the ramblings of a crazed IT administrator
Posts tagged linux
Setting up WordPress on Nginx
0
Just a quick post with a handy link for anyone looking to get WordPress running under Nginx (an awesome and much faster alternative to Apache!), one of the big differences between Nginx and Apache is the lack of .htaccess files and a different way of handling re-write rules which can cause headaches if you are used to using the “pretty” links in WordPress, or any other plugin that relies on Apache mod_rewrite rules (such as WPSuperCache).
Thankfully (and after many hours of googling and trying various less than ideal configs), I found the perfect setup guide in the most obvious place (and the last place I looked), possible – the WordPress Codex section, so for anyone struggling with Nginx and WordPress, or wanting to streamline their configuration, give this guide a read:
New Year, New Host
2
Well, its 2011 already so I guess its time to start my promise to post more often (and even finish part 3 of my SSL guide!).
My first job for the year has been completed successfully as the site has been moved onto a new host, I finally cracked and moved back to managing my own server, this time I am using the highly recommended Linode who so far have been pretty awesome, for a small 512MB VPS everything has been flying along, even when compiling (yes, I run Gentoo on a server). So far everything feels a bit faster and at least I now have the freedom to fix problems that I find such as the annoying mod_security problem I hit where it was preventing me from having the words /etc/ssl together because it thought I was trying to hack the server rather than write about a linux configuration file!
Hopefully everything got moved over successfully, I haven’t been able to spot any problems but if you see anything let me know in the comments!
Damn you mod_security!
1So I was
attempting to write this series of SSL guides last week when I hit upon a problem, after playing around with Cygwin for a while I decided to update the first part of the series to use a different path to store the certificates as it made more sense and would be pretty common for anyone with any linux experience. Upon trying to save the updated posts however I kept getting 404 errors from WordPress, very odd as I hadn’t changed anything.
To cut a long story short and to avoid boring too many people it turns out that apparently including the text /etc /ssl (without the spaces obviously), appears to send my webhost into a security frenzy and drop the request! Yes, apparently my webhost decided to enable Apache’s mod_security feature and to then enable seemingly every part of it, including filtering all POST requests for anything slightly dangerous such as me even mentioning certain paths!
This just another reason why I want to ditch my current host and move back to managing everything myself using a VPS (probably linode), at least then I can make my own decisions on what balance of excessive security/actual usability I want to have.
</rant>
How to Create Self-Signed SSL Certificates (Part 1)
51 year ago
As more and more programs realise the importance of security many are turning to SSL to secure connections between clients and servers anyone who has spent any time with SSL probably knows that SSL certificates can be quite expensive. However there are times when it simply isn’t necessary to pay for an SSL certificate, there is an alternative, and even better is its free!
In this first guide I will explain how to generate your own Root Certificate and then in the next part I will show how you can then use this Root Certificate to sign your own certificates, the final part of this series will explain how to then deploy the certificate using Group Policy.
This magical alternative is to sign your own SSL certificates, however many people are put off this because of the warnings web browsers generate these days when then encounter a self-signed SSL certificate. For Internal deployments though, self-signed certificates are a perfectly valid option as it is possible to deploy the certificates so users don’t receive any warnings. Of course, even this can get tedious as for each new or renewed certificate you have to ensure this is deployed correctly for all your users, if you have a number of different web pages or web-apps that you want to secure this can quickly create additional work and take up time you could be spending on other things.
Don’t worry though, there is a better option! This is to become your own Root Certificate Authority and then use this to sign your certificates, that way all you need to do is to deploy the one Root Certificate to your users and then any certificate that you sign with it is automatically trusted and no warnings are displayed. This method allows you to secure any number of services or websites using an SSL certificate that you know will be accepted by their browser.
How to Install Cygwin
11 year ago
Cygwin is an awesome tool that allows you to access a Linux-like environment from within Windows, you get access to almost all the same binaries as a normal Linux install but without having to run a full-fledged Linux distribution, this can be very handy for when you either just want to learn one particular tool or make use of one particular program.
The best thing is that Cygwin is also really easy to install and use so even if you are a total Linux newbie there is no excuse not to give it a go.
Installing Cygwin is as simple as this:
