security

Searching for world-writable files and directories from the command-line

World-writable permissions are the equivalent of an unlocked door. They require trust and nothing online should bear the weight of that expectation. Why are they so bad? World-writable permissions are also commonly referred to by their binary equivalent of “777”, for which the digits represents the permission level for each of the three possible users: […]

Renewing Let’s Encrypt SSL on a GoDaddy shared cPanel hosting account

[Updated 11/17 to reflect deprecation of Let’s Encrypt Mac OSX client.] What’s not to love about the free SSL certificates from Let’s Encrypt? They’re pretty simple to install, they’re secure, and — best of all — they’re free. The only downside is that they’re good for just 90 days (they do have their reasons) so […]

Deploying Let’s Encrypt SSL to a GoDaddy shared cPanel hosting account

[Updated 11/17 to reflect deprecation of Let’s Encrypt Mac OSX client.] Thanks to Let’s Encrypt, free, reliable SSL certificates are now widely available. And while some hosting companies (like Dreamhost) have made the process of installing and renewing Let’s Encrypt certificates point-and-click simple, others <cough>GoDaddy</cough> aren’t quite so forward-thinking, so one has to get one’s […]

Installing EFF’s certbot locally on a mac

[Updated 11/17 to reflect deprecation of Let’s Encrypt Mac OSX client.] While it’s preferrable to install Electronic Frontier Foundation‘s certbot* on your hosting environment (so certificate renewal can be automated via cron), you’ll need root access to do so, in order to install dependencies. For those situations where that’s not possible, (such as a site hosted […]