Latest Server related questions

I have a landing page and a wordpress site in a subfolder

example.com -> landing page
example.com/blog -> wordpress

I want to serve the wordpress site on a different server. I created a server( blog.example.com) and moved all files and databases that belong to wordpress. I have changed nginx configuration (example.com) a bit and added those lines below

  location /blog {
    proxy_set_heade ...

I have a linux box which is an openVPN client all its traffic goes through the tunel , i have an nginx server that i want to go through eth0 and what i tried to do is to reroute all traffic on port 80 through eth0 via 192.168.1.1

root@digger02:~# ip route
0.0.0.0/1 via 10.8.0.1 dev tun0
default via 192.168.1.1 dev eth0 proto dhcp src 192.168.1.154 metric 10
10.8.0.0/24 dev tun0 proto kernel scope l ...

[root@VMkernelPortESXiHost:~] /usr/lib/vmware/secureboot/bin/secureBoot.py - c Secure boot CANNOT be enabled: All vib signatures verified. Failed to validate loaded tardisks: Errors: [ValueError] VIB VMware_locker_tools-light_12.0.6.20104755-20491463 does not have signed XML data Please refer to the log file for more details. . All acceptance levels validated

How can I enable Secure Boot so I can ...

I'm curious how mail servers behave when a hostname is balanced between two machines.

For example, when given these records:

example.com MX 10 mailer.example.com
mailer.example.com A 123.123.123.1
mailer.example.com A 123.123.123.2

When 123.123.123.1 temporarily fails to handle a mail, will the mailer retry immediately with 123.123.123.2? Or will it immediately treat it as a (temporary) failure?

Is there a way to block out a range of ips in the VPC?

Alternatively is there a way to get docker (docker compose) to use dhcp to get ip addresses? If it does so will they be blocked from being assigned to future vms you spin up in the vpc?

How do I get rid of this warning?
The task works as expected but I would like to do it correctly

I have tried to fish out the value for ansible_facts.services["{{ component }}.service"].state and save it in a variable without any success.

---

- hosts: localhost
  become: no
  gather_facts: true

  vars:
    component: firewalld

  tasks:

  - name: Populate service facts
    ansible.builtin.serv ...

i try to access an EKS cluster on AWS with AWS Account (same i use for the console)

steps i followed :

aws configure with info provided in the "Command line or programmatic access" (AWS Access Key Id/AWS Secret access key) + add the AWS session token in the credential file.

aws eks update-kubeconfig --name XXXXXXX --region eu-west-1

in the ConfigMap : aws-auth file i added - system:masters in the gro ...

My SSH server is configured to use certificate authentication, so it will trust anyone who presents a certificate issued by the user CA when they connect.

For reasons related with audit logs, I don't want my server admins to access the server with root. Which would be the standard way to have user accounts created in the server, so admins can log in using their own accounts?

I'm thinking of a flow l ...

Imagine I have two EC2 instances A and B, in the same region/vpc, but in different AZs.

I want to transfer 1TB from A to B.

Now let's imagine two scenarios:

1. I send the data from A to B directly.
2. I upload the data from A to S3, then download the data from S3 to B, and finally delete the data from S3.

Pricing-wise:

1. I get charged at $.01/GB twice (once when data gets out of A, once getting into B), so 1 ...

i have ubuntu vps server, and want to use TPROXY to handle all outgoing traffic by Go Simple Tunnel , i apply these ip table rules

iptables -t mangle -N DIVERT
iptables -t mangle -A DIVERT -j MARK --set-mark 1
iptables -t mangle -A DIVERT -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT

iptables -t mangle -N GOST
iptables -t mangle -N GOST_LOCAL

iptables -t mangle -A GOST -p  ...

I want to check the SSL/TLS certificate on the server side, so, on the client, when I do

var webHandler = new WebRequestHandler();
var cert = new X509Certificate2(Path, Pass); 
webHandler.ClientCertificates.Add(cert);
webHandler.AuthenticationLevel = AuthenticationLevel.MutualAuthRequired;
var httpClient = new HttpClient(webHandler)

And the posting the request to the GrantResourceOwnerCredential ...

We have a server under DigitalOcean running Ubuntu 22.10

On that server are four processes each of which maintains a socket connection to a service on a different remote machine. So four processes each connected to one of four different remote hosts.

Each process sends a 'ping' to ensure the connection is alive and records the ping time in a database table.

Occasionally we see all four connections dyin ...

I need to get https enabled on a webserver (RHEL 7.9, httpd 2.4.6). We were provided a pem file, with the following format:

-----BEGIN CERTIFICATE-----
//
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
//
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
//
-----END CERTIFICATE-----

and a .key file

-----BEGIN PRIVATE KEY-----
//
-----END PRIVATE KEY-----

I've seen guides and tutorials onl ...

On a VM in azure we mount some blob storage via NFS, which generally works good. I now found though, that df reports wrong values for usage of the NFS storage:

root@myVM:~# df -h /mnt/blob/
Filesystem                                             Size  Used Avail Use% Mounted on
storagename.blob.core.windows.net:/storagename/data  5.0P     0  5.0P   0% /mnt/blob

As you can see, it looks like we don't ...

I am running multiple Webservices on my Ubuntu 22.04 Server and want them to bind to specific Ports which works without problem but when trying to connect it is not working and portchecker returned me that the Port is closed.

I tried to open the port via iptables, which did not work and ufw is not even installed. Do you know if there are other Firewalls on Ubuntu my hoster could have installed? I ...

A system I am working on was based on Debian Buster (via Raspberry Pi OS).

I could shut down Wi-Fi by stopping wpa_supplicant, and it worked fine.

I have now updated my system to be based on Debian Bullseye, and things aren't working right any more.

Specifically - when wpa_supplicant finishes closing down, dhcpcd is reporting "carrier acquired" (it would already have seen "carrier lost" at this point)  ...

I run a small business with 5 to 10 computers. We have two optic fiber links plugged into a TP-Link TL-ER605 load balancer. There are 4 Tenda MW6 Mesh routers spread across our place to distribute wifi, plus two computers that are connected through CAT5 cables to the load balancer itself.

The problem is, the Internet is quite unstable. I quite often have to reboot everything manually. But my gues ...

Tell me what this problem may be related to

query: SELECT /*!40001 SQL_NO_CACHE */ * FROM tblLogs;

enter image description here

I have a bunch of indexed pages that start with the same word and they are all 404 so I want to redirect them all to the homepage of the site. The server is Apache, so I would like to use the .htaccess file.

So I need to redirect pages (for example):

https://example.com/page-1.html

https://example.com/page-2.html

https://example.com/page-3.html

https://example.com/page-4.html

https://example.com/page-5.ht ...

I recently wanted to upgrade my Postgres version from 14.2 to 15.

The first thing I did, was delete all postgres related directories:

michael@local var % postgres --version
postgres (PostgreSQL) 14.2

michael@local var % pwd
/usr/local/var

michael@local var % ls
cache   homebrew    mongodb     postgres.old    postgresql@13
db      log         postgres    postgresql@12   run

michael@local var % rm -r ...

hope this question is not too silly.

In Apache I'm using ProxyPass:

<Location />
  ProxyPass http://localhost:3000/
</Location>

However I cannot be sure the http://localhost:3000/ will be available. If not apache will crash. How can I make it still working even though upstream is not available? BTW, I'm using Apache as a container.

I have the following problem. I use Ansible to run an installation script on remote servers, and the script reboots the server in the end. As a result, the task ends with "Failed to connect to the host via ssh: Connection closed" failure. I use ignore_unreachable: true to prevent the task from failing, but my main problem is that I would like to be able to see stdout of the task. For some reason, bot ...

cURL doesn't seem to care about closing the connection to a server even when I include the "Connection: close" header?

It respects the header for http, but not for https, seems like?

curl -v -H "Connection: close" -o nul --http2 http://www.google.com results in

* Closing connection 0

but curl -v -H "Connection: close" -o nul --http2 http://www.google.com results in

* Connection #0 to host www. ...

Our internal Apache instance on a Windows server is regularly filling up the disk with C:\Apache24\logs\ssl_request.log.yyyy-MM-dd.log logs.

They seem to be rotated, although their sizes vary (200 - 700MB).

I see no value in these logs for this internal server. Can I disable them?

I found no entry in the httpd.conf - only for the error and access logs.

Is there any can give a solution about how Nexus 3064 could be configured QoS or shaping on their interface? I'd trying use some policy-map but still doesn't working.

I am trying to find out which data type is better to store time data inside either MySQL or Cassandra database for a big application like Facebook or Instagram? There are a lot of similar questions and answers but I couldn't finally realize which one is the better choice?

So I decided to ask such a question to see if anybody knows what data type do giant applications use to store their time data? ...

I’m confused by all of this and need help. I setup an Azure S2S tunnel from Azure to my On Prem DC. This is for AD and AAD to sync. We have a new billing system coming in and the only way they’ll allow SSO is an IPSec tunnel.

How do I add an additional connection to them? I see the tutorials on how I built what I have already but nothing with my particular scenario. When it’s asking for a  ...

I'm running Ubuntu Server 20.04, and have successfully set up netdata. My netdata's Nginx virtual host file looks like this:

upstream backend {
   server 127.0.0.1:19999;
   keepalive 64;
}

server {

auth_basic "Protected";
auth_basic_user_file /etc/nginx/netdata-passwords;

   server_name netdata.example.com;
   location / {
     proxy_set_header X-Forwarded-Host $host;
     proxy_set_header X-Fo ...

So I am a bit new to the VPN stuff and am currently getting a little desperate.

For what I want to do. I have rented a little server somewhere (static IP, Domain and everything). Now I want to run some services on that server via docker. Those services should not just be accessible by everyone, but only with a valid VPN connection to the server. (The firewall currently blocks access to those port ...

(I know 2013 is shortly out of support, and it will be replaced, but in the interim, I'm experiencing an issue I would like to fix.)

I will use telnet over port 25 as my example, but normal traffic also behaves the same way.

When I send a packet over port 25 to specific nodes in my Exchange cluster, it takes between 11 and 14 seconds before the banner is displayed with a 220 response. Since this aff ...