Latest Server related questions

I need to have a proxy server for an already configured and working OpenVPN server.

So I install Squid 5.2 on Ubuntu 20.04.

To test, I changed the following line in the /etc/squid/squid.conf file and restarted the squid.service:

http_access deny all

to

http_access allow all

and then configured the client (OpenVPN Gui):

But it's not connecting and the error is:

Mon Nov 14 17:14:34 2022 HTTP proxy ...

We are looking to get a HIPAA Hosting server for one of our clients. What should we look for in such server? There are so many hosting providers who are offering the same things. How do I know which one is best?

NOTE: I am NOT looking for hosting recommendation.

Just want to know what we need to look for in HIPAA Hosting servers?

If a Server Admin can answer this question, that would be great.

Than ...

I have created a phishing web server using Blackeye, but I am unable to access it. It gives the following output while trying to open using Bing or Google.

Failed to complete tunnel connection
The connection to https://077b-103-82-78-194.ngrok.io was successfully tunneled to your ngrok 
client, but the client failed to establish a connection to the local address localhost:80.

Make sure that a web  ...

I have a Debian 9 server that is running Solr 7.3. I have upgraded to Debian 11, Solr is still fine.

Now I'm trying to install Solr 9 alongside Solr 7.3, to have both versions running in the same time. I followed the official guide.

bash ./install_solr_service.sh solr-9.0.0.tgz -i /opt -d /var/solr9 -u solr -s solr9 -p 8984

the installation seems to work fine systemctl status solr9.service says

I try to used zram-generator to create a zram device but it doesn't work.

I followed the steps listed in the README.md from the github repository.

• Install zram-generator using one of the methods listed above.
• Create a zram-generator.conf config file.
• Run systemctl daemon-reload to create new device units.
• Run systemctl start /dev/zram0 (adjust the name as appropriate to match the config).
• Call zramctl

I'm running a httpd apache2 proxy in docker swarm mode with docker stack deploy.

Problem: when I access mymachine:80, the access.log only shows the remote ip of the docker ingress swarm network, like 10.0.0.2. And not the real clients' ip.

Question: how can I tell swarm to retain the original IP address (maybe write it into another IP header?), without having to force my container or ports into mode: h ...

I have a debian routeur server with two interfaces, one on the net, and one on the DMZ.

I want to route the UDP protocol to internet to DMZ.

What about this rules?

iptables -t mangle -A INPUT -i [InternetInterfaces] -p udp 10000 -d 0.0.0.255 -j TEE --gateway IPOFDMZINTERFACE

Thanks a lot for helping me.

Regards

I have two ubuntu VPS.

VPS_1: public IP = x.x.x.x VPS_2: public iP = y.y.y.y

In VPS_1 I just only set a domain name for it and set iptables IP forwarding to VPS_2

(x.x.x.x:zzzzz >> y.y.y.y:zzzzz)

In VPS_2 run service that clients use it.

Clients only have domain name + port and not have any information about VPS_1 & VPS_2 IPs and IP forwarding setting on VPS_1. (DomainName:zzzzz >>  ...

When I try to visit app2, this happens:

• It works with http://123.456.789.255:8081
• It doesn't work with https://app2.example.com, it goes to https://app2.example.com with https crossed out, but shows app1.

Why does this happen?

Here's the nginx configuration.

There are also A records for both subdomains.

events {}

http {

  include mime.types;

  proxy_connect_timeout   999;
  proxy_send_timeout   ...

Following a tutorial I have set up a v2ray VPN for some friends. In the setup we need two servers: EU and IR. The EU server is in Europe and v2ray is installed on it. The IR server is inside the country and just forwards all traffic to the EU server. It is needed because the censorship is so harsh that at times you can only connect to domestic servers.

All has been working fine so far, but we nee ...

I search google for a tool to decode https traffic and get the ssldump with examples like:

ssldump -k xxx.pem  -i eth0 -d host example.com

I wonder what the key file xxx.pem is. On the server hosting example.com, the file is what is specified by SSLCertificateKeyFile in httpd.conf, right?(but I have no luck decrypting the traffic on server using that key file). On client side, what file should I  ...

When I tried to use Putty to generate the key and ssh into VM, I found a weird thing.

I use versions 0.73 and 0.78 to generate a Key respectively. Once generated, I use version 0.73 for SSH into VM. Either 0.73 or 0.78 Key would return an error. When using version 0.78 instead. Whether it is 0.73 or 0.78 Key can be connected normally.

I also tried the 0.76 version, and it works well. I would like to ...

I recently started as a intern and I'm overwhelmed with my job. We have a product which is hosted externally. We only have a simple router.

The Services should be running in Docker Containers with Reverse-proxy on a server. These services should be reachable with another devices on the private network via browser. Can I set Domains for the services in hosts.txt and can these services be reachable ...

We are trying to scan offline mounts using oscap-chroot on ubuntu 20 But we are getting following error: W: oscap: Requested offline mode is not supported by uname probe. Can you please help resolve this issue.

I have been using Kind clusters for testing and simulating the behavior of my application, and it has been great so far. I would like to test some senarios involving cluater-autoscaler (CA) without actually spinning nodes in the cloud. The default Kubernetes cluster autoscaler (https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler) doesn't work with Kind clusters. Does a Kubernetes cluat ...

I need some solution to get cloudwatch alarm notification for specific elasticache events like '''ElastiCache:CacheNodeReplaceStarted''', '''ElastiCache:RemoveCacheNodeComplete'''.

I know we can enable notification to Topic, but we get all events notified.

Excuse me, I'm trying to enlarge space for a directory in a RHEL 7.5 host and the partition is not managed by LVM.

This host is virtual machine and I would like to increase size for /home/ext to use, which is located on device sdc. Device sdc is an independent VM disk and I'm planning to increase size for it directly, and eventually assign all the partition space sdc1 to directory /home/ext witho ...

For example, I have nginx and incoming JSON header:

{
  "orgs" : {
    "first_org_roles": ["role_a_r", "role_b_r", "role_c_r"],
    "second_org_roles": ["role_d_r", "role_e_r", "role_f_r"]
  }
}

Is it possible to parse it into an array:

["role_a_r", "role_b_r", "role_c_r", "role_d_r", "role_e_r", "role_f_r"]

and set it as a header in nginx?

I created API Keys to enable Geocoding API, Maps JavaScript API and Places API with Restrict IP with Cloud NAT IP. My API Keys access from Kubernetes on GCP (Google Kubernetes Engine/GKE), when im test curl get response request denied because response from from IPV6 Address.

curl --location --request GET 'https://maps.googleapis.com/maps/api/place/autocomplete/json?input=Wonogiri&types=&ke ...

In ubuntu 20.04, i am trying to use OpenVPN, and i get this error feedback every 60 second：

Mon Nov 14 13:37:09 2022 TCP/UDP: Preserving recently used remote address: [AF_INET]211.20.7.120:1194
Mon Nov 14 13:37:09 2022 UDP link local (bound): [AF_INET][undef]:1194
Mon Nov 14 13:37:09 2022 UDP link remote: [AF_INET]211.20.7.120:1194
Mon Nov 14 13:38:09 2022 TLS Error: TLS key negotiation failed to ...

I have a large BTRFS disk on my Linux Samba server. The content of the disk is rarely accessed, so most of the time the disk is sleeping. When I need to check if to see basic properties, not the file content, like file name/date/size using Windows File Explorer, there is a significant delay before the directory opens because the disk begins to spin up.

But if all I need are directory structure, f ...

I am trying to use pvcreate to create a physical volume and then use lvcreate to create a logical volume on Centos7.9. But, both pvcreate and lvcreate seem to be failing with error code 5.

/bin/lvm pvcreate -y -ff /dev/md7,/dev/md8,/dev/md12 returned 5 ... /bin/lvm lvcreate -y -L 16GB -n home groupB returned 5 I read elsewhere in the post: vgextend fails with error code 5 about vgextend failing due to ...

I have a problem with DDoS attacks on my game server. It's not an regular ddos attack that will attack directly the machine, but it's attacking a port with many IP addresses (UDP protocol). So, I have developed a function with Python that will recognize incoming ddos attack, but I cannot block every incoming ip separately.

So my question is... how can I block all incoming requests to the specific ...

I have a server with virtual machines on libvirt. The server has an eth0 external interface. Each virtual machine has its own tap interface (tap0, tap1, tap2, etc.). I need to balance the traffic between the virtual machines, so that with a free channel, any virtual machine can occupy it all, and if another virtual machine also needs a channel, they would divide it in half. I tried to do this with tc qd ...

I have updated the kernel in a VPS Centos 7, and after rebooting, the machine is not responding anymore, including with SSH.

I connected to the VPS via a temporary rescue linux machine from where I could mount the VPS filesystem:

mount /dev/sdb1 /mnt/

I checked the log file /mnt/var/log/messages and found:

- yum: Updated: kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64
- yum: Updated: kernel-tools-3.1 ...

In windows server 2019, I create custom CSR by invoking certlm.msc, and selecting Personal -> All Tasks -> Advanced Operations -> Create Custom Request & then use the Certificate Authority to issue SSL certificates.

Everything works fine, but I need multiple certificates, all have the same Org-Unit/Org/locality/city/Country but with different common names. Is there a way to tell windows  ...

I'm fairly new to Cloudfront ( AWS in general ), and looking set up a behaviour such that any requests that is for example

test.com/api/*

goes to an existing api that we also own, except it's on a seperate domain, e.g.

staging.test.com/api

Is this an allowed behaviour? I probably will need to allow for this the receiving API in CORS but just looking for how to set this up as a behaviour in Cloudfront

The instance refreshes for my autoscaling group are taking a very long time due to instances having "insufficient data to evaluate its health with Amazon EC2."

However, the instances are passing EC2 health checks for 5+ minutes.

There is no other sort of health check, manual or load balancers.

What condition is the instance refresh actually waiting on? Is there any way to satisfy this condition faster,  ...

I have a windows 10 machine with two network interfaces.

Interface #1 (LAN Interface)

IP: 10.1.0.5

Gateway: 10.1.0.1

DNS: 10.0.1.2

Interface #2 (OpenVPN)

IP: 192.168.1.5

DNS: 100.0.0.1

Note: My VPN is turned on with split tunnelling. Only traffic destined to 100.0.0.0/16 will go through the VPN

When I run the command nslookup www.google.com, which interface's DNS server is used as a default DNS?

We use btrfs extensively for its wonderful snapshotting capabilities. But recently, and on only one system, while purging old snapshots, I began to receive the following error:

btrfs subvolume delete ...
ERROR: Could not destroy subvolume/snapshot: Operation not permitted
WARNING: deletion failed with EPERM, send may be in progress

There are numerous reasons why deleting a btrfs snapshot might fail; sub ...