apache2

I was experiencing odd things integrating to google maps - although I have both an API key for http and https - only https was working.

It turns out that the setting of the apache environment variable SERVER_PORT was always 443 irrespective of whether I was using http/80 or https/443 from the client.

I have several NameVirtualHosts on different IPs.

In apache2.conf:

LDAP authentication started giving:

(9)Bad file descriptor: Could not open password file: (null)

This is because apache 2.2 needs to be told what provider.

Add:

AuthBasicProvider ldap

In addition - to be allowed to use require valid-user add:

AuthzLDAPAuthoritative off

So - in full - the old config:

<Location /location>
  AuthName "Auth NAme"
  AuthType Basic
  AuthLDAPURL ldap://host:port/basedn?attribute
  require valid-user
</Location>

changes to

An extra protection can be added to drupal update function by restricting which machines can access it.

Add this to the .htaccess

<FilesMatch "update.php">
Order deny,allow
Deny from all
Allow from 192.168.3.1
Allow from 192.168.3.*
Allow from .host.tld
Allow from hostname.host.tld
</FilesMatch>

There are two kinds of certificates available - self-certified (free - but people will have to either accept the certificate or manually install it) or paid for (you buy it from a Certificate Authority and as long as that CA is a common one then it will just work in most browsers).

First you will need a private key:

cd /etc/ssl
openssl genrsa -des3 -out private/your.domain.tld.key 2048

Drop the -des3 if you don't want a password (this will allow auto-startup of apache - but is much much less secure). Note - if you are going to purchase a certificate - check how many bits the provider wants you to use.

Just a note to self - to generate a new certificate

openssl req -new -key /etc/ssl/private/keyfile -x509 -days nnn -out /etc/apache2/ssl/certfile