Create a self-signed certificate with two commands. It may be useful to administer the site via https, for example.
1. Create a key.
# openssl genrsa -out server.key 2048
2. Create a certificate. The domain example.com should be replaced with yours.
# openssl req -new -x509 -key server.key -out server.crt -days 3650 -subj /CN=example.com
Firefox browser returns to Debian instead of Iceweasel.
To install the latest version of Mozilla Firefox you will need to perform several steps The first is to add the following lines to the /etc/apt/sources.list.d/firefox.list file:
# echo -n "deb http://mozilla.debian.net/ jessie-backports firefox-release"> /etc/apt/sources.list.d/firefox.list
When using iceweasel, I found a very unpleasant moment: if you click on the scroll wheel on a mouse in an arbitrary place on the page of any site, then instead of displaying the scroll icon, a page is opened in a new tab.
This problem is solved as follows. You need to open the about: config page in your browser, find the general.AutoScroll parameter and set it to true .
Today I looked into the access-log of one site for WordPress and found many requests of this kind:
1.234.83.77 - - [05 / Sep / 2014: 12: 07: 01 +0600] "POST /xmlrpc.php HTTP / 1.1" 200 441 "-" "Mozilla / 4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA ; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) " 1.234.83.77 - - [05 / Sep / 2014: 12: 07: 01 +0600] "POST /xmlrpc.php HTTP / 1.1" 200 441 "-" "Mozilla / 4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA ; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) " 1.234.83.77 - - [05 / Sep / 2014: 12: 07: 02 +0600] "POST /xmlrpc.php HTTP / 1.1" 200 441 "-" "Mozilla / 4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA ; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) " 1.234.83.77 - - [05 / Sep / 2014: 12: 07: 02 +0600] "POST /xmlrpc.php HTTP / 1.1" 200 441 "-" "Mozilla / 4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA ; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022) "
Judging by the results of Google, there is some kind of exploit related to this file - xmlrpc.php. In one article in English it was said, as I understood, relying on my poor knowledge of the given language :), about the possibility of organizing the password selection. True, so far I have not noticed the consequences, but it is better to take action in advance. :)
xCache is a php bytecode caching program to speed up script execution. Like, for example, eAccelerator or PHP-APC.
If you have servers to which you connect via VNC, then you definitely need a client to connect. There are several such clients in the Debian repositories. I will describe a couple I liked. ;)
With authentication by a key on ssh, being connected with Windows, understood. What about the use of the same key, only for authentication when connecting from a computer running Linux? PuttyAgent for Linux is not, and Linux does not understand the .ppk format.
In some cases, it may be necessary to move the mysql database from the default directory (/ var / lib / mysql) to another directory or even to a separate partition. For example, to protect databases from damage, in case the file system on the primary partition is damaged.
In today's world, data encryption is not just a whim, but a direct necessity. In particular, encrypting http traffic is of great importance for all sites where any personal data is processed. And also to protect against mitm attacks.
Thus, the use of Forward Secrecy on web servers becomes mandatory for each site that works using the https protocol and allows you to improve the strength of information encryption.
Forward secrecy can be properly configured in nginx.
(Further…)
Authentication in ssh by key has several advantages. First, the convenience. You can have several servers and one key. It is not necessary to enter the password from the server you need each time, which will save time. Secondly, it is safe. You can disable password authentication and ssh will be protected from brute force.
In this article we will analyze work with Putty on Windows. For it there is a handy utility - pgagent, capable of booting automatically when the OS starts, and storing a private key in memory. It can be used not only for Putty, but also for Filezilla.