Force HSTS in Apache .htaccess
I wrote about enabling HTTP Strict Transport Security (HSTS) in IIS earlier. But what about enabling HSTS in Apache .htaccess? Here is how.
Read More »Force HSTS in Apache .htaccessHow to use SSL in PHP Data Objects (PDO) mysql
Connect to MySQL with PHP PDO using an SSL encrypted connection
If you want to connect securely to your MySQL database over SSL using PHP Data Objects (PDO), here is how…
Read More »How to use SSL in PHP Data Objects (PDO) mysql
How to turn off the TLS default in FileZilla?
A short post for my colleagues at the customer support and anyone else wondering the same: how to disable TLS encryption in FileZilla and turn off the FTP over TLS default setting?
Read More »How to turn off the TLS default in FileZilla?
SSL in WordPress: how to move WordPress to HTTPS? The definitive guide
Having an SSL certificate in your WordPress is the de-facto standard nowadays, did you know that? Google ranks sites having HTTPS higher in their SERP. But in WordPress, how do you configure an SSL certificate and HTTPS URL? You’ll learn the important steps to move WordPress from http to https in this post.
Read More »SSL in WordPress: how to move WordPress to HTTPS? The definitive guide
Ghost on IIS with HTTPS, how to resolve a “Too many redirects” error
When you use iisnode to host the Node.js blogging software Ghost on your IIS web server, and you set up an SSL certificate for your Ghost website, you may run into too many redirect issues when changing Ghost’s config.js file. This happend to me yesterday, and here is the solution.
How to enable HTTP Strict-Transport-Security (HSTS) on IIS
Set up HTTP Strict-Transport-Security (HSTS) in Windows Server IIS. Scott Hanselman wrote a great post on how to enable HTTP Strict-Transport-Security (HSTS) on IIS web servers, and here is some more technical information about HSTS in IIS, and other security headers…
Read More »How to enable HTTP Strict-Transport-Security (HSTS) on IISRedirect HTTP to HTTPS
In this post I provide you various HTTP to HTTPS redirection methods, for Windows Server IIS and Linux Apache. Use these examples to your advantage to secure the traffic between your visitors and your website.
Read More »Redirect HTTP to HTTPSMonit monitoring on Ubuntu 14.04 VM on Hyper-V
In this post you’ll learn about setting up a Monit monitoring service for your websites and services. Monit is a free and open source service monitoring application which can perform various event-based actions. Monit can send email notifications, restart a service or application, or take other responsive actions. We set Monit up on a Ubuntu 14.04 VM, built on Hyper-V. And we use Monit to monitor several websites, and send out notifications on downtime.
Read More »Monit monitoring on Ubuntu 14.04 VM on Hyper-VCheck website availability with PHP and cURL
Perform a PHP cURL request to check if your website is up.
Here you’ll find a PHP script to check if your website is up and online available. It uses PHP and cURL. This script comes in handy because website uptime and availability is important, and you want your website to be always online available. If your website is down, it’ll send you an email to notify you about downtime.
Read More »Check website availability with PHP and cURLSend authenticated SMTP email over TLS from WordPress
How to configure TLS for SMTP email in WordPress. I was suprised WordPress is not able to send email using an SMTP server out-of-the-box. Not to mention using authenticated SMTP or TLS transport for security. A quick Google search showed me multiple plugins to handle this, but I wanted to create something myself. Here is how to override the wp-mail() function and send email using authenticated SMTP and StartTLS from WordPress.
Send email with Ghost using SMTP authentication and TLS encryption
Ghost Publishing platform uses Nodemailer to send e-mails with Node.js. It can send e-mail using SMTP, sendmail or Amazon SES and is unicode friendly.
Read More »Send email with Ghost using SMTP authentication and TLS encryptionHow to test SMTP Authentication and StartTLS
How to test SMTP authentication and StartTLS using the command line?
When investigating SMTP authentication issues, particular over TLS encrypted SMTP connections, it’s always handy if you are able to test the SMTP authentication and StartTLS connection. Preferably from your command line. This post shows you how to test SMTP servers, verify SMTP authentication and StartTLS encrypted connections from the Linux and Windows command line.
Read More »How to test SMTP Authentication and StartTLSFix "Could not establish trust relationship for the SSL/TLS secure channel" error
Today one of our clients received a System.Net.WebException error on a newly deployed ASP.NET web application. Part of the exception was: “System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.“. Here is how we resolved that issue.
Read More »Fix "Could not establish trust relationship for the SSL/TLS secure channel" errorDon’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configuration
An often heard solution to PHP cURL errors with SSL is to turn off CURLOPT_SSL_VERIFYPEER. Please don’t turn off CURLOPT_SSL_VERIFYPEER, but fix your PHP config instead. This article provides you two solutions to solve CA certificate validation errors with PHP cURL and OpenSSL. For system administrators and end-users.
How to send authenticated SMTP over a TLS encrypted connection, in PHP, ASP and ASP.NET?
Send authenticated SMTP (auth-SMTP) over a TLS encrypted connection. If you want to send email securely from your website, this post is for you! In this post I’ll provide some script examples for ASP, PHP, and ASP.NET (C# / VB.Net) that you can easily integrate in your website.
Read More »How to send authenticated SMTP over a TLS encrypted connection, in PHP, ASP and ASP.NET?