Author Archives
-
Fixing SSL Labs Grade on F5 Big-IP – Enabling TLSv1.3
In my last post on F5 load-balancers, we disabled TLS v1 and v1.1 as a preemptive measure as SSL Labs is going to start capping your grade to B if you’re caught supporting these protocols after January 2020. In this… Read More ›
-
Fixing SSL Labs Grade on F5 Big-IP – Disabling TLSv1 and TLSv1.1
So, it’s again time to start worrying about your SSL Labs grade. Coming January 2020, any site still supporting TLSv1 and TLSv1.1 will have their grade capped to B. As we all know, this is unacceptable, so we’ll once again… Read More ›
-
Adding SANs to Let’s Encrypt Certificates – LE Series Part 2
As we already went through in part 1 of this series, requesting certificates using Let’s Encrypt and certbot is rather easy. Today we’re going to look at how you can request certificates with multiple Subject Alternative Names, or SANs for… Read More ›
-
Enabling HTTP/2 on NGINX – NGINX Tricks Part 3
As you might have heard, there’s a new version of HTTP out there that’s far superior to HTTP/1.1. I won’t go into what exactly has changed in HTTP/2, but it’s faster and more secure, and allows for some even more… Read More ›
-
Implementing HTTP 418 Errors on NGINX – NGINX Tricks Part 2
A year or so ago I got intrigued about how to “properly” implement custom HTTP errors on NGINX after watching this rather funny DEFCON talk. The speaker talks about returning “weird” HTTP codes since browsers usually seem to display anything… Read More ›
-
Redirecting IP Traffic to HTTPS – NGINX Tricks Part 1
Lately I had a peculiar issue, I wanted to secure a web server running NGINX with HTTPS using Let’s Encrypt, but almost all traffic to said web server request the web page using the IP address of the server, since… Read More ›
-
Getting started with Let’s Encrypt & Certbot – LE Series Part 1
I’ve been enjoying myself immensely playing around with Let’s Encrypt these last few days, and discovered a couple solution to common problems and issues, so I thought I’d make a small guide mostly for my own reference on how to… Read More ›
-
Configuring Ubuntu to Patch Itself
After a couple of years in the IT infrastructure world, you’ll be faced with the greatest task of all, updating servers every month or so. This has always been the most brain dead task imaginable, but now with virtualization, we… Read More ›
-
Exporting Exchange Mailboxes to PST files
As any admin at any company will tell you, you can never really trust anybody that tells you it’s okay to delete something, ever. This holds especially true for email. If I had a euro for every time I was… Read More ›
-
How to Configure SNMPv3 on Cisco iOS Switches – Cisco Networking Series Part 2
Configuring SNMPv3 can be a daunting task compared to earlier questions, just from the copious amount of authentication parameters compared to earlier SNMP versions. In this short primer I’ll walk you through the steps necessary to set it up to… Read More ›