Skip to content

Month: November 2017

ACME Challenge support on all HTTP virtual hosts

To enable ACME Challenge support on all HTTP virtual hosts and avoid errors due to configuration/rewrite on generation or renewing SSL certificates from Let’s Encrypt you must configure a location alias. For Apache: Alias /.well-known/acme-challenge/ /var/www/default/.well-known/acme-challenge/ <Directory “/var/www/default/.well-known/acme-challenge/”> Options None AllowOverride None ForceType text/plain RedirectMatch 404 “^(?!/\.well-known/acme-challenge/[\w-]{43}$)” </Directory> For Nginx: location “/.well-known/acme-challenge” { allow all;…

Proxy image server with nginx

You can quickly use Nginx as a proxy image server. For your server security, you can use ‘nginx-accesskey’ module. Configuration example: server { listen a.b.c.d:443 rcvbuf=64000 sndbuf=120000 backlog=4096 ssl http2; server_name mydomain.tld www.mydomain.tld; keepalive_timeout 60; ssl on; ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers ‘ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS:!RC4’; ssl_prefer_server_ciphers on; ssl_session_cache shared:TLSSL:30m; ssl_session_timeout 60m; ssl_buffer_size 4k; ssl_certificate /etc/letsencrypt/live/mydomain.tld/fullchain.pem; ssl_certificate_key…

HTTP/2 support in Apache

The HTTP/2 protocol: HTTP/2 is the evolution of the world’s most successful application layer protocol, HTTP. It focuses on making more efficient use of network resources. It does not change the fundamentals of HTTP, the semantics. There are still request and responses and headers and all that. So, if you already know HTTP/1, you know…

Nginx unit – dynamic web application server

NGINX Unit is a dynamic web application server, designed to run applications in multiple languages. Unit is lightweight, polyglot, and dynamically configured via API. The design of the server allows reconfiguration of specific application parameters as needed by the engineering or operations. NGINX Unit is currently available as a beta. As such, it is suitable…

Debian – The following packages have been kept back

If you have some problems with package updates and apt-get return the message ‘The following packages have been kept back’ means that the packages have been retained and there are newer versions of the listed packages, which for some reason cannot be installed. (unfulfilled or changed or new dependencies) The solution: apt-get dist-upgrade -u Example:…

© 2021 - Marian Amza. All rights reserved.
Powered by Wordpress & Debian