In this third and final part, we shall put Cockpit behind a reverse proxy.Continue reading “Deploying Cockpit on Debian – Part 3”
GoAccess is a lightweight log file analyser with some great features. One feature that I have employed is the real-time html generation.
This tutorial will walk you through the setup and configuration of this.Continue reading “Setting up GoAccess realtime reporting”
For several years now users have been taught to look for the green padlock in the address bar to ensure the site they are using is secure. But certificates are expensive due to the efforts that go in to proving your identity.
Letsencrypt are trying to help secure the web by issuing short term (90 day) certificates to users who can demonstrate through a simple challenge and response that they are in control of a host.Continue reading “Securing nginx with Letsencrypt”
PHP FPM (FastCGI Process Manager) is a popular technology for processing php directives, particularly when used in conjunction with NGINX although it can be used with Apache.
In a common deployment scenario, the webserver is configured as a reverse-proxy with fpm providing the heavy lifting by processing the php code. Some of the most significant benefits of this approach are the ability to scale both up and out as your site or application grows.
Although every Linux distribution will work ‘out of the box’, there are a number of parameters which can be tuned to enhance performance.
Recently, I had the need to redirect all traffic from one domain to identical URLs on a new domain. Luckily, NGINX provides a simple way to accomplish this.
The following will work as an available site for domain www.domainone.com on any NGINX version after 0.9.1:
return 301 http://www.domaintwo.com$request_uri;
The server will listen on port 80 for request to
www.domainone.com and redirect to the same request at
Note that the server is being asked to provide a 301 status code to inform the requesting client that the redirect is permanent. If you are wishing to redirect encrypted traffic then you will need a similar block listening at port 443.