Latest Server related questions

Score: 3
timramich avatar
Can't get new NIC working
cn flag

OS: Ubuntu server 20.04 NIC: Intel XL710-QDA1 DAC cable: FS "generic" QSFP+ Switch: Brocade ICX-6610-24p

I cannot get this thing to work. Updated firmware. No change. Ifconfig shows nothing but RX errors. This is only after using a static IP address. DHCP wouldn't work. Pings both to and fro to IP addresses on the network. Can't ping "google.com" for example. It won't connect to anything, and not ...

Score: 1
Peter avatar
I setup DMARC p=reject on server but now I can't send via gmail to gmail (using server email From address)
gq flag

Did I shoot myself in the foot ?

I mainly use gmail to send and receive emails. Support etc. My default 'send email as' profile is not the gmail address itself but an address on my server (also the Reply-to address). Example: "My Name <[email protected]>"

On my server I have SPF and DKIM setup optimally because I send out 'bulk' emails from time to time to my user base (after I update my  ...

Score: 0
Nginx - PHP never render. Html files work well
tr flag

when I enter PHP files, they load forever. But do not show up in the browser. After few minutes the browser goes to timeout.

Html files get shown/rendered correctly.

Here is my virtualhost:

server {
    listen 80;
    
        server_name localhost;

    root /var/www/site;
    index index.php index.html;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
     ...
Score: 0
Pyr3z avatar
ufw status prints "inactive", but log files say otherwise?
gs flag

Alright so I'm running this Ubuntu 22.04 server, it's about 6 months mature now and has had a sparkling security record to date.

Today I SSH'd in just to check one of the UFW rules, and lo—

$ sudo ufw status
Status: inactive

I smashed out sudo ufw enable, then scrambled over to /var/log to see how long the firewall had been inactive, only to become more confused: the most recent logfile contained c ...

Score: 0
sipher_z avatar
AWS ALB and Cloudfront routing 502
ph flag

Slight AWS newbie here.

I have just taken over a new application in AWS that has an ALB (routes traffic to ECS). The ALB has an SSL certificate and some default DNS records in Route53.

I have created a distribution in Cloudfront and selected the ALB as origin (Domain Name), but getting a 502 when hitting the Cloudfront distribution URL, which I'm guessing is correct? I selected "HTTPS Only" as i wan ...

Score: 0
Sputnikk23 avatar
Master with Auto PTR creation - not syncing PTR records to slave?
au flag

I have a master server with a single zone sync'ing to a slave.

The slave has the same zone configured.

Both sides have the Auto PTR checkbox turned on. I've also tried with Auto PTR off on the slave.

I'm using mariadb as the backend

The master responds to reverse record lookups, the slave does not.

Is Auto PTR not supported in a master/slave setup (and I'm forced to create the zone manually?)

I have a ...

Score: 3
Henke avatar
How to output all files/folders ordered by size, including hidden ones
us flag

How can I output all files/directories, ordered by size, including hidden ones
(those whose name starts with a dot), all in one go? 1

The difference to How can I sort du -h output by size is that I'm requesting an output
that includes all files and directories – whether hidden or not.

References

Score: 0
medical-student1 avatar
Fail2ban make a custom fail regex filter for Nginx error log
tg flag

I am new to regex. How do I write a Fail2Ban filter to match with these nxinx error log lines?

2022/11/30 00:46:19 [crit] 57811#57811: *8911 SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking, client: 64.62.197.168, server: 0.0.0.0:443

and:

2022/11/30 02:26:52 [error] 57811#57811: *8939 upstream timed out (110: Connection timed out)  ...

Score: 0
pandarby avatar
Getting duplicated packets when replaying pcap files
sn flag

The issue at hand is I have pcap files that I want to replay over a network. I used to use playcap to do this with no issue, however recently I noticed that playcap is sending each packet from the original file twice. I then downloaded bittwist and used that to replay my pcap files, but still I'm seeing each message sent twice. My current OS is windows 10, and the last time I remember definitely not hav ...

Score: 0
Arunkumar NKL avatar
Restricting one site under Wordpress as Private in AWS ALB
dj flag

I have configured multiple sites on WordPress and it is connected with internet-faced ALB under AWS.

Is it possible to restrict one site as private on ALB?

Remaining sites needs an public access.

Thanks in Advance.

Score: 1
matedev avatar
NGINX basic auth bypass IP address OR user agent
tr flag

How to set up bypass in Basic Authentication by IP address or user agent in NGINX. If I set it like this:

map $http_user_agent $auth {
    default on;
    "~curl" "off";
}

server  {
.......
satisfy any;
allow 1.2.3.4;
allow 5.6.7.8;
deny all;
auth_basic $auth;
auth_basic_user_file /etc/nginx/.htpasswd;
.....
}

Then when I enter from an address other than the whitelist with user agent curl, then I get ...

Score: 0
miguelmorin avatar
Get email notification when an email is marked as spam
jp flag

I use AWS SES to send emails to users who registered on my website. When I receive an email from AWS about a bounce or a complaint, I remove that user from the database. I'm OK doing this manually (no need for an SNS pipeline of JSON data).

In the last few months, I have received notifications about bounces but not about complaints. And yet, my complaint rate is at 0.11%, far from the threshold o ...

Score: 0
Limiting specific process to OpenVPN connection?
in flag

Is there any way to force a specific process to use an OpenVPN connection, but allow all other processes on a system use the default network connection on Ubuntu Linux?

I have a custom Python application running in AWS that I'm trying to integrate with an external PostgreSQL service. The service provides a OpenVPN-configured VPN so I can access their PostgreSQL server.

As I understand it, by default ...

Score: 0
kandi avatar
Proxy/VPN client-server setup where the server initates connection?
vg flag

The goal is to forward all traffic from computer A thorugh computer B.

The problem is that B's firewall blocks all incoming connection, so typical proxy servers won't work here. At the same time, there is no firewall on A. So the idea is that B should connect to A and then A would forward all its traffic through B.

How to implement this?

Score: 0
SrNewbieEngineer avatar
How to update a Google's URL to a portion of my site?
pn flag

I have wordpress server contoso.com/blog. I want to retire the server so I created blog.contoso.com and set dns redirects to point all contoso.com/blog to blog.contoso.com.

Now when I Google "contoso+blog," it still shows contoso.com/blog, not blog.contoso.com.

Any ideas on how to fix the issue? I'm about to edit the htaccess file to hopefully redirect traffic, but I want to retire the old server an ...

Score: 0
Chris Ward avatar
Where is my eBPF per-cpu-array data going?
US flag

I have a test case similar to code in https://github.com/xdp-project/xdp-tutorial/ which maintains a statistic map in a per-cpu array, and user-space code which displays the statistics periodically.

When I run this, the user space code always displays zeros. I have instrumented my eBPF kernel code with bpf_trace_printk and it appears to be putting the correct values into the map. The user code is iteratin ...

Score: 0
boog avatar
VyOS on AWS EC2, new IPSEC tunnel won't pass traffic- what am I missing
kz flag

This is an existing environment that I just stepped into. Running VyOS as a AWS EC2 instance, which handles all of the site-to-site routing for our company. Everything is already up and working. We just acquired a new company for which I replaced their equipment and allocated their site some address space on our network. I configured the VPN on both ends, and created a new VTI in VyOS with a route to ac ...

Score: 0
Riad Ahmed avatar
Network error: sslv3 alert handshake failure
cn flag

I can't perform yum update/install new software using yum it always say: Network error: sslv3 alert handshake failure

Here is error example:

[root@static ~]# yum update
Loaded plugins: fastestmirror, rhnplugin, universal-hooks

Network error: sslv3 alert handshake failure

OS: CloudLinux v7.9.0

Anyone people guide how to resolve this problem?

Thanks

Score: 0
windows_lover avatar
Create a dummy interface inside a Windows container
bw flag

I am trying to isolate the networking inside a Windows container, which is very easy using --network none.

The problem comes when I have two threads in the same process trying to communicate each other using multicast through a network interface, so this is the reason why I need to create an interface inside the container. The objetive of using network isolation is to avoid sending noise to the same pro ...

Score: 0
sherry wilmoth avatar
IP table allow all ports and IP from anywhere
nc flag

How to allow all Port from everywhere (IP) in CentOS and Ubuntu

I am trying

sudo iptables -I INPUT -j ACCEPT
sudo iptables -A INPUT -i lo -j ACCEPT
Score: 1
MoonChild avatar
browser-nginx compression priority
gi flag

Nginx with enabled both brotli and gzip compressions replies:

curl -s -I -H 'Accept-Encoding: br,gzip,deflate' https://something
content-encoding: gzip
curl -s -I -H 'Accept-Encoding: br'  https://something
content-encoding: br

any chance to set a kind of priority in browser/nginx? Why and how Nginx decide to reply "gzip" when several options supported?

Score: 0
user103969 avatar
FastCGI cache and WordPress, is the cache skip for querystrings really needed?
cn flag

I'm just making a few test on FastCGI cache and I see that the suggested .conf have this directive:

if ($query_string != "") {
    set $skip_cache 1;
}

This will bypass the cache for every request containing a querystring. The problem is that all facebook links have a querystring inside, as AMP pages have ?amp=1, so is this directive really useful? is it safe to disable it?

Thanks!

Regards.

Score: 0
mosfeta avatar
MongoDB production client certificates
in flag

I'm moving a mongodb server to production on my Ubuntu machine. I got an ssl certificate signed by a third party and installed it on the server. Clients are able to connect to it using their system's CA and validate the server's identity.

However, the mongodb website mentions client certificates. Am I able to generate them since the CA is a third party? I tried using openssl to generate these by  ...

Score: 0
Markus Grunwald avatar
How can I find an overlapping alias in apache2 configuration?
kn flag

I've searched stackexchange up and down, found several similar problems but none helped me to fix my problem: It is the common

% sudo apachectl configtest
[Wed Nov 30 08:31:24.196914 2022] [alias:warn] [pid 529709] AH00671: The Alias directive in /etc/munin/apache.conf at line 17 will probably never match because it overlaps an earlier Alias.

The problem would be so simple to solve if apache would just a ...

Score: 1
Werner avatar
Convert PFX to use with Putty and Windows OpenSSH
mh flag

I have a Windows Server with OpenSSH. Client is connecting with user/pass using Putty for Windows. The task is to use Putty key files instead - and the keys must come from a PFX certificate.

I can setup Putty using keys where the keys are created by Putty (i.e. using Puttygen). Public key is stored on the server and everything works. But I cannot seem to convert the PFX certificate into Putty com ...

Score: 0
theodre7 avatar
Prometheus scraping halted for last 20 minutes
il flag

My prometheus dashboard has values missing for the last 20 minutes, no matter when I query (container_cpu_usage_seconds_total) it. What could be the reason behind this?

Screenshot of dashboard

Score: 0
Kamil avatar
Windows IIS FTP sometimes not connecting to linux ftp client
it flag

I have Windows IIS FTP (local internet provider) and Linux FTP client (datacenter).

On server side port 21 is open on firewalls (windows firewall, router).

On client side firewall is off.

Connection is in ACTIVE mode.

Client connects to IIS and usually everything is ok, but sometimes client opens port (I have checked with netstat) but server is not connecting. I can connect to that port on client side fro ...

Score: 0
Alex avatar
Quickbooks Multi-User mode with VPN Users
de flag

At my company we currently are using the Quickbooks Desktop edition and its using Quickbooks Database Server manager to host a Multi-User Mode solution for our network. Normally we are able to have multiple users access the same Company file at the same time on the same local network.

After some time there is now remote user that dials in using RRAS L2TP VPN on Windows Server 2019 (Same machine w ...

Score: 0
Rahul avatar
TLS Negotiation issue in OpenLDAP
gu flag

I have the OpenLDAP Master-Slave architecture. One day I have restarted the slapd service in the LDAP Slave and then found the TLS negotiation issue in the Logs. Before restarting the service, it was working without any issues

Then I tried to debug the issue, I've found some common problem which will trigger TLS negotiation issue.

  1. The SSL Certificate might get expired - For my one it's not the case, ...
Score: 0
user2620406 avatar
Event Details in Cloudwatch Alarm (cloudtrail)
gm flag

We Have a trail created, and dumping into cloudwatch logs group.

From there i have crated a metric filter for various activities we wish to monitor. (root access, IAM ROLE Changes, Deletions, ETC). I have then created alarms to send to our SNS topic of choice.

Is there a way to have that alarm also carry over the event info that triggers the alarm?

Instead of just saying metric > 1, would also like  ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.