Category Archives: Technology

OpenSSL error 1408E0F4

Recently I encountered a problem with SSL on one of my websites … some web browser could not connect securely.

When I ran a test from Linux, I got the following error:

OpenSSL: error:1408E0F4:SSL routines:ssl3_get_message:unexpected message

After a bit of digging, I found that a recent upgrade to the certbot-auto tool, that creates LetsEncrypt certificates, caused the problem.

The fix was to modify /etc/letsencrypt/options-ssl-apache.conf so that the SSLSessionTickets setting was set to on.

Google and Canonical

I’ve found some more Google weirdness … this time related to how it handles declared ‘canonical’ URL’s.

A canonical URL is a meta tag that you put in a web page that says “This is the correct URL to this particular page”.

Here’s an example of the canonical tag …

<head>
   <link rel="canonical" href="https://example.com/page.php" />
</head> 

However, even when you declare a canonical URL, Google sometimes decides that there is a better URL.

In some cases it’s to another page on your site…

In this case, both pages are pretty similar (actually, they are identical) … but they are two distinct pages and both have their own canonical URL declared.

I noticed at least one case where the canonical URL that Google selected wasn’t even on my site.

Granted, this is the same content … but it’s should not be considered the canonical version of a page on my site.

Unfortunately I really don’t know how to resolve this issue … as Google doesn’t respond to webmaster raised issues related to their search engine functionality.

Google & ‘Soft 404’

Many of us who manage websites are familiar with Google’s ‘Search Console‘. The search console is a way for webmasters to manage how Google interacts with our web sites. It provides functions to tell Google what parts of the site to search, what parts to ignore, and determine what pages are doing better than others.

One of the functions it provides is a way to see what parts of a web site that Google has indexed and what part it hasn’t. It also can tell what parts of a site it is ignoring and, to a certian extent, why it’s ignoring them.

One of the reasons that Google might be ignoring a page is because it’s been to be determined to be a ‘Soft 404’.

What’s a Soft 404 error?

Well, a REAL 404 error is a page not found. It’s a function of the web server software. Most web servers provide the ability to use a custom page when a 404 error is encountered. You can see an example of one here.

As for a ‘Soft 404’ … according to Google …

A soft 404 means that a URL on your site returns a page telling the user that the page does not exist and also a 200-level (success) code to the browser.

https://support.google.com/webmasters/answer/181708?hl=en

While some sites might actually do that … handle a page not found error with a friendly page but indicate to the browser that it’s a normal page (200 status code) … I suspect it’s actually a minority of sites (granted, it may be a way to game the system).

However … it turns out that pages that contain the words ‘not found’, ‘error’, ‘authorized’, ‘not allowed’, etc., in the title or body are often treated by Google as a soft 404 error … even if the page isn’t a 404 at all. Additionally, the words do not even need to appear on the page at all. The details of what constitutes a ‘soft 404’ are very mysterious.

Continue reading

Lightsail Network Isolation

Amazon Lightsail started offering a managed database service a few months ago.

I took a look at it … and tried it out … a while back and wasn’t really happy with it.

Although it had some nice features, I wasn’t given a ‘root’ (or super user) account and (as I sometimes do) was able to completely trash the instance within a few hours of creating it (I tried to manipulate the permissions on the master database user and ended up revoking all of them).

So I was considering creating my own database server using MySQL on a stand alone Amazon Linux instance.

This would give me a stand alone database with the flexibility to do anything I wanted.

My big concern was network security. I wanted to make sure that only my Lightsail instances would be able to communicate with the database server.

Continue reading

Http/2, Apache, & Lightsail

This post only covers the technical details of how to implement http/2 on an Apache web server running in Amazon Linux on Lightsail. It does not go into the details of what http/2 is or why use it. For that information, I suggest https://http2.github.io.

First you have to switch the Multi-Processing Modules (MPMs) from pre-fork (the default) to another one. I chose the event mpm for no particular reason.

To do this, edit /etc/httpd/conf.modules.d/00-mpm.conf and make the following changes …

Continue reading

Your Email Address

We all agree that email is crucial to modern life.

But what email should you use?

Everyone gets email when they sign up for high speed internet service … the problem is that you’re tied to that internet service for that email address. If you switch service providers, you could lose the address. Even worse, if your provider goes out of business, you could loose access entirely. Sometimes the email provider charges a fee for better service and/or removing advertising.

Yes, you could use Gmail, Hotmail, Yahoo, or AOL, but you’re still tired to the provider. Plus, you don’t often get to choose the best address (johnsmith5734563@xyz.com just isn’t that sexy).

Wouldn’t it be nice if you could get an email address that belongs to you forever?

Continue reading

Postmaster Resources

This post is as much to help me remember as it is to help other people.

Below is a list (not comprehensive) of the postmaster resource pages for some of the major email providers.

Microsoft / Outlook https://postmaster.outlook.com
Google https://postmaster.google.com/
Yahoohttps://help.yahoo.com/kb/postmaster
Comcasthttps://postmaster.comcast.net/
AOL https://postmaster.aol.com/

On these sites you can get information about how the provider handles spam, feedback loops, blacklists, whitelists, etc.

Very useful for those managing mailing list servers.