Latest Server related questions

I'm trying to disable mod_security for a custom subdomain.

I tried to include the following in modsec/modsec2.user.conf.

SecRule SERVER_NAME "desktop.xyz.com" phase:1,nolog,allow,ctl:ruleEngine=off

But i'm getting "Syntax error on line 15 of /etc/apache2/conf.d/modsec/modsec2.user.conf: ModSecurity: No action id present within the rule"

If I have one proxy server with a static public IPv4 198.51.100.138 which can access interent.

How many client PCs in a local network can access Internet via the proxy server ?

My project at work is having applications running on Kubernetes that connect to MariaDB Galera cluster running on VMs. To manage the connections to the MariaDB, I'm using HAProxy running as pods inside the Kubernetes. However, the HAProxy is set up to use active-backup configuration as advised by the enterprise DBA in order to prevent deadlock issues.

The HAProxy works fine if there is only one pod, bu ...

On Mac:

sudo powermetrics --samplers smc  | xargs           

Never produces any output. Without xargs, it correctly writes my computer's power metrics.

   Machine model: ...
   SMC version: ...
   EFI version: ...
   OS version: ...
   Boot arguments: ...
   Boot time: ...

Why?

I actually wanted to do

sudo powermetrics --samplers smc | ts

and it produced the same empty result. Thought this is a simp ...

I need to exclude from logging a specific URL.

I'm getting in my logs a lot of this:

2022-11-10T01:41:14.909240104Z  XX.XX.XX.XX - - [10/Nov/2022:01:41:14 +0000] "GET /myapp/readiness HTTP/1.1" 200 4771 "-" "EF-xx-HealthCheck-Client/1.0" "XX.XX.XX.XX"
2022-11-10T01:41:17.002141788Z  XX.XX.XX.XX - - [10/Nov/2022:01:41:17 +0000] "GET /myapp/readiness HTTP/1.1" 200 4771 "-" "EF-xx-HealthCheck-Client/1.0" ...

I know how to launch a Compute Engine VM. I know how to install docker, create an image from a dockerfile, and launch a container.

What I want to do is to use a dockerfile as the specification to spin up a VM. For example, go to https://console.cloud.google.com/compute/instances and use the dockerfile below to create my VM:

Dockerfile

FROM rocker/rstudio:latest

SHELL ["/bin/bash", "-c"]
#SHELL ["/ ...

I have the error "Remote rejected (Working directory has unstaged changes)". The error happens when I want to push my first changes, after cloning the repository. Please note that we have other repositories on the same platform and I can make changes without problem.

The error persist with an specific repository.

The steps I am doing are:

1.  Git clone [URL]
   

2.  Make changes (add file)
   

3.  Git add .
   

Is there a way to connect to a Checkpoint VPN on a Mac without installing their client software?

I'm on OSX Ventura 13.0.1 with an M2 chipset. Their latest client E86.50 doesn't support Apple Silicon, so I'd need to install Rosetta to use it. Plus, their software wants to install a kext, filter all of my traffic, etc... kinda creepy.

Any suggestions?

We have a website that users need a valid jwt token to access however we need a certain IP access WITHOUT the token. Here's what I am trying to use to no avail:

<Directory ${VIDEO_ROOT}>
    Header always set Access-Control-Allow-Headers "Authorization"
    AllowOverride All
    <LimitExcept OPTIONS>
    AuthType jwt
    AuthName "private area"
    Require jwt-claim user=genericuser  #  ...

Here's my /etc/postfix/main.cf header_checks line:

header_checks = regexp:/etc/postfix/maps/header_checks

And here is header_checks:

/From:.*email@my\.com.(\n|.)*?To:.*email@my\.com./     DISCARD

Here's portion of the header from the emails I'm trying to match:

Received: from localhost (localhost [127.0.0.1])
    by mail.server.com (Postfix) with ESMTP id 690649204C0
    for <[email protected]&gt ...

Mind you I talk about stream services here like Youtube, but rtmp streaming is used widely.

OS: Debian Testing
nginx: 1.22.0-3.1

My issue is that I have a full rtmp config set up for multi-streaming. It works. But randomly it fails to push to this or that site.

For example, a few days ago Trovo failed.
I changed the rtmp url to their secondary URL.
Yesterday? Youtube stopped working.

Thing is, I enabled ...

I'm trying to use pktmon on a Windows Server 2019 Core (10.0.17763) instance and it doesn't seem like the filters I add are actually applied. Am I missing something?

Ran these commands:

> pktmon filter add -t TCP -p 9273
Filter added.
> pktmon start --capture --comp nics --pkt-size 0 -f .\pktmon_testing.etl

Logger Parameters:
    Logger name:        PktMon
    Logging mode:       Circular
   ...

I am having a difficult time understanding why the exported excel is showing 0 under "DriveLetter" instead of actual drive letters like C, D etc... The script is simple:

Get-Volume | Select-Object -Property DriveLetter,FriendlyName,DriveType,HealthStatus,OperationalStatus,SizeRemaining,Size | Export-Excel c:\temp\exceltest.xlsx -WorksheetName PC1

if you look at the screenshot you will see that DriveLe ...

I'm trying to clone a webserver that hosts sites that rely on Cloudflare for their SSL certificates.

After cloning the server and updating my local hosts file to point the site to the new server, I'm met with the error:

400 Bad Request
No required SSL certificate was sent
nginx

How can I work around this or resolve this without needing to take the original server/site offline?

If it matters, the website  ...

We are wanting it so that when the website is accessed, we serve the appropriate index.html for the language in the Accept-Language request header. The problem is that our configuration does not seem to be working.

The configuration we have in NGINX (the two add_header lines are for debugging):

    set $first_language $http_accept_language;
    if ($http_accept_language ~* '^(.+?),') {
        set $first_ ...

I hope this question was not asked before, but I could not find something which really matches my problem.

Following scenario: We a park of 10 (or more) linux machines with the same user accounts (same uid). We want to assign each user to one machine, which should be his main machine, but he should still be able to work on other machines, but then automount the home from his main machine via nfs. ...

We have a dell host running several VMs that are all located on a dell power vault. Users have complained of intermittent slowdowns (like a long time to ls a folder, or taking longer to respond once we log in). They ALWAYS blame the network, but these VMS are connected via SAS cables to the hosts and via 10GB network to a core switch. I have myself seen slowdowns but no smoking gun, wasn't sure how  ...

I'm dealing with a legacy system that uses Apache with mod_auth_basic and mod_authnz_ldap for authentication and authorization in given directories and those directories with an .htaccess file. The authenticated user is then provided to various CGI scripts.

I would like to force all usernames to lowercase within the Apache httpd.conf config file, if possible. This would allow me to skip updating  ...

We are loosing our old domain in ~8 months and will no longer have control over it, this is out of our control... Our mail server is Dovecot running on Ubuntu 20.04.

As a first step to ensure all senders know to use our new domain, we created a procmail rule to prefix the subject of any emails sent to our old domain, with [OLD DOMAIN] $SUBJECT and have instructed users to update contact informati ...

I have compiled from the src nginx to use the ngx_http_substitutions_filter_module.

I have used this build configuration ./configure --prefix=/var/www/html (and so on...).

Compilation is fine and it works but doesn't works as reverse proxy.

Using this configuration from nginx.conf

location /soap/ { subs_filter internalfqdn externalfqdn proxy_pass https://internalfqdn/soap; proxy_redirect off; proxy_se ...

I using a mysql instance on cloud sql. However this instances began to restart the mysqld (mysql deamon) several times per day.

It was not due a change or anything, but just increasing like this.

every time the instance is restarted we lost near 1 minute of uptime

I didn't find any error or relevant log for sql instance before it's restarts it self.

What I already did:

• increase instance memory from 16 t ...

How can I achieve communication between 2 clients connected to 2 interfaces. E.g. Client A connected to eth0 and Client B connected to wlan0? Both will get DHCP IP.

i install multiple openvpn access server 2.11 on ubuntu 20 and install mysql for cluster it now i have 5 openvpn server in 1 cluster

openvpn_as 2.11 
ubuntu 20

1.my problem is ovpn file that download from each server is different from other and i cant connect from 1 ovpn file to other server in same cluster?

2.how can i made unique ovpn file for connect to all server that in cluster?

Hopefully a simple question, does a simple Windows command line equivalent to md5sum --check [files.md5] exist? Alternatively, something I can script as a batch file.

I can generate the hashes file fine, but it's the check at the destination, comparing with the md5 file that's proving tricky. Bonus points if it's possible to run in a batch file rather than PowerShell (need to try and create something re ...

I have an IP address 65.1.106.XXX. In this instance, Nginx is running and I can able to see the nginx status page through this IP address.

Now I'm trying to map the subdomain to this instance IP address.

I created test.conf file under the /etc/nginx/conf.d

server {
        listen 80;
        listen [::]:80;

        server_name test.abc.com;


        root /var/www/html;
        index index.html index.ht ...

I'm trying to setup my raspberry pi as an access point for guests to be able to connect to, that should allow them internet access but not access to the rest of my network, the pi also is my DHCP and DNS server, for which I am using hostapd, dnsmasq & iptables all running on alpine linux.

My network interfaces create a bridge and assign the ethernet port to it, as well as a static IP:

auto lo
ifac ...

I added the FSRM role to the fileserver yesterday and created a quota. However the quota was too low and was applied to every directory. I deleted the quota without disabling it. It is out of the list but still is being enforced.

I had another admin look at it, and he changed all the ownerships of the directories in an attempt to resolve it.

After that, I'm now getting an error, and the quota was ...

I would like to configure the ethernet network interface of a server but I am completely lost. I saw on the internet that you could do it with the nmcli tool but also with netplan, I saw some people say that you had to modify configuration files but everyone was talking about different files.

I have so far added a static IP address to the server interface by editing the .yaml file located in /etc ...

I'm looking for an easy configuration to exclude a specific URL(pattern) from my apache2 HTTP to HTTPS redirect and failed so far. Background is an API with typical authorization mechanics which should never be sent via normal HTTP, so I do not want to redirect but rather return a 403 or 404 if someone tries to access the API via plain HTTP. My current Virtual Host is a typical redirect for everything:

I am using IIS, Version 10 on Windows Server 2016.

When I deploy a new Web app it goes under "Sites" with an organization of:

ServerNameA and then several sites, including MySiteA, which uses ApplicationPoolA.

After successful deployment, I can verify the files are new.

The web-app is specifically a web-service using .NET Framework 4.5.2 and originally built in Visual Studio 2019.

I am using IIS wi ...