One common requirement for a web site, especially in the age of mandatory SSL, is to ensure that its address is a) consistent, and b) forwards to SSL. In other words, when a visitor types in http://www.mysite.com/, http://mysite.com/, OR https://mysite.com/, they should be sent to https://www.mysite.com/. To do this, we’ll set up some Nginx server […]
Category: Networking
Free SSL Certificates with Let’s Encrypt (Ubuntu 16)
Running a secure web site provides a better experience for anyone using your site. These days (2018), search engines also favor web sites that use SSL/HTTPS, so utilizing SSL is an important aspect of SEO. But buying a new SSL certificate every couple of years can get expensive, particularly if you run multiple web sites […]
Install Roundcube on Ubuntu 16 with Nginx and PHP-FPM
So you want to set up a webmail system. SquirrelMail was a fine community-supported project for many years, but as of July 2017 it seems to have been abandoned by its developers, so we’re going to use Roundcube for our webmail system instead. This guide assumes you have Ubuntu 16 running a MariaDB-Postfix-Dovecot email server […]
Ubuntu 16 and Varnish 4 with Drupal
This article describes how to install Varnish 4 with Drupal 7 on Ubuntu 16.04. The procedure is similar to installing Varnish 3 in my Drupal recipe, but the update to Varnish 4 requires a few changes. These are described below. Installing Varnish 4 Run apt-get install varnish. Then ensure your /etc/default/varnish has the correct startup […]
Using ufw on Ubuntu
ufw, or the Uncomplicated Firewall, is a convenient front end for managing iptables on your Ubuntu server. This article provides a brief tutorial on some of the most commonly used commands. ufw is available in Ubuntu from the 8.04 release onward, and the commands here should apply to any current version. Viewing the ufw Status […]
Ubuntu 16.04 Mail Server Updates
My previous instructions for setting up a Postfix/Dovecot/MySQL mail server on Ubuntu 12.04 work mostly as-is for Ubuntu 16.04, but there are a couple of gotchas. These workarounds are necessary due to some different locations of utilities on the filesystem and some changes to Ubuntu’s internals. We’ll go through these differences one by one. Mail […]
nmap
nmap is a security scanner capable of mapping topology, discovering hosts, determining OS and device profiles, examining individual services, and exposing vulnerabilities across networks. It’s licensed under the GPL and binaries are available for most platforms. A graphical frontend called Zenmap is available in most Linux repos. More specifically, nmap sends ICMP Echo (type 0), […]
mtr
mtr combines the behavior of the ping and traceroute utilities: it traces a route path between localhost and a destination device or computer, showing you a list of the routers between them as well as the average round-trip times and packet loss to each router. To do this mtr utilizes ICMP Type 0 and 11 […]
wget and cURL
wget wget is a GNU utility for retrieving files over the web using the popular internet transfer protocols (HTTP, HTTPS, FTP). It’s useful either for obtaining individual files or mirroring entire web sites, as it can convert absolute links in downloaded documents to relative links. The GNU wget manual is the definitive resource. Some Useful […]
tcpdump
tcpdump is a useful packet analyzer distributed under the BSD license. It is included with most Linux and Unix distros, and it’s available for Windows using the Winpcap library. As you might imagine, tcpdump is excellent at troubleshooting problematic connections to remote systems where the cause is otherwise unclear. This is particularly useful for getting […]