Latest Server related questions

I got a certificate from AWS and did dns validation in the process of https communication. But I'm not sure why you are doing that verification. To use the domain, I got a domain from a hosting company and registered it on route53. Isn't this process itself dns validation? I want to know the effect of dns validation, and I want to know what happens when dns validation is not done.

thank you.

From my basic understanding of iptables I put together the below setup intended to run a Tor relay... here it is after 6 hours approx. Please note, I do not want to discuss any Tor operations, and so I shall not be pointed to https://tor.stackexchange.com/ Thank you.

There was a large attack on port 22, which I spotted when I woke up, so I've changed it, password authentication was already disabled, bu ...

when using curl in verbose mode, I get this error: Command:

$ curl -vvI https://www.google.com

Error:

• successfully set certificate verify locations:
• CAfile: none CApath: /etc/ssl/certs
• TLSv1.3 (OUT), TLS handshake, Client hello (1):
• TLSv1.3 (IN), TLS handshake, Server hello (2):
• TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
• TLSv1.3 (IN), TLS handshake, Certificate (11):
• TLSv1.3 (OUT), TLS  ...

My web page is hosted on AWS.and it was SSL converted.

I can see the page from my own computer and smartphone in my home Network and Wifi area. But from the outside (ex: access website from a smartphone outside) the page is not reachable.

So I checked the Security group and port NO.

Inbound rules are below.

According a manual I reffered it seems OK, but if there is something wrong please let me know.

In my previous question, I asked how to make mod_wsgi use a specific Python version. Following the answer from that question, I created a Python 3.9 virtual environment and made WSGI use it. However, now my Flask app is not running at all - I just get the 404 page configured for the rest of my site. I get no errors when restarting Apache2 and the Apache error log is empty when I visit the site. I think  ...

I am new to socket programming and have a couple of questions.

For the context, I have a server and client with each having a socket opened: the socket on the server is bounded to INADDR_ANY which from my understanding listens to connection requests from any network interface, and the socket on the client-side is connected to a loopback interface for the time being.

1. With this config, client is con ...

I have the two lines of basic auth added in the nginx.conf.

So that all subdomain blocks under reverse proxy are password protected. But I do have a few in which I don't want it to have that.

What do I need to include in those server blocks in order to let them thru?

Thank you!

And sorry I don't know what wildcard is nor if it is applicable in this case.

Centos booting stuck on Started LVM2 PV scan on device 8:3.

any suggestion on fixing the issue? I also see SeLinux relablel is required.. I'm not sure how long to wait.

Warning -- Selinux policy relabel is required. Relabeling could take a very long time depending on the file, system size and speed of the hard drives.

Started LVM2 PV scan on device 8:3.

screenshot

I'm setting up TPROXY on my VyOS router to forward certain traffic to a local transparent proxy. It works pretty well, until I discovered that all of my DNAT port forwarding rules are no longer working (connection timeout when connecting from external network).

Environment

• Router: 10.0.0.1/24 (Proxy is running on 1234 port and adding SO_MARK with 0xff)
• Internal Host: 10.0.0.2/24 (Port 80 should be expo ...

TLDR; My ZFS mirror pool got some checksum errors. I replaced the controller, thinking that was the most likely cause, but the errors won't clear. pool clear temporarily resets them, but they come back the next time I run a scrub. How can I clear them for good?

Full story: I have had a ZFS mirror-0 set up and running on ubuntu 20.04.2 LTS for some time. When one of the drives died, I took advanta ...

I'm looking for a suggestion to choose a region for a global site(Not targetted for any specific country/region). At the moment I'm looking for a simpler solution without having multiple replicas in different regions. So I'm wondering if anybody knows which AWS region is best in terms of latency all across the world? I'm also open to suggestions for tools like cloudping.info.

Thank you

So I got the following message from my server-administrator the other day:

Hi ****,

We hope you are doing well today.

We have noticed one of your accounts was running multiple cron jobs with 1 minute intervals. (Three; and I admit they could've been merge into 1. There were not 1000's of lines of code, literally no more than 35 combined)

-snip-

On a shared hosting server, running a cron job every  ...

When I browse from other servers using

wget -U "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" --spider http://server_ip/page --no-hsts

This is the response

Spider mode enabled. Check if remote file exists.
--2021-07-25 09:03:09--  http://server_ip/page
Connecting to 45.76.11.115:80... connected.
 HTTP request sent, awaiting response... 200 No headers, assuming HTTP/0.9
Length: unspecif ...

My Web app works with a Payment service called Stripe. Stripe proceeds the payment by webhook.

I do have a Stripe webhook that is successfully caught and processed in Stripe's TEST MODE, on http local host server. http://3.129.28.206/subscriptions/webhook/

When switching to Stripe's LIVE MODE DATA, I need to SSL converted "http" to "https" So I set a Load Balancer and exposed the server over HTTPS by AWS. ...

I have the following php script for password change: <?php error_reporting(E_ALL); ini_set('display_errors', TRUE); ini_set('display_startup_errors', TRUE); ini_set('display_error', true);

$cmd = 'sudo -u root sh -c \'/usr/bin/echo "username:pass" | sudo /usr/sbin/chpasswd 2>&1\'';
exec($cmd,$output,$return_val);
print_r($output);
echo $return_val;
?>

This script show error in browser: