in general: social competence demands to first praise then critizise – no matter what – nobody is perfect or god. praise: Thanks for this massively cool webserver software – that can do so many things (vhosts and .htaccess and php) […]
i tried to compile under debian…. but it’s way more compli cated. also: you probably do not need all the packages stated here… but i did not have the time to sort those out sorry for that. feel free to […]
according to https://w3techs.com/technologies/overview/web_server/all apache(2 i guess) is still the dominant webserver on the internet with a market share of 50%. src: https://trends.builtwith.com/web-server according to builtwith.com it is “only” 40% market share for the apache(2) webserver. also most sites are running […]
“You will constantly have to fight for even the most basic of rights – and build your own infrastructure – or your government will spy on you and lobbyists try to take away your freedoms.” Watch this video and this: […]
client /etc/ssh/ssh_config is for client side config – here you can for example enable StrictHostKeyChecking yes /etc/ssh/ssh_known_hosts similar to ~/.ssh/known_hosts it contains the system-wide-accepted public keys of other hosts. So if you have “StrictHostKeyChecking yes” enabled, you could manually accept […]
i assume you have setup public-private-key-authentication and tested its workings and tightened security to only allow public-private key auth of specific non-root users. run local scripts remotely You can run local scripts remotely by executing bash on the remote system […]
this guide is abit outdated… If you need XDebug + Eclipse look here (allows step-debugging of your php code very very nice 🙂 . (slightly more complicated setup) lighttpd is “just as good” as apache2 – except – it does […]
can do NICELY 🙂 also it is possible to sshfs-mount folders of any ssh-server (a bit slow though). sharing resources yes – but allowing anyone to access all files – and be it only in read mode – of your […]
DNS servers are the “yellow pages” “phone book” of the internet. Whoever is running DNS servers get’s to know all queries send (what client is requesting and probably connecting to what address… basically: what websites the user have visited, this […]
firessh FireSSH is a free, cross-platform SSH terminal client for Mozilla Firefox and Google Chrome. Written entirely in Javascript! holy cow! I knew JavaScript was powerful 😀 you will have to type into firefox like this: ssh://login@IP example: ssh://user@172.20.0.25/ … […]
ich wollte mal wissen, wie steht es eigentlich um die Security auf Technologie / Programmiersprachen-Ebene? D.h. welche Programmiersprachen machen es einem schwer vs. einfach sichere Software zu schreiben? Natürlich kann man in jeder Programmiersprache angreifbare Projekte entwickeln… das ist kein […]
DDoS attacks are nasty stuff. Even such simple programs as – autobench – Automates the benchmarking of web servers using httperf – can sufficiently choke a webserver by spawning hundreds and thousands of mysql processes – exhausting all resources of […]
Warning! You will need to have “physical” access to the server’s console in order to perform these steps – remote login via ssh won’t be enough (init 1 – no ssh in rescue mode) Maybe the root / dir and […]
tested on vesta cp (apach2+nginx+Debian 8.7) this script could be placed into a file called: /scripts/mon_webserver_activity.sh [cc lang=”bash” escaped=”true” width=”600″] #!/bin/bash #sh -c ‘tail -f /var/log/vesta/*.log && tail -f /var/log/nginx/*.log’ & tail -f /var/log/vesta/*.log & tail -f /var/log/nginx/*.log & [/cc] […]
this applies to : Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64 GNU/Linux) cat /etc/debian_version 8.6 PHP Version 5.6.28-0+deb8u1 Linux debian home tmp sess can accumulate a lot of files… they stem from mysql but also from php sessions. the […]
[cc lang=”bash” escaped=”true” width=”600″] # become root su; # or sudo bash; lsblk; # list block devices, checkout what harddisks are there NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 47.7G 0 disk └─sda1 8:1 0 23.9G 0 […]
what config file is nginx using? while it is running you can check via: [cc lang=”bash” escaped=”true” width=”600″] ps uax|grep nginx root 766 0.0 0.0 41540 4 ? Ss Sep16 0:00 nginx: master process /usr/local/vesta/nginx/sbin/vesta-nginx admin 770 0.0 0.1 41720 […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios vim /etc/fail2ban/jail.conf; # open up the config file that defines all the defaults # find those lins: # # Destination email address used solely for the interpolations in # jail.{conf,local} configuration files. destemail = […]
if fail2ban fails to ban: https://dwaves.de/2017/07/27/centos7-replaced-firewall-iptables-with-firewalld-iptables-vs-nftables-benchmark-performance-comparison-scalability-when-facing-ddos-scenarios/ but also whole companies from israel are offering tools to nuke off your webserver with “rented” DDoS attacks vim /etc/fail2ban/jail.local; # add those lines: [apache] enabled = true port = http,https filter = apache-auth […]
update: 2020: last time checked fail2ban was INCOMPATIBLE with nftables (next version of iptables) so either one uninstalls nftables and installs “pure” iptables fail2ban might not do what is expected. might also be interesting: automatically banning ssh bruteforce via cron […]
[cc lang=”bash” escaped=”true” width=”600″] last -x shutdown shutdown system down 3.16.0-4-amd64 Sat Aug 27 16:31 – 16:32 (00:00) shutdown system down 3.16.0-4-amd64 Fri Aug 26 08:10 – 08:11 (00:00) shutdown system down 3.16.0-4-amd64 Thu Aug 25 11:04 – 11:05 (00:00) […]
WARNING! central VestaCP software vendor was hacked in 2018 not sure if they fixed the problem and continue VestaCP development (a shame, it was really a very very nice web based gui to admin web and mailsevers) … if you […]
it was a bad idea to use the vestacp backup and restore function. unfortunately i believe you are better off restoring every domain by hand. [cc lang=”bash” escaped=”true” width=”600″] systemctl status apache2.service ● apache2.service – LSB: Apache2 web server Loaded: […]
554-Bad DNS PTR resource record. This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: SMTP […]
WARNING! central VestaCP software vendor was hacked in 2018 not sure if they fixed the problem and continue VestaCP development (a shame, it was really a very very nice web based gui to admin web and mailsevers) it should work. […]
Climate Change is affecting all of us. http://www.climateprediction.net/ https://youtu.be/vrYEh81O-Vs?t=552 -> “How do we get more detailed information?” Computer Simulation -> http://www.ipcc-data.org/ Projects Since Climateprediction.net was launched the combined computing power of its users has allowed scientists to carry out […]
Setting up a simple SSL configuration Setting up a simple SSL configuration with Lighttpd is quite easy. Though this method should be used with care because this setup will only provide proper encryption, not authentication! The user will be presented […]
WARNING! central VestaCP software vendor was hacked in 2018 not sure if they fixed the problem and continue VestaCP development (a shame, it was really a very very nice web based gui to admin web and mailsevers) [Tutorial] How to […]
host -t mx mydomain.com nslookup -q=mx mydomain.com dig -t mx mydomain.com http://superuser.com/questions/44178/how-do-i-get-the-mx-records-for-a-domain-from-nix-command-line
login to local database mysql -u username -p; # connect to MySQL-Server@localhost, it will ask you for password login to a remote database mysql -u username -h your-server.de -p; # connect to a remote MySQL-Server@your-server.de, it will ask you for […]