Category: Webserver

the second nftables howto – it is fast and …… complicated

firewall & pinguin: iptables where do thou go? it is said that when using “ip-sets” iptables and nftables achieve almost same performance (amounts of ips possible to block, without server becoming slow/unresponsive) Redhat and nftables on DDoS “so the only […]

ntpd – when fundamentals fail

servers/clients/computers/programs/services/webservers need accurate time… they usually get it from time servers that have an atomic clock attached to their USB port. (just guessing) ping PING ( 56(84) bytes of data. 64 bytes from ( icmp_seq=1 ttl=46 time=43.5 […]


changing port for vestacp backend will also change port for /phpmyadmin vim /usr/local/vesta/nginx/conf/nginx.conf # find this lines # Vhost server { listen 8083; <- change new port :wq # save and quit # restart vesta service vesta restart what you […]

vestacp disable backups

backups can become rather huge. and if you have your own backup mechanism in place… you should: web mode: per package manual mode: per user # edit per user-file: vim /usr/local/vesta/data/users/admin/user.conf # Look for BACKUPS=”?” # line to adjust how […]

a pretty good ipv6 introduction – ipv4 depletion

IPv6: Introduction it’s the year 2019, roughly 14% of the web is running ipv6. you can watch real time statistics here: (i have no clue how accurate the data is, how they are generated) … but it seems there […]

HTTP Status Codes

1×× Informational 100 Continue 101 Switching Protocols 102 Processing 2×× Success 200 OK 201 Created 202 Accepted 203 Non-authoritative Information 204 No Content 205 Reset Content 206 Partial Content 207 Multi-Status 208 Already Reported 226 IM Used 3×× Redirection 300 […]

how to htaccess limit wordpress searches

lately this blog gets bombarded with queries like these: which decoded are Korean SPAM? which translates as: iptables / firewalld seem not to work and have to really really figure out why. until then this is a little workaround, it […]

self hosted wordpress setup script

WARNING! BACKUP YOUR MACHINE! UNTESTED! before running this script change to your new web root: /home/UserName/web/ then run it like /scripts/ it tries to: download and unpack the latest wordpress into the current directory disable xmlrpc.php disable wp-cron.php requirements: a […]

howto wordpress vestacp increase upload max file size limit

1. check what php.ini is used/loaded 1.1. place vim /home/user/web/ with this content: <?php phpinfo(); which will look like this in your browser: MAKE SURE TO REMOVE info.php afterwards! nobody needs to know the details of your webserver. 2. centos7 […]

VestaCP disable roundcube webmail

CentOS7: # search for roundcube config file find / -name *roundcubemail.conf* /usr/local/vesta/install/rhel/6/roundcube/roundcubemail.conf /usr/local/vesta/install/rhel/7/roundcube/roundcubemail.conf /usr/local/vesta/install/rhel/5/roundcube/roundcubemail.conf /etc/httpd/conf.d/roundcubemail.conf # search for installed packages yum list installed |grep roundcube roundcubemail.noarch # is enough to disable roundcube rm -rf /etc/httpd/conf.d/roundcubemail.conf # seems to be no […]

NGINX as HTTP proxy – vhosts and SSL for Tomcat

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term “SSL” now refers to the Transport Layer Security (TLS) protocol, which is based on […]


nginx can be used as webserver, web-proxy and even mail-proxy. “Apache ist aufgrund seiner Architektur und Arbeitsweise doch eher der Traktor unter den Webservern.” X-D (src) let me try to translate: “Apache is due to its architecture and functioning rather […]


in general: social competence demands to first praise then critizise – no matter what – nobody is perfect or god. praise: Thanks for this massively cool webserver software – that can do so many things (vhosts and .htaccess and php) […]

CentOS Redhat – compile Apache2 from source

i tried to compile under debian…. but it’s way more compli cated. also: you probably do not need all the packages stated here… but i did not have the time to sort those out sorry for that. feel free to […]

webserver software marketshare – NetCraft – Web Internet stats statistics – growth number of sites – total number of websites – internet stats statistics

according to apache(2 i guess) is still the dominant webserver on the internet with a market share of 50%. src: according to it is “only” 40% market share for the apache(2) webserver. also most sites are running […]


client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have “StrictHostKeyChecking yes” enabled, you could manually accept […]

cool stuff you can do with ssh

i assume you have setup public-private-key-authentication and tested its workings and tightened security to only allow public-private key auth of specific non-root users. run local scripts remotely You can run local scripts remotely by executing bash on the remote system […]