Apache

Lets Encrypt - Free Domain Verified certificates for everyone.

I've begun the process of moving all the sites I host to HTTPS. I was lucky enough to get a Beta Program invitation for the Let's Encrypt project. I used their ACME client to verify domain control and issue a certificate. I was impressed by how easy the process was. The project is scheduled to move into general availability in the middle of November 2015.

I've been participating in the community support section of the LetsEncrypt.org site for a few weeks now and have seen a few issues from people trying to issue certificates who were not "technical" people. While the ACME client can do many of the technical parts of the process, such as configuring Apache, verifying the domain, getting the certificates, and reconfigure Apache to use them, the process can be kind of intimidating. One of the first issue I saw was users trying to use the ACME client to get certificates for domains the own but host on shared hosting systems. Since the ACME client requires command line access, as of now, I don't see any reasonable way for these people to use an automated certificate issuance system.

After experimenting with the system I've come up with my best practices for issuing certificates, installing them, and serving them. I'll detail my process here.

Updated referrer spam blocking code

Last year I wrote an article called How to deal with (block) semalt referrer spam in your Analytics Data. This approach has been fairly successful in lowering the amount of crawler based referrer spam. As new offenders have popped up I've adjusted my Apache Vhost configurations to block more of these from appearing in my analytics data, so this article is to serve as an update to that first one.

Server Infrastructure Updates

About a week ago I started seeing some intermittent issues with my primary webserver, hosting most of my personal/professional sites, along with a few of my long standing clients websites and decided it was time to rethink my infrastructure scheme. I sat down and gave some thought as to what I wanted, needed and expected.

My shortlist of wants/needs: