Qualys offers a great tool that will check your server for SSL config issues, such as weak ciphers and outdated protocol versions.
I just noticed that my time machine backup (to a Synology NAS) was slow. As in… single-digit kilobytes per second, and then it got stuck completely. At first I thought this may be an issue with the Synology drive, but this turned out not to be true. In the log file of the Mac, I found a large number of these lines:
Sep 20 20:27:01 Ascalon.local mdworker: (Warning) Import: Bad path:
(Ascalon is the name of my Macbook Air.)
This seems to be indicative of a filesystem error. I turned out that in my case the offending drive was an old Kindle I had connected to my Macbook to charge – it does mount as a USB drive, similar to a flash memory stick. Anyway, once unplugged the Time Machine backup ran as fast as always.
I should probably note that the Kindle itself is not defective – disk scans give it a clean bill of health. So I have to assume that something in its folder structure is not compatible with Time Machine. Unfortunately I never connected the Kindle to my Macbook Air before, so I can’t say if this is a general issue or a bug of some sort after all.
Anyway, solution in this case: Unplug all USB drives one after the other, restart the Time Machine backup after each one to see which one offends, and then deal with that. You can use the disk check utility on your Mac, but please make sure you know what you are doing and do not accidentally erase it. (The Apple Knowledge Base is probably a good place to start.)
Yes. The CSR is your public key, which will be verified and signed by the certificate authority (CA) and returned to you afterward. It is this signed version you will then use in your application. It is useless without the private key, so even if someone makes a copy of it, they won’t be able to attack you.
However, this does mean that you must not send your private key out! If your private key gets stolen, the SSL certificate is compromised and must be revoked.
- Read about Public Key Infrastructure on Wikipedia
I’ve been looking for a utility that will clean disks for me – and I do realize this is no real substitute for shredding them. Anyway, scrub seems to do the job. However, when I tried to run it I got:
scrub: -X argument cannot exist
This had me stumped because I read it as “the -X argument cannot exist”, which seemed to make no sense whatsoever. And indeed it means “the argument to -X cannot be a directory that exists”. Simply running it with a new directory, like so:
root@server:/home# scrub -X /home/scrub scrub: using NNSA NAP-14.x patterns scrub: scrubbing /home/scrub/scrub.000 1073741824 bytes (~1GB) scrub: random |..^C |
works. It is notable that more current versions of scrub fix the error message to be more intuitive (mine was still 2.2).
On my personal blog, I set the main page to a static page. However, I also wanted a menu item to the blog posts. There was nothing in the Menu editor, but the solution is quite easy if you know how.
- Create and publish an empty page. I called mine “Blog”.
- In (Dashboard) -> Settings -> Reading, there is a drop down called “Posts page”. Select the empty page you just created. Save your changes.
- Under Appearance -> Menu add the Posts page to your menu. Save the menu.
When you now click on this menu item (or navigate to the page some other way) it will show the blog posts list as normal.
If you want to direct traffic from your http so that it gets encrypted, this is really easy to do in Apache:
Step one: Set up your https vhost:
<IfModule mod_ssl.c> <VirtualHost 10.1.1.1:443> DocumentRoot /var/www # other server options go here as needed # - logging for example SSLEngine on SSLCertificateFile /etc/ssl/certs/example.cert SSLCertificateKeyFile /etc/ssl/private/example.key # Add other SSL specific options as needed</pre> </VirtualHost> </IfModule>
Step two: Set up your http vhost:
<VirtualHost 10.1.1.1:80> ServerName my.example.com RedirectPermanent / https://my.example.com/ </VirtualHost>
We have previously posted more information on enabling SSL in Apache.
Obviously, instead of 10.1.1.1 and my.example.com you’ll have to use your own IP and hostname, whatever they may be.
Note that this will redirect everything from http to https. Finer control is possible, for example you could do:
RedirectPermanent /secure/ https://my.example.com/secure/
Or you could use RewriteRules for even more control. However, in the age of mass surveillance and constant threats from hackers, a general redirect to https is a good idea.
When I tried to update my Debian box, I got the following ominous error:
E: Could not perform immediate configuration on ‘python-minimal’.Please see man 5 apt.conf under APT::Immediate-Configure for details. (2)
It turns out that the fix/workaround/whatever you want to call it is fairly simple. The following worked for me:
apt-get install -o APT::Immediate-Configure=false -f apt python-minimal
Back in the good old days, I am pretty sure, all the PST related stuff was in the normal file menu. Not anymore. I wanted to create a new PST file and I had to look quite a while before I found it – Microsoft has it hidden quite well:
It’s in the Home ribbon, under “New Items -> More Items -> Outlook Data File”.
I never liked those Ribbons, but anyway, maybe this will save someone else ten minutes.
Moved my wordpress to a new server. I kept all paths etc intact, copied my VirtualHost and permissions were good, so I was at first surprised when my images didn’t show and redirects didn’t work. The cause was quickly found, however; it seems my old install had different settings hidden somewhere in the Apache configuration.
I guess there may also be different causes, but in my case I fixed it by adding this to my WordPress VirtualHost:
<Directory "/var/www/wordpress/"> Options Indexes FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory>
/var/www/wordpress is obviously the DocumentRoot of my WordPress install.
Hope this helps.