Sporting Let's Encrypt certificate

Let’s Encrypt is a soon to be publicly available service to provide TLS certificates for free and in automated fashion. I’m helping them test their systems by participating in the beta programme. Because of that this site is now sporting, publicly recognizable certificate from Let’s Encrypt. Yay ! The work they are doing I believe is of much importance. Lack of easy path for getting TLS certificate was a major hurdle for the most of the website owners, otherwise keen on getting their traffic encrypted. [Read More]

Better crypto initiative

It’s not common for me to put just one link here as the content of the article. Today, however, is one of these days. The bettercrypto folks came up with really excellent practical guide to securing your servers. A draft for now, but already sporting a high concentration of knowledge. BTW - it being a draft means that you should read it and contribute to it as well.

Wordpress and nonstandard ports and protocols

I needed to set up a Wordpress installation where https is on nonstandard port and the admin interface lives in that land, while the site itself is using plain http. In wp-config.php: if (!empty($_SERVER['HTTPS'])) { define('WP_SITEURL', 'https://example.com:12345'); define('WP_HOME', 'https://example.com:12345'); } else { define('WP_SITEURL', 'http://example.com'); define('WP_HOME', 'http://example.com'); } This allows the installation to properly see resources like images and css if accessed via nonstandard port. So if you don’t see image previews in the admin panel, your styles look weird, or you just don’t see new posts’ previewes - this might be it. [Read More]