Downtime – Packages vs Ports

Website has been down a few days as been very busy, so tried to rely on package updates rather than building from ports to keep everything patched as Perl and Python going thru the ‘Flavour’ splitting and packages where supposed to be easier.    To cut a long story short, it also downgraded my PHP version and dropped the Database support module in the process.  So in order to get the website back up I have had to manually install the port for the DB support, mixing packages and ports which is not a good idea.   At least the site is up and running again and I shall stick to ports in the future to ensure the latest patches are always applied.

 

Update on Bad Move Amazon

Its looks like Amazon may have heeded some of the comments around the removal of uploaded MP3’s to your Amazon Library and if you are quick enough can at least save what you have already uploaded once the service is terminated next month.

A quick visit to Your Amazon Account and Music Settings, shows a new option to “keep my songs”.  Ticking this should at least retain anything already uploaded.  A bit annoying as its means I can’t upload anything new brought via iTunes, but at least the stuff I have already uploaded will still be there.

screenshot of Amazon Music Settings
Amazon Music Settings

FreeBSD patch update out

Note sure what happened to system patches p6, and  p7 but system update 11 p8 is now out and been duly applied.   Plus updates to Apache, PHP and MySql in recent weeks hopefully means I am up to date on the latest patches.

TOGAF – Enterprise Architect

After being dropped in at the deep end with work and sent on a TOGAF course on my first week as an Applications Architect, it didn’t really all make sense then, but having recently revisit the training and covering various different domains over the years I finally feel my TOGAF badge is warranted.

TOGAF 9 Certified Badge
TOGAF 9 Certified

Housekeeping Freebsd – Forcing TLS 1.2

With Microsoft forcing everyone that uses Office 365 to use TLS 1.2 from the 1st March I thought it about time to check my webserver and see which old protocols where still supported .  Qualys have an excellent tool for checking at  https://www.ssllabs.com/ssltest/index.html

It was relatively easy after a quick google to check the default recommendations in httpd-ssl.conf to disable SSL 3.0, TLS 1.0 and TLS 1.1

A quick restart of Apache and a re-test at Qualys and now the server is only supporting TLS 1.2 and “approved” ciphers,

Connected Home

Well, Santa was good to the girls and each received a Smart Plug to control the lighting in their respective bedrooms, and also means I when I say “lights Out” I can really enforce it!

The elder ones clubbed together get me an iKettle, my initial reservations about it accidentally turning itself on and boiling dry were soon dissipated once the sheer practicality becomes a reality.  It also senses and reports back the water level so wont turn on if too low.

Just woke up, check the water level on the phone and start it boiling,
Want Coffee, not tea; drop the water temperature a tad to prevent scalding the coffee.
Need to feed the dog and need the water at a certain temp for his feed; no problem, the app will tell you how

and once connected to Alexa, even better, just holler at the Echo to turn the kettle on!

Bad Move Amazon

https://www.amazon.com/gp/help/customer/display.html?nodeId=201379330

Amazon are cancelling the ability to upload your own .mp3’s from 2019, which the vast collection of music I have amassed on CD and ripped and then uploaded wont be available to Alexa and the Echo’s unless I re-purchase them in digital form, or subscribe to their full streaming service and hope everything I have previously purchased is also available from them.

Maybe there’s a way to write a skill that will reference my OneDrive where is all also backed up

Updating Certificates

Its that time again, to renew the SSL Cert with LetsEncrypt.

Lets Encrypt Logo

 

 

Following the renew instructions here
https://certbot.eff.org/all-instructions/#freebsd-none-of-the-above

Essentially main steps are to stop Apache so it can bind to port 80 or 443.

sudo apachectl stop

sudo certbot renew -dry-run

sudo certbot renew

sudo apachectl start

Assuming all goes well, the new cert will be applied.   Next step is to set up a CRON job to automate this every 60 days.

 

Bootnote: whilst updating WordPress I also got around to enabling Google Analytics following instructions from http://www.wpbeginner.com/beginners-guide/how-to-install-google-analytics-in-wordpress/