How to , and other stuff about linux, photo, php … Another blog just like others on internet

February 5, 2019

How to exclude subfolder from password protection with .htaccess

Filed under: Linux — Tags: , , , , , — admin @ 1:38 pm

So if you want to protect a website with .htaccess and .htpasswd basically you will use

AuthType Basic
AuthName “Password Protected Area”
AuthUserFile /path/.htpasswd
Require valid-user

If you want a subdirectory to be excluded from auth like .well-known , for lets encrypt then a easy way it to create a .htaccess on .well-known directory and place in it

Satisfy any

January 16, 2019

How to deny execution of php on some directory

Filed under: Linux — Tags: , , , — admin @ 1:12 pm
Just add this on your .htaccess in that directory and php will not be executed.
# Kill PHP Execution
<Files ~ "\.ph(?:p[345]?|t|tml)$">
deny from all
</Files>

December 10, 2018

Your browser sent a request that this server could not understand

Filed under: Linux — Tags: , , , — admin @ 4:51 pm

Well today I am facing another problem.

Got this answer on a apache behind a proxy .

400 Bad Request
Bad Request
Your browser sent a request that this server could not understand.
Size of a request header field exceeds server limit.

So .. it appear the header that is received by webserver is bigger then normal .

Solution is to increase it .

LimitRequestFieldSize 32760
LimitRequestLine 32760

Please note that is loaded from first VirtualHost.

One solution is to tested with this

curl -v -H “CustomHeader: `printf ‘1%.0s’ {1..n}`” localhost

Where n can be replace with a value of for example 20000

 

November 22, 2018

Letsencrypt UnicodeDecodeError: ‘utf-8’ codec can’t decode byte 0xfc in positio

Filed under: Linux — Tags: , , , — admin @ 12:16 pm

Well today I was trying to issue a ssl on a old server and find this

File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/augeas.py”, line 147, in get
return dec(value.value)
File “/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/augeas.py”, line 65, in dec
return st.decode(AUGENC)
UnicodeDecodeError: ‘utf-8’ codec can’t decode byte 0xfc in position 15: invalid start byte
Please see the logfiles in /var/log/letsencrypt for more details.

A short workaround was to modify the

“/opt/eff.org/certbot/venv/lib64/python3.4/site-packages/augeas.py”

the 65 line was something

return st.encode(AUGENC)

with

return st.decode(AUGENC, ‘ignore’)

It worked to get a new certificate .

February 6, 2018

Prevent SSL redirect loop using WordPress and HAProxy

Filed under: Linux — Tags: , , , , — admin @ 11:21 am

I do have a haproxy that is serving the ssl frontend and the apache is on 80 port.  But the wordpress see the 80 port and is not forcing to use the ssl as links for css/js

So to force wordpress to generate ssl internal links you need to add this into wp-config.php

define('FORCE_SSL_ADMIN', true);
define('FORCE_SSL_LOGIN', true);
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
  $_SERVER['HTTPS']='on';


Offcourse on the haproxy you need to have

reqadd X-Forwarded-Proto:\ https

 

Older Posts »

Powered by WordPress