A development environment should as much similar as possible to a real production environment, otherwise how could you test the correctness of some borderline behaviors like routes based on the subdomain name or functionalities like HTTPS redirect? Consider this post as the part 2 of the previously Procfile post.

As we already discussed many times in this blog, we know that web security is something very difficult to reach but we can always try to improve our security when surfing into the web. First of all, use Firefox! Do it! In my opinion it’s slower than Chrome but very “transparent” and so you have less risks to unintentionally share information you want to keep private. In my experience, Firefox could be safer than Chrome if you use the right adds-on. Then,....

A volte hai qualche firewall che non permette di accettare la connessione tranne alcune porte specifiche diciamo che è possibile collegarsi alla vostra VPS o server remoto solo sulle porte 80 (http) e 443 (https), ma è necessario una porta anche per ssh per gestire la VPS/server ma la porta 443 è utilizzata dal server web con il suo protocollo https, quindi cosa si può fare? Qui è dove entra in gioco sslh è uno strumento molto semplice che prende le connessioni in ingresso ad una porta e poi a seconda del protocollo che è utilizzato reindirizza al server sshd sulla porta 22, o al tuo server web su localhost: 443.

This tutorial shows how you can use a free Class1 SSL Certificate from StartSSL to secure your ISPConfig 3 installation and get rid of self-signed certificate warnings. The guide covers using the SSL certificate for the ISPConfig web interface (both Apache2 and nginx), Postfix (for TLS connections), Courier and Dovecot (for POP3s and IMAPs), and PureFTPd (for TLS/FTPES connections). If you've installed monit and use HTTPS for its web interface, I will show you how to use the StartSSL certificate for it as well. This guide assumes you use Debian or Ubuntu; the principle is the same for other distributions supported by ISPConfig 3, but paths might differ.

HTTPS Everywhere 1.0 è la prima versione ufficiale dell’estensione per navigare in sicurezza con Firefox sfruttando, appunto, il protocollo HyperText Transfer Protocol Secure (HTTPS). L’inizio dello sviluppo per l’add-on risale a più di un anno fa. Nel frattempo, Electronic Frontier Foundation e The Tor Project hanno unito le forze.

Subversion (svn) is an open-source version control system (VCS), used in the development of many software projects. This tutorial shows how to install Subversion on Debian Squeeze and how to configure it to allow access to a repository through different protocols: file://, http://, https://, svn://, and svn+ssh://.

Come sapete in azienda ormai abbiamo scelto Redmine come sistema di Bug Tracking e Managment Project. Ma l’altro giorno dovendo collegare un repository SVN aziendale, sotto HTTPS, ad un progetto ne ho viste di tutti i colori. In pratica collegare un repository SVN sotto Redmine non è molto difficile se il collegamento viene fatto tramite o file system oppure HTTP. Ma per l’HTTPS il discorso cambia un po’. Una volta collegato un repository, Redmine non capisce automaticamente che deve scaricare il certificato e dopo browsare il repository. Per fare questo, prima bisogna configurarlo un po’ a manina oltre la semplice interfaccia web. Vi elenco qui una serie di passaggi semplici semplici.

This tutorial describes how you can host multiple SSL-encrypted web sites (HTTPS) on one IP address with Apache 2.2 and GnuTLS on a Debian Lenny server.

This article explains how you can set up an SSL vhost under Apache2 on Ubuntu 9.10 and Debian Lenny so that you can access the vhost over HTTPS (port 443). SSL is short for Secure Sockets Layer and is a cryptographic protocol that provides security for communications over networks by encrypting segments of network connections at the transport layer end-to-end. We use the mod_ssl Apache module here to provide strong cryptography for Apache2 via SSL by the help of the Open Source SSL toolkit OpenSSL.

When you visit a Secure website in Firefox chances are that the FavIcon for the website is replaced with a Green bar with the details of the company. This is because of the default properties in Firefox to display detailed information of the website from the Extended Validation Certificate on the website. However, if the website doesn’t host a Extended Validation certificate then the website URL (link) in the address bar is not highlighted or in otherwords shows as a normal website URL.