<?php | |
namespace App\Providers; | |
use Illuminate\Http\Request; | |
use Illuminate\Routing\Route; | |
use Illuminate\Support\ServiceProvider; | |
use App\Http\Middleware\CaptureRequestExtension; | |
class AppServiceProvider extends ServiceProvider |
<excludefname_rule plat="mac" osVers="*" ruleIsOptional="t" skipFirstCharThenStartsWith="users/" contains_1="/.git/" contains_2="*" doesNotContain="*" endsWith="*" hasFileExtension="*" /> | |
<excludefname_rule plat="mac" osVers="*" ruleIsOptional="t" skipFirstCharThenStartsWith="users/" contains_1="/node_modules/" contains_2="*" doesNotContain="*" endsWith="*" hasFileExtension="*" /> | |
<excludefname_rule plat="mac" osVers="*" ruleIsOptional="t" skipFirstCharThenStartsWith="users/" contains_1="/_build/" contains_2="*" doesNotContain="*" endsWith="*" hasFileExtension="*" /> | |
<excludefname_rule plat="mac" osVers="*" ruleIsOptional="t" skipFirstCharThenStartsWith="users/" contains_1="/deps/" contains_2="*" doesNotContain="*" endsWith="*" hasFileExtension="*" /> |
function createStore (reducers) { | |
var state = reducers() | |
const store = { | |
dispatch: (action) => { | |
state = reducers(state, action) | |
}, | |
getState: () => { | |
return state | |
} | |
} |
Prerequisites : the letsencrypt CLI tool
This method allows your to generate and renew your Lets Encrypt certificates with 1 command. This is easily automatable to renew each 60 days, as advised.
You need nginx to answer on port 80 on all the domains you want a certificate for. Then you need to serve the challenge used by letsencrypt on /.well-known/acme-challenge
.
Then we invoke the letsencrypt command, telling the tool to write the challenge files in the directory we used as a root in the nginx configuration.
I redirect all HTTP requests on HTTPS, so my nginx config looks like :
server {
<!-- | |
A set of performance optimizations for development that vastly increase application startup time. | |
Should not be used in production, as they largely disable forensic diagnostics that you'd want there over fast startup time after a compile. | |
--> | |
<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/"> | |
<sitecore> | |
<hooks> | |
<hook type="Sitecore.Diagnostics.HealthMonitorHook, Sitecore.Kernel"> | |
<patch:delete /> |
Handy helpers for controlling visibility of elements until Vue has compiled.
Use like:
<div v-cloak>
<h1>
<span class="v-cloak--inline">Loading...</span> <!-- Only displayed before compiling -->
<span class="v-cloak--hidden">{{ post.title }}</span> <!-- Hidden until compiling is finished -->
/** POLYFILL FOR IE PLACEHOLDER **/ | |
$(document).ready(function(){ | |
if(!('placeholder' in document.createElement('input'))){ | |
$('input[placeholder]').each(function(){ | |
if(this.value == ''){ | |
var $el = $(this); | |
$el.bind('click', function(ev){ $(ev.target).unbind('click'); ev.target.value = ''; }); | |
$el.val($el.attr('placeholder')); | |
} | |
}); |
PHP disables SSL/TLS peer verification by default. While this design decision significantly simplifies encrypted HTTP retrieval, it also means your transfers are totally vulnerable to Man-in-the-Middle attacks. To fully secure our transfers we need to verify that the party at the other end of our transfer is actually who they say they are.
To accomplish this we need two things:
- A CA file (in .PEM format) so we can tell openssl which certificate authorities we trust
- A stream context that specifies this CA file and instructs openssl to verify the other party
We can easily obtain the same CA file (direct link to .pem file) used by the Mozilla Foundation (the exact one cURL uses, BTW). This file is usually updated a handful of times each year and it's important to keep your CA file up-to-date or you risk trusting certificate authorities that are known to be insecure/unsafe. This kind of thing doesn't happen often, but it's important to upd
I've done the same process every couple years since 2013 (Mountain Lion, Mavericks, High Sierra, Catalina) and I updated the Gist each time I've done it.
I kinda regret for not using something like Boxen (or anything similar) to automate the process, but TBH I only actually needed to these steps once every couple years...