web

Although there are a few weeks remaining before Fedora 24 is released, you can test out the Fedora 24 Beta release today!

Let’s Encrypt has taken the world by storm by providing free SSL certificates that can be renewed via automated methods.

I’ve decided to start a series of posts called “Chronicles of SELinux” where I hope to educate more users on how to handle SELinux denials with finesse rather than simply disabling it entirely.

For those of you in the market for a cheap webcam for videoconferencing or home surveillance, the Logitech C270 is hard to beat at about $20-25 USD.

I stumbled upon a helpful guide to securing an apache server via Reddit’s /r/netsec subreddit.

Changing my ssh port from the default port (22) has been one of my standard processes for quite some time when I build new servers or virtual machines.

It’s no secret that Google Reader is a popular way to keep up with your RSS feeds, but it’s getting shelved later this year.

It’s been a few years since I started a little project to operate a service to return your IPv4 and IPv6 address.

My quest to get better at Python led me to create a new project on GitHub.

Today marks the fifth year that this blog has existed on the internet.

One of the handiest tools in the OpenSSL toolbox is s_client.

I sometimes enjoy living on the edge occasionally and that sometimes means I keep up with OpenStack changes commit by commit.

I was surprised to see coverage about icanhazip.

If you offer a web service that users query via scripts or other applications, you’ll probably find that some people will begin to abuse the service.

As my uptime reports have shown, and as some of you have reported, my blog’s load time has increased steadily over the past few weeks.

As many of you might have noticed from my previous GlusterFS blog post and my various tweets, I’ve been working with GlusterFS in production for my personal hosting needs for just over a month.

Typical configuration for a proxy-type load balancer

After working with some RHEL 5 servers fairly regularly, I noticed a reduction in Apache 2.

Most web developers expend a lot of energy optimizing queries, reducing the overhead of functions, and streamlining their application’s overall flow.

UPDATE: The TRACE/TRACK methods are disabled in Plesk 8.

If you’ve used newer versions of Horde with Plesk, you have probably noticed the news feed that runs down the left side of the screen.

There’s a few issues with PHP 5.

Apparently, a recent Red Hat Enterprise Linux update for ES3, 4 and 5 caused some Perl applications to throw errors like these:

By default, Red Hat Enterprise Linux 4 sets the default character set in Apache to UTF-8.

On brand new Plesk 8.

I’ve seen quite a few situations where the Horde login process can take upwards of 45 minutes to log a user into the webmail interface.

Some users will want to parse HTML through the PHP parser because one of their applications requires it, or because they think it’s a good idea.

Since AOL sends their users’ traffic through proxy servers, this can cause problems with Horde’s session handling in Plesk.

When you create a CSR and private key to obtain an SSL certificate, the private key has some internal data called a modulus.

We all enjoy having the GoogleBot and other search engine robots index our sites as it brings us higher on search engines, but it’s annoying when some user scrapes your site for their own benefit.

Lots of PCI Compliance and vulnerability scan vendors will complain about TRACE and TRACK methods being enabled on your server.

This error completely stumped me a couple of weeks ago.

With Plesk 7.

Urchin sometimes takes it upon itself to do some weird things, and this is one of those times.

Should you find yourself in the situation where you’ve forgotten the Urchin admin password, don’t worry.

When Urchin’s task scheduler fails, you’ll notice big gaps in your data within Urchin.

If you need a quick self-signed certificate, you can generate the key/certificate pair, then sign it, all with one openssl line:

If you’ve used Plesk with a large amount of domains, you know what a pain running out of file descriptors can be.

With portinstall:

Making Java keystores at the same time as you create a CSR and key is pretty easy, but if you have a pre-made private key that you want to throw into a keystore, it can be difficult.

If something horrible happened to your Urchin license key or you need to replace it with something else, just run this command to change the key:

Installing snort from ports on FreeBSD is pretty straightforward, but there are some ‘gotchas’ that you need to be aware of.

If you have an open_basedir restriction that is causing issues with a domain, you can remove the restriction easily.

On some servers, you may notice that MySQL is consuming CPU and memory resources when it’s not processing any queries.

Thanks to a highly awesome technician on my team, we’ve discovered the perfect permissions setup for Joomla and Plesk:

If you need to strip query strings from a URL with mod_rewrite, you can use a rewrite syntax such as the following:

If you find that Horde (with Plesk) keeps refreshing when you attempt to log in, and there are no errors logged on the screen or in Apache’s logs, check the session.

To install PayFlowPro, you will need a few things:

If you have weird SSL errors and this one appears, you are trying to speak SSL to a daemon that doesn’t understand it:

As with most things, turning off SSLv2 in Lighttpd is much easier than in Apache.

WordPress uses .

It seems like lighttpd and Tomcat are at the forefront of what is ‘hot’ these days.

You may find that some sites do not work well if you omit a trailing slash on the URL.

Often times, the wonderful webmail application known as Horde will spin out of control and cause unnecessary resource usage and often cause defunct Apache processes to appear.

First, you have to get the certificate and key out of Windows in a pfx (PKCS #12) format.

If you can’t use PHP to force HTTPS, you can use mod_rewrite instead.

To force HTTPS with a PHP script, just put this snippet near the top:

The AWStats package in RHEL4/Centos4 and Plesk 8.

I rarely try to toot my own horn, but I’ve created a pretty handy site.

If your server is sending out spam because of some bad scripts, hunt that stuff down:

To disable SSLv2 server-wide on a Plesk server, add this in your /etc/httpd/conf.

If you want to hide the current version of Apache and your OS, just replace

Need to redirect all users except for yourself to another site until yours is live?

To make Apache write logs similar to IIS, toss this into your Apache configuration:

Add this to the Apache configuration:

If you’re looking to get PCI/CISP compliance, or you just like better security, disable SSL version 2.

First, check max_upload_size in php.

If you need to remove subdomains from the URL that users enter to visit your website, toss this into your VirtualHost directive:

If you’re not a fan of scientific notation, use this to calculate the apache bandwidth used from log files in MB:

Add this to the virtual host configuration if PHPLive says it has no session.

Remember, if you raise MaxClients for an MPM in Apache, you must raise the ServerLimit directive, which is normally set to 256 on most servers.