If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module “evasive” must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save by wp-config set “define(‘AUTOSAVE_INTERVAL’, 86400);” !! on small systems redis and other cache technics can generate too additional hidden “posts” traffic to the Apache2 & SQL checkout the system by disable all security addons and fine tune settings, if ok enable them again.. try wordpress […]
Category: Micro Server
Apache2 evasive Problems with WordPress
If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module “evasive” must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save by wp-config set “define(‘AUTOSAVE_INTERVAL’, 86400);” !! on small systems redis and other cache technics can generate too additional hidden “posts” traffic to the Apache2 & SQL checkout the system by disable all security addons and fine tune settings, if ok enable them again.. try wordpress […]
Smartmontools unlisted Devices
If you use a Toshiba Canvio 3tb Drive at a raspi then smartmontools will not see the usb drive. Try: sudo smartctl -t long -d sat -s on /dev/sdb -t test long or short -d drive protocol sata = sat -s enforce smart which is off by the usb drive firmware wait XXX Minutes then: sudo smartctl -H -d sat -s on /dev/sdb get status..
Postfix: Automatic UFW Firewall Updates
If you use a Mail Server with Postfix you got daily Spam Attacks by Scripts: How to fix? Install ufw Firewall Run a Scanner Script as cronjob On Debian/Ubuntu: Install ufw: sudo apt-get update && sudo apt-get install ufw && sudo ufw enable && sudo ufw logging off Scan Script: sudo nano /home/user/firewall-update.sh: #!/bin/bash # scan rejected cat /var/log/mail.log | grep rejected | cut -d"[" -f3 | cut -d"]" -f1|grep -v '^$' > /tmp/firewall.txt # insert to Firewall while read line; do sudo ufw insert 1 deny from $line to any; done < /tmp/firewall.txt # scan "denied" cat /var/log/mail.log | […]
Linux Console: SSH Echo Last User LOGIN Info
If you use SSH Logins to your Systems, you perhaps want to know, who logged in last days and from which IP Address. Screenshot SSH Login Echo LAST Info: Howto: Open the .profile File at your Home with a Editor and enter: clear last -n 4 This will echo after login the last 4 Logins including the used IP’s To prevent Hackers to purge the lines set the .profile File “readonly” sudo chmod 444 .profile sudo chown root:root .profile
Raspberry Pi: Raspian disadvantages of embedded OS
The last 12 month have been a “golden” time of the upcomming embedded linux devices, but the custom OS’s offers some problems, you should know for projects: embedded PC’s like the ARM based pi2 / pi3 uses a own compiled OS not every known debian package is available not all compile scripts to rebuild are available on git slow performance can let you run into unuseable problems (heat, load, I/O), correct written scripts run into freezes without any error made by you! you should take time for a closer look at buying them calc the costs of non-x86 systems, later […]
Security: Webserver HTTPS with Self Signed Certificate Do it yourself in 5 Minutes!!
Today the Point of Security and encrypted Webserver Communication is rolling over every User who hosts own Websites on the Internet. Last decades HTTPS was only used by Online Login Pages like Shops and Banks to verify the Communication between a User PC and the Website. But after January 2015 the most Search Engines like google decides to force index of Websites with HTTPS Protocol. The Background is that a TLS encrypted Connection isn’t easy to track and to force “drive-by-load-Viruses” to the Website Visitors. But a lot of Webmasters of the Opensource Community were angry about this handling. Thats […]
Hardware Tip: “Null Euro” entkoppelte Festplatte (“Zero Dollar” Hard Drive acoustic decoupling)
Problem: Festplatten brummen in PC Gehaeuse, Schwingungen werden uebertragen. Harddrive rotations transmitted by case parts and acousitc boosted up Professionelle Produkte zum entkoppeln kosten bis 30 Euro. Professional Parts must be paid up to 40 Dollars/Drive Lösung: “Null Euro” Lösung – “Zero Dollar” Solution Festplatten im 5.25 Zoll Laufwerk auf Einmachgummis haengen Harddrives mounted on grommets of old botteling jars
Linux FreeBSD: Protect your Disc Data against power loss
Problem: If you use IDE or SATA Disc Drives inside your Workstation or Server without a additional uninterruppted power supply after a power loss your Disc Drives can lose data, do not boot clean up agian or damage the drive headers and sectors. Background: SATA or IDE Drives uses “Disc Cached Controllers”, the count of this disc cache reach from 8 to 64 megabytes. In case of data write to disc, the disc controllers do cache some data who are often used. A Raid 1 Disc Mirror is affected too by this problem. SCSI od SAS are not using Cache […]
Security Bug smeserver-phpmyadmin-multiuser-2.11.3-3.el4.sme.noarch.rpm
If you use: smeserver-phpmyadmin-multiuser-2.11.3-3.el4.sme.noarch.rpm and run db configuration setprop access private the Login Interfaces is public !!! Please take newer version: smeserver-phpmyadmin-multiuser-2.11.9-XX.el4.sme.noarch.rpm
Sun Cobalt Linux “Bluequartz” renamed to “Blueonyx” (old Nuonce)
http://www.blueonyx.it See site above the old known Sun Cobalt Linux (Bluequartz-Webinterface + Sun Cobalt Linux) was redesigned last years by Nuonce, Strongbolt.uk, Solarspeed.net and is now made with: Centos 5.2 Blueonyx for new Servers x86 and AMD64 For Classic View the old nice Sun Theme is still available and easy to switch at user settings. To CHANGE the Login Pictures Blueonyx to your loved old View of Sun Cobalt Themes download here the Theme Pictures of old SUN Cobalt and copy it at the folder sausalito see info.txt http://www.blueonyx.it Free Distribution for your Webservers
Papierkorb Recycle Bin Samba Share Howto
How to create a Samba Recycle Bin ? (Ersatz fuer Papierkorb Windowserver) At first you need to create the /etc/samba/recycle.conf file # touch /etc/samba/recycle.conf # nano /etc/samba/recycle.conf add: ##Recycle Bin ## name = Recycle Bin mode = KEEP_DIRECTORIES|VERSIONS|TOUCH maxsize = 0 exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace excludedir = /tmp|/temp|/cache noversions = *.doc|*.ppt|*.dat|*.ini|*.mp3(Block unwanted Files) edit your /etc/samba/samba config file # nano /etc/samba/smb.conf add at section “homes” vfs object = recycle config-file = /etc/samba/recycle.conf recycle:repository = Recycle Bin recycle:keeptree = Yes recycle:versions = Yes Now restart your samba daemons and the recycle bin should show up after a few moments (but most likely […]
Clean Linux Console tty1 after boot or logout
Problem: At a server everybody can see messages at tty1 Solution: Open a console as root or with “sudo” and insert. # sudo echo -e '\e[H\e[2JUbuntu 8.04 \\n \\l\n' | sudo tee /etc/issue > /dev/null
Smeserver: Samba Password Login fails ü ä ö
Problem: Wenn man ein Windows-Passwort für User mit ä ü ö verwendet, kann man sich nur mit FTP zum SME Server verbinden eine Anmeldung mittels SMB Windows-XP Protokoll geht nicht Loesung Passwort ohne ä ü ö nehmen oder, als root am Server per ssh anmelden und folgendes eingeben: #db configuration setprop smb UnixCharSet ISO8859-15 (+Enter) # expand-template /etc/smb.conf (+Enter) # /etc/init.d/smb restart (+Enter) Problem: If you use a password with special characters like üäö or british pound.. you can login at the sme server but not connect the smb shares from windows. Solution: change to easier password or, do a […]