If you use Apache2 / Apache24 and anti-hammering tools like the Modul evasive and security2 as addon fail2ban than you can fail blogging. Problems: Apache2 Module “evasive” must be fine tuned for WordPress go /etc/apache2/ if you use default enabled auto-safe drafts of posts can let you look like a Attacker so disable auto save by wp-config set “define(‘AUTOSAVE_INTERVAL’, 86400);” !! on small systems redis and other cache technics can generate too additional hidden “posts” traffic to the Apache2 & SQL checkout the system by disable all security addons and fine tune settings, if ok enable them again.. try wordpress […]
Category: Linux Micro Server Projekt
Smartmontools unlisted Devices
If you use a Toshiba Canvio 3tb Drive at a raspi then smartmontools will not see the usb drive. Try: sudo smartctl -t long -d sat -s on /dev/sdb -t test long or short -d drive protocol sata = sat -s enforce smart which is off by the usb drive firmware wait XXX Minutes then: sudo smartctl -H -d sat -s on /dev/sdb get status..
Postfix: Automatic UFW Firewall Updates
If you use a Mail Server with Postfix you got daily Spam Attacks by Scripts: How to fix? Install ufw Firewall Run a Scanner Script as cronjob On Debian/Ubuntu: Install ufw: sudo apt-get update && sudo apt-get install ufw && sudo ufw enable && sudo ufw logging off Scan Script: sudo nano /home/user/firewall-update.sh: #!/bin/bash # scan rejected cat /var/log/mail.log | grep rejected | cut -d"[" -f3 | cut -d"]" -f1|grep -v '^$' > /tmp/firewall.txt # insert to Firewall while read line; do sudo ufw insert 1 deny from $line to any; done < /tmp/firewall.txt # scan "denied" cat /var/log/mail.log | […]
Linux Console: SSH Echo Last User LOGIN Info
If you use SSH Logins to your Systems, you perhaps want to know, who logged in last days and from which IP Address. Screenshot SSH Login Echo LAST Info: Howto: Open the .profile File at your Home with a Editor and enter: clear last -n 4 This will echo after login the last 4 Logins including the used IP’s To prevent Hackers to purge the lines set the .profile File “readonly” sudo chmod 444 .profile sudo chown root:root .profile
Raspberry Pi: Raspian disadvantages of embedded OS
The last 12 month have been a “golden” time of the upcomming embedded linux devices, but the custom OS’s offers some problems, you should know for projects: embedded PC’s like the ARM based pi2 / pi3 uses a own compiled OS not every known debian package is available not all compile scripts to rebuild are available on git slow performance can let you run into unuseable problems (heat, load, I/O), correct written scripts run into freezes without any error made by you! you should take time for a closer look at buying them calc the costs of non-x86 systems, later […]
Security: Webserver HTTPS with Self Signed Certificate Do it yourself in 5 Minutes!!
Today the Point of Security and encrypted Webserver Communication is rolling over every User who hosts own Websites on the Internet. Last decades HTTPS was only used by Online Login Pages like Shops and Banks to verify the Communication between a User PC and the Website. But after January 2015 the most Search Engines like google decides to force index of Websites with HTTPS Protocol. The Background is that a TLS encrypted Connection isn’t easy to track and to force “drive-by-load-Viruses” to the Website Visitors. But a lot of Webmasters of the Opensource Community were angry about this handling. Thats […]