13 November 2021

Adding a wildcard SSL certificate to your WordPress site

So this one threw me for a little bit of a loop when I was first trying to figure it out, even though it shouldn’t have. I was just overthinking it. There was plenty of documentation out there for adding a certificate to a single site, but there is not much when it comes to adding a wildcard certificate to a multi-site WordPress install. I guess that was where I had gotten confused. For reference, this was the specific KB article that helped me the most.

For folks that don’t know what I’m talking about, a multi-site install is one where you can host different WordPress sites on the same server. Meaning that site1.<yoursite>.com and site2 .<yoursite>.com could both reside on the same server even if they are about completely different content. Thus you would only have to cover the cost to host one server, instead of paying for two, one for each host. Yes, they do share some resources, so there are some possible drawbacks… But for most personal sites it should not really be an issue for a few sites to share the same host.

You will need OpenSSL installed on your machine before we continue. It’ll likely already be installed if you are using LInux. If it’s not installed please use your OS’s package manager to install it.

Generate a new private key:

sudo openssl genrsa -out /opt/bitnami/apache2/conf/server.key 2048

Use that key to create a certificate:
***IMPORTANT: Enter the server domain name when the below command asks for the “Common Name”.***

sudo openssl req -new -key /opt/bitnami/apache2/conf/server.key -out /opt/bitnami/apache2/conf/cert.csr

Send the cert.csr file to your Certificate Authority (CA). After they complete their validation checks, they will issue you your new certificate.

Download your certificates. You should have received two files, one was your new certificate and the other file is the CA’s certificate. Rename them as follows:

  • STAR_YourSite_com.crt –> server.crt
  • STAR_YourSite_com.ca-bundle –> server-ca.crt

Backup your private key after generating a password-protected version in the pem format.

sudo openssl rsa -des3 -in /opt/bitnami/apache2/conf/server.key -out privkey.pem

Note: To regenerate the key and remove the password protection, you can use this command:

sudo openssl rsa -in privkey.pem -out /opt/bitnami/apache2/conf/server.key

We’re almost done. Next you’ll open the Apache configuration file to verify it’s setup to use the certificates you just uploaded. The config file can be found at: /opt/bitnami/apache2/conf/bitnami/

Scroll down until you find “<VirtualHost _default_:443>” and verify that it is pointing to the correct certificate, key, and CA certificate bundle that you uploaded earlier. You should find the below lines, if you don’t, go ahead and add them.

SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"
SSLCACertificateFile "/opt/bitnami/apache2/conf/server-ca.crt"

Note: It’s easiest to use these default names and not a custom name for these files. If you use a custom name you might need to update that name in other spots of the Apache config file, and you’ll have to google that on your own. If your cert/key is using another name, I recommend just renaming them to the default names above that Apache uses.

After we have copied our files over and have verified that the Apache config file is correct, we are going to update the file persmissions on our certificate files. We will make them readable by the root user only with the following commands:

sudo chown root:root /opt/bitnami/apache2/conf/server*
sudo chmod 600 /opt/bitnami/apache2/conf/server*

Open port 443 in the server firewall. If you’re using Bitnami you can reference this KB.

Restart your server.

Once it comes up, you should now be able to connect to your site using HTTPS.

  • If you are looking for where to purchase an SSL certificate, check out SSLs.com. I use them for my projects. I’ve shopped around, and they have the best deals that I have found anywhere on the Internet.
15 October 2021

Dell iDRAC RED007

So I was updating the iDRAC (version 8) firmware on some servers, and I kept getting stuck on an error. You’re supposed to be able to upload a new firmware’s .exe file and the iDRAC can do its thing to extract the firmware image and update itself… Well, that simply wasn’t working for me. The error I kept seeing was:

RED007: Unable to verify Update Package signature

I of course consulted Google to see what it knew, and it didn’t disappoint. The common reason for this error is that the iDRAC module isn’t aware of the certificates used to sign the ‘new’ firmware you’re trying to apply. (This happens after firmware versions 2.40.x from what my googling would tell me.) The recommended workaround for this is to incrementally step up each firmware version until you get to the newest firmware. As you should, fingers crossed, have the signature certs loaded from each incremental load.

I headed over to the Dell website and downloaded all of the incremental firmware releases that I was missing and tried to try applying them in incremental order. Well, crap…. that didn’t work for me.

After a bit more googling, I found a KB post that talked about extracting the firmware’s .img file from the .exe. Let us try that…

I was able to launch 7zip and then use that to view one of the .exe files I had downloaded from the Dell website. Low and behold, sitting there was a “firmimg.d7” file. I extracted that .d7 file, and attempted to load it into my iDRAC, then attempted to install it…

What do you know… I found that I was able to successfully upload and install that “firmimg.d7” to my iDRAC modules with no issues. That solved that issue!

6 August 2021

Nutanix password change

If you leave the default passwords on your Nutanix cluster you’ll start to see alerts in Prism that the default password is still in use. It will alert you about it for both the CVM and the physical hosts. This alert is very easy to clear by just updating the password. Here’s how…

To run just the default password health check from your CVM you can use the following command:

nutanix@cvm$ ncc health_checks system_checks default_password_check

Or you can also run the complete set of NCC health checks:

nutanix@cvm$ ncc health_checks run_all

If the health check passes, you’ll see this line in the output:

/health_checks/system_checks/default_password_check              [ PASS ]

If the health check fails you’ll see this in the output and it will tell you which host(s) alerted:

/health_checks/system_checks/default_password_check              [ INFO ]
Detailed information for default_password_check:
Node x.x.x.x:

Nutanix Controller VM (CVM) password change

Running this command will prompt you for your new desired password for the ‘nutanix’ user on the CVM:
nutanix@cvm$ sudo passwd nutanix

Once you change the CVM’s password it will replicate to all of the CVMs in your cluster, thus changing the password on all of your CVMs at once.

Hypervisor password change

  • AHV
    To change the local “admin” account password for all AHV hypervisors in the Nutanix cluster, you can run this command from any CVM in the cluster.
    nutanix@cvm$ echo -e "CHANGING ALL AHV HOST ADMIN PASSWORDS. Note - This script cannot be used for passwords that contain special characters ( $ \ { } ^ &)\nPlease input new password: "; read -s password1; echo "Confirm new password: "; read -s password2; if [ "$password1" == "$password2" ] && [[ ! "$password1" =~ [\{\$\^}\&] ]]; then hostssh "echo -e \"admin:${password1}\" | chpasswd"; else echo "The passwords do not match or contain invalid characters (\ $ { } ^ &)"; fi
    To change the local “nutanix” account password for all AHV hypervisors in the Nutanix cluster, you can run this command from any CVM in the cluster.
    nutanix@cvm$ echo -e "CHANGING ALL AHV HOST NUTANIX PASSWORDS. Note - This script cannot be used for passwords that contain special characters ( $ \ { } ^ &)\nPlease input new password: "; read -s password1; echo "Confirm new password: "; read -s password2; if [ "$password1" == "$password2" ] && [[ ! "$password1" =~ [\{\$\^}\&] ]]; then hostssh "echo -e \"nutanix:${password1}\" | chpasswd"; else echo "The passwords do not match or contain invalid characters (\ $ { } ^ &)"; fi

  • VMware ESXi 
    To change the local root password for all ESXi hosts in the cluster, you can run this command from any CVM in the cluster.
    nutanix@cvm$ echo -e "CHANGING ALL ESXi HOST PASSWORDS. Note - This script cannot be used for passwords that contain special characters ( $ \ { }  ^ &)\nPlease input new password: "; read -s password1; echo "Confirm new password: "; read -s password2; if [ "$password1" == "$password2" ] && [[ ! "$password1" =~ [\\\{\$\^\}\&] ]]; then hostssh "echo -e \"${password1}\" | passwd root --stdin"; else echo "The passwords do not match or contain invalid characters (\ $ { } ^ &)"; fi

  • Microsoft Hyper-V 
    To change the local administrator password for all Hyper-V hosts in the cluster, you can run this command from any CVM in the cluster.
    nutanix@cvm$ echo -e "CHANGING ALL HYPER-V HOST PASSWORDS. Note - This script cannot be used for passwords that contain special characters ( $ \ { }  ^)\nPlease input new password: "; read -s password1; echo "Confirm new password: "; read -s password2; if [ "$password1" == "$password2" ] && [[ ! "$password1" =~ [\ \"\'\\\{\$\^\}] ]]; then hostssh "net user administrator $password1"; echo "Updating Host and ManagementServer Entries..."; ncli host ls | grep -i id | grep -Eo "::[0-9]*" | cut -c 3- | while read hID; do ncli host edit id=$hID hypervisor-password=$password1;done  > /dev/null; ncli host ls | grep "Hypervisor Address" | awk '{print $4}' | while read hIP; do ncli managementserver edit name=$hIP password=$password1;done > /dev/null;  else echo "The passwords do not match or contain invalid characters (\ $ { } ^)"; fi

Further info can be found in the following Nutanix KB.

Category: Nutanix | LEAVE A COMMENT
3 August 2021

Restart Prism

You might have some problems with your Nutanix Prism someday and need to restart the Prism service without restarting your CVM or host or anything else. Whether it is super slow page loads, overall delay in the WebGUI, or some other problem. Thankfully you can safely restart the Prism service in a way that won’t have an impact your production environment.

SSH into any of your CVMs and run the line below.

curl http://0:2019/prism/leader && echo

It will reply back with the response of either {"leader":"x.x.x.x:9080","is_local":true} if it is the Prism leader or {"leader":"x.x.x.x:9080","is_local":false} if it is not the Prism leader. If it is not the leader, you will be able to see the IP address of the CVM you will need to connect to returned.

Now that you have SSHed into the Prism leader, you can run the command below to stop the service.

genesis stop prism

To re-start the Prism service, simply use this command.

cluster start

Your Prism is back up and running. Something to note is that the Prism leader may now be a different CVM, it does have to start up on the same CVM as before the restart. If you want to check which CVM is now residing as the leader, you can re-run the first command I mentioned and see what returns from the curl command.

Another handy command to know for just restarting the Genesis service is:

genesis restart
Category: Nutanix | LEAVE A COMMENT
9 June 2021

SCCM Client Actions

If you use SCCM or have ever had to mess with Configuration Manager on a computer that runs Software Center, then you have seen all of the client actions that you can run. That said, like most of us when we started using SCCM or Configuration Manager we knew we had to run some/all of the actions to make the changes we made in SCCM reflect on the computer we were trying to push something to. After a while, you start to realize that you can get by running just one or two actions instead of all of them. But, using myself as an example, aside from knowing you needed to run them you likely didn’t know what they actually did. For me, it was always something that I was going to “Google” later and figure out what they did at some future time. Well, I recently reached that future point-in-time and thought I’d share the collection (SCCM pun intended) of answers that I found. Hopeful what I’ve complied helps out someone else that finally decided to search about it…

  • Application Deployment Evaluation Cycle – This action re-evaluates the requirement rules for all deployments. If an application is required, and not installed when the Application Deployment Evaluation Cycle runs, Configuration Manager automatically triggers a re-install. The Application Deployment Evaluation Cycle only applies to applications and not to the packages. The default value is set to run every 7 days.
  • Branch Distribution Point Maintenance Task – Verifies any pre-staged packages and downloads any that do not exist on the branch distribution point. While Technet does not explicitly state it, I believe this task is useful only on branch distribution points and is ignored on normal clients.
  • Discovery Data Collection Cycle – This causes the client to generate a new discovery data record (DDR). When the DDR is processed by the site server, Discovery Data Manager adds or updates resource information from the DDR in the site database.
  • File Collection Cycle – When a file is specified for collection, the Microsoft System Center Configuration Manager 2007 software inventory agent searches for that file when it runs a software inventory scan on each client in the site. If the software inventory client agent finds a file that should be collected, the file is attached to the inventory file and sent to the site server. This action differs from software inventory in that it actually sends the file to the site server so that it can be later viewed using Resource Explorer. This is a part of SCCM inventory functionality.
  • Hardware Inventory Cycle – Collects information such as available disk space, processor type, and the operating system about each computer. This is a part of SCCM inventory functionality.
  • Machine Policy Retrieval & Evaluation Cycle – The client downloads its policy on a schedule. By default, this value is configured to every 60 minutes and is configured with the option Policy polling interval (minutes). However, there might be occasions when you want to initiate ad-hoc policy retrieval from the client—for example, in a troubleshooting scenario or when testing. This action initiates ad-hoc machine policy retrieval from the client outside its scheduled polling interval.
  • Send Unsent State Messages – This tool sends State Messages that are cached on the ConfigMgr client to the ConfigMgr server.
  • Software Inventory Cycle – Collects software inventory data directly from files (such as .exe files) by inventorying the file header information. Configuration Manager 2007 can also inventory unknown files — files that do not have detailed information in their file headers. This provides a flexible, easy-to-maintain software inventory method. You can also have Configuration Manager 2007 collect copies of files that you specify. Software inventory and collected file information for a client can be viewed using Resource Explorer. This is a part of SCCM inventory functionality.
  • Software Metering Usage Report Cycle – Collects the data that allows you to monitor and client software usage.
  • Software Updates Deployment Evaluation Cycle – Initiates a scan for software updates compliance. Before client computers can scan for software update compliance, the software updates environment must be configured.
  • Software Updates Scan Cycle – Just after a software update installation completes, a scan is initiated to verify that the update is no longer required and to create a new state message that indicates the update has been installed. When the installation has finished but a restart is necessary, the state will indicate that the client computer is pending a restart.
  • State Message Cache Cleanup – This tool clears State Messages that are cached on the ConfigMgr client.
  • User Policy Retrieval & Evaluation Cycle – Similar to Machine Policy Retrieval & Evaluation Cycle, but this action initiates ad-hoc user policy retrieval from the client outside its scheduled polling interval.
  • Windows Installer Source List Update Cycle – Causes the Product Source Update Manager to complete a full update cycle. When you install an application using Windows Installer, those Windows Installer applications try to return to the path they were installed from when they need to install new components, repair the application, or update the application. This location is called the Windows Installer source location. Windows Installer Source Location Manager can automatically search Configuration Manager 2007 distribution points for the source files, even if the application was not originally installed from a distribution point.

For anyone interested, the descriptions above are not my own. I’ve copied them from here and here.

18 May 2021

Home WiFi QR code

So I happened across an article the other day which described how to do something that I thought was kind of cool. It walked you through how to create a QR code so that visitors to your house (or business) could simply use the camera in their smart phone to quickly and easily access your guest WiFi network. Yes, it may, be nerdy… But it’s still cool. Here’s how you can do it too!

The greatness of this solution is that scanning the QR code will basically work from any iOS or Android device. However, since I only have Apple mobile devices, I can only show you how easily it is done on an iPhone.

Make the QR code

Get the ‘shortcut’ by clicking this link: https://www.icloud.com/shortcuts/796cd8de4e344ac6a5b6495a8a2fa333
(shortcut originally created by Stephen Robles for AppleInsider).

It will open the ‘Shortcuts’ app on your phone and display all the steps that will happen once you run the shortcut. Scroll all the way to the bottom of the screen and click the red button that is labeled “Add Untrusted Shortcut”. It will now get added to your “My Shortcuts”.

At the bottom of your screen tap on “My Shortcuts”. Run the shortcut called “Generate Wi-Fi QR”.
It will prompt you for a Wi-Fi network/SSID name, and it asks if you want to use the Wi-Fi network you are connected to, or it will let you specify another network and type it in. The next step will prompt you to enter the Wi-Fi password.

Once you hit ‘Done’, it will generate a QR code for you. Tap the icon in the upper right corner to save the QR code as an image.

Display & Connect

You now have an image that looks like this…

Print the image out and post it on your wall at home (or work).

When friends come over they can scan your QR code and connect seamlessly, without you ever having to do anything other than point a finger towards whereever you hang your QR code image.

16 May 2021

GitLab Certified Associate Certification

GitLab - GitLab Certified Associate

I’ll be honest; I’ve little experience using Git, or any other versioning software for that matter. I have had an interest in Git for a while now though. Mostly for keeping a personal code repo; scripts for working in the Azure and AWS clouds, PowerShell scripts for system administration tasks, and most recently to use to learn and deploy Docker and Kubernetes in my home lab. Previously, I just never thought that I had had the time to learn it. So when I stumbled across a link to register for FREE, for the GitLab Certified Associate (GCA) Training and Exam, I decided “What the hell. let’s do it!” (The link only lasted 2 days before they took down the free offering due to overwhelming interest, so sorry folks, I can’t provide you with the link.)

In my personal opinion, this certification is much more of a knowledge certificate than a technical certification. I feel like the course is designed to take you from 0 to drive. You cover all the basics and afterward, you’ll be able to jump right into using git without feeling like an imposter. If you have no experience, like me, this is the perfect place to start. If you’re already familiar with Git, well tough… You’ll still need to get the GCA before you can get one of their ‘specialist’ or ‘professional’ certifications. More info on their more advanced certifications can be found here.

The hands-on, self-paced, training lab was informative. There was definitely a sprinkle of marketing in there, like the inclusion of GitLab’s history. But they did do a good job of teaching the various Git concepts and terminology. They also included a bunch of labs to work on while proceeding thru the training. The hands-on portion, doing labs, was by far my favorite part. I like to learn by doing. So doing stuff like making a pull request, making changes in the WebIDE and from the command prompt, tagging code, and committing code to a project was what really made the training count. I also was able to recall that hands-on training to complete the exams later on. Like I mentioned early, I didn’t think I had the time to commit to learning Git… Well by spending 1-2hrs a night, for just a few nights, I was totally able to learn how to use Git.

The exam was twofold. One part was a “written” exam with questions you had to answer. The second part was a “lab” exam where you had to work a project and submit that project for grading. The written exam was not too bad. They give you a series of questions and you have to score 100% on them before you can proceed to the “lab” project exam. The questions dealt with terminology and things that GitLab could do. Honestly, if you did the labs, it was pretty easy as they had already covered all the information. I didn’t feel like there were any surprises or gotchas. I was a little more worried about doing the “lab” project. But again, having done the hands-on training labs, it was pretty straightforward of an exam. Some of the verbiage in the lab instructions had confused me up, and I had to reread the task it asked for a couple of times. But in the end, they again were only asking you to do stuff they had covered in the training materials. So nothing too bad if you take your time to complete it.

I feel like unless you work in development or DevOps, this is not going to be a high-priority cert for you to get. For most folks, I feel that this certification is going to more of a skill that they can add to their resume to show one more item that they are knowledgeable in. That said, it won’t hurt any to get the GitLab’s GCA if the opportunity presents itself like it did for me. You never know what you will be working on 1, 2, 5, or even 10 years from now in the future. IT is always changing. Who knows…. Tomorrow could come, and you or I might find ourselves in some sort of role needing to deploy code to a production CI/CD pipeline and using GitLab to commit our code change and push it. You never know… It could happen and when it does you’ll be happy you got yourself the GCA.

23 April 2021

Owlcam Dashcam

My vehicle got broken into 3 times within a year. I was getting tired of going down to my car, and then feeling violated after realizing someone had broken into it. I was also getting tired of paying the deductible to get the car fixed after each break-in. I needed to find a solution! With so many things these days being ‘cloud-based’, ‘always on’, or ‘IoT connected’, I found it odd that there isn’t a large market of dashcams battling it out in this arena. Cellular connected “smart” dashcams seem to be a fairly new-ish niche in the dashcam market and there are currently only a few players. The Owlcam dashcam caught my eye early on in my searching and ultimately, in the end, they are who I chose to use as the dashcam on my vehicle for now. Other brands/vendors are now making products though, so it’ll be interesting to see how this niche matures and what sort of dash cameras and features will become available.

So I’m creating this writeup as I wasn’t able to find a lot of info about Owlcam when I was looking into dash cameras. There were a few mixed reviews that were helpful, highlighting the good features and those that still needed improvement. And a few bad reviews I found of Owlcam that were usually not of the camera itself but related more toward the business of what happened when the original startup was bought out (ie – service interruptions and service cost increase).

Important note: This review consists purely of my own opinions and feelings about the Owlcam device. I have not been compensated in any way.

I’ll be reviewing the Owlcam 5.0 in this article, it’s Owlcam’s newest camera. Its main improvements include IR LEDs to better light up the interior of the vehicle – even in pure darkness, 160GB onboard storage which equates to 160 hours of video, and a new “OK Presto, I’m being pulled over.” voice command to record your interaction with any law enforcement.

Like its predecessors, it still includes 4G LTE, A.I. surveillance, live video view into the vehicle, two-way talk with the vehicle (great for parents of driving teens), voice tagging, anti-theft beacon, video history, real-time alerts and notifications, and reports you can forward to your insurer to expedite your claim. One feature (or rather perk that I hope I never have to use) that I really love about Owlcam is that if someone breaks into your vehicle and steals your dashcam, they will replace it for you if you provide them with the video and police report. Since your video gets pushed to the cloud, it’s not a problem to retrieve. If that were to happen with any other brand of dashcam, you’d have to drop both the cash to replace the camera on your own and then dole out your insurance deductible to fix your ride.

The box is nothing fancy. It lists all of the dash camera’s specs on it.

It opens up and has a card describing everything that is inside the box and instructions.

The OwlCam is small enough that it easily fits into the palm of my hand.

It was pretty easy to plug the connector into my vehicle’s OBD port and route the cable up to the center of my windshield. I used their tool to tuck the cable out of view. I then attached the appropriate tailpiece for my vehicle for the mount and stuck it up in my front window. The camera has a magnetic point on the bottom of it that “snaps” onto the mount. That was it. In less than 15 minutes, I had opened everything, read the instructions, and installed it in my vehicle. So simple!

I download the Owlcam app from the App Store before I had gone out to install my dashcam. After I mounted the Owlcam, I started the car which also turned on the Owlcam. When you first start the OwlCam it will display a QR code. From the OwlCam app, you can scan the QR code and it will join/link your OwlCam to your account. I was instantly able to start viewing a live feed from my Owlcam. That part of the setup only took a couple of minutes and it too was simple! The app itself is pretty easy and intuitive to tap thru and find either the settings or the video clips you have saved.

Overall the OwlCam dashcam is super simple to install and set up. I’ve been impressed with how easy it was. Now comes some time for “field trials”… I’m going to try it all out for a week or so and I’ll report back, in this post, about how I feel about it and any likes/dislikes after I’ve had some time to actually utilize it.

Day 1: It’s been over a day now that I’ve had it installed and I got to drive around and try it out. I’ve got no problem admitting that I’m still on the learning curve trying to figure out what all it can do. Being my first dashcam, it’s going to take me a bit to get used to it.

The camera itself seems to be working as expected. It’s recording both the interior and exterior. I’ve been able to successfully issue the “OK presto” command and tag clips while driving. I’ve also been able to fetch the clips on my phone from the device. I can’t wait to catch my wife on camera being silly, hee hee hee. For those of you who are curious, when giving the “OK presto” command, it’ll tag a 21-second clip for you. One thing that I have yet to figure out is the difference between “OK presto” and their new “OK presto I am being pulled over” commands. The latter being one of the new features that they tout about the 5.0 camera.

My biggest disappointment so far is that no notifications have popped up on my cell phone. NO ALERTS AT ALL! I have the Owlcam app set up to notify me of ‘Yellow’ events. These are small movement events. The camera is successfully catching stuff because when I look in the app, I can see it catch the movement of my neighbor either parking his car or leaving. I’ve triple-checked my iPhone and the app definitely has permissions to give notifications. So…. What gives? How will I know if someone is peeping into my vehicle. Or worst case, and my biggest concern, will I even be alerted on a ‘Red’ event if someone is breaking into my vehicle. I’m hoping this is just user error on my part.

Day 5: So the “no alerts” issue has been fixed. I did end up opening a support ticket for it though. Support was easy to work with and pleasant enough for me. It ended up being an issue on their end and they got the problem patched up. I was actually surprised when the first alert came though as I hadn’t realized it was fixed.

The camera itself has been working well. The video quality has been good. My only current complaint is that when pulling the video history and watching it, it can be a bit grainy and laggy streaming it to my phone. The exported video isn’t bad, just the streaming video.

Day 8: So I’ve had the dash camera for just over a week now. It’s a neat device. It definitely does what it claims. It records what going on, both inside and outside the vehicle. It’s AI is pretty good at recognizing movement and bumps. I’ve been able to get yellow alerts (tracking movement) and red alerts (bumps). The “bumps” were actually from getting my vehicle serviced, not from bumps “in the wild”.

While I don’t have personal experience with any other dash cameras, I have to say that this dash camera has met my desires. It will alert me when someone breaks into my vehicle, I’m comfortable enough to believe in that.

The application (at least on iOS) isn’t bad. It’s pretty intuitive overall. My main grievance with it is actually with managing the video clips. Deleting unwanted clips takes more work than it should be. You have to select and delete each clip individually, and the fact that it records both the internal and external clip for each ‘event’ it captures, means that you have to do multiple taps to delete. There should be an option to select multiple clips and remove them. Anyways, that is just my two cents…

Overall Opinion: It’s a keeper. If you’re in the market for a new dash camera, I would recommend that you check out the Owlcam and compare its features to other cameras that you are considering. I think you’ll find it impressive and that it’ll be worth your while!

Category: Gadgets | LEAVE A COMMENT
23 April 2021

WordPress tweaks

Here are a few tweaks that I have found and use on my WordPress installs to harden them and improve security. This post is mostly for my own benefit – for when I have to stand up a new server and can’t recollect what I did to my current server/site…. That said, I hope it helps you too.

Please note: While these work for me… I can not guarantee they will work for you.
Please make a backup of your site before you make any changes. I’m not responsible for any changes you make.

  1. Follow my post about adding a SSL certificate to your site.

2. The one comes from the ReallySimpleSSL plugin. It’s a great plugin to use to migrate your site to SSL. Anyways, in one of their articles (link) they go over some settings to add to your site’s htaccess file. Please read their article, before adding the following lines so you understand what each is doing. (Just for reference, here is an article describing how the htaccess file works)

Header always set Strict-Transport-Security: "max-age=31536000" env=HTTPS
Header always set Content-Security-Policy "upgrade-insecure-requests"
Header always set X-Content-Type-Options "nosniff"
Header always set X-XSS-Protection "1; mode=block"
Header always set Expect-CT "max-age=7776000, enforce"
Header always set Referrer-Policy: "no-referrer-when-downgrade"

3. A backup/restore solution for your site. I use and recommend the plugin called UpdraftPlus.

4. A solution like WPS Hide Login to hide the normal login page. This will help reduce login attempts done by bots.

5. A firewall and malware scanner solution like Wordfence.

6. Run your site’s URL thru the Qualys SSL Server Test, and address any SSL shortcoming the server might have.

That’s it for now. I’ll try to update this post with more tweaks and hardening suggestions as I implement things.

23 April 2021

Cannot open the Outlook window. Invalid XML

Microsoft Outlook has got to be one of the most common business applications that just about everyone uses. So when it fails to open, it can feel like the start of a bad day. One error message that I have encountered a few times now is the “Invalid XML” message when trying to launch Outlook. The most common reason for this error is that the XML file that contains the settings for Outlook’s navigation pane has become corrupted. The navigation pane is the one that is on the left side of Outlook and lets you change between your mailbox, folders, calendar, contacts, tasks, etc.

So how do we fix the error? The first thing to try is to simply reset the navigation pane.

  1. Hit ‘Windows+R‘ on your keyboard to open the ‘Run‘ window.
  2. Type in the following command: Outlook.exe /resetnavpane
  3. Hit the ‘OK‘ button.
  4. Then re-launch Outlook to verify that everything is working.

If the above action did not resolve your Outlook issue, then the next course of action would be to delete the actual XML file and force Outlook to generate a new/fresh file the next time it opens. Here’s how we can do that.

  1. Hit ‘Windows+R‘ on your keyboard to open the ‘Run‘ window.
  2. Type in the following command: %AppData%\Microsoft\Outlook
  3. Hit the ‘OK‘ button.
  4. It will open ‘File Explorer’ and take you to the directory that the XML file resides in. Look for a file named ‘Outlook.xml
  5. Delete the XML file.
  6. Then re-launch Outlook to check that it is working now.

That is how to fix the Outlook ‘Invalid XML’ error. I hope one of these methods worked for you so you can get back to your emails.