Web

Let’s Encrypt has taken the world by storm by providing free SSL certificates that can be renewed via automated methods.

I’ve decided to start a series of posts called “Chronicles of SELinux” where I hope to educate more users on how to handle SELinux denials with finesse rather than simply disabling it entirely.

For those of you in the market for a cheap webcam for videoconferencing or home surveillance, the Logitech C270 is hard to beat at about $20-25 USD.

Docker is a hot topic in the Linux world at the moment and I decided to try out the new trusted build process.

I stumbled upon a helpful guide to securing an apache server via Reddit’s /r/netsec subreddit.

Changing my ssh port from the default port (22) has been one of my standard processes for quite some time when I build new servers or virtual machines.

It’s no secret that Google Reader is a popular way to keep up with your RSS feeds, but it’s getting shelved later this year.

It’s been a few years since I started a little project to operate a service to return your IPv4 and IPv6 address.

My quest to get better at Python led me to create a new project on GitHub.

One of the handiest tools in the OpenSSL toolbox is s_client.

If you offer a web service that users query via scripts or other applications, you’ll probably find that some people will begin to abuse the service.

As many of you might have noticed from my previous GlusterFS blog post and my various tweets, I’ve been working with GlusterFS in production for my personal hosting needs for just over a month.

Typical configuration for a proxy-type load balancer

After working with some RHEL 5 servers fairly regularly, I noticed a reduction in Apache 2.

Most web developers expend a lot of energy optimizing queries, reducing the overhead of functions, and streamlining their application’s overall flow.

UPDATE: The TRACE/TRACK methods are disabled in Plesk 8.

If you’ve used newer versions of Horde with Plesk, you have probably noticed the news feed that runs down the left side of the screen.

There’s a few issues with PHP 5.

Apparently, a recent Red Hat Enterprise Linux update for ES3, 4 and 5 caused some Perl applications to throw errors like these:

By default, Red Hat Enterprise Linux 4 sets the default character set in Apache to UTF-8.

On brand new Plesk 8.

I’ve seen quite a few situations where the Horde login process can take upwards of 45 minutes to log a user into the webmail interface.

Some users will want to parse HTML through the PHP parser because one of their applications requires it, or because they think it’s a good idea.

Since AOL sends their users’ traffic through proxy servers, this can cause problems with Horde’s session handling in Plesk.

When you create a CSR and private key to obtain an SSL certificate, the private key has some internal data called a modulus.

We all enjoy having the GoogleBot and other search engine robots index our sites as it brings us higher on search engines, but it’s annoying when some user scrapes your site for their own benefit.

Lots of PCI Compliance and vulnerability scan vendors will complain about TRACE and TRACK methods being enabled on your server.

This error completely stumped me a couple of weeks ago.

With Plesk 7.

Urchin sometimes takes it upon itself to do some weird things, and this is one of those times.

Should you find yourself in the situation where you’ve forgotten the Urchin admin password, don’t worry.

When Urchin’s task scheduler fails, you’ll notice big gaps in your data within Urchin.

If you need a quick self-signed certificate, you can generate the key/certificate pair, then sign it, all with one openssl line:

If you’ve used Plesk with a large amount of domains, you know what a pain running out of file descriptors can be.

With portinstall:

Making Java keystores at the same time as you create a CSR and key is pretty easy, but if you have a pre-made private key that you want to throw into a keystore, it can be difficult.

If something horrible happened to your Urchin license key or you need to replace it with something else, just run this command to change the key:

Installing snort from ports on FreeBSD is pretty straightforward, but there are some ‘gotchas’ that you need to be aware of.

If you have an open_basedir restriction that is causing issues with a domain, you can remove the restriction easily.

On some servers, you may notice that MySQL is consuming CPU and memory resources when it’s not processing any queries.

Thanks to a highly awesome technician on my team, we’ve discovered the perfect permissions setup for Joomla and Plesk:

If you need to strip query strings from a URL with mod_rewrite, you can use a rewrite syntax such as the following:

If you find that Horde (with Plesk) keeps refreshing when you attempt to log in, and there are no errors logged on the screen or in Apache’s logs, check the session.

To install PayFlowPro, you will need a few things:

If you have weird SSL errors and this one appears, you are trying to speak SSL to a daemon that doesn’t understand it:

As with most things, turning off SSLv2 in Lighttpd is much easier than in Apache.

WordPress uses .

It seems like lighttpd and Tomcat are at the forefront of what is ‘hot’ these days.

You may find that some sites do not work well if you omit a trailing slash on the URL.

Often times, the wonderful webmail application known as Horde will spin out of control and cause unnecessary resource usage and often cause defunct Apache processes to appear.