How to , and other stuff about linux, photo, php … Another blog just like others on internet

March 12, 2018

Amazon ec2 ami certbot-auto problem

Filed under: Linux — Tags: , , , , , , — admin @ 11:15 am

Today tried to renew some ssl and surprise


certbot-auto renew
Error: couldn’t get currently installed version for /opt/
Traceback (most recent call last):
File “/opt/”, line 7, in <module>
from certbot.main import main
File “/opt/”, line 10, in <module>
import josepy as jose
File “/opt/”, line 41, in <module>
from josepy.interfaces import JSONDeSerializable
File “/opt/”, line 8, in <module>
from josepy import errors, util
File “/opt/”, line 4, in <module>
import OpenSSL
File “/opt/”, line 8, in <module>
from OpenSSL import rand, crypto, SSL
File “/opt/”, line 12, in <module>
from OpenSSL._util import (
File “/opt/”, line 6, in <module>
from cryptography.hazmat.bindings.openssl.binding import Binding
ImportError: No module named cryptography.hazmat.bindings.openssl.binding


Well tryied everything

rm -rf /opt/    ( didn’t worked for me )

Reinstalled same problem.

The only solution was this found on a comment on github

$ /opt/ install –upgrade certbot
$ /opt/ –help




February 6, 2018

Prevent SSL redirect loop using WordPress and HAProxy

Filed under: Linux — Tags: , , , , — admin @ 11:21 am

I do have a haproxy that is serving the ssl frontend and the apache is on 80 port.  But the wordpress see the 80 port and is not forcing to use the ssl as links for css/js

So to force wordpress to generate ssl internal links you need to add this into wp-config.php

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')

Offcourse on the haproxy you need to have

reqadd X-Forwarded-Proto:\ https


August 30, 2017

httpd with multiple ssl and password for every key automatically

Filed under: Linux — Tags: , , , , — admin @ 1:19 pm

Well to use this we must use the SSLPassPhraseDialog functionality of httpd – apache .

Basically into ssl.conf we put this line or modify the existing one into

SSLPassPhraseDialog exec:/path/script

Where script is read/execute only by root.

And the script is


$server = $ARGV[0];
#print $server;
if ($server eq ‘’ || $server eq ‘’ ) {
print ‘password one’;
} elsif ($server eq ‘’) {
print ‘Password two’;


April 25, 2017

how to disable gzip for specific file

Filed under: Linux,Php — Tags: , , , , , , — admin @ 1:33 pm

The short answer is

RewriteRule ^dashboard/index - [E=no-gzip:1]
SetEnvIf REDIRECT_no-gzip 1 no-gzip

Some explination of that solution

The – means NOOP, E means set variable, 1 is the value. After redirects, the variables are renamed and prepended with REDIRECT_.

This work for php FPM

If you have a mod dso you can use also this

apache_setenv('no-gzip', '1');

February 17, 2015

How to enable Core Dumps in CentOS

Filed under: Linux — Tags: , , , — admin @ 12:17 pm

To enable core dumps for all daemon, please follow these steps:
Edit the /etc/profile. At line 26 of the file, replace this line:
ulimit -S -c 0 > /dev/null 2>&1

with this line:
ulimit -c unlimited >/dev/null 2>&1

Replace this line (around line 138 ) in /etc/init.d/functions
ulimit -S -c 0 >/dev/null 2>&1

with this:
ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0} >/dev/null 2>&1

Enable core-dumping globally by editing the /etc/sysconfig/init file and adding the line:

Enable it for specific daemons by adding this line in the /etc/sysconfig/$daemon:

Optionally, enable core dump for SUID programs:
echo 2 > /proc/sys/fs/suid_dumpable

mkdir /tmp/core
chmod 777 /tmp/core

Edit the /etc/sysctl.conf and add the following:

fs.suid_dumpable = 2
kernel.core_uses_pid = 1
kernel.core_pattern = /tmp/core
Then reload the settings in /etc/sysctl.conf:
sysctl -p

Older Posts »

Powered by WordPress