February 21, 2017 tim

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. It is a service provided by the Internet Security Research Group (ISRG). More details can be found here https://letsencrypt.org/how-it-works/ This tutorial assumes you already have an existing website hosted with FreeBSD and an nginx reverse proxy. If you are using apache read this https://www.debarbora.com/Let’s-encrypt-SSL-Certificate-with-FreeBSD-&-Apache We start by installing https://certbot.eff.org/ # pkg install -y py27-certbot Request and download an SSL certificate by running the following command. temporarily stop nginx # service nginx stop # certbot certonly Select option 2) spin up a temporary webserver (standalone)…

August 13, 2016 tim

When using nginx as a reverse proxy for Apache servers, one of the first things you will notice is the back end Apache server logs will show all connections are made from the IP address of the proxy. Enter mod_rpaf2 an Apache module able to analyze X-Real-IP headers and pass the clients IP address to the back end Apache server thus logging the correct IP of website visitors. This tutorial assumes that you are using nginx as a front end proxy for apache24 and the nginx config file has the following headers in place proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr;…