Make an Apache2 SSL server more secure June 3, 2015
Antre du Tryphon
Search

Make an Apache2 SSL server more secure

June 3, 2015 · admin Unix Ubuntu Linux Debian apache
These easy steps will improve significantly the security of your Apache2 SSL server. Edit your /etc/apache2/mods-enabled/ssl.conf file and replace the SSLProtocol, SSLCipherSuite and SSLHonorCipherOrder parameters with the following values. SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLHonorCipherOrder on SSLProtocol all -SSLv2 -SSLv3

How to Install libnfc for PN532 NFC Readers on Linux

Installing libnfc for PN532 based NFC reader is not exactly as described in the documentation. Some information is scattered in the documentation. This installation guide has been tested with the GO2NFC GO2NFC141U NFC Reader and the Adafruit PN532 NFC/RFID controller breakout board. 1) Install the dependencies: sudo apt-get install libusb-0.1-4 libusb-dev libpcsclite1 libpcsclite-dev libccid pcscd 2) Create the configuration directory sudo mkdir -p /etc/nfc/devices.d/ 3) Create the file /etc/nfc/devices.d/pn532\_uart.conf containing name = "PN532 board via UART" connstring = pn532_uart:/dev/ttyACM0 allow_intrusive_scan = true Replace ttyACM0 with ttyUSB0 if you are using the Adafruit reader. 5) Create the file /etc/nfc/libnfc.conf containing allow_autoscan = true 6) Download the libnfc library at https://bintray.com/nfc-tools/sources/libnfc. Decompress the archive somewhere. Go into the libnfc-x.x.x directory. 7) Build the library sudo ./configure --sysconfdir=/etc --prefix=/usr --with-drivers=pn532_uart sudo make sudo make install 8) Test your installation. Execute the command utils/nfc-scan-device. You should get an output similar to this one: nfc-scan-device uses libnfc 1.7.1 1 NFC device(s) found: - pn532_uart:/dev/ttyACM0: pn532_uart:/dev/ttyACM0

How To Setup an Internet Gateway using Ubuntu

Setting up an Internet Gateway using Ubuntu is pretty straight forward. In order to do so, you will need:

Installing memcached to use it with php

Installing Memcached with php support in Ubuntu is a matter of a few steps: sudo apt-get install memcached php5-memcached sudo service apache2 restart You can test if memcached is active by running this command: echo "stats settings" | nc localhost 11211 You will end up with a response like this one: > STAT maxbytes 67108864 > STAT maxconns 1024 > STAT tcpport 11211 > STAT udpport 11211 > STAT inter 127.0.0.1 > ... > STAT item\_size\_max 1048576 > STAT maxconns\_fast no > STAT hashpower\_init 0 > STAT slab\_reassign no > STAT slab\_automove 0 > END

phpMyAdmin session timeout

October 9, 2014 · admin Ubuntu Ubuntu 14.04 phpMyAdmin
phpMyAdmin session timeout is controlled through two parameters. The first one can be found in /etc/php5/apache2/php.ini. It is called session.gc\_maxlifetime. The other one can be found in the phpMyAdmin configuration file often named /etc/phpmyadmin/config.inc.php. The name of the parameter is LoginCookieValidity. The one located in /etc/php5/apache2/php.ini superseeds the one given in /etc/phpmyadmin/config.inc.php if it is smaller. phpMyAdmin might also have a local php.ini that can override /etc/php5/apache2/php.ini.

Issues after upgrading to Ubuntu 14.04.1

September 7, 2014 · admin Unix Ubuntu Ubuntu 14.04
After upgrading to Ubuntu 14.04.01, I ran into two issues: One with Apache2 and one with Samba 4. Apache has been upgraded from 2.2.22 to 2.4.7. The content was no longer accessible. The site configuration directives Order, Allow and Deny such as Order allow,deny Allow from all are now replaced with the Require directive. Detailed information can be found at Apache Module mod\_authz\_core. Samba has been upgraded from version 3.6.3 to 4.1.6. The "valid users" behavior changed. It works if the user given in the "force user" directive is listed in the "valid users". For example, datacloud has to be listed in the "valid users". valid users = ctheroux,datacloud force user = datacloud

How to rename a user in Linux

Simply issue this command: usermod -m -d /home/new-account-name -l new-account-name old-account-name It creates the home directory if it does not exists. It also copy the stuff of the old user into the new user account.

preinst: line 118: a2query: command not found

May 4, 2014 · admin Ubuntu apache Ubuntu 14.04
If you are getting the following errors while trying to install Apache on Trusty (Ubuntu 14.04), execute the commands below and try to re-install it. Preparing to unpack .../apache2_2.4.7-1ubuntu4_amd64.deb ... /var/lib/dpkg/tmp.ci/preinst: line 118: a2query: command not found dpkg: error processing archive /var/cache/apt/archives/apache2_2.4.7-1ubuntu4_amd64.deb (--unpack): subprocess new pre-installation script returned error exit status 1 Errors were encountered while processing: /var/cache/apt/archives/apache2_2.4.7-1ubuntu4_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1) The commands to resolve this issue are: dpkg --fsys-tarfile /var/cache/apt/archives/apache2_2.4.7-1ubuntu4_amd64.deb | tar xOf - ./usr/sbin/a2query > /usr/sbin/a2query chmod 755 /usr/sbin/a2query Replace /var/cache/apt/archives/apache2\_2.4.7-1ubuntu4\_amd64.deb with the name of the file given in the error messages. Note that the first command is splitted on two lines in the above. So, copy both lines at once before pasting it in a terminal window.

How To Restore Skype Status Bar Icon In Ubuntu 14.04

April 28, 2014 · admin Ubuntu Ubuntu 12.04 Ubuntu 14.04
After installing Skype on Ubuntu 14.04, there is no icon in the status bar. To restore it, simply execute the following command: sudo apt-get install sni-qt:i386. This procedure works on the 64 bits version of Ubuntu.

How to display the version of Ubuntu you are running

April 18, 2014 · admin Ubuntu 11.10 Ubuntu 11.04 Ubuntu Ubuntu 12.04
From a terminal window, type in: lsb_release -a