In my guide on setting up Nginx I included tweaks for caching SSL sessions and limiting the ciphers that are accepted, but I didn’t cover how I actually store and manage SSL certificates or go into how you create the pem files that Nginx uses.
SNI is becoming more and more popular, since you don’t need a dedicated IP address for every SSL certificate. I wouldn’t quite recommend it for your web store yet (it’s not supported by any version of Internet Explorer on Windows XP - though Google and Apple both found it easy enough to do on all versions), but if you’re just looking to secure your blog’s login form to prevent sending your password across the internet in plain text it’s great. Pair it with free SSL certificates from StartSSL and you’re good to go!
I ran into what is apparently a pretty common issue with users running PHP as some sort of CGI with the Nginx webserver. If you’re trying to detect whether a user is using SSL you normally check to see if $_SERVER['HTTPS'] == 'on'. Well apparently this is more of an Apache-only convention than I thought… It won’t work under Nginx, your PHP script will never see an HTTPS server value and will always think the connection is unencrypted (in my case with the SSL Admin plugin for Wordpress, resulting in an infinite loop back to the SSL version of the page).
I always run one trunk build or another of WordPress. Generally every few weeks I’ll svn up just to make sure I’ve got the latest code. Most of the time I don’t have any problems…
I recently enabled LDAPS authentication for our Drupal site so users can log in with their Active Directory credentials. It wasn’t the most straightforward setup (both from a Drupal standpoint and a networking standpoint, since our website is hosted off-campus) so I wanted to write up documentation for internal reference purposes and a blog post about my LDAP hurdles as they relate to Drupal for anyone else running into the same problems.
1 - 5 of 5