Warn your clients before disabling SSLv3 on Apache for POODLE

With POODLE, everyone is hurrying to disable SSLv3 on their webservers. However some sites still have clients that for whatever reason have not updated from XP / IE6 (it’s only been out 13 years, what’s the rush?) Instead of immediately locking them out you might like to give them a few days warning with some Apache 2.2 config as below:

Set the RewriteRule to an explanatory page of your choosing (if it’s on the same HTTPS server, you’ll need to exclude the page to prevent a rewrite loop).

If you don’t have IE6 to hand, you can test this as below:

Hitting a link in an HTML email in mutt

add

macro attach V |'lynx -stdin'\n

to .muttrc

then when you are in the attachment menu, select the HTML content and hit V. This will launch a lynx process to view the content, follow links, etc. This is on top of having text/html ; lynx -dump -force_html %s ; copiousoutput or similar set in your ~/.mailcap to view inline.

rndsleep – add a random delay to cron jobs

A command-line utility written in Go to sleep for a random period, then run another command line executable.

Typical usage would be to run puppet agent in onetime mode in cron to save resources – the random sleep will help to avoid thundering herd issues at the puppetmaster.

rndsleep --randmax=30 --command="puppet agent --no-daemonize --onetime"

would run puppet agent with a random timeout of 0-30s.

Can be compiled on all platforms that Go is available for. Download it from github.