Latest Server related questions

Score: 0
mazix avatar
Grafana Loki, AlertManager - unable to read rule dir, open /tmp/loki/rules/fake: no such file or directory
jp flag

I've deployed promtail, Grafana, Loki and AlertManager using Helm charts on k3d cluster on my local machine. I would like to have some rules in Loki such that if something will happen, AlertManager should be informed. Now I tried only with some simple rule, just to check if it works.

My Loki version: {"version":"2.6.1","revision":"6bd05c9a4","branch":"HEAD","buildUser":"root@ea1e89b8da02","buildDate" ...

Score: 1
whitleystriber avatar
Cannot access website in LAN. NAT Hairpinning in nftables
ga flag

I am trying to get NAT hairpinning working on my router. I cannot access my local website host on my LAN (192.168.1.3). I am using nftables with the following config:

enp1s0 = WAN enp2s0 = LAN

#!/sbin/nft -f
flush ruleset
table ip nat {
        chain prerouting {
                type nat hook prerouting priority -100; policy accept;
                iifname "enp1s0" tcp dport { 80, 443 } dnat to 192.16 ...
Score: -1
3a2roub avatar
VMware Setup on BL460C G7 performance
cn flag

Considering this setup:

ESXi 6.5 on HP ProLiant BL460c G7 in an HPE BladeSystem c3000
2 x Intel Xeon CPU E5645 @ 2.4GHz
96 GB Memory
Partnered with SB40c Storage Blade (6 x 240 GB SSD) with HP Smart Array P400 256 MB RAID Storage Controller

The objective is to run a combination of Win10 and Win2k12 servers on this server. My questions are:
1- What kind of VM performance can I expect when it comes to dis ...

Score: 0
Christian avatar
Debian x64 limited to 4GB Memory- why?
fr flag

I have a virtual machine (running on a QNAP NAS) which is configured for 8GB of memory. But my Debian only uses 4GB of them. See outputs:

root@backuppc:/# lshw | grep "*-memory" -A 40
*-memory               
     description: System Memory
     physical id: 1000
     size: 8GiB

So the (virtual) hardware offers 8GB as you can see. But Debian does only use 4GB of them:

root@backuppc:/etc/grub.d# ca ...
Score: 0
thayne avatar
docker networking: browser and curl hang when connecting to server on localhost
cr flag

I have several web apps running in docker on a ubuntu host. Each app is listening on a different port. When inside any container in the docker network, I can connect and receive data from the service, however, when running a request from the host, I can connect successfully, but no data is received. Why aren't the services returning any data when I connect to them from outside the container???

Do ...

Score: 1
aledeniz avatar
Storage Spaces with Azure Disk: how can we extend virtual disks?
ca flag

We have on Azure several Windows Server 2019 virtual machines whose data disks are configured with Storage Spaces.

How can we extend a virtual disk configured for simple redundancy (NumberOfDataCopies is set to 1) on those machines without wasting physical storage?

Score: 0
Intel x550 NIC rx_csum_offload_errors and rx_length_errors on Debian 10
cn flag

I have just changed my Netgear GS108e (8x1Gb) switch with a GM110mx (8x1Gb + 2x10Gb), and noticed that I have now some rx_csum_offload_errors and rx_length_errors errors on my Intel x550T2 NIC stats of my NAS. Those errors don't increase very often, but more quickly under heavy transfer loads.

     rx_errors: 692
     tx_errors: 0
     rx_over_errors: 0
     rx_crc_errors: 0
     rx_frame_errors: 0 ...
Score: 0
Geckon01 avatar
Restrict access to server for TOR and VPN users
tm flag

Is this possible to restrict access to all users, who try to connect to my web server using TOR or VPN? I'd like to geoblock some users and also want to avoid them accessing my website even if they are using anonymization tools.

Score: 0
Jaredo Mills avatar
How to silence ipsec server?
zw flag

I'm new at ipsec. Using libreswan 3.25-9.1.el7_8 on CentOS7.

I'm able to get a connection working, and follow the documentation, but cannot find how to silence the pluto process so it doesn't respond to external scans. the symptom is:

Dec 08 23:41:43 me-beta-51 pluto[29699]: packet from x.x.x.x:500: initial parent SA message received on x.x.x.x:500 but no suitable connection found with IKEv2 policy
De ...
Score: 0
Alexandr Ch avatar
Additional mail check by a custom script on Exchange Server
mc flag

Customer would like to check e-mail content (including attachment parsing) from a list of accounts and, in case of some detected trigger words, to send a copy of the mail to a person who has to be aware.

A fast head-on solution was to send copies of all received mails to an in-between address, which is monitored by the parsing script developed in Python. However it is an additional load for the E ...

Score: 0
zerobit avatar
nginx-ingress displays 404 page
cl flag

I have an EKS cluster that I inherited (no documentation). The cluster hadnt been upgraded in years. I was tasked to upgrade it. The version on nginx-ingress was from quay.io which is no longer maintained. I was able to upgrade the cluster to 1.23 and installed the official nginx-ingress version. I got the helm values before deleting the old Ingress and I applied the same values to the new ingress. ...

Score: 1
Rodrigo Teixeira Andreotti avatar
Postfix with ISPConfig and `Sender address rejected: User unknown in virtual mailbox table;`
cn flag

I have a mail server that was configured with ISPConfig (amavisd, spamassasing, dovecote, etc) and a few non-standard tweaks from the tool's default tutorial (ISPConfig). The server itself works beautifully.

However, I have a problem delivering e-mail using an external service called SendPulse.

I use the sendpulse SMTP tool to send invoices to my clients, however when the client has an email hosted  ...

Score: 0
shole avatar
Why browsers know which certificate to use when there is multiple certificates?
cn flag

I am very new to the world of server and networking, I hope the questions is clear and won't be so trivial. I recently came across the following scenario:

  1. There was a Root cert A, which is going to expire a few months later. There was another new Root cert B, which intended to be replacement of A. Both A & B are self-signed. The CA of A is trusted by old and new browsers / OS, while the CA of ...

Score: 2
some user avatar
How to setup haproxy to connect to backend server using HTTP/3 QUIC?
cm flag

I am able to configure HAProxy to to present itself as an HTTP/3 server by following instruction here: https://www.haproxy.com/blog/announcing-haproxy-2-6/

bind :443 ssl crt server.pem alpn h2,http/1.1
http-response set-header alt-svc "h3=\":443\";ma=900;"

But what do I need to put in haproxy.cfg to to indicate to HAProxy that the backend server supports HTTP/3 and it should use QUIC protocol to connec ...

Score: 0
Dyiaa avatar
Web applications are not working other than Apache2
is flag

I am trying to install different applications (odoo, apache) on oracle instance, Apache is working perfectly on port 80, while odoo is not working neither on the default port (8069) nor on other ports (tried port 80 after stopping apache service)

I have opened both ports in the Ingress rules in oracle, and flushed all rules on iptable (iptable -F)

I always made sure that the services for the applica ...

Score: 0
raitech avatar
Port forwarding through socks proxy in Linux
cn flag

On an Ubuntu machine, I need to forward TCP port 443 to a remote machine port 443 through a socks5 proxy running on 127.0.0.1:10808

I need to accept other machines requests on forwarded port 443.

Is there any decent solution?

Score: 0
damarges avatar
Define multiple proxy_pass on nginx proxy
bz flag

running nginx-proxy as a container for several years now. Perfect smooth, no problems. Docker-compose.yml I am using for that:

    services:
  nginx-proxy:
    image: jwilder/nginx-proxy:alpine
    container_name: nginx-proxy
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx-certs:/etc/nginx/certs:ro
       ...
Score: 0
user824624 avatar
can't start minio in ubuntu due to unable to create (/mnt/data/.minio.sys/tmp) file access denied
us flag

I am installing latest minio on ubuntu 18.04 following the minio installation instruction from here.

after the installation, try to run it with sudo systemctl start minio.service

but it didn't work with message.

...skipping...
● minio.service - MinIO
   Loaded: loaded (/etc/systemd/system/minio.service; disabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2022-12-08 17:03:4 ...
Score: 0
SanMiguel avatar
MariaDB: Problems with UTF-8 characters after migrating to a new server
cg flag

I have migrated to another server many times but never had this problem. None of the possible solutions work and utf-8 characters appear incorrectly in PHP-FPM.

What I tried:

ALTER DATABASE database2 CHARACTER SET utf8;

Edited my.conf file and added lines:

[mysqld]
collation-server = utf8_unicode_ci
init-connect='SET NAMES utf8'
character-set-server = utf8

Tried to change charsets for the database, table ...

Score: 1
asap_coder avatar
OWASP ZAP found Nginx server is vulnerable to 'Proxy Disclosure'. Helping fixing this is must appreciated
sd flag

I performed an OWASP ZAP on my website and it raised a proxy disclosure alert amongst other things.

Proxy Disclosure alert https://www.zaproxy.org/docs/alerts/40025/

OWASP description 1 proxy server(s) were detected or fingerprinted. This information helps a potential attacker to determine

  • A list of targets for an attack against the application.

  • Potential vulnerabilities on the proxy servers that ser ...

Score: 0
wufp avatar
Bind9 named recursion only for local zones
cn flag

I try to configure bind9 as an authority server for several domains. Entries of some domains are CNAME of another domain.

/etc/bind/named.conf

options{
  dnssec-validation no;
  directory "/var/cache/bind";
  auth-nxdomain no;    # conform to RFC1035
  listen-on { any; };
  listen-on-v6 { any; };
  allow-update { none; };
  allow-recursion { none; };
  recursion no;
  notify yes;
  allow-transfer { n ...
Score: 0
Andrew Newby avatar
REMOTE_USER missing in %ENV for Perl script on Apache 2.4
in flag

I'm trying to migrate a site from a super ancient server (6 or 7 years old!), and it uses AuthFormProvider file to log the user in. This seems to work, apart from the fact it doesn't pass along REMOTE_USER into %ENV{} in my Perl script. The trimmed down is:

<VirtualHost 123.123.123.123:8443>

    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin [email protected]
    DocumentRoo ...
Score: 0
Jacobus Burger avatar
Immoveable VHDX files on Shared Cluster Volume
it flag

Some time back I created 2x VHDX files to attach later to Virtual Machines.

When I tried to add the disks today, I got an error stating the files are in use by another process.

enter image description here

I also cannot delete the files. Not from a remote session nor directly from the host.

I tried using handle tool to see where it may be stuck, also used Task Manager > Performance > Resource Monitor > CPU > Associat ...

Score: 0
anlag avatar
SFTP logs to different files
in flag

I'm configuring an SFTP server and having some issues with logs ending up in different places, depending on a group membership. This is on RHEL 8 but the same issue exists on an old RHEL 6 machine. Most users are SFTP only and have no shell access, this is configured by membership in the ftpnoshell group. Some users have a shell and can ssh to the server as well.

Here's the operative part of /etc/ ...

Score: 1
Massimo avatar
How to debug what Windows Admin Center is doing?
ng flag

I'm having issues with Windows Admin Center and the user interface doesn't really help troubleshooting them; thus I'd like to have a closer look at what WAC is actually doing with the servers it manages.

I know WAC uses WinRM and Remote PowerShell to manage systems; is there any way to get a full trace of the commands it sends and the answers and/or errors it receives back?

Is it possible to get a l ...

Score: 3
Jenkins refuses to start - unknown argument --ajp13Port=-1
in flag

My jenkins installation on Debian was upgraded (using apt) - and now jenkins refuses to start. I can see the following in the log:

Exception in thread "main" java.lang.IllegalArgumentException:
     Unrecognized option: --ajp13Port=-1

My jenkins version is 2.381. Unfortunately, I now don't know which version was installed prior to this, but it definitely worked and no config changes have been made.

Score: 0
deep64blue avatar
Apache not serving local hosts
cn flag

I have set up an Apache Server on an a VMWare hosted Linux Mint 21 Server, I have followed the instructions at this blog to run multiple PHP versions (7.4 and 8.1).

Apache is running fine and serving pages on localhost ok but the Virtual Servers just time out with "DNS_PROBE_FINISHED_NXDOMAIN". I'm stumped as to what I'm doing wrong.

Here is the config file for the PHP 7 version:-

<VirtualHost *: ...
Score: 1
M.A. Heshmat Khah avatar
Envoy to envoy TLS for TLS proxy
us flag

Assume this artitecture

                             ................................................
                             .                                              .
                             .                                              .
                             .                                              .
                             .                                    ...
Score: 0
King David avatar
linux + extend (grow) root file systems without downtime on RHEL production machines
gb flag

I want to share the following procedure that we did on lab (RHEL 7.2 machine) in order to increase The root file system (XFS filesystem) from 130G to 150G

Details from VM RHEL 7.2 machine are

df -h /
Filesystem                Size  Used Avail Use% Mounted on
/dev/mapper/VolumeG_lab-lv-ROOT 130G   18G  113G  14% /

lsblk
NAME               MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda                  8:0    0  ...
Score: 0
eetzt avatar
is my crontab syntax invalid?
cc flag

simple question:

10 4 * * * rm -rf ~/code/rehlds/build/ && ~/code/rehlds/build.sh --compiler=gcc --jobs=4 > /dev/null 2>&1

I checked an there is no /build folder which indicates that the build.sh did not execute.

crontab -e

10 4 * * * rm -rf ~/code/rehlds/build/ && ~/code/rehlds/build.sh --compiler=gcc --jobs=4 > /dev/null 2>&1

pgrep cron 658 1232359

so here I c ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.