I had some sites on shared hosting environment for which I had to do http to https redirection with .htaccess file. I did 302 redirection intentionally so that in case of error, browser doesn’t cache redirection. You can aslo make permanent 301 redirect if needed.
This is nice and simple way to do it:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=302]
If you have web server on which there is a lot of virtual hosts, you may want to have one webroot directory for Letsencrypt SSL certificates only. So when Letsencrypt will make the requests for SSL registration or renewal, it will look in this directory. In this case I did this on CentOS 7 with NGINX web server.
First, let’s create directory what will be used for letsencrypt purposes. It must be writable by your web server user. You can define different path.
[root@machine ~]# mkdir -p /var/www/le-certs
[root@machine ~]# chown -R wwwuser:wwwgroup /var/www/le-certs
Letsencrypt will need access in “.well-known/acme-challenge”. For NGINX add something like this in your server block for desired virtual host.
location ~ /.well-known/acme-challenge/ {
root /var/www/le-certs/;
break;
}
You can also create new file named, for example le-config.conf and add block above in to it. Then you can simply include this line in your virtual hosts.
server {
listen :443 ssl http2;
server_name mywebsite.com www.mywebsite.com;
root /var/www/mywebsite/;
include le-config.conf;
...
}
In this case I used NGINX as reverse proxy for ssl offloading in front of Apache. On this WordPress installation I was getting 404 on all subpages. Htaccess syntax was correct as it was nginx configuration. In this case, problem was caused because of missing “AllowOverride” Apache directive which didn’t allow htaccess to be processed. I added “AllowOverride ALL” in apache configuration for this virtual host. Subpages started to work.
Example:
<VirtualHost *:8080> DocumentRoot /var/www/mysite.com/ ServerName mysite.com ServerAlias www.mysite.com <Directory "/var/www/mysite.com/"> AllowOverride All </Directory> </VirtualHost>
I installed NGINX and put it in front of Apache for SSL offloading and caching static content. Traffic is proxied from Nginx to Apache. When I tried to open site via https, it returned this painful error “Too Many Redirects”.
Try to add this in your wp-config.php – if you have everything else configured correctly, it should work:
$_SERVER['HTTPS'] = 'On';
[kofi]
I was migrating server and rsync all databases to new mariadb server. When tried to start mariadb on new server, I was getting this error:
Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Plugin 'InnoDB' init function returned error. Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Plugin 'InnoDB' registration as a STORAGE ENGINE failed. Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [Note] Plugin 'FEEDBACK' is disabled. Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Unknown/unsupported storage engine: InnoDB Apr 24 18:30:26 my.server.com mysqld[9703]: 2018-04-24 18:30:26 140298644924544 [ERROR] Aborting
Solution is to generate new ib_logfile0 and ib_logfile1 files. Just try steps bellow.
[root@lol ~]# cd /var/lib/mysql [root@lol mysql]# mv ib_logfile0 ib_logfile0-backup [root@lol mysql]# mv ib_logfile1 ib_logfile1-backup [root@lol mysql]# systemctl start mysql [root@lol mysql]# mysql Welcome to the MariaDB monitor.
It should work.
[kofi]
When sending zip archives that contains risky/secure content, you should always encrypt and password protect them. Especially when sending them to clients via email, Dropbox or some other public sharing method. To do that on Linux is very simple. You can do it with commands bellow. When executed you’ll be prompted to enter password.
When adding file, just do this:
zip --encrypt myarchive.zip myfile.txt
But when adding directory with subdirectorys and files, than you should always include “-r” flag to tell zip to use recursion. Otherwise you’ll end up with empty directory and see message like this “adding: behaviour.exchange/ (stored 0%)”
To add directory recursively:
zip --encrypt -r myarchive.zip mydir/
With YUM, upgrading php is simple as “yum install php”. This will install latest php version on your machine. But if you have multi different php modules that aren’t part of php package (eg. gd, mysqli …), than you can use this simple one liner and install all those modules at once.
Just run this as root:
php -m | grep -v "Modules" | while read i; do yum install php-$i -y; done
This will check for all currently installed php packages and will try to upgrade them.
If you see error like this in your mail logs, than chances are that your ClamAV is not able to process attachments files larger than limit set in clamav configuration. In this case, sender which sent email with larger attachment to your server, will get something like this in respond:
[10.10.10.10] #<[10.10.10.10] #5.0.0 smtp; 5.4.7 - Delivery expired (message too old) [Default] 451-'Temporary local problem - please try later' (delivery attempts: 75)> #SMTP#
In your mail log you’ll see something like this:
+++ 1e248B-000NMy-T6 has not completed +++ 1969-08-15 01:40:21 1e248B-000NMy-T6 malware acl condition: clamd : unable to send file body to socket (127.0.0.1) 1969-08-25 01:40:21 1e248B-000NMy-T6 H=some.hostname.com [1.1.1.1] X=TLSv1:RC4-SHA:128 CV=no F=<prvs=449d2f142=senders@email.com> temporarily rejected after DATA
To solve this, open your clamav.conf file (/etc/clamav.conf or find your location) and change value for StreamMaxLength according to your needs. Default value is 25M.
Don’t forget to restart your ClamAV.
© 2024 geegkytuts.net Hosted by SIEL
Recent Comments