Set Up Gandi Standard SSL Certificate on Nginx

If you register a domain name on Gandi.net, you’ll get a free Standard SSL certificate from them for a year. The best part is you don’t have to apply for the SSL certificate right away, you can apply it anytime during the first year of your domain name registration.

So yesterday when I realized 1fix.io (which is registered with them) will be renewed in about a month, it just came to me I haven’t got a SSL certificate for my site, and now it’s about time.

The process is easy, you just log into your Gandi account, purchase a Standard SSL certificate, when checkout, the amount will be discounted to 0 if you haven’t purchased one for your domain. That means the first year (starts from the day you purchase the SSL, not the domain) will be free, and $16 per year thereafter.

Basically I followed all steps from Julien’s post: Nginx #1: Set up Gandi Standard SSL Certificate, even I was pretty sure that I got everything right, I still can’t get the SSL work with Firefox, it took me hours to find the solution. Read More…

Improve Security on My Digital Ocean Droplet

After 1Fix.io was live on a Digital Ocean droplet, I started to google about what to do to secure my server. It turns out that there are many useful Community posts on their website. Here are 3 of them I’ll suggest any new VPS user to follow step by step.

  1. Initial Server Setup with Ubuntu 12.04:
    The same rules apply to Ubuntu 13.x and above. It’s about how to create a new user with root privileges, restrict root login, and change the port of SSH.
  2. How To Protect SSH with fail2ban on Ubuntu 12.04:
    Last time when one of my client’s site was brute force attacked, I’ve learned about fail2ban is a powerful tool to “automatically protect virtual servers from malicious behavior”. In this article, I found fail2ban is easy to config, hope that helps so I don’t need to install extra security plugins on my site.
  3. How To Setup a Firewall with UFW on an Ubuntu and Debian Cloud Server:
    Setting up firewall on the server sounds kind of scary at first, but UFW make it dead simple! It should be a must-have on any Ubuntu server.

It’s the Day 2 of my Digital Ocean journey. Let me keep digging more about it and share with server dummies like me!

1Fix.io now hosted on Digital Ocean

Today I moved 1Fix.io from Media Temple DV to Digital Ocean. I’m still happy with MT, just love to try the SSD cloud server and the appealing 55 seconds deployment. I’m pretty satisfied with it so far. Here’s what I’ve done to transfer 1Fix.io:

  1. Download the site backup from WP Remote, my favorite WordPress dashboard service. I track all my WP sites with it.
  2. Sign up a Digital Ocean account. Enter the promo code “DODEPLOY” to get $10 credit.
  3. Create my first droplet in less than 55 seconds. I choose:
    1. 512MB / 1CPU/ 20GB SSD / 1TB transfer: $5 monthly
    2. Singapore datacenter
    3. Application: WordPress on Ubuntu 13.10
  4. Use SFTP to transfer my files to my droplet. Connect the db with Navicat to import the db sql file.
  5. Update the wp-config.php and .htaccess.
  6. Test to make sure the blog runs well.
  7. Change the DNS settings in Amazon Route 53. DONE!

I really enjoy the process and thanks to all the services / apps listed above, everything runs so smoothly without any extra efforts. Things just work.

Are you looking for the next hosting company for your website / blog? Digital Ocean would definitely worth a try!