Make an Apache2 SSL server more secure
These easy steps will improve significantly the security of your Apache2 SSL server. Edit your /etc/apache2/mods-enabled/ssl.conf file and replace the SSLProtocol, SSLCipherSuite and SSLHonorCipherOrder parameters with the following values.
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3
Installing memcached to use it with php
February 14, 2015
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Ubuntu
Ubuntu 12.04
memcache
PHP
apache
Ubuntu 14.04
Installing Memcached with php support in Ubuntu is a matter of a few steps:
sudo apt-get install memcached php5-memcached
sudo service apache2 restart
You can test if memcached is active by running this command:
echo "stats settings" | nc localhost 11211
You will end up with a response like this one:
> STAT maxbytes 67108864
> STAT maxconns 1024
> STAT tcpport 11211
> STAT udpport 11211
> STAT inter 127.0.0.1
> ...
> STAT item\_size\_max 1048576
> STAT maxconns\_fast no
> STAT hashpower\_init 0
> STAT slab\_reassign no
> STAT slab\_automove 0
> END
Issues after upgrading to Ubuntu 14.04.1
September 7, 2014
· admin
Unix
Ubuntu
Ubuntu 14.04
After upgrading to Ubuntu 14.04.01, I ran into two issues: One with Apache2 and one with Samba 4.
Apache has been upgraded from 2.2.22 to 2.4.7. The content was no longer accessible. The site configuration directives Order, Allow and Deny such as
Order allow,deny
Allow from all
are now replaced with the Require directive. Detailed information can be found at Apache Module mod\_authz\_core.
Samba has been upgraded from version 3.6.3 to 4.1.6. The "valid users" behavior changed. It works if the user given in the "force user" directive is listed in the "valid users". For example, datacloud has to be listed in the "valid users".
valid users = ctheroux,datacloud
force user = datacloud
How to rename a user in Linux
May 20, 2014
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Ubuntu
Linux
Ubuntu 12.04
Ubuntu 14.04
Simply issue this command:
usermod -m -d /home/new-account-name -l new-account-name old-account-name
It creates the home directory if it does not exists. It also copy the stuff of the old user into the new user account.
How to use the command line to make the internal speaker beep
March 1, 2014
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Linux
Ubuntu 12.04
Two simple steps:
Install the beep utility. Executing beep on the command line will make the internal speaker beep.
apt-get install beep
Add pcspkr to /etc/modules to load it at boot time. You can load it manually by executing
modprobe pcspkr
How to prevent SSHD to listen on an address family
March 1, 2014
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Ubuntu
SSH
Ubuntu 12.04
It is possible to control on which address family sshd will listen to. In /etc/ssh/sshd\_config, simply add
AddressFamily any
to listen to IPv4 and IPv6 addresses. This is the default. Alternatively, add one of these to listen only to IPv4 (inet) or IPv6 (inet6) respectively.
AddressFamily inet
AddressFamily inet6
How to assign a static IP address in Ubuntu
February 23, 2014
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Ubuntu
Linux
Ubuntu 12.04
Setting a static IP address in Ubuntu involves editing /etc/network/interfaces. If the interface is currently using DHCP, you will find these lines in the file.
auto lan
iface lan inet dhcp
You will have to replace the above lines with a section that looks like:
auto lan
iface lan inet static
address 192.168.1.80
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.200
dns-nameservers 8.8.8.8
Make the changes effective by either rebooting or by issuing this command:
sudo /etc/init.d/networking restart
How to change the network interface name in Ubuntu 12/13
February 22, 2014
· admin
Unix
Ubuntu
Linux
Ubuntu 12.04
Two files need to be modified to change the name of a network interface in Ubuntu. For example, if you want to change eth0 for lan, simply change the NAME attribute from eth0 to lan in these files and reboot. Do not modify the KERNEL attribute.
/etc/udev/rules.d/70-persistent-net.rules
/etc/network/interfaces
How to find duplicate files on Linux?
August 18, 2013
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Ubuntu
Linux
Ubuntu 12.04
It is pretty straight forward in Linux, install fdupes.
sudo apt-get install fdupes
Type the following command to display the documentation
man fdupes
Accessing a serial port from a web server
May 19, 2013
· admin
Ubuntu 11.10
Unix
Ubuntu 11.04
Ubuntu
Raspberry PI
Wheezy
Ubuntu 12.04
On most Linux distribution, it is impossible to access a serial port (ex. /dev/ttyS0) from a web server such as Apache or lighttpd using a cgi. Simply add the user under which the web server runs (www-data for example) to the group dialout. To do so, use vigr from the command line and add the user on the dialout group line. Such a line will typically look like:
Tags
- All
- 3D Printing
- ABS
- Android
- apache
- Arduino
- ARPI600
- ASUS
- automation
- Battlefield
- Blogroll
- Certificate
- Chrome
- Cree
- Cura
- Database
- Debian
- Eclipse
- Electronic Component
- ESP8266
- Firewall
- Games
- GCode
- General
- GIT
- GitHub
- GO2NFC
- Handbrake
- Hardware
- Internet of Things
- IoT
- Java Applets
- Linux
- MAC OS X
- Management
- Mantis
- Marlin
- memcache
- Mountain Lion
- MySQL
- Networking
- NodeMCU
- NVIM
- object
- Octoprint
- openssl
- Photos
- PHP
- phpMyAdmin
- PN532
- postfix
- Prusa Mendel
- Ralink
- Raspberry PI
- RaspberryPI
- Raspbian
- Router
- RT5572
- SSH
- STM32
- Tomcat
- Trinket
- Ubuntu
- Ubuntu 11.04
- Ubuntu 11.10
- Ubuntu 12.04
- Ubuntu 14.04
- Ubuntu 15.04
- Ubuntu 20.04
- Unity
- Unix
- Video
- Virtual Box
- Wheezy
- WiFI
- Windows
- Windows 8
- Wink
- WordPress