Previously we talked about OCSP, OCSP Stapling and OCSP Stapling on Nginx. Now, we will configure OCSP Stapling In Apache 2.4 It is important to avoid some settings of OCSP Stapling on a production website as it can give errors like OCSP Response Expired or just in case of Nginx 502. Here is how to configure OCSP Stapling on Apache 2.4+ with full configuration. These are among TLS optimisazion. In … [Read more...]
Archives for June 2017
How To Add CAA Record : Dyn DNS With GeoTrust, Let’s Encrypt
In a previously published guide we talked about DNS CAA Record. Here is how to how to add CAA Record in Dyn DNS with GeoTrust. Let's Encrypt Etc certificates. At that time Dyn DNS has no way to add DNS CAA record. Perhaps this guide will help some of the users. You must add DNS CAA Record, as it is mandatory. If you are not using Dyn DNS, you can test their free trial for a week. In case you … [Read more...]
Optimizing Apache 2.x With TLS, HTTP/2 : Part 1
We have some previous guides to optimize Apache2 and optimize Nginx with TLS and HTTP/2 (if you are interested about them, please use the searching this website feature). Here is first part on optimizing Apache 2.x with TLS HTTP/2. In this guide we will optimise general performance part, not TLS and HTTP/2. There are a variety tools that can assist in determining if the server admin needs to alter … [Read more...]
sysctl.conf Tweaking In OpenVZ Virtual Server Instance
Many of the OpenVZ users try to tweak sysctl.conf and are returned with error. OpenVZ kernel offers a conservative and stable kernel. Here is some information on sysctl.conf tweaking in OpenVZ virtual server instance. Our all tweaks related to system is on dedicated servers, if we tweak any cloud server, we mention the name of the vendor along with the tweak. Applying tweaks for other system on … [Read more...]
List Of Needed Things For Arduino Wearable & IoT Projects
This is possibly an important guide to get started and protect not to get ripped off with marketing of Wearable & IoT projects. Here is a cost effective list of needed things for Arduino wearable & IoT projects which practical for LilyPad, Gemma, Flora, Yun Mini etc. Of course one need the full setup of DIY electronics for normal development boards starting from breadboard, multimeter to … [Read more...]
WordPress Brute Force And Mod Security
Previously we talked about some ways like using IPTables with Fail2Ban, configuring Apache Mod Security and getting flooded on Nginx XML-RPC attacks with odd error which near difficult to detect. Bruteforce attacks & xmlrpc attacks are common. We have many ways to handle them. Here is an article on WordPress Brute force and Mod Security. WordPress Brute Force And Mod … [Read more...]
Why Apache Is Superior Than Nginx?
We have lot of guides on Nginx configuration. Then why we are saying that odd statement as title? Why Apache is superior than Nginx? The person who developed Nginx, is an Apache HTTP Server expert. He realised at that time that, Apache, being a Free Software managed By Apache Software Foundation is not suitable to easily make money. It was obvious that at least at that time Apache was resource … [Read more...]
How To Perform Security Audits On Ubuntu 16.04 (With Lynis)
Security audit in our case is am automatic technical assessment of our server and web applications in the context of security by performing security vulnerability scans, reviewing application and operating system access controls some softwares or scripts. At the ens, we will gather a software generated audit report. Here is how to perform security audits on Ubuntu 16.04 with Lynis and other tools … [Read more...]
Harden Apache2 Server’s Security (Ubuntu 16.04 LTS)
In previous guide, we written how to get started with a blank server, configure Apache for HSTS and how to configure IPTables. This guide is applicable for cloud, dedicated & virtual dedicated server. Here is a detailed guide on how to harden Apache2 server's security on Ubuntu 16.04 LTS. Harden Apache2 Server's Security (Ubuntu 16.04 LTS) The default settings file … [Read more...]
Nginx IPV6 Reverse Proxy With SSL To Add IPV6 (Full Guide + Configs)
Previously we discussed about Nginx IPv6 reverse proxy with SSL to add IPV6 to IPV4 ONLYservers. In this guide we will write in an easy way the same matter in a way that any level of user who has no working experience with IPV6 can easily add own IPV6. Additionally we will give full working configurations. There are virtual servers like VPSDime or dedicated servers which does not cost a bomb … [Read more...]
Camera Remote Shutter Release Circuit (Basic)
The topic is old and we are not going to reinvent the wheel. We want to introduce readers to basic camera remote shutter release circuit. Not all of the readers and camera owners are aware that we actually can build pro grade remote shutter with Arduino, Raspberry Pi and display. However, basic electronic components can build remote shutter release and for your camera model, it is most important … [Read more...]