Having HTTPOnly and Secure in HTTP response header can help to protect your web applications from cross-site scripting and session manipulation attacks. There are two ways to configure HTTPOnly Secure Cookie Attribute in Nginx. Continue reading
Dec 05 2017
The target principal name is incorrect. Cannot generate SSPI context.
It is a good practice to use a domain or service account to run the SQL service.
However, once you do the right thing and change the SQL Service account, you may start getting the following error message when attempting to connect to the sql server:
“The target principal name is incorrect. Cannot generate SSPI context.” Continue reading
Nov 28 2017
Apache SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
For Apache error message is:
[Tue Jan 23 12:51:37 2017] [error] Unable to configure RSA server private key
[Tue Jan 23 12:51:37 2017] [error] SSL Library Error: 185073780 error:0B080074:
x509 certificate routines:X509_check_private_key:key values mismatch
Nov 28 2017
nginx SSL error key values mismatch
The error
nginx SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
can happen for a chain of certificates merged in one .crt file. The reason is that nginx tries to apply a private key to the first certificate in a crt file. nginx needs that the first certificate in a .crt file would be a server certificate. Thus the correct order in a .crt file will be the following: Continue reading
Nov 15 2017
Fail2ban installation and configuration on CentOS
In this article I’ll describe how to protect Asterisk from hacking attempts with Fail2ban in CentOS Linux. Fail2Ban is a standard Linux tool used to scan log files and then block IP’s found in those log files using iptables. Fail2ban depends completely on the application (in this case Asterisk) to detect any intrusion/failure and log the user data, upon which fail2ban can then act. Fail2ban does not provide any type of intrusion detection, hack detection, etc., it depends completely on Asterisk to do that.
Nov 11 2017
How to generate a FAX compatible multi-page TIFF from a PDF
This is an excellent question, as a reliable answer is amazingly hard to find on the Internet. Most advice works for some PDF files, but not for others. The following commands appear to work OK for any PDF file. If you can find PDF files for which these commands fail, please report this.
Ghostscript is the key tool for converting PDF files to FAX compatible TIFF files. You may see other programs being used for this job, but behind the scenes they usually use Ghostscript to do the hard work. Continue reading
Nov 11 2017
How To Install And Configure Mailman On Ubuntu
In this tutorial I will configure a virtual host with the hostname lists.example.com where I will install Mailman. lists.example.com is also the right part of the mailing list email addresses that will be configured in Mailman, i.e., mails to a mailing list will have to be sent to the address <listname>@lists.example.com.
As your hostname will be different, please adjust this tutorial accordingly. Also make sure that your hostname exists in DNS.
Mailman can be used with many mail servers (e.g. Postfix, Exim, Sendmail, Qmail). I will use Postfix in this tutorial. Make sure you have a working Postfix installation. Continue reading
Nov 06 2017
Enable Apache event MPM with php-fpm
Starting from version 2.4 Apache offers 3 MPM (Multi-processing Module) we can choose from, depending on your needs.
- The
prefork MPMuses multiple child processes without threading. Each process handles one connection at a time without creating separate threads for each. Without going into too much detail, we can say that you will want to use this MPM only when debugging an application that uses, or if your application needs to deal with, non-thread-safe modules like mod_php. - The
worker MPMuses several threads per child processes, where each thread handles one connection at a time. This is a good choice for high-traffic servers as it allows more concurrent connections to be handled with less RAM than in the previous case. - Finally, the
event MPMis the default MPM in most Apache installations for versions 2.4 and above. It is similar to the worker MPM in that it also creates multiple threads per child process but with an advantage: it causes KeepAlive or idle connections (while they remain in that state) to be handled by a single thread, thus freeing up memory that can be allocated to other threads. This MPM is not suitable for use with non-thread-safe modules like mod_php, for which a replacement such a PHP-FPM must be used instead.
Nov 03 2017
Skype for Business offline messaging
Beginning with build 16.0.6701.1000 Click-to-run of Skype for Business 2016 client, you can now send IM messages to contacts that are offline.
Offline IM is a client side feature built into Skype for Business client (2016 C2R build 16.0.6701.1000 or higher) that leverages Exchange Web Services (EWS) to send messages from the Skype for Business client to a recepient’s Exchange mailbox. EWS must be available to the Skype for Business client for Offline messages to be sent. Continue reading
Nov 02 2017
Deprecated Linux networking commands and their replacements
Specifically, the deprecated Linux networking commands in question are: arp, ifconfig, iptunnel, iwconfig, nameif, netstat, and route. These programs (except iwconfig) are included in the net-tools package that has been unmaintained for years and since CentOS 7 it’s deprecated and not installed in a system by default. The functionality provided by several of these utilities has been reproduced and improved in the new iproute2 suite, primarily by using its new ip command. Continue reading
Stay tuned! :)
