On this tutorial I will show you how to configure your Pound proxy server so it can take advantage of the awesome SSL service provided by Let's Encrypt.

Let's Encrypt is an open-source certificate authority that issues SSL certificates for free making use of the ACME protocol, making possible to obtain trusted certificates for your websites and operate under HTTPS:// with no browser warnings and securing your content of course.

The services also provides a command line tool called Certbot, that can be easily installed on any Linux OS and it will help creating the necessary steps in order to create the certificates for an specific domain/website.

In order to install Certbot on your server, follow the next steps: (make sure you have "git" installed on…

Tuesday, October 11, 2016

This is a super quick guide to add certificate files to a Pound proxy, very useful when using it in environments with Varnish servers. This configuration was tested on Ubuntu 14.04 and Ubuntu 16.04

Follow the next steps that I took as sample from this site to configure Pound with a self-signed certificate, make sure to run all commands as root:

$ sudo su

Pound HTTPS Configuration

The following steps will guide you through the generation of a self-signed certificate for your test project server.

During the process you will create:
- server.key: This is a 1024 bit random string ("private key") that uniquely identifies your server.
- server.csr: This is a "Certificate Signing Request" file. You can…

Friday, June 17, 2016

Another good option to run Drupal sites nowadays is Nginx. Nginx is a Proxy/Web Server not as complex as Apache and is well known for is security, responsiveness and speed when handling PHP apps together with PHP-FMP. On this this post I will introduce you on how to manually install and run Nginx and PHP-FPM so you can host any Drupal site with SSL support.

Recommended posts:

The suggested installation instructions by
Perusio Nginx suggested Drupal Configuration…

Thursday, February 26, 2015

Sometimes you may find the need to shutdown a site for any reason an a specific server, basically the server that is listening to the web, so of course you will always want to keep that site(s) up and running while you perform whatever is needed on it, let's call it, 'external server', on a different environment, 'internal server'.
To do so you need to use an apache module called mod_proxy which enables a web server act as a router of traffic to another server, a tunnel.

- Enable mod_proxy and mod_proxy_http mod_proxy_html on external server
- create a virtual host on internal server pointing to internal server, ex:

<VirtualHost *:80>
    ProxyRequests Off
    <Proxy *>
        Order deny,allow
        Allow from all

    ProxyPass / http://proxy.…

Wednesday, September 28, 2011