What more could you want?
Web
Add your www with mod_rewrite
Jul 28th
It’s been said a million times, why do we need the www in the URL? The answer is simple: we want our sites to look professional. Here’s how to automatically prepend the www when some crazy hippie forgets it.
In the LoadModules section of the config, make sure mod_rewrite is enabled. On Red Hat or CentOS (or most others) it is by default:
In your LoadModules section, make sure that mod_rewrite is enabled. On Red Hat and CentOS, it is by default:
# grep mod_rewrite /etc/httpd/conf/httpd.conf
LoadModule rewrite_module modules/mod_rewrite.so
In your VirtualHost container (or, to get fancy, in a .htaccess file), add the following lines:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/[^\.]+[^/]$
RewriteRule ^(.*)$ http://%{HTTP_HOST}/$1/ [R=301,L]
Voíla. Bounce Apache, and visit. Make sure you’re cool enough not to type “www.”
/cs
Webmin Java-based File Manager and Mac, Safari
Jun 4th
So, Mac uses their own Java, and Webmin doesn’t like it.
I’ve found that opening Applications ->Utilities -> Java Preferences.app and clearing the cache helps. Click the Network tab, and click “Delete Files…” Optionally, uncheck “Keep temporary files for fast access” to make the fix permanent.
Hope this helps!
/cs
Plesk 9 and PCI compliance
Apr 14th
The basics are easy, as one can attest with a Google search: Apache, Mail, etc.
But, I’ve found that the Plesk CP for Plesk 9 doesn’t run on Apache, it runs on Lighttpd. To disable weak ciphers on a Plesk/Red Hat box, edit /etc/sw-cp-server/applications.d/plesk.conf and add this line:
ssl.cipher-list = “TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH”
I don’t know if you can add it just anywhere, but you ought to be able to. Personally, I put it between the “include_shell” and “index-file.names” lines in the conf, line 11. After all that, issue “service psa restart” and you’re good to go.
You can test the setup using this command:
# openssl s_client -connect localhost:8443 -ssl2
Run that from the box itself, either as root or as a regular user. It gave me a “Connection reset by peer” error on SSLv2 connection. This is expected, and means that SSLv2 has been successfully disabled. Go run that scan again.
Also, keep in mind the recent “Plesk broke openssl” (or vice-versa) fiasco.
/cs
GPG, Mail 4.2, Snow Leopard, and Happiness
Feb 5th
I discovered Cyanide and Happiness on YouTube the other day. It’s hilarious.
Also, I found a way to use GPG signing and encryption in Apple’s Mail app.
First, quit Mail. I know it’s hard, but you can do it!
Second, back up your GPG keys and REMOVE YOUR EXISTING ~/.gnupg directory if it exists. The configuration file that already exists somehow conflicts with the pinentry app that prompts for your GPG password. I back up my keys this way:
$ gpg -a –export me@ozymo.com >> me_ozymo.com.asc$ gpg -a –export-secret-key me@ozymo.com >> me_ozymo.com.asc
Note that this will store your PRIVATE key in the file as well. This is necessary for importing, but not ideal to keep around on some random computer. Use your head.
Third, download this file. If you don’t trust me, look here on page 6. Or here. Same file. Once it downloads, drag it into ~/Library/Mail/Bundles. If there is already a GPGMail.mailbundle there, remove it and drop the new one in place.
Fourth, open Mail.
Fifth, be happy. And check out Cyanide and Happiness. It’s REALLY funny. I laughed my ass off and sewed it to a chair.
/cs
Mosso Hosting gets Rave Review from Sys Admin
Sep 25th
Mosso, the Cloud Hosting offering from market-leading hosting provider Rackspace, has received a rave review about their on-the-fly scalability under load.
Mosso is a hosting platform that allows you to be flexible with your configuration. Their Linux offering includes PHP 4 & 5, MySQL 4 & 5, Ruby on Rails, Perl, and Python technologies for building your application. Their cloud is, from their website, “an advanced, enterprise-level hosting platform that beats the pants off of running your own servers – and scales easier, too.”
The platform is easy on the budget, too. I’d rather not talk numbers here, so, contact Mosso for more information!
/cs