Secure squirrelmail with ssl

To secure squirrelmail, edit the following file and edit it to look like below.

vi /etc/httpd/conf.d/squirrelmail.conf

Alias /webmail /usr/share/squirrelmail

<Directory “/usr/share/squirrelmail”>
SSLRequireSSL
Options Indexes MultiViews
AllowOverride None
Order deny,allow
Deny from all
Allow from all
</Directory>

Thats it.

NB: Remember now the only way to access mail is by https://……../webmail not http://……/webmail otherwise you get a nice page saying Forbidden!

Network pdf print er

I love the world of open source where would i be without them. Am always thinking on how to cut down the use of paper so i got the idea to go digital and just make paper copies only when they are needed. I tried a couple of apps starting with adobe acrobat Pro, but it didn’t make sense to me why I have to install a 200Mb program just to help me create pdf’s, I tried a couple of freeware pdf printers ad most of them had one limitation or another, or they would be branding your digital documents with there ads. Finally I got a solution from the Linux world I installed cups-pdf by adding the epel repo to my machine and instantly I had a network pdf printer all the machines in the network can print to this pdf printer and it’s free no ads on my digital docs, i can configure it to my needs and it’s barely a few Mb’s. Bottom line there is no equal to it in the windows world at the cost and performance.

It’s easy to fall off the bandwagon and harder to get back on

I have been exercising for the last 10 years pretty consistently, but in the last three months ‘OK maybe four’ I have become kind of lazy, and even when I try to go exercise I do it for like a day or two then do nothing for a whole week or two “sometimes”.

Somehow am not feeling the spirit that always used to be at my heels pushing me to put on my running shoes and go jog or go to the gym, for the first time in as long as I can remember am having to force myself to get out of the house and get my body moving. Being a vegetarian I believe very strongly in taking care of my body but I am starting to get a different perspective of why people just let themselves go sometimes you dont mean to it just happens and you keep telling yourself you gonna start doing something from next week or the week after that and pretty soon you are two sizex bigger or more.

The news that all my ex training partners have all stopp
ed training and put on the pounds is no excuse for me so as of tomorrow no today I will make sure i do some sought of exercise evryday i get home from work. I hope to revisit this topic in three months with better news

Hard work pays off

After having to go through the server logs and see daily attempts on ssh i decided to make some further changes as described here. I had already done the usual, blocked use of passwords and the rest but still valuable cpu time was being wasted checking entries and denying them as they were not on the allowed list. After the latest round of changes I was wonderfully suprised to find now such entries are just refused out right with no further time wasted trying to verify them.

The next thing now is to enable encryption on a couple remaining services to try and plug up any holes that might be there.

Big boned women

Last week we went to a church seminar led by a renowned doctor who specializes in health. She said in all her years of work she has seen thousands of X-rays but she is yet to see a big boned woman. So if you have watched the scale go up, don’t go telling your friends big bones run in your family, instead join the rest of us as we try to hit gym regularly and try to eat healthier foods. It might mean fries once a month instead of four times a week but in the end you will have fewer trips to the doc.

A day in the life of an Admin

So today I thought of securing my ssh server and got some tips here. Then somehow I ended up locking myself out of ssh connection for a whole day.  After adding this rule -change ip to suit your setup

ListenAddress 192.168.1.10

I got ssh errors connecting to 127.0.0.1 this was solved by adding another rule below it like so

ListenAddress 127.0.0.1

Do the same for hosts.allow

sshd: 192.168.2.0/255.255.255.0

sshd:127.0.0.1

This should sought out any connection problems you get. I will look at the logs and see how it looks now I will be able to rest easier knowing then script kiddes won’t get in so easily.

Got my backup in place

After two crashes this time am making sure I have my backup in place before I add anything to the website. I settled on Ping 2.01 to make backup images for the server no more install from scratch. The funny thing is that i have been advising people on the importance of this yet i never got to do it myself. But after starting over for the second time am making sure i have restore disks for all the machines in the house both windows and linux.

Hope i will be up long enough this time

Just recovering from a hard drive crash and this time i had no backup since the last time site went down. After going through this again I understand how important backup is just coz your machine is running ok 2day doesn’t mean this will be the case tomorrow. Always make sure you backup your stuff even if its just to a cd or dvd you wont know how that will come in handy until something ever goes wrong then you will be kicking yourself for not taking a minute to do a backup. Am currently looking for an app to help me automate this process. Will put up what i get.