100SILEX, de 0 à 100 s: ideal
1522 5 Simple steps to secure TT-RSS reader
secure tt-rss, tt-rss security
5 Simple steps to secure TT-RSS reader
July 27, 2015 by Anand Leave a Comment
Share: share htpcBeginner
We recently presented Tiny Tiny RSS to you as a great alternative to Google reader, which is one more way you can extend the functionality of your home server or your hosting space. Hopefully, you already exported your data from Google Reader. In this post, we will show you how to secure TT-RSS reader to prevent unauthorized access. Tiny Tiny RSS is an open source web-based news feed (RSS/Atom) reader and aggregator, designed to allow you to read news from any location, while feeling as close to a real desktop application as possible. As we previously explained, it makes an ideal candidate to replace Google Reader. While there are services like Feedly and Newsblur grabbing the crowd Google Reader, which some of you may prefer, there are a group of people who would like to run a RSS reader on their own server and keep things private. Assuming that you have already installed Tiny Tiny RSS on your alternative to Google reader or hosting space, we will now show you how to secure TT-RSS reader.
Secure TT-RSS Reader
One of the main reasons to move to an RSS aggregator like TT-RSS is maintaining your privacy. So if you do not secure TT-RSS reader well you are not only making your data available public but also making your system vulnerable to potential attacks. Choosing a strong username and password while setting your TT-RSS is the first basic thing that you can do to secure TT-RSS reader. Listed below are few more ways you can increase TT-RSS readerâs security.
1. Rename TT-RSS Folder
One of the first lines of defense is to not use tt-rss in your URL to access your TT-RSS reader. To do this on your hosting account, use a folder name other than tt-rss while installing TT-RSS. On your Linux home server, edit /etc/tt-rss/apache.conf and change the first /tt-rss to something else. An example is shown below.
TT-RSS Rename URL
TT-RSS Rename URL
After making the change, restart your TT-RSS and Apache to apply the changes:
sudo service tt-rss restart
sudo serivce apache2 reload
Your TT-RSS reader is now available through the new URL (example: http://mydomain.com/myreader) only.
Amazon Kindle Fire HDX
2. Enable SSL
Accessing TT-RSS through http sends all information as unencrypted data. This could mean less privacy due to potential sniffing. The solution is to encrypt the data during transfer, which makes sniffing by hackers harder. To enable and enforce HTTPS access on Linux servers with Apache, install the following run-time libraries:
sudo apt-get install libssl0.9.8 libpam0g openssl
Restart your Apache server as shown above. You should now be able to access your TT-RSS reader with HTTPS. Note that you may have to have a SSL certificate generated. Refer to Apache documentation if you want to generate your own certificate. By default, the system will install self-signed certificates for you. These certificates are likely to raise warnings when you point your browser to the site.
3. Disable Single User Mode
By default the single user mode is already disabled (in /etc/tt-rss/config.php). Enabling single user mode will also disable TT-RSS login system. Therefore, keep the single user mode disabled.
Disable Single User Mode
Disable Single User Mode
A better way to make it a single user system is by limiting the number of registrations to 1 as described below. For whatever reason, you still want to enable single user mode, make sure you implement Apache Authentication method described below.
4. Self Registrations
Self registrations allow a visitor to register themselves, which could reduce TT-RSS security. If your TT-RSS will be for personal use only, then you may want to disable user registration by setting âENABLE_REGISTRATIONâ to âfalseâ.
TT-RSS Self Registrations
TT-RSS Self Registrations
To further secure TT-RSS Reader, uou may also want to change âREG_MAX_USERSâ to â1â to make your account the only account on TT-RSS.
asus n66uASUS RT-N66U Dual-Band Wireless-N900 Gigabit Router
asus n66u reviewsFind out why it is rated the best wireless router in its class.
5. Apache Authentication
Last but not the least, enable Authentication. This is even more important if you have enabled âSingle User Modeâ describe above. Every time you access TT-RSS, you will be asked for a username and password as shown in the picture below:
Secure TT-RSS Reader
On your hosting account this equivalent to password protecting a directory, in this case the TT-RSS directory. To do this on your Ubuntu server, you will have to create a .htpasswd file. More information is available in Apache documentation. But the easiest way to achieve this is to use one of the htpasswd generators available online.
After you enter the username and password two code blocks will be generated. Copy the contents of the .htpasswd code block and save it to /etc/apache2/.htpasswd_ttrss. Next, copy the contents of the .htaccess code block and add it to /etc/tt-rss/apache.conf as shown below:
TT-RSS Apache Authentication
TT-RSS Apache Authentication
Save and exit. Restart both TT-RSS and Apache previous shown above. You should be prompted for a password every time you try to access TT-RSS. Some may think that this double authentication method is an extra inconvenience. But I would rather be safe than sorry.
Go ahead, secure Tiny Tiny RSS Reader and enjoy reading articles on your private secure RSS Reader.
1502 Phone-Reluctant Introverts, There is Nothing Wrong With You
As I sit down to write this blog post there is the dreaded sound of a prolonged vibration as my phone skids, bouncing and sporadically across my desk. This is perfectly ideal and ironic distraction that actually befits the very thing I am thinking about and from which it is distracting meâŠ Itself!
I have always had an absolute detest for talking on the phone. And Iâll say now that it has nothing whatsoever to do with the person at the other end, I just find it a horrible tool for communicating with.
I think I probably am, and always have been worse than most people when it comes to using the phone (in the traditional sense, ie speaking to people) but if you can identify with any of this then read on. If youâre thinking, âwhat are you on about, I love the phoneâ then youâll probably just get confused, but if you also have friends who ânever answer the phoneâ then this might help you to understand them a bit better.
I canât sum it up any better than Sophia Dembling in her article, 9 Signs that You Might Be an Introvert:
989 Blog de Hugues Truttmann: Entretien d'embauche et intelligence ĂÂ©motionnelle : la mĂÂ©thode I.D.E.A.L.
Entretien d'embauche et intelligence Ă©motionnelle : la mĂ©thode I.D.E.A.L.
Pour un candidat, quelle est la diffĂ©rence entre un entretien dâembauche rĂ©ussi et un entretien dâembauche ratĂ© ?
Partons de lâhypothĂšse que 2 candidats de formation et dâexpĂ©rience Ă©quivalente passent un entretien pour un mĂȘme poste. Tous les 2 ont eu un entretien avec le mĂȘme recruteur. Pour le premier, le recruteur donne une suite favorable, pour le 2Ăšme, cela nâira malheureusement pas plus loin, le candidat Ă©tait dans un mauvais jour certainement...
Ayant fait passer des entretiens Ă des centaines de candidats, jâai constatĂ© que jâai systĂ©matiquement donnĂ© une suite favorable Ă ceux qui ont rĂ©ussi Ă me faire âpasser Ă lâactionâ, câest-Ă dire quâils ont suscitĂ© chez moi lâintĂ©rĂȘt, puis le dĂ©sir qui mâa motivĂ© Ă parler positivement et avec enthousiasme de leur candidature Ă mes clients.
Le candidat qui rĂ©ussit est donc celui qui est capable de transfĂ©rer de la sincĂ©ritĂ©, de lâintĂ©rĂȘt, de la motivation, de lâenthousiame ou toute autre Ă©motion positive. Le candidat qui rate a quant Ă lui transfĂ©rĂ© des Ă©motions nĂ©gatives (dĂ©sintĂ©rĂȘt, peur, tristesse, ennui, etc...).
Une Ă©motion positive fait passer Ă lâaction, une Ă©motion nĂ©gative, jamais. RĂ©ussir un entretien consiste donc Ă utiliser efficacement son intelligence Ă©motionnelle.
Voici une dĂ©finition de lâintelligence Ă©motionnelle : âHabiletĂ© Ă percevoir et Ă exprimer les Ă©motions, Ă les intĂ©grer pour faciliter la pensĂ©e, Ă comprendre et Ă raisonner avec les Ă©motions, ainsi quâĂ rĂ©guler les Ă©motions chez soi et chez les autres.â
Une des composante de cette forme dâintelligence est lâempathie qui est la âcapacitĂ© Ă partager les Ă©motions avec autrui, sans confusion entre soi et lâautreâ.
Comment activer son intelligence Ă©motionnelle et motiver un recruteur ?
En appliquant la mĂ©thode I.D.E.A.L :
Cette mĂ©thode nâest pas une technique, mais plutĂŽt une attitude Ă adopter.
Avant chaque entretien dites - vous ceci et APPLIQUEZ - LE !
I Decide to act with Empathy by Asking questions and Listening
Soit âJe dĂ©cide dâagir avec empathie en posant des questions et en Ă©coutantâ
Poser des questions (sincĂšres et honnĂȘtes) permet de garder le contrĂŽle dâun entretien, Ă©couter (sans faire semblant) permet de diriger une conversation et de montrer que lâon sâintĂ©resse Ă son interlocuteur.
Le meilleur des candidats nâest pas celui qui parle le plus, mais celui qui saura vĂ©hiculer une bonne Ă©nergie et des Ă©motions positives dans ses paroles et son attitude.
Motiver un recruteur ne consiste pas Ă savoir se vendre en faisant lâĂ©talage de tous les avantages que lâon peut avoir.
Ne faites pas comme ce (mauvais) vendeur de voiture qui vous prĂ©sente toutes les caractĂ©ristiques et superbes options dâune voiture SAUF celle qui va vous faire passer Ă lâaction, câest - Ă - dire vous engager en signant un bon de commande !
Posez donc LA question que jamais personne ne pose, mais qui vous fera obligatoirement ressortir du lot :
Candidat : âMonsieur le Recruteur, pour ce poste, pourriez-vous me dĂ©crire quel est selon vous le candidat IDEAL ?â
Recruteur : âPour ce poste le candidat IDEAL doit avoir les qualitĂ©s suivantes :â
Candidat : âDe toutes ces qualitĂ©s, quelle est selon vous LA PLUS IMPORTANTE ?"
Recruteur : âSans AUCUN DOUTE, la qualitĂ© Bâ
Candidat : âJâai la qualitĂ© B, parce que (prouvez par des FAITS, expĂ©rience, formation, vĂ©cu) et dâautre part jâai Ă©galement la qualitĂ© A, parce que...... et la qualitĂ© C, parce que......
> PASSAGE A LâACTION
Candidat : âMonsieur le Recruteur, dans ce cas, comment pouvons - nous envisager la suite des Ă©vĂšnements ?
Testez, câest puissant et cela fonctionne !
660 What's Next: fully ergonomic laptops? | VentureBeat
When the first laptops were created around 1979 â laptops like the Grid Compass â ergonomics was not exactly a core concern. The screens were only 2-4 inches, RAM was a few hundred kilobytes, and batteries were huge. The Osbourne 1 weighed 24 pounds, perhaps making it the first portable computer and dumbbell. Hooray for convergence!
Modern clamshell and tablet designs have solved many of these issues: screen sizes exceed 17â, RAM can be several gigabytes, and weight can be less than three pounds, deservedly earning names like the Air. What hasnât been solved is ergonomics, and thatâs a costly problem.
The U.S. Department of Labor reported 650,000 cases of work-related muscular disorders, costing businesses an estimated $20 billion in medical claims and lost productivity. An ergonomically ideal computer setup aligns the top of the screen with our eye level, lets our arms and wrists straighten, and allows our shoulders to relax.
Because laptop screens are attached to their keyboards, they require a damaging trade-off: place the laptop at eye level and hunch our shoulders, or place the keyboard at arm level and bend our neck. Most laptop keyboards are also rectangles, requiring wrist twisting. The result is chronic neck, shoulder, and wrist pain, and with laptop use increasing, this problem will only get worse.
340 7-things-to-stop-doing-now-on-facebook: Personal Finance News from Yahoo! Finance
Using a Weak Password
Avoid simple names or words you can find in a dictionary, even with numbers tacked on the end. Instead, mix upper- and lower-case letters, numbers, and symbols. A password should have at least eight characters. One good technique is to insert numbers or symbols in the middle of a word, such as this variant on the word "houses": hO27usEs!
Leaving Your Full Birth Date in Your Profile
More from ConsumerReports.org:
âą Millions of Users Exposing Personal Information
âą Tested: 119 Laptops, Desktops, Netbooks and iPad
âą Electronics Reviews
It's an ideal target for identity thieves, who could use it to obtain more information about you and potentially gain access to your bank or credit card account. If you've already entered a birth date, go to your profile page and click on the Info tab, then on Edit Information. Under the Basic Information section, choose to show only the month and day or no birthday at all.
Overlooking Useful Privacy Controls
For almost everything in your Facebook profile, you can limit access to only your friends, friends of friends, or yourself. Restrict access to photos, birth date, religious views, and family information, among other things. You can give only certain people or groups access to items such as photos, or block particular people from seeing them. Consider leaving out contact info, such as phone number and address, since you probably don't want anyone to have access to that information anyway.
Popular Stories on Yahoo!:
âą 20 Best Cities to Ride Out the Recession
âą Wealth Ranking: You're Richer Than You Think
âą 7 Expenses You Can Ditch in Retirement
More from Yahoo! Finance
Posting Your Child's Name in a Caption
Don't use a child's name in photo tags or captions. If someone else does, delete it by clicking on Remove Tag. If your child isn't on Facebook and someone includes his or her name in a caption, ask that person to remove the name.
Mentioning That You'll Be Away From Home
That's like putting a "no one's home" sign on your door. Wait until you get home to tell everyone how awesome your vacation was and be vague about the date of any trip.
Letting Search Engines Find You
To help prevent strangers from accessing your page, go to the Search section of Facebook's privacy controls and select Only Friends for Facebook search results. Be sure the box for public search results isn't checked.
Permitting Youngsters to Use Facebook Unsupervised
Facebook limits its members to ages 13 and over, but children younger than that do use it. If you have a young child or teenager on Facebook, the best way to provide oversight is to become one of their online friends. Use your e-mail address as the contact for their account so that you receive their notifications and monitor their activities. "What they think is nothing can actually be pretty serious," says Charles Pavelites, a supervisory special agent at the Internet Crime Complaint Center. For example, a child who posts the comment "Mom will be home soon, I need to do the dishes" every day at the same time is revealing too much about the parents' regular comings and goings.
338 Web Design Trends for 2010 | Webdesigner Depot
Purists will say that great design is timeless. Yes, in an ideal world, we should ignore trends. Pragmatically speaking, though, there is a lot of value in
332 Web Design Trends for 2010 | Webdesigner Depot
Purists will say that great design is timeless. Yes, in an ideal world, we should ignore trends.
Pragmatically speaking, though, there is a lot of value in monitoring and incorporating design trends, especially with regard to websites.
Letâs face it: the web changes at a rapid pace. Unlike in other media, design trends on the web are not just driven by aesthetics.
Technology is changing that can drastically alter the capabilities of the medium.
In 2010, weâre seeing designers continuing to push the boundaries of web design, setting the following clear trendsâŠ
101 - 201