Latest Server related questions

I have Synology NAS with embedded Linux and can use only predifined utilities.

When im try copy remote files through:

smbclient connect to remote

smb: \> prompt
smb: \> mask *file*.rar
smb: \> mput *

Copy is OK

but how i can do this?

smbclient connect to remote

smb: \> prompt
smb: \> mask "date ‘+%Y_%m_%d’*.rar" > I get error 
smb: \> mput *

I try use alias too, it don't work  ...

I have the below 3 rules in modsecurity.

Rule 1: Block all countries defined as high risk except US:

SecAction \
 "id:900600,\
  phase:1,\
  nolog,\
  pass,\
  t:none,\
  setvar:'tx.high_risk_country_codes = AD AE AF AG AI AL AM AO AQ AR...'"

#Allow only the below countries
SecRule REMOTE_ADDR "@geoLookup" "chain,id:2000001,drop,msg:'Countries allowed'"
SecRule GEO:COUNTRY_CODE "!@pm US"

Rule 2

I've got a Debian 11 system running as a local file server. I want to keep it as simple as possible but have some basic monitoring from Monit. I've installed and configured msmtp and msmtp-mta and I've confirmed that I can send test messages from the command line with

mail -s "test" [email protected] <<END
This is a test
END

and I've got emails coming through from unattended-upgrades.

I've ...

We currently have some software that contains Prometheus data on a GCE. The said GCE already has the legacy logging agent using fluentD running, this is currently incompatible with the google ops agent according to google (we tried).

We also tried running another GCE with just the ops agent trying to pull the prom data off this vm with the application but it seems not readable. I’m not sure if  ...

I am trying to set up a locally-hosted ejabberd instance running in docker to use push notifications with monal-im.

I am getting the following error in the log

Failed outbound s2s EXTERNAL authentication chat.[MY DOMAIN].com -> eu.prod.push.monal-im.org (2.59.135.40): Authentication failed: Peer responded with error: unable to verify the first certificate (not-authorized)

I'm not an expert in security ...

I created a new VPC ca-central. I followed the same procedure as everywhere else:

• New VPC (this created acl which is wide open)
• three subnets, one for each availabiltiy zone, CIDR spaced out properly
• all subnets on routing table
• that routing table routes 0.0.0.0/0 to internet gateway
• instances use a secGroup which has port 22 open inbound, all traffic outbound
• everything attached properly to vpc ...

I'm running Prometheus and Grafana from docker-compose and basically it works. But I don't get my prometheus data to persist on my host machine.

As soon as I switch my volume settings from

---
version: "3.3"
services:
  prometheus:
    image: prom/prometheus:v2.43.0
    container_name: prometheus
    restart: unless-stopped
    volumes:
      - ./assets/config/prometheus/prometheus.yml:/etc/prometheus/ ...

I have cloud machine with public ip on eth0 and other interface zerotier have local machines with homeassistant https://192.168.0.15:8123. This cloud machine can access https://192.168.0.15:8123 over zerotier. I would like to route incoming traffic eth0 to homeassistant.

incoming public ip -> eth0 -> zerotier interface https://192.168.0.15:8123 i was trying:

sudo sysctl net.ipv4.ip_forward=1 sudo sy ...

I have a couple of developers helping me out with a project so I've given them access to my teams so we can collaborate. I am in Office 365 and exchange online.

Last summer I set up forwarding on their accounts so I could send meeting invites from within Teams and it was working great. I don't remember exactly how I had it set up... But I know I didn't have any licensing applied to their accou ...

I am hosting a public website, say example.com, at my house using my home Internet (fyi, the contract allows it). My Internet plan also comes with a static IP. I use CloudFlare to hide the server's real IP address. The site example.com is fully using HTTPS.

My questions are:

1. Can my ISP know that I'm hosting example.com at my house?
2. What can of information can my ISP know about the incoming traffic to exa ...

In order to reduce RDS user's vhdx (User Profile Disks) size, I wanted to test disk2vhd to rebuild a vhdx from mounted vhdx. But it doesn't work on virtual drive.

Optimize-VHD is not suitable for this job because it's not a Hyper-V env.

So, is there a way to reduce users's vhdx?

Thanks.

I'm trying to define whitelisting for certain domain names on my server. I've figured out a way to do this using the map context but now I'm getting an invalid parameter "$whitelist" for a variable that I have defined in the map context. I already tried this method before, and it's worked, but now I'm suddenly getting an error. I'm not sure why that's the case though.

map $http_host $whitelist {
  defa ...

I am getting a 404 error on URL that contains pipe symbol. If I encode manually with %7C for pipe it works properly. I want to add a rule in Apache conf file that automatically replaces pipe character anywhere in the URL with %7C.

Ex: (Not working)

www.example.com/search/?term=test&another=1|2|3

This above URL works if changed as below,

www.example.com/search/?term=test&another=1%7C2%7C3
 ...

we're using M365 with more platforms - Outlook on Mac, iOS, Windows and web, as well as Calendar.app on iOS and macOS.

And we have an external HR web app which has an internet calendar such as webcal://exampleHR.com/cal/feed/1234-5678-90 with holidays and sick days.

When I add this location via Outlook web app - Add calendar > Subscribe from web > Add to: My calendars - it works nicely - it ev ...

When mounting persistent storage for influxdb container the NFS storage ownership is changed to uid 1000 when container is run. Need to have a known RHEL host user (2000) have ownership of the file system.

• Tried setting the runAsUser security option in Kubernetes but the container errors out stating permissions error.

• Tried creating a custom dockerfile, adding the user 2000 and running container  ...

Is it possible to block a port (port 585) and not have it trigger an IP block ? Customers using Apple Mail are constantly hitting port 585 (I think Mac Mail attempts to go into 'troubleshooting mode' and spams the port for each email account setup on it) and subsequently getting blocked:

eg:

Apr 25 13:58:41 XXX lfd[545948]: *Port Scan* detected from XXX. 13 hits in the last 142 seconds - *Blocked in c ...

How do I have two services offer identical WCF endpoints under different subdomains?

I have two Services, each trying offering WCF Endpoints to consumers in my network:

• Service 1: https://subdomain1.domain/Service
• Service 2: https://subdomain2.domain/Service

I also have registered the following entries via netsh http add urlacl:

• netsh http add urlacl url="https://subdomain1.domain:443/Service" user="NE ...

I need redirection based on country code I get from GeoIP (ngx_http_geoip2_module), but as I see, I can't use map because I need different conditions and destination URLs for different server directives (server names).

Is there any way to do redirection without if-conditions in this case?

The task is to make messages delivered over POP3 marked as read while also keep them on server (even if DELE command issued by client) and accessible over IMAP.

There are two exim config options:

• pop3_no_flag_updates = no - this enables setting read flag on message
• pop3_deleted_flag = "$POP3Deleted" - this changes pop3 behavior so instead of message removal it just get flagged.

The strange thing i ...

I'm trying to be able to create video streaming over HTTP which would specific authorization method described below, but I'm not sure how to approach this.

Currently I'm using the Motion package which allows you to easily forward video stream from local camera over the Internet. It also offers authorization with username and password. For my use case this is, however, not ideal.

My idea is that I wa ...

I would like to create a fallback DNS server for my cloudflare account.
It accord to me that I have over 70 domains hosted by CloudFlare and my entire business relays on a mostly free service, It has happen before that CloudFlare was down.
I would like to have a backup plan for such an event.
I thought I can simply add a 3rd DNS server to my NS records on each domain like this

foo.ns.cloudflare.c ...

I had to expand the size of an EC2 EBS root volume that uses btrfs (Fedora 38 Server), so I did the following:

1. Stopped the EC2 instance
2. Expanded the EBS volume via the EC2 console
3. Started the EC2 instance again

Then I was ready to play around with partition resizing and filesystem resizing inside the EC2 instance, but, to my surprise, the system now claims to have done everything automatically. The ...

I need one small help.

In below example I need to replace shell with command module. But I am confused as command is not working with pipe.

So please give me the solution of this task. E.g:

- name: Get the version
  become: true
  run_once: true
  shell: zypper pa | grep eric-odl | awk -F {'print $4'}
  register: odl_version

How I will split this task because each command output is dependent on nex ...

os AlmaLinux 9.1 Apache/2.4.53 PHP 8.2.4

try to install Lychee with postgreesql my httpd.conf

    ServerRoot "/etc/httpd"
Listen 0.0.0.0:80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
ServerName 192.168.90.20:80
<Directory />
    AllowOverride none
    Require all denied
</Directory>
DocumentRoot "/var/www/html/Lychee/public"
<Directory "/var/www/ht ...

I have additional free space on my sda disk and I want to add this space to my LVM. How can I add this 2.5T space to my LVM without destroying the existing partition or losing any data?

sda 8:0 0 2.5T 0 disk
├─sda1 8:1 0 1M 0 part
├─sda2 8:2 0 2G 0 part /boot └─sda3 8:3 0 98G 0 part
└─ubuntu- ...

How can you troubleshoot a slow server response time? My server performance is deteriorating so fastly. I've tried fixing server software and configurations. Also checked with network connectivity. It seems there is no issue. Could you please help me?

Problem: nginx doesn't apply configuration for subdomain if there are domain and subdomain config at the same time.

Disclaimer: I'm new to nginx and server deployment.

Question: What I do wrong with nginx configuration?

Additional info:

• Nginx 1.18.0
• Ubuntu 20.04

Details:
I have main domain (it's my portfolio) (let's say example.com) and subdomain (todo-tracker.example.com). Both are django project ...

I have server with two NIC. One is for intranet (ens160) and second is for access to internet (ens192). I tried to set this configuration through netplan and tried several combinations, unfortunately I have a problem with incoming connection from intranet e.g. I am not able to connect by ssh to the server.

This is my netplan configuration

network:
  ethernets:
    ens160:
      addresses:
      - 10.1 ...

I have a Debian 11 server with 4 HDD. Two of them are in a Raid 1 array. When I shutdown the server completely and then turn it on again, the boot routine stops because it cannot find the Raid 1 device (the device is listed in fstab by it's UUID). When I then logon and do fdsik -l I get only 2 of the HDDs listed, but not the ones from the Raid array. When I do then a reboot, the server comes up just fin ...

I have a dynamic BGP VPN between a VPC and an on-premise site (on-premise uses vyOS router/vpn concentrator). Servers in the VPC and on-premise subnets can communicate directly through he VPN. The on-premise site has access to some remote destinations via IPSec VPNs, and I need the VPC servers to be able to reach those remote destinations.

How can I make these remote destinations directly availab ...