Search Engine Optimization | Internet Marketing | Webmastering Blog

Systemd ssh Reverse Tunnel on Debian 9 Stretch

I have used rc.local for years to setup an ssh reverse tunnel on boot under Debian up until Stretch. Now like many others I imagine, I’ve had to convert to systemd. I read everything I could about the choice for deprecating rc.local for systemd. I can say that systemd may be powerful, but systemd’s complexity entails a huge learning-curve for...

How To Manage Fail2ban Using Perl Script On Remote Servers and A Control Mysql Database

Earlier I posted how to use a text file created by a script to similarly manage the rogue IPs that Fail2ban bans. The problem with using scripts and crontab is that it is not reporting in real-time. The method here works in real-time because Fail2ban reports directly to the MySQL on the control server. On each remote you’ll want to...

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

Mariadb Disable Auto Start on Desktop

How to prevent MariaDB from automatically starting up on a desktop is not the same as prior Mysql versions. Instead of using the remove from rc method, you use systemd (systemctl). But there is nothing in the documentation about that. sudo systemctl disable mysqld Found here: For some reason the MariaDB documentation thinks its a good idea to have...

Fail2ban ERROR /bin/sh iptables No such file or directory

In Fail2ban version 0.9 running on Debian 9 server fail2ban.action [17325]: ERROR -n -L INPUT | grep -q ‘f2b- [ \t]’ — stderr: b’/bin/sh: iptables: No such file or directory\n’ [edit] /etc/fail2ban/action.d/iptables-common.conf [change] iptables = iptables [to] /sbin/iptables = iptables

Bash PS1 Manual Prompt Variables

PS1=’\[$(tput bold)$(tput setab 1)$(tput setaf 2)\]\t \u@\h \w \[$(tput sgr0)\] ‘ \a : an ASCII bell character (07) \d : the date in “Weekday Month Date” format (e.g., “Tue May 26”) \D{format} : the format is passed to strftime(3) and the result is inserted into the prompt string; an empty format results in a locale-specific time representation. The braces...

How to Force HTTPS using Apache

Edit .htaccess <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule>

Debian 9 Stretch Apache 2.4 MariaDB 10.1.26 PHP 7.0

Installation notes for Debian 9 Apache 2.4 MariaDB 10.1.26 PHP 7.0 differ somewhat from prior LAMP installations. Also included here are notes on PSAD and Fail2ban. PSAD requires netstat which is no longer included in Debian 9 apt-get install net-tools apt-get install apache2 apt-get install software-properties-common apt-get install mariadb-server sudo /usr/bin/mysql_secure_installation sudo mysql -v

SSH Reverse Tunnel Not Working Mystery

When using autossh to create a reverse tunnel, sometimes, mysteriously (for the moment), on the remote server, the connect is refused, returning this message in syslog/messages autossh[7451]:{port}: Connection refused The problem is autossh process is running (pid 7451) but frozen ( thats the mystery ) The solution: sudo kill $(ps aux | grep ‘autossh’ | awk ‘{print $2}’)

How To Set Up Password Authentication in Apache2

sudo apt-get install apache2-utils ( FIRST USER only ( -c ) option to create file, or you will wipe all your existing logins !!! ) sudo htpasswd -c /etc/apache2/.htpasswd username1only sudo htpasswd /etc/apache2/.htpasswd username2etc Conventional setup sudo vi /etc/apache2/sites-enabled/000-default.conf ( In which case you must specify the Directory to be protected ) <Directory “/var/www/”> AuthType Basic AuthName “Restricted Content” AuthUserFile...

Apache2 Custom 404 Page

Create a html page sudo vi /var/www/missing.html whateveryouwanttosay sudo chown www-data:www-data /var/www/missing.html sudo vi /etc/apache2/conf.d/localized-error-pages Uncomment #ErrorDocument 404 /missing.html sudo service apache2 restart

Harden Apache 2.2

sudo vi /etc/apache2/conf.d/security ServerTokens Prod ServerSignature Off sudo vi /etc/apache2/sites-available/default Directory /var/www/html> Options -Indexes /Directory>

Fail2ban Mysql Database to Manage Persistent Bans

Step 1 Create Database and Tables in MySQL Add a “source” field for the server name if you want to use a remote database setup (and add it to the UNIQUE KEY). The UNIQUE KEY prevents duplicates of course. But this means you can refresh the perl script without handling duplicates there which would complicate things considerably. CREATE TABLE iptable...