Browsed by
Category: Network

Multiple https websites on one IIS 7.5

Multiple https websites on one IIS 7.5

I wanted to use IIS 7.5 to host multiple sites under https. The only way I found so far is to have multiple IP addresses link to one server or configure multiple IP addresses on the server and use the IIS site bindings to listen to these alternate IP addresses. First of we need to configure our network card and add the new IP address to it. Go to the properties of your network card and select IPv4, then click…

Read More Read More

Certificate chain error fix on Linux

Certificate chain error fix on Linux

When checking your certificate on a site like the one from digicert. I’m often confronted with the following error: This means that your certificate doesn’t contain the full certification path (and that some parts can’t even be found in the default trusted authority store). To fix this error on a linux PC, navigate to your directory where you saved your .crt file and make sure you also have the other .crt files, that make up the chain, present there. Next…

Read More Read More

Take website offline in IIS

Take website offline in IIS

There is a very easy way to stop a website and provide your users with a nice “under maintenance” or “offline” page. Just create a new file in the root directory of your website and call it “app_offline.htm” Whatever the request to your site, users will always be served this page. Is you ever use publishing via visual studio, you will notice that during the publish this file is also created to let your users know maintenance is occurring on…

Read More Read More

Optimize SSL settings in Windows Server 2008

Optimize SSL settings in Windows Server 2008

SSL labs provides, through it’s website, a thorough free testing of an https enabled site. It has different rankings based on the (American) school grading system, where F is the lowest score and A++ the highest. Numerical Score Grade score >= 80 A score >= 65 B score >= 50 C score >= 35 D score >= 20 E score < 20 F In this post I will try and go through the steps to achieve an “A” rating for…

Read More Read More

Create certificate request with SHA256 on IIS 7

Create certificate request with SHA256 on IIS 7

Creating a CSR (or Certificate Singing Request) on an IIS 7 is pretty straight forward, but you end up with a request which uses the old SHA1 hashing method. Your certificate request will work, but the end result will be that your site might be vulnerable to SSL/TLS related attacks. So how to create a CSR that uses the SHA256 algorithm? All the information bellow can be found on ServerFault. First make a request.inf file. (Just use a text editor…

Read More Read More

Latest Redis on Debian 6 “Squeeze” using PPA

Latest Redis on Debian 6 “Squeeze” using PPA

Currently Debian 6 comes with a Redis database version of 1. If you enable Debian backports you can upgrade to version 2, but if you want the latest version you can do the following. vi /etc/apt/sources.list.d/redis.list add deb http://ppa.launchpad.net/chris-lea/redis-server/ubuntu lucid main You will get a GPG error: GPG error: http://ppa.launchpad.net lucid Release: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY B9316A7BC7917B12 Use apt-key to add the public key to the trusted keys apt-key adv…

Read More Read More

Enable web deploy on IIS 8 running on 2012 R2

Enable web deploy on IIS 8 running on 2012 R2

Web deploy enables a developer (or anyone with sufficient privileges) to build and deploy a website using visual studio or via the command line using MSBuild. An example of such a build command can be found in my previous posts. We use it mainly in our continuous integration environment to automatically build, test and deploy new code if a new commit to the git master branch was detected. Installation via web platform installer First you will need administrator rights to…

Read More Read More

Block WordPress login attempts when no WordPress is present

Block WordPress login attempts when no WordPress is present

I’ve set up LogWatch and saw these entries turning up every day. 404 Not Found /admin/wp-login.php: 2 Time(s) /administrator/index.php: 2 Time(s) /blog/wp-login.php: 2 Time(s) /section/wp-login.php: 2 Time(s) /site/wp-login.php: 2 Time(s) /wordpress/wp-login.php: 2 Time(s) /wp-login.php: 2 Time(s) /wp-login/: 2 Time(s) /wp/wp-login.php: 2 Time(s) /www.google.com/chrome: 1 Time(s) I decided to ban them using fail2ban, seeing as there is no reason to try and use a WordPress login, when there is no wp running on that server. I based this on https://github.com/miniwark/miniwark-howtos/wiki/Fail2Ban-setup-for-Apache. vi…

Read More Read More

A WordPress site secured with SSL and running on an nginx as a reverse proxy to an Apache

A WordPress site secured with SSL and running on an nginx as a reverse proxy to an Apache

Today I needed to transfer a WordPress site from one server to another. This proved more difficult then I tough. The new server is running an Nginx that serves as a reverse proxy to an Apache. The latter does, for example all the php stuff. It also serves only SSL pages and redirects all traffic on port 80 to 443. After a lot of “google’ing” and trial and error, this was what I needed to configure in the wp-config.php file….

Read More Read More

SSH config file

SSH config file

I learned a neat trick lately that has to do with SSH. If you are like me and use secure shell to connect to a remote box or for git push/pulls then you most likely be interested in this next little configuration file. As you probably know, all your ssh configurations and keys probably reside in the .ssh folder of your home directory. Go to this directory and use vim to create a file named config. vim ~/.ssh/config Lets add…

Read More Read More