I have recently been trying out a number of content management systems (CMSes) on a server with Apache + FastCGI (PHP) as a backend, and Nginx as a frontend (reverse-proxy). Of these (WordPress, Joomla, MediaWiki, and Drupal) the only one to encounter any difficulties was Drupal (version 7). Installation Issues A number of content management… Continue reading Drupal Oddities
Category: Systems Admin
Topics dealing with servers – specifically setup and operation, in particular on Amazon’s cloud computing infrastructure.
Streaming Media from Cloudfront
As with many AWS products, Cloudfront helps to level the playing field a bit – allowing the individual to have access to the same technologies available to large corporations – of course, that doesn’t always make it cost effective, but it is still pretty cool. The focus of this article is how to leverage the… Continue reading Streaming Media from Cloudfront
Using Telnet with an SMTP Server
Despite having been around for a long time, telnet is an invaluable tool for testing a mail server. It allows one to pinpoint errors in the process – some which are not logged – and to quickly validate that things are working. Moreover, it enables one to get a better understanding of what their mail… Continue reading Using Telnet with an SMTP Server
Using Wireshark to Debug FTPES through vsFTP
Using Wireshark to Debug FTPES through vsFTP While vsFTP is lightweight and has a relatively good track record, the verbosity of its logs is lacking. Without having an error logged, it can be considerably more difficult to find and resolve the problem. This issue is compounded when using an encrypted connection. After recently enabling FTP… Continue reading Using Wireshark to Debug FTPES through vsFTP
Configuring vsFTPd to use TLS
A typical FTP session, will send login information unencrypted. It is a fairly simple matter to configure vsftpd to use SSL/TLS and encrypt connections. You can either create a self-signed certificate for this purpose, or use an existing third-party issued certificate. Generate a self-signed certificate Firstly, we generate the private key (in this case, 2048… Continue reading Configuring vsFTPd to use TLS
Setting up SSL Login on WordPress
I decided that I wanted the login for this site to be over SSL/TLS, instead of unencrypted – at this time, I decided against having the admin area also running under SSL. This article describes how to accomplish the following: Preparation of private key and certificate signing request (CSR) Obtaining a free SSL certificate (from… Continue reading Setting up SSL Login on WordPress
Limiting brute-force attacks with IPTables
Update: a more comprehensive, tiered version of the procedure below is outlined in Escalating Consquences with ipTables. The material below is, however still applicable, and forms the basis for many more advanced implementations. For the past few weeks, I have noticed that the scale of attempted intrusions, on ssh, pop3, and ftp ports has increased… Continue reading Limiting brute-force attacks with IPTables
Website Optimizations, Part 2
While a significant portion of the content of this site is geared towards optimizations and efficiency, I think that summing up a few of those ideas in a single article can be helpful, and will follow nicely from the previous article on Website Optimizations. The major focus of the last article was content as opposed… Continue reading Website Optimizations, Part 2
AWS Instances with EBS Root Volumes
While instances backed with EBS-root volumes do cost a bit more than the equivalent instance-store images (there is a cost for I/O), they have certain advantages – persistence and ease of replacement being notable. This article will focus on the latter. As a quick side note before proceeding, it is possible to add ephemeral storage… Continue reading AWS Instances with EBS Root Volumes
Growing an EBS Volume
One of the great uses of EBS volumes is there persistence, however, there often comes a time when the data outgrows the original size of the volume. It is a fairly easy matter to remedy this, however, there does tend to be a moment of downtime. While many filesystems do have a method for ‘growing’,… Continue reading Growing an EBS Volume
Migrating from S3 to Cloudfront
Amazon’s S3 is, as the name suggests, simple storage. It allows for the remote storage of static files, and will serve them on request. While it can be advantageous to use on a website, it is not a true content delivery network, as files are served from a single location (the server hosting the bucket).… Continue reading Migrating from S3 to Cloudfront
Nginx and W3 Total Cache
With the increasing popularity of the lightweight nginx server, the latest developer build of W3 Total Cache, includes support for nginx. As nginx does not have directory specify files (e.g. .htaccess), the settings are intended to be added to one’s nginx.conf file. Before preceding, I simply cannot pass up an opportunity to extol the virtues… Continue reading Nginx and W3 Total Cache
Setting up TinyDNS on Amazon’s Linux
If you need to setup both a DNS Server and DNS Cache, consider http://www.fefe.de/djbdns/#splithorizon – there are some issues with the points below that need to be resolved (specifically the resolv.conf pointing to the dnscache, without pointing the dnscache at the djbdns). DNS nameservers serve the purpose of mapping a domain name to an IP address. Typically,… Continue reading Setting up TinyDNS on Amazon’s Linux
Setting up nginx as a Reverse Proxy
Procedure for setting up nginx as a reverse proxy on Amazon’s Linux distribution, with Apache running in the background. …Read the Rest