Overview Using EFF’s goal to encrypt the Internet has spawned a project to issue TLS certificates is a great idea and opens up certificates for everyone and not just for those with money. To balance certificates being miss used, EFF … Continue reading
Overview https://securityheaders.io will give a score of how well placed the HTTP headers are on a site ranging from A+ to F (not sure what the R rating is for). Headers are a powerful meta (invisible to the naked eye) … Continue reading
Overview Following my earlier post using Vbernat’s PPA to install the latest Haproxy on Ubuntu, there have been several minor versions since the original post. The steps below will show you how to upgrade to any version offered by Vbernat’s … Continue reading
Overview Apache’s HAProxy is a proxy software but it can also load balance between servers. The significance of version 1.5 is it’s ability to handle SSL connections where as before you needed to off load the connection to a different … Continue reading
It’s good practice to password protect any encryption keys but it’s not always practicle to do so. So in doing this it degrades security for convenience. Create a copy to backup the key in case something goes wrong: cp my.key … Continue reading
In line with most security recommendation I have updated OpenSSL to a patched version which does not contain the Heartbleed bug. In the mean time I have issued a password reset to all registered users. For more information
Overview Part 2 looked at the differences of AWS/IaaS to VPS. Part 3 will be looking at the cost after a period of time. Running Report The Amazon Web Services have been running for over 3 months with February running … Continue reading
The error relates to the SSL certificates defined in one of the site configuration. In my case the certificates were missing from the server so the error appear on the webpage when any users tried to access the page.