Sometimes you just gotta stop and have a bump…

One deep dive with haproxy and I have handed it complete control of all my certificates.

* One bind statement with every single cert file I own, and haproxy is instantly handling every host’s SSL handshaking using SNI
* It is handling dynamic conversion of http requests to https
* It has removed the need for https on any webserver on the secured LAN
* It allows incredibly flexible load balancing via host, port, url, etc etc
* It is easy to set up to use ssl best practices, so every one of your websites instantly gets A+ ratings on ssl labs

Unbelievable, I’m stunned.

Here’s all I needed to get ssl labs A+ ratings:


global

    # MDM NO SSLv3!  Good ciphers!
    ssl-default-bind-options no-sslv3 no-tls-tickets force-tlsv12
    ssl-default-bind-ciphers AES128+EECDH:AES128+EDH

frontend ....

  # MDM We need to provide an HSTS header to get A+ at ssllabs!
  http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
      
  reqadd X-Forwarded-Proto:\ https

Also needed this in wordpress wp-config.php:

if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
       $_SERVER['HTTPS']='on';

Testing my chatter toggle, I decided to make my blog work again.

Every once in a while you need a clean slate… 🙂  Moving blogs to bitpost.com news and blog

Here is the guide that pointed me to this tool which was the key piece (even though it kept giving AJAX errors when I applied changes to more than 4 tables, ARrrr…)… upwards!

Hey all you bloggers and publishers. If, like me, you’ve been putting off updating your blogs and wikis to show up nicely on smartphones, fear not, there are DIRT SIMPLE FAST solutions available today to set up special skins for mobile browsers that are gorgeous. As of today, here are the instant solutions.

WordPress

  • Right inside your admin panel in WordPress, click on the Plugins button in the left pane.
  • Select Add New.
  • Punch in WPTouch and hit “Search Plugins”.
  • There it is, now install it!
  • That’s it. Seriously. You can play with the settings if you want (like changing the logo), but you don’t need to. Wow!

Mediawiki

  • This skin is the one you want, but it has a few issues.
  • Here is a corrected version, use it to take your chance for it to work “out of the box” 🙂 Download and untar it from within your [mediawiki/skins] folder. The changes I made are listed at the end of this post.
  • Now users can select the skin in their preferences, but we want automatic! Update your LocalSettings.php file to set $wgDefaultSkin as follows:
    if (preg_match("/iphone/i", $_SERVER['HTTP_USER_AGENT'])) {
        $wgDefaultSkin = 'wptouch';
    } elseif (preg_match("/android/i", $_SERVER['HTTP_USER_AGENT'])) {
        $wgDefaultSkin = 'wptouch';
    } elseif (preg_match("/webos/i", $_SERVER['HTTP_USER_AGENT'])) {
        $wgDefaultSkin = 'wptouch';
    } elseif (preg_match("/ipod/i", $_SERVER['HTTP_USER_AGENT'])) {
        $wgDefaultSkin = 'wptouch';
    } elseif (preg_match("/opera mini/i", $_SERVER['HTTP_USER_AGENT'])) {
        $wgDefaultSkin = 'wptouch';
    } else {
        $wgDefaultSkin = 'vector';
    }
  • Go enjoy it!

Easy and beautiful!

(continued…)