Tuesday, September 12, 2017
Sunday, August 27, 2017
Friday, March 10, 2017
SSL Configuration for Apache
openssl req -new -newkey rsa:2048 -nodes -keyout domainname.key -out domainname.csr
Put below settings in /etc/apache2/sites-enabled/default_ssl and change necessary settings.
< IfModule mod_ssl.c>
< VirtualHost _default_:443>
ServerAdmin webmaster@localhost
ServerName domain.com
DocumentRoot /home/ubuntu/folder_name
<Directory /home/ubuntu/folder_name>
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog /var/log/apache2/domainname.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/domainname.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/domainname.com.crt
SSLCertificateKeyFile /etc/ssl/private/domainname.com.key
SSLCertificateChainFile /etc/ssl/certs/gs_intermediate_ca.crt
SSLCertificateChainFile /etc/ssl/certs/domainname.com.ca-bundle
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
## For Vulnerability
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS!RC4
< /VirtualHost>
< /IfModule>
Thursday, March 9, 2017
Linux Server Service Start if it's automatically stopped.
Create File Name like servicestart and enter below lines in to that and replace the service=apache2 to anyother service name.
# vi servicestart
+++++++++++++++++++++
#!/bin/bash
service=apache2
if (( $(ps -ef | grep -v grep | grep $service | wc -l) > 0 ))
then
echo "$service is running!!!"
else
/etc/init.d/$service start
fi
+++++++++++++++++++++
Save an Close this file.
Put it in to Cron to run at every minute.
# crontab -e
*/1 * * * * /bin/bash /root/servicerestart
Subscribe to:
Posts (Atom)