We deal with security related issues nearly every day. Many of these issues could be prevented with a few minor changes to php.ini along with the installation of mod_security. It is simply amazing how many machines are hacked, and then used for the sole purpose of sending spam, denial of service (DoS) attacks or Botnets.

(more…)

Share This

To redirect a website from http -> https I utilized mod_rewrite. And created a .htaccess file with the following contents.

$ cat .htaccess
Options FollowSymLinks
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^(.*) https://your_server.com/$1

This can be useful if you need to ensure all access to your site, is done via HTTPS.

Share This

The typical process for creating an SSL certificate is as follows:

 # openssl genrsa -des3 -out www.key 1024

At this point it is asking for a PASS PHRASE (which I will describe how to remove):

 Enter pass phrase for www.key:

 # openssl req -new -key www.key -out www.csr

Next, you will typically send the www.csr file to your registrar. In turn, you should receive a key.
(more…)

Share This