MediaWiki / Amazon ELB / CloudFlare – IP Addresses

Using an out-of-the-box MediaWiki installation in the Amazon EC2 environment behind an Elastic Load Balancer and CloudFlare as a DNS provider, every user’s IP address will show as the load balancer’s IP address.  For obvious reasons, this is not ideal, but is easy to remedy.

First, add $wgUsedPrivateIPs = true; to your LocalSettings.php if not already present.

Then, the TrustedXFF MediaWiki extension needs to be installed, and the CloudFlare IP addresses should be added to the trusted-hosts.txt document.  The extension handles the IP range syntax used by CloudFlare, so a direct copy of the IPv4 text file is sufficient.  In addition, add your elastic load balancer IP address/range so that proxy will also be whitelisted.

Edit generate.php – find the location where a “Range too big” error could be thrown.  On the line above this, change the 8192 limit to 132192.  This will ensure all CloudFlare IP addresses are added.  If you run into performance problems later, start removing the lesser-used ISPs from the bottom of the trusted-hosts.txt document.

If your server is not live, add the require_once line to your LocalSettings.php.  Then, run the generate.php script that came with the extension.

If your server is live, you will need to specify the installation location on the command line (mediawiki_directory/cache/trusted-xff.cdb by default).

The generate.php file will create a database of IP addresses that will be used as trusted proxies.  Since you added CloudFlare’s IP addresses, you should now see the actual IP address of the user.

You may consider running generate.php periodically to receive updated IP addresses.

The procedure above allows you to get the actual IP address of the user without modifying core MediaWiki code, as the CloudFlare FAQ suggests.

Read More

Amazon Elastic Load Balancer on a root domain

Over the past few months, Hollow Developers has migrated servers into the Amazon EC2 environment. As part of this setup, a load balancer redirects traffic to a number of individual EC2 web server instances.  A limitation to this, however, is that Amazon’s load balancers don’t work on root domains (for example,, no www in front).  The reason that these load balancers don’t work on root domains is because the DNS record must be a CNAME record, and not an A record.  And, root domains at most DNS providers only allow A records.

CNAME and A Records: CNAME entries allow domains to create subdomains like ‘’, which can act as an alternative address to something like ‘’ – the CNAME record makes that long URL at another domain easy to remember.  A records only allow IP addresses.  Amazon Load Balancers require an entry like ‘’, so a CNAME entry is required.

So, this ultimately requires websites to use ‘www’ or something similar in front of their domain, since the ‘www’ record can be a CNAME record.  As part of their sales pitch for their Route 53 DNS service, Amazon mentions that Route 53 allows you to place CNAME-type records into your root domain.  However, we have always been happy with our DNS provider, CloudFlare.  So, what is an easy way to ensure that all traffic goes through our load balancer?

On first glance, Hollow Developers was OK – our web servers automatically redirect users from the root domain to the www domain, primarily for consistency for search engine crawlers.  However, in order for this to happen, the user would have already hit our server on the root domain.  We wanted all traffic to go through the load balancer, regardless of the small number of hits that may come in through the root domain.  This is where CloudFlare’s page rules came in.

CloudFlare page rules allow website owners to write redirect rules, allowing all traffic from the root domain to redirect to the www domain.  Best of all, even free CloudFlare accounts allow a few page rules, meaning that anyone can use this trick for a free alternative to Amazon’s Route 53.  Just a few rules will get you up and running:

  • Forward* to$1
  • Forward to

The first rule will forward all pages on the domain to the exact same page on www.  The second rule forwards the ‘naked’ root domain to the www domain.  For more information on the syntax used, consult the CloudFlare documentation on the Page Rules interface.

There are numerous alternatives to this approach – including the use of Amazon’s Route 53 DNS service.  However, we wanted to keep CloudFlare’s security and DDOS prevention features, so this was not an option we wanted to take.  Have other alternatives?  We would love to hear your comments/questions.

Read More

Rackspace Cloud Load Balancing

At Hollow Developers, we use Rackspace Cloud for this website, and have started to move over our gaming and education websites to this host.  Today, they have announced public availability of their Rackspace Cloud Load Balancing API.  We have been waiting for this since November when they first announced a public beta, and are even more excited about what this means for our clients in the future.

What is Load Balancing?

Load balancing allows websites to split up the work of hosting pages and images to multiple machines.  Take a site like Amazon.  There’s no way that one server would be able to keep up with all those visitors!  So, Amazon tells some of its customers to use Server A, and some of its customers to use Server B (in reality, there’s probably thousands of machines at Amazon).

There are a few benefits to this.  First, with multiple machines, you have redundancy – your data is stored in multiple locations, and in case one server goes down, your website can still stay online.  Second, suppose one server is being overloaded with a very complex request.  With load balancing, the other server can pick up the slack until the resource-intensive task is complete.  Load balancing also allows you to take servers out of the rotation and perform maintenance, without bringing down your website.  The wikipedia article has a long list of other benefits.

Load Balancing For Small Businesses

In the past, load balancing has been out of reach for many small businesses.  If  your dedicated server that hosted your website went down, your customers would be met with a dreaded 404 page.  However, with load balancing coming soon to the Rackspace Cloud Control Panel, this is going to get much easier very soon.  Starting at $20/month, Rackspace’s solution is poised to be one of the first easy-to-use and inexpensive cloud load balancers.

Interested in getting your site on Rackspace Cloud?  Contact Hollow Developers for a consultation.

Read More

Happy Birthday Wikipedia

Happy birthday, Wikipedia!  The world has changed a lot since 2001, and Wikipedia has been along for the ride.  The open source software that powers Wikipedia, MediaWiki, is used for a large number of wikis around the globe.  In fact, Hollow Developers has utilized MediaWiki for over 5 years at The World Called Hollow.  Hollow’s community wiki contains extensive documentation about the world, and has been carefully crafted by the players of the game.

A wiki provides a great way for many people to collaborate on the same document.  Companies are increasingly looking to wikis to provide support for employees, and MediaWiki is a great tool to accomplish this goal.

Read More

World IPv6 Day

Google will join a a variety of web companies to participate in World IPv6 Day on June 8, 2011.  Gearing up for IPv6 is incredibly important for the future of the Internet, as the IPv4 space is forecast to be depleted by the end of 2011.

What is IP?
IP stands for Internet Protocol, and is the method that devices use to communicate with each other over the Internet.  In theory, a unique IP address would be assigned to each device on the Internet.  IPv4, the Internet Protocol that most devices are using at the moment, has the capacity for 4 billion addresses.  In the early 80’s, at the creation of IPv4, this number seemed to be plenty.  However, with millions of Internet-connected devices being activated each year, the IPv4 address space is in short supply.

What is World IPv6 Day?
World IPv6 Day is a day for website and network operators to flip on the switch for IPv6, and learn some lessons before everyone is forced to flip the switch on IPv6 in the near future.  Hopefully, any kinks in the system will be worked out quickly, and everyone involved will be able to better their networks for IPv6 adoption.  Hollow Developers will be participating in World IPv6 Day with our flagship HollowGame website.  The IPv4-enabled website will continue to work as it does now, but IPv6-enabled users will be encouraged to visit us at a separate address, which will be announced shortly before June 8.

Happy IPv6’ing!

Read More

Gaga for Google

It’s fair to say that we are Google fanboys, or Gaga for Google, or any other variation on that theme.  Whenever we create a new website for a client or for internal purposes, one of the first things we do is signup for a Google Apps for Domains account.  For those unfamiliar with Google Apps, it allows Google to host your email server and provide many other Google services to your users.

Google Apps – Email

One of the best features is the ability to use Google as your email provider.  Not only do you remove the complexity of administering a mail server, but also remove all that email traffic from hitting your web server.  After a few quick steps, your domain is setup and ready for email.

When we setup a domain for email in Google Apps, one of the first things we like to do is setup a ‘catch-all’ account that will catch all of the email that doesn’t match a particular user.  This allows for emails to misspellings like suport (at) to get to the proper destination without a pesky error message going back to the sender.  Luckily, Google has made this quite easy to accomplish.  However, we go one step further on some ‘vanity’ domains that we own that were never really intended to be used as full websites, but rather are kept to protect brand integrity, etc.  For these domains, we setup a Google Apps account and forward the catch-all email to our main accounts at  That way, we only have to check one account for all domains.  Obviously, this isn’t ideal for all operations, but we rely on it heavily to ensure that all of our client emails reach their intended destination.  One hiccup that we have encountered while setting up this forwarding is the missing ‘forwarding’ option in the Google Mail settings after setting up the domain for email for the first time.  If you encounter this, just wait until your MX records have been updated, and Google has had a chance to enable your account for email.

Read More

A New Day

Another year begins for us at Hollow Developers.  As part of that new year, we have a new beginning with a brand new website featuring this blog, which will primarily focus on LAMP-stack programming.  We will also focus on other technology topics.

Company Background

Hollow Developers is based in Bloomington, Illinois.  We offer technology consulting and web design/development services.  Our flagship product, The World Called Hollow, is a web-based role playing game enjoyed by thousands of active players every month.  Hollow Developers also provides speech tournament management software at

Read More