skip to main content.

posts about apache.

from today on, i’m enforcing https for (almost) all my web pages. i’ve added an automatic redirect which redirects all http:// pages to their corresponding https:// pages.

despite the tons of problems ssl/tls have – essentially, everything less than TLS 1.2 is unsafe, but only very few browsers actually support TLS 1.2 even though it has already been standarized in 2008 –, it is better than using no encryption at all.

and yes, i know that “just” having a self-signed certificate is only partially helpful. but i don’t have a better solution at the moment, as i don’t want to dump tons of money into CAs which i don’t really trust anyway. (maybe i’ll change my mind eventually. but not right now.) so for the moment, you have to accept my self-signed certificate (whose sha-1 fingerprint is 69:02:33:1D:F7:E3:9C:DA:D2:7D:9E:1D:4A:C6:40:99:A3:F8:B2:58, and whose md5 fingerprint is E5:DA:7D:4E:11:34:20:BD:7C:9E:3B:CD:E1:C9:6A:1B. you can compare them in firefox, for example, by clicking the padlock and then clicking “more information…” and then “view certificate”, and in chromium/chrome by clicking the padlock and then “certificate information”).

posted in: computer
tags:
places:

some people like me have the problem of having several wordpress installations at the same time; people like me and some others i know. i have one wordpress running for this blog, one for my math blog, one for a hidden, password protected project which might or might not ever see the light of the world, and anther one for another music related project showing up soon.
whenever a new wordpress version comes out, a question bugs me: how to update all of these installations without doing it manually for every one? of course, there’s the automatic update, but i don’t really trust it. and i don’t have an ftp server installed, so i’m not sure if it would work at all. so i need another solution.
a first idea was to use symbolic links. have one wordpress installation in a directory outside the web tree, and link these files into all wordpress directories in the web tree, so for updating i only need to change one directory, and i only have to touch the others when the configuration file has to be changed.
unfortunately, this doesn’t work, thanks to php and wordpress. wordpress determines the path to the config file by the path names of the files, and since the files are symbolic links, the paths of the files pointed to are used. but in that directory, no config file is available, and wordpress fails. too bad.
now i got another idea. namely, have a wordpress directory outside the web tree, and put it into subversion. then, in all other wordpress directories, drop in the files using subversion, except the configuration file, uploads, latex caches, etc. so to update an installation, i have to go into its directory and type svn up. that’s it. there’s one thing left to do: namely hide the .svn directories from the web server. i didn’t found the perfect method yet, but adding this to the apache configuration makes them forbidden:

<DirectoryMatch “^/.*/\.svn/”>
  Order deny,allow
  Deny from all
</DirectoryMatch>

then every access to something in an .svn directory results in an access denied error:

Forbidden
You don’t have permission to access /.svn/ on this server.

just upgraded to newest ubuntu. upgrading went pretty smooth, smoother than i expected after last time’s experience. i tried the new visual effects (seeing this screenshot, i’m wondering why i didn’t had this custom choice), and disabled them after a few minutes. for me, most of them are too annoying (i’m switching between windows and desktops all the time). well. the user interface feels slower than before (even after deactivating the visual effects), but it’s still ok. the tracker is annoying, eating up system performance and it’s ignoring the preferences (which say: don’t run), but after deinstalling it, everything’s fine. for now.
now i have to find out how to install a local version of apache with php, and of mysql, to make working on my project a bit easier…

posted in: computer
tags:
places: