Overview https://securityheaders.io will give a score of how well placed the HTTP headers are on a site ranging from A+ to F (not sure what the R rating is for). Headers are a powerful meta (invisible to the naked eye) … Continue reading
The error relates to the SSL certificates defined in one of the site configuration. In my case the certificates were missing from the server so the error appear on the webpage when any users tried to access the page.
Overview I performed a reboot of my server running Apache 2 with SSL and found the sites were not loading when it came back up. Once the server was backup I assumed Apache had already started but none of the … Continue reading
Below are some of the tricks I use or found useful to try to mitigate unwanted attention. Whilst this is not a definitive guide these are simple quick things that can be done. This was written for Ubuntu but it … Continue reading
Another error and same problem as last time: the module was not loaded! Invalid command ‘Header’, perhaps misspelled or defined by a module not included in the server configuration $sudo a2enmod headers to enable the headers module $sudo service apache2 … Continue reading
I recently got the error message below when I was trying to reload Apache: Invalid command ‘ExpiresActive’, perhaps misspelled or defined by a module not included in the server configuration …fail! To fix it ensure the “expires” module is loaded: … Continue reading
I’d like to point out that I knew Basic Authentication in web servers were not bullet proof but in fact the total opposite (pointed out in the energy@home documents). This was hammered home when I was inspired to do some … Continue reading
Introduction SSL is used to encrypt data between the client e.g a user viewing a website to the web server which hosts the site. SSL uses certificates which are signed and verify the validity of a website. Like any vendor … Continue reading