Having the correct timezone configured on your machine can save you a lot of “math headaches” when you try to comb through the machine’s event logs. It’s a pretty easy thing to configure in the overall scope of all things, yet it is one that is often over looked, even by veteran users. Never fear though… I will show you how you too can update your Bitnami instance to your preferred timezone.
Lets begin by logging in with ‘root’ priviledges to your Bitnami instance. Once logged in, use the following command to see what timezone you are currently set to use.
As you can see in my example, I am currently set to the UTC timezone, also known as Universal Time.
To find our desired timezone and reconfigure this, we need to enter the following command.
sudo dpkg-reconfigure tzdata
Once you’ve entered the command above and hit ‘Enter’ it will launch a menu were we can find and select your desired timezone. I will changing my Bitnami instance to use the ‘Pacific\Honolulu’ timezone, also known as HST.
Once you click ‘OK’, the machine will show you that it has updated it’s clock to use your desired timezone.
You can further verify that your clock is set correctly by running the ‘date’ command again, just as we had at the beginning of this post.
Just like that, we have updated the timezone preference in Bitnami. It was simple to do just as i promised. No more “math headaches” for us when we read log timestamps!!!
NOTE: If you are just trying to update your timezone for WordPress that is running on Bitnami, then check out this post of mine: WordPress – Set Timezone
I was surprised when I ran the Qualys SSL Labs scan against my website that I got a lower score than I expected. The SSL Labs scan is a FREE deep analysis of the SSL configuration of your public facing website, that returns a score and grade of your server. It also provides some suggestions as to what you can do to improve your server’s score.
Well, it turns out there are two things that were hindering my score. One is easy to fix via a configuration change in Bitnamo, I’ll cover that in this article. The other isn’t necessarily hard, but it involves a DNS record known as a CAA, which I’m not going to cover in this article.
The quick easy fix was to change the versions of TLS that I allowed my server to use, by disabling the older versions of the TLS protocol, v1.0 and v1.1.
I used WinSCP to connect to my server, and went to the file. /opt/bitnami/apache2/conf/bitnami/bitnami.conf
Within the file you can set/remove the “SSL Protocol” directive. In my case, I set it to SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Once that change has been saved, all that’s left is to restart Apache. You can restart connecting over SSH to your server and issuing the following command sudo /opt/bitnami/ctlscript.sh restart apache
After you see Apache restart, go ahead and re-scan your website. I found that for my website, my score increased and thus my grade was better after disabling the older versions of TLS. Success!
In today’s day and age, there is no reason why your website should not be serving up it’s content securely. Honestly, the only acceptable reason is if you have just spun up your website and you are still configuring it.
As far as obtaining an SSL certificate to make your site secure, you have two options, free or paid. There is really only one free provider, which I’ll cover below. For paid, there are lots of Certificate Authority vendors out there, and I’m sure that any one of them would likely be happy to take your money. I’ll mention my preferred vendor later.
The one free option that definitely stands out for doing it’s part to help secure the internet. That provider is, Let’s Encrypt. Let’s Encrypt is a free, automated, and open Certificate Authority. They do this to help the Internet be a more secure and privacy respecting Web. You can read more about them here.
The best part of Let’s Encrypt is it’s automated nature. No one enjoys replacing certificates, so having an automated process to renew and replace your certificate is like a dream. If your running your own server, check out their certbot. A lot of web hosting companies even streamline this process further by providing this option as an easy and simple solution directly thru their management consoles with only a few clicks.
The other option is to pay for a ssl certificate. The company that I personally use and recommend for purchasing SSL certificates through is SSLs.com. The site and service is owned by Sectigo (Comodo was re-branded), which is arguably one of the largest and most well known Certificate Authorities out there. My favorite part of using SSLs.com though is their pricing. They have, hands down, the cheapest price for a SSL certificate anywhere. At the time of me writing this, you could get an SSL certificate for a single domain for $6.88 for a single year, or down to as low as $3.77/yr if you bought it for four years.
The Internet has come a long ways since it’s early beginnings. One of the things that have gone from “only a nerd could accomplish” to now “almost anyone” can do is pick a host and create their own content.
Ages ago I started using a hosting company called DreamHost.com (referral link, save $50). They are a great hosting company, and I still use them for some stuff. If you’re much of a ‘techie’ person, then they would definitely a great choice for you to use. They have a lot of affordable hosting options, and make things really simple with “one click” installers that will do all of the heavy lifting for you. With one click it will do everything for you from the install to configuring the associated application’s database and creating the admin user. Within minutes you have an email in your mailbox telling you that your ready to go! Here is a link to all of DreamHost’s “one click” installers and 3rd party apps.
They actually have some really great support, and to help keep their costs down, they only offer email based support. For some people, that just doesn’t work for them. I can honestly say that I really haven’t had much to complain about in over a decade of relying on them. Their email support has been timely. In my opinion, they are a wonderful hosting company. If you need things simple and easy, and don’t really want to mess around with having to do anything yourself, this is the perfect hosting company for you to use. They do also offer more advanced stuff too.
If you need something a little more powerful or robust. Or if you are that nerd that wants to have a bit more control over the server hosting your site, then it’s time to consider taking a look at a larger provider like Amazon Web Services (AWS). AWS has some great options to choose from and with services like, Lightsail, they make it super simple and affordable to make and host a website or application. Their Lightsail offering even have many of the same “one-click” install options. In an attempt to broaden my own knowledge and skills on AWS, I have started to move my “web things” over to them. I don’t have any complaints. And being able to manage the underlining server my site runs one at the OS level, gives lots of options for me. As an IT professional, I’m hopping compute pools and settling into the AWS and Azure environments for my next ride. Both of these LARGE cloud providers offer so much to the power user like myself. At some point, I’ll write up an article on creating your first Lightsail in AWS, so stay tuned!