Nginx, redirecting all request to https
In normal https configuration just add rewrite directive like this:
Posted inUncategorized
Linux related Picture Found On Internet
Linux (commonly /ˈlɪnəks/ lin-əks in English, also pronounced /ˈlɪnʊks/ lin-uuks in Europe) refers to the family of Unix-like computer operating systems using the Linux kernel. Linux can be installed on a wide variety of computer hardware, ranging from mobile phones, tablet computers, routers, and video game consoles, to mainframes and…
Posted by
No Comments
No CommentsNginx enabling TLS SNI support on centos 5
By default centos 5.x has openssl-0.9.8e which is not have tls extention for sni support. this is workaround on how to get nginx 0.8.48 rpm with TLS SNI enabled
Step 1:
download openssl source, example openssl-0.9.8l. extract it in /usr/src
$ cd /usr/src $ wget http://www.openssl.org/source/openssl-0.9.8l.tar.gz $ tar xvzf openssl-0.9.8l.tar.gz
Step 2:
Download nginx rpm source, example nginx-0.8.49-1.el5.src.rpm
$ wget http://centos.alt.ru/pub/nginx/0.8/RHEL/SRPMS/nginx-0.8.49-1.el5.src.rpm $ rpm -Uvh nginx-0.8.49-1.el5.src.rpm
Move to directory where the spec file is in and edit nginx.spec
$ cd /path/to/rpm/SPECS/ $ vi nginx.spec
Posted inc dns roundrobin
test the round robin DNS features of the resolver functions
Date: 3 Nov 2005
Author: Daniel Stenberg
License: freely available to do whatever you want with.
roundrobin.c – test the round robin DNS features of the resolver functions
Note: this test script is written to be compiled and run on Linux. It is
not as portable as it could be, but that is just to make it a simpler test
case.
$ gcc roundrobin.c
This source snippet resolves a name with multiple IP addresses and prints them out in the order the addresses were returned by the resolving function. It first uses getaddrinfo() (called GAI) and then gethostbyname() (called GHBN).
On my three test machines they both show the same sympthoms:
The GAI list is a lot less “random” than the GHBN one. The GAI list almost always returns the same first entry on repeated invokes (while the subsequent entries comes somewhat more random). The GHBN list is returned in a much more random fashion.
The test machines are all running Debian Unstable glibc 2.3.5
What this program does:
It runs N resolves of a given host names. It stores the order it gets the returned addresses. When all N resolves are done, it checks how the returned addresses were distributed. The procedure is first done with GAI and then with GHBN. The output is presented in list index order. That means: ‘index 0’ is the first address in the returned list and ‘index 1’ is the second address and so on. We have found out that in the GAI case you very often get 100% of the same address in index 0.
We have three hosts names that resolves to multiple IP addresses:
bad2.haxx.se bad10.haxx.se bad11.haxx.se
As you will see, none of them resolves any sensible data for other purposes
than resolve tests or similar.
Nginx, fastcgi, ‘Hello World’ in C
Here is a simple example of a hello world program for FastCGI written in C. Before you can compile this, you will need to install the FastCGI devkit. At the time of writing the latest version is available from www.fastcgi.com
extract, compile and install fcgi-current.tar.gz
$ tar xvzf fcgi-current.tar.gz $ cd fcgi-2.x.x/ $ ./configure $ make $ sudo make install
the c code
#include <fcgi_stdio.h>
int main( int argc, char *argv[] )
{
while( FCGI_Accept() >= 0 ) {
printf( "Content-Type: text/plain\n\n" );
printf( "Hello world in C\n" );
}
return 0;
}
Posted innginx
Change Nginx Version Header
Edit nginx.h [bash] $ vi src/core/nginx.h [/bash] find lines: [text] #define NGINX_VERSION "0.7.64" #define NGINX_VER "nginx/" NGINX_VERSION [/text] Change them as follows: [text] #define NGINX_VERSION "0.7.64" #define NGINX_VER "kutukupret/" NGINX_VERSION [/text] Save and close the file. Now, you can compile the server. Add the following in nginx.conf to turn off…
Posted innginx
Nginx Limit Available Methods
GET and POST are the most common methods on the Internet. Web server methods are defined in RFC 2616. If a web server does not require the implementation of all available methods, they should be disabled. The following will filter and only allow GET, HEAD and POST methods: [xml] ##…
Posted by
2
2Nginx SSL/HTTPS
HTTP is a plain text protocol and it is open to passive monitoring. You should use SSL to to encrypt your content for users. Create an SSL Certificate Type the following commands: [bash] $ cd /usr/local/nginx/conf $ openssl genrsa -des3 -out server.key 1024 $ openssl req -new -key server.key -out…
Posted innginx
Nginx Image Hotlink Prevention
how to prevent image hotlinking with nginx? this will return 403 error when someone trying to use image directly from oursite. [xml] location ~* (\.jpg|\.png|\.gif|\.jpeg|\.png)$ { valid_referers none blocked www.example.com example.com; if ($invalid_referer) { return 403; } } [/xml] or we can change every images which hotlinked with our custom…
Posted inprograming python
Extract ipv6 prefix in python
See http://code.google.com/p/ipaddr-py/ With this, we can do [python highlight="4,6"] py> p=ipaddr.IPv6("2001:888:2000:d::a2") py> p.SetPrefix(64) py> p IPv6('2001:888:2000:d::a2/64') py> p.network_ext '2001:888:2000:d::' [/python]