Category: Linux

Setup LAMP Server Debian 9 Apache 2.4 MarianDB Php 7

Prerequisite is a fresh remote server with Debian 9 Stretch installed and booted From remote terminal Block all traffic iptable -F iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP Create a User sudo useradd -d /home/username -m username Set the User’s Password sudo passwd username Add the User to the Admin Group sudo adduser username adm...

Fail2ban ERROR /bin/sh iptables No such file or directory

In Fail2ban version 0.9 running on Debian 9 server fail2ban.action [17325]: ERROR -n -L INPUT | grep -q ‘f2b- [ \t]’ — stderr: b’/bin/sh: iptables: No such file or directory\n’ [edit] /etc/fail2ban/action.d/iptables-common.conf [change] iptables = iptables [to] /sbin/iptables = iptables

How to Force HTTPS using Apache

Edit .htaccess <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] </IfModule>

How To Set Up Password Authentication in Apache2

sudo apt-get install apache2-utils ( FIRST USER only ( -c ) option to create file, or you will wipe all your existing logins !!! ) sudo htpasswd -c /etc/apache2/.htpasswd username1only sudo htpasswd /etc/apache2/.htpasswd username2etc Conventional setup sudo vi /etc/apache2/sites-enabled/000-default.conf ( In which case you must specify the Directory to be protected ) <Directory “/var/www/”> AuthType Basic AuthName “Restricted Content” AuthUserFile...

Fail2ban Mysql Database to Manage Persistent Bans

Step 1 Create Database and Tables in MySQL Add a “source” field for the server name if you want to use a remote database setup (and add it to the UNIQUE KEY). The UNIQUE KEY prevents duplicates of course. But this means you can refresh the perl script without handling duplicates there which would complicate things considerably. CREATE TABLE iptable...

Disable IPV6 Debian

sudo vi /etc/sysctl.conf # to disable IPv6 on all interfaces system wide net.ipv6.conf.all.disable_ipv6 = 1 # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks net.ipv4.conf.default.rp_filter=1 net.ipv4.conf.all.rp_filter=1 # Do not accept ICMP redirects (prevent MITM attacks) net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 #...

Stop the Kernel Logging ipv6

To disable IPv6 on all interfaces system wide sudo vi /etc/sysctl.conf add this line net.ipv6.conf.all.disable_ipv6 = 1 Or To disable IPv6 on an interface only net.ipv6.conf.lo.disable_ipv6 = 1 net.ipv6.conf.eth0.disable_ipv6 = 1 sudo sysctl -p /etc/sysctl.conf or reboot

DD Used Space Only Image File Using Gzip Solved

The problem is how to create an img of a disk (or storage of any kind) while not saving the entire unused space – shrink empty disk space with dd. Like many similar problems, I found many posts about how to save the img of a disk and remove empty partitions. Most are obsolete or did not work as specified, which...

Disable RC4 and SSL3

sudo vi /etc/apache2/mods-available/ssl.conf SSLHonorCipherOrder on SSLCipherSuite “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS” SSLProtocol All -SSLv2 -SSLv3 SSLCompression Off

How To Configure exim4 on Debian

sudo vi hosts localhost {server ip address} www sudo vi hostname hostname -f sudo vi /etc/mailname apt-get install exim4 dpkg-reconfigure exim4-config (the following setup for Google mail server) Hide local mail name in outgoing mail? No Split configuration into small files? Yes sudo vi /etc/exim4/update-exim4.conf.conf dc_eximconfig_configtype=’smarthost’ dc_other_hostnames=’localhost;’ dc_local_interfaces=’′ dc_readhost=” dc_relay_domains=” dc_minimaldns=’false’ dc_relay_nets=” dc_smarthost=’′ CFILEMODE=’644′ dc_use_split_config=’true’ dc_hide_mailname=’false’...

Padre Still Crashes on Debian Linux

The linked post was written in 2012 explaining what I think most users of Padre encounter, and therefore I won’t repeat anything already nicely documented there except to quote “And please do not feed me a junk line about it works on my Linux distribution, I do not care. Pretend I am a normal end user for a moment. If...

Force WordPress SSL HTTPS on Only One Page

RewriteEngine On Options -Indexes Options +FollowSymLinks RewriteBase / # force https for all URLs matching “subscribe.* # otherwise normal http request are unmolested # other methods that force ssl cause 301 redirects on # all pages RewriteCond %{HTTPS} =off RewriteRule ^subscribe https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d ## standard rule but causes redirect loops #RewriteRule . /index.php [L]...

USB Linux Wipe Format Ext2 Filesystem

Find the correct device fdisk -l Unmount the device unmount /dev/sdc Wipe the device (handles bad blocks too) dd if=/dev/zero of=/dev/sdc bs=4k Format device mke2fs /dev/sdc1 Make a mount point mkdir /mnt/memstick Mount the device mount /dev/sdc1 /mnt/memstick

Privacy Preference Center