SSL

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) tag

GNU Linux

Force HSTS in Apache .htaccess

Learn how to enable HSTS (HTTP Strict Transport Security) in Linux Apache .htaccess. I wrote about enabling HTTP Strict Transport Security (HSTS) in IIS earlier. But what about enabling HSTS in Apache .htaccess? Here is how.

GNU Linux MONIT - Barking at daemons. Monit is a small Open Source utility for managing and monitoring Unix systems. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.

Monit monitoring on Ubuntu 14.04 VM on Hyper-V

Set up a Monit monitoring service for your websites and services. Monit is a free and open source service monitoring application which can perform various event-based actions. Monit can send email notifications, restart a service or application, or take other responsive actions. We set Monit up on a Ubuntu 14.04 VM, built on Hyper-V. And we use Monit to monitor several websites, and send out notifications on downtime.

WordPress

Send authenticated SMTP email over TLS from WordPress

How to configure TLS for SMTP email in WordPress. I was suprised WordPress is not able to send email using an SMTP server out-of-the-box. Not to mention using authenticated SMTP or TLS transport for security. A quick Google search showed me multiple plugins to handle this, but I wanted to create something myself. Here is how to override the wp-mail() function and send email using authenticated SMTP and StartTLS from WordPress.

Web application security

Test SMTP Authentication and StartTLS

Investigate SMTP authentication issues like a boss! Particular over TLS encrypted SMTP connections, it’s always handy if you are able to test the SMTP authentication and StartTLS connection. Preferably from your command line. This post shows you how to test SMTP servers, create base64 encoded logon information, verify SMTP authentication over an opportunistic TLS connection, all from the Linux and Windows command line using OpenSSL.