ww.kr.ua | Articles about the administration of a computer, help in the work of the Internet, programs and solving errors.

How to exclude IP from logs in nginx?

September 03, 2016 September 03, 2016 ww.kr.ua leave a comment

Imagine a situation: you have a static ip and you do a lot and do a lot of time editing the site. At the same time, you still need to monitor, periodically, the logs for errors in queries, or for vulnerability scans. And the presence of a large number of records with your IP makes it difficult to view logs.

With the help of a conditional entry that is available in nginx, starting with version 1.7.0, we can check the visitor's ip and not record it in the log files. Indeed, why do this if logging your ip is not necessary?

(Further…)

Free SSL certificate from L'ets Encrypt to Debian

August 28, 2016 September 15, 2016 ww.kr.ua 1 comment

The massive transition of sites to work on an encrypted protocol is gaining momentum day after day. And if before working with certificates was a rather routine task, today you can easily and free get a certificate with a basic verification of ownership of the owner.

And this will help us cool service Let's Encrypt . This certification center began to work in beta mode on December 3, 2015. And during this time the number of its users is growing.

(Further…)

How to configure Redis as a caching server

July 18, 2016 September 15, 2016 ww.kr.ua leave a comment

Caching data in RAM via Redis is one of the methods to speed up the site. This storage is highly efficient and can be used to cache not only sites, but also sessions, as well as a non-relational database.
(Further…)

How to hide the server application version

April 26, 2016 July 31, 2016 ww.kr.ua leave a comment

Hiding the version of the software used on the server is a good practice to confuse potential hackers. After all, knowing the version, for example, a web server, you can try to exploit a vulnerability that is relevant for this version.

And if the hacker does not know which version of software is used on the server, the selection of the vulnerability becomes a little more difficult. This page presents the parameters of some applications that allow you to hide the version and even the fact of using the service itself.
(Further…)

Installing php 7.0.5 on debian

April 25, 2016 August 16, 2016 ww.kr.ua 1 comment

While some put php 5.3 , getting it out of the grave, I decided not to lag behind the whole planet, where the sites are translated to the seventh version of php, which is so much praised on the Internet, including high speed, and installed it from the DotDeb repository today. I must say, the increase in speed is really noticeable. My websites and WordPress, and MODX began to fly yet. :) That's how I did the migration.

(Further…)

Enable http2 support on a server with nginx and Debian

April 20, 2016 September 15, 2016 ww.kr.ua leave a comment

HTTP / 2 is the second version of the http network protocol, which includes many different improvements. These include multiplexing requests (all requests can be processed in parallel), increased performance, header compression, etc.

HTTP / 2 has replaced SPDY, which has been discontinued.

Nginx supports the http / 2 protocol, starting with version 1.9.5. However, only version 1.6.2 is present in the stable release of Debian Jessie. Therefore, we will connect the backports repository to upgrade nginx to 1.9.10.
(Further…)

OCSP stapling on nginx with StartSSL certificate

April 09, 2016 April 09, 2016 ww.kr.ua leave a comment

OCSP protocol allows you to check the status of SSL certificate Online. When opening a site, the browser tries to contact the OCSP server and get information about this certificate. This affects the speed of operation, since the OCSP server can be much further than the server where the site is located.

(Further…)

OpenVPN connect application for Android

January 25, 2016 August 24, 2016 ww.kr.ua leave a comment

If you have a smartphone, then for sure you at least sometimes use public Wi-Fi access points. Often, they are not password protected. Yes, and if the administrator of this access point has set a password, it is still desirable to protect your traffic by encryption. Who knows how the owner of the access point can use the open information.

(Further…)

Deleting a user and his home directory

December 07, 2015 December 07, 2015 ww.kr.ua leave a comment

In the home folders of remote users can be stored vulnerable files, or shells and other vermin. Or just files that are wasting disk space. If all this trash is not needed, you should get rid of it. As a rule, this is done by the deluser --remove-home [username] command, but this action is not very convenient.

(Further…)

Compressing css and js files in the console using yui-compressor

November 04, 2015 November 04, 2015 ww.kr.ua leave a comment

A little distracted from the topic of server administration and using Debian to develop the site. :)

Compressing css and js files saves traffic. This is especially true for mobile phones, where the speed is usually low. In this, we can provide invaluable assistance to the yui-compressor, which is available for installation from Debian repositories.

(Further…)