Tech geek. Life geek.
To provide higher security and better privacy protection, I added SSL certificate on my Blog, here.
When you enter the url of my blog: http:///www.yinfor.com/, it will redirect you to the SSL version, https://www.yinfor.com/
The certificate is purchased from gogetssl.com , three years certificate of Comodo PositiveSSL.
The latest price is $13.15/3years.
Look at the comodo secure lock, it is a site seal.
When I wrote my last post about the SSL issue of Burnaby City Website, I made a tweet and @cityofburnaby. They replied me on second day.
The official account of CityofBurnaby said the information has been forwarded to their IT team for review.
I thought my job is done. As a residence of Burnaby, I just have duty to help our city be noticed the issue.
Two days after that, @cityofburnaby send me another notice and said their IT team has applied the needed fix. The error is now resolved for Chrome browser on cell phones.
It is an error. When I enter the url of Burnaby City hall at Chrome browser on my cellphone, it displayed with error.
Red crossing line on the https. It said Your connection is not private. Attackers might be trying to steal your information from www.burnaby.ca.
NET::ERR_CERT_AUTHORITY_INVALID
It is OK when I browse the site on desktop. It looks normal.
I use SSLLABS server tool to check the certificate installation.
The report said it has a certificate chain issues: missing intermediate certificate. Continue reading
I have a web site, which was powered by Nginx 1.7. The SPDY 3.1 was enabled. Later last week, I upgraded it to Nginx 1.9.7 mainline version.
HTTP/2 already built with Nginx from version 1.9.5. Why not enable HTTP/2?
I just did a very rough test.
1. Pingdom testing tool
SPDY 3.1: Performance Grade 97/100, 18 request, load time 3.17s
HTTP/2: 97/100 18 request, 867ms
2. GTmetrix
SPDY 3.1: Pagespeed score A 98%, YSlow score A 95%, Pageload 1.0s,
HTTP/2: Pagespeed score A 98%, YSlow score A 95%, Pageload time 0.6s
3. Webpagetest
SPDY 3.1: Grade F A A n/a C Check
HTTP/2:
Here is a notes for Email Server Settings. It is not just for Email server. It is mainly for DNS setting for Email server.
The purpose of it is to prevent from your outgoing email into spam box.
I have a web page, which use PHPMailer to send email. The problem of it is most of time the recipient found the email in the spam box. I am using sendmail to send out email.
Later I choose to use ZOHO as my email service provider. And choose smtp in PHPMailer.
So, the solution is here for ZOHO.
I have tried some tools to diagnose my SSL certificate installation.
Some related to correct certificate, and more on certificate chain issues.
SSL Certificates are trusted from its parent, or issued by its high lever certificate. It looks like a chain, one connect to other one and gos to the CA root.
Say, I have a SSL certificate for domain seo.g2soft.net.
The last one, AddTrust External CA Root is one of root CAs. It is issued by itself. Root Certificates was installed in every computer or browsers already. It is trusted and in the trust store.
The above is a corrected installation.
Tool One:
https://www.geocerts.com/ssl_checker
Tool Two:
I am customer of CloudatCost, which is a VPS service provider at Ontario, Canada.
I saw the Ads on twitter, or just someone make a tweet. The most interesting thing is the one time payment and no more recurring invoice. Only one time setup fee. It also has monthly plan.
For example, the very basic plan, Developer 1, $1/month or $35/one time.
If subscribe the monthly plan, it will be $1/month, after a year, you paid $12. One time fee $35 is about three year subscription fee. So pay three year service in the front. That’s it. You own the plan for ever.
I purchased plan Developer 2, by one time fee.
Developer 2:
I have a coupon for 50% off, that means you just need to pay $35/one time fee, you can have it for ever. See the coupon code :
802.11ac is main stream as well as 802.11n.
Because 802.11n has better distance and more power to pass-through wall. But 802.11ac is much fast than 802.11n.
11n Specification:
11ac introduces:
80MHz channels is 4.5x faster than 20MHz
Now 802.11ac v2 is comming. Also called wave 2. It is expected to be available in 2015.
Here is some highlights of wave 2 802.11ac.
Got an email from Google last week.
Yes, it is a new setting page which can do lots for your Google Account.
There are some important part of settings.
I found some errors in Google Search Console — Crawl Error. More than 400 errors of Not-Found.
After checking the details of these errors, I am noticed that they are the dead links which were brought after I converted this blog from MovableType to WordPress.
Some links are changed and I forgot to implement the redirection.
OK. Now I add some rules in .htaccess file to make these dead link to redirect to the correct URLs.
Here is some examples.
Monthly archives:
Old url is https://www.yinfor.com/archives/2012/09/
New url is https://www.yinfor.com/2012/09/
So I added following rule into .htaccess file in root.
# Redirect monthly archives RewriteRule ^archives/([0-9\/]*)/ /$1/ [R=301,L]
Tag page:
Old tag page is https://www.yinfor.com/mtcgi/mt-search.cgi?IncludeBlugs=4,1&tag=beta&limit=20
New tag page is https://www.yinfor.com/tag/beta/
I add following rule into .htaccess
RewriteCond %{QUERY_STRING} ^IncludeBlogs=([0-9,]*)&tag=(.*)&limit=20$
RewriteRule ^(.*)$ https://www.yinfor.com/tag/%2? [L,R=301]
Another type of tag page:
Old tag page is https://www.yinfor.com/mtcgi/mt-search.cgi?tag=Gogle&blog_id=5
New tag page is https://www.yinfor.com/tag/Google/
Add following into .htaccess file.
RewriteCond %{QUERY_STRING} ^tag=(.*)&blog_id=([0-9])$
RewriteRule ^(.*)$ https://www.yinfor.com/tag/%1? [L,R=301]
© 2020 David Yin's Blog
Theme by Anders Noren — Up ↑