Learn how to enable HSTS (HTTP Strict Transport Security) in Linux Apache .htaccess. I wrote about enabling HTTP Strict Transport Security (HSTS) in IIS earlier. But what about enabling HSTS in Apache .htaccess? Here is how.
SSL (Secure Sockets Layer) and TLS (Transport Layer Security) tag
How to use SSL in PHP Data Objects (PDO) mysql
Connect securely to your MySQL database using PHP Data Objects (PDO); Here is how to connect to MySQL with PHP PDO using an SSL encrypted connection.
How to turn off the TLS default in FileZilla?
Here is how to disable TLS encryption in FileZilla and turn off the FTP over TLS default setting. Connect plain FTP without TLS.
SSL in WordPress: how to move WordPress to HTTPS? The definitive guide
Having an SSL certificate in your WordPress is the de-facto standard nowadays, did you know that? Google ranks sites having HTTPS higher in their SERP. But in WordPress, how do you configure an SSL certificate and HTTPS URL? You’ll learn the important steps to move WordPress from http to https
Ghost on IIS with HTTPS, how to resolve a “Too many redirects” error
When you use iisnode to host the Node.js blogging software Ghost on your IIS web server, and you set up an SSL certificate for your Ghost website, you may run into too many redirect issues when changing Ghost’s config.js file. This happend to me yesterday, and here is the solution.
How to enable HTTP Strict-Transport-Security (HSTS) on IIS
Set up and enable HTTP Strict-Transport-Security (HSTS) in Windows Server IIS 10 web servers. And here is more technical information about HSTS in IIS, headers and web security…
Redirect HTTP to HTTPS
In this post I provide you various HTTP to HTTPS redirection methods, for Windows Server IIS and Linux Apache. In web.config and .htaccess. Use these examples to your advantage to secure the traffic between your visitors and your website.
Monit monitoring on Ubuntu 14.04 VM on Hyper-V
Set up a Monit monitoring service for your websites and services. Monit is a free and open source service monitoring application which can perform various event-based actions. Monit can send email notifications, restart a service or application, or take other responsive actions. We set Monit up on a Ubuntu 14.04 VM, built on Hyper-V. And we use Monit to monitor several websites, and send out notifications on downtime.
Check website availability with PHP and cURL
Perform a PHP cURL request to check if your website is up or not. Verify your website’s online status and availability using just PHP. This script comes in handy because website uptime and availability is important, and you want your website to be always online available. If your website is down, it’ll send you an email to notify you about downtime.
Send authenticated SMTP email over TLS from WordPress
How to configure TLS for SMTP email in WordPress. I was suprised WordPress is not able to send email using an SMTP server out-of-the-box. Not to mention using authenticated SMTP or TLS transport for security. A quick Google search showed me multiple plugins to handle this, but I wanted to create something myself. Here is how to override the wp-mail() function and send email using authenticated SMTP and StartTLS from WordPress.
Send email with Ghost using SMTP authentication and TLS encryption
As you know, more and more web hosting providers require SMTP authentication (often abbreviated as SMTP AUTH) and a TLS encrypted connection to send email. Here you’ll find some script examples to Send secure SMTP email from your website.
Test SMTP Authentication and StartTLS
When investigating SMTP authentication issues, particular over TLS encrypted SMTP connections, it’s always handy if you are able to test the SMTP authentication and StartTLS connection. Preferably from your command line. This post shows you how to test SMTP servers, create base64 encoded logon information, verify SMTP authentication over an opportunistic TLS connection, all from the Linux and Windows command line using telnet and OpenSS.
Fix "Could not establish trust relationship for the SSL/TLS secure channel" error
Today one of our clients received a System.Net.WebException error on a newly deployed ASP.NET web application. Part of the exception was: “System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.”. Here is how we resolved that issue.
Don’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configuration
CURLOPT_SSL_VERIFYPEER errors are often caused by not having an up-to-date bundle of CA root certificates on your system. So please, Don’t turn off CURLOPT_SSL_VERIFYPEER in your PHP config, but fix the cURL errors by updating cURL’s bundle of CA root certificates and your php.ini configuration.
How to send authenticated SMTP over a TLS encrypted connection, in PHP, ASP and ASP.NET?
Send authenticated SMTP over a TLS encrypted connection, in PHP, ASP and ASP.NET. If you want to send email securely from your website, this post is for you! In this post I’ll provide some script examples for ASP, PHP, and ASP.NET (C# / VB.Net – System.Net.Mail) that you can easily integrate and use to securely send email from your website.