list are
> intimately familiar with many other existing modules and may suggest
> that your proposal duplicates some existing module, and you may want to
> build on top of the existing module or send the patches to its author.
>
> BTW, your proposal post's subject should look something like:
> Subject: [RFC] Apache::404
Ok, This is helpful. Thanks for the enlightenment here. I'll try to
get into this habit. Though I have to admit that it scares me a bit
to put out the smallest seed of an idea and have ideas thrown at me in
a veritable hurricane of suggestions. Of course I'm sure it's not
like that at all, but I guess I still have my stupid little
insecurities in this area. I'll get over it :)
Thanks Stas
Lou
--
Louis LeBlanc leblanc@keyslapper.org
Fully Funded Hobbyist, KeySlapper Extrordinaire :)
http://www.keyslapper.org Ô¿Ô¬
QOTD:
I love your outfit, does it come in your size?
Re: New mod_perl hacker wannabe . . .
Posted by Stas Bekman <st...@stason.org>.
Louis LeBlanc wrote:
> I'm just getting started learning perl and mod_perl (might as well
> jump in with both feet, right?). I am mostly just doing my own thing
> and trying to solve interesting little problems as they come up.
[snip]
> Anyway, I'd like to know if it is customary for any schmuck who has
> deluded himself into thinking his module is the cat's ass to submit it
> to CPAN and put up a tile as a mod_perl hacker?
The truth is that it doesn't matter how many modules you have submitted
to CPAN. You become a mod_perl hacker by being an *active* contributor.
And you can contribute in many direct and subtle ways. Some of the
mod_perl contributors don't have a single module on CPAN, while they
made their name by helping a lot on this and other lists, helping out
with documentation or simply submitting patches bug fixes. Eventually
you may want to subscribe to the developer mailing list and see if you
can help there.
There is a lot of potential in the mod_perl field for people who want to
contribute. And we always welcome new contributors.
[snip]
> If you care to check out the couple of little things I've done, and
> tell me what a dope I am for thinking anyone gives a cr@p, check out
> my little dinky page at http://www.keyslapper.org/modules/.
This usually works another way around. When you have a proposal for a
new Apache:: module (either just an idea or a full blown module) you
submit it to this list with the description *inline* so people can
respond to the portions of your proposal. After a while you will know
whether your module seem to be useful and you should proceed with its
submission. Nobody will stop you from submitting your module even if
nobody likes it, but that's up to you. Usually, members of the list are
intimately familiar with many other existing modules and may suggest
that your proposal duplicates some existing module, and you may want to
build on top of the existing module or send the patches to its author.
BTW, your proposal post's subject should look something like:
Subject: [RFC] Apache::404
_____________________________________________________________________
Stas Bekman JAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide http://perl.apache.org/guide
mailto:stas@stason.org http://ticketmaster.com http://apacheweek.com
http://singlesheaven.com http://perl.apache.org http://perlmonth.com/