Drupal Oddities

I have recently been trying out a number of content management systems (CMSes) on a server with Apache + FastCGI (PHP) as a backend, and Nginx as a frontend (reverse-proxy). Of these (WordPress, Joomla, MediaWiki, and Drupal) the only one to encounter any difficulties was Drupal (version 7). Installation Issues A number of content management… Continue reading Drupal Oddities

Using Wireshark to Debug FTPES through vsFTP

Using Wireshark to Debug FTPES through vsFTP While vsFTP is lightweight and has a relatively good track record, the verbosity of its logs is lacking. Without having an error logged, it can be considerably more difficult to find and resolve the problem. This issue is compounded when using an encrypted connection. After recently enabling FTP… Continue reading Using Wireshark to Debug FTPES through vsFTP

Configuring vsFTPd to use TLS

A typical FTP session, will send login information unencrypted. It is a fairly simple matter to configure vsftpd to use SSL/TLS and encrypt connections. You can either create a self-signed certificate for this purpose, or use an existing third-party issued certificate. Generate a self-signed certificate Firstly, we generate the private key (in this case, 2048… Continue reading Configuring vsFTPd to use TLS

Setting up SSL Login on WordPress

I decided that I wanted the login for this site to be over SSL/TLS, instead of unencrypted – at this time, I decided against having the admin area also running under SSL. This article describes how to accomplish the following: Preparation of private key and certificate signing request (CSR) Obtaining a free SSL certificate (from… Continue reading Setting up SSL Login on WordPress

Limiting brute-force attacks with IPTables

Update: a more comprehensive, tiered version of the procedure below is outlined in Escalating Consquences with ipTables. The material below is, however still applicable, and forms the basis for many more advanced implementations. For the past few weeks, I have noticed that the scale of attempted intrusions, on ssh, pop3, and ftp ports has increased… Continue reading Limiting brute-force attacks with IPTables

Website Optimizations, Part 2

While a significant portion of the content of this site is geared towards optimizations and efficiency, I think that summing up a few of those ideas in a single article can be helpful, and will follow nicely from the previous article on Website Optimizations. The major focus of the last article was content as opposed… Continue reading Website Optimizations, Part 2

AWS Instances with EBS Root Volumes

While instances backed with EBS-root volumes do cost a bit more than the equivalent instance-store images (there is a cost for I/O), they have certain advantages – persistence and ease of replacement being notable. This article will focus on the latter. As a quick side note before proceeding, it is possible to add ephemeral storage… Continue reading AWS Instances with EBS Root Volumes

Nginx and W3 Total Cache

With the increasing popularity of the lightweight nginx server, the latest developer build of W3 Total Cache, includes support for nginx. As nginx does not have directory specify files (e.g. .htaccess), the settings are intended to be added to one’s nginx.conf file. Before preceding, I simply cannot pass up an opportunity to extol the virtues… Continue reading Nginx and W3 Total Cache

Setting up TinyDNS on Amazon’s Linux

If you need to setup both a DNS Server and DNS Cache, consider http://www.fefe.de/djbdns/#splithorizon – there are some issues with the points below that need to be resolved (specifically the resolv.conf pointing to the dnscache, without pointing the dnscache at the djbdns). DNS nameservers serve the purpose of mapping a domain name to an IP address. Typically,… Continue reading Setting up TinyDNS on Amazon’s Linux