Category: Webserver

self hosted wordpress setup script
07.02.2019

WARNING! BACKUP YOUR MACHINE! UNTESTED! before running this script change to your new web root: /home/UserName/web/domain.com/public_html then run it like /scripts/install_wordpress.sh it tries to: download and unpack the latest wordpress into the current directory disable xmlrpc.php disable wp-cron.php requirements: a […]

howto wordpress vestacp increase upload max file size limit
27.01.2019

1. check what php.ini is used/loaded 1.1. place vim /home/user/web/domain.com/public_html/info.php with this content: <?php phpinfo(); which will look like this in your browser: MAKE SURE TO REMOVE info.php afterwards! nobody needs to know the details of your webserver. 2. centos7 […]

VestaCP disable roundcube webmail
09.08.2018

CentOS7: # search for roundcube config file find / -name *roundcubemail.conf* /usr/local/vesta/install/rhel/6/roundcube/roundcubemail.conf /usr/local/vesta/install/rhel/7/roundcube/roundcubemail.conf /usr/local/vesta/install/rhel/5/roundcube/roundcubemail.conf /etc/httpd/conf.d/roundcubemail.conf # search for installed packages yum list installed |grep roundcube roundcubemail.noarch # is enough to disable roundcube rm -rf /etc/httpd/conf.d/roundcubemail.conf # seems to be no […]

NGINX as HTTP proxy – vhosts and SSL for Tomcat
01.03.2018

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term „SSL“ now refers to the Transport Layer Security (TLS) protocol, which is based on […]

02.08.2017

nginx can be used as webserver, web-proxy and even mail-proxy. „Apache ist aufgrund seiner Architektur und Arbeitsweise doch eher der Traktor unter den Webservern.“ X-D (src) let me try to translate: „Apache is due to its architecture and functioning rather […]

27.07.2017

in general: social competence demands to first praise then critizise – no matter what – nobody is perfect or god. praise: Thanks for this massively cool webserver software – that can do so many things (vhosts and .htaccess and php) […]

CentOS Redhat – compile Apache2 from source
27.07.2017

i tried to compile under debian…. but it’s way more compli cated. also: you probably do not need all the packages stated here… but i did not have the time to sort those out sorry for that. feel free to […]

webserver software marketshare – NetCraft – Web Internet stats statistics – growth number of sites – total number of websites – internet stats statistics
27.07.2017

according to https://w3techs.com/technologies/overview/web_server/all apache(2 i guess) is still the dominant webserver on the internet with a market share of 50%. src: https://trends.builtwith.com/web-server according to builtwith.com it is „only“ 40% market share for the apache(2) webserver. also most sites are running […]

08.06.2017

client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have „StrictHostKeyChecking yes“ enabled, you could manually accept […]

cool stuff you can do with ssh
07.06.2017

i assume you have setup public-private-key-authentication and tested its workings and tightened security to only allow public-private key auth of specific non-root users. run local scripts remotely You can run local scripts remotely by executing bash on the remote system […]

Programming Languages and Security
03.04.2017

ich wollte mal wissen, wie steht es eigentlich um die Security auf Technologie / Programmiersprachen-Ebene? D.h. welche Programmiersprachen machen es einem schwer vs. einfach sichere Software zu schreiben? Natürlich kann man in jeder Programmiersprache angreifbare Projekte entwickeln… das ist kein […]

22.01.2017

tested on vesta cp (apach2+nginx+Debian 8.7) this script could be placed into a file called: /scripts/mon_webserver_activity.sh #!/bin/bash #sh -c ‚tail -f /var/log/vesta/*.log && tail -f /var/log/nginx/*.log‘ & tail -f /var/log/vesta/*.log & tail -f /var/log/nginx/*.log & and you can run it […]

19.09.2016

what config file is nginx using? while it is running you can check via: ps uax|grep nginx root       766  0.0  0.0  41540     4 ?        Ss   Sep16   0:00 nginx: master process […]

13.09.2016

vim /etc/fail2ban/jail.conf; # open up the config file that defines all the defaults # find those lins: # # Destination email address used solely for the interpolations in # jail.{conf,local} configuration files. destemail = YourValidEmailAccount@YourDomain.com # Choose default action. To […]

13.09.2016

but also whole companies from israel are offering tools to nuke off your webserver with „rented“ DDoS attacks vim /etc/fail2ban/jail.local; # add those lines: [apache] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache2/*error.log maxretry = 3 […]

27.08.2016

last -x shutdown shutdown system down  3.16.0-4-amd64   Sat Aug 27 16:31 – 16:32  (00:00)     shutdown system down  3.16.0-4-amd64   Fri Aug 26 08:10 – 08:11  (00:00)     shutdown system down  3.16.0-4-amd64   Thu Aug 25 11:04 […]