arcconf on Linux: examples

Here are some arcconf usage examples.
Continue reading ‘arcconf on Linux: examples’ »

Apache and nginx: serving different robots.txt for SSL and non-SSL version of the website

Very often, you don’t want the SSL (https://) version of your websites to be crawled by the robots.

Here is how to achieve it under Apache and nginx.

Continue reading ‘Apache and nginx: serving different robots.txt for SSL and non-SSL version of the website’ »

Serious security flaw in WHM/cPanel – symlinks and .htaccess can be evil

WHM/cPanel is one of the most successful web hosting control panel. Especially popular among shared hostings, it came to me as a surprise that it lets you read files which belong to other users, including those containing database credentials (like, the whole contents wp-config.php belonging to other user’s WordPress installation, or configuration.php, being yet another user’s Joomla config file).

Continue reading ‘Serious security flaw in WHM/cPanel – symlinks and .htaccess can be evil’ »

using tcpdump to detect malware presence

tcpdump can be quite useful for finding malware on a a busy server, where temporarily stopping the traffic will affect many users and thus is not recommended.

Note that it will be only useful if the malware is connecting to some external servers.
Continue reading ‘using tcpdump to detect malware presence’ »

Postfix and multiple SSL certificates

If you ever wanted to use your Postfix with multiple SSL certificates for different domains, here is how.
Continue reading ‘Postfix and multiple SSL certificates’ »

Cyrus IMAP server and multiple SSL certificates

If you ever wanted to use your Cyrus IMAP server with multiple SSL certificates for different domains, here is how.
Continue reading ‘Cyrus IMAP server and multiple SSL certificates’ »

Protecting WordPress wp-admin / wp-login.php areas against dictionary attacks and DDoS

For some time, large botnet installations have been attacking WordPress installations from many IPs, sometimes the number of attacking addresses was tens of thousands:

http://www.h-online.com/open/news/item/Large-botnet-attacks-WordPress-installations-worldwide-1841950.html

In theory, if you use a strong password, you should be safe – but there is one more reason to worry: these kinds of attacks can bring your server to a halt or make it very slow.

Is there any way to protect against it?

Continue reading ‘Protecting WordPress wp-admin / wp-login.php areas against dictionary attacks and DDoS’ »

upgrading Redmine from 1.4.4 to 2.3.x on Debian Wheezy using deb packages

Debian Wheezy comes with Redmine 1.4.4. If you want to upgrade to Redmine 2.3.x using deb packages, here is how.

Continue reading ‘upgrading Redmine from 1.4.4 to 2.3.x on Debian Wheezy using deb packages’ »

downgrading to PHP 5.3 on Debian Wheezy (7.0)

Debian Wheezy comes with PHP 5.4. If this is too new for your application and it doesn’t work properly, here is a short description on downgrading to PHP 5.3.

Continue reading ‘downgrading to PHP 5.3 on Debian Wheezy (7.0)’ »

lxc: restricting container view of dmesg

If you don’t like the idea of your lxc container to view dmesg output, which includes host’s data, here is a quick tip.
Continue reading ‘lxc: restricting container view of dmesg’ »