Edit /etc/hosts on Mac OSX

Open Finder and from the Finder’s menu bar, select Go > Go to Folder, then type: /private/etc/hosts/private/etc/hosts A new Finder window will open and your Mac’s hosts file will be selected. Now just copy the file hosts to your Desktop and edit it from there. Then when done, just copy it back to /private/etc/ and […]

View All Available Code Sign Certificates on USB Token

Use signtool.exe to get the list of all available code sign certificates present in a USB token (e.g. SageNet). First insert (plug-in) the USB token and then open cmd.exe and type: signtool sign debugsigntool sign debug It will print all code sign certificates along with their thumbprint SHA1 hash. Then you can use the cert […]

Close program with ESC key in Delphi

You can allow the user to quit your application using the ESC key in your Delphi application. To do so, first you need to set KeyPreview to true eighter in the Object Inspector or by adding the following code in the OnCreate event of the form: procedure TForm1.FormCreate(Sender: TObject); begin KeyPreview := true; end;procedure TForm1.FormCreate(Sender: […]

Create a Custom Mount Point with Noexec on Debian

Lets say we want to create a new mount point /test with flag “noexec” but we cannot create a new partition because, for example, we are using a VPS. How can we do that? Simple, we can create a file, make it an ext4 file system, mount it with “noexec” flag, and edit /etc/fstab to […]

How to Secure /tmp and /var/tmp on your VPS

It is very important to disable scripts execution on /tmp and /var/tmp. This way an attacker would not be able (at least not that easily) to become root by executing local root exploits or other bash scripts. We will use the flag “noexec” to disable execution of bash scripts on temp folders. * This guide […]

IP anonymization with analytics.js – Google Analytics

You can anonymize user’s IP with analytics.js Google Analytics like this: (function(i,s,o,g,r,a,m){i[‘GoogleAnalyticsObject’]=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,’script’,’//www.google-analytics.com/analytics.js’,’ga’); ga(‘create’, ‘GA_TRACKING_ID’, ‘auto’); ga(‘send’, ‘pageview’); ga(‘set’, ‘anonymizeIp’, true); </script> (function(i,s,o,g,r,a,m){i[‘GoogleAnalyticsObject’]=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,’script’,’//www.google-analytics.com/analytics.js’,’ga’); ga(‘create’, ‘GA_TRACKING_ID’, ‘auto’); ga(‘send’, ‘pageview’); ga(‘set’, ‘anonymizeIp’, true); </script> This code indicates the user’s IP is anonymized: ga(‘set’, ‘anonymizeIp’, true);ga(‘set’, ‘anonymizeIp’, true); Make sure to […]

IP anonymization with gtag.js – Google Analytics

You can anonymize user’s IP with Global site tag (gtag.js) like this: <!– Global site tag (gtag.js) – Google Analytics –> <script async src="https://www.googletagmanager.com/gtag/js?id=GA_TRACKING_ID"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag(‘js’, new Date());   gtag(‘config’, ‘GA_TRACKING_ID’, { ‘anonymize_ip’: true }); </script><!– Global site tag (gtag.js) – Google Analytics –> <script async src="https://www.googletagmanager.com/gtag/js?id=GA_TRACKING_ID"></script> <script> […]

Lets Encrypt certificate failed to renew

On a VPS I noticed that Lets Encrypt certificate failed to automatically renew correctly. After some research, I noticed that this issue was caused due to the certbot/letsencrypt script that didn’t execute the “post-hook” code (to reload the web server) after the certificate was renewed. Infact the certificate was renewed according to letsencrypt logs: Saving […]

Renew an expired Lets Encrypt / Certbot certificate

Yes it is possible to renew expired Lets Encrypt / Certbot certificate. First try to run the “-renew” command like this: certbot renew or letsencrypt renewcertbot renew or letsencrypt renew Then make sure to restart/reload your web server: /etc/init.d/nginx reload or /etc/init.d/nginx restart/etc/init.d/nginx reload or /etc/init.d/nginx restart That’s all.