If you hold a website and use SSL/HTTPS with Certificates theres is often the question should i block Port 80? The most Admins think after the Major Changes of the Browsers to pull first HTTPS Port 443 they can close the HTTP Port 80. But you should NOT do it! Why? most Bots scan at first Port 80 for Content or for Listening Web Servers. More Details: https://letsencrypt.org/de/docs/allow-port-80/
Category: FreeBSD
Firefox Bug more than a Feature no Sound after Update
If you use firefox for hamradio like openwebrx or kiwisdr the Sound will die after a Update! That’s NO Driver or NO Linux or a WEBSDR Problem, The Problem is DISABLED AUDIO startup on Firefox Fix: Enter at the URL-BAR “about:config” search entry “media.autoplay.block-webaudio” to false Restart Firefox and be happy.. If you are a Security Nerd then use 2 Firefox Profiles for Web and different for SDR-Radio..
Convert WordPress Blog into Static Websites
For some reasons you want to convert your WordPress with Linux Tools into a Static Website: low level Hosting no SQL + PHP for higher Security Then open a Terminal and enter into a Text Editor: nano wp2statis.sh: #!/bin/bash wget \ –recursive \ –no-clobber \ –page-requisites \ –html-extension \ –convert-links \ –restrict-file-names=windows $url-of-site exit 0 Advantage? wget runs on most WP-Themes low Load on the convert Process Script can be used to run by Cron automaticly every Night !
Website Speed Test with Linux
If you own a Blog and want to check the Speed with your local Linux Computer use a commandline tool called curl. Open a Terminal and enter: curl -o /dev/null -s -w 'Connect: %{time_connect}\nStart Transfer: %{time_starttransfer}\nTotal: %{time_total}\n' https://www.yourdomain.de System Echos: Connect: 0,084774 Start Transfer: 0,173280 Total: 0,228651 Advantage? You will see the Website Load Time of Users at your Location (Country Area) You can check “high performance Clouds” vs. “bare metal Servers” or “virtual Hosting” You see that mostly expensive Hosting is wasted money cause “shared” IO V-Host is SLOWER! You get the real “felt” IO for Users who […]
Locale Umloud Problems Cron
If you run scripts to handle text output by cronjobs your perhaps get problems with umlouds “ÖÄÜ” cause they are displayed by “**”. This is a problem cause cron uses “C” setting as locale, you can test it by setting it into root crontab: open crontab from root with: $su – root $crontab – insert * * * * * locale This will mail cron’s locale echo to the mailbox of root! Read root’s mail! After tests remove the locale entry at crontab! Howto fix for Scripts: open crontab from root with: $su – root $crontab -e insert (for German): […]
Linux Console: SSH Echo Last User LOGIN Info
If you use SSH Logins to your Systems, you perhaps want to know, who logged in last days and from which IP Address. Screenshot SSH Login Echo LAST Info: Howto: Open the .profile File at your Home with a Editor and enter: clear last -n 4 This will echo after login the last 4 Logins including the used IP’s To prevent Hackers to purge the lines set the .profile File “readonly” sudo chmod 444 .profile sudo chown root:root .profile
Rsync: Performance NFS Boost
If you use two Linux Servers with NFS Shares connect over Gigabit Interfaces for Backups, you perhaps remark performance problems on using rsync. It does often pause transmissions or reach only a rate of 32Mb/s. That’s bad and waste time and energy. Background: After some Tests of running Backups with single files and compressed big archives, the scans of my tools like iftop, systat, iptraf found out that the used Option “rsync -avz” was the bottle neck, cause the Data Rate break down at intervals. The “z” compress option was described on howtos as must have for slower networks did […]
FreeBSD: Monitor svn Updates
If you use the svn subversion tool to update source tree or ports tree, you want to have a possibility to look back what was pulled, pushed and droped you can use a Log File to monitor the update scripts. This helps if you temporarily log out the Terminal Sessions for a Coffee break. Howto: Login to FreeBSD via SSH Use a tmux program like screen or tmux, if not installed, then install it. This allows ongoing operations on disconnects Run on the Terminal $tmux Run $sudo svn update /usr/src > /home/updates/svn.log #exit STRG+B then press "d" detach The svn […]
FreeBSD: Current Version port upgrade fails with “portsnap extract” bug
If you use the current “head” Version (Release 12) of FreeBSD with a svn updated /usr/src path you could run into errors after updating the OS via buildworld from sources. There’s a bug ahead Revision “r314099” at the “portsnap” lib that will stop on extracting the ports.tgz to /usr/ports! Solution: Pull again sources to /usr/src with $svn update /usr/src $make buildworld $make buildkernel $make installkernel $reboot $mergemaster -p $make installworld $mergemaster -FiU $reboot $portsnap fetch update #again.. to update ports tree $portupgrade -a $reboot This should work now, the failed portsnap extract function was a known bug. If you dont […]
Password: Simple script generator on a linux console
If you need a password creator for your daily needs you can do this with a default tool called openssl / libressl and a small bash script: Howto: open a console open as user a editor like nano or vi with $nano pwcreate.sh insert this: #!/bin/sh /bin/bash -c "for i in {1..20}; do openssl rand -base64 32; done" exit 0 exit and save the script set it to runable with $chmod 755 pwcreate.sh test it.. with ./pwcreate.sh should echo like this: 6gUUuothdHwwaWHjA/UhyCiV3FWpPC1lBQTIY3IiQn8= ozqloLyWXQyBJlcVXPVLY2PBpRV04uVkWrP6c1epxCs= gjLE6MWeK+c6EBx1wV/uUxubtrLoeUpXb4GCIEQK3b8= X4RoYhASR6i4BfwDYoB2+/gNWY1P35MM6jJYaOEpV0M= dXoLBGrRC+oei6cm6N1bD8k/ntZi5grtKLEH6SytTXQ= 2DZ1yAi96xvGlHQLQoexUhPc2w1iIqoeVW8zHaMmsvU= Vmq4r5ZXC2EKu5Ze7SLBbKavpkLQC0RRrXEGlDmxfpY= FSXmp+cVKPvpq/JhyhuGHJ2ue3L6hLEcX6XfkUCrYqg= GvbWjPYvoOWJPOMOG6oihGFQv9wNgwZO2Go/ogJkmBM= z6P+VHsGBPKTpR6yzThKjyGVVwa/WWtuv/G/aO27bEM= qBozaA2PMMy+zhVrvUNVSbP2mg9KshsXYfTzuTvmlkI= ARYyGx2dE1yfPJydBlvaNXpKmRbZI7CHbcCPDHgTcNo= 7PrqMZqFJ7gqeGzWjdqFCdIHvnl3vgoYAxiL4wN2Jcw= q6Wwi1rG0j0WqXuUhdIpZ2C7BergeqSExDv87a/DIsw= d7R6nCuYo6lo+gFiwroaAeG5RxPxWrPDf8oJxv+toHU= 7EQZysp2leEqP6eDp8M6+DeT71gpyqYEiSzMvMLjMys= B7J3JdrDxFCW3rV09Ut+wLukVgSUk41SroBQTzrgirY= yXrgYLD2YK2DN+aZCF4N6WXO/IL5RC6JM2mxW3xAnbc= Wr/QF46wo5Dtobl5maojZc2jrF4bvO1sNWed8OpTsTc= […]
Security: Webserver HTTPS with Self Signed Certificate Do it yourself in 5 Minutes!!
Today the Point of Security and encrypted Webserver Communication is rolling over every User who hosts own Websites on the Internet. Last decades HTTPS was only used by Online Login Pages like Shops and Banks to verify the Communication between a User PC and the Website. But after January 2015 the most Search Engines like google decides to force index of Websites with HTTPS Protocol. The Background is that a TLS encrypted Connection isn’t easy to track and to force “drive-by-load-Viruses” to the Website Visitors. But a lot of Webmasters of the Opensource Community were angry about this handling. Thats […]
Raspberry Pi: Howto build a Local Network Monitor for Intrusion Logging Watchdog
Today the count of network devices at home networks grows up weekly, cause more and more home devices like freezers, coffee engines, dishwasher and more got builtin wifi interfaces. To have a Control Unit you can use a raspberry pi2 as cheap Network Monitor Logger. The Raspian by default offers builtin free tools, like arp, arp-scan, nmap, ping to easy monitor a network. If you have learned some commands and the bash scripting you can fast create a Network Logger, perhaps with analyse tools to mail alerts if new “MAC” NIC Adresses are seen. Every network device uses a owned […]
Owncloud: Howto harden owncloud access with a ssh tunnel and squid
If you want to use a private secure owncloud (WebDAV Space Server) as Backup for all your devices you can harden the access thru a openssh Login with key auth and a squid as relay. Install apache2, php5, mysql-Server, openssh, squid3 config Apache2 to listen on https://localhost:443 setup squid3 and config the Proxy to listen only on localhost:3128 install owncloud to /var/WWW with forced “https” settings at the config.php create ssh-keys to auth with password protected key to the SSH Server If done, you can access the private Backup-Server via a Terminal/ Putty with the Tunneling Options $ssh -L 3128:localhost:3128 username@owncloudserver.home Open your Browser on your […]
Oneye: Cloud Office Solution
If you are looking for a Cloud based Office Solution you should take a closer look on the Open Source Software “oneye” (commercial version of eyeos) All you need is a cloud served or home hosted LAP Webserver (Linux/Unix, Apache, PHP5 Server) NO Database required! Source: http://oneye-project.org/ Advantages? + Weboffice with Word, Excel, Mail Client POP+IMAP, Spreadsheet + Internal Message System for User Chat INTERNAL ONLY + FTP UP/DOWNLOAD, PHP UP/DOWNLOAD + Desktop on Server Hardware possible with Raid, and full Backups! (possible nightly cron job folder to tar) + Reachable Office over Internet without any Apps installed! Every Browser Supported! […]
PHPMYADMIN: Performance Monitor not working Java Script Error
If you install phpmyadmin on your Server Version 4.XX, the Browser shows a Javascript Error if the Performance Monitor is opened. Problem is the mostly the setting “localhost” on the config.inc.php file. If you want to view the monitor from external, set the ip to 192.XXX.XXX.XXX or domainname and control that the MYSQL Server is listening on all IPs! Warning! If you dont really need this tool DONT CHANGE the MYSQL Server IP to listening “ALL” cause LOCALHOST is much more secure! Localhost should work if you have installed a local proxy on the Server! So you can relay the […]
FreeBSD: Clicking noise Harddrive SATA WDC WD5000LPVX SATA 3 Drive on FreeBSD 9.1
FreeBSD: Clicking noise WDC WD5000LPVX SATA 3 Drive on FreeBSD 9.1 same like in Linux: APM Funktion starts/stops the heads and make click sounds, not needed on a Server. To disable like in Linux with hdparm on FreeBSD do: If you want to disable APM (Advanced Power Management) on your hard drive to reduce heads movements and increase your hard drive life you can do that very easy by using ataidle app from FreeBSD’s Ports: cd /usr/ports/sysutils/ataidle make install clean; rehash Then to disable APM on your hard drive run: ataidle -P 0 /dev/ad0 We can start ataidle app at […]