Certbot and HAProxy + automated .well-known ACME renewal

Links nginx.conf gist https://gist.github.com/patmandenver/… haproxy.cfg (initial) https://gist.github.com/patmandenver/… letsencrypt command https://gist.github.com/patmandenver/… certbot https://github.com/certbot/certbot eff certbot https://certbot.eff.org/ nginx.conf for letsencrypt https://gist.github.com/patmandenver/… haproxy.cfg w/letsencrypt https://gist.github.com/patmandenver/… Lets Encrypt Scripts Someone elses https://gist.github.com/thisismitch/7… mine https://gist.github.com/patmandenver/… Final haproxy.cfg https://gist.github.com/patmandenver/…

Debian cloud-init userdata

When you spin up a cloud VM at Google Compute or Digital Ocean there’s an option to specify user data, this is my goto script to update Debian and setup a  2G swapfile.

#!/usr/bin/env bash
dd if=/dev/zero of=/swap bs=1M count=2048
chmod 600 /swap
mkswap /swap
swapon /swap
echo "/swap swap swap defaults 0 0" >> /etc/fstab
apt update
apt -y upgrade
shutdown -r now

Testing Google CSE search engine integration with WordPress core.

I’ve been testing an integration between the WordPress core search functionality and Google Custom Search engines (formerly site search)

Testing image search and thumbnails etc requires that I add some photos, of a single ahem, ‘target’, so I thought I’d go with a target in the literal sense that he is america’s next most likely ‘active-shooter’ target, corporate whore, poster boy for football concussions: Ajit Pai.

CVE-2000-0156CVE-2000-0156

Affected configuration(s):

cpe:/a:microsoft:ie:4.0
cpe:/a:microsoft:ie:4.0.1
cpe:/a:microsoft:ie:5.0
cpe:/a:microsoft:ie:5.01

Date published: 2000-02-16T00:00:00.000-05:00

Date last modified: 2017-10-09T21:29:07.047-04:00

CVSS Score: 5.1

Principal attack vector: NETWORK

Complexity:  HIGH

Reference URL: http://www.microsoft.com/technet/security/bulletin/ms00-009.mspx

Summary: Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the “Image Source Redirect” vulnerability.