Firefox: ocsp stapling

OCSP stands for Online Certificate Status Protocol. It’s basically a protocol that’s used to make sure that an SSL certificate is still valid and hasn’t been revoked.

Firefox appears to be the only browser that does an additional security check for OCSP and also does a hard fail. This is a security feature of Firefox.

If your SSL report is fail the OCSP stapling, then the site will unable to access by Mozilla Firefox. This is the message from Mozilla FireFox

sec_error_ocsp_try_server_later

How to get the SSL report, you can always use the SSL report tools

You could try disabling stapling support from Mozilla FireFox

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.

(2) In the search box above the list, type or paste ocsp and pause while the list is filtered

(3) Double-click the security.ssl.enable_ocsp_stapling preference to switch the value from true to false

 

ClamAV commands

There is some command to trigger ClamAV in Linux server which is more easy to use back-end.

To scan all the file in the path

clamscan -r path

To scan all directories and sub directories recursive

clamav -ril /home/user/clamav.log

To scan all the server and provide report

clamscan -ir / -l cscanreport

How to allow access only within country

The solution quite simple, just deny all the access and allow that country IP.

<Limit GET HEAD POST>
order deny,allow
deny from all
allow from country IP 
</LIMIT>

Or you want to deny only one or several country

<Limit GET HEAD POST>
order allow,deny
deny from country IP 
deny from country IP 
allow from all
</LIMIT>

How to check the that country IP range, you can get the detail from this Useful site

How to drop clean caches (Linux)

Command to drop cache

To free pagecache:

echo 1 > /proc/sys/vm/drop_caches

To free dentries and inodes:

echo 2 > /proc/sys/vm/drop_caches

To free pagecache, dentries and inodes:

echo 3 > /proc/sys/vm/drop_caches

Strongly advise to run sync first before do that. You can use command as below

sync;echo 3 > /proc/sys/vm/drop_caches

(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80

When you restart the httpd, the error as below shwo

(98)Address already in use: make_sock: could not bind to address [::]:80
(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs

First, list out the process that hold port 80

netstat -lnp | grep :80

Then kill it

sudo kill -9 PID

Note: PID=process ID

You should be able to restart the httpd after kill the proccess. Usually is those NOBODY holding the process. If you are still unable to kill all the NOBODY proccess, it might have hardware issue from my experience .