Schannel Again in 2024

Getting loads of schannel errors in my log server every day, I decided to hunt them down.

Turns out that under Internet Options a GPO was misconfigured to allow sslv3 traffic.

Disabling this SSLv3 as shown below with a GPO or individually solves this log entry spam.

Apache Reverse Proxy Detail

edit the proxy.conf – vi /etc/httpd/conf.modules.d/00-proxy.conf

Load necessary modules

LoadModule rewrite_module modules/mod_rewrite.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

Load lbmethod modules

LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so

Load additional proxy modules

LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so

Edit your sites’ .conf file – vi /etc/httpd/sites-enabled/service.domainname.com.conf

VirtualHost *:443
ServerName service.domainname.com

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/yourcert.crt
SSLCertificateKeyFile /etc/pki/tls/private/yourprivatekey_privatekey.key
SSLCertificateChainFile /etc/pki/tls/certs/bundle.crt

RewriteEngine on
RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule /(.*) "ws://backendserverIP:portnumber/$1" [P,L]

ProxyPreserveHost On
ProxyPass / http://backendserverIP:portnumber/
ProxyPassReverse / http://backendserverIP:portnumber/

ErrorLog /var/log/httpd/service.domainname.com/error.log
CustomLog /var/log/httpd/service.domainname.com/access.log combined


Restart HTTPD and test out your new site!

Testing a YouTube Feed

GoPro Flyaround

HTTPS Security Settings for Apache

Well I got into some interesting spaces when I found this site :


and https://hstspreload.org

In order to get an A+ rating for my blog, I went through all the suggested routines and while I won’t detail them, below is what I have landed on for what works on my WordPress site.

Inject this into your .htaccess file on your Apache webserver

Header set Content-Security-Policy “upgrade-insecure-requests”

Header set Strict-Transport-Security “max-age=31536000; includeSubDomains; preload”

Header set X-Xss-Protection “1; mode=block”

Header set Referrer-Policy “strict-origin”

Header set Permissions-Policy “geolocation=self”

Header set Access-Control-Allow-Origin “https://*yoursite.com*”

Header set Cross-Origin-Embedder-Policy “unsafe-none”

Header set Cross-Origin-Opener-Policy “unsafe-none”

Header set Cross-Origin-Resource-Policy “same-site”

Phishing Events and CyberSecurity

I can’t tell you guys how important it is to be vigilant over the next few months, you will be distracted with holiday events and other social engagements.

If not already, you will be bombarded with scam phone calls and emails. Please! DO. NOT. RESPOND. to those emails and phone calls. Mark them as SPAM and/or phishing and delete them.

The most recent examples relating to phone calls are for people looking to get your social security number, Medicaid, and credit card information. It will be a foreign sounding individual with a “normal” sounding name, like “Robin” or “John” – Hang up on that person immediately!

The most recent examples relating to scam emails is someone “responding” to an email and BCC’ing you with a “what’s this” or  “what is this” and below will be an invoice looking for payment. Mark as SPAM and DELETE THIS EMAIL!!!

There will be variations of this theme, but it is all the same, they want your money and your personal information so that they can trick other individuals to give them their money!

IF you use a password manager like LastPass, I strongly urge you to change all your passwords and keep them in either a different password manager or in a notebook in a safe place in your home.

Hacking is serious business, with serious consequences for those not careful to avoid from being hacked.

It is up to everyone here to keep your organization safe.

🌊 Discover Palacios, Texas – Your Perfect Coastal Getaway! 🏖️

Escape to the serene shores of Palacios, Texas, and experience the ultimate coastal retreat just a stone’s throw away from the vibrant cities of Austin, Houston, and San Antonio! 🚗🌆

🏝️ Embrace Nature’s Beauty: Palacios offers pristine sandy beaches, gently lapping waves, and breathtaking ocean views that will soothe your soul. Whether you’re a beachcomber, water sports enthusiast, or nature lover, our coastal haven has something for everyone! 🐬🌴

🎉 Rich Cultural Heritage: Immerse yourself in the heartwarming traditions and customs of Palacios. Our diverse community warmly welcomes you with open arms, sharing the rich tapestry of our heritage through local festivals, museums, and historical landmarks. 🎭🏛️

🦐 Savor Coastal Delicacies: Indulge your taste buds with Palacios’ delectable seafood cuisine. From succulent Gulf shrimp to mouthwatering oysters, our town’s culinary fusion will leave you craving more! 🍤🍴

🛍️ Shop and Explore: Stroll through our charming downtown filled with unique shops, boutiques, and art galleries. Unearth hidden treasures, souvenirs, and local crafts to cherish the memories of your visit. 🛍️🎨

🚤 Endless Adventures: Whether you’re fishing in the bountiful waters, boating along the bay, or spotting majestic marine life, Palacios offers an array of exciting outdoor activities to create unforgettable memories. 🎣🚣‍♂️

🎵 Vibrant Community Events: Join the rhythm of Palacios through lively music festivals, seafood feasts, and cultural celebrations. Experience the warm hospitality and friendly atmosphere that define our coastal town. 🎶🎉

🏨 Your Gateway to Texas: Conveniently located near Austin, Houston, and San Antonio, Palacios is the perfect weekend escape or a relaxing vacation spot for city dwellers and travelers alike! 🗺️🚗

Discover the hidden gem of the Texas Gulf Coast – Palacios! Start planning your unforgettable coastal adventure today. 🗓️🌅 #VisitPalacios #CoastalEscape #TexasGem🏄‍♂️🌊

Also Visit the city’s page at https://cityofpalacios.org , and our favorite shop, Wananavu Outfitters at https://wananavuoutfitters.com

Installing Pi-Aware aka FlightAware

Buy the following:

Nooelec Dual-Band NESDR Nano 3 Premium ADS-B (978MHz UAT & 1090MHz 1090ES) Bundle for Stratux™, Avare, Foreflight, FlightAware & Other Applications. Includes 2 SDRs, 4 Antennas, 5 Adapters.

Nooelec Omnidirectional 7dBi ADS-B Antenna – 23″ Outdoor Fiberglass Antenna w/Female N-Connector, 10m RG58 Cable Extension w/SMA Connector & Mounting Hardware. Weatherproof. 1090MHz Center Frequency



Once you have all the parts together, head over to FlightAware’s page for a download of the image, or you can hand load it, which is what I did. since the Pi I used also hosts this website.

Hand Load:


Image Download: