Latest Server related questions

I have two site the one is main.domain.com, two is two.domain2.com, domain2 is wordpress blog server in diffrent server that I want use main.domain.com/blog nginx proxy pass to and click the blog page no change the main.domain.com to two.domain2.com, is that can be accomplish?

the code below can only pass to home page, after click blog page domian will change to two.domain2.com.

server {
server_name m ...

I am running a bunch of Ubuntu 20.04 vServers for my company. They have a regularly appearing problem, being that the user manager service for the SSH User ([email protected]), sometimes fails when I log in using SSH.

The only common denominator these servers have is that they are all running Apache servers, an Icinga monitoring service and a daily backup to s3, and that they run with the same hos ...

We do have an old Exchange 2010(yes, i know) as our mail server. Exchange 2010 IMAP protocol only supports tls 1.0 or ssl3 as backup protocol. We have disabled ssl3, so our only option is tls 1.0.

Our problem, we have to setup an IMAP account from an application to Exchange, however, this application only supports tls 1.2 and tls 1.3 which is not option for us.

To my understanding the only possible  ...

New to nginx. I have a VM running Nginx 1.20.1 as a reverse proxy with IP 10.0.0.4. I also have a VM with IIS serving app A with IP 10.0.0.19. The subdomain xyz.test.com.my is pointing to Nginx. From the Nginx VM, I can access app A on IIS using http://10.0.0.19/ABC/Frames/Login.aspx. Even if I use http://10.0.0.19/ABC it also works.

The problem is, i cannot access app A from xyz.test.com.my. I have trie ...

https://licoriceicecream.com/ : expires Monday, 1 May 2023 at 14:43:01

but sudo certbot renew

Processing /etc/letsencrypt/renewal/licoriceicecream.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The following certificates are not due for renewal ...

I have a Linux server, on which I created a public web app (as a test) accessible here: http://tropo.gps.caltech.edu:9384/jsserve

It works as intended. As you can see, it is served on port 9384 with http protocol.

However, I would like to have this public web app accessible via https. I do have SSL certificate, but I want to use another port than 443.

Here is my nginx configuration file: (the relevant bi ...

How to make sure that my server has DPDk compatible NIC ??

I know that I can download dpdk first and then by running ./dpdk-devbind.py from usertools folder can show me the list of NICs using dpdk compatible driver.. But in a brand new server, we haven't installed the dpdk compatible driver and tried binding it to NICs yet, so it's just showing all the NICs using the kernel driver though it has s ...

I have an application which regularly creates a new TCP connection, makes a request, and then gets a just under ~300KB response before closing down the connection. Assuming that I can't redesign this workload, and that the latency between my side and the other side of the connection is ~5ms, how can I optimize for performance?

From a packet capture, I can see:

• SYN-SYNACK-ACK handshake (~15ms)
• I send a s ...

I have a device (a motec ECU) that is connected throught a wired eth, which uses IPV6 with MDNS broadcast messages (ff02::fb) to get discoved in the network.

If I connect a laptop directly to the ecu port it gets discovered just fine and right away.

If instead I try to put a portable wifi router in the middle (tried the TP-Link TL-MR3020) the ecu doesn't get discovered.

I tried sniffing the traffic wit ...

I currently have Postfix/Dovecot email-server configured to run a local system account (Dovecot auth-system) and everything runs fine with a local user set up using /etc/passwd, /etc/shadow.

I would like to set this server to handle additional email accounts on other domains. I was able to set up Postfix with SNI, which appeared to run fine using local system accounts.

However, when I set up Postfix ...

I have a bunch of directories with video files that I would like to merge into larger videos. The logic is that the filenames have date time stamps in them that can be used to figure out which should be merged together. Each existing file is no more than 3 minutes long and then another file is created. If the filenames appear to only be 3 minutes apart, I want to merge those files. If the next file is ...

I have a deploy-pipeline in Azure devops. I am using this to deploy some objects to our k8s cluster (microk8s). I connect to the cluster with the help of a service connection that uses a kube-config.

Now I want to move to using environments. But when using environments I can't use my service connection nor can I use a kube config, I have to use something called a service account.

I have tried adding ...

How to run nginx and ocserv on the same IP:Port using the same domain name? Just like how a similar thing is possible by using SSTP protocol, if I am not mistaken. I am using Ubuntu 20.04.

I'm trying to setup my application using HTTPs, I followed a guide HERE to do it properly but it's not working.

My app runs perfectly in port 80 (http) and when I turn on auto redirect for 443 (https) it gives me a 403 forbiddend when I try to access it through Browser. And in Apache2 error log, I can see the message "AH01276: Cannot serve directory /var/my_app_location/: No matching DirectoryInde ...

I am trying to get a "diff" of the commands that are executed as part of applying different releases of the oscap-anaconda-addon, specifically the STIGs applied in RHEL 7.9 and in AlmaLinux 9.1.

Context: We have a security appliance that was originally based on RedHat 7.9 and are migrating it to AlmaLinux 9.1. There has been a lot of "empirical discovery" so far as we run into configuration differ ...

We have an industrial machine that has an intergrated web server we can connect to for changing parameters. The machine has an address in the 172.29.x.x range. My address is in the 192.168.x.x range. Finally, my PC and the machine are in two different VLANs managed by our firewall. The VLANs have unrestricted communication allowed between the two.

What kind of rule(s) or parameters do I have to c ...

So I have 2 VPS, both Ubuntu.

it's as follows:

1. Has OpenVPN on it, and I use that VPN
2. Has a website that I would like to be able to connect to, but it's not connecting when my VPN is running from server #1

As a said, firewall is inactive, when I run sudo ufw status, it says "Status: inactive"

is there any possible reason for that to happen?

I spent 3 days tracking this down. Apparently Windows Server 2022 does not support Session tickets using any TLS below 1.3. The handshake disconnects. This can be tested by changing the maximum TLS to 1.2 in Firefox - about:config - security.tls.version.max=3

The culprit is reg setting HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\EnableSslSessionTicket If this exists and s ...

NTLM Authentication Failing once Domain Controller was upgraded to Windows Server 2016. Application server is running Server 2012 R2. We have one domain controller left on 2012, NTLM works fine on that controller. When I switch to one of the 2016 servers, it fails. It seems that this may be the issue:

https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network ...

I plan to move several websites that use Sphinx 0.99 including its old PHP API to a new Server running Debian 10 or 11 and wonder if it would even work to get this old Sphinx version running.

To adjust the old PHP API for PHP 8 I think I could do but no idea if it will work to install Sphinx 0.99 on a new Debian Version. My old server is running Debian 8 Jessie (upgraded from Debian 6 Squeeze a few y ...

we currently use oscap to run security scans to validate configurations in DISA STIG for our Linux machines. We are seeing a lot of false positives and we are trying to figure out if there is a way to use a tailoring file to update the rule results so that the end results show as "False Positive" and not "Failed".

We want to see if there's a way to do this through a tailoring file so we have some ...

I have manually triggered update of worker node pool in GKE but after update one of our database persisent volumes was recreated instead of just reattaching to pod on new node.

We have backup for GKE enabled so I tried to restore affected namespace but unfortunately volume is not created. As this is postgresql statefulset it just creates new PVC with no data. There are 2 volumes in this namespace ...

In our AD environment we maintain the Description field to help identify our computers.

I found that I and others on my team can update some system in certain OUs but cannot update them in others.

I Asked our Security and Server teams they don't have an answer as to why nor the time to find out.

Anyone have an answer so I can help them to fix things so that my team can do our job?

Thank you

I want to have an embedded device join a Linux based AD/DC domain. I have kerberos libraries (no executables) on the embedded device. I have an application on the embedded device that can successfully authenticate and access services on the domain as a client. What I also want to do is have the embedded device join the domain as a member, to acquire credentials, and to accept authentication requests  ...

Had a power issue and my openstack will not fully come up.

It is showing that I have VM's but from 5 years ago and not recent ones.

I need help bringing it up.

I am running an OLD version of the software.

+-----------------+-------+
| Field           | Value |
+-----------------+-------+
| heatclient      | 1.1.0 |
| keystoneclient  | 2.3.1 |
| mistralclient   | 2.0.0 |
| novaclient      | 3.3.1 | ...

In my Azure AD tenant that has an active Azure AD Premium 2 license, I have enabled Self-Service Group Management.

Users are able to create security groups and then configure the membership policy with one of the available options:

• This group requires owner approval
• This group is open to join for all users
• Only the owner of this group can add members

Can this also be configured in the Azure AD portal? ...

I developing a node.js program, I want know how much data transfered per port, but i didnt found native node.js solution, there is thired party program, if thay have api,it can be usefull, can you suggest some solution for it?

Problem Statement: Non Admin user is unable to create instances using Openstack Horizon Dashboard.

Errors: Errors seen in sequence on the top right of the page are:

• Error: Forbidden. Insufficient permissions of the requested operation
• Error: Unable to retrieve the flavors.
• Error: Unable to retrieve the images.
• Error: Unable to retrieve instances. Details Policy doesn't allow os_compute_api:server ...

Strange situation happens, about once a month on the server one of the php-fpm child processes is forced to shut down (error log - WARNING: [pool www] child 20651 exited on signal 9 (SIGKILL) after 1788.435071 seconds from start), after that in any of the hundreds of running php scripts an absolutely arbitrary character is changed, which causes error 500 until php-fpm is restarted.

As far as I understan ...

I configured Wordpress on Docker Image:

version: '2'
services:
  db:
    image: 'mysql/mysql-server:8.0'
    volumes:
      - 'db_data:/var/lib/mysql'
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: '${MYSQL_DATABASE_PASSWORD}'
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wordpress
      MYSQL_PASSWORD: wordpress
  wordpress:
    image: 'wordpress:latest'
    ports:
      - 80
 ...