Author: thx11314

How To Manage Fail2ban Using Perl Script On Remote Servers and A Control Mysql Database

Earlier I posted how to use a text file created by a script to similarly manage the rogue IPs that Fail2ban bans. The problem with using scripts and crontab is that it is not reporting in real-time. The method here works in real-time because Fail2ban reports directly to the MySQL on the control server. On each remote you’ll want to...

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

Mariadb Disable Auto Start on Desktop

How to prevent MariaDB from automatically starting up on a desktop is not the same as prior Mysql versions. Instead of using the remove from rc method, you use systemd (systemctl). But there is nothing in the documentation about that. sudo systemctl disable mysqld Found here: https://ask.fedoraproject.org/en/question/109435/how-to-avoid-start-mysql-services-at-system-boot/ For some reason the MariaDB documentation thinks its a good idea to have...

Fail2ban ERROR /bin/sh iptables No such file or directory

In Fail2ban version 0.9 running on Debian 9 server fail2ban.action [17325]: ERROR -n -L INPUT | grep -q ‘f2b- [ \t]’ — stderr: b’/bin/sh: iptables: No such file or directory\n’ [edit] /etc/fail2ban/action.d/iptables-common.conf [change] iptables = iptables [to] /sbin/iptables = iptables

Bash PS1 Manual Prompt Variables

PS1=’\[$(tput bold)$(tput setab 1)$(tput setaf 2)\]\t \u@\h \w \[$(tput sgr0)\] ‘ https://linuxconfig.org/bash-prompt-basics \a : an ASCII bell character (07) \d : the date in “Weekday Month Date” format (e.g., “Tue May 26”) \D{format} : the format is passed to strftime(3) and the result is inserted into the prompt string; an empty format results in a locale-specific time representation. The braces...

How to Force HTTPS using Apache

Edit .htaccess <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule>

Debian 9 Stretch Apache 2.4 MariaDB 10.1.26 PHP 7.0

Installation notes for Debian 9 Apache 2.4 MariaDB 10.1.26 PHP 7.0 differ somewhat from prior LAMP installations. Also included here are notes on PSAD and Fail2ban. PSAD requires netstat which is no longer included in Debian 9 apt-get install net-tools apt-get install apache2 apt-get install software-properties-common apt-get install mariadb-server sudo /usr/bin/mysql_secure_installation sudo mysql -v

SSH Reverse Tunnel Not Working Mystery

When using autossh to create a reverse tunnel, sometimes, mysteriously (for the moment), on the remote server, the connect is refused, returning this message in syslog/messages autossh[7451]: 127.0.0.1:{port}: Connection refused The problem is autossh process is running (pid 7451) but frozen ( thats the mystery ) The solution: sudo kill $(ps aux | grep ‘autossh’ | awk ‘{print $2}’)

How To Set Up Password Authentication in Apache2

sudo apt-get install apache2-utils ( FIRST USER only ( -c ) option to create file, or you will wipe all your existing logins !!! ) sudo htpasswd -c /etc/apache2/.htpasswd username1only sudo htpasswd /etc/apache2/.htpasswd username2etc Conventional setup sudo vi /etc/apache2/sites-enabled/000-default.conf ( In which case you must specify the Directory to be protected ) <Directory “/var/www/www.example.com/administrator”> AuthType Basic AuthName “Restricted Content” AuthUserFile...

Privacy Preference Center