Share
Scroll down

My Latest Articles

Step into the mind of a long-time developer, long-time server manager, and full-time geek 🙂

Wow!  It's been a little while since I have had the time to post another article.   Well, here I am again, back at it. This time, I will show you an optimal way to keep your site secure utilizing a bit of nginx configuration.  You will need to do some work before implementing this, so please do not attempt to simply copy/paste this and expect it to work out of the box. # Default security headers add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; # enable, cache, and preload subdomains add_header X-Frame-Options "SAMEORIGIN" always; # generally only allow SAMEORIGIN frame sources add_header X-Xss-Protection "1; mode=block"; # protect against Cross-Site Scripting add_header X-Content-Type-Options "nosniff" always; # no sniffing allowed! add_header Referrer-Policy "strict-origin"; # protect agains cross-linking add_header X-Download-Options "noopen";…

Read more
01

Install & Configure Nginx on Existing Cpanel Servers cd /usr/local/src wget http://nginxcp.com/latest/nginxadmin.tar tar xf nginxadmin.tar cd publicnginx ./nginxinstaller install Once installation completes, login to WHM for that server Scroll past ConfigServer Security&Firewall to see Nginx Admin and click it Add the 0 */1 * * * /usr/sbin/tmpwatch -am 1 /tmp/nginx_client to crontab -e on the server Click 'Configuration Editor' Copy/Paste into the field user nobody; # no need for more workers in the proxy mode worker_processes 4; error_log /var/log/nginx/error.log warn; worker_rlimit_nofile 20480; events { worker_connections 5120; # increase for busier servers use epoll; # you should use epoll here for Linux kernels 2.6.x } http { server_name_in_redirect off; server_names_hash_max_size 10240; server_names_hash_bucket_size 1024; include mime.types; default_type application/octet-stream; server_tokens off; # remove/commentout disable_symlinks if_not_owner;if you get Permission denied error # disable_symlinks if_not_owner;…

Read more
02

Every new site wants to get their piece of Google, Yahoo, & Alexa.  Yes I said it, Alexa ;) There is a bit of a risk when allowing these bots to traverse your endless universe of pages, posts, and other niceties that you want to get out there an noticed.  Keep in mind, these 3 Search Engines arent the only ones looking for your site and content.  There are millions of bots out there just sniffin around, and while most are harmless "Let's get your site listed in my directory" variety, there are some that look to do harm.  Trust me when I tell you, you don't want them finding out you've left a massive back-door open to your site's shopping cart. Here is how…

Read more
03

Since I use cPanel and CentOS alot now a days, I want to make sure that I have a handy place I can keep and search for anything I might need for configuring or managing the servers. Without any further ado, I present you the most comprehensive list of cPanel Stuff, I have ever seen ;) Configurations and Services They Are Tied To CPanel Configuration File: cpanel.config Path: /var/cpanel/cpanel.config Service: cpanel Apache Default Port: 80 Configuration File: httpd.conf Path: /etc/httpd/conf/httpd.conf Or /usr/local/apache/conf/httpd.conf Service: httpd Exim Configuration File: exim.conf Path: /etc/exim.conf Service: exim Bind Default Port: 53 Configuration File: named.conf Path: /etc/named.conf Service: named DB location: /var/named FTP server proftp Default Port: 20, 21 Configuration File: proftpd.conf Path: /etc/proftpd.conf Service: proftpd pureftp Default Port: 20, 21…

Read more
04

These are the step that I took to create a SVN server using CentOS 7, while attaching drives as repositories instead of creating a monstrous system drive and importing everything there. If you follow to a "T", you too can have the play-ground I have =) I will lay out my exact steps, including creating the virtual machine I used for this.  If you are currently using a VM or dedicated machine then you can skip those steps.  I imagine this would work on CentOS 5 and up, but don't quote me on that. 1.       Create VirtualBox Virtual Machine a.       Have a CentOS ISO ready                                                                i.      I chose v7 as the latest b.      Setup with 20G hard disk, Bridged Networking, 4G Ram, 2 Processors,…

Read more
05