mtigas

Client-side SSL

For excessively paranoid client authentication.

---

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes:

dustingetz

#!/usr/bin/env python
import SimpleHTTPServer

class MyHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
    def end_headers(self):
        self.send_my_headers()
        SimpleHTTPServer.SimpleHTTPRequestHandler.end_headers(self)

    def send_my_headers(self):
        self.send_header("Cache-Control", "no-cache, no-store, must-revalidate")

kimus

UFW

I use Ubuntu’s Uncomplicated firewall because it is available on Ubuntu and it's very simple.

Install UFW

if ufw is not installed by default be sure to install it first.

bjornjohansen

#!/bin/bash
# Copyright © 2015 Bjørn Johansen
# This work is free. You can redistribute it and/or modify it under the
# terms of the Do What The Fuck You Want To Public License, Version 2,
# as published by Sam Hocevar. See http://www.wtfpl.net/ for more details.

WP_PATH="/path/to/wp"

# Check if WP-CLI is available
if ! hash wp 2>/dev/null; then

andyshinn

FROM gliderlabs/alpine:3.3
COPY myawesomescript /bin/myawesomescript
COPY root /var/spool/cron/crontabs/root
RUN chmod +x /bin/myawesomescript
CMD crond -l 2 -f

soderlind

jQuery(document).ready(function($){
	if (wp.media) {
		wp.media.view.Modal.prototype.on('open', function() {
			console.log('media modal open');
		});
	}
});

ralphschindler

Docker (Mac) De-facto Standard Host Address Alias

This launchd script will ensure that your Docker environment on your Mac will have 10.254.254.254 as an alias on your loopback device (127.0.0.1). The command being run is ifconfig lo0 alias 10.254.254.254.

Once your machine has a well known IP address, your PHP container will then be able to connect to it, specifically XDebug can connect to it at the configured xdebug.remote_host.

Installation Of IP Alias (This survives reboot)

Copy/Paste the following in terminal with sudo (must be root as the target directory is owned by root)...

JoeUX

# Install dependencies
# 
# * checkinstall: package the .deb
# * libpcre3, libpcre3-dev: required for HTTP rewrite module
# * zlib1g zlib1g-dbg zlib1g-dev: required for HTTP gzip module
apt-get install checkinstall libpcre3 libpcre3-dev zlib1g zlib1g-dbg zlib1g-dev && \

mkdir -p ~/sources/ && \

# Compile against OpenSSL to enable NPN. I updated this block to get the latest 1.0.2h release. It's critical that OpenSSL be up to date.

mattiaslundberg

Ansible playbook to setup HTTPS using Let's encrypt on nginx.

The Ansible playbook installs everything needed to serve static files from a nginx server over HTTPS.
The server pass A rating on [SSL Labs](https://www.ssllabs.com/).

To use:
 1. Install [Ansible](https://www.ansible.com/)
 2. Setup an Ubuntu 16.04 server accessible over ssh
 3. Create `/etc/ansible/hosts` according to template below and change example.com to your domain
 4. Copy the rest of the files to an empty directory (`playbook.yml` in the root of that folder and the rest in the `templates` subfolder)

pyh

server {
        listen 443 http2 ssl;
        server_name konesola.22.fi;

        ssl_certificate /etc/letsencrypt/live/somedomain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/somedomain.com/privkey.pem;

        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
        add_header X-XSS-Protection 0 always;
        add_header X-Content-Type-Options nosniff always;