Let’s edit/create google-mod-pagespeed.repo
yum install mod-pagespeed
service httpd restart
This is how we test it…
curl -D- http://localhost/ | head -10
[[email protected] webroot]# curl -D- http://localhost/ | head -10
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 4328 100 4328 0 0 27929 0 –:–:– –:–:– –:–:– 28103
HTTP/1.1 200 OK
Date: Wed, 12 Sep 2018 15:52:41 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.6.38
Cache-Control: max-age=0, no-cache, s-maxage=10
Content-Type: text/html; charset=iso-8859-1
letsencrypt topic about this issue: https://community.letsencrypt.org/t/solution-client-with-the-currently-selected-authenticator-does-not-support-any-combination-of-challenges-that-will-satisfy-the-ca/49983/2
This is due to a security incident with LetsEncrypt
Incident Status Security Issue
Components acme-v01.api.letsencrypt.org (Production), acme-staging.api.letsencrypt.org (Staging), acme-staging-v02.api.letsencrypt.org (Staging)
Locations High Assurance Datacenter 1, High Assurance Datacenter 2
letsencrypt renew output
Domain: www.domain.com Type: unauthorized Detail: Invalid response from http://www.domain.com/.well-known/acme-challenge/WLpdvugG3YzC53RTrZMJcYWsRqcj64vWLw43HNBkMN6:
nginx error log
66.133.XXX.XXX - - [11/Feb/2017:09:33:20 +0100] "GET /.well-known/acme-challenge/WLpdvugG3YzC53RTrZMJcYWsRqcj64vWLw43HNBkMN6 HTTP/1.1" 404 247 "http://www.domain.com/.well-known/acme-challenge/WLpdvugG3YzC53RTrZMJcYWsRqcj64vWLw43HNBkMN6" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
“Somehow” my domain root has changed.
I had to take a look at /etc/letsencrypt/renewal/domain.com.conf and fix some paths… 🙂
Spent almost 12h figuring out why a htaccess / htpasswd wasn’t working…
[Mon Apr 04 14:45:45.605734 2016] [authn_file:error] [pid 21193] (13)Permission denied: [client 84.91.XXX.XXX:62465] AH01620: Could not open password file: /home/rocker/public_html/control/data/.htpassw
That was it! File permissions!
I had to enable CGI on this new recent server
sudo a2enmod cgi sudo service apache2 restart
But I was getting a error script not found or unable to stat
[Mon Nov 30 18:00:32.380748 2015] [cgi:error] [pid 18799] [client 84.91.XXX.XXX:62545] script not found or unable to stat: /usr/lib/cgi-bin/HiPGZ23est4
I had to edit the .conf file
and add the following lines
ScriptAlias /cgi-bin/ /path_to_cgi_folder/cgi-bin/ <Directory "/path_to_cgi_folder/cgi-bin/"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory>
and then reload the apache configurations
service apache2 reload
I recently had the pleasure to listen to Ilya Grigorik give a talk at Velocity in NYC on Breaking the 1000ms Mobile Barrier. During the talk, Ilya usedPageSpeed Insights to demonstrate that several high profile websites had overlooked some very simple and common optimizations and resulted in poor PageSpeed scores. For the unfamiliar, Pagespeed Insights is a web based tool created by Google that analyzes the content of a web page, then generates suggestions to make that page faster.
After Ilya’s talk ended, I started to think more about why performance always seems to be an afterthought with developers. As I pondered this thought, I kept coming back to the following question:
This worked for me.
$new_password = password_hash($old_password, PASSWORD_BCRYPT);
password_hash() creates a new password hash using a strong one-way hashing algorithm. password_hash() is compatible with crypt().
Therefore, password hashes created by crypt() can be used with password_hash().
PASSWORD_BCRYPT – Use the CRYPT_BLOWFISH algorithm to create the hash.
This will produce a standard crypt() compatible hash using the “$2y$” identifier. The result will always be a 60 character string, or FALSE on failure. Supported Options:
You don’t have permission to access /galleries/ on this server.
Remove Apache version signature
On ServerTokens uncomment the line with ServerTokens Prod or add it.
Uncomment the ServerSignature Off entry or add it.
Remove PHP version from headers
I guess that by default they are disabled, but in any case you can remove it by editing the php.ini and set expose_php to off.
sudo nano /etc/php5/apache2/php.ini
So, on my recent DO droplet I had to install Apache (2.4.10) to run a web application for a client.
[email protected]:/home/webroot# apache2 -v Server version: Apache/2.4.10 (Ubuntu) Server built: Mar 9 2015 11:53:48
After configuring the subdomain/virtual host I was getting a 403 for it.
This was the error on the error.log…
[Thu Jul 16 21:00:28.919036 2015] [authz_core:error] [pid 17411] [client 84.XXX.XXX.XXX:53565] AH01630: client denied by server configuration: /home/webroot/www/public/index.php
So, this is my current snap of my domain.conf – working -.
<Directory /home/webroot/www/public/> Options Indexes FollowSymLinks MultiViews AllowOverride all #Order allow,deny #allow from all Require all granted </Directory>