This is a follow-up to Securing a Server by Installing a TLS/SSL Certificate Obtained via Let’s Encrypt.
After obtaining a TLS/SSL certificate for this website, the next step was to apply specific policies and measures to further protect it from malicious activity. I used the website-scanning tool Observatory by Mozilla to see where I could improve security on my website. Continue reading “Implementing HTTPS Security Policies on a Web Server”
I recently changed the DNS listed in the static domain_name_servers line in dhcpcd.conf to another value. I did this to see if the Raspberry Pi that hosts my web server could connect to the the Internet via another Raspberry Pi unit that I had configured as bridge. When I couldn’t connect to the bridge, I reverted to the original DNS, but my server remained down. Continue reading “Server Outage: Unexpected Downtime Caused by Overlapping Nginx and Apache Installations”
When configuring public-facing domains in Nginx, the tutorials I followed stated that the Default site configuration file in the /etc/nginx/sites-available directory should be deleted after configuring the domains, using that file as a template. However, those tutorials failed to mention that, if the Default site file is deleted, accessing internal-only directories located within the same directory as the public-facing websites will not be possible. Continue reading “A Case Against Removing the Default Site Configuration File in Nginx”
Server administrators need to take appropriate measures to secure the contents stored on a server and to protect information being transmitted to it. Currently, the common way to secure the connection between a client and a server is to install a TLS/SSL certificate on the server. Continue reading “Installing a TLS/SSL Certificate Obtained via Let’s Encrypt”
In an earlier post, I noted that I am running my WordPress installations on the LEMP (Linux, Nginx, MariaDB/MySQL, PHP) stack. I chose Nginx as the web server to run not only WordPress but also simple websites and apps over more commonly used Apache because Nginx is known as a lightweight alternative that can handle heavy traffic. Continue reading “Choosing Nginx over Apache”
As mentioned in my previous post about setting up WordPress on the LEMP (Linux, Nginx, MariaDB/MySQL, PHP) stack, I followed two tutorials to configure multiple domains on one Raspberry Pi unit. These domains share a single instance of the LEMP stack, so the databases used for each website are centralized on one instance of MariaDB/MySQL, making database management much easier. Continue reading “Centralizing Multiple Domains on a Single LEMP Installation”
For my first project, I wanted to create a content management system to share my experience with my Raspberry Pi, so I decided to install WordPress. Initially, my installation was accessible only to my internal network until I purchased this domain name. Continue reading “Running WordPress on a Raspberry Pi–Based LEMP Stack”