-
Solve Letsencrypt (including Certbot) problems caused by rogue .htaccess files
At RimuHosting we’re enthusiastic about how Let’s Encrypt gives website owners a great way to secure their websites. And certbot is the tool we usually recommend to get a Let’s Encrypt certificate. We find it’s easy to use and works well on recent distributions. However, sometimes issuing or renewing a certificate fails. A common reason…
-
LXD containers now available for Ubuntu
The latest Ubuntu LTS release, Xenial 16.04 , comes with support for a container system called LXD. LXD builds on the existing LXC container system, allowing for more convenient management of those containers. In this post I show how you can test out LXD containers on a Rimu VPS running Ubuntu 16.04. I assume you…
-
How to get an A pass SSL rating for your SSL website
Everyone wants security, and its ideal that your SSL certificates are also secure. With this in mind, websites like SSLLabs have a testing tool that is used to grade the SSL certificate installed on your server. Often people get a low ranking when its fairly easy to get an A. I could make this post…
-
Tuning apache for production use
Apache is probably the most common web service our customers use. It is an amazingly powerful and mature tool for serving all your website needs. And is very easy to get up and running with Our team is often asked to tune apache to run more smoothly, more quickly, and more reliably. With a few…
-
SSLv3 and securing against Poodle
If you are using SSL in your web server, you probably want to read this. Google recently published details about an attack that targets SSLv3. The exploit first allows attackers to initiate a “downgrade dance” that tells the client that the server doesn’t support the more secure TLS (Transport Layer Security) protocol and forces it…
-
Restarting Apache on deploy
Often we have customers who have larger websites they deploy, or even multiple websites they deploy , and they need the apache cache cleaned or even the application restarted. Often the reason people want this is so developers do not need to login with SSH, do not need root access, and things are just a…
-
Apache exploit may crash your server – heres how to fix it
We have picked up that there was an exploit in Apache which can result in your server running out of memory. the discovery was noticed quiet some time ago, but never fixed, and it seems to have reared its head publicly resulting in some people actively attacking. There is no patch for apache as yet,…
-
PCI compliance – a basic HOWTO
A lot of people are wanting to be PCI compliant these days, and this is generally a good thing. PCI compliance is not just a server spec, but a list of procedures, policies, controls over access to data. Therefore the server side is only one part of the process. It can be expensive and time…
-
mod_flvx – flv movies working with apache/apache2
Want to do some streaming of flv on your site? heres how! cd /usr/local/src wget http://people.apache.org/~pquerna/modules/mod_flvx.c apxs -i -a -c mod_flvx.c if apxs does not exist, then apxs2 should. If neither do then install the apache dev packages Debian based distros use apt-get install apache2-prefork-dev The module load will automatically be created for you usually,…
-
Its the small things that help
We have some users who own VPS who dont want to fork out for automated systems like Plesk or Virtualmin, but dont really want to deal with adding domains and email addresses all the time (and sometimes get lost) I decided today after one such user emailed us to add another 3 domains and bunch…