et’s Encrypt is a new open source certificate authority that promises to provide free SSL certificates in a standardized, API accessible and non-commercial way. If you’ve installed SSL certificates in the past, you’re probably familiar with the process of signing up for a certificate with some paid for provider and then going through the manual process of swapping certificate requests and completed requests.
There are several features that are not available from the Settings menu, which you can only access using the chrome:// commands. Some of the features are available under both Menu and chrome:// commands. One of the most useful, underutilized and hidden features in Chrome is the network internals tools that you access by manually entering chrome://net-internals into your address bar. All chrome:// addresses need to be input by the user as links don’t work. It will immediately begin to start capturing network data, which you can stop by going to Capture at the top and clicking stop. You are able to see just about every aspect of Chrome’s internals from this area.
Among the various properties you are able to extract and analyze are:
Proxy, Events, Timeline, DNS, Sockets, Alt-Svc, HTTP/2, QUIC, SDCH, Cache, Modules, HSTS, Bandwidth, Prerender
Surprisingly this hasn’t been covered more thoroughly considering how many people are running NGINX as a reverse proxy for their back end CMS such as WordPress. This article will show you how to configure NGINX with SSL and redirect to non-www. If your WordPress installation is sitting behind a reverse proxy like NGINX, WordPress won’t be able to see the proper IP address of the client computer for your accurate statistics and reporting. Instead WordPress will show your reverse proxy instead of the correct client IP addresses. If you’re using Cloudflare then there are various plugins to fix that, for NGINX there is not. To […]
Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG). This is the biggest thing I’ve seen hit the internet in the last 5 years, and yet they opened to the public silently back in December 2015 as far as I know. You can go read more about them on their website. I will show you how I got my certificate for this website without using their automated agent software (since I’m running Amazon Linux, which certbot does not support yet). […]
How To Create Temporary and Permanent Redirects with Apache and Nginx
The below strong ciphers are copy/pastable for your Apache, NGINX, Lighttpd, haproxy, Postfix, Exim, ProFTPd, Dovecot, Hitch TLS Proxy, Zarafa, MySQL, DirectAdmin, PostgreSQL, OpenSSH Server/Client, Golang Server and UniFi Controller config mirrored directly from https://cipherli.st. They provide strong SSL security for all modern browsers, and you’ll obtain an A+ on the SSL Labs Test. In short, they: Set a strong Forward Secrecy enabled cipher suite Disable SSLv2 and SSLv3 Add HTTP Strict Transport Security and X-Frame-Deny headers Enable OCSP Stapling (except on Lighttpd, feature not supported yet) These examples are meant for sysadmins who have done this before (and sysadmins are […]