If you plan to setup a small private Photo Cloud Server and you try to setup „Seafile Community Edition“ there are some MAJOR Points (disadvantages) to know: Seafile Community Edition has limited Functions (5 Users) The Photo Files saved on „Data Blocks Files“ like on „IPFS“ with hash Keys as Names You need a MYSQL […]
Kategorie: Apache
Webserver Port 80 open or close
If you hold a website and use SSL/HTTPS with Certificates theres is often the question should i block Port 80? The most Admins think after the Major Changes of the Browsers to pull first HTTPS Port 443 they can close the HTTP Port 80. But you should NOT do it! Why? most Bots scan at […]
Apache2 evasive Problems with WordPress
If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module „evasive“ must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save […]
Nextcloud Owncloud Upgrade Traps
If you use Nextcloud (Owncloud) and you login into the Admin Panel the Updater display you that your Setup is outdated, you MUST handle as follows to PREVENT System Problems: Do FULL-BACKUP the Server Setup before you CHANGE something! Pre-Check Nextcloud Version dependency’s of PHP-Version and MYSQL Version! Cause Nextcloud offers NO System PRECHECK or […]
mj12bot hammer mediawiki
Here some IP’s of some Botnet Servers of mj12bot.com: the Botnet ignores robots.txt and hammers on Mediawiki’s! A sorted output of a Log done with : cat /var/log/apache2/other*.log|grep MJ | awk '{ print $2 }' | sort | uniq -c | sort -n Output for ufw Firewalls: 162.210.196.97 144.76.3.131 148.251.195.14 5.9.158.195 173.208.157.186 176.31.255.65 178.63.34.189 […]
WordPress Gutenberg Editor fails on modsecurity2
If you use modsecurity2 Plugin Filter on a Apache2 / Apache24 Setup then on my Blogs Gutenberg fails to SAVE Pages and Drafts. Workaround: Install the old but useful „Classic Editor Plugin“ and replace Gutenberg for all Users! Background: It seems the lastest stable mod_security2 Rules not modified for Gutenberg post urls!
Convert WordPress Blog into Static Websites
For some reasons you want to convert your WordPress with Linux Tools into a Static Website: low level Hosting no SQL + PHP for higher Security Then open a Terminal and enter into a Text Editor: nano wp2statis.sh: #!/bin/bash wget \ –recursive \ –no-clobber \ –page-requisites \ –html-extension \ –convert-links \ –restrict-file-names=windows $url-of-site exit 0 […]
Website Speed Test with Linux
If you own a Blog and want to check the Speed with your local Linux Computer use a commandline tool called curl. Open a Terminal and enter: curl -o /dev/null -s -w 'Connect: %{time_connect}\nStart Transfer: %{time_starttransfer}\nTotal: %{time_total}\n' https://www.yourdomain.de System Echos: Connect: 0,084774 Start Transfer: 0,173280 Total: 0,228651 Advantage? You will see the Website Load […]
WordPress Speed Test Optimization
If you use WordPress and you want to get better results on search engines and social media checkout: Load Speed at Google free Speed Analyser for Developer https://developers.google.com/speed/pagespeed/insights/ Reduce and Control the Plugins Reduce and Control Images at Content and Image Sizes 50-100 kb Limits Use latest PHP Version if possible 7.3 Use cached MySQL […]
Apache MEMCACHED UDP Protection
Current a lot of sites blogging about memcached attacks on Servers here some details: Memcached Servers need a installed and running Service called „memcached“ Websites need a php-plugin like php7.0-memcached to connect via API to the memcached Service The Memcached Service uses a own Config File at debian /etc/memcached.conf By default it MUST listen to […]