Hi, To Connect With your School or Work Place Wi-Fi, you may use following settings in the “Advanced Network Configuration”.
Cheers ! 🙂
security
All posts tagged security
Hi! 🙂 Once you have installed the SSL certificates on apache, you can proceed to force HTTPS on your domain. Here are the steps in brief to force https using .htaccess file.
Step 1:
Open the terminal and goto –> the root folder of web site.
In my case it is /home/student/public_html
Step 2:
Command: gedit .htaccess
Then a blank .htaccess file will be opened. You can check the existence of the file by pressing (Ctrl+H).
Step 3:
Put the following lines on the file.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} <your_domain> [NC]
RewriteRule ^(.*)$ https://<your_domain>/$1 [R,L]
Note*: Your_domain can be IP address or the web site address
Example:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{HTTP_HOST} 192.168.56.101 [NC]
RewriteRule ^(.*)$ https://192.168.56.101/$1 [R,L]
Result:
Now you try typing your web site address even with http:// and it will redirected to https:// automatically.
Cheers ! 🙂
SSL (Secure Socket Layer) is a standard protocol, ensuring a trusted connection between a client and a server. A web site that is secured with SSL, encrypts the sensitive data passed between the browser (client) and the web server. If your web site is serving the public and if it does process sensitive data like credit card details, personal info, authentication data, etc then you will have to get a certificate from a third party trusted CA (Certificate Authority). If otherwise you just need a certificate for testing purpose or your web site has a small trusted audience, then of course this guide may useful. 🙂
The disadvantage comes with a self-signed certificate is that, when you try to browse your page with https it will display a message on the browser saying “This connection is Untrusted”, since browser only trust a list of CAs that are already stored in.
I will briefly state here the steps to create a self-signed certificate for your website. I am working with Apache server on Ubuntu.
Step 1: Enable SSL support comes with apache
Command: sudo a2enmod ssl
Each time you do a change in configurations , restart the apache server to apply the changes.
Command: sudo service apache2 restart
Step 2: Generate private server key
You will have to give a password in this step and that password should be remembered to use in next steps.
Command: openssl genrsa -des3 -out server.key 1024
Step 2: Generate Certificate Signing Request (CSR)
In creating CSR process, you will be asked for several question. The important information here is the Common Name (N) which you should give the ‘domain name’ of your web site. If you are purchasing a Certificate from a CA, this csr request should be sent to the 3rd partY CA. Since i am doing local development common name (CN) will be “localhost”.
Command: openssl req -new -key server.key -out server.csr
Step 3: Removing pass-phrase of server key
Removing the pass-phrase of server key, so that you won’t need to enter it every time the apache server restart. The server key will not contain the pass-phrase anymore with this command.
Command: cp server.key server.key.org
Command:openssl rsa -in server.key.org -out server.key
Step 4: Generate Certificate using .csr
This will generate a X.509 certificate. So this is the self-signed certificate that we were looking for. 🙂
Command: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
For Installing…
Cheers ! 🙂
Tech Star 