mobile logo

Posts tagged Apache

We encounter many scenarios where using the latest version of PHP is required. No great way, aside from downloading the PHP5 source and compiling, is available. That is, until you discover then IUS Community Project. What is the IUS Community Project? The IUS Community Project is an effort to package rpms of the latest stable versions of the most commonly requested software on Red Hat Enterprise Linux and CentOS.   IUS provides a better way to upgrade PHP/MySQL/Python/Etc on RHEL or CentOS.  The project is run by professional Linux Engineers that are primarily focused on RPM Development in the web hosting industry. What …

Read More

We deal with security related issues nearly every day. Many of these issues could be prevented with a few minor changes to php.ini along with the installation of mod_security. It is simply amazing how many machines are hacked, and then used for the sole purpose of sending spam, denial of service (DoS) attacks or Botnets. Security is a practice of managed risk. The strength of your system security is directly related to your commitment to managing your server. It is not realistic, or possible, to guarantee your system is completely secure. This will be an evolving document, please feel free …

Read More

To redirect a website from http -> https I utilized mod_rewrite. And created a .htaccess file with the following contents. $ cat .htaccess Options FollowSymLinks RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*) https://your_server.com/$1 This can be useful if you need to ensure all access to your site, is done via HTTPS.

Read More

The typical process for creating an SSL certificate is as follows: # openssl genrsa -des3 -out www.key 2048 Note: When creating the key, you can avoid entering the initial passphrase altogether using: # openssl genrsa -out www.key 2048 At this point it is asking for a PASS PHRASE (which I will describe how to remove): Enter pass phrase for www.key: # openssl req -new -key www.key -out www.csr Next, you will typically send the www.csr file to your registrar. In turn, your registrar will provide you with the .crt (certificate) file. From a security standpoint utilizing a passphrase, is a good thing, but from a …

Read More