apache2

Server version: Apache/2.4.6 As per the documentation at [1], "In 2.4.5 and later, SSLProxyCheckPeerCN has been superseded by SSLProxyCheckPeerName, and its setting is only taken into account when SSLProxyCheckPeerName off is specified at the same time." So adding following entry did the trick: SSLProxyCheckPeerName off So my working config looks like...

Read More
apache2

Disable directory listing on Apache; but access to individual files should be allowed. If you are using Debian/Ubuntu, just go to terminal and type sudo a2dismod autoindex sudo service apache2 restart If you are using Centos/Fedora, just do: mv /etc/httpd/conf.d/autoindex.conf /etc/httpd/conf.d/autoindex.bkp /etc/init.d/httpd restart # sudo a2dismod autoindex WARNING: The following essential module will be disabled. This might result in unexpected behavior and should NOT be done unless you know exactly what you are doing! autoindex To continue...

Read More
linux

Step 1: Ensure Passwords Expire In most cases, passwords are configured to expire every 60 to 90 days. If you want to configure Ubuntu to force users to change password regularly, you can run the commands below to open the login.defs file. sudo vi /etc/login.defs For example, if you want account password to be changed every 60 days, and the number of days before it changes again, edit the...

Read More
letsencrypt

Here are instructions for obtaining a Let's Encrypt certificate using the same webserver you are using as a proxy. Requesting your initial certificate from Let's Encrypt Modify your server clause to allow the subdirectory .well-known to be served from a local directory, eg: server { listen 80; server_name sub.domain.com www.sub.domain.com; […] location /.well-known { ...

Read More
mysql

Show a list of active threads show processlist; Review the Time field to identify the longest-running query and run the following command to kill it: kill < thread_id >; Kill All Queries If a large number of bad requests are blocking valid queries, you can clear them out without having to run kill on every individual thread. Execute the following to generate kill commands from the PROCESSLIST table: kill all processes' FROM...

Read More
linux

Introduction A "LAMP" stack is a group of open-source software that is typically installed together to enable a server to host dynamic websites and web apps. This term is actually an acronym which represents the Linux operating system, with the Apache web server. The site data is stored in a MySQL database, and dynamic content is processed by PHP. In this guide, we will install a LAMP...

Read More
letsencrypt

OPTIONAL - Install software-properties-common # apt-get install software-properties-common Step 1 — Download the Let’s Encrypt Client # sudo add-apt-repository ppa:certbot/certbot # apt-get update # apt-get install python-certbot-apache Step 2 — Set Up the Certificates Generating the first SSL certificate # sudo certbot --apache -d skayal.com   Generating the second SSL certificate # sudo certbot --apache -d test.com -d www.test.com Step 3 — Set Up Auto-Renewal # sudo crontab -e Add 15 3 * * * /usr/bin/certbot renew --quiet Verify status...

Read More
cli

$ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/Users/soumitrakayal/.ssh/id_rsa): /Users/soumitrakayal/.ssh/id_rsa already exists. Overwrite (y/n)? Y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /Users/soumitrakayal/.ssh/id_rsa. Your public key has been saved in /Users/soumitrakayal/.ssh/id_rsa.pub. The key fingerprint is: SHA256:vjEspXxl177C1ksL2Q3iKmnKl6/WtAJnYkEuxSsddtA soumitrakayal@CodeDevX.int.hslc.org The key's randomart image is: +---[RSA 2048]----+ | ..o | | * E | | * + | | o = . | | o .S o...

Read More