wow, certbot has got a lot more automatic since I used it to set up my old server. You don't have to do anything if you're just running a standard webserver. You used to have to fuck around with cert paths and well-known a whole lot. It even set up keys for my fastcgi system automatically.

Django Project Deployment on AWS

Step-by-Step Guide to Deploying Django on AWS

Introduction Deploying a Django project on AWS allows for scalable, reliable, and high-performance web applications. AWS provides various services to host your application, manage databases, and scale your infrastructure. This guide will walk you through the steps of deploying a Django project on AWS using EC2, RDS, S3, and other related services. Overview The deployment process…

How to enable permalinks in WordPress - Ubuntu Apache2

To enable permalinks in WordPress while hosting on an Ubuntu server with Apache2, you can follow these steps: 1. Log into your server: Ensure that you have SSH access to your Ubuntu server. 2. Install WordPress: If you haven’t already, install WordPress on your server. You can follow the WordPress installation guide for Ubuntu:…

View On WordPress

Using CertBot with WSL on Windows to obtain wildcard certifications via DNS authorization (for DNS providers that provide support for the DNS challenge, i.e. Route53 or Google Domains) to Let's Encrypt for your Synology NAS or SRM!

To understand the importance of wildcard certifications and DNS authorization, let's first take a closer look at what they are. A wildcard SSL certificate allows you to secure not only your main domain but also all its subdomains.

‍ Image Source: FreeImages‍ Are you looking to secure your Synology NAS or SRM with a wildcard SSL certificate? Look no further! In this article, we’ll show you how to use Certbot with Windows Subsystem for Linux (WSL) on your Windows machine to obtain wildcard certifications via DNS authorization. This is the manual way to do it, but there is also an automated way as well. But learning the…

View On WordPress

在真的用certbot去Let's Encrypt申請憑證之前，最好自己先檢查一下。 ---- # 速率限制 / Rate limits https://letsencrypt.org/docs/rate-limits/。 我們這次要申請的是獨立網域的SSL憑證，不是帶有星號(*)的廣域域名(wildcard DNS)。 前者需要完成http-01挑戰，要讓HTTP服務能夠讓Let's Encrypt連上；後者需要完成dns-01挑戰，要調整DNS伺服器的設定，讓Let's Encrypt能夠確認。 後者的做法複雜很多，我之前有在bind9完成過，不過真的很不容易。 有興趣詳情請看「如何使用 Certbot 命令列工具建立免費的 TLS/SSL 頂層網域憑證」。 Let's Encrypt為了避免過於頻繁的申請導致伺服器負荷過大，在一定時間內僅有一定數量的申請。 這種限制叫做速率限制(Rate Limits)。 在眾多限制規則中，主要限制是每週每個註冊網域最多只頒發50張憑證。 而你可以在一張憑證中包含最多100個網站網域名稱。 也就是說，正常狀況下，每個網域可以為5000個域名申請SSL憑證。 在設置過程中比較麻煩的是「網域驗證失敗」限制。 每個帳號、每個域名、每小時最多失敗5次。 在建置伺服器初期不斷調整的時候，很容易達到這個限制。 特別是Kubernates跟Docker都有自動重啟restart的設置。 如果伺服器因為申請憑證失敗了導致自動重啟，那一瞬間就會達到「網域驗證失敗」次數限制。 # 檢查域名 / Check a domain。 為此，在真的去申請Let's Encrypt的憑證之前，最好先自己仔細檢查你的域名是否真的可以用。 根據我的經驗總結，檢查包含了三個階段。 通過所有階段才算是一個可以真的用來申請憑證的域名。 ## Phase 1. 檢查域名是否真的註冊 / Check a domain name is registered。 只有真的在DNS伺服器上註冊的域名才能註冊。 檢查的方法可以用nslookup。 nslookup在Debian中包含在「dnsutils」套件裡面。 安裝方式如下：。 [Code...] 使用nslookup檢查blog.pulipuli.info的語法如下：。 [Code...] 如果有正常註冊，nslookup回傳的訊息如下：。 [Code...] 換個例子來說。 ---- 繼續閱讀 ⇨ 判斷域名是否適合申請Let's Encrypt憑證的思路 / How to Judge Whether a Domain Name Is Suitable for Applying for Let's Encrypt Certificate https://blog.pulipuli.info/2023/04/blog-post_09.html

Raspberry Pi: Lets Encrypt SSL Zertifikat mit Certbot installieren

In dieser Anleitung zeige ich euch, wie ihr in wenigen Schritten ein kostenloses SSL-Zertifikat von Lets Encrypt auf euren Raspberry Pi installieren könnt. Für die Installation und zur Verwaltung unseres Let’s-Encrypt-Zertifikates verwenden wir das Open-Source-Werkzeug Certbot. Die Umsetzung erfolgt ausschließlich über das Terminal auf dem Raspberry Pi (CLI). Eine grafische Benutzeroberfläche ist nicht notwendig. Certbot...[Weiterlesen]

When working with client systems always remember the core admin rule:

1. Don't ever overlook a method just because it's against best practice, especially if the client reported something was working previously.

Wrapping up building a static site building system that uses toml for configuration and markdown with a templating system for page generation. It uses gitea webhooks to trigger a remote server to mirror then build the repo after a push. For hosting the front end I'm using nginx since I want to use something compatible with certbot. For the public release of Cloth I'll look into building a cdn with nginx but for the moment there's about 3 sites that will be run off this so that's overkill.

Certbot Use Continues to Grow – EFF

http://i.securitythinkingcap.com/TBHFTd

Okay cool, I've migrated my existing website and put FreshRSS on my new VPS, that was not that bad. Just had to learn how fastcgi works so I could run FreshRSS. Using an incredible 90MB of RAM so far. I think 4GB should serve me fine. I should really shrink the 4GB of swap alpine's default setup gave me here, I do not need that much.

Next steps are to get SSL working which will involve swapping domain names with my old VPS so that certbot gives me the right cert, and then I can migrate IRC and that's about everything that was running before, this is a lot easier than I thought it was going to be.

Loaded an old OPML backup of my RSS feeds into the reader and they're mostly all still there, although I need to do spring cleaning, I don't really think I'm still reading *checks feed* actually no all these webcomics are bangers, I have great taste. Don't look too hard at QC there it's fine I'm fine.

Some of them are dead though so that's a good reason to clean them up. Also I think subscribing to the entire boingboing feed was optimistic on, if nothing else, your attention span, 19 year old Kalium.

Install Lets Encrypt Certificate on Windows with Certbot

Install Lets Encrypt Certificate on Windows with Certbot

Install Lets Encrypt Certificate on Windows with Certbot Let’s Encrypt provides free, trusted SSL certificates, widely accepted by many authorities and browsers. The certificates are signed by the Internet Security Research Group (ISRG) Root X1, ensuring a high level of trust. Certbot, a command-line tool developed in Python, makes it easy to request and renew these certificates from Let’s…

Setting Up WordPress on Ubuntu with Apache2, MySQL, and SSL

Ubuntu is a great hosting environment choice if you want to build a strong and secure WordPress website. In this tutorial, we’ll show you how to install WordPress, Apache, MySQL, and SSL encryption on a server running Ubuntu. You’ll have a fully operational WordPress site with HTTPS enabled by the end of this lesson. Step 1: Install Apache Server To start, let’s install the Apache web server on…

View On WordPress

Using Free Let’s Encrypt SSL/TLS Certificates with NGINX

1. Download the Let’s Encrypt Client First, download the Let’s Encrypt client, certbot. As mentioned just above, we tested the instructions on Ubuntu 16.04, and these are the appropriate commands on that platform: $ apt-get update $ sudo apt-get install certbot $ apt-get install python-certbot-nginx With Ubuntu 18.04 and later, substitute the Python 3 version: $ apt-get update $ sudo apt-get…

certbot/le is getting 200 on its own verification file and then failing. what gives?