Server Status Page and Enhanced Security

You may have noticed extended periods of downtime for the site however Plex was working just fine. It’s actually been the most stable its ever been.

I’ve received some positive feedback regarding performance as well so I moved my focus to the site itself and keeping you as informed as possible.

Today marks the availability of a brand new server status page where you can check out what’s going on inside the server running nobreaks.ca. Check out the menu under “Server Status” or head to the page from here. The page is of course fully protected by our SSL certificate.

 

Next on the agenda. Site security. It’s too easy to hack websites that are ill informed and don’t have recent implementations of popular software such as recently SSL and, of course, Apache.

Feel free to inspect the versions the most prominent pieces of software on the site at the bottom of the status page which is in real time by the way.

I’ve also added a seal on the left under the SSL verification seal for vulnerability scanning which occurs on a weekly basis and emails me the results. After several days of work, scanning and fixing security holes I’m proud to present a 100 on a scale of 0 to 100 where the lower the number the less secure the server.

It appears that out host is not very scan friendly which makes sense and I’m glad they’re concerned against scans towards their users. I’ll try to clear things up and bring the seal back up. However when I check my account the score remains A+.

Initially I was shocked to get a 60% score however the writing was on the wall. My software was out dated. Then came the cherry on top. It wasn’t a “yum update” away from that 100 I so dearly wanted to see.

It became my mission. I had to have that 100. So I began, first, the dependencies. Then more dependencies  and finally. That long nerve racking compile. Did I include all the config options I needed? Will it nearly finish then throw an error? Time will tell. Now where did I put that damn config file?

Eventually it all went well and I was able to migrate from CentOS 6.6 using OpenSSL1.0.1e, Apache 2.2 and MySQL 5.1 with no indexing to OpenSSL1.0.1j, Apache 2.4.10 and MySQL 5.6 coupled with Percona Server 5.6 without losing any data from the database or the file structure.

Getting used to the new version of Apache (2.4.10) was a leap from 2.2. The security aspect of the software was locked right down. The configuration files demanded much more attention to function the same way but in a more secure fashion.

Next came re-optimization after all the changes had taken place. That means mysqltuner and calculation after calculation using the information gathered from watching server processes and adjusting memory and configuration limits.

The security seal will state the last time the server was scanned and is click-able to visit the website that did the work.

Let me know if I’ve overlooked anything or something isn’t working as should ASAP and I’ll do my best to fix it.

Regars,

LightSpeedTaco