Author - badsha

force https apache server

How to enable force https on apache server. (Best and simple way)

Enable force https on apache server. (Best and simple way)

HTTPS connections can be enforced on visitors to your site by several different methods. If you are using a content management system like WordPress you can explore plugins like WordPress HTTPS (SSL) to set all or specific sections of your site to use secure connections.

However, administrators with sufficient access may prefer to enforce HTTPS connections at a higher level. This article shows the most straightforward method for doing this in Apache server environments.

Apache can be extended via modules to add new useful functions. One of the most popular Apache modules is mod_rewrite, which enables redirection to control your visitor’s options and shape traffic on your site. Most web hosting companies using Apache will already have mod_rewrite activated by default and will give you appropriate permissions to edit your settings for Enable force https on apache server. (Please contact your host directly if this is not the case.)

The data structure for an Apache server will always include at least one .htaccess file, which acts as a configuration file for the directory the file is located in. (Note that the period indicates this is a “hidden” file – you may need to adjust the settings in your text editor to view and edit these.) Multiple .htaccess files can be created in different directories to define how different sections of your site function.

The .htaccess file is consulted by https (the Apache server process) for directions on how to handle a request for access to a page, file or directory, and the mod_rewrite module will handle these directions appropriately.

force https apache server

You may configure your site’s .htaccess file to direct all visitors to use HTTPS. This can be done either for the entire site or for a given section of it.

To secure your entire site:

  1.  Open the .htaccess file in your site’s document root.
  2.  Add the following:

RewriteEngine On
# This will enable the Rewrite capabilities

RewriteCond %{SERVER_PORT} 80
# This checks to make sure the connection is not already HTTPS – port 80 indicates a non-secured HTTP connection.

RewriteRule ^(.*)$$1 [R=301,L]
# This rule will redirect users from their original location to the same location but be using HTTPS.
# Example: Visitors trying to access will be redirected to

Remember to change the URL in the example above to the actual URL you wish to protect.

To secure a specific directory on your site:

The below solution should be applied in a .htaccess file in the directory to be secured. (If no .htaccess file exists, you can create a new one. Note that any .htaccess file in a directory tree operates on all subdirectories, and rules in a higher level .htaccess file will be applied unless overridden by rules in a lower level .htaccess file. )

  1. Open or create the .htaccess file.
  2. Add the following: RewriteEngine On
    # This will enable the Rewrite capabilitiesRewriteCond %{SERVER_PORT} 80
    # This checks to make sure the connection is not already HTTPS – port 80 indicates a non-secured HTTP connection.RewriteRule ^(.*)$$1 [R=301,L]
    # This rule will redirect users from their original location in /some subsection/ to the same location but using HTTPS.
    # Example: Visitors trying to access will be redirected to

Again, make sure to change the domain name and directory to the actual URL and directory you wish to secure.

For more information on the configuration of your .htaccess file in your specific hosting environment please contact your hosting provider.

hosting offer W3 Techniques

Hosting Offer! for Victory Month of Bangladesh

Hosting Offer! for Victory Month of Bangladesh

hosting offer W3 Techniques


বিজয়ের মাস উপলক্ষে W3 Techniques দিচ্ছে 1.5 GB SSD হোসিং মাত্র 999 টাকায় সাথে রয়েছে আকর্ষনীয় সব ফিচার। আপনার ব্লগ ও ছোট প্রতিষ্ঠানের ওয়েবসাইটের জন্য আমাদের  এই প্যাকেজটি পারফেক্ট। এতে রয়েছে এক ক্লিকে ওয়ার্ডপ্রেস ইনস্টলের সুবিধা। তো আর দেরী না করে এখনই লুফে নিন 999 টাকায় 1.5 GB হোস্টিং এর অফার।

অফার চলবে ৩১ ই ডিসেম্বর পর্যন্ত!

এই প্যাকেজের ফিচার সমুহ:

 1.5 GB Package
 1.5 GB Storage Space
 100 GB Monthly Bandwidth
 15 Sub-Domains
 15 FTP Accounts
 15 Email Accounts
 24/7 Support

1250 TK প্রতি বছর (Renew Price)

This is the December hosting offer !


Amazon doubles down on its own Echo hardware, even as it increasingly relies on third parties


The biggest surprise of today’s secret Amazon event in Seattle was the sheer breadth of Echo-related announcements. Over the past several months, it’s seemed as if Amazon the company was moving more and more toward offloading hardware development to third-parties building Alexa into everything from thermostats to lamps.

But the company’s first-party hardware continues to be the centerpiece of its Alexa play.

Today’s event found the company doubling down on its own products, as it added a number of new devices to the Echo line, ranging from the obvious (the new Echo) to the bizarre (Echo Buttons). Each could, perhaps, be taken as a proof of concept for the sorts of devices the company is hoping other manufactures will create, but the Echo’s various form factors have been such a massive hit for the company, that it doesn’t appear to be letting up any time soon.

Of course, Amazon continues to have a leg up on much of the competition, with the ability to sell devices close to cost. After all, unlike other hardware makers, the company stands to make a big windfall on content well after the product ships. As the company put it at today’s event, “the sale of an Echo is just the beginning for Amazon.”

That’s not just the company blowing smoke. For Amazon, hardware has always been a conduit for content, and each one of these products represents a focus on different media. The new Echo, turns the company’s focus more toward Amazon Prime Music, with higher end speakers. As the company noted at the event, more people are now listening to the service through Echoes than on mobile. The Plus, meanwhile, finds Amazon reasserting itself in the smart home, as the first big name hub focused specifically on connected home devices right out of the box.

At the moment, the Echo family is starting to look a bit unwieldy. But taken as a whole, it paints a pretty clear picture of a company looking to make a device for every lifestyle and every home — and in some cases, several devices per home. The company is clearly emboldened by the runaway success of the Echo line and doesn’t mind throwing stuff against the wall to see what sticks.

Perhaps when third-party development really picks up, the company will shift more toward a software only strategy. But keep in mind, these are still the very early days for the home assistant space, and Amazon still has a lot to gain from being at the forefront of both sides of the coin.


Source link


BMW to bring Alexa to its cars starting in 2018


Amazon’s Alexa voice assistant will be your cockpit companion in future BMWs: The automaker will offer Alexa in select cars starting in 2018, Amazon announced today at a special event revealing a host of product news at its Seattle HQ.

The vehicle integration will begin in the middle of next year, the companies revealed, and will provide access to Alexa skills and voice-based capabilities right from the infotainment system. This isn’t the first time Alexa has showed up in vehicles, as Ford demonstrated a test version of its Sync platform with Alexa functionality baked in at CES last January.

BMW also previously teamed up with Amazon to release Alexa skills for the BMW Connected app, that let vehicle owners do things like check how much fuel there is in their cars from their Echo devices at home.

The new partnership with BMW means that its vehicles will also include far-field microphones throughout the vehicle, which will make voice interaction easy, and it’ll display visual output using the car’s in-vehicle display information and navigation display.


Source link


Hulu’s new deal with NBCU brings ’30 Rock’ and other shows to its on-demand service


Hulu today announced a new deal with NBCU and New Media Distribution which will bring a number of popular, though not current, TV programs to its subscription video-on-demand service, including “30 Rock,” “Parenthood,” and others. The agreement follows Hulu’s earlier announcement that it would be the subscription streaming home to “Will & Grace,” including both the series’ original 194 episodes (8 seasons), and the new episodes when the show returns on September 28th to NBC.

The streaming service had also announced another deal with NBCU for its live TV service back in May. This allowed Hulu to tout that it could now offer the top four broadcast channels, with the addition of NBC to a lineup that already included CBS, Fox, and ABC.

According to Hulu’s announcement today, the new NBCU deal includes exclusive SVOD rights to the complete library of Emmy winner “30 Rock;” plus all 6 season of “Parenthood;” Paul Reiser’s comedy series “There’s Johnny;” the first 13 seasons of the U.K. reality TV show “Made in Chelsea;” and the first 10 seasons of SYFY’s reality competition series “Face Off.”

Hulu already had other NBC content on its service beyond “Will & Grace,” including “This is Us,” “Blindspot,” and “Saturday Night Live.”


Source link


Apple’s updates privacy page, releases Face ID white paper


Today, Apple is launching a new version of its privacy page that presents security and privacy as a consumer feature set. This effort to position Apple as a provider of security and privacy services that manifest as features was begun back in September of 2014, in the wake of the celebrity nude hacking incidents.

Earlier that month, I had published a piece arguing that Apple needed to be less opaque about its security and privacy systems and policies, because they were substantially different and more important than a ‘product reveal’. While Apple had been making the security and privacy of its users for years at that point, that’s essentially where its new era of transparency and salesmanship around the topics began. The new security page it launched then kicked off an era of aggressive positioning by Apple that emphasized how little interest it had in users’ personal data beyond protecting it, and how that differentiated them from their competitors. Cook began speaking publicly about the importance of encryption and privacy, Apple got more vociferous about pushing back on law enforcement requests to unlock iPhones and in 2015 it launched a new version of its privacy page that I noted brought the concepts of security and policy solidly into the realm of product eduction.

The reason for that lengthy setup is that the version of the site that launches today I think finally brings together all of these pieces and tells a story of Apple’s security policies as true, usable consumer features. If you’ve written about, worked in or studied security and privacy of systems like mobile devices or computers you know that no matter how much people say they’re interested in security, they do not exhibit this in their behavior. People duplicate passwords, use short or no passcodes at all and have terrible operational security in their day-to-day lives.

Why? Because it’s harder. Security is wonderful, people say, as long as it doesn’t inconvenience them or interrupt any basic action they may take during a day. That’s a tough threshold that few companies take the time or energy to even begin to surmount. Most of the time the argument is ‘hey, we provided the security, it’s your fault if you don’t use it.’

The Apple methodology, meanwhile, has been to make security part of features so attractive that you want to use them. A substantial magic trick in the draconian, opaque arena of security.

The security features of iPhone, iOS and other devices are presented on the site as a product showcase inside the philosophical framework of security — with a splash of customer education. While I don’t think every customer will visit this site, I can tell you that it will likely get more traffic and sell more devices than any privacy and security page that has ever existed.

A few new things make an appearance. Differential Privacy is now being applied to discovering bad actor websites that crash or memory hog, something we covered earlier this week, for instance. But mostly this is a payoff of all of the work Apple has done to integrate security and privacy deeply into its products.

Yes, it’s a bit of a victory lap and a bit of a sales tool, but Apple also worked for it, so I’ll give this one to it.

Face ID Security Detailed

There is also a new security white paper and knowledge base article on Apple’s Face ID authentication system. Many of the points inside were covered in my recent interview with Apple’s Craig Federighi, but there are some more details about how the face information is gathered and handled that will be interesting to the infosec community, or security-minded people.

One important takeaway from the paper is that Face ID operates almost identically to Touch ID from a security perspective. Once the binary ‘hey this is you or it isn’t you’ decision is made, all other systems function nearly the same. This means that they’re already tested by years of Touch ID being around without the Secure Enclave being meaningfully unwrapped or compromised. A good thing for consumers.

Another interesting note is that developers do not have to update their Touch ID apps to use Face ID. If an app you use now uses Touch ID to authorize anything, open anything or pay for anything, it will automatically work with Face ID. The same authentication framework is called as was called before. It’s probably best for those apps to update any text that refers to Touch ID, but otherwise they should work just fine on day one of the iPhone X.

Apple also details the methods that Face ID uses to adapt to changes in your face over time. It can learn from both solid matches in good light where it will add to its ‘good data’ about your face. It can also learn from failures that require you to enter a passcode.

To improve unlock performance and keep pace with the natural changes of your face and look, Face ID augments its stored mathematical representation over time. Upon successful unlock, Face ID may use the newly calculated mathematical representation—if its quality is sufficient—for a finite number of additional unlocks before that data is discarded. Conversely, if Face ID fails to recognize you, but the match quality is higher than a certain threshold and you immediately follow the failure by entering your passcode, Face ID takes another capture and augments its enrolled Face ID data with the newly calculated mathematical representation.

Basically, if it passes a certain level of certainty that this is probably you but can’t get a match, and then you enter a passcode — it will add that data to your face profile, improving matches in the future. But if it doesn’t think it’s you and someone enters a passcode then it won’t add the data.


Source link


Microsoft becomes a sponsor of the Open Source Initiative


Microsoft today announced that it has joined the Open Source Initiative (OSI) as a Premium Sponsor. The OSI, which launched in 1998, takes a relatively pragmatic approach to open source and advocates for open source in business and government. The OSI also reviews open source licenses, which are often vendor specific, to ensure that they conform to “community norms and expectations.”

As a premium sponsor, Microsoft joins the likes of Google, IGM, HPE, AdblockPlus, GitHub and Heptio as top sponsors of the project. Other sponsors at lower levels include RedHat, The Linux Foundation, Mozilla and HP.

“The work that Open Source Initiative does is vital to the evolution and success of open source as a first-class element in the software industry. As Microsoft engages with open source communities more broadly and deeply, we are excited to support the Open Source Initiative’s efforts,” writes Jeff McAffer, Director of Microsoft’s Open Source Programs Office, in today’s announcement.

It’s worth noting that Microsoft has been working with the OSI for a couple of years now. It submitted its Microsoft Community License and Microsoft Permission License in 2005 and 2007. It’s also no secret that Microsoft has massively expanded its portfolio of open source projects over the last few years.

Still, there remains a good amount of skepticism in the open source and free software community around why Microsoft is doing this. The fact that former Microsoft CEO Steve Ballmer once called Linux a cancer still echoes through the collective unconscious of the open source world. Microsoft is quite aware of this, but so far, its recent actions show that it now understands how to best engage with and participate in the open source community.

Featured Image: Bloomberg/Getty Images


Source link


Cloudflare moves into video with the launch of Cloudflare Stream


Cloudflare has made a name for itself as a content delivery platform and security company, offering services to help keep websites up and running (sometimes running into a little controversy in the process). Now, as the company marks its 7th birthday — it actually launched on September 27, 2010 — it’s moving into another new area, literally and figuratively.

Cloudflare is today taking the wraps off Stream, a new service designed specifically for websites and apps that want to build businesses hosting and streaming videos, similar to what the likes of YouTube, Vimeo, and around 1,000 other sites do today. The service is launching in beta today. Those interested in it can sign up here.

To be clear, Cloudflare has already been working with sites that stream video — some 1 billion people already watch video through Cloudflare daily, the company tells me — but more often than not those videos are either hosted elsewhere, or they are not the central function of the sites themselves.

The idea now will be to let these sites and apps provide a more direct and vastly more simplified video service that what is in the market today, putting Cloudflare head to head with other CDNs and those who host video with an all-in-one package, and giving sites and app publishers “the ease of YouTube with the power and control you used to previously only get from bespoke solutions,” in the words of the company.

In doing so, Cloudflare is building out a new revenue stream for itself. The company has raised around $180 million, and it is now is valued at over $3 billion; and now it is hotly tipped as an IPO prospect, so this would help with that.

But beyond its own financial fortunes, Cloudflare is also potentially opening up the market to a lot of more competition and video content, turning — as the company describes it — a landscape of 1,000 sites into a landscape of 100,000.

Cloudflare Stream, the company says, will offer a service that combines encoding, global delivery and a media player into one product (typically, video streaming from the likes of Akamai but also many others often sees sites taking those services from a hodge-podge of providers). It’s also removing some of the technical headache around hosting and streaming video.

“You shoot a video, upload it to an API endpoint, and within seconds we make it available globally to adaptively stream via an embeddable link we provide,” Cloudflare notes.

Pricing, meanwhile, will be similarly simplified: it will be based on the duration of time that people consume a video — and nothing else. We have contacted Cloudflare for more details about it, but it seems as if they are not making this too public while the product is still in beta. For now, the company has said that the basic premise will be to give users a pared-down, single price for everything in the video streaming chain, with a charge that includes encoding, global delivery and player.

As Cloudflare describes it, this is a big shift from how things are done today. A typical video service could include multiple charges: from encoding companies for CPU usage based on length and quality of the video and the number of streaming formats it’s converted into; from ‘traditional CDNs’ that charge different rates for each region of the world based on the number of bytes delivered; and from player vendors charge at tiered levels based on the number of views. (Here is pretty decent summary of some of the challenges of hosting your own video, and also of another alternative to hosting it on something like Cloudflare.)

There are at least a few clients using the Stream service out of the gate.

“Our company is focused on bringing thoughtful and easy-to-use course delivery tools to teachers and learners wherever they are, and a huge part of doing that is through video,” said Mark Johnson, co-founder of Pathwright, in a statement. “We’ve long been looking for a video solution that is simple to implement and seamless to use, and have not found one that checks all the boxes for us. We’re excited that Cloudflare Stream is being launched with the developer in mind from the beginning. It sounds like exactly what we’ve been searching for and we can’t wait to get started.”

Video is held up by a lot of media and other sites as panacea for their businesses — videos are more engaging than other kinds of content, keeping people on your site for longer, and because of this, they are also a more lucrative platform when it comes to advertising.

The issue is that when you are not Facebook or Google or Twitter, building something like this from scratch can be too cost prohibitive and efficient to do. It’s smart of Cloudflare to tap into the interest in video and see how it can disrupt how things are done by simplifying the whole process on its CDN platform.

We’ll update this post as we learn more.


Source link


Ford and Lyft’s new self-driving partnership likely to be a standard model


Ford and Lyft are working together on self-driving vehicle technology, but the focus of the collaboration is around Lyft’s positioning of itself as an open platform for future autonomous on-demand vehicle services, and likely not something that will do much to accelerate the pace at which self-driving cars are able to be safely deployed on roads.

The focus of the partnership is on laying the groundwork for a future time when Lyft users will be able to open the app and call a car, which will then come from a range of different providers operating their own driverless fleets. It’s the main purpose behind Lyft’s launch of its open platform for autonomous tech, and one of the driving motivations for its Level 5 Autonomous driving center in California.

But the Ford and Lyft partnership isn’t exclusive and it’s unlikely to be unique – in fact, it’s probably going to be something that proves a model for a range of similar partnerships across networks in future. On-demand vehicle service operators could, in fact, become the cable and internet providers of the future, operating platforms that work with a range of both individually, and fleet-operator owned vehicles.

Ford is also unlikely to give up entirely on the idea of running its own autonomous driving operation – rival GM seems to be preparing for that eventuality itself, having built it sown ride hailing app and network for use in San Francisco through self-driving subsidiary Cruise, which is offering on-demand autonomous rides to its employees in a limited beta test.

The automaker stands to learn a lot from operating both human-driven and self-driving test vehicles on Lyft’s network, both of which it plans to do as part of this new partnership, because it has precious little experience with operating a ride-hailing service, while Lyft has plenty. It’s going to be able to glean a ton of useful information about user experience and ride planning from the partnership, regardless of what happens in the future with any commercial partnerships.

As for helping get self-driving cars on the road, this could perhaps accelerate progress – but the fact remains that we’re still quite a ways off from fully autonomous vehicles operating without humans behind the wheel on public roads in any kind of widespread way. And the limiting factors are on the self-driving technology side, not the network piece of the equation.

Meanwhile, I’d expect that Ford won’t be the last automaker to make this kind of arrangement with Lyft – there’s little to be lost from not joining up with its platform now, and a lot to be gained in terms of planning for a future where mobility looks quite different than it does today.


Source link


Legion raises $10.5M to roll out an automated employee scheduling tool


There’s a lot of talk about employees wanting much more flexible work schedules, and a lot of that is thanks to the emergence of companies like Lyft and Uber that allow people to work on their own schedules. But that ability still doesn’t exist for the rest of the world, especially when it comes to hourly jobs with rigid schedules.

But that doesn’t mean that employees don’t want those kinds of schedules — or that they vary a lot — and that’s the reason why Sanish Mondkar started Legion. The startup uses large amounts of data, all the way down to the weather near a store, to try to predict how busy it will be and how to intelligently staff that store and prepare for the foot traffic. It also works to sort out the best possible schedule for each employee, whether they want to work a regular shift at the same hours or vary from week to week and trade shifts a lot. The company is rolling out with Philz, one of Silicon Valley’s favorite coffee projects, to try to prove out such a concept.

“You can recognize the fact that there are some employees on your roster that are looking for predictable, 40 hours a week, with full benefits,” Mondkar said. “Others, today especially, are on the opposite side of the spectrum and want gig-like jobs, owning their schedule. Legion lets you provide that full spectrum of options. Employees choose where they want to be on that spectrum. It leads to better retention, an empowered culture, that to me is very important going forward for any business that employs a large hourly workforce.”

To continue to roll this out, Legion has raised a $10.5 million series A led by Norwest Venture Partners, with Norwest’s Sean Jacobsohn joining the board. Earlier investors First Round Capital, XYZ Ventures, and Webb Investment Network also participated in the financing round, which has helped flush the enterprise startup with the kinds of capital it needs to expand beyond just a business like Philz and into the larger hourly retail field.

Legion’s goal at the end of the day is to try to accurately predict traffic and labor forecasts, helping each employee find the slot that fits them best for the schedule and lifestyle they want. By starting there, Mondkar wants to try to help employees feel better about their jobs and their lives — which, in the end, helps them be happier at their jobs and deliver a better experience to customers. While there may have been some stabs at intelligent scheduling, it’s largely been on the managers to spend the nearly dozen hours to ensure that everyone gets what they want.

“The solution you would design today, versus three or even five years ago, would be very different because the kinds of enablers that are uniquely available today,” Mondkar said. “Machine learning and AI is at a point that’s at least accessible in a form that can be applied to solve these problems. Both need a lot of data, and data now — especially in retail thanks to the adoption of cloud point of sale devices and traffic counters — is available that just wasn’t available three or five years ago that would drive these algorithms.”

For starters, the company has begun deploying in Philz as a proof-of-concept to show that it ends up having a positive impact on the workforce. Philz CEO Jacob Jaber wasn’t able to articulate exactly why it took up until recently for a product like Legion to exist, but said it was an issue for the company — and any retail company — that was dying for some kind help. The other part of the equation, he said, was that it had to be constructed with all sides in mind: the business, the manager, and the employee.

“You need to think more holistically and you have to have empathy for multiple parties,” Jaber said. “I’d say there hasn’t been a lot of progress in the workforce as a whole and I think they’ve been left behind to some extent and working class. I think [businesses] are now getting to scratch the surface in thinking about them more and how we can make sure as a company and as people we’re respecting them and giving them a very good environment to work and grow in. Scheduling is a really big part of that.”

There will, of course, be challenges for Legion. Over time, employee priorities may change and the service will have to keep up with that. It makes sense for Legion to plug into other HR dashboards like Zenefits for now, but they may see the opportunity to go after the problem with a robust set of data on employees. There are also a lot of startups trying to create a simple employee scheduling application, such as When I Work, that may see an opportunity in the low-hanging fruit that large public data sets and more accessible machine learning tools have to offer. Mondkar’s hope is that starting with Philz as a launching point and eventually gunning for a schedule that fits everyone’s needs automatically will be the one that wins in the end.

“This is basically a very large problem that impacts a lot of lives and a lot of people,” Mondkar said. “The core of that problem, scheduling and matching people optimally and in a consistent manner, is a very fundamental step toward solving that problem. Today, as I was saying before, approaching that problem in a whole new way makes a lot of sense.”



Source link