Tag: Old Posts

  • Obtain and install a free SSL certificate on Nginx

    Obtain and install a free SSL certificate on Nginx

    Until the past year I never really bothered to put my projects behind SSL. It always seemed like more of a hassle than it was worth, and I didn’t like the idea of paying $50+ for a properly-signed SSL certificate when none of my projects were commercial or transmitting sensitive information. As my projects become more elaborate, […]

  • Poodlebleed exploits SSL 3.0

    Poodlebleed exploits SSL 3.0

    Despite being 15 years old, and theoretically replaced by TLS, SSL 3.0 is still in widespread use. As luck would have it, yesterday Google researchers revealed a vulnerability in 3.0 which allows for the decryption of secure connections. Poodlebleed is a vulnerability in the design of SSL version 3.0. Poodle is actually an acronym for Padding Oracle…

  • Nginx and uWSGI configuration for Flask app deployment

    Nginx and uWSGI configuration for Flask app deployment

    For someone new to application or server deployment (or any field, really), the vast assortment of commands, arguments, variables, and parameters can be overwhelming. That’s why I encourage friends and coworkers to break those daunting projects into smaller, more digestible pieces. Once they understand what is right in front of them and can relate it…

  • Initial steps on a new Ubuntu 14.04 server

    Initial steps on a new Ubuntu 14.04 server

    Ubuntu 14.04 If you just logged in to a fresh installation of Ubuntu 14.04 (Trusty Tahr), there are a few steps you’ll want to take immediately to help secure your new server. The IP blocks used by the various VPS providers are constantly being scanned, and brute force attacks will begin even if you’re deploying…

  • A LAMP stack with Nginx is a LEMP stack

    A LAMP stack with Nginx is a LEMP stack

    LEMP stack not LNMP stack For years I’ve referred to a stack consisting of Linux, Nginx, MySQL/MariaDB, and PHP/Python/Perl as a LEMP stack. While using LEMP might seem odd at first, it actually makes a lot of sense given that Nginx is pronounced “engine x.” While I knew from my own searching that the term wasn’t heavily used, I didn’t…

  • Update Bash on Linux and Mac machines to protect against ShellShock vulnerability

    Update Bash on Linux and Mac machines to protect against ShellShock vulnerability

    If you have any Linux or Mac machines, you’ll want to update Bash due to a vulnerability announced by RedHat called ShellShock. This vulnerability allows an attacker to inject their own code into Bash using environment variable assignment. You can check if your machine is vulnerable by running the following at a Bash prompt: env…

  • Configure Redmine SMTP or Sendmail settings for outgoing email

    Configure Redmine SMTP or Sendmail settings for outgoing email

    Once you have Redmine up and running, you’ll want to configure it to send and receive emails. For this tutorial you’ll either need a locally installed Sendmail server or credentials for an SMTP server. If you don’t have either of these, you can create a Gmail account for your Redmine installation and use the SMTP…

  • Set up incoming Redmine email using mail server forwards

    Set up incoming Redmine email using mail server forwards

    By configuring Redmine to receive emails, you’ll be able to create issues and comments by email. There are two main methods: forwarding messages from your mail server or fetching them from a your POP3/IMAP. Forwarding Messages from Mail Server In order to forward messages directly to Redmine from your mail server, you’ll need to be…

  • Install Redmine with Nginx, Puma, and MariaDB/MySQL on Ubuntu 14.04

    Install Redmine with Nginx, Puma, and MariaDB/MySQL on Ubuntu 14.04

    Install Redmine on a LEMP stack On a whim I decided to try installing Redmine, the popular project management application written in Ruby on Rails. I don’t have any experience with Ruby, but there don’t seem to be any comparable open source Python options out there. Since I don’t plan on using Ruby for anything…

  • First Look at Google Domains

    First Look at Google Domains

    Google Domains A month and a half ago Google announced their new domain registration service, Google Domains. It’s still in beta so you need an invitation code to try it out. Luckily, I received an invitation just a couple days ago and it even came with a free one-year standard domain registration. Search and Registration…